# HG changeset patch # User Igor Sysoev # Date 1196170453 0 # Node ID 13f8dec720b5ce0ae7f1ba6a29c1fe1c1c6055b7 # Parent 6a8a066adc980600086ce3abb61cd4d0dfd79350 proxy_pass variables support diff --git a/src/http/modules/ngx_http_fastcgi_module.c b/src/http/modules/ngx_http_fastcgi_module.c --- a/src/http/modules/ngx_http_fastcgi_module.c +++ b/src/http/modules/ngx_http_fastcgi_module.c @@ -443,6 +443,8 @@ ngx_http_fastcgi_handler(ngx_http_reques return NGX_HTTP_INTERNAL_SERVER_ERROR; } + u->schema = flcf->upstream.schema; + u->peer.log = r->connection->log; u->peer.log_error = NGX_ERROR_ERR; #if (NGX_THREADS) @@ -2171,8 +2173,6 @@ ngx_http_fastcgi_pass(ngx_conf_t *cf, ng clcf->handler = ngx_http_fastcgi_handler; - lcf->upstream.location = clcf->name; - if (clcf->name.data[clcf->name.len - 1] == '/') { clcf->auto_redirect = 1; } diff --git a/src/http/modules/ngx_http_memcached_module.c b/src/http/modules/ngx_http_memcached_module.c --- a/src/http/modules/ngx_http_memcached_module.c +++ b/src/http/modules/ngx_http_memcached_module.c @@ -184,6 +184,8 @@ ngx_http_memcached_handler(ngx_http_requ return NGX_HTTP_INTERNAL_SERVER_ERROR; } + u->schema = mlcf->upstream.schema; + u->peer.log = r->connection->log; u->peer.log_error = NGX_ERROR_ERR; #if (NGX_THREADS) @@ -616,8 +618,6 @@ ngx_http_memcached_pass(ngx_conf_t *cf, clcf->handler = ngx_http_memcached_handler; - lcf->upstream.location = clcf->name; - if (clcf->name.data[clcf->name.len - 1] == '/') { clcf->auto_redirect = 1; } diff --git a/src/http/modules/ngx_http_proxy_module.c b/src/http/modules/ngx_http_proxy_module.c --- a/src/http/modules/ngx_http_proxy_module.c +++ b/src/http/modules/ngx_http_proxy_module.c @@ -33,6 +33,13 @@ struct ngx_http_proxy_redirect_s { typedef struct { + ngx_str_t host_header; + ngx_str_t port; + ngx_str_t uri; +} ngx_http_proxy_vars_t; + + +typedef struct { ngx_http_upstream_conf_t upstream; ngx_array_t *flushes; @@ -45,13 +52,18 @@ typedef struct { ngx_array_t *headers_source; ngx_array_t *headers_names; + ngx_array_t *proxy_lengths; + ngx_array_t *proxy_values; + ngx_array_t *redirects; ngx_str_t body_source; ngx_str_t method; - ngx_str_t host_header; - ngx_str_t port; + ngx_str_t location; + ngx_str_t url; + + ngx_http_proxy_vars_t vars; ngx_flag_t redirect; @@ -66,6 +78,8 @@ typedef struct { u_char *status_start; u_char *status_end; + ngx_http_proxy_vars_t vars; + size_t internal_body_length; } ngx_http_proxy_ctx_t; @@ -73,11 +87,13 @@ typedef struct { #define NGX_HTTP_PROXY_PARSE_NO_HEADER 20 +static ngx_int_t ngx_http_proxy_eval(ngx_http_request_t *r, + ngx_http_proxy_ctx_t *ctx, ngx_http_proxy_loc_conf_t *plcf); static ngx_int_t ngx_http_proxy_create_request(ngx_http_request_t *r); static ngx_int_t ngx_http_proxy_reinit_request(ngx_http_request_t *r); static ngx_int_t ngx_http_proxy_process_status_line(ngx_http_request_t *r); static ngx_int_t ngx_http_proxy_parse_status_line(ngx_http_request_t *r, - ngx_http_proxy_ctx_t *p); + ngx_http_proxy_ctx_t *ctx); static ngx_int_t ngx_http_proxy_process_header(ngx_http_request_t *r); static void ngx_http_proxy_abort_request(ngx_http_request_t *r); static void ngx_http_proxy_finalize_request(ngx_http_request_t *r, @@ -115,6 +131,13 @@ static char *ngx_http_proxy_upstream_max static char *ngx_http_proxy_upstream_fail_timeout_unsupported(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); +#if (NGX_HTTP_SSL) +static ngx_int_t ngx_http_proxy_set_ssl(ngx_conf_t *cf, + ngx_http_proxy_loc_conf_t *plcf); +#endif +static ngx_int_t ngx_http_proxy_set_vars(ngx_pool_t *pool, ngx_url_t *u, + ngx_http_proxy_vars_t *v); + static ngx_conf_post_t ngx_http_proxy_lowat_post = { ngx_http_proxy_lowat_check }; @@ -444,15 +467,38 @@ ngx_http_proxy_handler(ngx_http_request_ { ngx_int_t rc; ngx_http_upstream_t *u; + ngx_http_proxy_ctx_t *ctx; ngx_http_proxy_loc_conf_t *plcf; - plcf = ngx_http_get_module_loc_conf(r, ngx_http_proxy_module); - u = ngx_pcalloc(r->pool, sizeof(ngx_http_upstream_t)); if (u == NULL) { return NGX_HTTP_INTERNAL_SERVER_ERROR; } + r->upstream = u; + + ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_proxy_ctx_t)); + if (ctx == NULL) { + return NGX_ERROR; + } + + ngx_http_set_ctx(r, ctx, ngx_http_proxy_module); + + plcf = ngx_http_get_module_loc_conf(r, ngx_http_proxy_module); + + if (plcf->proxy_lengths == 0) { + ctx->vars = plcf->vars; + u->schema = plcf->upstream.schema; +#if (NGX_HTTP_SSL) + u->ssl = (plcf->upstream.ssl != NULL); +#endif + + } else { + if (ngx_http_proxy_eval(r, ctx, plcf) != NGX_OK) { + return NGX_HTTP_INTERNAL_SERVER_ERROR; + } + } + u->peer.log = r->connection->log; u->peer.log_error = NGX_ERROR_ERR; #if (NGX_THREADS) @@ -484,8 +530,6 @@ ngx_http_proxy_handler(ngx_http_request_ u->accel = 1; - r->upstream = u; - rc = ngx_http_read_client_request_body(r, ngx_http_upstream_init); if (rc >= NGX_HTTP_SPECIAL_RESPONSE) { @@ -497,6 +541,81 @@ ngx_http_proxy_handler(ngx_http_request_ static ngx_int_t +ngx_http_proxy_eval(ngx_http_request_t *r, ngx_http_proxy_ctx_t *ctx, + ngx_http_proxy_loc_conf_t *plcf) +{ + size_t add; + u_short port; + ngx_str_t proxy; + ngx_url_t u; + + if (ngx_http_script_run(r, &proxy, plcf->proxy_lengths->elts, 0, + plcf->proxy_values->elts) + == NULL) + { + return NGX_ERROR; + } + + if (ngx_strncasecmp(proxy.data, (u_char *) "http://", 7) == 0) { + + add = 7; + port = 80; + +#if (NGX_HTTP_SSL) + + } else if (ngx_strncasecmp(proxy.data, (u_char *) "https://", 8) == 0) { + + add = 8; + port = 443; + r->upstream->ssl = 1; + +#endif + + } else { + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, + "invalid URL prefix in \"%V\"", &proxy); + return NGX_ERROR; + } + + r->upstream->schema.len = add; + r->upstream->schema.data = proxy.data; + + ngx_memzero(&u, sizeof(ngx_url_t)); + + u.url.len = proxy.len - add; + u.url.data = proxy.data + add; + u.default_port = port; + u.uri_part = 1; + u.no_resolve = 1; + + if (ngx_parse_url(r->pool, &u) != NGX_OK) { + if (u.err) { + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, + "%s in upstream \"%V\"", u.err, &u.url); + } + + return NGX_ERROR; + } + + if (ngx_http_proxy_set_vars(r->pool, &u, &ctx->vars) != NGX_OK) { + return NGX_ERROR; + } + + r->upstream->resolved = ngx_pcalloc(r->pool, + sizeof(ngx_http_upstream_resolved_t)); + if (r->upstream->resolved == NULL) { + return NGX_ERROR; + } + + r->upstream->resolved->host = u.host; + r->upstream->resolved->port = (in_port_t) (u.no_port ? u.default_port: + u.port); + + return NGX_OK; +} + + +static ngx_int_t ngx_http_proxy_create_request(ngx_http_request_t *r) { size_t len, loc_len, body_len; @@ -508,7 +627,7 @@ ngx_http_proxy_create_request(ngx_http_r ngx_list_part_t *part; ngx_table_elt_t *header; ngx_http_upstream_t *u; - ngx_http_proxy_ctx_t *p; + ngx_http_proxy_ctx_t *ctx; ngx_http_script_code_pt code; ngx_http_script_engine_t e, le; ngx_http_proxy_loc_conf_t *plcf; @@ -518,13 +637,6 @@ ngx_http_proxy_create_request(ngx_http_r plcf = ngx_http_get_module_loc_conf(r, ngx_http_proxy_module); - p = ngx_pcalloc(r->pool, sizeof(ngx_http_proxy_ctx_t)); - if (p == NULL) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; - } - - ngx_http_set_ctx(r, p, ngx_http_proxy_module); - len = sizeof(ngx_http_proxy_version) - 1 + sizeof(CRLF) - 1; if (u->method.len) { @@ -540,19 +652,24 @@ ngx_http_proxy_create_request(ngx_http_r method.len++; } - len += method.len + u->conf->uri.len; - escape = 0; - - loc_len = (r->valid_location && u->conf->uri.len) ? u->conf->location.len: - 0; - - if (u->conf->uri.len == 0 && r->valid_unparsed_uri && r == r->main) { + loc_len = 0; + unparsed_uri = 0; + + ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module); + + if (plcf->proxy_lengths) { + len += method.len + ctx->vars.uri.len; + + } else if (ctx->vars.uri.len == 0 && r->valid_unparsed_uri && r == r->main) + { unparsed_uri = 1; - len += r->unparsed_uri.len; + len += method.len + r->unparsed_uri.len; } else { - unparsed_uri = 0; + loc_len = (r->valid_location && ctx->vars.uri.len) ? + plcf->location.len : 0; + if (r->quoted_uri || r->internal) { escape = 2 * ngx_escape_uri(NULL, r->uri.data + loc_len, r->uri.len - loc_len, NGX_ESCAPE_URI); @@ -574,7 +691,7 @@ ngx_http_proxy_create_request(ngx_http_r body_len += lcode(&le); } - p->internal_body_length = body_len; + ctx->internal_body_length = body_len; len += body_len; } @@ -638,12 +755,15 @@ ngx_http_proxy_create_request(ngx_http_r u->uri.data = b->last; - if (unparsed_uri) { + if (plcf->proxy_lengths) { + b->last = ngx_copy(b->last, ctx->vars.uri.data, ctx->vars.uri.len); + + } else if (unparsed_uri) { b->last = ngx_copy(b->last, r->unparsed_uri.data, r->unparsed_uri.len); } else { if (r->valid_location) { - b->last = ngx_copy(b->last, u->conf->uri.data, u->conf->uri.len); + b->last = ngx_copy(b->last, ctx->vars.uri.data, ctx->vars.uri.len); } if (escape) { @@ -809,18 +929,18 @@ ngx_http_proxy_create_request(ngx_http_r static ngx_int_t ngx_http_proxy_reinit_request(ngx_http_request_t *r) { - ngx_http_proxy_ctx_t *p; - - p = ngx_http_get_module_ctx(r, ngx_http_proxy_module); - - if (p == NULL) { + ngx_http_proxy_ctx_t *ctx; + + ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module); + + if (ctx == NULL) { return NGX_OK; } - p->status = 0; - p->status_count = 0; - p->status_start = NULL; - p->status_end = NULL; + ctx->status = 0; + ctx->status_count = 0; + ctx->status_start = NULL; + ctx->status_end = NULL; r->upstream->process_header = ngx_http_proxy_process_status_line; @@ -833,15 +953,15 @@ ngx_http_proxy_process_status_line(ngx_h { ngx_int_t rc; ngx_http_upstream_t *u; - ngx_http_proxy_ctx_t *p; - - p = ngx_http_get_module_ctx(r, ngx_http_proxy_module); - - if (p == NULL) { + ngx_http_proxy_ctx_t *ctx; + + ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module); + + if (ctx == NULL) { return NGX_HTTP_INTERNAL_SERVER_ERROR; } - rc = ngx_http_proxy_parse_status_line(r, p); + rc = ngx_http_proxy_parse_status_line(r, ctx); if (rc == NGX_AGAIN) { return rc; @@ -866,17 +986,17 @@ ngx_http_proxy_process_status_line(ngx_h return NGX_OK; } - u->headers_in.status_n = p->status; - u->state->status = p->status; - - u->headers_in.status_line.len = p->status_end - p->status_start; + u->headers_in.status_n = ctx->status; + u->state->status = ctx->status; + + u->headers_in.status_line.len = ctx->status_end - ctx->status_start; u->headers_in.status_line.data = ngx_palloc(r->pool, u->headers_in.status_line.len); if (u->headers_in.status_line.data == NULL) { return NGX_HTTP_INTERNAL_SERVER_ERROR; } - ngx_memcpy(u->headers_in.status_line.data, p->status_start, + ngx_memcpy(u->headers_in.status_line.data, ctx->status_start, u->headers_in.status_line.len); ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, @@ -890,10 +1010,11 @@ ngx_http_proxy_process_status_line(ngx_h static ngx_int_t -ngx_http_proxy_parse_status_line(ngx_http_request_t *r, ngx_http_proxy_ctx_t *p) +ngx_http_proxy_parse_status_line(ngx_http_request_t *r, + ngx_http_proxy_ctx_t *ctx) { u_char ch; - u_char *pos; + u_char *p; ngx_http_upstream_t *u; enum { sw_start = 0, @@ -915,8 +1036,8 @@ ngx_http_proxy_parse_status_line(ngx_htt state = r->state; - for (pos = u->buffer.pos; pos < u->buffer.last; pos++) { - ch = *pos; + for (p = u->buffer.pos; p < u->buffer.last; p++) { + ch = *p; switch (state) { @@ -1025,11 +1146,11 @@ ngx_http_proxy_parse_status_line(ngx_htt return NGX_HTTP_PROXY_PARSE_NO_HEADER; } - p->status = p->status * 10 + ch - '0'; - - if (++p->status_count == 3) { + ctx->status = ctx->status * 10 + ch - '0'; + + if (++ctx->status_count == 3) { state = sw_space_after_status; - p->status_start = pos - 2; + ctx->status_start = p - 2; } break; @@ -1067,7 +1188,7 @@ ngx_http_proxy_parse_status_line(ngx_htt /* end of status line */ case sw_almost_done: - p->status_end = pos - 1; + ctx->status_end = p - 1; switch (ch) { case LF: goto done; @@ -1077,17 +1198,17 @@ ngx_http_proxy_parse_status_line(ngx_htt } } - u->buffer.pos = pos; + u->buffer.pos = p; r->state = state; return NGX_AGAIN; done: - u->buffer.pos = pos + 1; - - if (p->status_end == NULL) { - p->status_end = pos; + u->buffer.pos = p + 1; + + if (ctx->status_end == NULL) { + ctx->status_end = p; } r->state = sw_start; @@ -1244,15 +1365,20 @@ static ngx_int_t ngx_http_proxy_host_variable(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data) { - ngx_http_proxy_loc_conf_t *plcf; - - plcf = ngx_http_get_module_loc_conf(r, ngx_http_proxy_module); - - v->len = plcf->host_header.len; + ngx_http_proxy_ctx_t *ctx; + + ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module); + + if (ctx == NULL) { + v->not_found = 1; + return NGX_OK; + } + + v->len = ctx->vars.host_header.len; v->valid = 1; v->no_cacheable = 0; v->not_found = 0; - v->data = plcf->host_header.data; + v->data = ctx->vars.host_header.data; return NGX_OK; } @@ -1262,15 +1388,20 @@ static ngx_int_t ngx_http_proxy_port_variable(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data) { - ngx_http_proxy_loc_conf_t *plcf; - - plcf = ngx_http_get_module_loc_conf(r, ngx_http_proxy_module); - - v->len = plcf->port.len; + ngx_http_proxy_ctx_t *ctx; + + ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module); + + if (ctx == NULL) { + v->not_found = 1; + return NGX_OK; + } + + v->len = ctx->vars.port.len; v->valid = 1; v->no_cacheable = 0; v->not_found = 0; - v->data = plcf->port.data; + v->data = ctx->vars.port.data; return NGX_OK; } @@ -1317,11 +1448,11 @@ static ngx_int_t ngx_http_proxy_internal_body_length_variable(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data) { - ngx_http_proxy_ctx_t *p; - - p = ngx_http_get_module_ctx(r, ngx_http_proxy_module); - - if (p == NULL) { + ngx_http_proxy_ctx_t *ctx; + + ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module); + + if (ctx == NULL) { v->not_found = 1; return NGX_OK; } @@ -1336,7 +1467,7 @@ ngx_http_proxy_internal_body_length_vari return NGX_ERROR; } - v->len = ngx_sprintf(v->data, "%uz", p->internal_body_length) - v->data; + v->len = ngx_sprintf(v->data, "%uz", ctx->internal_body_length) - v->data; return NGX_OK; } @@ -1740,7 +1871,7 @@ ngx_http_proxy_merge_loc_conf(ngx_conf_t conf->redirects = prev->redirects; } - if (conf->redirects == NULL && conf->upstream.url.data) { + if (conf->redirects == NULL && conf->url.data) { conf->redirects = ngx_array_create(cf->pool, 1, sizeof(ngx_http_proxy_redirect_t)); @@ -1754,10 +1885,10 @@ ngx_http_proxy_merge_loc_conf(ngx_conf_t } pr->handler = ngx_http_proxy_rewrite_redirect_text; - pr->redirect = conf->upstream.url; - - if (conf->upstream.uri.len) { - pr->replacement.text = conf->upstream.location; + pr->redirect = conf->url; + + if (conf->vars.uri.len) { + pr->replacement.text = conf->location; } else { pr->replacement.text.len = 0; @@ -1766,6 +1897,12 @@ ngx_http_proxy_merge_loc_conf(ngx_conf_t } } + /* STUB */ + if (prev->proxy_lengths) { + conf->proxy_lengths = prev->proxy_lengths; + conf->proxy_values = prev->proxy_values; + } + ngx_conf_merge_uint_value(conf->headers_hash_max_size, prev->headers_hash_max_size, 512); @@ -1879,8 +2016,7 @@ peers: if (conf->upstream.upstream == NULL) { conf->upstream.upstream = prev->upstream.upstream; - conf->host_header = prev->host_header; - conf->port = prev->port; + conf->vars = prev->vars; conf->upstream.schema = prev->upstream.schema; } @@ -2156,24 +2292,53 @@ ngx_http_proxy_pass(ngx_conf_t *cf, ngx_ { ngx_http_proxy_loc_conf_t *plcf = conf; - u_char *p; - size_t add; - u_short port; - ngx_str_t *value, *url; - ngx_url_t u; - ngx_http_core_loc_conf_t *clcf; -#if (NGX_HTTP_SSL) - ngx_pool_cleanup_t *cln; -#endif + size_t add; + u_short port; + ngx_str_t *value, *url; + ngx_url_t u; + ngx_uint_t n; + ngx_http_core_loc_conf_t *clcf; + ngx_http_script_compile_t sc; if (plcf->upstream.schema.len) { return "is duplicate"; } + clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module); + value = cf->args->elts; url = &value[1]; + n = ngx_http_script_variables_count(url); + + if (n) { + + ngx_memzero(&sc, sizeof(ngx_http_script_compile_t)); + + sc.cf = cf; + sc.source = url; + sc.lengths = &plcf->proxy_lengths; + sc.values = &plcf->proxy_values; + sc.variables = n; + sc.complete_lengths = 1; + sc.complete_values = 1; + + if (ngx_http_script_compile(&sc) != NGX_OK) { + return NGX_CONF_ERROR; + } + +#if (NGX_HTTP_SSL) + if (ngx_http_proxy_set_ssl(cf, plcf) != NGX_OK) { + return NGX_CONF_ERROR; + } +#endif + + clcf->handler = ngx_http_proxy_handler; + + return NGX_CONF_OK; + } + if (ngx_strncasecmp(url->data, (u_char *) "http://", 7) == 0) { add = 7; port = 80; @@ -2181,32 +2346,12 @@ ngx_http_proxy_pass(ngx_conf_t *cf, ngx_ } else if (ngx_strncasecmp(url->data, (u_char *) "https://", 8) == 0) { #if (NGX_HTTP_SSL) + if (ngx_http_proxy_set_ssl(cf, plcf) != NGX_OK) { + return NGX_CONF_ERROR; + } add = 8; port = 443; - - plcf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); - if (plcf->upstream.ssl == NULL) { - return NGX_CONF_ERROR; - } - - plcf->upstream.ssl->log = cf->log; - - if (ngx_ssl_create(plcf->upstream.ssl, - NGX_SSL_SSLv2|NGX_SSL_SSLv3|NGX_SSL_TLSv1, NULL) - != NGX_OK) - { - return NGX_CONF_ERROR; - } - - cln = ngx_pool_cleanup_add(cf->pool, 0); - if (cln == NULL) { - return NGX_CONF_ERROR; - } - - cln->handler = ngx_ssl_cleanup_ctx; - cln->data = plcf->upstream.ssl; - #else ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "https protocol requires SSL support"); @@ -2231,59 +2376,23 @@ ngx_http_proxy_pass(ngx_conf_t *cf, ngx_ return NGX_CONF_ERROR; } - if (!u.unix_socket) { - if (u.no_port || u.port == port) { - plcf->host_header = u.host; - - if (port == 80) { - plcf->port.len = sizeof("80") - 1; - plcf->port.data = (u_char *) "80"; - - } else { - plcf->port.len = sizeof("443") - 1; - plcf->port.data = (u_char *) "443"; - } - - } else { - p = ngx_palloc(cf->pool, u.host.len + sizeof(":65536") - 1); - if (p == NULL) { - return NGX_CONF_ERROR; - } - - plcf->host_header.len = ngx_sprintf(p, "%V:%d", &u.host, u.port) - - p; - plcf->host_header.data = p; - - plcf->port.len = plcf->host_header.len - u.host.len - 1; - plcf->port.data = p + u.host.len + 1; - } - - - } else { - plcf->host_header.len = sizeof("localhost") - 1; - plcf->host_header.data = (u_char *) "localhost"; - plcf->port.len = 0; - plcf->port.data = (u_char *) ""; + if (ngx_http_proxy_set_vars(cf->pool, &u, &plcf->vars) != NGX_OK) { + return NGX_CONF_ERROR; } - plcf->upstream.uri = u.uri; - plcf->upstream.schema.len = add; plcf->upstream.schema.data = url->data; - - clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module); + plcf->location = clcf->name; clcf->handler = ngx_http_proxy_handler; - plcf->upstream.location = clcf->name; - if (clcf->named #if (NGX_PCRE) || clcf->regex #endif || clcf->noname) { - if (plcf->upstream.uri.len) { + if (plcf->vars.uri.len) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "\"proxy_pass\" may not have URI part in " "location given by regular expression, " @@ -2293,10 +2402,10 @@ ngx_http_proxy_pass(ngx_conf_t *cf, ngx_ return NGX_CONF_ERROR; } - plcf->upstream.location.len = 0; + plcf->location.len = 0; } - plcf->upstream.url = *url; + plcf->url = *url; if (clcf->name.data[clcf->name.len - 1] == '/') { clcf->auto_redirect = 1; @@ -2342,7 +2451,7 @@ ngx_http_proxy_redirect(ngx_conf_t *cf, } if (cf->args->nelts == 2 && ngx_strcmp(value[1].data, "default") == 0) { - if (plcf->upstream.url.data == NULL) { + if (plcf->url.data == NULL) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "\"proxy_rewrite_location default\" must go " "after the \"proxy_pass\" directive"); @@ -2350,10 +2459,10 @@ ngx_http_proxy_redirect(ngx_conf_t *cf, } pr->handler = ngx_http_proxy_rewrite_redirect_text; - pr->redirect = plcf->upstream.url; - - if (plcf->upstream.uri.len) { - pr->replacement.text = plcf->upstream.location; + pr->redirect = plcf->url; + + if (plcf->vars.uri.len) { + pr->replacement.text = plcf->location; } else { pr->replacement.text.len = 0; @@ -2495,3 +2604,83 @@ ngx_http_proxy_upstream_fail_timeout_uns return NGX_CONF_ERROR; } + + +#if (NGX_HTTP_SSL) + +static ngx_int_t +ngx_http_proxy_set_ssl(ngx_conf_t *cf, ngx_http_proxy_loc_conf_t *plcf) +{ + ngx_pool_cleanup_t *cln; + + plcf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); + if (plcf->upstream.ssl == NULL) { + return NGX_ERROR; + } + + plcf->upstream.ssl->log = cf->log; + + if (ngx_ssl_create(plcf->upstream.ssl, + NGX_SSL_SSLv2|NGX_SSL_SSLv3|NGX_SSL_TLSv1, NULL) + != NGX_OK) + { + return NGX_ERROR; + } + + cln = ngx_pool_cleanup_add(cf->pool, 0); + if (cln == NULL) { + return NGX_ERROR; + } + + cln->handler = ngx_ssl_cleanup_ctx; + cln->data = plcf->upstream.ssl; + + return NGX_OK; +} + +#endif + + +static ngx_int_t +ngx_http_proxy_set_vars(ngx_pool_t *pool, ngx_url_t *u, + ngx_http_proxy_vars_t *v) +{ + u_char *p; + + if (!u->unix_socket) { + if (u->no_port || u->port == u->default_port) { + v->host_header = u->host; + + if (u->default_port == 80) { + v->port.len = sizeof("80") - 1; + v->port.data = (u_char *) "80"; + + } else { + v->port.len = sizeof("443") - 1; + v->port.data = (u_char *) "443"; + } + + } else { + p = ngx_palloc(pool, u->host.len + sizeof(":65536") - 1); + if (p == NULL) { + return NGX_ERROR; + } + + v->host_header.len = ngx_sprintf(p, "%V:%d", &u->host, u->port) - p; + v->host_header.data = p; + + v->port.len = v->host_header.len - u->host.len - 1; + v->port.data = p + u->host.len + 1; + } + + } else { + v->host_header.len = sizeof("localhost") - 1; + v->host_header.data = (u_char *) "localhost"; + v->port.len = 0; + v->port.data = (u_char *) ""; + } + + v->uri = u->uri; + + return NGX_OK; +} diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c --- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -2649,7 +2649,7 @@ ngx_http_log_error_handler(ngx_http_requ #endif p = ngx_snprintf(buf, len, ", upstream: \"%V%V%s%V\"", - &u->conf->schema, u->peer.name, + &u->schema, u->peer.name, uri_separator, &u->uri); len -= p - buf; buf = p; diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c --- a/src/http/ngx_http_upstream.c +++ b/src/http/ngx_http_upstream.c @@ -9,6 +9,7 @@ #include +static void ngx_http_upstream_resolve_handler(ngx_resolver_ctx_t *ctx); static void ngx_http_upstream_rd_check_broken_connection(ngx_http_request_t *r); static void ngx_http_upstream_wr_check_broken_connection(ngx_http_request_t *r); static void ngx_http_upstream_check_broken_connection(ngx_http_request_t *r, @@ -283,10 +284,15 @@ static ngx_http_variable_t ngx_http_ups void ngx_http_upstream_init(ngx_http_request_t *r) { - ngx_connection_t *c; - ngx_http_cleanup_t *cln; - ngx_http_upstream_t *u; - ngx_http_core_loc_conf_t *clcf; + ngx_str_t *host; + ngx_uint_t i; + ngx_connection_t *c; + ngx_resolver_ctx_t *ctx, temp; + ngx_http_cleanup_t *cln; + ngx_http_upstream_t *u; + ngx_http_core_loc_conf_t *clcf; + ngx_http_upstream_srv_conf_t *uscf, **uscfp; + ngx_http_upstream_main_conf_t *umcf; c = r->connection; @@ -320,11 +326,6 @@ ngx_http_upstream_init(ngx_http_request_ u->request_bufs = r->request_body->bufs; } - if (u->conf->upstream->peer.init(r, u->conf->upstream) != NGX_OK) { - ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); - return; - } - if (u->create_request(r) != NGX_OK) { ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); return; @@ -332,7 +333,7 @@ ngx_http_upstream_init(ngx_http_request_ clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module); - u->output.sendfile = r->connection->sendfile; + u->output.sendfile = c->sendfile; u->output.pool = r->pool; u->output.bufs.num = 1; u->output.bufs.size = clcf->client_body_buffer_size; @@ -374,11 +375,125 @@ ngx_http_upstream_init(ngx_http_request_ u->store = (u->conf->store || u->conf->store_lengths); + if (u->resolved == NULL) { + + uscf = u->conf->upstream; + + } else { + + host = &r->upstream->resolved->host; + + umcf = ngx_http_get_module_main_conf(r, ngx_http_upstream_module); + + uscfp = umcf->upstreams.elts; + + for (i = 0; i < umcf->upstreams.nelts; i++) { + + uscf = uscfp[i]; + + if (uscf->host.len == host->len + && ngx_memcmp(uscf->host.data, host->data, host->len) == 0) + { + goto found; + } + } + + if (clcf->resolver == NULL) { + ngx_log_error(NGX_LOG_ERR, c->log, 0, + "no resolver defined to resolve %V", host); + ngx_http_finalize_request(r, NGX_HTTP_BAD_GATEWAY); + return; + } + + temp.name = *host; + + ctx = ngx_resolve_start(clcf->resolver, &temp); + if (ctx == NULL) { + ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); + return; + } + + ctx->name = *host; + ctx->type = NGX_RESOLVE_A; + ctx->handler = ngx_http_upstream_resolve_handler; + ctx->data = r; + ctx->timeout = clcf->resolver_timeout; + + u->resolved->ctx = ctx; + + if (ngx_resolve_name(ctx) != NGX_OK) { + ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); + return; + } + + return; + } + +found: + + if (uscf->peer.init(r, uscf) != NGX_OK) { + ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); + return; + } + ngx_http_upstream_connect(r, u); } static void +ngx_http_upstream_resolve_handler(ngx_resolver_ctx_t *ctx) +{ + ngx_http_request_t *r; + ngx_http_upstream_resolved_t *ur; + + r = ctx->data; + + r->upstream->resolved->ctx = NULL; + + if (ctx->state) { + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, + "%V could not be resolved (%i: %s)", + &ctx->name, ctx->state, + ngx_resolver_strerror(ctx->state)); + + ngx_resolve_name_done(ctx); + ngx_http_finalize_request(r, NGX_HTTP_BAD_GATEWAY); + return; + } + + ur = r->upstream->resolved; + ur->naddrs = ctx->naddrs; + ur->addrs = ctx->addrs; + +#if (NGX_DEBUG) + { + in_addr_t addr; + ngx_uint_t i; + + for (i = 0; i < ctx->naddrs; i++) { + addr = ntohl(ur->addrs[i]); + + ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, + "name was resolved to %ud.%ud.%ud.%ud", + (addr >> 24) & 0xff, (addr >> 16) & 0xff, + (addr >> 8) & 0xff, addr & 0xff); + } + } +#endif + + if (ngx_http_upstream_create_round_robin_peer(r, ur) != NGX_OK) { + ngx_resolve_name_done(ctx); + ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); + return; + } + + ngx_resolve_name_done(ctx); + + ngx_http_upstream_connect(r, r->upstream); +} + + +static void ngx_http_upstream_rd_check_broken_connection(ngx_http_request_t *r) { ngx_http_upstream_check_broken_connection(r, r->connection->read); @@ -549,6 +664,7 @@ ngx_http_upstream_connect(ngx_http_reque tp = ngx_timeofday(); u->state->response_sec = tp->sec; u->state->response_msec = tp->msec; + u->state->peer = u->peer.name; rc = ngx_event_connect_peer(&u->peer); @@ -561,8 +677,6 @@ ngx_http_upstream_connect(ngx_http_reque return; } - u->state->peer = u->peer.name; - if (rc == NGX_BUSY) { ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "no live upstreams"); ngx_http_upstream_next(r, u, NGX_HTTP_UPSTREAM_FT_NOLIVE); @@ -638,7 +752,7 @@ ngx_http_upstream_connect(ngx_http_reque #if (NGX_HTTP_SSL) - if (u->conf->ssl && c->ssl == NULL) { + if (u->ssl && c->ssl == NULL) { ngx_http_upstream_ssl_init_connection(r, u, c); return; } @@ -893,7 +1007,7 @@ ngx_http_upstream_send_request_handler(n #if (NGX_HTTP_SSL) - if (u->conf->ssl && c->ssl == NULL) { + if (u->ssl && c->ssl == NULL) { ngx_http_upstream_ssl_init_connection(r, u, c); return; } @@ -2260,6 +2374,10 @@ ngx_http_upstream_cleanup(void *data) ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "cleanup http upstream request: \"%V\"", &r->uri); + if (r->upstream->resolved && r->upstream->resolved->ctx) { + ngx_resolve_name_done(r->upstream->resolved->ctx); + } + ngx_http_upstream_finalize_request(r, r->upstream, NGX_DONE); } @@ -2275,7 +2393,7 @@ ngx_http_upstream_finalize_request(ngx_h *u->cleanup = NULL; - if (u->state->response_sec) { + if (u->state && u->state->response_sec) { tp = ngx_timeofday(); u->state->response_sec = tp->sec - u->state->response_sec; u->state->response_msec = tp->msec - u->state->response_msec; @@ -2283,7 +2401,9 @@ ngx_http_upstream_finalize_request(ngx_h u->finalize_request(r, rc); - u->peer.free(&u->peer, u->peer.data, 0); + if (u->peer.free) { + u->peer.free(&u->peer, u->peer.data, 0); + } if (u->peer.connection) { diff --git a/src/http/ngx_http_upstream.h b/src/http/ngx_http_upstream.h --- a/src/http/ngx_http_upstream.h +++ b/src/http/ngx_http_upstream.h @@ -138,9 +138,6 @@ typedef struct { ngx_array_t *pass_headers; ngx_str_t schema; - ngx_str_t uri; - ngx_str_t location; - ngx_str_t url; /* used in proxy_rewrite_location */ ngx_array_t *store_lengths; ngx_array_t *store_values; @@ -199,6 +196,15 @@ typedef struct { } ngx_http_upstream_headers_in_t; +typedef struct { + ngx_str_t host; + in_port_t port; + ngx_uint_t naddrs; + in_addr_t *addrs; + ngx_resolver_ctx_t *ctx; +} ngx_http_upstream_resolved_t; + + struct ngx_http_upstream_s { ngx_peer_connection_t peer; @@ -213,6 +219,8 @@ struct ngx_http_upstream_s { ngx_http_upstream_headers_in_t headers_in; + ngx_http_upstream_resolved_t *resolved; + ngx_buf_t buffer; size_t length; @@ -235,10 +243,10 @@ struct ngx_http_upstream_s { ngx_msec_t timeout; - ngx_str_t method; - ngx_http_upstream_state_t *state; + ngx_str_t method; + ngx_str_t schema; ngx_str_t uri; ngx_http_cleanup_pt *cleanup; @@ -246,6 +254,7 @@ struct ngx_http_upstream_s { unsigned store:1; unsigned cacheable:1; unsigned accel:1; + unsigned ssl:1; unsigned buffering:1; diff --git a/src/http/ngx_http_upstream_round_robin.c b/src/http/ngx_http_upstream_round_robin.c --- a/src/http/ngx_http_upstream_round_robin.c +++ b/src/http/ngx_http_upstream_round_robin.c @@ -247,6 +247,100 @@ ngx_http_upstream_init_round_robin_peer( ngx_int_t +ngx_http_upstream_create_round_robin_peer(ngx_http_request_t *r, + ngx_http_upstream_resolved_t *ur) +{ + u_char *p; + size_t len; + ngx_uint_t i, n; + struct sockaddr_in *sin; + ngx_http_upstream_rr_peers_t *peers; + ngx_http_upstream_rr_peer_data_t *rrp; + + rrp = r->upstream->peer.data; + + if (rrp == NULL) { + rrp = ngx_palloc(r->pool, sizeof(ngx_http_upstream_rr_peer_data_t)); + if (rrp == NULL) { + return NGX_ERROR; + } + + r->upstream->peer.data = rrp; + } + + peers = ngx_pcalloc(r->pool, sizeof(ngx_http_upstream_rr_peers_t) + + sizeof(ngx_http_upstream_rr_peer_t) * (ur->naddrs - 1)); + if (peers == NULL) { + return NGX_ERROR; + } + + peers->single = (ur->naddrs == 1); + peers->number = ur->naddrs; + peers->name = &ur->host; + + for (i = 0; i < ur->naddrs; i++) { + + len = INET_ADDRSTRLEN - 1 + 1 + sizeof(":65536") - 1; + + p = ngx_palloc(r->pool, len); + if (p == NULL) { + return NGX_ERROR; + } + + len = ngx_inet_ntop(AF_INET, &ur->addrs[i], p, INET_ADDRSTRLEN); + len = ngx_sprintf(&p[len], ":%d", ur->port) - p; + + sin = ngx_pcalloc(r->pool, sizeof(struct sockaddr_in)); + if (sin == NULL) { + return NGX_ERROR; + } + + sin->sin_family = AF_INET; + sin->sin_port = htons(ur->port); + sin->sin_addr.s_addr = ur->addrs[i]; + + peers->peer[i].sockaddr = (struct sockaddr *) sin; + peers->peer[i].socklen = sizeof(struct sockaddr_in); + peers->peer[i].name.len = len; + peers->peer[i].name.data = p; + peers->peer[i].weight = 1; + peers->peer[i].current_weight = 1; + peers->peer[i].max_fails = 1; + peers->peer[i].fail_timeout = 10; + } + + rrp->peers = peers; + rrp->current = 0; + + if (rrp->peers->number <= 8 * sizeof(uintptr_t)) { + rrp->tried = &rrp->data; + rrp->data = 0; + + } else { + n = (rrp->peers->number + (8 * sizeof(uintptr_t) - 1)) + / (8 * sizeof(uintptr_t)); + + rrp->tried = ngx_pcalloc(r->pool, n * sizeof(uintptr_t)); + if (rrp->tried == NULL) { + return NGX_ERROR; + } + } + + r->upstream->peer.get = ngx_http_upstream_get_round_robin_peer; + r->upstream->peer.free = ngx_http_upstream_free_round_robin_peer; + r->upstream->peer.tries = rrp->peers->number; +#if (NGX_HTTP_SSL) + r->upstream->peer.set_session = + ngx_http_upstream_set_round_robin_peer_session; + r->upstream->peer.save_session = + ngx_http_upstream_save_round_robin_peer_session; +#endif + + return NGX_OK; +} + + +ngx_int_t ngx_http_upstream_get_round_robin_peer(ngx_peer_connection_t *pc, void *data) { ngx_http_upstream_rr_peer_data_t *rrp = data; diff --git a/src/http/ngx_http_upstream_round_robin.h b/src/http/ngx_http_upstream_round_robin.h --- a/src/http/ngx_http_upstream_round_robin.h +++ b/src/http/ngx_http_upstream_round_robin.h @@ -65,6 +65,8 @@ ngx_int_t ngx_http_upstream_init_round_r ngx_http_upstream_srv_conf_t *us); ngx_int_t ngx_http_upstream_init_round_robin_peer(ngx_http_request_t *r, ngx_http_upstream_srv_conf_t *us); +ngx_int_t ngx_http_upstream_create_round_robin_peer(ngx_http_request_t *r, + ngx_http_upstream_resolved_t *ur); ngx_int_t ngx_http_upstream_get_round_robin_peer(ngx_peer_connection_t *pc, void *data); void ngx_http_upstream_free_round_robin_peer(ngx_peer_connection_t *pc,