Mercurial > hg > nginx-quic
annotate src/stream/ngx_stream_core_module.c @ 6982:ac9b1df5b246
SSL: disabled renegotiation detection in client mode.
CVE-2009-3555 is no longer relevant and mitigated by the renegotiation
info extension (secure renegotiation). On the other hand, unexpected
renegotiation still introduces potential security risks, and hence we do
not allow renegotiation on the server side, as we never request renegotiation.
On the client side the situation is different though. There are backends
which explicitly request renegotiation, and disabled renegotiation
introduces interoperability problems. This change allows renegotiation
on the client side, and fixes interoperability problems as observed with
such backends (ticket #872).
Additionally, with TLSv1.3 the SSL_CB_HANDSHAKE_START flag is currently set
by OpenSSL when receiving a NewSessionTicket message, and was detected by
nginx as a renegotiation attempt. This looks like a bug in OpenSSL, though
this change also allows better interoperability till the problem is fixed.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 18 Apr 2017 16:08:44 +0300 |
parents | d7ce41bdf050 |
children | ed1101bbf19f |
rev | line source |
---|---|
6115 | 1 |
2 /* | |
3 * Copyright (C) Roman Arutyunyan | |
4 * Copyright (C) Nginx, Inc. | |
5 */ | |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 #include <ngx_stream.h> | |
11 | |
12 | |
6607
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
13 static ngx_int_t ngx_stream_core_preconfiguration(ngx_conf_t *cf); |
6115 | 14 static void *ngx_stream_core_create_main_conf(ngx_conf_t *cf); |
6607
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
15 static char *ngx_stream_core_init_main_conf(ngx_conf_t *cf, void *conf); |
6115 | 16 static void *ngx_stream_core_create_srv_conf(ngx_conf_t *cf); |
17 static char *ngx_stream_core_merge_srv_conf(ngx_conf_t *cf, void *parent, | |
18 void *child); | |
19 static char *ngx_stream_core_error_log(ngx_conf_t *cf, ngx_command_t *cmd, | |
20 void *conf); | |
21 static char *ngx_stream_core_server(ngx_conf_t *cf, ngx_command_t *cmd, | |
22 void *conf); | |
23 static char *ngx_stream_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, | |
24 void *conf); | |
6618 | 25 static char *ngx_stream_core_resolver(ngx_conf_t *cf, ngx_command_t *cmd, |
26 void *conf); | |
6115 | 27 |
28 | |
29 static ngx_command_t ngx_stream_core_commands[] = { | |
30 | |
6607
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
31 { ngx_string("variables_hash_max_size"), |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
32 NGX_STREAM_MAIN_CONF|NGX_CONF_TAKE1, |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
33 ngx_conf_set_num_slot, |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
34 NGX_STREAM_MAIN_CONF_OFFSET, |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
35 offsetof(ngx_stream_core_main_conf_t, variables_hash_max_size), |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
36 NULL }, |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
37 |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
38 { ngx_string("variables_hash_bucket_size"), |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
39 NGX_STREAM_MAIN_CONF|NGX_CONF_TAKE1, |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
40 ngx_conf_set_num_slot, |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
41 NGX_STREAM_MAIN_CONF_OFFSET, |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
42 offsetof(ngx_stream_core_main_conf_t, variables_hash_bucket_size), |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
43 NULL }, |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
44 |
6115 | 45 { ngx_string("server"), |
46 NGX_STREAM_MAIN_CONF|NGX_CONF_BLOCK|NGX_CONF_NOARGS, | |
47 ngx_stream_core_server, | |
48 0, | |
49 0, | |
50 NULL }, | |
51 | |
52 { ngx_string("listen"), | |
53 NGX_STREAM_SRV_CONF|NGX_CONF_1MORE, | |
54 ngx_stream_core_listen, | |
55 NGX_STREAM_SRV_CONF_OFFSET, | |
56 0, | |
57 NULL }, | |
58 | |
59 { ngx_string("error_log"), | |
60 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_1MORE, | |
61 ngx_stream_core_error_log, | |
62 NGX_STREAM_SRV_CONF_OFFSET, | |
63 0, | |
64 NULL }, | |
65 | |
6618 | 66 { ngx_string("resolver"), |
67 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_1MORE, | |
68 ngx_stream_core_resolver, | |
69 NGX_STREAM_SRV_CONF_OFFSET, | |
70 0, | |
71 NULL }, | |
72 | |
73 { ngx_string("resolver_timeout"), | |
74 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
75 ngx_conf_set_msec_slot, | |
76 NGX_STREAM_SRV_CONF_OFFSET, | |
77 offsetof(ngx_stream_core_srv_conf_t, resolver_timeout), | |
78 NULL }, | |
79 | |
6680
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
80 { ngx_string("proxy_protocol_timeout"), |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
81 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
82 ngx_conf_set_msec_slot, |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
83 NGX_STREAM_SRV_CONF_OFFSET, |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
84 offsetof(ngx_stream_core_srv_conf_t, proxy_protocol_timeout), |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
85 NULL }, |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
86 |
6221
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
87 { ngx_string("tcp_nodelay"), |
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
88 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, |
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
89 ngx_conf_set_flag_slot, |
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
90 NGX_STREAM_SRV_CONF_OFFSET, |
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
91 offsetof(ngx_stream_core_srv_conf_t, tcp_nodelay), |
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
92 NULL }, |
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
93 |
6694 | 94 { ngx_string("preread_buffer_size"), |
95 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
96 ngx_conf_set_size_slot, | |
97 NGX_STREAM_SRV_CONF_OFFSET, | |
98 offsetof(ngx_stream_core_srv_conf_t, preread_buffer_size), | |
99 NULL }, | |
100 | |
101 { ngx_string("preread_timeout"), | |
102 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
103 ngx_conf_set_msec_slot, | |
104 NGX_STREAM_SRV_CONF_OFFSET, | |
105 offsetof(ngx_stream_core_srv_conf_t, preread_timeout), | |
106 NULL }, | |
107 | |
6115 | 108 ngx_null_command |
109 }; | |
110 | |
111 | |
112 static ngx_stream_module_t ngx_stream_core_module_ctx = { | |
6607
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
113 ngx_stream_core_preconfiguration, /* preconfiguration */ |
6174
68c106e6fa0a
Stream: added postconfiguration method to stream modules.
Vladimir Homutov <vl@nginx.com>
parents:
6172
diff
changeset
|
114 NULL, /* postconfiguration */ |
68c106e6fa0a
Stream: added postconfiguration method to stream modules.
Vladimir Homutov <vl@nginx.com>
parents:
6172
diff
changeset
|
115 |
6115 | 116 ngx_stream_core_create_main_conf, /* create main configuration */ |
6607
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
117 ngx_stream_core_init_main_conf, /* init main configuration */ |
6115 | 118 |
119 ngx_stream_core_create_srv_conf, /* create server configuration */ | |
120 ngx_stream_core_merge_srv_conf /* merge server configuration */ | |
121 }; | |
122 | |
123 | |
124 ngx_module_t ngx_stream_core_module = { | |
125 NGX_MODULE_V1, | |
126 &ngx_stream_core_module_ctx, /* module context */ | |
127 ngx_stream_core_commands, /* module directives */ | |
128 NGX_STREAM_MODULE, /* module type */ | |
129 NULL, /* init master */ | |
130 NULL, /* init module */ | |
131 NULL, /* init process */ | |
132 NULL, /* init thread */ | |
133 NULL, /* exit thread */ | |
134 NULL, /* exit process */ | |
135 NULL, /* exit master */ | |
136 NGX_MODULE_V1_PADDING | |
137 }; | |
138 | |
139 | |
6693 | 140 void |
141 ngx_stream_core_run_phases(ngx_stream_session_t *s) | |
142 { | |
143 ngx_int_t rc; | |
144 ngx_stream_phase_handler_t *ph; | |
145 ngx_stream_core_main_conf_t *cmcf; | |
146 | |
147 cmcf = ngx_stream_get_module_main_conf(s, ngx_stream_core_module); | |
148 | |
149 ph = cmcf->phase_engine.handlers; | |
150 | |
151 while (ph[s->phase_handler].checker) { | |
152 | |
153 rc = ph[s->phase_handler].checker(s, &ph[s->phase_handler]); | |
154 | |
155 if (rc == NGX_OK) { | |
156 return; | |
157 } | |
158 } | |
159 } | |
160 | |
161 | |
162 ngx_int_t | |
163 ngx_stream_core_generic_phase(ngx_stream_session_t *s, | |
164 ngx_stream_phase_handler_t *ph) | |
165 { | |
166 ngx_int_t rc; | |
167 | |
168 /* | |
169 * generic phase checker, | |
6694 | 170 * used by all phases, except for preread and content |
6693 | 171 */ |
172 | |
173 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, | |
174 "generic phase: %ui", s->phase_handler); | |
175 | |
176 rc = ph->handler(s); | |
177 | |
178 if (rc == NGX_OK) { | |
179 s->phase_handler = ph->next; | |
180 return NGX_AGAIN; | |
181 } | |
182 | |
183 if (rc == NGX_DECLINED) { | |
184 s->phase_handler++; | |
185 return NGX_AGAIN; | |
186 } | |
187 | |
188 if (rc == NGX_AGAIN || rc == NGX_DONE) { | |
189 return NGX_OK; | |
190 } | |
191 | |
192 if (rc == NGX_ERROR) { | |
193 rc = NGX_STREAM_INTERNAL_SERVER_ERROR; | |
194 } | |
195 | |
196 ngx_stream_finalize_session(s, rc); | |
197 | |
198 return NGX_OK; | |
199 } | |
200 | |
201 | |
202 ngx_int_t | |
6694 | 203 ngx_stream_core_preread_phase(ngx_stream_session_t *s, |
204 ngx_stream_phase_handler_t *ph) | |
205 { | |
206 size_t size; | |
207 ssize_t n; | |
208 ngx_int_t rc; | |
209 ngx_connection_t *c; | |
210 ngx_stream_core_srv_conf_t *cscf; | |
211 | |
212 c = s->connection; | |
213 | |
214 c->log->action = "prereading client data"; | |
215 | |
216 cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); | |
217 | |
218 if (c->read->timedout) { | |
219 rc = NGX_STREAM_OK; | |
220 | |
221 } else if (c->read->timer_set) { | |
222 rc = NGX_AGAIN; | |
223 | |
224 } else { | |
225 rc = ph->handler(s); | |
226 } | |
227 | |
228 while (rc == NGX_AGAIN) { | |
229 | |
230 if (c->buffer == NULL) { | |
231 c->buffer = ngx_create_temp_buf(c->pool, cscf->preread_buffer_size); | |
232 if (c->buffer == NULL) { | |
233 rc = NGX_ERROR; | |
234 break; | |
235 } | |
236 } | |
237 | |
238 size = c->buffer->end - c->buffer->last; | |
239 | |
240 if (size == 0) { | |
241 ngx_log_error(NGX_LOG_ERR, c->log, 0, "preread buffer full"); | |
242 rc = NGX_STREAM_BAD_REQUEST; | |
243 break; | |
244 } | |
245 | |
246 if (c->read->eof) { | |
247 rc = NGX_STREAM_OK; | |
248 break; | |
249 } | |
250 | |
251 if (!c->read->ready) { | |
252 if (ngx_handle_read_event(c->read, 0) != NGX_OK) { | |
253 rc = NGX_ERROR; | |
254 break; | |
255 } | |
256 | |
257 if (!c->read->timer_set) { | |
258 ngx_add_timer(c->read, cscf->preread_timeout); | |
259 } | |
260 | |
261 c->read->handler = ngx_stream_session_handler; | |
262 | |
263 return NGX_OK; | |
264 } | |
265 | |
266 n = c->recv(c, c->buffer->last, size); | |
267 | |
268 if (n == NGX_ERROR) { | |
269 rc = NGX_STREAM_OK; | |
270 break; | |
271 } | |
272 | |
273 if (n > 0) { | |
274 c->buffer->last += n; | |
275 } | |
276 | |
277 rc = ph->handler(s); | |
278 } | |
279 | |
280 if (c->read->timer_set) { | |
281 ngx_del_timer(c->read); | |
282 } | |
283 | |
284 if (rc == NGX_OK) { | |
285 s->phase_handler = ph->next; | |
286 return NGX_AGAIN; | |
287 } | |
288 | |
289 if (rc == NGX_DECLINED) { | |
290 s->phase_handler++; | |
291 return NGX_AGAIN; | |
292 } | |
293 | |
294 if (rc == NGX_DONE) { | |
295 return NGX_OK; | |
296 } | |
297 | |
298 if (rc == NGX_ERROR) { | |
299 rc = NGX_STREAM_INTERNAL_SERVER_ERROR; | |
300 } | |
301 | |
302 ngx_stream_finalize_session(s, rc); | |
303 | |
304 return NGX_OK; | |
305 } | |
306 | |
307 | |
308 ngx_int_t | |
6693 | 309 ngx_stream_core_content_phase(ngx_stream_session_t *s, |
310 ngx_stream_phase_handler_t *ph) | |
311 { | |
312 int tcp_nodelay; | |
313 ngx_connection_t *c; | |
314 ngx_stream_core_srv_conf_t *cscf; | |
315 | |
316 c = s->connection; | |
317 | |
318 c->log->action = NULL; | |
319 | |
320 cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); | |
321 | |
322 if (c->type == SOCK_STREAM | |
323 && cscf->tcp_nodelay | |
324 && c->tcp_nodelay == NGX_TCP_NODELAY_UNSET) | |
325 { | |
326 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, "tcp_nodelay"); | |
327 | |
328 tcp_nodelay = 1; | |
329 | |
330 if (setsockopt(c->fd, IPPROTO_TCP, TCP_NODELAY, | |
331 (const void *) &tcp_nodelay, sizeof(int)) == -1) | |
332 { | |
333 ngx_connection_error(c, ngx_socket_errno, | |
334 "setsockopt(TCP_NODELAY) failed"); | |
335 ngx_stream_finalize_session(s, NGX_STREAM_INTERNAL_SERVER_ERROR); | |
336 return NGX_OK; | |
337 } | |
338 | |
339 c->tcp_nodelay = NGX_TCP_NODELAY_SET; | |
340 } | |
341 | |
342 cscf->handler(s); | |
343 | |
344 return NGX_OK; | |
345 } | |
346 | |
347 | |
6607
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
348 static ngx_int_t |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
349 ngx_stream_core_preconfiguration(ngx_conf_t *cf) |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
350 { |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
351 return ngx_stream_variables_add_core_vars(cf); |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
352 } |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
353 |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
354 |
6115 | 355 static void * |
356 ngx_stream_core_create_main_conf(ngx_conf_t *cf) | |
357 { | |
358 ngx_stream_core_main_conf_t *cmcf; | |
359 | |
360 cmcf = ngx_pcalloc(cf->pool, sizeof(ngx_stream_core_main_conf_t)); | |
361 if (cmcf == NULL) { | |
362 return NULL; | |
363 } | |
364 | |
365 if (ngx_array_init(&cmcf->servers, cf->pool, 4, | |
366 sizeof(ngx_stream_core_srv_conf_t *)) | |
367 != NGX_OK) | |
368 { | |
369 return NULL; | |
370 } | |
371 | |
372 if (ngx_array_init(&cmcf->listen, cf->pool, 4, sizeof(ngx_stream_listen_t)) | |
373 != NGX_OK) | |
374 { | |
375 return NULL; | |
376 } | |
377 | |
6607
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
378 cmcf->variables_hash_max_size = NGX_CONF_UNSET_UINT; |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
379 cmcf->variables_hash_bucket_size = NGX_CONF_UNSET_UINT; |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
380 |
6115 | 381 return cmcf; |
382 } | |
383 | |
384 | |
6607
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
385 static char * |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
386 ngx_stream_core_init_main_conf(ngx_conf_t *cf, void *conf) |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
387 { |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
388 ngx_stream_core_main_conf_t *cmcf = conf; |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
389 |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
390 ngx_conf_init_uint_value(cmcf->variables_hash_max_size, 1024); |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
391 ngx_conf_init_uint_value(cmcf->variables_hash_bucket_size, 64); |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
392 |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
393 cmcf->variables_hash_bucket_size = |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
394 ngx_align(cmcf->variables_hash_bucket_size, ngx_cacheline_size); |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
395 |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
396 if (cmcf->ncaptures) { |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
397 cmcf->ncaptures = (cmcf->ncaptures + 1) * 3; |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
398 } |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
399 |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
400 return NGX_CONF_OK; |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
401 } |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
402 |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
403 |
6115 | 404 static void * |
405 ngx_stream_core_create_srv_conf(ngx_conf_t *cf) | |
406 { | |
407 ngx_stream_core_srv_conf_t *cscf; | |
408 | |
409 cscf = ngx_pcalloc(cf->pool, sizeof(ngx_stream_core_srv_conf_t)); | |
410 if (cscf == NULL) { | |
411 return NULL; | |
412 } | |
413 | |
414 /* | |
415 * set by ngx_pcalloc(): | |
416 * | |
417 * cscf->handler = NULL; | |
418 * cscf->error_log = NULL; | |
419 */ | |
420 | |
421 cscf->file_name = cf->conf_file->file.name.data; | |
422 cscf->line = cf->conf_file->line; | |
6618 | 423 cscf->resolver_timeout = NGX_CONF_UNSET_MSEC; |
6680
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
424 cscf->proxy_protocol_timeout = NGX_CONF_UNSET_MSEC; |
6221
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
425 cscf->tcp_nodelay = NGX_CONF_UNSET; |
6694 | 426 cscf->preread_buffer_size = NGX_CONF_UNSET_SIZE; |
427 cscf->preread_timeout = NGX_CONF_UNSET_MSEC; | |
6115 | 428 |
429 return cscf; | |
430 } | |
431 | |
432 | |
433 static char * | |
434 ngx_stream_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) | |
435 { | |
436 ngx_stream_core_srv_conf_t *prev = parent; | |
437 ngx_stream_core_srv_conf_t *conf = child; | |
438 | |
6618 | 439 ngx_conf_merge_msec_value(conf->resolver_timeout, |
440 prev->resolver_timeout, 30000); | |
441 | |
442 if (conf->resolver == NULL) { | |
443 | |
444 if (prev->resolver == NULL) { | |
445 | |
446 /* | |
447 * create dummy resolver in stream {} context | |
448 * to inherit it in all servers | |
449 */ | |
450 | |
451 prev->resolver = ngx_resolver_create(cf, NULL, 0); | |
452 if (prev->resolver == NULL) { | |
453 return NGX_CONF_ERROR; | |
454 } | |
455 } | |
456 | |
457 conf->resolver = prev->resolver; | |
458 } | |
459 | |
6115 | 460 if (conf->handler == NULL) { |
461 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | |
462 "no handler for server in %s:%ui", | |
463 conf->file_name, conf->line); | |
464 return NGX_CONF_ERROR; | |
465 } | |
466 | |
467 if (conf->error_log == NULL) { | |
468 if (prev->error_log) { | |
469 conf->error_log = prev->error_log; | |
470 } else { | |
471 conf->error_log = &cf->cycle->new_log; | |
472 } | |
473 } | |
474 | |
6680
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
475 ngx_conf_merge_msec_value(conf->proxy_protocol_timeout, |
6685
4a16fceea03b
Stream: increase default value for proxy_protocol_timeout to 30s.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6680
diff
changeset
|
476 prev->proxy_protocol_timeout, 30000); |
6680
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
477 |
6221
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
478 ngx_conf_merge_value(conf->tcp_nodelay, prev->tcp_nodelay, 1); |
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
479 |
6694 | 480 ngx_conf_merge_size_value(conf->preread_buffer_size, |
481 prev->preread_buffer_size, 16384); | |
482 | |
483 ngx_conf_merge_msec_value(conf->preread_timeout, | |
484 prev->preread_timeout, 30000); | |
485 | |
6115 | 486 return NGX_CONF_OK; |
487 } | |
488 | |
489 | |
490 static char * | |
491 ngx_stream_core_error_log(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
492 { | |
493 ngx_stream_core_srv_conf_t *cscf = conf; | |
494 | |
495 return ngx_log_set_log(cf, &cscf->error_log); | |
496 } | |
497 | |
498 | |
499 static char * | |
500 ngx_stream_core_server(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
501 { | |
502 char *rv; | |
503 void *mconf; | |
504 ngx_uint_t m; | |
505 ngx_conf_t pcf; | |
506 ngx_stream_module_t *module; | |
507 ngx_stream_conf_ctx_t *ctx, *stream_ctx; | |
508 ngx_stream_core_srv_conf_t *cscf, **cscfp; | |
509 ngx_stream_core_main_conf_t *cmcf; | |
510 | |
511 ctx = ngx_pcalloc(cf->pool, sizeof(ngx_stream_conf_ctx_t)); | |
512 if (ctx == NULL) { | |
513 return NGX_CONF_ERROR; | |
514 } | |
515 | |
516 stream_ctx = cf->ctx; | |
517 ctx->main_conf = stream_ctx->main_conf; | |
518 | |
519 /* the server{}'s srv_conf */ | |
520 | |
521 ctx->srv_conf = ngx_pcalloc(cf->pool, | |
522 sizeof(void *) * ngx_stream_max_module); | |
523 if (ctx->srv_conf == NULL) { | |
524 return NGX_CONF_ERROR; | |
525 } | |
526 | |
6379
cf5e822cf470
Dynamic modules: changed ngx_modules to cycle->modules.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6230
diff
changeset
|
527 for (m = 0; cf->cycle->modules[m]; m++) { |
cf5e822cf470
Dynamic modules: changed ngx_modules to cycle->modules.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6230
diff
changeset
|
528 if (cf->cycle->modules[m]->type != NGX_STREAM_MODULE) { |
6115 | 529 continue; |
530 } | |
531 | |
6379
cf5e822cf470
Dynamic modules: changed ngx_modules to cycle->modules.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6230
diff
changeset
|
532 module = cf->cycle->modules[m]->ctx; |
6115 | 533 |
534 if (module->create_srv_conf) { | |
535 mconf = module->create_srv_conf(cf); | |
536 if (mconf == NULL) { | |
537 return NGX_CONF_ERROR; | |
538 } | |
539 | |
6379
cf5e822cf470
Dynamic modules: changed ngx_modules to cycle->modules.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6230
diff
changeset
|
540 ctx->srv_conf[cf->cycle->modules[m]->ctx_index] = mconf; |
6115 | 541 } |
542 } | |
543 | |
544 /* the server configuration context */ | |
545 | |
546 cscf = ctx->srv_conf[ngx_stream_core_module.ctx_index]; | |
547 cscf->ctx = ctx; | |
548 | |
549 cmcf = ctx->main_conf[ngx_stream_core_module.ctx_index]; | |
550 | |
551 cscfp = ngx_array_push(&cmcf->servers); | |
552 if (cscfp == NULL) { | |
553 return NGX_CONF_ERROR; | |
554 } | |
555 | |
556 *cscfp = cscf; | |
557 | |
558 | |
559 /* parse inside server{} */ | |
560 | |
561 pcf = *cf; | |
562 cf->ctx = ctx; | |
563 cf->cmd_type = NGX_STREAM_SRV_CONF; | |
564 | |
565 rv = ngx_conf_parse(cf, NULL); | |
566 | |
567 *cf = pcf; | |
568 | |
6657
3d5202c71f94
Ensure "listen" exists in a mail or stream server (ticket #1049).
Roman Arutyunyan <arut@nginx.com>
parents:
6618
diff
changeset
|
569 if (rv == NGX_CONF_OK && !cscf->listen) { |
3d5202c71f94
Ensure "listen" exists in a mail or stream server (ticket #1049).
Roman Arutyunyan <arut@nginx.com>
parents:
6618
diff
changeset
|
570 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, |
3d5202c71f94
Ensure "listen" exists in a mail or stream server (ticket #1049).
Roman Arutyunyan <arut@nginx.com>
parents:
6618
diff
changeset
|
571 "no \"listen\" is defined for server in %s:%ui", |
3d5202c71f94
Ensure "listen" exists in a mail or stream server (ticket #1049).
Roman Arutyunyan <arut@nginx.com>
parents:
6618
diff
changeset
|
572 cscf->file_name, cscf->line); |
3d5202c71f94
Ensure "listen" exists in a mail or stream server (ticket #1049).
Roman Arutyunyan <arut@nginx.com>
parents:
6618
diff
changeset
|
573 return NGX_CONF_ERROR; |
3d5202c71f94
Ensure "listen" exists in a mail or stream server (ticket #1049).
Roman Arutyunyan <arut@nginx.com>
parents:
6618
diff
changeset
|
574 } |
3d5202c71f94
Ensure "listen" exists in a mail or stream server (ticket #1049).
Roman Arutyunyan <arut@nginx.com>
parents:
6618
diff
changeset
|
575 |
6115 | 576 return rv; |
577 } | |
578 | |
579 | |
580 static char * | |
581 ngx_stream_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
582 { | |
6657
3d5202c71f94
Ensure "listen" exists in a mail or stream server (ticket #1049).
Roman Arutyunyan <arut@nginx.com>
parents:
6618
diff
changeset
|
583 ngx_stream_core_srv_conf_t *cscf = conf; |
3d5202c71f94
Ensure "listen" exists in a mail or stream server (ticket #1049).
Roman Arutyunyan <arut@nginx.com>
parents:
6618
diff
changeset
|
584 |
6975
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
585 ngx_str_t *value, size; |
6115 | 586 ngx_url_t u; |
6436 | 587 ngx_uint_t i, backlog; |
6558
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
588 ngx_stream_listen_t *ls, *als; |
6115 | 589 ngx_stream_core_main_conf_t *cmcf; |
590 | |
6657
3d5202c71f94
Ensure "listen" exists in a mail or stream server (ticket #1049).
Roman Arutyunyan <arut@nginx.com>
parents:
6618
diff
changeset
|
591 cscf->listen = 1; |
3d5202c71f94
Ensure "listen" exists in a mail or stream server (ticket #1049).
Roman Arutyunyan <arut@nginx.com>
parents:
6618
diff
changeset
|
592 |
6115 | 593 value = cf->args->elts; |
594 | |
595 ngx_memzero(&u, sizeof(ngx_url_t)); | |
596 | |
597 u.url = value[1]; | |
598 u.listen = 1; | |
599 | |
600 if (ngx_parse_url(cf->pool, &u) != NGX_OK) { | |
601 if (u.err) { | |
602 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, | |
603 "%s in \"%V\" of the \"listen\" directive", | |
604 u.err, &u.url); | |
605 } | |
606 | |
607 return NGX_CONF_ERROR; | |
608 } | |
609 | |
610 cmcf = ngx_stream_conf_get_module_main_conf(cf, ngx_stream_core_module); | |
611 | |
612 ls = ngx_array_push(&cmcf->listen); | |
613 if (ls == NULL) { | |
614 return NGX_CONF_ERROR; | |
615 } | |
616 | |
617 ngx_memzero(ls, sizeof(ngx_stream_listen_t)); | |
618 | |
6560
c90cf79d0e1d
Renamed "u" to "sockaddr" in listen options types.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6559
diff
changeset
|
619 ngx_memcpy(&ls->sockaddr.sockaddr, &u.sockaddr, u.socklen); |
6115 | 620 |
621 ls->socklen = u.socklen; | |
6172 | 622 ls->backlog = NGX_LISTEN_BACKLOG; |
6975
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
623 ls->rcvbuf = -1; |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
624 ls->sndbuf = -1; |
6436 | 625 ls->type = SOCK_STREAM; |
6115 | 626 ls->wildcard = u.wildcard; |
627 ls->ctx = cf->ctx; | |
628 | |
6719
cebf5fed00bf
Modules compatibility: removed unneeded IPV6_V6ONLY checks.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6694
diff
changeset
|
629 #if (NGX_HAVE_INET6) |
6115 | 630 ls->ipv6only = 1; |
631 #endif | |
632 | |
6436 | 633 backlog = 0; |
634 | |
6115 | 635 for (i = 2; i < cf->args->nelts; i++) { |
636 | |
6436 | 637 #if !(NGX_WIN32) |
638 if (ngx_strcmp(value[i].data, "udp") == 0) { | |
639 ls->type = SOCK_DGRAM; | |
640 continue; | |
641 } | |
642 #endif | |
643 | |
6115 | 644 if (ngx_strcmp(value[i].data, "bind") == 0) { |
645 ls->bind = 1; | |
646 continue; | |
647 } | |
648 | |
6172 | 649 if (ngx_strncmp(value[i].data, "backlog=", 8) == 0) { |
650 ls->backlog = ngx_atoi(value[i].data + 8, value[i].len - 8); | |
651 ls->bind = 1; | |
652 | |
653 if (ls->backlog == NGX_ERROR || ls->backlog == 0) { | |
654 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, | |
655 "invalid backlog \"%V\"", &value[i]); | |
656 return NGX_CONF_ERROR; | |
657 } | |
658 | |
6436 | 659 backlog = 1; |
660 | |
6172 | 661 continue; |
662 } | |
663 | |
6975
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
664 if (ngx_strncmp(value[i].data, "rcvbuf=", 7) == 0) { |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
665 size.len = value[i].len - 7; |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
666 size.data = value[i].data + 7; |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
667 |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
668 ls->rcvbuf = ngx_parse_size(&size); |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
669 ls->bind = 1; |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
670 |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
671 if (ls->rcvbuf == NGX_ERROR) { |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
672 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
673 "invalid rcvbuf \"%V\"", &value[i]); |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
674 return NGX_CONF_ERROR; |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
675 } |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
676 |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
677 continue; |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
678 } |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
679 |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
680 if (ngx_strncmp(value[i].data, "sndbuf=", 7) == 0) { |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
681 size.len = value[i].len - 7; |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
682 size.data = value[i].data + 7; |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
683 |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
684 ls->sndbuf = ngx_parse_size(&size); |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
685 ls->bind = 1; |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
686 |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
687 if (ls->sndbuf == NGX_ERROR) { |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
688 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
689 "invalid sndbuf \"%V\"", &value[i]); |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
690 return NGX_CONF_ERROR; |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
691 } |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
692 |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
693 continue; |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
694 } |
d7ce41bdf050
Stream: configurable socket buffer sizes.
Vladimir Homutov <vl@nginx.com>
parents:
6719
diff
changeset
|
695 |
6115 | 696 if (ngx_strncmp(value[i].data, "ipv6only=o", 10) == 0) { |
697 #if (NGX_HAVE_INET6 && defined IPV6_V6ONLY) | |
6557
6f8254ae61b8
Use ngx_cmp_sockaddr() where appropriate.
Ruslan Ermilov <ru@nginx.com>
parents:
6436
diff
changeset
|
698 size_t len; |
6230
2a621245f4cf
Win32: MSVC 2015 compatibility.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6221
diff
changeset
|
699 u_char buf[NGX_SOCKADDR_STRLEN]; |
6115 | 700 |
6560
c90cf79d0e1d
Renamed "u" to "sockaddr" in listen options types.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6559
diff
changeset
|
701 if (ls->sockaddr.sockaddr.sa_family == AF_INET6) { |
6115 | 702 |
703 if (ngx_strcmp(&value[i].data[10], "n") == 0) { | |
704 ls->ipv6only = 1; | |
705 | |
706 } else if (ngx_strcmp(&value[i].data[10], "ff") == 0) { | |
707 ls->ipv6only = 0; | |
708 | |
709 } else { | |
710 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, | |
711 "invalid ipv6only flags \"%s\"", | |
712 &value[i].data[9]); | |
713 return NGX_CONF_ERROR; | |
714 } | |
715 | |
716 ls->bind = 1; | |
717 | |
718 } else { | |
6560
c90cf79d0e1d
Renamed "u" to "sockaddr" in listen options types.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6559
diff
changeset
|
719 len = ngx_sock_ntop(&ls->sockaddr.sockaddr, ls->socklen, buf, |
6115 | 720 NGX_SOCKADDR_STRLEN, 1); |
721 | |
722 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, | |
723 "ipv6only is not supported " | |
724 "on addr \"%*s\", ignored", len, buf); | |
725 } | |
726 | |
727 continue; | |
728 #else | |
729 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, | |
730 "bind ipv6only is not supported " | |
731 "on this platform"); | |
732 return NGX_CONF_ERROR; | |
733 #endif | |
734 } | |
735 | |
6153
4f6efabcb09b
The "reuseport" option of the "listen" directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
736 if (ngx_strcmp(value[i].data, "reuseport") == 0) { |
4f6efabcb09b
The "reuseport" option of the "listen" directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
737 #if (NGX_HAVE_REUSEPORT) |
4f6efabcb09b
The "reuseport" option of the "listen" directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
738 ls->reuseport = 1; |
4f6efabcb09b
The "reuseport" option of the "listen" directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
739 ls->bind = 1; |
4f6efabcb09b
The "reuseport" option of the "listen" directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
740 #else |
4f6efabcb09b
The "reuseport" option of the "listen" directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
741 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
4f6efabcb09b
The "reuseport" option of the "listen" directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
742 "reuseport is not supported " |
4f6efabcb09b
The "reuseport" option of the "listen" directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
743 "on this platform, ignored"); |
4f6efabcb09b
The "reuseport" option of the "listen" directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
744 #endif |
4f6efabcb09b
The "reuseport" option of the "listen" directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
745 continue; |
4f6efabcb09b
The "reuseport" option of the "listen" directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
746 } |
4f6efabcb09b
The "reuseport" option of the "listen" directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6115
diff
changeset
|
747 |
6115 | 748 if (ngx_strcmp(value[i].data, "ssl") == 0) { |
749 #if (NGX_STREAM_SSL) | |
750 ls->ssl = 1; | |
751 continue; | |
752 #else | |
753 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, | |
754 "the \"ssl\" parameter requires " | |
755 "ngx_stream_ssl_module"); | |
756 return NGX_CONF_ERROR; | |
757 #endif | |
758 } | |
759 | |
760 if (ngx_strncmp(value[i].data, "so_keepalive=", 13) == 0) { | |
761 | |
762 if (ngx_strcmp(&value[i].data[13], "on") == 0) { | |
763 ls->so_keepalive = 1; | |
764 | |
765 } else if (ngx_strcmp(&value[i].data[13], "off") == 0) { | |
766 ls->so_keepalive = 2; | |
767 | |
768 } else { | |
769 | |
770 #if (NGX_HAVE_KEEPALIVE_TUNABLE) | |
771 u_char *p, *end; | |
772 ngx_str_t s; | |
773 | |
774 end = value[i].data + value[i].len; | |
775 s.data = value[i].data + 13; | |
776 | |
777 p = ngx_strlchr(s.data, end, ':'); | |
778 if (p == NULL) { | |
779 p = end; | |
780 } | |
781 | |
782 if (p > s.data) { | |
783 s.len = p - s.data; | |
784 | |
785 ls->tcp_keepidle = ngx_parse_time(&s, 1); | |
786 if (ls->tcp_keepidle == (time_t) NGX_ERROR) { | |
787 goto invalid_so_keepalive; | |
788 } | |
789 } | |
790 | |
791 s.data = (p < end) ? (p + 1) : end; | |
792 | |
793 p = ngx_strlchr(s.data, end, ':'); | |
794 if (p == NULL) { | |
795 p = end; | |
796 } | |
797 | |
798 if (p > s.data) { | |
799 s.len = p - s.data; | |
800 | |
801 ls->tcp_keepintvl = ngx_parse_time(&s, 1); | |
802 if (ls->tcp_keepintvl == (time_t) NGX_ERROR) { | |
803 goto invalid_so_keepalive; | |
804 } | |
805 } | |
806 | |
807 s.data = (p < end) ? (p + 1) : end; | |
808 | |
809 if (s.data < end) { | |
810 s.len = end - s.data; | |
811 | |
812 ls->tcp_keepcnt = ngx_atoi(s.data, s.len); | |
813 if (ls->tcp_keepcnt == NGX_ERROR) { | |
814 goto invalid_so_keepalive; | |
815 } | |
816 } | |
817 | |
818 if (ls->tcp_keepidle == 0 && ls->tcp_keepintvl == 0 | |
819 && ls->tcp_keepcnt == 0) | |
820 { | |
821 goto invalid_so_keepalive; | |
822 } | |
823 | |
824 ls->so_keepalive = 1; | |
825 | |
826 #else | |
827 | |
828 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, | |
829 "the \"so_keepalive\" parameter accepts " | |
830 "only \"on\" or \"off\" on this platform"); | |
831 return NGX_CONF_ERROR; | |
832 | |
833 #endif | |
834 } | |
835 | |
836 ls->bind = 1; | |
837 | |
838 continue; | |
839 | |
840 #if (NGX_HAVE_KEEPALIVE_TUNABLE) | |
841 invalid_so_keepalive: | |
842 | |
843 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, | |
844 "invalid so_keepalive value: \"%s\"", | |
845 &value[i].data[13]); | |
846 return NGX_CONF_ERROR; | |
847 #endif | |
848 } | |
849 | |
6680
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
850 if (ngx_strcmp(value[i].data, "proxy_protocol") == 0) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
851 ls->proxy_protocol = 1; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
852 continue; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
853 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
854 |
6115 | 855 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
856 "the invalid \"%V\" parameter", &value[i]); | |
857 return NGX_CONF_ERROR; | |
858 } | |
859 | |
6436 | 860 if (ls->type == SOCK_DGRAM) { |
861 if (backlog) { | |
862 return "\"backlog\" parameter is incompatible with \"udp\""; | |
863 } | |
864 | |
865 #if (NGX_STREAM_SSL) | |
866 if (ls->ssl) { | |
867 return "\"ssl\" parameter is incompatible with \"udp\""; | |
868 } | |
869 #endif | |
870 | |
871 if (ls->so_keepalive) { | |
872 return "\"so_keepalive\" parameter is incompatible with \"udp\""; | |
873 } | |
6680
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
874 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
875 if (ls->proxy_protocol) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
876 return "\"proxy_protocol\" parameter is incompatible with \"udp\""; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6657
diff
changeset
|
877 } |
6436 | 878 } |
879 | |
6558
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
880 als = cmcf->listen.elts; |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
881 |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
882 for (i = 0; i < cmcf->listen.nelts - 1; i++) { |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
883 if (ls->type != als[i].type) { |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
884 continue; |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
885 } |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
886 |
6560
c90cf79d0e1d
Renamed "u" to "sockaddr" in listen options types.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6559
diff
changeset
|
887 if (ngx_cmp_sockaddr(&als[i].sockaddr.sockaddr, als[i].socklen, |
c90cf79d0e1d
Renamed "u" to "sockaddr" in listen options types.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6559
diff
changeset
|
888 &ls->sockaddr.sockaddr, ls->socklen, 1) |
6558
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
889 != NGX_OK) |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
890 { |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
891 continue; |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
892 } |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
893 |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
894 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
895 "duplicate \"%V\" address and port pair", &u.url); |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
896 return NGX_CONF_ERROR; |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
897 } |
68854ce64ec7
Stream: fixed duplicate listen address detection.
Ruslan Ermilov <ru@nginx.com>
parents:
6557
diff
changeset
|
898 |
6115 | 899 return NGX_CONF_OK; |
900 } | |
6618 | 901 |
902 | |
903 static char * | |
904 ngx_stream_core_resolver(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
905 { | |
906 ngx_stream_core_srv_conf_t *cscf = conf; | |
907 | |
908 ngx_str_t *value; | |
909 | |
910 if (cscf->resolver) { | |
911 return "is duplicate"; | |
912 } | |
913 | |
914 value = cf->args->elts; | |
915 | |
916 cscf->resolver = ngx_resolver_create(cf, &value[1], cf->args->nelts - 1); | |
917 if (cscf->resolver == NULL) { | |
918 return NGX_CONF_ERROR; | |
919 } | |
920 | |
921 return NGX_CONF_OK; | |
922 } |