X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/e1633d0a8365f63db56777524b1281d90bd9ee46..bef56b9a22efac9ce73006623080e84a0b57f243:/lib/controller/handler.go

diff --git a/lib/controller/handler.go b/lib/controller/handler.go
index 78ad89e706..25799aae9e 100644
--- a/lib/controller/handler.go
+++ b/lib/controller/handler.go
@@ -5,6 +5,8 @@
 package controller
 
 import (
+	"database/sql"
+	"errors"
 	"net"
 	"net/http"
 	"net/url"
@@ -15,6 +17,7 @@ import (
 	"git.curoverse.com/arvados.git/sdk/go/arvados"
 	"git.curoverse.com/arvados.git/sdk/go/health"
 	"git.curoverse.com/arvados.git/sdk/go/httpserver"
+	_ "github.com/lib/pq"
 )
 
 type Handler struct {
@@ -26,10 +29,26 @@ type Handler struct {
 	proxy          *proxy
 	secureClient   *http.Client
 	insecureClient *http.Client
+	pgdb           *sql.DB
+	pgdbMtx        sync.Mutex
 }
 
 func (h *Handler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
 	h.setupOnce.Do(h.setup)
+	if req.Method != "GET" && req.Method != "HEAD" {
+		// http.ServeMux returns 301 with a cleaned path if
+		// the incoming request has a double slash. Some
+		// clients (including the Go standard library) change
+		// the request method to GET when following a 301
+		// redirect if the original method was not HEAD
+		// (RFC7231 6.4.2 specifically allows this in the case
+		// of POST). Thus "POST //foo" gets misdirected to
+		// "GET /foo". To avoid this, eliminate double slashes
+		// before passing the request to ServeMux.
+		for strings.Contains(req.URL.Path, "//") {
+			req.URL.Path = strings.Replace(req.URL.Path, "//", "/", -1)
+		}
+	}
 	h.handlerStack.ServeHTTP(w, req)
 }
 
@@ -39,6 +58,8 @@ func (h *Handler) CheckHealth() error {
 	return err
 }
 
+func neverRedirect(*http.Request, []*http.Request) error { return http.ErrUseLastResponse }
+
 func (h *Handler) setup() {
 	mux := http.NewServeMux()
 	mux.Handle("/_health/", &health.Handler{
@@ -53,10 +74,12 @@ func (h *Handler) setup() {
 
 	sc := *arvados.DefaultSecureClient
 	sc.Timeout = time.Duration(h.Cluster.HTTPRequestTimeout)
+	sc.CheckRedirect = neverRedirect
 	h.secureClient = &sc
 
 	ic := *arvados.InsecureHTTPClient
 	ic.Timeout = time.Duration(h.Cluster.HTTPRequestTimeout)
+	ic.CheckRedirect = neverRedirect
 	h.insecureClient = &ic
 
 	h.proxy = &proxy{
@@ -65,6 +88,31 @@ func (h *Handler) setup() {
 	}
 }
 
+var errDBConnection = errors.New("database connection error")
+
+func (h *Handler) db(req *http.Request) (*sql.DB, error) {
+	h.pgdbMtx.Lock()
+	defer h.pgdbMtx.Unlock()
+	if h.pgdb != nil {
+		return h.pgdb, nil
+	}
+
+	db, err := sql.Open("postgres", h.Cluster.PostgreSQL.Connection.String())
+	if err != nil {
+		httpserver.Logger(req).WithError(err).Error("postgresql connect failed")
+		return nil, errDBConnection
+	}
+	if p := h.Cluster.PostgreSQL.ConnectionPool; p > 0 {
+		db.SetMaxOpenConns(p)
+	}
+	if err := db.Ping(); err != nil {
+		httpserver.Logger(req).WithError(err).Error("postgresql connect succeeded but ping failed")
+		return nil, errDBConnection
+	}
+	h.pgdb = db
+	return db, nil
+}
+
 type middlewareFunc func(http.ResponseWriter, *http.Request, http.Handler)
 
 func prepend(next http.Handler, middleware middlewareFunc) http.Handler {