mirror of https://github.com/hashicorp/consul
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
638 lines
18 KiB
638 lines
18 KiB
package agent |
|
|
|
import ( |
|
"encoding/json" |
|
"fmt" |
|
"io" |
|
"net" |
|
"net/http" |
|
"net/http/pprof" |
|
"net/url" |
|
"os" |
|
"regexp" |
|
"strconv" |
|
"strings" |
|
"time" |
|
|
|
"github.com/NYTimes/gziphandler" |
|
"github.com/armon/go-metrics" |
|
"github.com/hashicorp/consul/acl" |
|
"github.com/hashicorp/consul/agent/cache" |
|
"github.com/hashicorp/consul/agent/structs" |
|
"github.com/hashicorp/go-cleanhttp" |
|
"github.com/mitchellh/mapstructure" |
|
) |
|
|
|
// MethodNotAllowedError should be returned by a handler when the HTTP method is not allowed. |
|
type MethodNotAllowedError struct { |
|
Method string |
|
Allow []string |
|
} |
|
|
|
func (e MethodNotAllowedError) Error() string { |
|
return fmt.Sprintf("method %s not allowed", e.Method) |
|
} |
|
|
|
// BadRequestError should be returned by a handler when parameters or the payload are not valid |
|
type BadRequestError struct { |
|
Reason string |
|
} |
|
|
|
func (e BadRequestError) Error() string { |
|
return fmt.Sprintf("Bad request: %s", e.Reason) |
|
} |
|
|
|
// HTTPServer provides an HTTP api for an agent. |
|
type HTTPServer struct { |
|
*http.Server |
|
ln net.Listener |
|
agent *Agent |
|
blacklist *Blacklist |
|
|
|
// proto is filled by the agent to "http" or "https". |
|
proto string |
|
} |
|
|
|
type redirectFS struct { |
|
fs http.FileSystem |
|
} |
|
|
|
func (fs *redirectFS) Open(name string) (http.File, error) { |
|
file, err := fs.fs.Open(name) |
|
if err != nil { |
|
file, err = fs.fs.Open("/index.html") |
|
} |
|
return file, err |
|
} |
|
|
|
// endpoint is a Consul-specific HTTP handler that takes the usual arguments in |
|
// but returns a response object and error, both of which are handled in a |
|
// common manner by Consul's HTTP server. |
|
type endpoint func(resp http.ResponseWriter, req *http.Request) (interface{}, error) |
|
|
|
// unboundEndpoint is an endpoint method on a server. |
|
type unboundEndpoint func(s *HTTPServer, resp http.ResponseWriter, req *http.Request) (interface{}, error) |
|
|
|
// endpoints is a map from URL pattern to unbound endpoint. |
|
var endpoints map[string]unboundEndpoint |
|
|
|
// allowedMethods is a map from endpoint prefix to supported HTTP methods. |
|
// An empty slice means an endpoint handles OPTIONS requests and MethodNotFound errors itself. |
|
var allowedMethods map[string][]string |
|
|
|
// registerEndpoint registers a new endpoint, which should be done at package |
|
// init() time. |
|
func registerEndpoint(pattern string, methods []string, fn unboundEndpoint) { |
|
if endpoints == nil { |
|
endpoints = make(map[string]unboundEndpoint) |
|
} |
|
if endpoints[pattern] != nil || allowedMethods[pattern] != nil { |
|
panic(fmt.Errorf("Pattern %q is already registered", pattern)) |
|
} |
|
|
|
endpoints[pattern] = fn |
|
allowedMethods[pattern] = methods |
|
} |
|
|
|
// wrappedMux hangs on to the underlying mux for unit tests. |
|
type wrappedMux struct { |
|
mux *http.ServeMux |
|
handler http.Handler |
|
} |
|
|
|
// ServeHTTP implements the http.Handler interface. |
|
func (w *wrappedMux) ServeHTTP(resp http.ResponseWriter, req *http.Request) { |
|
w.handler.ServeHTTP(resp, req) |
|
} |
|
|
|
// handler is used to attach our handlers to the mux |
|
func (s *HTTPServer) handler(enableDebug bool) http.Handler { |
|
mux := http.NewServeMux() |
|
|
|
// handleFuncMetrics takes the given pattern and handler and wraps to produce |
|
// metrics based on the pattern and request. |
|
handleFuncMetrics := func(pattern string, handler http.HandlerFunc) { |
|
// Get the parts of the pattern. We omit any initial empty for the |
|
// leading slash, and put an underscore as a "thing" placeholder if we |
|
// see a trailing slash, which means the part after is parsed. This lets |
|
// us distinguish from things like /v1/query and /v1/query/<query id>. |
|
var parts []string |
|
for i, part := range strings.Split(pattern, "/") { |
|
if part == "" { |
|
if i == 0 { |
|
continue |
|
} |
|
part = "_" |
|
} |
|
parts = append(parts, part) |
|
} |
|
|
|
// Register the wrapper, which will close over the expensive-to-compute |
|
// parts from above. |
|
// TODO (kyhavlov): Convert this to utilize metric labels in a major release |
|
wrapper := func(resp http.ResponseWriter, req *http.Request) { |
|
start := time.Now() |
|
handler(resp, req) |
|
key := append([]string{"http", req.Method}, parts...) |
|
metrics.MeasureSince(key, start) |
|
} |
|
|
|
gzipWrapper, _ := gziphandler.GzipHandlerWithOpts(gziphandler.MinSize(0)) |
|
gzipHandler := gzipWrapper(http.HandlerFunc(wrapper)) |
|
mux.Handle(pattern, gzipHandler) |
|
} |
|
|
|
mux.HandleFunc("/", s.Index) |
|
for pattern, fn := range endpoints { |
|
thisFn := fn |
|
methods, _ := allowedMethods[pattern] |
|
bound := func(resp http.ResponseWriter, req *http.Request) (interface{}, error) { |
|
return thisFn(s, resp, req) |
|
} |
|
handleFuncMetrics(pattern, s.wrap(bound, methods)) |
|
} |
|
if enableDebug { |
|
handleFuncMetrics("/debug/pprof/", pprof.Index) |
|
handleFuncMetrics("/debug/pprof/cmdline", pprof.Cmdline) |
|
handleFuncMetrics("/debug/pprof/profile", pprof.Profile) |
|
handleFuncMetrics("/debug/pprof/symbol", pprof.Symbol) |
|
} |
|
|
|
if s.IsUIEnabled() { |
|
legacy_ui, err := strconv.ParseBool(os.Getenv("CONSUL_UI_LEGACY")) |
|
if err != nil { |
|
legacy_ui = false |
|
} |
|
var uifs http.FileSystem |
|
|
|
// Use the custom UI dir if provided. |
|
if s.agent.config.UIDir != "" { |
|
uifs = http.Dir(s.agent.config.UIDir) |
|
} else { |
|
fs := assetFS() |
|
|
|
if legacy_ui { |
|
fs.Prefix += "/v1/" |
|
} else { |
|
fs.Prefix += "/v2/" |
|
} |
|
uifs = fs |
|
} |
|
|
|
if !legacy_ui { |
|
uifs = &redirectFS{fs: uifs} |
|
} |
|
|
|
mux.Handle("/ui/", http.StripPrefix("/ui/", http.FileServer(uifs))) |
|
} |
|
|
|
// Wrap the whole mux with a handler that bans URLs with non-printable |
|
// characters. |
|
return &wrappedMux{ |
|
mux: mux, |
|
handler: cleanhttp.PrintablePathCheckHandler(mux, nil), |
|
} |
|
} |
|
|
|
// nodeName returns the node name of the agent |
|
func (s *HTTPServer) nodeName() string { |
|
return s.agent.config.NodeName |
|
} |
|
|
|
// aclEndpointRE is used to find old ACL endpoints that take tokens in the URL |
|
// so that we can redact them. The ACL endpoints that take the token in the URL |
|
// are all of the form /v1/acl/<verb>/<token>, and can optionally include query |
|
// parameters which are indicated by a question mark. We capture the part before |
|
// the token, the token, and any query parameters after, and then reassemble as |
|
// $1<hidden>$3 (the token in $2 isn't used), which will give: |
|
// |
|
// /v1/acl/clone/foo -> /v1/acl/clone/<hidden> |
|
// /v1/acl/clone/foo?token=bar -> /v1/acl/clone/<hidden>?token=<hidden> |
|
// |
|
// The query parameter in the example above is obfuscated like any other, after |
|
// this regular expression is applied, so the regular expression substitution |
|
// results in: |
|
// |
|
// /v1/acl/clone/foo?token=bar -> /v1/acl/clone/<hidden>?token=bar |
|
// ^---- $1 ----^^- $2 -^^-- $3 --^ |
|
// |
|
// And then the loop that looks for parameters called "token" does the last |
|
// step to get to the final redacted form. |
|
var ( |
|
aclEndpointRE = regexp.MustCompile("^(/v1/acl/[^/]+/)([^?]+)([?]?.*)$") |
|
) |
|
|
|
// wrap is used to wrap functions to make them more convenient |
|
func (s *HTTPServer) wrap(handler endpoint, methods []string) http.HandlerFunc { |
|
return func(resp http.ResponseWriter, req *http.Request) { |
|
setHeaders(resp, s.agent.config.HTTPResponseHeaders) |
|
setTranslateAddr(resp, s.agent.config.TranslateWANAddrs) |
|
|
|
// Obfuscate any tokens from appearing in the logs |
|
formVals, err := url.ParseQuery(req.URL.RawQuery) |
|
if err != nil { |
|
s.agent.logger.Printf("[ERR] http: Failed to decode query: %s from=%s", err, req.RemoteAddr) |
|
resp.WriteHeader(http.StatusInternalServerError) |
|
return |
|
} |
|
logURL := req.URL.String() |
|
if tokens, ok := formVals["token"]; ok { |
|
for _, token := range tokens { |
|
if token == "" { |
|
logURL += "<hidden>" |
|
continue |
|
} |
|
logURL = strings.Replace(logURL, token, "<hidden>", -1) |
|
} |
|
} |
|
logURL = aclEndpointRE.ReplaceAllString(logURL, "$1<hidden>$3") |
|
|
|
if s.blacklist.Block(req.URL.Path) { |
|
errMsg := "Endpoint is blocked by agent configuration" |
|
s.agent.logger.Printf("[ERR] http: Request %s %v, error: %v from=%s", req.Method, logURL, err, req.RemoteAddr) |
|
resp.WriteHeader(http.StatusForbidden) |
|
fmt.Fprint(resp, errMsg) |
|
return |
|
} |
|
|
|
isMethodNotAllowed := func(err error) bool { |
|
_, ok := err.(MethodNotAllowedError) |
|
return ok |
|
} |
|
|
|
isBadRequest := func(err error) bool { |
|
_, ok := err.(BadRequestError) |
|
return ok |
|
} |
|
|
|
addAllowHeader := func(methods []string) { |
|
resp.Header().Add("Allow", strings.Join(methods, ",")) |
|
} |
|
|
|
handleErr := func(err error) { |
|
s.agent.logger.Printf("[ERR] http: Request %s %v, error: %v from=%s", req.Method, logURL, err, req.RemoteAddr) |
|
switch { |
|
case acl.IsErrPermissionDenied(err) || acl.IsErrNotFound(err): |
|
resp.WriteHeader(http.StatusForbidden) |
|
fmt.Fprint(resp, err.Error()) |
|
case structs.IsErrRPCRateExceeded(err): |
|
resp.WriteHeader(http.StatusTooManyRequests) |
|
case isMethodNotAllowed(err): |
|
// RFC2616 states that for 405 Method Not Allowed the response |
|
// MUST include an Allow header containing the list of valid |
|
// methods for the requested resource. |
|
// https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html |
|
addAllowHeader(err.(MethodNotAllowedError).Allow) |
|
resp.WriteHeader(http.StatusMethodNotAllowed) // 405 |
|
fmt.Fprint(resp, err.Error()) |
|
case isBadRequest(err): |
|
resp.WriteHeader(http.StatusBadRequest) |
|
fmt.Fprint(resp, err.Error()) |
|
default: |
|
resp.WriteHeader(http.StatusInternalServerError) |
|
fmt.Fprint(resp, err.Error()) |
|
} |
|
} |
|
|
|
start := time.Now() |
|
defer func() { |
|
s.agent.logger.Printf("[DEBUG] http: Request %s %v (%v) from=%s", req.Method, logURL, time.Since(start), req.RemoteAddr) |
|
}() |
|
|
|
var obj interface{} |
|
|
|
// if this endpoint has declared methods, respond appropriately to OPTIONS requests. Otherwise let the endpoint handle that. |
|
if req.Method == "OPTIONS" && len(methods) > 0 { |
|
addAllowHeader(append([]string{"OPTIONS"}, methods...)) |
|
return |
|
} |
|
|
|
// if this endpoint has declared methods, check the request method. Otherwise let the endpoint handle that. |
|
methodFound := len(methods) == 0 |
|
for _, method := range methods { |
|
if method == req.Method { |
|
methodFound = true |
|
break |
|
} |
|
} |
|
|
|
if !methodFound { |
|
err = MethodNotAllowedError{req.Method, append([]string{"OPTIONS"}, methods...)} |
|
} else { |
|
// Invoke the handler |
|
obj, err = handler(resp, req) |
|
} |
|
|
|
if err != nil { |
|
handleErr(err) |
|
return |
|
} |
|
if obj == nil { |
|
return |
|
} |
|
|
|
buf, err := s.marshalJSON(req, obj) |
|
if err != nil { |
|
handleErr(err) |
|
return |
|
} |
|
resp.Header().Set("Content-Type", "application/json") |
|
resp.Write(buf) |
|
} |
|
} |
|
|
|
// marshalJSON marshals the object into JSON, respecting the user's pretty-ness |
|
// configuration. |
|
func (s *HTTPServer) marshalJSON(req *http.Request, obj interface{}) ([]byte, error) { |
|
if _, ok := req.URL.Query()["pretty"]; ok || s.agent.config.DevMode { |
|
buf, err := json.MarshalIndent(obj, "", " ") |
|
if err != nil { |
|
return nil, err |
|
} |
|
buf = append(buf, "\n"...) |
|
return buf, nil |
|
} |
|
|
|
buf, err := json.Marshal(obj) |
|
if err != nil { |
|
return nil, err |
|
} |
|
return buf, err |
|
} |
|
|
|
// Returns true if the UI is enabled. |
|
func (s *HTTPServer) IsUIEnabled() bool { |
|
return s.agent.config.UIDir != "" || s.agent.config.EnableUI |
|
} |
|
|
|
// Renders a simple index page |
|
func (s *HTTPServer) Index(resp http.ResponseWriter, req *http.Request) { |
|
// Check if this is a non-index path |
|
if req.URL.Path != "/" { |
|
resp.WriteHeader(http.StatusNotFound) |
|
return |
|
} |
|
|
|
// Give them something helpful if there's no UI so they at least know |
|
// what this server is. |
|
if !s.IsUIEnabled() { |
|
fmt.Fprint(resp, "Consul Agent") |
|
return |
|
} |
|
|
|
// Redirect to the UI endpoint |
|
http.Redirect(resp, req, "/ui/", http.StatusMovedPermanently) // 301 |
|
} |
|
|
|
// decodeBody is used to decode a JSON request body |
|
func decodeBody(req *http.Request, out interface{}, cb func(interface{}) error) error { |
|
// This generally only happens in tests since real HTTP requests set |
|
// a non-nil body with no content. We guard against it anyways to prevent |
|
// a panic. The EOF response is the same behavior as an empty reader. |
|
if req.Body == nil { |
|
return io.EOF |
|
} |
|
|
|
var raw interface{} |
|
dec := json.NewDecoder(req.Body) |
|
if err := dec.Decode(&raw); err != nil { |
|
return err |
|
} |
|
|
|
// Invoke the callback prior to decode |
|
if cb != nil { |
|
if err := cb(raw); err != nil { |
|
return err |
|
} |
|
} |
|
return mapstructure.Decode(raw, out) |
|
} |
|
|
|
// setTranslateAddr is used to set the address translation header. This is only |
|
// present if the feature is active. |
|
func setTranslateAddr(resp http.ResponseWriter, active bool) { |
|
if active { |
|
resp.Header().Set("X-Consul-Translate-Addresses", "true") |
|
} |
|
} |
|
|
|
// setIndex is used to set the index response header |
|
func setIndex(resp http.ResponseWriter, index uint64) { |
|
// If we ever return X-Consul-Index of 0 blocking clients will go into a busy |
|
// loop and hammer us since ?index=0 will never block. It's always safe to |
|
// return index=1 since the very first Raft write is always an internal one |
|
// writing the raft config for the cluster so no user-facing blocking query |
|
// will ever legitimately have an X-Consul-Index of 1. |
|
if index == 0 { |
|
index = 1 |
|
} |
|
resp.Header().Set("X-Consul-Index", strconv.FormatUint(index, 10)) |
|
} |
|
|
|
// setKnownLeader is used to set the known leader header |
|
func setKnownLeader(resp http.ResponseWriter, known bool) { |
|
s := "true" |
|
if !known { |
|
s = "false" |
|
} |
|
resp.Header().Set("X-Consul-KnownLeader", s) |
|
} |
|
|
|
func setConsistency(resp http.ResponseWriter, consistency string) { |
|
if consistency != "" { |
|
resp.Header().Set("X-Consul-Effective-Consistency", consistency) |
|
} |
|
} |
|
|
|
// setLastContact is used to set the last contact header |
|
func setLastContact(resp http.ResponseWriter, last time.Duration) { |
|
if last < 0 { |
|
last = 0 |
|
} |
|
lastMsec := uint64(last / time.Millisecond) |
|
resp.Header().Set("X-Consul-LastContact", strconv.FormatUint(lastMsec, 10)) |
|
} |
|
|
|
// setMeta is used to set the query response meta data |
|
func setMeta(resp http.ResponseWriter, m *structs.QueryMeta) { |
|
setIndex(resp, m.Index) |
|
setLastContact(resp, m.LastContact) |
|
setKnownLeader(resp, m.KnownLeader) |
|
setConsistency(resp, m.ConsistencyLevel) |
|
} |
|
|
|
// setCacheMeta sets http response headers to indicate cache status. |
|
func setCacheMeta(resp http.ResponseWriter, m *cache.ResultMeta) { |
|
str := "MISS" |
|
if m != nil && m.Hit { |
|
str = "HIT" |
|
} |
|
resp.Header().Set("X-Cache", str) |
|
} |
|
|
|
// setHeaders is used to set canonical response header fields |
|
func setHeaders(resp http.ResponseWriter, headers map[string]string) { |
|
for field, value := range headers { |
|
resp.Header().Set(http.CanonicalHeaderKey(field), value) |
|
} |
|
} |
|
|
|
// parseWait is used to parse the ?wait and ?index query params |
|
// Returns true on error |
|
func parseWait(resp http.ResponseWriter, req *http.Request, b *structs.QueryOptions) bool { |
|
query := req.URL.Query() |
|
if wait := query.Get("wait"); wait != "" { |
|
dur, err := time.ParseDuration(wait) |
|
if err != nil { |
|
resp.WriteHeader(http.StatusBadRequest) |
|
fmt.Fprint(resp, "Invalid wait time") |
|
return true |
|
} |
|
b.MaxQueryTime = dur |
|
} |
|
if idx := query.Get("index"); idx != "" { |
|
index, err := strconv.ParseUint(idx, 10, 64) |
|
if err != nil { |
|
resp.WriteHeader(http.StatusBadRequest) |
|
fmt.Fprint(resp, "Invalid index") |
|
return true |
|
} |
|
b.MinQueryIndex = index |
|
} |
|
return false |
|
} |
|
|
|
// parseConsistency is used to parse the ?stale and ?consistent query params. |
|
// Returns true on error |
|
func (s *HTTPServer) parseConsistency(resp http.ResponseWriter, req *http.Request, b *structs.QueryOptions) bool { |
|
query := req.URL.Query() |
|
defaults := true |
|
if _, ok := query["stale"]; ok { |
|
b.AllowStale = true |
|
defaults = false |
|
} |
|
if _, ok := query["consistent"]; ok { |
|
b.RequireConsistent = true |
|
defaults = false |
|
} |
|
if _, ok := query["leader"]; ok { |
|
defaults = false |
|
} |
|
if maxStale := query.Get("max_stale"); maxStale != "" { |
|
dur, err := time.ParseDuration(maxStale) |
|
if err != nil { |
|
resp.WriteHeader(http.StatusBadRequest) |
|
fmt.Fprintf(resp, "Invalid max_stale value %q", maxStale) |
|
return true |
|
} |
|
b.MaxStaleDuration = dur |
|
if dur.Nanoseconds() > 0 { |
|
b.AllowStale = true |
|
defaults = false |
|
} |
|
} |
|
// No specific Consistency has been specified by caller |
|
if defaults { |
|
path := req.URL.Path |
|
if strings.HasPrefix(path, "/v1/catalog") || strings.HasPrefix(path, "/v1/health") { |
|
if s.agent.config.DiscoveryMaxStale.Nanoseconds() > 0 { |
|
b.MaxStaleDuration = s.agent.config.DiscoveryMaxStale |
|
b.AllowStale = true |
|
} |
|
} |
|
} |
|
if b.AllowStale && b.RequireConsistent { |
|
resp.WriteHeader(http.StatusBadRequest) |
|
fmt.Fprint(resp, "Cannot specify ?stale with ?consistent, conflicting semantics.") |
|
return true |
|
} |
|
return false |
|
} |
|
|
|
// parseDC is used to parse the ?dc query param |
|
func (s *HTTPServer) parseDC(req *http.Request, dc *string) { |
|
if other := req.URL.Query().Get("dc"); other != "" { |
|
*dc = other |
|
} else if *dc == "" { |
|
*dc = s.agent.config.Datacenter |
|
} |
|
} |
|
|
|
// parseToken is used to parse the ?token query param or the X-Consul-Token header |
|
func (s *HTTPServer) parseToken(req *http.Request, token *string) { |
|
if other := req.URL.Query().Get("token"); other != "" { |
|
*token = other |
|
return |
|
} |
|
|
|
if other := req.Header.Get("X-Consul-Token"); other != "" { |
|
*token = other |
|
return |
|
} |
|
|
|
// Set the default ACLToken |
|
*token = s.agent.tokens.UserToken() |
|
} |
|
|
|
func sourceAddrFromRequest(req *http.Request) string { |
|
xff := req.Header.Get("X-Forwarded-For") |
|
forwardHosts := strings.Split(xff, ",") |
|
if len(forwardHosts) > 0 { |
|
forwardIp := net.ParseIP(strings.TrimSpace(forwardHosts[0])) |
|
if forwardIp != nil { |
|
return forwardIp.String() |
|
} |
|
} |
|
|
|
host, _, err := net.SplitHostPort(req.RemoteAddr) |
|
if err != nil { |
|
return "" |
|
} |
|
|
|
ip := net.ParseIP(host) |
|
if ip != nil { |
|
return ip.String() |
|
} else { |
|
return "" |
|
} |
|
} |
|
|
|
// parseSource is used to parse the ?near=<node> query parameter, used for |
|
// sorting by RTT based on a source node. We set the source's DC to the target |
|
// DC in the request, if given, or else the agent's DC. |
|
func (s *HTTPServer) parseSource(req *http.Request, source *structs.QuerySource) { |
|
s.parseDC(req, &source.Datacenter) |
|
source.Ip = sourceAddrFromRequest(req) |
|
if node := req.URL.Query().Get("near"); node != "" { |
|
if node == "_agent" { |
|
source.Node = s.agent.config.NodeName |
|
} else { |
|
source.Node = node |
|
} |
|
} |
|
} |
|
|
|
// parseMetaFilter is used to parse the ?node-meta=key:value query parameter, used for |
|
// filtering results to nodes with the given metadata key/value |
|
func (s *HTTPServer) parseMetaFilter(req *http.Request) map[string]string { |
|
if filterList, ok := req.URL.Query()["node-meta"]; ok { |
|
filters := make(map[string]string) |
|
for _, filter := range filterList { |
|
key, value := ParseMetaPair(filter) |
|
filters[key] = value |
|
} |
|
return filters |
|
} |
|
return nil |
|
} |
|
|
|
// parse is a convenience method for endpoints that need |
|
// to use both parseWait and parseDC. |
|
func (s *HTTPServer) parse(resp http.ResponseWriter, req *http.Request, dc *string, b *structs.QueryOptions) bool { |
|
s.parseDC(req, dc) |
|
s.parseToken(req, &b.Token) |
|
if s.parseConsistency(resp, req, b) { |
|
return true |
|
} |
|
return parseWait(resp, req, b) |
|
}
|
|
|