Mercurial > hg > nginx-quic
annotate src/stream/ngx_stream_handler.c @ 8551:c35b255d80dc quic
HTTP/3: close connection on keepalive_requests * 2.
After receiving GOAWAY, client is not supposed to create new streams. However,
until client reads this frame, we allow it to create new streams, which are
gracefully rejected. To prevent client from abusing this algorithm, a new
limit is introduced. Upon reaching keepalive_requests * 2, server now closes
the entire QUIC connection claiming excessive load.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Thu, 29 Jul 2021 16:01:37 +0300 |
parents | e96c20b6f655 |
children | 2706d27d2c76 |
rev | line source |
---|---|
6115 | 1 |
2 /* | |
3 * Copyright (C) Roman Arutyunyan | |
4 * Copyright (C) Nginx, Inc. | |
5 */ | |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 #include <ngx_event.h> | |
11 #include <ngx_stream.h> | |
12 | |
13 | |
6693 | 14 static void ngx_stream_log_session(ngx_stream_session_t *s); |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6669
diff
changeset
|
15 static void ngx_stream_close_connection(ngx_connection_t *c); |
6115 | 16 static u_char *ngx_stream_log_error(ngx_log_t *log, u_char *buf, size_t len); |
6680
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
17 static void ngx_stream_proxy_protocol_handler(ngx_event_t *rev); |
6115 | 18 |
19 | |
20 void | |
21 ngx_stream_init_connection(ngx_connection_t *c) | |
22 { | |
6175 | 23 u_char text[NGX_SOCKADDR_STRLEN]; |
24 size_t len; | |
25 ngx_uint_t i; | |
6669
164a0824ce20
Stream: the $session_time variable.
Vladimir Homutov <vl@nginx.com>
parents:
6607
diff
changeset
|
26 ngx_time_t *tp; |
6679
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
27 ngx_event_t *rev; |
6175 | 28 struct sockaddr *sa; |
29 ngx_stream_port_t *port; | |
30 struct sockaddr_in *sin; | |
31 ngx_stream_in_addr_t *addr; | |
32 ngx_stream_session_t *s; | |
33 ngx_stream_addr_conf_t *addr_conf; | |
6115 | 34 #if (NGX_HAVE_INET6) |
6175 | 35 struct sockaddr_in6 *sin6; |
36 ngx_stream_in6_addr_t *addr6; | |
6115 | 37 #endif |
6175 | 38 ngx_stream_core_srv_conf_t *cscf; |
39 ngx_stream_core_main_conf_t *cmcf; | |
6115 | 40 |
41 /* find the server configuration for the address:port */ | |
42 | |
43 port = c->listening->servers; | |
44 | |
45 if (port->naddrs > 1) { | |
46 | |
47 /* | |
48 * There are several addresses on this port and one of them | |
49 * is the "*:port" wildcard so getsockname() is needed to determine | |
50 * the server address. | |
51 * | |
6436 | 52 * AcceptEx() and recvmsg() already gave this address. |
6115 | 53 */ |
54 | |
55 if (ngx_connection_local_sockaddr(c, NULL, 0) != NGX_OK) { | |
56 ngx_stream_close_connection(c); | |
57 return; | |
58 } | |
59 | |
60 sa = c->local_sockaddr; | |
61 | |
62 switch (sa->sa_family) { | |
63 | |
64 #if (NGX_HAVE_INET6) | |
65 case AF_INET6: | |
66 sin6 = (struct sockaddr_in6 *) sa; | |
67 | |
68 addr6 = port->addrs; | |
69 | |
70 /* the last address is "*" */ | |
71 | |
72 for (i = 0; i < port->naddrs - 1; i++) { | |
73 if (ngx_memcmp(&addr6[i].addr6, &sin6->sin6_addr, 16) == 0) { | |
74 break; | |
75 } | |
76 } | |
77 | |
78 addr_conf = &addr6[i].conf; | |
79 | |
80 break; | |
81 #endif | |
82 | |
83 default: /* AF_INET */ | |
84 sin = (struct sockaddr_in *) sa; | |
85 | |
86 addr = port->addrs; | |
87 | |
88 /* the last address is "*" */ | |
89 | |
90 for (i = 0; i < port->naddrs - 1; i++) { | |
91 if (addr[i].addr == sin->sin_addr.s_addr) { | |
92 break; | |
93 } | |
94 } | |
95 | |
96 addr_conf = &addr[i].conf; | |
97 | |
98 break; | |
99 } | |
100 | |
101 } else { | |
102 switch (c->local_sockaddr->sa_family) { | |
103 | |
104 #if (NGX_HAVE_INET6) | |
105 case AF_INET6: | |
106 addr6 = port->addrs; | |
107 addr_conf = &addr6[0].conf; | |
108 break; | |
109 #endif | |
110 | |
111 default: /* AF_INET */ | |
112 addr = port->addrs; | |
113 addr_conf = &addr[0].conf; | |
114 break; | |
115 } | |
116 } | |
117 | |
8000
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
118 #if (NGX_STREAM_QUIC) |
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
119 |
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
120 if (addr_conf->quic) { |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8001
diff
changeset
|
121 ngx_quic_conf_t *qcf; |
8000
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
122 |
8200
279ad36f2f4b
QUIC: renamed c->qs to c->quic.
Roman Arutyunyan <arut@nginx.com>
parents:
8101
diff
changeset
|
123 if (c->quic == NULL) { |
8000
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
124 c->log->connection = c->number; |
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
125 |
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
126 qcf = ngx_stream_get_module_srv_conf(addr_conf->ctx, |
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
127 ngx_stream_quic_module); |
8101
bed310672f39
QUIC: moved ssl configuration pointer to quic configuration.
Vladimir Homutov <vl@nginx.com>
parents:
8001
diff
changeset
|
128 ngx_quic_run(c, qcf); |
8000
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
129 return; |
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
130 } |
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
131 } |
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
132 |
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
133 #endif |
893b3313f53c
QUIC: added "quic" listen parameter in Stream.
Roman Arutyunyan <arut@nginx.com>
parents:
6693
diff
changeset
|
134 |
6115 | 135 s = ngx_pcalloc(c->pool, sizeof(ngx_stream_session_t)); |
136 if (s == NULL) { | |
137 ngx_stream_close_connection(c); | |
138 return; | |
139 } | |
140 | |
141 s->signature = NGX_STREAM_MODULE; | |
142 s->main_conf = addr_conf->ctx->main_conf; | |
143 s->srv_conf = addr_conf->ctx->srv_conf; | |
144 | |
6679
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
145 #if (NGX_STREAM_SSL) |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
146 s->ssl = addr_conf->ssl; |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
147 #endif |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
148 |
8506
e96c20b6f655
QUIC: fixed client certificates verification in stream.
Vladimir Homutov <vl@nginx.com>
parents:
8200
diff
changeset
|
149 #if (NGX_STREAM_QUIC) |
e96c20b6f655
QUIC: fixed client certificates verification in stream.
Vladimir Homutov <vl@nginx.com>
parents:
8200
diff
changeset
|
150 s->ssl |= addr_conf->quic; |
e96c20b6f655
QUIC: fixed client certificates verification in stream.
Vladimir Homutov <vl@nginx.com>
parents:
8200
diff
changeset
|
151 #endif |
e96c20b6f655
QUIC: fixed client certificates verification in stream.
Vladimir Homutov <vl@nginx.com>
parents:
8200
diff
changeset
|
152 |
6692 | 153 if (c->buffer) { |
154 s->received += c->buffer->last - c->buffer->pos; | |
155 } | |
156 | |
6115 | 157 s->connection = c; |
158 c->data = s; | |
159 | |
160 cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); | |
161 | |
6129
187aa751ad62
Core: the ngx_set_connection_log() macro.
Vladimir Homutov <vl@nginx.com>
parents:
6115
diff
changeset
|
162 ngx_set_connection_log(c, cscf->error_log); |
6115 | 163 |
164 len = ngx_sock_ntop(c->sockaddr, c->socklen, text, NGX_SOCKADDR_STRLEN, 1); | |
165 | |
6461
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
166 ngx_log_error(NGX_LOG_INFO, c->log, 0, "*%uA %sclient %*s connected to %V", |
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
167 c->number, c->type == SOCK_DGRAM ? "udp " : "", |
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
168 len, text, &addr_conf->addr_text); |
6115 | 169 |
170 c->log->connection = c->number; | |
171 c->log->handler = ngx_stream_log_error; | |
172 c->log->data = s; | |
6693 | 173 c->log->action = "initializing session"; |
6115 | 174 c->log_error = NGX_ERROR_INFO; |
175 | |
6682
db422604ceb0
Stream: allow using the session context inside handlers.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6680
diff
changeset
|
176 s->ctx = ngx_pcalloc(c->pool, sizeof(void *) * ngx_stream_max_module); |
db422604ceb0
Stream: allow using the session context inside handlers.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6680
diff
changeset
|
177 if (s->ctx == NULL) { |
db422604ceb0
Stream: allow using the session context inside handlers.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6680
diff
changeset
|
178 ngx_stream_close_connection(c); |
db422604ceb0
Stream: allow using the session context inside handlers.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6680
diff
changeset
|
179 return; |
db422604ceb0
Stream: allow using the session context inside handlers.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6680
diff
changeset
|
180 } |
db422604ceb0
Stream: allow using the session context inside handlers.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6680
diff
changeset
|
181 |
6175 | 182 cmcf = ngx_stream_get_module_main_conf(s, ngx_stream_core_module); |
183 | |
6607
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6461
diff
changeset
|
184 s->variables = ngx_pcalloc(s->connection->pool, |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6461
diff
changeset
|
185 cmcf->variables.nelts |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6461
diff
changeset
|
186 * sizeof(ngx_stream_variable_value_t)); |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6461
diff
changeset
|
187 |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6461
diff
changeset
|
188 if (s->variables == NULL) { |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6461
diff
changeset
|
189 ngx_stream_close_connection(c); |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6461
diff
changeset
|
190 return; |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6461
diff
changeset
|
191 } |
c70b7f4537e1
Stream: variables and script.
Vladimir Homutov <vl@nginx.com>
parents:
6461
diff
changeset
|
192 |
6669
164a0824ce20
Stream: the $session_time variable.
Vladimir Homutov <vl@nginx.com>
parents:
6607
diff
changeset
|
193 tp = ngx_timeofday(); |
164a0824ce20
Stream: the $session_time variable.
Vladimir Homutov <vl@nginx.com>
parents:
6607
diff
changeset
|
194 s->start_sec = tp->sec; |
164a0824ce20
Stream: the $session_time variable.
Vladimir Homutov <vl@nginx.com>
parents:
6607
diff
changeset
|
195 s->start_msec = tp->msec; |
164a0824ce20
Stream: the $session_time variable.
Vladimir Homutov <vl@nginx.com>
parents:
6607
diff
changeset
|
196 |
6679
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
197 rev = c->read; |
6693 | 198 rev->handler = ngx_stream_session_handler; |
6679
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
199 |
6680
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
200 if (addr_conf->proxy_protocol) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
201 c->log->action = "reading PROXY protocol"; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
202 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
203 rev->handler = ngx_stream_proxy_protocol_handler; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
204 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
205 if (!rev->ready) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
206 ngx_add_timer(rev, cscf->proxy_protocol_timeout); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
207 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
208 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
209 ngx_stream_finalize_session(s, |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
210 NGX_STREAM_INTERNAL_SERVER_ERROR); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
211 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
212 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
213 return; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
214 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
215 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
216 |
6679
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
217 if (ngx_use_accept_mutex) { |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
218 ngx_post_event(rev, &ngx_posted_events); |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
219 return; |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
220 } |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
221 |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
222 rev->handler(rev); |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
223 } |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
224 |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
225 |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
226 static void |
6680
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
227 ngx_stream_proxy_protocol_handler(ngx_event_t *rev) |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
228 { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
229 u_char *p, buf[NGX_PROXY_PROTOCOL_MAX_HEADER]; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
230 size_t size; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
231 ssize_t n; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
232 ngx_err_t err; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
233 ngx_connection_t *c; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
234 ngx_stream_session_t *s; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
235 ngx_stream_core_srv_conf_t *cscf; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
236 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
237 c = rev->data; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
238 s = c->data; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
239 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
240 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
241 "stream PROXY protocol handler"); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
242 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
243 if (rev->timedout) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
244 ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
245 ngx_stream_finalize_session(s, NGX_STREAM_OK); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
246 return; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
247 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
248 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
249 n = recv(c->fd, (char *) buf, sizeof(buf), MSG_PEEK); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
250 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
251 err = ngx_socket_errno; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
252 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
253 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0, "recv(): %z", n); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
254 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
255 if (n == -1) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
256 if (err == NGX_EAGAIN) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
257 rev->ready = 0; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
258 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
259 if (!rev->timer_set) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
260 cscf = ngx_stream_get_module_srv_conf(s, |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
261 ngx_stream_core_module); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
262 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
263 ngx_add_timer(rev, cscf->proxy_protocol_timeout); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
264 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
265 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
266 if (ngx_handle_read_event(rev, 0) != NGX_OK) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
267 ngx_stream_finalize_session(s, |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
268 NGX_STREAM_INTERNAL_SERVER_ERROR); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
269 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
270 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
271 return; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
272 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
273 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
274 ngx_connection_error(c, err, "recv() failed"); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
275 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
276 ngx_stream_finalize_session(s, NGX_STREAM_OK); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
277 return; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
278 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
279 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
280 if (rev->timer_set) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
281 ngx_del_timer(rev); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
282 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
283 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
284 p = ngx_proxy_protocol_read(c, buf, buf + n); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
285 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
286 if (p == NULL) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
287 ngx_stream_finalize_session(s, NGX_STREAM_BAD_REQUEST); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
288 return; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
289 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
290 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
291 size = p - buf; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
292 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
293 if (c->recv(c, buf, size) != (ssize_t) size) { |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
294 ngx_stream_finalize_session(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
295 return; |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
296 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
297 |
6693 | 298 c->log->action = "initializing session"; |
299 | |
300 ngx_stream_session_handler(rev); | |
6680
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
301 } |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
302 |
7357abd1fa8c
Stream: the "proxy_protocol" parameter of the "listen" directive.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6679
diff
changeset
|
303 |
6693 | 304 void |
305 ngx_stream_session_handler(ngx_event_t *rev) | |
6679
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
306 { |
6693 | 307 ngx_connection_t *c; |
308 ngx_stream_session_t *s; | |
6679
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
309 |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
310 c = rev->data; |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
311 s = c->data; |
40e8ce405859
Stream: postpone session initialization under accept mutex.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6678
diff
changeset
|
312 |
6693 | 313 ngx_stream_core_run_phases(s); |
6115 | 314 } |
315 | |
316 | |
317 void | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6669
diff
changeset
|
318 ngx_stream_finalize_session(ngx_stream_session_t *s, ngx_uint_t rc) |
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6669
diff
changeset
|
319 { |
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6669
diff
changeset
|
320 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, |
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6669
diff
changeset
|
321 "finalize stream session: %i", rc); |
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6669
diff
changeset
|
322 |
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6669
diff
changeset
|
323 s->status = rc; |
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6669
diff
changeset
|
324 |
6693 | 325 ngx_stream_log_session(s); |
326 | |
327 ngx_stream_close_connection(s->connection); | |
328 } | |
329 | |
330 | |
331 static void | |
332 ngx_stream_log_session(ngx_stream_session_t *s) | |
333 { | |
334 ngx_uint_t i, n; | |
335 ngx_stream_handler_pt *log_handler; | |
336 ngx_stream_core_main_conf_t *cmcf; | |
337 | |
6678 | 338 cmcf = ngx_stream_get_module_main_conf(s, ngx_stream_core_module); |
339 | |
6693 | 340 log_handler = cmcf->phases[NGX_STREAM_LOG_PHASE].handlers.elts; |
341 n = cmcf->phases[NGX_STREAM_LOG_PHASE].handlers.nelts; | |
342 | |
343 for (i = 0; i < n; i++) { | |
344 log_handler[i](s); | |
6678 | 345 } |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6669
diff
changeset
|
346 } |
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6669
diff
changeset
|
347 |
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6669
diff
changeset
|
348 |
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6669
diff
changeset
|
349 static void |
6115 | 350 ngx_stream_close_connection(ngx_connection_t *c) |
351 { | |
352 ngx_pool_t *pool; | |
353 | |
354 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0, | |
355 "close stream connection: %d", c->fd); | |
356 | |
357 #if (NGX_STREAM_SSL) | |
358 | |
359 if (c->ssl) { | |
360 if (ngx_ssl_shutdown(c) == NGX_AGAIN) { | |
361 c->ssl->handler = ngx_stream_close_connection; | |
362 return; | |
363 } | |
364 } | |
365 | |
366 #endif | |
367 | |
368 #if (NGX_STAT_STUB) | |
369 (void) ngx_atomic_fetch_add(ngx_stat_active, -1); | |
370 #endif | |
371 | |
372 pool = c->pool; | |
373 | |
374 ngx_close_connection(c); | |
375 | |
376 ngx_destroy_pool(pool); | |
377 } | |
378 | |
379 | |
380 static u_char * | |
381 ngx_stream_log_error(ngx_log_t *log, u_char *buf, size_t len) | |
382 { | |
383 u_char *p; | |
384 ngx_stream_session_t *s; | |
385 | |
386 if (log->action) { | |
387 p = ngx_snprintf(buf, len, " while %s", log->action); | |
388 len -= p - buf; | |
389 buf = p; | |
390 } | |
391 | |
392 s = log->data; | |
393 | |
6461
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
394 p = ngx_snprintf(buf, len, ", %sclient: %V, server: %V", |
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
395 s->connection->type == SOCK_DGRAM ? "udp " : "", |
6115 | 396 &s->connection->addr_text, |
397 &s->connection->listening->addr_text); | |
6223
d1f94042c29c
Stream: fixed potential error log buffer overrun.
Vladimir Homutov <vl@nginx.com>
parents:
6221
diff
changeset
|
398 len -= p - buf; |
d1f94042c29c
Stream: fixed potential error log buffer overrun.
Vladimir Homutov <vl@nginx.com>
parents:
6221
diff
changeset
|
399 buf = p; |
6115 | 400 |
401 if (s->log_handler) { | |
6223
d1f94042c29c
Stream: fixed potential error log buffer overrun.
Vladimir Homutov <vl@nginx.com>
parents:
6221
diff
changeset
|
402 p = s->log_handler(log, buf, len); |
6115 | 403 } |
404 | |
405 return p; | |
406 } |