Mercurial > hg > nginx-quic
annotate src/stream/ngx_stream_upstream.h @ 6749:f88a145b093e stable-1.10
HTTP/2: the "421 Misdirected Request" response (closes #848).
Since 4fbef397c753 nginx rejects with the 400 error any attempts of
requesting different host over the same connection, if the relevant
virtual server requires verification of a client certificate.
While requesting hosts other than negotiated isn't something legal
in HTTP/1.x, the HTTP/2 specification explicitly permits such requests
for connection reuse and has introduced a special response code 421.
According to RFC 7540 Section 9.1.2 this code can be sent by a server
that is not configured to produce responses for the combination of
scheme and authority that are included in the request URI. And the
client may retry the request over a different connection.
Now this code is used for requests that aren't authorized in current
connection. After receiving the 421 response a client will be able
to open a new connection, provide the required certificate and retry
the request.
Unfortunately, not all clients currently are able to handle it well.
Notably Chrome just shows an error, while at least the latest version
of Firefox retries the request over a new connection.
author | Valentin Bartenev <vbart@nginx.com> |
---|---|
date | Fri, 20 May 2016 18:41:17 +0300 |
parents | 8f038068f4bc |
children | 9757cffc1e2f |
rev | line source |
---|---|
6115 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4 * Copyright (C) Nginx, Inc. | |
5 */ | |
6 | |
7 | |
8 #ifndef _NGX_STREAM_UPSTREAM_H_INCLUDED_ | |
9 #define _NGX_STREAM_UPSTREAM_H_INCLUDED_ | |
10 | |
11 | |
12 #include <ngx_config.h> | |
13 #include <ngx_core.h> | |
14 #include <ngx_stream.h> | |
15 #include <ngx_event_connect.h> | |
16 | |
17 | |
18 #define NGX_STREAM_UPSTREAM_CREATE 0x0001 | |
19 #define NGX_STREAM_UPSTREAM_WEIGHT 0x0002 | |
20 #define NGX_STREAM_UPSTREAM_MAX_FAILS 0x0004 | |
21 #define NGX_STREAM_UPSTREAM_FAIL_TIMEOUT 0x0008 | |
22 #define NGX_STREAM_UPSTREAM_DOWN 0x0010 | |
23 #define NGX_STREAM_UPSTREAM_BACKUP 0x0020 | |
24 | |
25 | |
26 typedef struct { | |
27 ngx_array_t upstreams; | |
28 /* ngx_stream_upstream_srv_conf_t */ | |
29 } ngx_stream_upstream_main_conf_t; | |
30 | |
31 | |
32 typedef struct ngx_stream_upstream_srv_conf_s ngx_stream_upstream_srv_conf_t; | |
33 | |
34 | |
35 typedef ngx_int_t (*ngx_stream_upstream_init_pt)(ngx_conf_t *cf, | |
36 ngx_stream_upstream_srv_conf_t *us); | |
37 typedef ngx_int_t (*ngx_stream_upstream_init_peer_pt)(ngx_stream_session_t *s, | |
38 ngx_stream_upstream_srv_conf_t *us); | |
39 | |
40 | |
41 typedef struct { | |
42 ngx_stream_upstream_init_pt init_upstream; | |
43 ngx_stream_upstream_init_peer_pt init; | |
44 void *data; | |
45 } ngx_stream_upstream_peer_t; | |
46 | |
47 | |
48 typedef struct { | |
49 ngx_str_t name; | |
50 ngx_addr_t *addrs; | |
51 ngx_uint_t naddrs; | |
52 ngx_uint_t weight; | |
53 ngx_uint_t max_fails; | |
54 time_t fail_timeout; | |
55 | |
56 unsigned down:1; | |
57 unsigned backup:1; | |
58 } ngx_stream_upstream_server_t; | |
59 | |
60 | |
61 struct ngx_stream_upstream_srv_conf_s { | |
62 ngx_stream_upstream_peer_t peer; | |
63 void **srv_conf; | |
64 | |
65 ngx_array_t *servers; | |
66 /* ngx_stream_upstream_server_t */ | |
67 | |
68 ngx_uint_t flags; | |
69 ngx_str_t host; | |
70 u_char *file_name; | |
71 ngx_uint_t line; | |
72 in_port_t port; | |
73 ngx_uint_t no_port; /* unsigned no_port:1 */ | |
74 | |
75 #if (NGX_STREAM_UPSTREAM_ZONE) | |
76 ngx_shm_zone_t *shm_zone; | |
77 #endif | |
78 }; | |
79 | |
80 | |
81 typedef struct { | |
82 ngx_peer_connection_t peer; | |
83 ngx_buf_t downstream_buf; | |
84 ngx_buf_t upstream_buf; | |
85 off_t received; | |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
86 time_t start_sec; |
6436 | 87 ngx_uint_t responses; |
6115 | 88 #if (NGX_STREAM_SSL) |
89 ngx_str_t ssl_name; | |
90 #endif | |
6202
6345822f0abb
Stream: upstream "connected" flag.
Roman Arutyunyan <arut@nginx.com>
parents:
6201
diff
changeset
|
91 unsigned connected:1; |
6345822f0abb
Stream: upstream "connected" flag.
Roman Arutyunyan <arut@nginx.com>
parents:
6201
diff
changeset
|
92 unsigned proxy_protocol:1; |
6115 | 93 } ngx_stream_upstream_t; |
94 | |
95 | |
96 ngx_stream_upstream_srv_conf_t *ngx_stream_upstream_add(ngx_conf_t *cf, | |
97 ngx_url_t *u, ngx_uint_t flags); | |
98 | |
99 | |
100 #define ngx_stream_conf_upstream_srv_conf(uscf, module) \ | |
101 uscf->srv_conf[module.ctx_index] | |
102 | |
103 | |
104 extern ngx_module_t ngx_stream_upstream_module; | |
105 | |
106 | |
107 #endif /* _NGX_STREAM_UPSTREAM_H_INCLUDED_ */ |