Mercurial > hg > nginx-quic
comparison src/http/modules/ngx_http_grpc_module.c @ 7233:2713b2dbf5bb
The gRPC proxy module.
The module allows passing requests to upstream gRPC servers.
The module is built by default as long as HTTP/2 support is compiled in.
Example configuration:
grpc_pass 127.0.0.1:9000;
Alternatively, the "grpc://" scheme can be used:
grpc_pass grpc://127.0.0.1:9000;
Keepalive support is available via the upstream keepalive module. Note
that keepalive connections won't currently work with grpc-go as it fails
to handle SETTINGS_HEADER_TABLE_SIZE.
To use with SSL:
grpc_pass grpcs://127.0.0.1:9000;
SSL connections use ALPN "h2" when available. At least grpc-go works fine
without ALPN, so if ALPN is not available we just establish a connection
without it.
Tested with grpc-c++ and grpc-go.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Sat, 17 Mar 2018 23:04:24 +0300 |
parents | |
children | c693daca57f7 |
comparison
equal
deleted
inserted
replaced
7232:a7ed15573ae9 | 7233:2713b2dbf5bb |
---|---|
1 | |
2 /* | |
3 * Copyright (C) Maxim Dounin | |
4 * Copyright (C) Nginx, Inc. | |
5 */ | |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 #include <ngx_http.h> | |
11 | |
12 | |
13 typedef struct { | |
14 ngx_array_t *flushes; | |
15 ngx_array_t *lengths; | |
16 ngx_array_t *values; | |
17 ngx_hash_t hash; | |
18 } ngx_http_grpc_headers_t; | |
19 | |
20 | |
21 typedef struct { | |
22 ngx_http_upstream_conf_t upstream; | |
23 | |
24 ngx_http_grpc_headers_t headers; | |
25 ngx_array_t *headers_source; | |
26 | |
27 ngx_str_t host; | |
28 ngx_uint_t host_set; | |
29 | |
30 #if (NGX_HTTP_SSL) | |
31 ngx_uint_t ssl; | |
32 ngx_uint_t ssl_protocols; | |
33 ngx_str_t ssl_ciphers; | |
34 ngx_uint_t ssl_verify_depth; | |
35 ngx_str_t ssl_trusted_certificate; | |
36 ngx_str_t ssl_crl; | |
37 ngx_str_t ssl_certificate; | |
38 ngx_str_t ssl_certificate_key; | |
39 ngx_array_t *ssl_passwords; | |
40 #endif | |
41 } ngx_http_grpc_loc_conf_t; | |
42 | |
43 | |
44 typedef enum { | |
45 ngx_http_grpc_st_start = 0, | |
46 ngx_http_grpc_st_length_2, | |
47 ngx_http_grpc_st_length_3, | |
48 ngx_http_grpc_st_type, | |
49 ngx_http_grpc_st_flags, | |
50 ngx_http_grpc_st_stream_id, | |
51 ngx_http_grpc_st_stream_id_2, | |
52 ngx_http_grpc_st_stream_id_3, | |
53 ngx_http_grpc_st_stream_id_4, | |
54 ngx_http_grpc_st_payload, | |
55 ngx_http_grpc_st_padding | |
56 } ngx_http_grpc_state_e; | |
57 | |
58 | |
59 typedef struct { | |
60 size_t init_window; | |
61 size_t send_window; | |
62 size_t recv_window; | |
63 ngx_uint_t last_stream_id; | |
64 } ngx_http_grpc_conn_t; | |
65 | |
66 | |
67 typedef struct { | |
68 ngx_http_grpc_state_e state; | |
69 ngx_uint_t frame_state; | |
70 ngx_uint_t fragment_state; | |
71 | |
72 ngx_chain_t *in; | |
73 ngx_chain_t *out; | |
74 ngx_chain_t *free; | |
75 ngx_chain_t *busy; | |
76 | |
77 ngx_http_grpc_conn_t *connection; | |
78 | |
79 ngx_uint_t id; | |
80 | |
81 ssize_t send_window; | |
82 size_t recv_window; | |
83 | |
84 size_t rest; | |
85 ngx_uint_t stream_id; | |
86 u_char type; | |
87 u_char flags; | |
88 u_char padding; | |
89 | |
90 ngx_uint_t error; | |
91 ngx_uint_t window_update; | |
92 | |
93 ngx_uint_t setting_id; | |
94 ngx_uint_t setting_value; | |
95 | |
96 u_char ping_data[8]; | |
97 | |
98 ngx_uint_t index; | |
99 ngx_str_t name; | |
100 ngx_str_t value; | |
101 | |
102 u_char *field_end; | |
103 size_t field_length; | |
104 size_t field_rest; | |
105 u_char field_state; | |
106 | |
107 unsigned literal:1; | |
108 unsigned field_huffman:1; | |
109 | |
110 unsigned header_sent:1; | |
111 unsigned output_closed:1; | |
112 unsigned parsing_headers:1; | |
113 unsigned end_stream:1; | |
114 unsigned status:1; | |
115 | |
116 ngx_http_request_t *request; | |
117 } ngx_http_grpc_ctx_t; | |
118 | |
119 | |
120 typedef struct { | |
121 u_char length_0; | |
122 u_char length_1; | |
123 u_char length_2; | |
124 u_char type; | |
125 u_char flags; | |
126 u_char stream_id_0; | |
127 u_char stream_id_1; | |
128 u_char stream_id_2; | |
129 u_char stream_id_3; | |
130 } ngx_http_grpc_frame_t; | |
131 | |
132 | |
133 static ngx_int_t ngx_http_grpc_create_request(ngx_http_request_t *r); | |
134 static ngx_int_t ngx_http_grpc_reinit_request(ngx_http_request_t *r); | |
135 static ngx_int_t ngx_http_grpc_body_output_filter(void *data, ngx_chain_t *in); | |
136 static ngx_int_t ngx_http_grpc_process_header(ngx_http_request_t *r); | |
137 static ngx_int_t ngx_http_grpc_filter_init(void *data); | |
138 static ngx_int_t ngx_http_grpc_filter(void *data, ssize_t bytes); | |
139 | |
140 static ngx_int_t ngx_http_grpc_parse_frame(ngx_http_request_t *r, | |
141 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
142 static ngx_int_t ngx_http_grpc_parse_header(ngx_http_request_t *r, | |
143 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
144 static ngx_int_t ngx_http_grpc_parse_fragment(ngx_http_request_t *r, | |
145 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
146 static ngx_int_t ngx_http_grpc_validate_header_name(ngx_http_request_t *r, | |
147 ngx_str_t *s); | |
148 static ngx_int_t ngx_http_grpc_validate_header_value(ngx_http_request_t *r, | |
149 ngx_str_t *s); | |
150 static ngx_int_t ngx_http_grpc_parse_rst_stream(ngx_http_request_t *r, | |
151 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
152 static ngx_int_t ngx_http_grpc_parse_goaway(ngx_http_request_t *r, | |
153 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
154 static ngx_int_t ngx_http_grpc_parse_window_update(ngx_http_request_t *r, | |
155 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
156 static ngx_int_t ngx_http_grpc_parse_settings(ngx_http_request_t *r, | |
157 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
158 static ngx_int_t ngx_http_grpc_parse_ping(ngx_http_request_t *r, | |
159 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
160 | |
161 static ngx_int_t ngx_http_grpc_send_settings_ack(ngx_http_request_t *r, | |
162 ngx_http_grpc_ctx_t *ctx); | |
163 static ngx_int_t ngx_http_grpc_send_ping_ack(ngx_http_request_t *r, | |
164 ngx_http_grpc_ctx_t *ctx); | |
165 static ngx_int_t ngx_http_grpc_send_window_update(ngx_http_request_t *r, | |
166 ngx_http_grpc_ctx_t *ctx); | |
167 | |
168 static ngx_chain_t *ngx_http_grpc_get_buf(ngx_http_request_t *r, | |
169 ngx_http_grpc_ctx_t *ctx); | |
170 static ngx_http_grpc_ctx_t *ngx_http_grpc_get_ctx(ngx_http_request_t *r); | |
171 static ngx_int_t ngx_http_grpc_get_connection_data(ngx_http_request_t *r, | |
172 ngx_http_grpc_ctx_t *ctx, ngx_peer_connection_t *pc); | |
173 static void ngx_http_grpc_cleanup(void *data); | |
174 | |
175 static void ngx_http_grpc_abort_request(ngx_http_request_t *r); | |
176 static void ngx_http_grpc_finalize_request(ngx_http_request_t *r, | |
177 ngx_int_t rc); | |
178 | |
179 static void *ngx_http_grpc_create_loc_conf(ngx_conf_t *cf); | |
180 static char *ngx_http_grpc_merge_loc_conf(ngx_conf_t *cf, | |
181 void *parent, void *child); | |
182 static ngx_int_t ngx_http_grpc_init_headers(ngx_conf_t *cf, | |
183 ngx_http_grpc_loc_conf_t *conf, ngx_http_grpc_headers_t *headers, | |
184 ngx_keyval_t *default_headers); | |
185 | |
186 static char *ngx_http_grpc_pass(ngx_conf_t *cf, ngx_command_t *cmd, | |
187 void *conf); | |
188 | |
189 #if (NGX_HTTP_SSL) | |
190 static char *ngx_http_grpc_ssl_password_file(ngx_conf_t *cf, | |
191 ngx_command_t *cmd, void *conf); | |
192 static ngx_int_t ngx_http_grpc_set_ssl(ngx_conf_t *cf, | |
193 ngx_http_grpc_loc_conf_t *glcf); | |
194 #endif | |
195 | |
196 | |
197 static ngx_conf_bitmask_t ngx_http_grpc_next_upstream_masks[] = { | |
198 { ngx_string("error"), NGX_HTTP_UPSTREAM_FT_ERROR }, | |
199 { ngx_string("timeout"), NGX_HTTP_UPSTREAM_FT_TIMEOUT }, | |
200 { ngx_string("invalid_header"), NGX_HTTP_UPSTREAM_FT_INVALID_HEADER }, | |
201 { ngx_string("non_idempotent"), NGX_HTTP_UPSTREAM_FT_NON_IDEMPOTENT }, | |
202 { ngx_string("http_500"), NGX_HTTP_UPSTREAM_FT_HTTP_500 }, | |
203 { ngx_string("http_502"), NGX_HTTP_UPSTREAM_FT_HTTP_502 }, | |
204 { ngx_string("http_503"), NGX_HTTP_UPSTREAM_FT_HTTP_503 }, | |
205 { ngx_string("http_504"), NGX_HTTP_UPSTREAM_FT_HTTP_504 }, | |
206 { ngx_string("http_403"), NGX_HTTP_UPSTREAM_FT_HTTP_403 }, | |
207 { ngx_string("http_404"), NGX_HTTP_UPSTREAM_FT_HTTP_404 }, | |
208 { ngx_string("http_429"), NGX_HTTP_UPSTREAM_FT_HTTP_429 }, | |
209 { ngx_string("off"), NGX_HTTP_UPSTREAM_FT_OFF }, | |
210 { ngx_null_string, 0 } | |
211 }; | |
212 | |
213 | |
214 #if (NGX_HTTP_SSL) | |
215 | |
216 static ngx_conf_bitmask_t ngx_http_grpc_ssl_protocols[] = { | |
217 { ngx_string("SSLv2"), NGX_SSL_SSLv2 }, | |
218 { ngx_string("SSLv3"), NGX_SSL_SSLv3 }, | |
219 { ngx_string("TLSv1"), NGX_SSL_TLSv1 }, | |
220 { ngx_string("TLSv1.1"), NGX_SSL_TLSv1_1 }, | |
221 { ngx_string("TLSv1.2"), NGX_SSL_TLSv1_2 }, | |
222 { ngx_string("TLSv1.3"), NGX_SSL_TLSv1_3 }, | |
223 { ngx_null_string, 0 } | |
224 }; | |
225 | |
226 #endif | |
227 | |
228 | |
229 static ngx_command_t ngx_http_grpc_commands[] = { | |
230 | |
231 { ngx_string("grpc_pass"), | |
232 NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF|NGX_CONF_TAKE1, | |
233 ngx_http_grpc_pass, | |
234 NGX_HTTP_LOC_CONF_OFFSET, | |
235 0, | |
236 NULL }, | |
237 | |
238 { ngx_string("grpc_bind"), | |
239 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE12, | |
240 ngx_http_upstream_bind_set_slot, | |
241 NGX_HTTP_LOC_CONF_OFFSET, | |
242 offsetof(ngx_http_grpc_loc_conf_t, upstream.local), | |
243 NULL }, | |
244 | |
245 { ngx_string("grpc_connect_timeout"), | |
246 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
247 ngx_conf_set_msec_slot, | |
248 NGX_HTTP_LOC_CONF_OFFSET, | |
249 offsetof(ngx_http_grpc_loc_conf_t, upstream.connect_timeout), | |
250 NULL }, | |
251 | |
252 { ngx_string("grpc_send_timeout"), | |
253 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
254 ngx_conf_set_msec_slot, | |
255 NGX_HTTP_LOC_CONF_OFFSET, | |
256 offsetof(ngx_http_grpc_loc_conf_t, upstream.send_timeout), | |
257 NULL }, | |
258 | |
259 { ngx_string("grpc_intercept_errors"), | |
260 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, | |
261 ngx_conf_set_flag_slot, | |
262 NGX_HTTP_LOC_CONF_OFFSET, | |
263 offsetof(ngx_http_grpc_loc_conf_t, upstream.intercept_errors), | |
264 NULL }, | |
265 | |
266 { ngx_string("grpc_buffer_size"), | |
267 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
268 ngx_conf_set_size_slot, | |
269 NGX_HTTP_LOC_CONF_OFFSET, | |
270 offsetof(ngx_http_grpc_loc_conf_t, upstream.buffer_size), | |
271 NULL }, | |
272 | |
273 { ngx_string("grpc_read_timeout"), | |
274 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
275 ngx_conf_set_msec_slot, | |
276 NGX_HTTP_LOC_CONF_OFFSET, | |
277 offsetof(ngx_http_grpc_loc_conf_t, upstream.read_timeout), | |
278 NULL }, | |
279 | |
280 { ngx_string("grpc_next_upstream"), | |
281 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE, | |
282 ngx_conf_set_bitmask_slot, | |
283 NGX_HTTP_LOC_CONF_OFFSET, | |
284 offsetof(ngx_http_grpc_loc_conf_t, upstream.next_upstream), | |
285 &ngx_http_grpc_next_upstream_masks }, | |
286 | |
287 { ngx_string("grpc_next_upstream_tries"), | |
288 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
289 ngx_conf_set_num_slot, | |
290 NGX_HTTP_LOC_CONF_OFFSET, | |
291 offsetof(ngx_http_grpc_loc_conf_t, upstream.next_upstream_tries), | |
292 NULL }, | |
293 | |
294 { ngx_string("grpc_next_upstream_timeout"), | |
295 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
296 ngx_conf_set_msec_slot, | |
297 NGX_HTTP_LOC_CONF_OFFSET, | |
298 offsetof(ngx_http_grpc_loc_conf_t, upstream.next_upstream_timeout), | |
299 NULL }, | |
300 | |
301 { ngx_string("grpc_set_header"), | |
302 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE2, | |
303 ngx_conf_set_keyval_slot, | |
304 NGX_HTTP_LOC_CONF_OFFSET, | |
305 offsetof(ngx_http_grpc_loc_conf_t, headers_source), | |
306 NULL }, | |
307 | |
308 { ngx_string("grpc_pass_header"), | |
309 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
310 ngx_conf_set_str_array_slot, | |
311 NGX_HTTP_LOC_CONF_OFFSET, | |
312 offsetof(ngx_http_grpc_loc_conf_t, upstream.pass_headers), | |
313 NULL }, | |
314 | |
315 { ngx_string("grpc_hide_header"), | |
316 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
317 ngx_conf_set_str_array_slot, | |
318 NGX_HTTP_LOC_CONF_OFFSET, | |
319 offsetof(ngx_http_grpc_loc_conf_t, upstream.hide_headers), | |
320 NULL }, | |
321 | |
322 { ngx_string("grpc_ignore_headers"), | |
323 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE, | |
324 ngx_conf_set_bitmask_slot, | |
325 NGX_HTTP_LOC_CONF_OFFSET, | |
326 offsetof(ngx_http_grpc_loc_conf_t, upstream.ignore_headers), | |
327 &ngx_http_upstream_ignore_headers_masks }, | |
328 | |
329 #if (NGX_HTTP_SSL) | |
330 | |
331 { ngx_string("grpc_ssl_session_reuse"), | |
332 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, | |
333 ngx_conf_set_flag_slot, | |
334 NGX_HTTP_LOC_CONF_OFFSET, | |
335 offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_session_reuse), | |
336 NULL }, | |
337 | |
338 { ngx_string("grpc_ssl_protocols"), | |
339 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE, | |
340 ngx_conf_set_bitmask_slot, | |
341 NGX_HTTP_LOC_CONF_OFFSET, | |
342 offsetof(ngx_http_grpc_loc_conf_t, ssl_protocols), | |
343 &ngx_http_grpc_ssl_protocols }, | |
344 | |
345 { ngx_string("grpc_ssl_ciphers"), | |
346 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
347 ngx_conf_set_str_slot, | |
348 NGX_HTTP_LOC_CONF_OFFSET, | |
349 offsetof(ngx_http_grpc_loc_conf_t, ssl_ciphers), | |
350 NULL }, | |
351 | |
352 { ngx_string("grpc_ssl_name"), | |
353 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
354 ngx_http_set_complex_value_slot, | |
355 NGX_HTTP_LOC_CONF_OFFSET, | |
356 offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_name), | |
357 NULL }, | |
358 | |
359 { ngx_string("grpc_ssl_server_name"), | |
360 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, | |
361 ngx_conf_set_flag_slot, | |
362 NGX_HTTP_LOC_CONF_OFFSET, | |
363 offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_server_name), | |
364 NULL }, | |
365 | |
366 { ngx_string("grpc_ssl_verify"), | |
367 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, | |
368 ngx_conf_set_flag_slot, | |
369 NGX_HTTP_LOC_CONF_OFFSET, | |
370 offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_verify), | |
371 NULL }, | |
372 | |
373 { ngx_string("grpc_ssl_verify_depth"), | |
374 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
375 ngx_conf_set_num_slot, | |
376 NGX_HTTP_LOC_CONF_OFFSET, | |
377 offsetof(ngx_http_grpc_loc_conf_t, ssl_verify_depth), | |
378 NULL }, | |
379 | |
380 { ngx_string("grpc_ssl_trusted_certificate"), | |
381 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
382 ngx_conf_set_str_slot, | |
383 NGX_HTTP_LOC_CONF_OFFSET, | |
384 offsetof(ngx_http_grpc_loc_conf_t, ssl_trusted_certificate), | |
385 NULL }, | |
386 | |
387 { ngx_string("grpc_ssl_crl"), | |
388 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
389 ngx_conf_set_str_slot, | |
390 NGX_HTTP_LOC_CONF_OFFSET, | |
391 offsetof(ngx_http_grpc_loc_conf_t, ssl_crl), | |
392 NULL }, | |
393 | |
394 { ngx_string("grpc_ssl_certificate"), | |
395 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
396 ngx_conf_set_str_slot, | |
397 NGX_HTTP_LOC_CONF_OFFSET, | |
398 offsetof(ngx_http_grpc_loc_conf_t, ssl_certificate), | |
399 NULL }, | |
400 | |
401 { ngx_string("grpc_ssl_certificate_key"), | |
402 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
403 ngx_conf_set_str_slot, | |
404 NGX_HTTP_LOC_CONF_OFFSET, | |
405 offsetof(ngx_http_grpc_loc_conf_t, ssl_certificate_key), | |
406 NULL }, | |
407 | |
408 { ngx_string("grpc_ssl_password_file"), | |
409 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
410 ngx_http_grpc_ssl_password_file, | |
411 NGX_HTTP_LOC_CONF_OFFSET, | |
412 0, | |
413 NULL }, | |
414 | |
415 #endif | |
416 | |
417 ngx_null_command | |
418 }; | |
419 | |
420 | |
421 static ngx_http_module_t ngx_http_grpc_module_ctx = { | |
422 NULL, /* preconfiguration */ | |
423 NULL, /* postconfiguration */ | |
424 | |
425 NULL, /* create main configuration */ | |
426 NULL, /* init main configuration */ | |
427 | |
428 NULL, /* create server configuration */ | |
429 NULL, /* merge server configuration */ | |
430 | |
431 ngx_http_grpc_create_loc_conf, /* create location configuration */ | |
432 ngx_http_grpc_merge_loc_conf /* merge location configuration */ | |
433 }; | |
434 | |
435 | |
436 ngx_module_t ngx_http_grpc_module = { | |
437 NGX_MODULE_V1, | |
438 &ngx_http_grpc_module_ctx, /* module context */ | |
439 ngx_http_grpc_commands, /* module directives */ | |
440 NGX_HTTP_MODULE, /* module type */ | |
441 NULL, /* init master */ | |
442 NULL, /* init module */ | |
443 NULL, /* init process */ | |
444 NULL, /* init thread */ | |
445 NULL, /* exit thread */ | |
446 NULL, /* exit process */ | |
447 NULL, /* exit master */ | |
448 NGX_MODULE_V1_PADDING | |
449 }; | |
450 | |
451 | |
452 static u_char ngx_http_grpc_connection_start[] = | |
453 "PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n" /* connection preface */ | |
454 | |
455 "\x00\x00\x12\x04\x00\x00\x00\x00\x00" /* settings frame */ | |
456 "\x00\x01\x00\x00\x00\x00" /* header table size */ | |
457 "\x00\x02\x00\x00\x00\x00" /* disable push */ | |
458 "\x00\x04\x7f\xff\xff\xff" /* initial window */ | |
459 | |
460 "\x00\x00\x04\x08\x00\x00\x00\x00\x00" /* window update frame */ | |
461 "\x7f\xff\x00\x00"; | |
462 | |
463 | |
464 static ngx_keyval_t ngx_http_grpc_headers[] = { | |
465 { ngx_string("Content-Length"), ngx_string("$content_length") }, | |
466 { ngx_string("Host"), ngx_string("") }, | |
467 { ngx_string("Connection"), ngx_string("") }, | |
468 { ngx_string("Transfer-Encoding"), ngx_string("") }, | |
469 { ngx_string("TE"), ngx_string("") }, | |
470 { ngx_string("Keep-Alive"), ngx_string("") }, | |
471 { ngx_string("Expect"), ngx_string("") }, | |
472 { ngx_string("Upgrade"), ngx_string("") }, | |
473 { ngx_null_string, ngx_null_string } | |
474 }; | |
475 | |
476 | |
477 static ngx_str_t ngx_http_grpc_hide_headers[] = { | |
478 ngx_string("Date"), | |
479 ngx_string("Server"), | |
480 ngx_string("X-Accel-Expires"), | |
481 ngx_string("X-Accel-Redirect"), | |
482 ngx_string("X-Accel-Limit-Rate"), | |
483 ngx_string("X-Accel-Buffering"), | |
484 ngx_string("X-Accel-Charset"), | |
485 ngx_null_string | |
486 }; | |
487 | |
488 | |
489 static ngx_int_t | |
490 ngx_http_grpc_handler(ngx_http_request_t *r) | |
491 { | |
492 ngx_int_t rc; | |
493 ngx_http_upstream_t *u; | |
494 ngx_http_grpc_ctx_t *ctx; | |
495 ngx_http_grpc_loc_conf_t *glcf; | |
496 | |
497 if (ngx_http_upstream_create(r) != NGX_OK) { | |
498 return NGX_HTTP_INTERNAL_SERVER_ERROR; | |
499 } | |
500 | |
501 glcf = ngx_http_get_module_loc_conf(r, ngx_http_grpc_module); | |
502 | |
503 u = r->upstream; | |
504 | |
505 #if (NGX_HTTP_SSL) | |
506 u->ssl = (glcf->upstream.ssl != NULL); | |
507 | |
508 if (u->ssl) { | |
509 ngx_str_set(&u->schema, "grpcs://"); | |
510 | |
511 } else { | |
512 ngx_str_set(&u->schema, "grpc://"); | |
513 } | |
514 #else | |
515 ngx_str_set(&u->schema, "grpc://"); | |
516 #endif | |
517 | |
518 u->output.tag = (ngx_buf_tag_t) &ngx_http_grpc_module; | |
519 | |
520 u->conf = &glcf->upstream; | |
521 | |
522 u->create_request = ngx_http_grpc_create_request; | |
523 u->reinit_request = ngx_http_grpc_reinit_request; | |
524 u->process_header = ngx_http_grpc_process_header; | |
525 u->abort_request = ngx_http_grpc_abort_request; | |
526 u->finalize_request = ngx_http_grpc_finalize_request; | |
527 | |
528 ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_grpc_ctx_t)); | |
529 if (ctx == NULL) { | |
530 return NGX_HTTP_INTERNAL_SERVER_ERROR; | |
531 } | |
532 | |
533 ctx->request = r; | |
534 | |
535 ngx_http_set_ctx(r, ctx, ngx_http_grpc_module); | |
536 | |
537 u->input_filter_init = ngx_http_grpc_filter_init; | |
538 u->input_filter = ngx_http_grpc_filter; | |
539 u->input_filter_ctx = ctx; | |
540 | |
541 r->request_body_no_buffering = 1; | |
542 | |
543 rc = ngx_http_read_client_request_body(r, ngx_http_upstream_init); | |
544 | |
545 if (rc >= NGX_HTTP_SPECIAL_RESPONSE) { | |
546 return rc; | |
547 } | |
548 | |
549 return NGX_DONE; | |
550 } | |
551 | |
552 | |
553 static ngx_int_t | |
554 ngx_http_grpc_create_request(ngx_http_request_t *r) | |
555 { | |
556 u_char *p, *tmp, *key_tmp, *val_tmp, *headers_frame; | |
557 size_t len, tmp_len, key_len, val_len, uri_len; | |
558 uintptr_t escape; | |
559 ngx_buf_t *b; | |
560 ngx_uint_t i, next; | |
561 ngx_chain_t *cl, *body; | |
562 ngx_list_part_t *part; | |
563 ngx_table_elt_t *header; | |
564 ngx_http_upstream_t *u; | |
565 ngx_http_grpc_frame_t *f; | |
566 ngx_http_script_code_pt code; | |
567 ngx_http_grpc_loc_conf_t *glcf; | |
568 ngx_http_script_engine_t e, le; | |
569 ngx_http_script_len_code_pt lcode; | |
570 | |
571 u = r->upstream; | |
572 | |
573 glcf = ngx_http_get_module_loc_conf(r, ngx_http_grpc_module); | |
574 | |
575 len = sizeof(ngx_http_grpc_connection_start) - 1 | |
576 + sizeof(ngx_http_grpc_frame_t); /* headers frame */ | |
577 | |
578 /* :method header */ | |
579 | |
580 if (r->method == NGX_HTTP_GET || r->method == NGX_HTTP_POST) { | |
581 len += 1; | |
582 tmp_len = 0; | |
583 | |
584 } else { | |
585 len += 1 + NGX_HTTP_V2_INT_OCTETS + r->method_name.len; | |
586 tmp_len = r->method_name.len; | |
587 } | |
588 | |
589 /* :scheme header */ | |
590 | |
591 len += 1; | |
592 | |
593 /* :path header */ | |
594 | |
595 if (r->valid_unparsed_uri) { | |
596 escape = 0; | |
597 uri_len = r->unparsed_uri.len; | |
598 | |
599 } else { | |
600 escape = 2 * ngx_escape_uri(NULL, r->uri.data, r->uri.len, | |
601 NGX_ESCAPE_URI); | |
602 uri_len = r->uri.len + escape + sizeof("?") - 1 + r->args.len; | |
603 } | |
604 | |
605 len += 1 + NGX_HTTP_V2_INT_OCTETS + uri_len; | |
606 | |
607 if (tmp_len < uri_len) { | |
608 tmp_len = uri_len; | |
609 } | |
610 | |
611 /* :authority header */ | |
612 | |
613 if (!glcf->host_set) { | |
614 len += 1 + NGX_HTTP_V2_INT_OCTETS + glcf->host.len; | |
615 | |
616 if (tmp_len < glcf->host.len) { | |
617 tmp_len = glcf->host.len; | |
618 } | |
619 } | |
620 | |
621 /* other headers */ | |
622 | |
623 ngx_http_script_flush_no_cacheable_variables(r, glcf->headers.flushes); | |
624 ngx_memzero(&le, sizeof(ngx_http_script_engine_t)); | |
625 | |
626 le.ip = glcf->headers.lengths->elts; | |
627 le.request = r; | |
628 le.flushed = 1; | |
629 | |
630 while (*(uintptr_t *) le.ip) { | |
631 | |
632 lcode = *(ngx_http_script_len_code_pt *) le.ip; | |
633 key_len = lcode(&le); | |
634 | |
635 for (val_len = 0; *(uintptr_t *) le.ip; val_len += lcode(&le)) { | |
636 lcode = *(ngx_http_script_len_code_pt *) le.ip; | |
637 } | |
638 le.ip += sizeof(uintptr_t); | |
639 | |
640 if (val_len == 0) { | |
641 continue; | |
642 } | |
643 | |
644 len += 1 + NGX_HTTP_V2_INT_OCTETS + key_len | |
645 + NGX_HTTP_V2_INT_OCTETS + val_len; | |
646 | |
647 if (tmp_len < key_len) { | |
648 tmp_len = key_len; | |
649 } | |
650 | |
651 if (tmp_len < val_len) { | |
652 tmp_len = val_len; | |
653 } | |
654 } | |
655 | |
656 if (glcf->upstream.pass_request_headers) { | |
657 part = &r->headers_in.headers.part; | |
658 header = part->elts; | |
659 | |
660 for (i = 0; /* void */; i++) { | |
661 | |
662 if (i >= part->nelts) { | |
663 if (part->next == NULL) { | |
664 break; | |
665 } | |
666 | |
667 part = part->next; | |
668 header = part->elts; | |
669 i = 0; | |
670 } | |
671 | |
672 if (ngx_hash_find(&glcf->headers.hash, header[i].hash, | |
673 header[i].lowcase_key, header[i].key.len)) | |
674 { | |
675 continue; | |
676 } | |
677 | |
678 len += 1 + NGX_HTTP_V2_INT_OCTETS + header[i].key.len | |
679 + NGX_HTTP_V2_INT_OCTETS + header[i].value.len; | |
680 | |
681 if (tmp_len < header[i].key.len) { | |
682 tmp_len = header[i].key.len; | |
683 } | |
684 | |
685 if (tmp_len < header[i].value.len) { | |
686 tmp_len = header[i].value.len; | |
687 } | |
688 } | |
689 } | |
690 | |
691 /* continuation frames */ | |
692 | |
693 len += sizeof(ngx_http_grpc_frame_t) | |
694 * (len / NGX_HTTP_V2_DEFAULT_FRAME_SIZE); | |
695 | |
696 | |
697 b = ngx_create_temp_buf(r->pool, len); | |
698 if (b == NULL) { | |
699 return NGX_ERROR; | |
700 } | |
701 | |
702 cl = ngx_alloc_chain_link(r->pool); | |
703 if (cl == NULL) { | |
704 return NGX_ERROR; | |
705 } | |
706 | |
707 cl->buf = b; | |
708 cl->next = NULL; | |
709 | |
710 tmp = ngx_palloc(r->pool, tmp_len * 3); | |
711 if (tmp == NULL) { | |
712 return NGX_ERROR; | |
713 } | |
714 | |
715 key_tmp = tmp + tmp_len; | |
716 val_tmp = tmp + 2 * tmp_len; | |
717 | |
718 /* connection preface */ | |
719 | |
720 b->last = ngx_copy(b->last, ngx_http_grpc_connection_start, | |
721 sizeof(ngx_http_grpc_connection_start) - 1); | |
722 | |
723 /* headers frame */ | |
724 | |
725 headers_frame = b->last; | |
726 | |
727 f = (ngx_http_grpc_frame_t *) b->last; | |
728 b->last += sizeof(ngx_http_grpc_frame_t); | |
729 | |
730 f->length_0 = 0; | |
731 f->length_1 = 0; | |
732 f->length_2 = 0; | |
733 f->type = NGX_HTTP_V2_HEADERS_FRAME; | |
734 f->flags = 0; | |
735 f->stream_id_0 = 0; | |
736 f->stream_id_1 = 0; | |
737 f->stream_id_2 = 0; | |
738 f->stream_id_3 = 1; | |
739 | |
740 if (r->method == NGX_HTTP_GET) { | |
741 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_METHOD_GET_INDEX); | |
742 | |
743 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
744 "grpc header: \":method: GET\""); | |
745 | |
746 } else if (r->method == NGX_HTTP_POST) { | |
747 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_METHOD_POST_INDEX); | |
748 | |
749 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
750 "grpc header: \":method: POST\""); | |
751 | |
752 } else { | |
753 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_METHOD_INDEX); | |
754 b->last = ngx_http_v2_write_value(b->last, r->method_name.data, | |
755 r->method_name.len, tmp); | |
756 | |
757 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
758 "grpc header: \":method: %V\"", &r->method_name); | |
759 } | |
760 | |
761 #if (NGX_HTTP_SSL) | |
762 if (glcf->ssl) { | |
763 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_SCHEME_HTTPS_INDEX); | |
764 | |
765 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
766 "grpc header: \":scheme: https\""); | |
767 } else | |
768 #endif | |
769 { | |
770 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_SCHEME_HTTP_INDEX); | |
771 | |
772 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
773 "grpc header: \":scheme: http\""); | |
774 } | |
775 | |
776 if (r->valid_unparsed_uri) { | |
777 | |
778 if (r->unparsed_uri.len == 1 && r->unparsed_uri.data[0] == '/') { | |
779 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_PATH_ROOT_INDEX); | |
780 | |
781 } else { | |
782 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX); | |
783 b->last = ngx_http_v2_write_value(b->last, r->unparsed_uri.data, | |
784 r->unparsed_uri.len, tmp); | |
785 } | |
786 | |
787 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
788 "grpc header: \":path: %V\"", &r->unparsed_uri); | |
789 | |
790 } else if (escape || r->args.len > 0) { | |
791 p = val_tmp; | |
792 | |
793 if (escape) { | |
794 p = (u_char *) ngx_escape_uri(p, r->uri.data, r->uri.len, | |
795 NGX_ESCAPE_URI); | |
796 | |
797 } else { | |
798 p = ngx_copy(p, r->uri.data, r->uri.len); | |
799 } | |
800 | |
801 if (r->args.len > 0) { | |
802 *p++ = '?'; | |
803 p = ngx_copy(p, r->args.data, r->args.len); | |
804 } | |
805 | |
806 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX); | |
807 b->last = ngx_http_v2_write_value(b->last, val_tmp, p - val_tmp, tmp); | |
808 | |
809 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
810 "grpc header: \":path: %*s\"", p - val_tmp, val_tmp); | |
811 | |
812 } else { | |
813 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX); | |
814 b->last = ngx_http_v2_write_value(b->last, r->uri.data, | |
815 r->uri.len, tmp); | |
816 | |
817 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
818 "grpc header: \":path: %V\"", &r->uri); | |
819 } | |
820 | |
821 if (!glcf->host_set) { | |
822 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_AUTHORITY_INDEX); | |
823 b->last = ngx_http_v2_write_value(b->last, glcf->host.data, | |
824 glcf->host.len, tmp); | |
825 | |
826 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
827 "grpc header: \":authority: %V\"", &glcf->host); | |
828 } | |
829 | |
830 ngx_memzero(&e, sizeof(ngx_http_script_engine_t)); | |
831 | |
832 e.ip = glcf->headers.values->elts; | |
833 e.request = r; | |
834 e.flushed = 1; | |
835 | |
836 le.ip = glcf->headers.lengths->elts; | |
837 | |
838 while (*(uintptr_t *) le.ip) { | |
839 | |
840 lcode = *(ngx_http_script_len_code_pt *) le.ip; | |
841 key_len = lcode(&le); | |
842 | |
843 for (val_len = 0; *(uintptr_t *) le.ip; val_len += lcode(&le)) { | |
844 lcode = *(ngx_http_script_len_code_pt *) le.ip; | |
845 } | |
846 le.ip += sizeof(uintptr_t); | |
847 | |
848 if (val_len == 0) { | |
849 e.skip = 1; | |
850 | |
851 while (*(uintptr_t *) e.ip) { | |
852 code = *(ngx_http_script_code_pt *) e.ip; | |
853 code((ngx_http_script_engine_t *) &e); | |
854 } | |
855 e.ip += sizeof(uintptr_t); | |
856 | |
857 e.skip = 0; | |
858 | |
859 continue; | |
860 } | |
861 | |
862 *b->last++ = 0; | |
863 | |
864 e.pos = key_tmp; | |
865 | |
866 code = *(ngx_http_script_code_pt *) e.ip; | |
867 code((ngx_http_script_engine_t *) &e); | |
868 | |
869 b->last = ngx_http_v2_write_name(b->last, key_tmp, key_len, tmp); | |
870 | |
871 e.pos = val_tmp; | |
872 | |
873 while (*(uintptr_t *) e.ip) { | |
874 code = *(ngx_http_script_code_pt *) e.ip; | |
875 code((ngx_http_script_engine_t *) &e); | |
876 } | |
877 e.ip += sizeof(uintptr_t); | |
878 | |
879 b->last = ngx_http_v2_write_value(b->last, val_tmp, val_len, tmp); | |
880 | |
881 #if (NGX_DEBUG) | |
882 if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) { | |
883 ngx_strlow(key_tmp, key_tmp, key_len); | |
884 | |
885 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
886 "grpc header: \"%*s: %*s\"", | |
887 key_len, key_tmp, val_len, val_tmp); | |
888 } | |
889 #endif | |
890 } | |
891 | |
892 if (glcf->upstream.pass_request_headers) { | |
893 part = &r->headers_in.headers.part; | |
894 header = part->elts; | |
895 | |
896 for (i = 0; /* void */; i++) { | |
897 | |
898 if (i >= part->nelts) { | |
899 if (part->next == NULL) { | |
900 break; | |
901 } | |
902 | |
903 part = part->next; | |
904 header = part->elts; | |
905 i = 0; | |
906 } | |
907 | |
908 if (ngx_hash_find(&glcf->headers.hash, header[i].hash, | |
909 header[i].lowcase_key, header[i].key.len)) | |
910 { | |
911 continue; | |
912 } | |
913 | |
914 *b->last++ = 0; | |
915 | |
916 b->last = ngx_http_v2_write_name(b->last, header[i].key.data, | |
917 header[i].key.len, tmp); | |
918 | |
919 b->last = ngx_http_v2_write_value(b->last, header[i].value.data, | |
920 header[i].value.len, tmp); | |
921 | |
922 #if (NGX_DEBUG) | |
923 if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) { | |
924 ngx_strlow(tmp, header[i].key.data, header[i].key.len); | |
925 | |
926 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
927 "grpc header: \"%*s: %V\"", | |
928 header[i].key.len, tmp, &header[i].value); | |
929 } | |
930 #endif | |
931 } | |
932 } | |
933 | |
934 /* update headers frame length */ | |
935 | |
936 len = b->last - headers_frame - sizeof(ngx_http_grpc_frame_t); | |
937 | |
938 if (len > NGX_HTTP_V2_DEFAULT_FRAME_SIZE) { | |
939 len = NGX_HTTP_V2_DEFAULT_FRAME_SIZE; | |
940 next = 1; | |
941 | |
942 } else { | |
943 next = 0; | |
944 } | |
945 | |
946 f = (ngx_http_grpc_frame_t *) headers_frame; | |
947 | |
948 f->length_0 = (u_char) ((len >> 16) & 0xff); | |
949 f->length_1 = (u_char) ((len >> 8) & 0xff); | |
950 f->length_2 = (u_char) (len & 0xff); | |
951 | |
952 /* create additional continuation frames */ | |
953 | |
954 p = headers_frame; | |
955 | |
956 while (next) { | |
957 p += sizeof(ngx_http_grpc_frame_t) + NGX_HTTP_V2_DEFAULT_FRAME_SIZE; | |
958 len = b->last - p; | |
959 | |
960 ngx_memmove(p + sizeof(ngx_http_grpc_frame_t), p, len); | |
961 b->last += sizeof(ngx_http_grpc_frame_t); | |
962 | |
963 if (len > NGX_HTTP_V2_DEFAULT_FRAME_SIZE) { | |
964 len = NGX_HTTP_V2_DEFAULT_FRAME_SIZE; | |
965 next = 1; | |
966 | |
967 } else { | |
968 next = 0; | |
969 } | |
970 | |
971 f = (ngx_http_grpc_frame_t *) p; | |
972 | |
973 f->length_0 = (u_char) ((len >> 16) & 0xff); | |
974 f->length_1 = (u_char) ((len >> 8) & 0xff); | |
975 f->length_2 = (u_char) (len & 0xff); | |
976 f->type = NGX_HTTP_V2_CONTINUATION_FRAME; | |
977 f->flags = 0; | |
978 f->stream_id_0 = 0; | |
979 f->stream_id_1 = 0; | |
980 f->stream_id_2 = 0; | |
981 f->stream_id_3 = 1; | |
982 } | |
983 | |
984 f->flags |= NGX_HTTP_V2_END_HEADERS_FLAG; | |
985 | |
986 #if (NGX_DEBUG) | |
987 if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) { | |
988 u_char buf[512]; | |
989 size_t n, m; | |
990 | |
991 n = ngx_min(b->last - b->pos, 256); | |
992 m = ngx_hex_dump(buf, b->pos, n) - buf; | |
993 | |
994 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
995 "grpc header: %*s%s, len: %uz", | |
996 m, buf, b->last - b->pos > 256 ? "..." : "", | |
997 b->last - b->pos); | |
998 } | |
999 #endif | |
1000 | |
1001 if (r->request_body_no_buffering) { | |
1002 | |
1003 u->request_bufs = cl; | |
1004 | |
1005 } else { | |
1006 | |
1007 body = u->request_bufs; | |
1008 u->request_bufs = cl; | |
1009 | |
1010 if (body == NULL) { | |
1011 f = (ngx_http_grpc_frame_t *) headers_frame; | |
1012 f->flags |= NGX_HTTP_V2_END_STREAM_FLAG; | |
1013 } | |
1014 | |
1015 while (body) { | |
1016 b = ngx_alloc_buf(r->pool); | |
1017 if (b == NULL) { | |
1018 return NGX_ERROR; | |
1019 } | |
1020 | |
1021 ngx_memcpy(b, body->buf, sizeof(ngx_buf_t)); | |
1022 | |
1023 cl->next = ngx_alloc_chain_link(r->pool); | |
1024 if (cl->next == NULL) { | |
1025 return NGX_ERROR; | |
1026 } | |
1027 | |
1028 cl = cl->next; | |
1029 cl->buf = b; | |
1030 | |
1031 body = body->next; | |
1032 } | |
1033 | |
1034 b->last_buf = 1; | |
1035 } | |
1036 | |
1037 u->output.output_filter = ngx_http_grpc_body_output_filter; | |
1038 u->output.filter_ctx = r; | |
1039 | |
1040 b->flush = 1; | |
1041 cl->next = NULL; | |
1042 | |
1043 return NGX_OK; | |
1044 } | |
1045 | |
1046 | |
1047 static ngx_int_t | |
1048 ngx_http_grpc_reinit_request(ngx_http_request_t *r) | |
1049 { | |
1050 ngx_http_grpc_ctx_t *ctx; | |
1051 | |
1052 ctx = ngx_http_get_module_ctx(r, ngx_http_grpc_module); | |
1053 | |
1054 if (ctx == NULL) { | |
1055 return NGX_OK; | |
1056 } | |
1057 | |
1058 ctx->state = 0; | |
1059 ctx->header_sent = 0; | |
1060 ctx->output_closed = 0; | |
1061 ctx->parsing_headers = 0; | |
1062 ctx->end_stream = 0; | |
1063 ctx->status = 0; | |
1064 ctx->connection = NULL; | |
1065 | |
1066 return NGX_OK; | |
1067 } | |
1068 | |
1069 | |
1070 static ngx_int_t | |
1071 ngx_http_grpc_body_output_filter(void *data, ngx_chain_t *in) | |
1072 { | |
1073 ngx_http_request_t *r = data; | |
1074 | |
1075 off_t file_pos; | |
1076 u_char *p, *pos, *start; | |
1077 size_t len, limit; | |
1078 ngx_buf_t *b; | |
1079 ngx_int_t rc; | |
1080 ngx_uint_t next, last; | |
1081 ngx_chain_t *cl, *out, **ll; | |
1082 ngx_http_grpc_ctx_t *ctx; | |
1083 ngx_http_grpc_frame_t *f; | |
1084 | |
1085 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1086 "grpc output filter"); | |
1087 | |
1088 ctx = ngx_http_grpc_get_ctx(r); | |
1089 | |
1090 if (ctx == NULL) { | |
1091 return NGX_ERROR; | |
1092 } | |
1093 | |
1094 if (in) { | |
1095 if (ngx_chain_add_copy(r->pool, &ctx->in, in) != NGX_OK) { | |
1096 return NGX_ERROR; | |
1097 } | |
1098 } | |
1099 | |
1100 out = NULL; | |
1101 ll = &out; | |
1102 | |
1103 if (!ctx->header_sent) { | |
1104 /* first buffer contains headers */ | |
1105 | |
1106 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1107 "grpc output header"); | |
1108 | |
1109 ctx->header_sent = 1; | |
1110 | |
1111 if (ctx->id != 1) { | |
1112 /* | |
1113 * keepalive connection: skip connection preface, | |
1114 * update stream identifiers | |
1115 */ | |
1116 | |
1117 b = ctx->in->buf; | |
1118 b->pos += sizeof(ngx_http_grpc_connection_start) - 1; | |
1119 | |
1120 p = b->pos; | |
1121 | |
1122 while (p < b->last) { | |
1123 f = (ngx_http_grpc_frame_t *) p; | |
1124 p += sizeof(ngx_http_grpc_frame_t); | |
1125 | |
1126 f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff); | |
1127 f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff); | |
1128 f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff); | |
1129 f->stream_id_3 = (u_char) (ctx->id & 0xff); | |
1130 | |
1131 p += (f->length_0 << 16) + (f->length_1 << 8) + f->length_2; | |
1132 } | |
1133 } | |
1134 | |
1135 if (ctx->in->buf->last_buf) { | |
1136 ctx->output_closed = 1; | |
1137 } | |
1138 | |
1139 *ll = ctx->in; | |
1140 ll = &ctx->in->next; | |
1141 | |
1142 ctx->in = ctx->in->next; | |
1143 } | |
1144 | |
1145 if (ctx->out) { | |
1146 /* queued control frames */ | |
1147 | |
1148 *ll = ctx->out; | |
1149 | |
1150 for (cl = ctx->out, ll = &cl->next; cl; cl = cl->next) { | |
1151 ll = &cl->next; | |
1152 } | |
1153 | |
1154 ctx->out = NULL; | |
1155 } | |
1156 | |
1157 f = NULL; | |
1158 last = 0; | |
1159 | |
1160 limit = ngx_max(0, ctx->send_window); | |
1161 | |
1162 if (limit > ctx->connection->send_window) { | |
1163 limit = ctx->connection->send_window; | |
1164 } | |
1165 | |
1166 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1167 "grpc output limit: %uz w:%z:%uz", | |
1168 limit, ctx->send_window, ctx->connection->send_window); | |
1169 | |
1170 #if (NGX_SUPPRESS_WARN) | |
1171 file_pos = 0; | |
1172 pos = NULL; | |
1173 cl = NULL; | |
1174 #endif | |
1175 | |
1176 in = ctx->in; | |
1177 | |
1178 while (in && limit > 0) { | |
1179 | |
1180 ngx_log_debug7(NGX_LOG_DEBUG_EVENT, r->connection->log, 0, | |
1181 "grpc output in l:%d f:%d %p, pos %p, size: %z " | |
1182 "file: %O, size: %O", | |
1183 in->buf->last_buf, | |
1184 in->buf->in_file, | |
1185 in->buf->start, in->buf->pos, | |
1186 in->buf->last - in->buf->pos, | |
1187 in->buf->file_pos, | |
1188 in->buf->file_last - in->buf->file_pos); | |
1189 | |
1190 if (ngx_buf_special(in->buf)) { | |
1191 goto next; | |
1192 } | |
1193 | |
1194 if (in->buf->in_file) { | |
1195 file_pos = in->buf->file_pos; | |
1196 | |
1197 } else { | |
1198 pos = in->buf->pos; | |
1199 } | |
1200 | |
1201 next = 0; | |
1202 | |
1203 do { | |
1204 | |
1205 cl = ngx_http_grpc_get_buf(r, ctx); | |
1206 if (cl == NULL) { | |
1207 return NGX_ERROR; | |
1208 } | |
1209 | |
1210 b = cl->buf; | |
1211 | |
1212 f = (ngx_http_grpc_frame_t *) b->last; | |
1213 b->last += sizeof(ngx_http_grpc_frame_t); | |
1214 | |
1215 *ll = cl; | |
1216 ll = &cl->next; | |
1217 | |
1218 cl = ngx_chain_get_free_buf(r->pool, &ctx->free); | |
1219 if (cl == NULL) { | |
1220 return NGX_ERROR; | |
1221 } | |
1222 | |
1223 b = cl->buf; | |
1224 start = b->start; | |
1225 | |
1226 ngx_memcpy(b, in->buf, sizeof(ngx_buf_t)); | |
1227 | |
1228 /* | |
1229 * restore b->start to preserve memory allocated in the buffer, | |
1230 * to reuse it later for headers and control frames | |
1231 */ | |
1232 | |
1233 b->start = start; | |
1234 | |
1235 if (in->buf->in_file) { | |
1236 b->file_pos = file_pos; | |
1237 file_pos += ngx_min(NGX_HTTP_V2_DEFAULT_FRAME_SIZE, limit); | |
1238 | |
1239 if (file_pos >= in->buf->file_last) { | |
1240 file_pos = in->buf->file_last; | |
1241 next = 1; | |
1242 } | |
1243 | |
1244 b->file_last = file_pos; | |
1245 len = (ngx_uint_t) (file_pos - b->file_pos); | |
1246 | |
1247 } else { | |
1248 b->pos = pos; | |
1249 pos += ngx_min(NGX_HTTP_V2_DEFAULT_FRAME_SIZE, limit); | |
1250 | |
1251 if (pos >= in->buf->last) { | |
1252 pos = in->buf->last; | |
1253 next = 1; | |
1254 } | |
1255 | |
1256 b->last = pos; | |
1257 len = (ngx_uint_t) (pos - b->pos); | |
1258 } | |
1259 | |
1260 b->tag = (ngx_buf_tag_t) &ngx_http_grpc_body_output_filter; | |
1261 b->shadow = in->buf; | |
1262 b->last_shadow = next; | |
1263 | |
1264 b->last_buf = 0; | |
1265 b->last_in_chain = 0; | |
1266 | |
1267 *ll = cl; | |
1268 ll = &cl->next; | |
1269 | |
1270 f->length_0 = (u_char) ((len >> 16) & 0xff); | |
1271 f->length_1 = (u_char) ((len >> 8) & 0xff); | |
1272 f->length_2 = (u_char) (len & 0xff); | |
1273 f->type = NGX_HTTP_V2_DATA_FRAME; | |
1274 f->flags = 0; | |
1275 f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff); | |
1276 f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff); | |
1277 f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff); | |
1278 f->stream_id_3 = (u_char) (ctx->id & 0xff); | |
1279 | |
1280 limit -= len; | |
1281 ctx->send_window -= len; | |
1282 ctx->connection->send_window -= len; | |
1283 | |
1284 } while (!next && limit > 0); | |
1285 | |
1286 if (!next) { | |
1287 /* | |
1288 * if the buffer wasn't fully sent due to flow control limits, | |
1289 * preserve position for future use | |
1290 */ | |
1291 | |
1292 if (in->buf->in_file) { | |
1293 in->buf->file_pos = file_pos; | |
1294 | |
1295 } else { | |
1296 in->buf->pos = pos; | |
1297 } | |
1298 | |
1299 break; | |
1300 } | |
1301 | |
1302 next: | |
1303 | |
1304 if (in->buf->last_buf) { | |
1305 last = 1; | |
1306 } | |
1307 | |
1308 in = in->next; | |
1309 } | |
1310 | |
1311 ctx->in = in; | |
1312 | |
1313 if (last) { | |
1314 | |
1315 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1316 "grpc output last"); | |
1317 | |
1318 ctx->output_closed = 1; | |
1319 | |
1320 if (f) { | |
1321 f->flags |= NGX_HTTP_V2_END_STREAM_FLAG; | |
1322 | |
1323 } else { | |
1324 cl = ngx_http_grpc_get_buf(r, ctx); | |
1325 if (cl == NULL) { | |
1326 return NGX_ERROR; | |
1327 } | |
1328 | |
1329 b = cl->buf; | |
1330 | |
1331 f = (ngx_http_grpc_frame_t *) b->last; | |
1332 b->last += sizeof(ngx_http_grpc_frame_t); | |
1333 | |
1334 f->length_0 = 0; | |
1335 f->length_1 = 0; | |
1336 f->length_2 = 0; | |
1337 f->type = NGX_HTTP_V2_DATA_FRAME; | |
1338 f->flags = NGX_HTTP_V2_END_STREAM_FLAG; | |
1339 f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff); | |
1340 f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff); | |
1341 f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff); | |
1342 f->stream_id_3 = (u_char) (ctx->id & 0xff); | |
1343 | |
1344 *ll = cl; | |
1345 ll = &cl->next; | |
1346 } | |
1347 | |
1348 cl->buf->last_buf = 1; | |
1349 } | |
1350 | |
1351 *ll = NULL; | |
1352 | |
1353 #if (NGX_DEBUG) | |
1354 | |
1355 for (cl = out; cl; cl = cl->next) { | |
1356 ngx_log_debug7(NGX_LOG_DEBUG_EVENT, r->connection->log, 0, | |
1357 "grpc output out l:%d f:%d %p, pos %p, size: %z " | |
1358 "file: %O, size: %O", | |
1359 cl->buf->last_buf, | |
1360 cl->buf->in_file, | |
1361 cl->buf->start, cl->buf->pos, | |
1362 cl->buf->last - cl->buf->pos, | |
1363 cl->buf->file_pos, | |
1364 cl->buf->file_last - cl->buf->file_pos); | |
1365 } | |
1366 | |
1367 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1368 "grpc output limit: %uz w:%z:%uz", | |
1369 limit, ctx->send_window, ctx->connection->send_window); | |
1370 | |
1371 #endif | |
1372 | |
1373 rc = ngx_chain_writer(&r->upstream->writer, out); | |
1374 | |
1375 ngx_chain_update_chains(r->pool, &ctx->free, &ctx->busy, &out, | |
1376 (ngx_buf_tag_t) &ngx_http_grpc_body_output_filter); | |
1377 | |
1378 for (cl = ctx->free; cl; cl = cl->next) { | |
1379 | |
1380 /* mark original buffers as sent */ | |
1381 | |
1382 if (cl->buf->shadow) { | |
1383 if (cl->buf->last_shadow) { | |
1384 b = cl->buf->shadow; | |
1385 b->pos = b->last; | |
1386 } | |
1387 | |
1388 cl->buf->shadow = NULL; | |
1389 } | |
1390 } | |
1391 | |
1392 if (rc == NGX_OK && ctx->in) { | |
1393 rc = NGX_AGAIN; | |
1394 } | |
1395 | |
1396 return rc; | |
1397 } | |
1398 | |
1399 | |
1400 static ngx_int_t | |
1401 ngx_http_grpc_process_header(ngx_http_request_t *r) | |
1402 { | |
1403 ngx_str_t *status_line; | |
1404 ngx_int_t rc, status; | |
1405 ngx_buf_t *b; | |
1406 ngx_table_elt_t *h; | |
1407 ngx_http_upstream_t *u; | |
1408 ngx_http_grpc_ctx_t *ctx; | |
1409 ngx_http_upstream_header_t *hh; | |
1410 ngx_http_upstream_main_conf_t *umcf; | |
1411 | |
1412 u = r->upstream; | |
1413 b = &u->buffer; | |
1414 | |
1415 #if (NGX_DEBUG) | |
1416 if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) { | |
1417 u_char buf[512]; | |
1418 size_t n, m; | |
1419 | |
1420 n = ngx_min(b->last - b->pos, 256); | |
1421 m = ngx_hex_dump(buf, b->pos, n) - buf; | |
1422 | |
1423 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1424 "grpc response: %*s%s, len: %uz", | |
1425 m, buf, b->last - b->pos > 256 ? "..." : "", | |
1426 b->last - b->pos); | |
1427 } | |
1428 #endif | |
1429 | |
1430 ctx = ngx_http_grpc_get_ctx(r); | |
1431 | |
1432 if (ctx == NULL) { | |
1433 return NGX_ERROR; | |
1434 } | |
1435 | |
1436 umcf = ngx_http_get_module_main_conf(r, ngx_http_upstream_module); | |
1437 | |
1438 for ( ;; ) { | |
1439 | |
1440 if (ctx->state < ngx_http_grpc_st_payload) { | |
1441 | |
1442 rc = ngx_http_grpc_parse_frame(r, ctx, b); | |
1443 | |
1444 if (rc == NGX_AGAIN) { | |
1445 | |
1446 /* | |
1447 * there can be a lot of window update frames, | |
1448 * so we reset buffer if it is empty and we haven't | |
1449 * started parsing headers yet | |
1450 */ | |
1451 | |
1452 if (!ctx->parsing_headers) { | |
1453 b->pos = b->start; | |
1454 b->last = b->pos; | |
1455 } | |
1456 | |
1457 return NGX_AGAIN; | |
1458 } | |
1459 | |
1460 if (rc == NGX_ERROR) { | |
1461 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1462 } | |
1463 | |
1464 /* | |
1465 * RFC 7540 says that implementations MUST discard frames | |
1466 * that have unknown or unsupported types. However, extension | |
1467 * frames that appear in the middle of a header block are | |
1468 * not permitted. Also, for obvious reasons CONTINUATION frames | |
1469 * cannot appear before headers, and DATA frames are not expected | |
1470 * to appear before all headers are parsed. | |
1471 */ | |
1472 | |
1473 if (ctx->type == NGX_HTTP_V2_DATA_FRAME | |
1474 || (ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME | |
1475 && !ctx->parsing_headers) | |
1476 || (ctx->type != NGX_HTTP_V2_CONTINUATION_FRAME | |
1477 && ctx->parsing_headers)) | |
1478 { | |
1479 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1480 "upstream sent unexpected http2 frame: %d", | |
1481 ctx->type); | |
1482 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1483 } | |
1484 | |
1485 if (ctx->stream_id && ctx->stream_id != ctx->id) { | |
1486 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1487 "upstream sent frame for unknown stream %ui", | |
1488 ctx->stream_id); | |
1489 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1490 } | |
1491 } | |
1492 | |
1493 /* frame payload */ | |
1494 | |
1495 if (ctx->type == NGX_HTTP_V2_RST_STREAM_FRAME) { | |
1496 | |
1497 rc = ngx_http_grpc_parse_rst_stream(r, ctx, b); | |
1498 | |
1499 if (rc == NGX_AGAIN) { | |
1500 return NGX_AGAIN; | |
1501 } | |
1502 | |
1503 if (rc == NGX_ERROR) { | |
1504 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1505 } | |
1506 | |
1507 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1508 "upstream rejected request with error %ui", | |
1509 ctx->error); | |
1510 | |
1511 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1512 } | |
1513 | |
1514 if (ctx->type == NGX_HTTP_V2_GOAWAY_FRAME) { | |
1515 | |
1516 rc = ngx_http_grpc_parse_goaway(r, ctx, b); | |
1517 | |
1518 if (rc == NGX_AGAIN) { | |
1519 return NGX_AGAIN; | |
1520 } | |
1521 | |
1522 if (rc == NGX_ERROR) { | |
1523 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1524 } | |
1525 | |
1526 /* | |
1527 * If stream_id is lower than one we use, our | |
1528 * request won't be processed and needs to be retried. | |
1529 * If stream_id is greater or equal to the one we use, | |
1530 * we can continue normally (except we can't use this | |
1531 * connection for additional requests). If there is | |
1532 * a real error, the connection will be closed. | |
1533 */ | |
1534 | |
1535 if (ctx->stream_id < ctx->id) { | |
1536 | |
1537 /* TODO: we can retry non-idempotent requests */ | |
1538 | |
1539 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1540 "upstream sent goaway with error %ui", | |
1541 ctx->error); | |
1542 | |
1543 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1544 } | |
1545 | |
1546 continue; | |
1547 } | |
1548 | |
1549 if (ctx->type == NGX_HTTP_V2_WINDOW_UPDATE_FRAME) { | |
1550 | |
1551 rc = ngx_http_grpc_parse_window_update(r, ctx, b); | |
1552 | |
1553 if (rc == NGX_AGAIN) { | |
1554 return NGX_AGAIN; | |
1555 } | |
1556 | |
1557 if (rc == NGX_ERROR) { | |
1558 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1559 } | |
1560 | |
1561 if (ctx->in) { | |
1562 ngx_post_event(u->peer.connection->write, &ngx_posted_events); | |
1563 } | |
1564 | |
1565 continue; | |
1566 } | |
1567 | |
1568 if (ctx->type == NGX_HTTP_V2_SETTINGS_FRAME) { | |
1569 | |
1570 rc = ngx_http_grpc_parse_settings(r, ctx, b); | |
1571 | |
1572 if (rc == NGX_AGAIN) { | |
1573 return NGX_AGAIN; | |
1574 } | |
1575 | |
1576 if (rc == NGX_ERROR) { | |
1577 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1578 } | |
1579 | |
1580 if (ctx->in) { | |
1581 ngx_post_event(u->peer.connection->write, &ngx_posted_events); | |
1582 } | |
1583 | |
1584 continue; | |
1585 } | |
1586 | |
1587 if (ctx->type == NGX_HTTP_V2_PING_FRAME) { | |
1588 | |
1589 rc = ngx_http_grpc_parse_ping(r, ctx, b); | |
1590 | |
1591 if (rc == NGX_AGAIN) { | |
1592 return NGX_AGAIN; | |
1593 } | |
1594 | |
1595 if (rc == NGX_ERROR) { | |
1596 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1597 } | |
1598 | |
1599 ngx_post_event(u->peer.connection->write, &ngx_posted_events); | |
1600 continue; | |
1601 } | |
1602 | |
1603 if (ctx->type == NGX_HTTP_V2_PUSH_PROMISE_FRAME) { | |
1604 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1605 "upstream sent unexpected push promise frame"); | |
1606 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1607 } | |
1608 | |
1609 if (ctx->type != NGX_HTTP_V2_HEADERS_FRAME | |
1610 && ctx->type != NGX_HTTP_V2_CONTINUATION_FRAME) | |
1611 { | |
1612 /* priority, unknown frames */ | |
1613 | |
1614 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
1615 ctx->rest -= b->last - b->pos; | |
1616 b->pos = b->last; | |
1617 return NGX_AGAIN; | |
1618 } | |
1619 | |
1620 b->pos += ctx->rest; | |
1621 ctx->rest = 0; | |
1622 ctx->state = ngx_http_grpc_st_start; | |
1623 | |
1624 continue; | |
1625 } | |
1626 | |
1627 /* headers */ | |
1628 | |
1629 for ( ;; ) { | |
1630 | |
1631 rc = ngx_http_grpc_parse_header(r, ctx, b); | |
1632 | |
1633 if (rc == NGX_AGAIN) { | |
1634 break; | |
1635 } | |
1636 | |
1637 if (rc == NGX_OK) { | |
1638 | |
1639 /* a header line has been parsed successfully */ | |
1640 | |
1641 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1642 "grpc header: \"%V: %V\"", | |
1643 &ctx->name, &ctx->value); | |
1644 | |
1645 if (ctx->name.len && ctx->name.data[0] == ':') { | |
1646 | |
1647 if (ctx->name.len != sizeof(":status") - 1 | |
1648 || ngx_strncmp(ctx->name.data, ":status", | |
1649 sizeof(":status") - 1) | |
1650 != 0) | |
1651 { | |
1652 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1653 "upstream sent invalid header \"%V: %V\"", | |
1654 &ctx->name, &ctx->value); | |
1655 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1656 } | |
1657 | |
1658 if (ctx->status) { | |
1659 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1660 "upstream sent duplicate :status header"); | |
1661 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1662 } | |
1663 | |
1664 status_line = &ctx->value; | |
1665 | |
1666 if (status_line->len != 3) { | |
1667 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1668 "upstream sent invalid :status \"%V\"", | |
1669 status_line); | |
1670 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1671 } | |
1672 | |
1673 status = ngx_atoi(status_line->data, 3); | |
1674 | |
1675 if (status == NGX_ERROR) { | |
1676 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1677 "upstream sent invalid :status \"%V\"", | |
1678 status_line); | |
1679 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1680 } | |
1681 | |
1682 if (status < NGX_HTTP_OK) { | |
1683 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1684 "upstream sent unexpected :status \"%V\"", | |
1685 status_line); | |
1686 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1687 } | |
1688 | |
1689 u->headers_in.status_n = status; | |
1690 | |
1691 if (u->state && u->state->status == 0) { | |
1692 u->state->status = status; | |
1693 } | |
1694 | |
1695 ctx->status = 1; | |
1696 | |
1697 continue; | |
1698 | |
1699 } else if (!ctx->status) { | |
1700 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1701 "upstream sent no :status header"); | |
1702 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1703 } | |
1704 | |
1705 h = ngx_list_push(&u->headers_in.headers); | |
1706 if (h == NULL) { | |
1707 return NGX_ERROR; | |
1708 } | |
1709 | |
1710 h->key = ctx->name; | |
1711 h->value = ctx->value; | |
1712 h->lowcase_key = h->key.data; | |
1713 h->hash = ngx_hash_key(h->key.data, h->key.len); | |
1714 | |
1715 hh = ngx_hash_find(&umcf->headers_in_hash, h->hash, | |
1716 h->lowcase_key, h->key.len); | |
1717 | |
1718 if (hh && hh->handler(r, h, hh->offset) != NGX_OK) { | |
1719 return NGX_ERROR; | |
1720 } | |
1721 | |
1722 continue; | |
1723 } | |
1724 | |
1725 if (rc == NGX_HTTP_PARSE_HEADER_DONE) { | |
1726 | |
1727 /* a whole header has been parsed successfully */ | |
1728 | |
1729 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1730 "grpc header done"); | |
1731 | |
1732 if (ctx->end_stream | |
1733 && ctx->in == NULL | |
1734 && ctx->out == NULL | |
1735 && ctx->output_closed | |
1736 && b->last == b->pos) | |
1737 { | |
1738 u->keepalive = 1; | |
1739 } | |
1740 | |
1741 return NGX_OK; | |
1742 } | |
1743 | |
1744 /* there was error while a header line parsing */ | |
1745 | |
1746 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1747 "upstream sent invalid header"); | |
1748 | |
1749 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1750 } | |
1751 | |
1752 /* rc == NGX_AGAIN */ | |
1753 | |
1754 if (ctx->rest == 0) { | |
1755 ctx->state = ngx_http_grpc_st_start; | |
1756 continue; | |
1757 } | |
1758 | |
1759 return NGX_AGAIN; | |
1760 } | |
1761 } | |
1762 | |
1763 | |
1764 static ngx_int_t | |
1765 ngx_http_grpc_filter_init(void *data) | |
1766 { | |
1767 ngx_http_grpc_ctx_t *ctx = data; | |
1768 | |
1769 ngx_http_request_t *r; | |
1770 ngx_http_upstream_t *u; | |
1771 | |
1772 r = ctx->request; | |
1773 u = r->upstream; | |
1774 | |
1775 u->length = 1; | |
1776 | |
1777 if (ctx->end_stream) { | |
1778 u->length = 0; | |
1779 } | |
1780 | |
1781 return NGX_OK; | |
1782 } | |
1783 | |
1784 | |
1785 static ngx_int_t | |
1786 ngx_http_grpc_filter(void *data, ssize_t bytes) | |
1787 { | |
1788 ngx_http_grpc_ctx_t *ctx = data; | |
1789 | |
1790 ngx_int_t rc; | |
1791 ngx_buf_t *b, *buf; | |
1792 ngx_chain_t *cl, **ll; | |
1793 ngx_table_elt_t *h; | |
1794 ngx_http_request_t *r; | |
1795 ngx_http_upstream_t *u; | |
1796 | |
1797 r = ctx->request; | |
1798 u = r->upstream; | |
1799 b = &u->buffer; | |
1800 | |
1801 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1802 "grpc filter bytes:%z", bytes); | |
1803 | |
1804 b->pos = b->last; | |
1805 b->last += bytes; | |
1806 | |
1807 for (cl = u->out_bufs, ll = &u->out_bufs; cl; cl = cl->next) { | |
1808 ll = &cl->next; | |
1809 } | |
1810 | |
1811 for ( ;; ) { | |
1812 | |
1813 if (ctx->state < ngx_http_grpc_st_payload) { | |
1814 | |
1815 rc = ngx_http_grpc_parse_frame(r, ctx, b); | |
1816 | |
1817 if (rc == NGX_AGAIN) { | |
1818 return NGX_AGAIN; | |
1819 } | |
1820 | |
1821 if (rc == NGX_ERROR) { | |
1822 return NGX_ERROR; | |
1823 } | |
1824 | |
1825 if ((ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME | |
1826 && !ctx->parsing_headers) | |
1827 || (ctx->type != NGX_HTTP_V2_CONTINUATION_FRAME | |
1828 && ctx->parsing_headers)) | |
1829 { | |
1830 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1831 "upstream sent unexpected http2 frame: %d", | |
1832 ctx->type); | |
1833 return NGX_ERROR; | |
1834 } | |
1835 | |
1836 if (ctx->type == NGX_HTTP_V2_DATA_FRAME) { | |
1837 | |
1838 if (ctx->stream_id != ctx->id) { | |
1839 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1840 "upstream sent data frame " | |
1841 "for unknown stream %ui", | |
1842 ctx->stream_id); | |
1843 return NGX_ERROR; | |
1844 } | |
1845 | |
1846 if (ctx->rest > ctx->recv_window) { | |
1847 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1848 "upstream violated stream flow control, " | |
1849 "received %uz data frame with window %uz", | |
1850 ctx->rest, ctx->recv_window); | |
1851 return NGX_ERROR; | |
1852 } | |
1853 | |
1854 if (ctx->rest > ctx->connection->recv_window) { | |
1855 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1856 "upstream violated connection flow control, " | |
1857 "received %uz data frame with window %uz", | |
1858 ctx->rest, ctx->connection->recv_window); | |
1859 return NGX_ERROR; | |
1860 } | |
1861 | |
1862 ctx->recv_window -= ctx->rest; | |
1863 ctx->connection->recv_window -= ctx->rest; | |
1864 | |
1865 if (ctx->connection->recv_window < NGX_HTTP_V2_MAX_WINDOW / 4 | |
1866 || ctx->recv_window < NGX_HTTP_V2_MAX_WINDOW / 4) | |
1867 { | |
1868 if (ngx_http_grpc_send_window_update(r, ctx) != NGX_OK) { | |
1869 return NGX_ERROR; | |
1870 } | |
1871 | |
1872 ngx_post_event(u->peer.connection->write, | |
1873 &ngx_posted_events); | |
1874 } | |
1875 } | |
1876 | |
1877 if (ctx->stream_id && ctx->stream_id != ctx->id) { | |
1878 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1879 "upstream sent frame for unknown stream %ui", | |
1880 ctx->stream_id); | |
1881 return NGX_ERROR; | |
1882 } | |
1883 | |
1884 ctx->padding = 0; | |
1885 } | |
1886 | |
1887 if (ctx->state == ngx_http_grpc_st_padding) { | |
1888 | |
1889 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
1890 ctx->rest -= b->last - b->pos; | |
1891 b->pos = b->last; | |
1892 return NGX_AGAIN; | |
1893 } | |
1894 | |
1895 b->pos += ctx->rest; | |
1896 ctx->rest = 0; | |
1897 ctx->state = ngx_http_grpc_st_start; | |
1898 | |
1899 if (ctx->flags & NGX_HTTP_V2_END_STREAM_FLAG) { | |
1900 u->length = 0; | |
1901 | |
1902 if (ctx->in == NULL | |
1903 && ctx->out == NULL | |
1904 && ctx->output_closed | |
1905 && b->last == b->pos) | |
1906 { | |
1907 u->keepalive = 1; | |
1908 } | |
1909 | |
1910 break; | |
1911 } | |
1912 | |
1913 continue; | |
1914 } | |
1915 | |
1916 /* frame payload */ | |
1917 | |
1918 if (ctx->type == NGX_HTTP_V2_RST_STREAM_FRAME) { | |
1919 | |
1920 rc = ngx_http_grpc_parse_rst_stream(r, ctx, b); | |
1921 | |
1922 if (rc == NGX_AGAIN) { | |
1923 return NGX_AGAIN; | |
1924 } | |
1925 | |
1926 if (rc == NGX_ERROR) { | |
1927 return NGX_ERROR; | |
1928 } | |
1929 | |
1930 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1931 "upstream rejected request with error %ui", | |
1932 ctx->error); | |
1933 | |
1934 return NGX_ERROR; | |
1935 } | |
1936 | |
1937 if (ctx->type == NGX_HTTP_V2_GOAWAY_FRAME) { | |
1938 | |
1939 rc = ngx_http_grpc_parse_goaway(r, ctx, b); | |
1940 | |
1941 if (rc == NGX_AGAIN) { | |
1942 return NGX_AGAIN; | |
1943 } | |
1944 | |
1945 if (rc == NGX_ERROR) { | |
1946 return NGX_ERROR; | |
1947 } | |
1948 | |
1949 /* | |
1950 * If stream_id is lower than one we use, our | |
1951 * request won't be processed and needs to be retried. | |
1952 * If stream_id is greater or equal to the one we use, | |
1953 * we can continue normally (except we can't use this | |
1954 * connection for additional requests). If there is | |
1955 * a real error, the connection will be closed. | |
1956 */ | |
1957 | |
1958 if (ctx->stream_id < ctx->id) { | |
1959 | |
1960 /* TODO: we can retry non-idempotent requests */ | |
1961 | |
1962 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1963 "upstream sent goaway with error %ui", | |
1964 ctx->error); | |
1965 | |
1966 return NGX_ERROR; | |
1967 } | |
1968 | |
1969 continue; | |
1970 } | |
1971 | |
1972 if (ctx->type == NGX_HTTP_V2_WINDOW_UPDATE_FRAME) { | |
1973 | |
1974 rc = ngx_http_grpc_parse_window_update(r, ctx, b); | |
1975 | |
1976 if (rc == NGX_AGAIN) { | |
1977 return NGX_AGAIN; | |
1978 } | |
1979 | |
1980 if (rc == NGX_ERROR) { | |
1981 return NGX_ERROR; | |
1982 } | |
1983 | |
1984 if (ctx->in) { | |
1985 ngx_post_event(u->peer.connection->write, &ngx_posted_events); | |
1986 } | |
1987 | |
1988 continue; | |
1989 } | |
1990 | |
1991 if (ctx->type == NGX_HTTP_V2_SETTINGS_FRAME) { | |
1992 | |
1993 rc = ngx_http_grpc_parse_settings(r, ctx, b); | |
1994 | |
1995 if (rc == NGX_AGAIN) { | |
1996 return NGX_AGAIN; | |
1997 } | |
1998 | |
1999 if (rc == NGX_ERROR) { | |
2000 return NGX_ERROR; | |
2001 } | |
2002 | |
2003 if (ctx->in) { | |
2004 ngx_post_event(u->peer.connection->write, &ngx_posted_events); | |
2005 } | |
2006 | |
2007 continue; | |
2008 } | |
2009 | |
2010 if (ctx->type == NGX_HTTP_V2_PING_FRAME) { | |
2011 | |
2012 rc = ngx_http_grpc_parse_ping(r, ctx, b); | |
2013 | |
2014 if (rc == NGX_AGAIN) { | |
2015 return NGX_AGAIN; | |
2016 } | |
2017 | |
2018 if (rc == NGX_ERROR) { | |
2019 return NGX_ERROR; | |
2020 } | |
2021 | |
2022 ngx_post_event(u->peer.connection->write, &ngx_posted_events); | |
2023 continue; | |
2024 } | |
2025 | |
2026 if (ctx->type == NGX_HTTP_V2_PUSH_PROMISE_FRAME) { | |
2027 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2028 "upstream sent unexpected push promise frame"); | |
2029 return NGX_ERROR; | |
2030 } | |
2031 | |
2032 if (ctx->type == NGX_HTTP_V2_HEADERS_FRAME | |
2033 || ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME) | |
2034 { | |
2035 for ( ;; ) { | |
2036 | |
2037 rc = ngx_http_grpc_parse_header(r, ctx, b); | |
2038 | |
2039 if (rc == NGX_AGAIN) { | |
2040 break; | |
2041 } | |
2042 | |
2043 if (rc == NGX_OK) { | |
2044 | |
2045 /* a header line has been parsed successfully */ | |
2046 | |
2047 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2048 "grpc trailer: \"%V: %V\"", | |
2049 &ctx->name, &ctx->value); | |
2050 | |
2051 if (ctx->name.len && ctx->name.data[0] == ':') { | |
2052 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2053 "upstream sent invalid " | |
2054 "trailer \"%V: %V\"", | |
2055 &ctx->name, &ctx->value); | |
2056 return NGX_ERROR; | |
2057 } | |
2058 | |
2059 h = ngx_list_push(&u->headers_in.trailers); | |
2060 if (h == NULL) { | |
2061 return NGX_ERROR; | |
2062 } | |
2063 | |
2064 h->key = ctx->name; | |
2065 h->value = ctx->value; | |
2066 h->lowcase_key = h->key.data; | |
2067 h->hash = ngx_hash_key(h->key.data, h->key.len); | |
2068 | |
2069 continue; | |
2070 } | |
2071 | |
2072 if (rc == NGX_HTTP_PARSE_HEADER_DONE) { | |
2073 | |
2074 /* a whole header has been parsed successfully */ | |
2075 | |
2076 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2077 "grpc trailer done"); | |
2078 | |
2079 if (ctx->end_stream) { | |
2080 u->length = 0; | |
2081 | |
2082 if (ctx->in == NULL | |
2083 && ctx->out == NULL | |
2084 && ctx->output_closed | |
2085 && b->last == b->pos) | |
2086 { | |
2087 u->keepalive = 1; | |
2088 } | |
2089 | |
2090 return NGX_OK; | |
2091 } | |
2092 | |
2093 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2094 "upstream sent trailer without " | |
2095 "end stream flag"); | |
2096 return NGX_ERROR; | |
2097 } | |
2098 | |
2099 /* there was error while a header line parsing */ | |
2100 | |
2101 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2102 "upstream sent invalid trailer"); | |
2103 | |
2104 return NGX_ERROR; | |
2105 } | |
2106 | |
2107 /* rc == NGX_AGAIN */ | |
2108 | |
2109 if (ctx->rest == 0) { | |
2110 ctx->state = ngx_http_grpc_st_start; | |
2111 continue; | |
2112 } | |
2113 | |
2114 return NGX_AGAIN; | |
2115 } | |
2116 | |
2117 if (ctx->type != NGX_HTTP_V2_DATA_FRAME) { | |
2118 | |
2119 /* priority, unknown frames */ | |
2120 | |
2121 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
2122 ctx->rest -= b->last - b->pos; | |
2123 b->pos = b->last; | |
2124 return NGX_AGAIN; | |
2125 } | |
2126 | |
2127 b->pos += ctx->rest; | |
2128 ctx->rest = 0; | |
2129 ctx->state = ngx_http_grpc_st_start; | |
2130 | |
2131 continue; | |
2132 } | |
2133 | |
2134 /* | |
2135 * data frame: | |
2136 * | |
2137 * +---------------+ | |
2138 * |Pad Length? (8)| | |
2139 * +---------------+-----------------------------------------------+ | |
2140 * | Data (*) ... | |
2141 * +---------------------------------------------------------------+ | |
2142 * | Padding (*) ... | |
2143 * +---------------------------------------------------------------+ | |
2144 */ | |
2145 | |
2146 if (ctx->flags & NGX_HTTP_V2_PADDED_FLAG) { | |
2147 | |
2148 if (ctx->rest == 0) { | |
2149 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2150 "upstream sent too short http2 frame"); | |
2151 return NGX_ERROR; | |
2152 } | |
2153 | |
2154 if (b->pos == b->last) { | |
2155 return NGX_AGAIN; | |
2156 } | |
2157 | |
2158 ctx->flags &= ~NGX_HTTP_V2_PADDED_FLAG; | |
2159 ctx->padding = *b->pos++; | |
2160 ctx->rest -= 1; | |
2161 | |
2162 if (ctx->padding > ctx->rest) { | |
2163 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2164 "upstream sent http2 frame with too long " | |
2165 "padding: %d in frame %uz", | |
2166 ctx->padding, ctx->rest); | |
2167 return NGX_ERROR; | |
2168 } | |
2169 | |
2170 continue; | |
2171 } | |
2172 | |
2173 if (ctx->rest == ctx->padding) { | |
2174 goto done; | |
2175 } | |
2176 | |
2177 if (b->pos == b->last) { | |
2178 return NGX_AGAIN; | |
2179 } | |
2180 | |
2181 cl = ngx_chain_get_free_buf(r->pool, &u->free_bufs); | |
2182 if (cl == NULL) { | |
2183 return NGX_ERROR; | |
2184 } | |
2185 | |
2186 *ll = cl; | |
2187 ll = &cl->next; | |
2188 | |
2189 buf = cl->buf; | |
2190 | |
2191 buf->flush = 1; | |
2192 buf->memory = 1; | |
2193 | |
2194 buf->pos = b->pos; | |
2195 buf->tag = u->output.tag; | |
2196 | |
2197 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2198 "grpc output buf %p", buf->pos); | |
2199 | |
2200 if (b->last - b->pos < (ssize_t) ctx->rest - ctx->padding) { | |
2201 | |
2202 ctx->rest -= b->last - b->pos; | |
2203 b->pos = b->last; | |
2204 buf->last = b->pos; | |
2205 | |
2206 return NGX_AGAIN; | |
2207 } | |
2208 | |
2209 b->pos += ctx->rest - ctx->padding; | |
2210 buf->last = b->pos; | |
2211 ctx->rest = ctx->padding; | |
2212 | |
2213 done: | |
2214 | |
2215 if (ctx->padding) { | |
2216 ctx->state = ngx_http_grpc_st_padding; | |
2217 continue; | |
2218 } | |
2219 | |
2220 ctx->state = ngx_http_grpc_st_start; | |
2221 | |
2222 if (ctx->flags & NGX_HTTP_V2_END_STREAM_FLAG) { | |
2223 u->length = 0; | |
2224 | |
2225 if (ctx->in == NULL | |
2226 && ctx->out == NULL | |
2227 && ctx->output_closed | |
2228 && b->last == b->pos) | |
2229 { | |
2230 u->keepalive = 1; | |
2231 } | |
2232 | |
2233 break; | |
2234 } | |
2235 } | |
2236 | |
2237 return NGX_OK; | |
2238 } | |
2239 | |
2240 | |
2241 static ngx_int_t | |
2242 ngx_http_grpc_parse_frame(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx, | |
2243 ngx_buf_t *b) | |
2244 { | |
2245 u_char ch, *p; | |
2246 ngx_http_grpc_state_e state; | |
2247 | |
2248 state = ctx->state; | |
2249 | |
2250 for (p = b->pos; p < b->last; p++) { | |
2251 ch = *p; | |
2252 | |
2253 #if 0 | |
2254 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2255 "grpc frame byte: %02Xd, s:%d", ch, state); | |
2256 #endif | |
2257 | |
2258 switch (state) { | |
2259 | |
2260 case ngx_http_grpc_st_start: | |
2261 ctx->rest = ch << 16; | |
2262 state = ngx_http_grpc_st_length_2; | |
2263 break; | |
2264 | |
2265 case ngx_http_grpc_st_length_2: | |
2266 ctx->rest |= ch << 8; | |
2267 state = ngx_http_grpc_st_length_3; | |
2268 break; | |
2269 | |
2270 case ngx_http_grpc_st_length_3: | |
2271 ctx->rest |= ch; | |
2272 | |
2273 if (ctx->rest > NGX_HTTP_V2_DEFAULT_FRAME_SIZE) { | |
2274 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2275 "upstream sent too large http2 frame: %uz", | |
2276 ctx->rest); | |
2277 return NGX_ERROR; | |
2278 } | |
2279 | |
2280 state = ngx_http_grpc_st_type; | |
2281 break; | |
2282 | |
2283 case ngx_http_grpc_st_type: | |
2284 ctx->type = ch; | |
2285 state = ngx_http_grpc_st_flags; | |
2286 break; | |
2287 | |
2288 case ngx_http_grpc_st_flags: | |
2289 ctx->flags = ch; | |
2290 state = ngx_http_grpc_st_stream_id; | |
2291 break; | |
2292 | |
2293 case ngx_http_grpc_st_stream_id: | |
2294 ctx->stream_id = (ch & 0x7f) << 24; | |
2295 state = ngx_http_grpc_st_stream_id_2; | |
2296 break; | |
2297 | |
2298 case ngx_http_grpc_st_stream_id_2: | |
2299 ctx->stream_id |= ch << 16; | |
2300 state = ngx_http_grpc_st_stream_id_3; | |
2301 break; | |
2302 | |
2303 case ngx_http_grpc_st_stream_id_3: | |
2304 ctx->stream_id |= ch << 8; | |
2305 state = ngx_http_grpc_st_stream_id_4; | |
2306 break; | |
2307 | |
2308 case ngx_http_grpc_st_stream_id_4: | |
2309 ctx->stream_id |= ch; | |
2310 | |
2311 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2312 "grpc frame: %d, len: %uz, f:%d, i:%ui", | |
2313 ctx->type, ctx->rest, ctx->flags, ctx->stream_id); | |
2314 | |
2315 b->pos = p + 1; | |
2316 | |
2317 ctx->state = ngx_http_grpc_st_payload; | |
2318 ctx->frame_state = 0; | |
2319 | |
2320 return NGX_OK; | |
2321 | |
2322 /* suppress warning */ | |
2323 case ngx_http_grpc_st_payload: | |
2324 case ngx_http_grpc_st_padding: | |
2325 break; | |
2326 } | |
2327 } | |
2328 | |
2329 b->pos = p; | |
2330 ctx->state = state; | |
2331 | |
2332 return NGX_AGAIN; | |
2333 } | |
2334 | |
2335 | |
2336 static ngx_int_t | |
2337 ngx_http_grpc_parse_header(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx, | |
2338 ngx_buf_t *b) | |
2339 { | |
2340 u_char ch, *p, *last; | |
2341 size_t min; | |
2342 ngx_int_t rc; | |
2343 enum { | |
2344 sw_start = 0, | |
2345 sw_padding_length, | |
2346 sw_dependency, | |
2347 sw_dependency_2, | |
2348 sw_dependency_3, | |
2349 sw_dependency_4, | |
2350 sw_weight, | |
2351 sw_fragment, | |
2352 sw_padding | |
2353 } state; | |
2354 | |
2355 state = ctx->frame_state; | |
2356 | |
2357 if (state == sw_start) { | |
2358 | |
2359 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2360 "grpc parse header: start"); | |
2361 | |
2362 if (ctx->type == NGX_HTTP_V2_HEADERS_FRAME) { | |
2363 ctx->parsing_headers = 1; | |
2364 ctx->fragment_state = 0; | |
2365 | |
2366 min = (ctx->flags & NGX_HTTP_V2_PADDED_FLAG ? 1 : 0) | |
2367 + (ctx->flags & NGX_HTTP_V2_PRIORITY_FLAG ? 5 : 0); | |
2368 | |
2369 if (ctx->rest < min) { | |
2370 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2371 "upstream sent headers frame " | |
2372 "with invalid length: %uz", | |
2373 ctx->rest); | |
2374 return NGX_ERROR; | |
2375 } | |
2376 | |
2377 if (ctx->flags & NGX_HTTP_V2_END_STREAM_FLAG) { | |
2378 ctx->end_stream = 1; | |
2379 } | |
2380 | |
2381 if (ctx->flags & NGX_HTTP_V2_PADDED_FLAG) { | |
2382 state = sw_padding_length; | |
2383 | |
2384 } else if (ctx->flags & NGX_HTTP_V2_PRIORITY_FLAG) { | |
2385 state = sw_dependency; | |
2386 | |
2387 } else { | |
2388 state = sw_fragment; | |
2389 } | |
2390 | |
2391 } else if (ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME) { | |
2392 state = sw_fragment; | |
2393 } | |
2394 | |
2395 ctx->padding = 0; | |
2396 } | |
2397 | |
2398 if (state < sw_fragment) { | |
2399 | |
2400 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
2401 last = b->last; | |
2402 | |
2403 } else { | |
2404 last = b->pos + ctx->rest; | |
2405 } | |
2406 | |
2407 for (p = b->pos; p < last; p++) { | |
2408 ch = *p; | |
2409 | |
2410 #if 0 | |
2411 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2412 "grpc header byte: %02Xd s:%d", ch, state); | |
2413 #endif | |
2414 | |
2415 /* | |
2416 * headers frame: | |
2417 * | |
2418 * +---------------+ | |
2419 * |Pad Length? (8)| | |
2420 * +-+-------------+----------------------------------------------+ | |
2421 * |E| Stream Dependency? (31) | | |
2422 * +-+-------------+----------------------------------------------+ | |
2423 * | Weight? (8) | | |
2424 * +-+-------------+----------------------------------------------+ | |
2425 * | Header Block Fragment (*) ... | |
2426 * +--------------------------------------------------------------+ | |
2427 * | Padding (*) ... | |
2428 * +--------------------------------------------------------------+ | |
2429 */ | |
2430 | |
2431 switch (state) { | |
2432 | |
2433 case sw_padding_length: | |
2434 | |
2435 ctx->padding = ch; | |
2436 | |
2437 if (ctx->flags & NGX_HTTP_V2_PRIORITY_FLAG) { | |
2438 state = sw_dependency; | |
2439 break; | |
2440 } | |
2441 | |
2442 goto fragment; | |
2443 | |
2444 case sw_dependency: | |
2445 state = sw_dependency_2; | |
2446 break; | |
2447 | |
2448 case sw_dependency_2: | |
2449 state = sw_dependency_3; | |
2450 break; | |
2451 | |
2452 case sw_dependency_3: | |
2453 state = sw_dependency_4; | |
2454 break; | |
2455 | |
2456 case sw_dependency_4: | |
2457 state = sw_weight; | |
2458 break; | |
2459 | |
2460 case sw_weight: | |
2461 goto fragment; | |
2462 | |
2463 /* suppress warning */ | |
2464 case sw_start: | |
2465 case sw_fragment: | |
2466 case sw_padding: | |
2467 break; | |
2468 } | |
2469 } | |
2470 | |
2471 ctx->rest -= p - b->pos; | |
2472 b->pos = p; | |
2473 | |
2474 ctx->frame_state = state; | |
2475 return NGX_AGAIN; | |
2476 | |
2477 fragment: | |
2478 | |
2479 p++; | |
2480 ctx->rest -= p - b->pos; | |
2481 b->pos = p; | |
2482 | |
2483 if (ctx->padding > ctx->rest) { | |
2484 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2485 "upstream sent http2 frame with too long " | |
2486 "padding: %d in frame %uz", | |
2487 ctx->padding, ctx->rest); | |
2488 return NGX_ERROR; | |
2489 } | |
2490 | |
2491 state = sw_fragment; | |
2492 ctx->frame_state = state; | |
2493 } | |
2494 | |
2495 if (state == sw_fragment) { | |
2496 | |
2497 rc = ngx_http_grpc_parse_fragment(r, ctx, b); | |
2498 | |
2499 if (rc == NGX_AGAIN) { | |
2500 return NGX_AGAIN; | |
2501 } | |
2502 | |
2503 if (rc == NGX_ERROR) { | |
2504 return NGX_ERROR; | |
2505 } | |
2506 | |
2507 if (rc == NGX_OK) { | |
2508 return NGX_OK; | |
2509 } | |
2510 | |
2511 /* rc == NGX_DONE */ | |
2512 | |
2513 state = sw_padding; | |
2514 ctx->frame_state = state; | |
2515 } | |
2516 | |
2517 if (state == sw_padding) { | |
2518 | |
2519 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
2520 | |
2521 ctx->rest -= b->last - b->pos; | |
2522 b->pos = b->last; | |
2523 | |
2524 return NGX_AGAIN; | |
2525 } | |
2526 | |
2527 b->pos += ctx->rest; | |
2528 ctx->rest = 0; | |
2529 | |
2530 ctx->state = ngx_http_grpc_st_start; | |
2531 | |
2532 if (ctx->flags & NGX_HTTP_V2_END_HEADERS_FLAG) { | |
2533 | |
2534 if (ctx->fragment_state) { | |
2535 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2536 "upstream sent truncated http2 header"); | |
2537 return NGX_ERROR; | |
2538 } | |
2539 | |
2540 ctx->parsing_headers = 0; | |
2541 | |
2542 return NGX_HTTP_PARSE_HEADER_DONE; | |
2543 } | |
2544 | |
2545 return NGX_AGAIN; | |
2546 } | |
2547 | |
2548 /* unreachable */ | |
2549 | |
2550 return NGX_ERROR; | |
2551 } | |
2552 | |
2553 | |
2554 static ngx_int_t | |
2555 ngx_http_grpc_parse_fragment(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx, | |
2556 ngx_buf_t *b) | |
2557 { | |
2558 u_char ch, *p, *last; | |
2559 size_t size; | |
2560 ngx_uint_t index, size_update; | |
2561 enum { | |
2562 sw_start = 0, | |
2563 sw_index, | |
2564 sw_name_length, | |
2565 sw_name_length_2, | |
2566 sw_name_length_3, | |
2567 sw_name_length_4, | |
2568 sw_name, | |
2569 sw_name_bytes, | |
2570 sw_value_length, | |
2571 sw_value_length_2, | |
2572 sw_value_length_3, | |
2573 sw_value_length_4, | |
2574 sw_value, | |
2575 sw_value_bytes | |
2576 } state; | |
2577 | |
2578 /* header block fragment */ | |
2579 | |
2580 #if 0 | |
2581 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2582 "grpc header fragment %p:%p rest:%uz", | |
2583 b->pos, b->last, ctx->rest); | |
2584 #endif | |
2585 | |
2586 if (b->last - b->pos < (ssize_t) ctx->rest - ctx->padding) { | |
2587 last = b->last; | |
2588 | |
2589 } else { | |
2590 last = b->pos + ctx->rest - ctx->padding; | |
2591 } | |
2592 | |
2593 state = ctx->fragment_state; | |
2594 | |
2595 for (p = b->pos; p < last; p++) { | |
2596 ch = *p; | |
2597 | |
2598 #if 0 | |
2599 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2600 "grpc header byte: %02Xd s:%d", ch, state); | |
2601 #endif | |
2602 | |
2603 switch (state) { | |
2604 | |
2605 case sw_start: | |
2606 ctx->index = 0; | |
2607 | |
2608 if ((ch & 0x80) == 0x80) { | |
2609 /* | |
2610 * indexed header: | |
2611 * | |
2612 * 0 1 2 3 4 5 6 7 | |
2613 * +---+---+---+---+---+---+---+---+ | |
2614 * | 1 | Index (7+) | | |
2615 * +---+---------------------------+ | |
2616 */ | |
2617 | |
2618 index = ch & ~0x80; | |
2619 | |
2620 if (index == 0 || index > 61) { | |
2621 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2622 "upstream sent invalid http2 " | |
2623 "table index: %ui", index); | |
2624 return NGX_ERROR; | |
2625 } | |
2626 | |
2627 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2628 "grpc indexed header: %ui", index); | |
2629 | |
2630 ctx->index = index; | |
2631 ctx->literal = 0; | |
2632 | |
2633 goto done; | |
2634 | |
2635 } else if ((ch & 0xc0) == 0x40) { | |
2636 /* | |
2637 * literal header with incremental indexing: | |
2638 * | |
2639 * 0 1 2 3 4 5 6 7 | |
2640 * +---+---+---+---+---+---+---+---+ | |
2641 * | 0 | 1 | Index (6+) | | |
2642 * +---+---+-----------------------+ | |
2643 * | H | Value Length (7+) | | |
2644 * +---+---------------------------+ | |
2645 * | Value String (Length octets) | | |
2646 * +-------------------------------+ | |
2647 * | |
2648 * 0 1 2 3 4 5 6 7 | |
2649 * +---+---+---+---+---+---+---+---+ | |
2650 * | 0 | 1 | 0 | | |
2651 * +---+---+-----------------------+ | |
2652 * | H | Name Length (7+) | | |
2653 * +---+---------------------------+ | |
2654 * | Name String (Length octets) | | |
2655 * +---+---------------------------+ | |
2656 * | H | Value Length (7+) | | |
2657 * +---+---------------------------+ | |
2658 * | Value String (Length octets) | | |
2659 * +-------------------------------+ | |
2660 */ | |
2661 | |
2662 index = ch & ~0xc0; | |
2663 | |
2664 if (index > 61) { | |
2665 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2666 "upstream sent invalid http2 " | |
2667 "table index: %ui", index); | |
2668 return NGX_ERROR; | |
2669 } | |
2670 | |
2671 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2672 "grpc literal header: %ui", index); | |
2673 | |
2674 if (index == 0) { | |
2675 state = sw_name_length; | |
2676 break; | |
2677 } | |
2678 | |
2679 ctx->index = index; | |
2680 ctx->literal = 1; | |
2681 | |
2682 state = sw_value_length; | |
2683 break; | |
2684 | |
2685 } else if ((ch & 0xe0) == 0x20) { | |
2686 /* | |
2687 * dynamic table size update: | |
2688 * | |
2689 * 0 1 2 3 4 5 6 7 | |
2690 * +---+---+---+---+---+---+---+---+ | |
2691 * | 0 | 0 | 1 | Max size (5+) | | |
2692 * +---+---------------------------+ | |
2693 */ | |
2694 | |
2695 size_update = ch & ~0xe0; | |
2696 | |
2697 if (size_update > 0) { | |
2698 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2699 "upstream sent invalid http2 " | |
2700 "dynamic table size update: %ui", | |
2701 size_update); | |
2702 return NGX_ERROR; | |
2703 } | |
2704 | |
2705 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2706 "grpc table size update: %ui", size_update); | |
2707 | |
2708 break; | |
2709 | |
2710 } else if ((ch & 0xf0) == 0x10) { | |
2711 /* | |
2712 * literal header field never indexed: | |
2713 * | |
2714 * 0 1 2 3 4 5 6 7 | |
2715 * +---+---+---+---+---+---+---+---+ | |
2716 * | 0 | 0 | 0 | 1 | Index (4+) | | |
2717 * +---+---+-----------------------+ | |
2718 * | H | Value Length (7+) | | |
2719 * +---+---------------------------+ | |
2720 * | Value String (Length octets) | | |
2721 * +-------------------------------+ | |
2722 * | |
2723 * 0 1 2 3 4 5 6 7 | |
2724 * +---+---+---+---+---+---+---+---+ | |
2725 * | 0 | 0 | 0 | 1 | 0 | | |
2726 * +---+---+-----------------------+ | |
2727 * | H | Name Length (7+) | | |
2728 * +---+---------------------------+ | |
2729 * | Name String (Length octets) | | |
2730 * +---+---------------------------+ | |
2731 * | H | Value Length (7+) | | |
2732 * +---+---------------------------+ | |
2733 * | Value String (Length octets) | | |
2734 * +-------------------------------+ | |
2735 */ | |
2736 | |
2737 index = ch & ~0xf0; | |
2738 | |
2739 if (index == 0x0f) { | |
2740 ctx->index = index; | |
2741 ctx->literal = 1; | |
2742 state = sw_index; | |
2743 break; | |
2744 } | |
2745 | |
2746 if (index == 0) { | |
2747 state = sw_name_length; | |
2748 break; | |
2749 } | |
2750 | |
2751 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2752 "grpc literal header never indexed: %ui", | |
2753 index); | |
2754 | |
2755 ctx->index = index; | |
2756 ctx->literal = 1; | |
2757 | |
2758 state = sw_value_length; | |
2759 break; | |
2760 | |
2761 } else if ((ch & 0xf0) == 0x00) { | |
2762 /* | |
2763 * literal header field without indexing: | |
2764 * | |
2765 * 0 1 2 3 4 5 6 7 | |
2766 * +---+---+---+---+---+---+---+---+ | |
2767 * | 0 | 0 | 0 | 0 | Index (4+) | | |
2768 * +---+---+-----------------------+ | |
2769 * | H | Value Length (7+) | | |
2770 * +---+---------------------------+ | |
2771 * | Value String (Length octets) | | |
2772 * +-------------------------------+ | |
2773 * | |
2774 * 0 1 2 3 4 5 6 7 | |
2775 * +---+---+---+---+---+---+---+---+ | |
2776 * | 0 | 0 | 0 | 0 | 0 | | |
2777 * +---+---+-----------------------+ | |
2778 * | H | Name Length (7+) | | |
2779 * +---+---------------------------+ | |
2780 * | Name String (Length octets) | | |
2781 * +---+---------------------------+ | |
2782 * | H | Value Length (7+) | | |
2783 * +---+---------------------------+ | |
2784 * | Value String (Length octets) | | |
2785 * +-------------------------------+ | |
2786 */ | |
2787 | |
2788 index = ch & ~0xf0; | |
2789 | |
2790 if (index == 0x0f) { | |
2791 ctx->index = index; | |
2792 ctx->literal = 1; | |
2793 state = sw_index; | |
2794 break; | |
2795 } | |
2796 | |
2797 if (index == 0) { | |
2798 state = sw_name_length; | |
2799 break; | |
2800 } | |
2801 | |
2802 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2803 "grpc literal header without indexing: %ui", | |
2804 index); | |
2805 | |
2806 ctx->index = index; | |
2807 ctx->literal = 1; | |
2808 | |
2809 state = sw_value_length; | |
2810 break; | |
2811 } | |
2812 | |
2813 /* not reached */ | |
2814 | |
2815 return NGX_ERROR; | |
2816 | |
2817 case sw_index: | |
2818 ctx->index = ctx->index + (ch & ~0x80); | |
2819 | |
2820 if (ch & 0x80) { | |
2821 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2822 "upstream sent http2 table index " | |
2823 "with continuation flag"); | |
2824 return NGX_ERROR; | |
2825 } | |
2826 | |
2827 if (ctx->index > 61) { | |
2828 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2829 "upstream sent invalid http2 " | |
2830 "table index: %ui", ctx->index); | |
2831 return NGX_ERROR; | |
2832 } | |
2833 | |
2834 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2835 "grpc header index: %ui", ctx->index); | |
2836 | |
2837 state = sw_value_length; | |
2838 break; | |
2839 | |
2840 case sw_name_length: | |
2841 ctx->field_huffman = ch & 0x80 ? 1 : 0; | |
2842 ctx->field_length = ch & ~0x80; | |
2843 | |
2844 if (ctx->field_length == 0x7f) { | |
2845 state = sw_name_length_2; | |
2846 break; | |
2847 } | |
2848 | |
2849 if (ctx->field_length == 0) { | |
2850 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2851 "upstream sent zero http2 " | |
2852 "header name length"); | |
2853 return NGX_ERROR; | |
2854 } | |
2855 | |
2856 state = sw_name; | |
2857 break; | |
2858 | |
2859 case sw_name_length_2: | |
2860 ctx->field_length += ch & ~0x80; | |
2861 | |
2862 if (ch & 0x80) { | |
2863 state = sw_name_length_3; | |
2864 break; | |
2865 } | |
2866 | |
2867 state = sw_name; | |
2868 break; | |
2869 | |
2870 case sw_name_length_3: | |
2871 ctx->field_length += (ch & ~0x80) << 7; | |
2872 | |
2873 if (ch & 0x80) { | |
2874 state = sw_name_length_4; | |
2875 break; | |
2876 } | |
2877 | |
2878 state = sw_name; | |
2879 break; | |
2880 | |
2881 case sw_name_length_4: | |
2882 ctx->field_length += (ch & ~0x80) << 14; | |
2883 | |
2884 if (ch & 0x80) { | |
2885 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2886 "upstream sent too large http2 " | |
2887 "header name length"); | |
2888 return NGX_ERROR; | |
2889 } | |
2890 | |
2891 state = sw_name; | |
2892 break; | |
2893 | |
2894 case sw_name: | |
2895 ctx->name.len = ctx->field_huffman ? | |
2896 ctx->field_length * 8 / 5 : ctx->field_length; | |
2897 | |
2898 ctx->name.data = ngx_pnalloc(r->pool, ctx->name.len + 1); | |
2899 if (ctx->name.data == NULL) { | |
2900 return NGX_ERROR; | |
2901 } | |
2902 | |
2903 ctx->field_end = ctx->name.data; | |
2904 ctx->field_rest = ctx->field_length; | |
2905 ctx->field_state = 0; | |
2906 | |
2907 state = sw_name_bytes; | |
2908 | |
2909 /* fall through */ | |
2910 | |
2911 case sw_name_bytes: | |
2912 | |
2913 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2914 "grpc name: len:%uz h:%d last:%uz, rest:%uz", | |
2915 ctx->field_length, | |
2916 ctx->field_huffman, | |
2917 last - p, | |
2918 ctx->rest - (p - b->pos)); | |
2919 | |
2920 size = ngx_min(last - p, (ssize_t) ctx->field_rest); | |
2921 ctx->field_rest -= size; | |
2922 | |
2923 if (ctx->field_huffman) { | |
2924 if (ngx_http_v2_huff_decode(&ctx->field_state, p, size, | |
2925 &ctx->field_end, | |
2926 ctx->field_rest == 0, | |
2927 r->connection->log) | |
2928 != NGX_OK) | |
2929 { | |
2930 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2931 "upstream sent invalid encoded header"); | |
2932 return NGX_ERROR; | |
2933 } | |
2934 | |
2935 ctx->name.len = ctx->field_end - ctx->name.data; | |
2936 ctx->name.data[ctx->name.len] = '\0'; | |
2937 | |
2938 } else { | |
2939 ngx_memcpy(ctx->field_end, p, size); | |
2940 ctx->name.data[ctx->name.len] = '\0'; | |
2941 } | |
2942 | |
2943 p += size - 1; | |
2944 | |
2945 if (ctx->field_rest == 0) { | |
2946 state = sw_value_length; | |
2947 } | |
2948 | |
2949 break; | |
2950 | |
2951 case sw_value_length: | |
2952 ctx->field_huffman = ch & 0x80 ? 1 : 0; | |
2953 ctx->field_length = ch & ~0x80; | |
2954 | |
2955 if (ctx->field_length == 0x7f) { | |
2956 state = sw_value_length_2; | |
2957 break; | |
2958 } | |
2959 | |
2960 if (ctx->field_length == 0) { | |
2961 ngx_str_set(&ctx->value, ""); | |
2962 goto done; | |
2963 } | |
2964 | |
2965 state = sw_value; | |
2966 break; | |
2967 | |
2968 case sw_value_length_2: | |
2969 ctx->field_length += ch & ~0x80; | |
2970 | |
2971 if (ch & 0x80) { | |
2972 state = sw_value_length_3; | |
2973 break; | |
2974 } | |
2975 | |
2976 state = sw_value; | |
2977 break; | |
2978 | |
2979 case sw_value_length_3: | |
2980 ctx->field_length += (ch & ~0x80) << 7; | |
2981 | |
2982 if (ch & 0x80) { | |
2983 state = sw_value_length_4; | |
2984 break; | |
2985 } | |
2986 | |
2987 state = sw_value; | |
2988 break; | |
2989 | |
2990 case sw_value_length_4: | |
2991 ctx->field_length += (ch & ~0x80) << 14; | |
2992 | |
2993 if (ch & 0x80) { | |
2994 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2995 "upstream sent too large http2 " | |
2996 "header value length"); | |
2997 return NGX_ERROR; | |
2998 } | |
2999 | |
3000 state = sw_value; | |
3001 break; | |
3002 | |
3003 case sw_value: | |
3004 ctx->value.len = ctx->field_huffman ? | |
3005 ctx->field_length * 8 / 5 : ctx->field_length; | |
3006 | |
3007 ctx->value.data = ngx_pnalloc(r->pool, ctx->value.len + 1); | |
3008 if (ctx->value.data == NULL) { | |
3009 return NGX_ERROR; | |
3010 } | |
3011 | |
3012 ctx->field_end = ctx->value.data; | |
3013 ctx->field_rest = ctx->field_length; | |
3014 ctx->field_state = 0; | |
3015 | |
3016 state = sw_value_bytes; | |
3017 | |
3018 /* fall through */ | |
3019 | |
3020 case sw_value_bytes: | |
3021 | |
3022 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3023 "grpc value: len:%uz h:%d last:%uz, rest:%uz", | |
3024 ctx->field_length, | |
3025 ctx->field_huffman, | |
3026 last - p, | |
3027 ctx->rest - (p - b->pos)); | |
3028 | |
3029 size = ngx_min(last - p, (ssize_t) ctx->field_rest); | |
3030 ctx->field_rest -= size; | |
3031 | |
3032 if (ctx->field_huffman) { | |
3033 if (ngx_http_v2_huff_decode(&ctx->field_state, p, size, | |
3034 &ctx->field_end, | |
3035 ctx->field_rest == 0, | |
3036 r->connection->log) | |
3037 != NGX_OK) | |
3038 { | |
3039 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3040 "upstream sent invalid encoded header"); | |
3041 return NGX_ERROR; | |
3042 } | |
3043 | |
3044 ctx->value.len = ctx->field_end - ctx->value.data; | |
3045 ctx->value.data[ctx->value.len] = '\0'; | |
3046 | |
3047 } else { | |
3048 ngx_memcpy(ctx->field_end, p, size); | |
3049 ctx->value.data[ctx->value.len] = '\0'; | |
3050 } | |
3051 | |
3052 p += size - 1; | |
3053 | |
3054 if (ctx->field_rest == 0) { | |
3055 goto done; | |
3056 } | |
3057 | |
3058 break; | |
3059 } | |
3060 | |
3061 continue; | |
3062 | |
3063 done: | |
3064 | |
3065 p++; | |
3066 ctx->rest -= p - b->pos; | |
3067 ctx->fragment_state = sw_start; | |
3068 b->pos = p; | |
3069 | |
3070 if (ctx->index) { | |
3071 ctx->name = *ngx_http_v2_get_static_name(ctx->index); | |
3072 } | |
3073 | |
3074 if (ctx->index && !ctx->literal) { | |
3075 ctx->value = *ngx_http_v2_get_static_value(ctx->index); | |
3076 } | |
3077 | |
3078 if (!ctx->index) { | |
3079 if (ngx_http_grpc_validate_header_name(r, &ctx->name) != NGX_OK) { | |
3080 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3081 "upstream sent invalid header: \"%V: %V\"", | |
3082 &ctx->name, &ctx->value); | |
3083 return NGX_ERROR; | |
3084 } | |
3085 } | |
3086 | |
3087 if (!ctx->index || ctx->literal) { | |
3088 if (ngx_http_grpc_validate_header_value(r, &ctx->value) != NGX_OK) { | |
3089 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3090 "upstream sent invalid header: \"%V: %V\"", | |
3091 &ctx->name, &ctx->value); | |
3092 return NGX_ERROR; | |
3093 } | |
3094 } | |
3095 | |
3096 return NGX_OK; | |
3097 } | |
3098 | |
3099 ctx->rest -= p - b->pos; | |
3100 ctx->fragment_state = state; | |
3101 b->pos = p; | |
3102 | |
3103 if (ctx->rest > ctx->padding) { | |
3104 return NGX_AGAIN; | |
3105 } | |
3106 | |
3107 return NGX_DONE; | |
3108 } | |
3109 | |
3110 | |
3111 static ngx_int_t | |
3112 ngx_http_grpc_validate_header_name(ngx_http_request_t *r, ngx_str_t *s) | |
3113 { | |
3114 u_char ch; | |
3115 ngx_uint_t i; | |
3116 | |
3117 for (i = 0; i < s->len; i++) { | |
3118 ch = s->data[i]; | |
3119 | |
3120 if (ch == ':' && i > 0) { | |
3121 return NGX_ERROR; | |
3122 } | |
3123 | |
3124 if (ch >= 'A' && ch <= 'Z') { | |
3125 return NGX_ERROR; | |
3126 } | |
3127 | |
3128 if (ch == '\0' || ch == CR || ch == LF) { | |
3129 return NGX_ERROR; | |
3130 } | |
3131 } | |
3132 | |
3133 return NGX_OK; | |
3134 } | |
3135 | |
3136 | |
3137 static ngx_int_t | |
3138 ngx_http_grpc_validate_header_value(ngx_http_request_t *r, ngx_str_t *s) | |
3139 { | |
3140 u_char ch; | |
3141 ngx_uint_t i; | |
3142 | |
3143 for (i = 0; i < s->len; i++) { | |
3144 ch = s->data[i]; | |
3145 | |
3146 if (ch == '\0' || ch == CR || ch == LF) { | |
3147 return NGX_ERROR; | |
3148 } | |
3149 } | |
3150 | |
3151 return NGX_OK; | |
3152 } | |
3153 | |
3154 | |
3155 static ngx_int_t | |
3156 ngx_http_grpc_parse_rst_stream(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx, | |
3157 ngx_buf_t *b) | |
3158 { | |
3159 u_char ch, *p, *last; | |
3160 enum { | |
3161 sw_start = 0, | |
3162 sw_error_2, | |
3163 sw_error_3, | |
3164 sw_error_4 | |
3165 } state; | |
3166 | |
3167 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
3168 last = b->last; | |
3169 | |
3170 } else { | |
3171 last = b->pos + ctx->rest; | |
3172 } | |
3173 | |
3174 state = ctx->frame_state; | |
3175 | |
3176 if (state == sw_start) { | |
3177 if (ctx->rest != 4) { | |
3178 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3179 "upstream sent rst stream frame " | |
3180 "with invalid length: %uz", | |
3181 ctx->rest); | |
3182 return NGX_ERROR; | |
3183 } | |
3184 } | |
3185 | |
3186 for (p = b->pos; p < last; p++) { | |
3187 ch = *p; | |
3188 | |
3189 #if 0 | |
3190 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3191 "grpc rst byte: %02Xd s:%d", ch, state); | |
3192 #endif | |
3193 | |
3194 switch (state) { | |
3195 | |
3196 case sw_start: | |
3197 ctx->error = ch << 24; | |
3198 state = sw_error_2; | |
3199 break; | |
3200 | |
3201 case sw_error_2: | |
3202 ctx->error |= ch << 16; | |
3203 state = sw_error_3; | |
3204 break; | |
3205 | |
3206 case sw_error_3: | |
3207 ctx->error |= ch << 8; | |
3208 state = sw_error_4; | |
3209 break; | |
3210 | |
3211 case sw_error_4: | |
3212 ctx->error |= ch; | |
3213 state = sw_start; | |
3214 | |
3215 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3216 "grpc error: %ui", ctx->error); | |
3217 | |
3218 break; | |
3219 } | |
3220 } | |
3221 | |
3222 ctx->rest -= p - b->pos; | |
3223 ctx->frame_state = state; | |
3224 b->pos = p; | |
3225 | |
3226 if (ctx->rest > 0) { | |
3227 return NGX_AGAIN; | |
3228 } | |
3229 | |
3230 return NGX_OK; | |
3231 } | |
3232 | |
3233 | |
3234 static ngx_int_t | |
3235 ngx_http_grpc_parse_goaway(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx, | |
3236 ngx_buf_t *b) | |
3237 { | |
3238 u_char ch, *p, *last; | |
3239 enum { | |
3240 sw_start = 0, | |
3241 sw_last_stream_id_2, | |
3242 sw_last_stream_id_3, | |
3243 sw_last_stream_id_4, | |
3244 sw_error, | |
3245 sw_error_2, | |
3246 sw_error_3, | |
3247 sw_error_4, | |
3248 sw_debug | |
3249 } state; | |
3250 | |
3251 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
3252 last = b->last; | |
3253 | |
3254 } else { | |
3255 last = b->pos + ctx->rest; | |
3256 } | |
3257 | |
3258 state = ctx->frame_state; | |
3259 | |
3260 if (state == sw_start) { | |
3261 | |
3262 if (ctx->stream_id) { | |
3263 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3264 "upstream sent goaway frame " | |
3265 "with non-zero stream id: %ui", | |
3266 ctx->stream_id); | |
3267 return NGX_ERROR; | |
3268 } | |
3269 | |
3270 if (ctx->rest < 8) { | |
3271 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3272 "upstream sent goaway frame " | |
3273 "with invalid length: %uz", | |
3274 ctx->rest); | |
3275 return NGX_ERROR; | |
3276 } | |
3277 } | |
3278 | |
3279 for (p = b->pos; p < last; p++) { | |
3280 ch = *p; | |
3281 | |
3282 #if 0 | |
3283 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3284 "grpc goaway byte: %02Xd s:%d", ch, state); | |
3285 #endif | |
3286 | |
3287 switch (state) { | |
3288 | |
3289 case sw_start: | |
3290 ctx->stream_id = (ch & 0x7f) << 24; | |
3291 state = sw_last_stream_id_2; | |
3292 break; | |
3293 | |
3294 case sw_last_stream_id_2: | |
3295 ctx->stream_id |= ch << 16; | |
3296 state = sw_last_stream_id_3; | |
3297 break; | |
3298 | |
3299 case sw_last_stream_id_3: | |
3300 ctx->stream_id |= ch << 8; | |
3301 state = sw_last_stream_id_4; | |
3302 break; | |
3303 | |
3304 case sw_last_stream_id_4: | |
3305 ctx->stream_id |= ch; | |
3306 state = sw_error; | |
3307 break; | |
3308 | |
3309 case sw_error: | |
3310 ctx->error = ch << 24; | |
3311 state = sw_error_2; | |
3312 break; | |
3313 | |
3314 case sw_error_2: | |
3315 ctx->error |= ch << 16; | |
3316 state = sw_error_3; | |
3317 break; | |
3318 | |
3319 case sw_error_3: | |
3320 ctx->error |= ch << 8; | |
3321 state = sw_error_4; | |
3322 break; | |
3323 | |
3324 case sw_error_4: | |
3325 ctx->error |= ch; | |
3326 state = sw_debug; | |
3327 break; | |
3328 | |
3329 case sw_debug: | |
3330 break; | |
3331 } | |
3332 } | |
3333 | |
3334 ctx->rest -= p - b->pos; | |
3335 ctx->frame_state = state; | |
3336 b->pos = p; | |
3337 | |
3338 if (ctx->rest > 0) { | |
3339 return NGX_AGAIN; | |
3340 } | |
3341 | |
3342 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3343 "grpc goaway: %ui, stream %ui", | |
3344 ctx->error, ctx->stream_id); | |
3345 | |
3346 ctx->state = ngx_http_grpc_st_start; | |
3347 | |
3348 return NGX_OK; | |
3349 } | |
3350 | |
3351 | |
3352 static ngx_int_t | |
3353 ngx_http_grpc_parse_window_update(ngx_http_request_t *r, | |
3354 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b) | |
3355 { | |
3356 u_char ch, *p, *last; | |
3357 enum { | |
3358 sw_start = 0, | |
3359 sw_size_2, | |
3360 sw_size_3, | |
3361 sw_size_4 | |
3362 } state; | |
3363 | |
3364 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
3365 last = b->last; | |
3366 | |
3367 } else { | |
3368 last = b->pos + ctx->rest; | |
3369 } | |
3370 | |
3371 state = ctx->frame_state; | |
3372 | |
3373 if (state == sw_start) { | |
3374 if (ctx->rest != 4) { | |
3375 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3376 "upstream sent window update frame " | |
3377 "with invalid length: %uz", | |
3378 ctx->rest); | |
3379 return NGX_ERROR; | |
3380 } | |
3381 } | |
3382 | |
3383 for (p = b->pos; p < last; p++) { | |
3384 ch = *p; | |
3385 | |
3386 #if 0 | |
3387 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3388 "grpc window update byte: %02Xd s:%d", ch, state); | |
3389 #endif | |
3390 | |
3391 switch (state) { | |
3392 | |
3393 case sw_start: | |
3394 ctx->window_update = (ch & 0x7f) << 24; | |
3395 state = sw_size_2; | |
3396 break; | |
3397 | |
3398 case sw_size_2: | |
3399 ctx->window_update |= ch << 16; | |
3400 state = sw_size_3; | |
3401 break; | |
3402 | |
3403 case sw_size_3: | |
3404 ctx->window_update |= ch << 8; | |
3405 state = sw_size_4; | |
3406 break; | |
3407 | |
3408 case sw_size_4: | |
3409 ctx->window_update |= ch; | |
3410 state = sw_start; | |
3411 break; | |
3412 } | |
3413 } | |
3414 | |
3415 ctx->rest -= p - b->pos; | |
3416 ctx->frame_state = state; | |
3417 b->pos = p; | |
3418 | |
3419 if (ctx->rest > 0) { | |
3420 return NGX_AGAIN; | |
3421 } | |
3422 | |
3423 ctx->state = ngx_http_grpc_st_start; | |
3424 | |
3425 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3426 "grpc window update: %ui", ctx->window_update); | |
3427 | |
3428 if (ctx->stream_id) { | |
3429 | |
3430 if (ctx->window_update > (size_t) NGX_HTTP_V2_MAX_WINDOW | |
3431 - ctx->send_window) | |
3432 { | |
3433 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3434 "upstream sent too large window update"); | |
3435 return NGX_ERROR; | |
3436 } | |
3437 | |
3438 ctx->send_window += ctx->window_update; | |
3439 | |
3440 } else { | |
3441 | |
3442 if (ctx->window_update > NGX_HTTP_V2_MAX_WINDOW | |
3443 - ctx->connection->send_window) | |
3444 { | |
3445 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3446 "upstream sent too large window update"); | |
3447 return NGX_ERROR; | |
3448 } | |
3449 | |
3450 ctx->connection->send_window += ctx->window_update; | |
3451 } | |
3452 | |
3453 return NGX_OK; | |
3454 } | |
3455 | |
3456 | |
3457 static ngx_int_t | |
3458 ngx_http_grpc_parse_settings(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx, | |
3459 ngx_buf_t *b) | |
3460 { | |
3461 u_char ch, *p, *last; | |
3462 ssize_t window_update; | |
3463 enum { | |
3464 sw_start = 0, | |
3465 sw_id, | |
3466 sw_id_2, | |
3467 sw_value, | |
3468 sw_value_2, | |
3469 sw_value_3, | |
3470 sw_value_4 | |
3471 } state; | |
3472 | |
3473 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
3474 last = b->last; | |
3475 | |
3476 } else { | |
3477 last = b->pos + ctx->rest; | |
3478 } | |
3479 | |
3480 state = ctx->frame_state; | |
3481 | |
3482 if (state == sw_start) { | |
3483 | |
3484 if (ctx->stream_id) { | |
3485 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3486 "upstream sent settings frame " | |
3487 "with non-zero stream id: %ui", | |
3488 ctx->stream_id); | |
3489 return NGX_ERROR; | |
3490 } | |
3491 | |
3492 if (ctx->flags & NGX_HTTP_V2_ACK_FLAG) { | |
3493 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3494 "grpc settings ack"); | |
3495 | |
3496 if (ctx->rest != 0) { | |
3497 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3498 "upstream sent settings frame " | |
3499 "with ack flag and non-zero length: %uz", | |
3500 ctx->rest); | |
3501 return NGX_ERROR; | |
3502 } | |
3503 | |
3504 ctx->state = ngx_http_grpc_st_start; | |
3505 | |
3506 return NGX_OK; | |
3507 } | |
3508 | |
3509 if (ctx->rest % 6 != 0) { | |
3510 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3511 "upstream sent settings frame " | |
3512 "with invalid length: %uz", | |
3513 ctx->rest); | |
3514 return NGX_ERROR; | |
3515 } | |
3516 } | |
3517 | |
3518 for (p = b->pos; p < last; p++) { | |
3519 ch = *p; | |
3520 | |
3521 #if 0 | |
3522 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3523 "grpc settings byte: %02Xd s:%d", ch, state); | |
3524 #endif | |
3525 | |
3526 switch (state) { | |
3527 | |
3528 case sw_start: | |
3529 case sw_id: | |
3530 ctx->setting_id = ch << 8; | |
3531 state = sw_id_2; | |
3532 break; | |
3533 | |
3534 case sw_id_2: | |
3535 ctx->setting_id |= ch; | |
3536 state = sw_value; | |
3537 break; | |
3538 | |
3539 case sw_value: | |
3540 ctx->setting_value = ch << 24; | |
3541 state = sw_value_2; | |
3542 break; | |
3543 | |
3544 case sw_value_2: | |
3545 ctx->setting_value |= ch << 16; | |
3546 state = sw_value_3; | |
3547 break; | |
3548 | |
3549 case sw_value_3: | |
3550 ctx->setting_value |= ch << 8; | |
3551 state = sw_value_4; | |
3552 break; | |
3553 | |
3554 case sw_value_4: | |
3555 ctx->setting_value |= ch; | |
3556 state = sw_id; | |
3557 | |
3558 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3559 "grpc setting: %ui %ui", | |
3560 ctx->setting_id, ctx->setting_value); | |
3561 | |
3562 /* | |
3563 * The following settings are defined by the protocol: | |
3564 * | |
3565 * SETTINGS_HEADER_TABLE_SIZE, SETTINGS_ENABLE_PUSH, | |
3566 * SETTINGS_MAX_CONCURRENT_STREAMS, SETTINGS_INITIAL_WINDOW_SIZE, | |
3567 * SETTINGS_MAX_FRAME_SIZE, SETTINGS_MAX_HEADER_LIST_SIZE | |
3568 * | |
3569 * Only SETTINGS_INITIAL_WINDOW_SIZE seems to be needed in | |
3570 * a simple client. | |
3571 */ | |
3572 | |
3573 if (ctx->setting_id == 0x04) { | |
3574 /* SETTINGS_INITIAL_WINDOW_SIZE */ | |
3575 | |
3576 if (ctx->setting_value > NGX_HTTP_V2_MAX_WINDOW) { | |
3577 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3578 "upstream sent settings frame " | |
3579 "with too large initial window size: %ui", | |
3580 ctx->setting_value); | |
3581 return NGX_ERROR; | |
3582 } | |
3583 | |
3584 window_update = ctx->setting_value | |
3585 - ctx->connection->init_window; | |
3586 ctx->connection->init_window = ctx->setting_value; | |
3587 | |
3588 if (ctx->send_window > 0 | |
3589 && window_update > (ssize_t) NGX_HTTP_V2_MAX_WINDOW | |
3590 - ctx->send_window) | |
3591 { | |
3592 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3593 "upstream sent settings frame " | |
3594 "with too large initial window size: %ui", | |
3595 ctx->setting_value); | |
3596 return NGX_ERROR; | |
3597 } | |
3598 | |
3599 ctx->send_window += window_update; | |
3600 } | |
3601 | |
3602 break; | |
3603 } | |
3604 } | |
3605 | |
3606 ctx->rest -= p - b->pos; | |
3607 ctx->frame_state = state; | |
3608 b->pos = p; | |
3609 | |
3610 if (ctx->rest > 0) { | |
3611 return NGX_AGAIN; | |
3612 } | |
3613 | |
3614 ctx->state = ngx_http_grpc_st_start; | |
3615 | |
3616 return ngx_http_grpc_send_settings_ack(r, ctx); | |
3617 } | |
3618 | |
3619 | |
3620 static ngx_int_t | |
3621 ngx_http_grpc_parse_ping(ngx_http_request_t *r, | |
3622 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b) | |
3623 { | |
3624 u_char ch, *p, *last; | |
3625 enum { | |
3626 sw_start = 0, | |
3627 sw_data_2, | |
3628 sw_data_3, | |
3629 sw_data_4, | |
3630 sw_data_5, | |
3631 sw_data_6, | |
3632 sw_data_7, | |
3633 sw_data_8 | |
3634 } state; | |
3635 | |
3636 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
3637 last = b->last; | |
3638 | |
3639 } else { | |
3640 last = b->pos + ctx->rest; | |
3641 } | |
3642 | |
3643 state = ctx->frame_state; | |
3644 | |
3645 if (state == sw_start) { | |
3646 | |
3647 if (ctx->stream_id) { | |
3648 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3649 "upstream sent ping frame " | |
3650 "with non-zero stream id: %ui", | |
3651 ctx->stream_id); | |
3652 return NGX_ERROR; | |
3653 } | |
3654 | |
3655 if (ctx->rest != 8) { | |
3656 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3657 "upstream sent ping frame " | |
3658 "with invalid length: %uz", | |
3659 ctx->rest); | |
3660 return NGX_ERROR; | |
3661 } | |
3662 | |
3663 if (ctx->flags & NGX_HTTP_V2_ACK_FLAG) { | |
3664 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3665 "upstream sent ping frame with ack flag"); | |
3666 return NGX_ERROR; | |
3667 } | |
3668 } | |
3669 | |
3670 for (p = b->pos; p < last; p++) { | |
3671 ch = *p; | |
3672 | |
3673 #if 0 | |
3674 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3675 "grpc ping byte: %02Xd s:%d", ch, state); | |
3676 #endif | |
3677 | |
3678 if (state < sw_data_8) { | |
3679 ctx->ping_data[state] = ch; | |
3680 state++; | |
3681 | |
3682 } else { | |
3683 ctx->ping_data[7] = ch; | |
3684 state = sw_start; | |
3685 | |
3686 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3687 "grpc ping"); | |
3688 } | |
3689 } | |
3690 | |
3691 ctx->rest -= p - b->pos; | |
3692 ctx->frame_state = state; | |
3693 b->pos = p; | |
3694 | |
3695 if (ctx->rest > 0) { | |
3696 return NGX_AGAIN; | |
3697 } | |
3698 | |
3699 ctx->state = ngx_http_grpc_st_start; | |
3700 | |
3701 return ngx_http_grpc_send_ping_ack(r, ctx); | |
3702 } | |
3703 | |
3704 | |
3705 static ngx_int_t | |
3706 ngx_http_grpc_send_settings_ack(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx) | |
3707 { | |
3708 ngx_chain_t *cl, **ll; | |
3709 ngx_http_grpc_frame_t *f; | |
3710 | |
3711 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3712 "grpc send settings ack"); | |
3713 | |
3714 for (cl = ctx->out, ll = &ctx->out; cl; cl = cl->next) { | |
3715 ll = &cl->next; | |
3716 } | |
3717 | |
3718 cl = ngx_http_grpc_get_buf(r, ctx); | |
3719 if (cl == NULL) { | |
3720 return NGX_ERROR; | |
3721 } | |
3722 | |
3723 f = (ngx_http_grpc_frame_t *) cl->buf->last; | |
3724 cl->buf->last += sizeof(ngx_http_grpc_frame_t); | |
3725 | |
3726 f->length_0 = 0; | |
3727 f->length_1 = 0; | |
3728 f->length_2 = 0; | |
3729 f->type = NGX_HTTP_V2_SETTINGS_FRAME; | |
3730 f->flags = NGX_HTTP_V2_ACK_FLAG; | |
3731 f->stream_id_0 = 0; | |
3732 f->stream_id_1 = 0; | |
3733 f->stream_id_2 = 0; | |
3734 f->stream_id_3 = 0; | |
3735 | |
3736 *ll = cl; | |
3737 | |
3738 return NGX_OK; | |
3739 } | |
3740 | |
3741 | |
3742 static ngx_int_t | |
3743 ngx_http_grpc_send_ping_ack(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx) | |
3744 { | |
3745 ngx_chain_t *cl, **ll; | |
3746 ngx_http_grpc_frame_t *f; | |
3747 | |
3748 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3749 "grpc send ping ack"); | |
3750 | |
3751 for (cl = ctx->out, ll = &ctx->out; cl; cl = cl->next) { | |
3752 ll = &cl->next; | |
3753 } | |
3754 | |
3755 cl = ngx_http_grpc_get_buf(r, ctx); | |
3756 if (cl == NULL) { | |
3757 return NGX_ERROR; | |
3758 } | |
3759 | |
3760 f = (ngx_http_grpc_frame_t *) cl->buf->last; | |
3761 cl->buf->last += sizeof(ngx_http_grpc_frame_t); | |
3762 | |
3763 f->length_0 = 0; | |
3764 f->length_1 = 0; | |
3765 f->length_2 = 8; | |
3766 f->type = NGX_HTTP_V2_PING_FRAME; | |
3767 f->flags = NGX_HTTP_V2_ACK_FLAG; | |
3768 f->stream_id_0 = 0; | |
3769 f->stream_id_1 = 0; | |
3770 f->stream_id_2 = 0; | |
3771 f->stream_id_3 = 0; | |
3772 | |
3773 cl->buf->last = ngx_copy(cl->buf->last, ctx->ping_data, 8); | |
3774 | |
3775 *ll = cl; | |
3776 | |
3777 return NGX_OK; | |
3778 } | |
3779 | |
3780 | |
3781 static ngx_int_t | |
3782 ngx_http_grpc_send_window_update(ngx_http_request_t *r, | |
3783 ngx_http_grpc_ctx_t *ctx) | |
3784 { | |
3785 size_t n; | |
3786 ngx_chain_t *cl, **ll; | |
3787 ngx_http_grpc_frame_t *f; | |
3788 | |
3789 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3790 "grpc send window update: %uz %uz", | |
3791 ctx->connection->recv_window, ctx->recv_window); | |
3792 | |
3793 for (cl = ctx->out, ll = &ctx->out; cl; cl = cl->next) { | |
3794 ll = &cl->next; | |
3795 } | |
3796 | |
3797 cl = ngx_http_grpc_get_buf(r, ctx); | |
3798 if (cl == NULL) { | |
3799 return NGX_ERROR; | |
3800 } | |
3801 | |
3802 f = (ngx_http_grpc_frame_t *) cl->buf->last; | |
3803 cl->buf->last += sizeof(ngx_http_grpc_frame_t); | |
3804 | |
3805 f->length_0 = 0; | |
3806 f->length_1 = 0; | |
3807 f->length_2 = 4; | |
3808 f->type = NGX_HTTP_V2_WINDOW_UPDATE_FRAME; | |
3809 f->flags = 0; | |
3810 f->stream_id_0 = 0; | |
3811 f->stream_id_1 = 0; | |
3812 f->stream_id_2 = 0; | |
3813 f->stream_id_3 = 0; | |
3814 | |
3815 n = NGX_HTTP_V2_MAX_WINDOW - ctx->connection->recv_window; | |
3816 ctx->connection->recv_window = NGX_HTTP_V2_MAX_WINDOW; | |
3817 | |
3818 *cl->buf->last++ = (u_char) ((n >> 24) & 0xff); | |
3819 *cl->buf->last++ = (u_char) ((n >> 16) & 0xff); | |
3820 *cl->buf->last++ = (u_char) ((n >> 8) & 0xff); | |
3821 *cl->buf->last++ = (u_char) (n & 0xff); | |
3822 | |
3823 f = (ngx_http_grpc_frame_t *) cl->buf->last; | |
3824 cl->buf->last += sizeof(ngx_http_grpc_frame_t); | |
3825 | |
3826 f->length_0 = 0; | |
3827 f->length_1 = 0; | |
3828 f->length_2 = 4; | |
3829 f->type = NGX_HTTP_V2_WINDOW_UPDATE_FRAME; | |
3830 f->flags = 0; | |
3831 f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff); | |
3832 f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff); | |
3833 f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff); | |
3834 f->stream_id_3 = (u_char) (ctx->id & 0xff); | |
3835 | |
3836 n = NGX_HTTP_V2_MAX_WINDOW - ctx->recv_window; | |
3837 ctx->recv_window = NGX_HTTP_V2_MAX_WINDOW; | |
3838 | |
3839 *cl->buf->last++ = (u_char) ((n >> 24) & 0xff); | |
3840 *cl->buf->last++ = (u_char) ((n >> 16) & 0xff); | |
3841 *cl->buf->last++ = (u_char) ((n >> 8) & 0xff); | |
3842 *cl->buf->last++ = (u_char) (n & 0xff); | |
3843 | |
3844 *ll = cl; | |
3845 | |
3846 return NGX_OK; | |
3847 } | |
3848 | |
3849 | |
3850 static ngx_chain_t * | |
3851 ngx_http_grpc_get_buf(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx) | |
3852 { | |
3853 ngx_buf_t *b; | |
3854 ngx_chain_t *cl; | |
3855 | |
3856 cl = ngx_chain_get_free_buf(r->pool, &ctx->free); | |
3857 if (cl == NULL) { | |
3858 return NULL; | |
3859 } | |
3860 | |
3861 b = cl->buf; | |
3862 | |
3863 b->tag = (ngx_buf_tag_t) &ngx_http_grpc_body_output_filter; | |
3864 b->temporary = 1; | |
3865 b->flush = 1; | |
3866 | |
3867 if (b->start == NULL) { | |
3868 | |
3869 /* | |
3870 * each buffer is large enough to hold two window update | |
3871 * frames in a row | |
3872 */ | |
3873 | |
3874 b->start = ngx_palloc(r->pool, 2 * sizeof(ngx_http_grpc_frame_t) + 8); | |
3875 if (b->start == NULL) { | |
3876 return NULL; | |
3877 } | |
3878 | |
3879 b->pos = b->start; | |
3880 b->last = b->start; | |
3881 | |
3882 b->end = b->start + 2 * sizeof(ngx_http_grpc_frame_t) + 8; | |
3883 } | |
3884 | |
3885 return cl; | |
3886 } | |
3887 | |
3888 | |
3889 static ngx_http_grpc_ctx_t * | |
3890 ngx_http_grpc_get_ctx(ngx_http_request_t *r) | |
3891 { | |
3892 ngx_http_grpc_ctx_t *ctx; | |
3893 ngx_http_upstream_t *u; | |
3894 | |
3895 ctx = ngx_http_get_module_ctx(r, ngx_http_grpc_module); | |
3896 | |
3897 if (ctx->connection == NULL) { | |
3898 u = r->upstream; | |
3899 | |
3900 if (ngx_http_grpc_get_connection_data(r, ctx, &u->peer) != NGX_OK) { | |
3901 return NULL; | |
3902 } | |
3903 } | |
3904 | |
3905 return ctx; | |
3906 } | |
3907 | |
3908 | |
3909 static ngx_int_t | |
3910 ngx_http_grpc_get_connection_data(ngx_http_request_t *r, | |
3911 ngx_http_grpc_ctx_t *ctx, ngx_peer_connection_t *pc) | |
3912 { | |
3913 ngx_connection_t *c; | |
3914 ngx_pool_cleanup_t *cln; | |
3915 | |
3916 c = pc->connection; | |
3917 | |
3918 if (pc->cached) { | |
3919 | |
3920 /* | |
3921 * for cached connections, connection data can be found | |
3922 * in the cleanup handler | |
3923 */ | |
3924 | |
3925 for (cln = c->pool->cleanup; cln; cln = cln->next) { | |
3926 if (cln->handler == ngx_http_grpc_cleanup) { | |
3927 ctx->connection = cln->data; | |
3928 break; | |
3929 } | |
3930 } | |
3931 | |
3932 if (ctx->connection == NULL) { | |
3933 ngx_log_error(NGX_LOG_ERR, c->log, 0, | |
3934 "no connection data found for " | |
3935 "keepalive http2 connection"); | |
3936 return NGX_ERROR; | |
3937 } | |
3938 | |
3939 ctx->send_window = ctx->connection->init_window; | |
3940 ctx->recv_window = NGX_HTTP_V2_MAX_WINDOW; | |
3941 | |
3942 ctx->connection->last_stream_id += 2; | |
3943 ctx->id = ctx->connection->last_stream_id; | |
3944 | |
3945 return NGX_OK; | |
3946 } | |
3947 | |
3948 cln = ngx_pool_cleanup_add(c->pool, sizeof(ngx_http_grpc_conn_t)); | |
3949 if (cln == NULL) { | |
3950 return NGX_ERROR; | |
3951 } | |
3952 | |
3953 cln->handler = ngx_http_grpc_cleanup; | |
3954 ctx->connection = cln->data; | |
3955 | |
3956 ctx->connection->init_window = NGX_HTTP_V2_DEFAULT_WINDOW; | |
3957 ctx->connection->send_window = NGX_HTTP_V2_DEFAULT_WINDOW; | |
3958 ctx->connection->recv_window = NGX_HTTP_V2_MAX_WINDOW; | |
3959 | |
3960 ctx->send_window = NGX_HTTP_V2_DEFAULT_WINDOW; | |
3961 ctx->recv_window = NGX_HTTP_V2_MAX_WINDOW; | |
3962 | |
3963 ctx->id = 1; | |
3964 ctx->connection->last_stream_id = 1; | |
3965 | |
3966 return NGX_OK; | |
3967 } | |
3968 | |
3969 | |
3970 static void | |
3971 ngx_http_grpc_cleanup(void *data) | |
3972 { | |
3973 #if 0 | |
3974 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, | |
3975 "grpc cleanup"); | |
3976 #endif | |
3977 return; | |
3978 } | |
3979 | |
3980 | |
3981 static void | |
3982 ngx_http_grpc_abort_request(ngx_http_request_t *r) | |
3983 { | |
3984 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3985 "abort grpc request"); | |
3986 return; | |
3987 } | |
3988 | |
3989 | |
3990 static void | |
3991 ngx_http_grpc_finalize_request(ngx_http_request_t *r, ngx_int_t rc) | |
3992 { | |
3993 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3994 "finalize grpc request"); | |
3995 return; | |
3996 } | |
3997 | |
3998 | |
3999 static void * | |
4000 ngx_http_grpc_create_loc_conf(ngx_conf_t *cf) | |
4001 { | |
4002 ngx_http_grpc_loc_conf_t *conf; | |
4003 | |
4004 conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_grpc_loc_conf_t)); | |
4005 if (conf == NULL) { | |
4006 return NULL; | |
4007 } | |
4008 | |
4009 /* | |
4010 * set by ngx_pcalloc(): | |
4011 * | |
4012 * conf->upstream.ignore_headers = 0; | |
4013 * conf->upstream.next_upstream = 0; | |
4014 * conf->upstream.hide_headers_hash = { NULL, 0 }; | |
4015 * conf->upstream.ssl_name = NULL; | |
4016 * | |
4017 * conf->headers_source = NULL; | |
4018 * conf->headers.lengths = NULL; | |
4019 * conf->headers.values = NULL; | |
4020 * conf->headers.hash = { NULL, 0 }; | |
4021 * conf->host = { 0, NULL }; | |
4022 * conf->host_set = 0; | |
4023 * conf->ssl = 0; | |
4024 * conf->ssl_protocols = 0; | |
4025 * conf->ssl_ciphers = { 0, NULL }; | |
4026 * conf->ssl_trusted_certificate = { 0, NULL }; | |
4027 * conf->ssl_crl = { 0, NULL }; | |
4028 * conf->ssl_certificate = { 0, NULL }; | |
4029 * conf->ssl_certificate_key = { 0, NULL }; | |
4030 */ | |
4031 | |
4032 conf->upstream.local = NGX_CONF_UNSET_PTR; | |
4033 conf->upstream.next_upstream_tries = NGX_CONF_UNSET_UINT; | |
4034 conf->upstream.connect_timeout = NGX_CONF_UNSET_MSEC; | |
4035 conf->upstream.send_timeout = NGX_CONF_UNSET_MSEC; | |
4036 conf->upstream.read_timeout = NGX_CONF_UNSET_MSEC; | |
4037 conf->upstream.next_upstream_timeout = NGX_CONF_UNSET_MSEC; | |
4038 | |
4039 conf->upstream.buffer_size = NGX_CONF_UNSET_SIZE; | |
4040 | |
4041 conf->upstream.hide_headers = NGX_CONF_UNSET_PTR; | |
4042 conf->upstream.pass_headers = NGX_CONF_UNSET_PTR; | |
4043 | |
4044 conf->upstream.intercept_errors = NGX_CONF_UNSET; | |
4045 | |
4046 #if (NGX_HTTP_SSL) | |
4047 conf->upstream.ssl_session_reuse = NGX_CONF_UNSET; | |
4048 conf->upstream.ssl_server_name = NGX_CONF_UNSET; | |
4049 conf->upstream.ssl_verify = NGX_CONF_UNSET; | |
4050 conf->ssl_verify_depth = NGX_CONF_UNSET_UINT; | |
4051 conf->ssl_passwords = NGX_CONF_UNSET_PTR; | |
4052 #endif | |
4053 | |
4054 /* the hardcoded values */ | |
4055 conf->upstream.cyclic_temp_file = 0; | |
4056 conf->upstream.buffering = 0; | |
4057 conf->upstream.ignore_client_abort = 0; | |
4058 conf->upstream.send_lowat = 0; | |
4059 conf->upstream.bufs.num = 0; | |
4060 conf->upstream.busy_buffers_size = 0; | |
4061 conf->upstream.max_temp_file_size = 0; | |
4062 conf->upstream.temp_file_write_size = 0; | |
4063 conf->upstream.pass_request_headers = 1; | |
4064 conf->upstream.pass_request_body = 1; | |
4065 conf->upstream.force_ranges = 0; | |
4066 conf->upstream.pass_trailers = 1; | |
4067 conf->upstream.preserve_output = 1; | |
4068 | |
4069 ngx_str_set(&conf->upstream.module, "grpc"); | |
4070 | |
4071 return conf; | |
4072 } | |
4073 | |
4074 | |
4075 static char * | |
4076 ngx_http_grpc_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child) | |
4077 { | |
4078 ngx_http_grpc_loc_conf_t *prev = parent; | |
4079 ngx_http_grpc_loc_conf_t *conf = child; | |
4080 | |
4081 ngx_int_t rc; | |
4082 ngx_hash_init_t hash; | |
4083 ngx_http_core_loc_conf_t *clcf; | |
4084 | |
4085 ngx_conf_merge_ptr_value(conf->upstream.local, | |
4086 prev->upstream.local, NULL); | |
4087 | |
4088 ngx_conf_merge_uint_value(conf->upstream.next_upstream_tries, | |
4089 prev->upstream.next_upstream_tries, 0); | |
4090 | |
4091 ngx_conf_merge_msec_value(conf->upstream.connect_timeout, | |
4092 prev->upstream.connect_timeout, 60000); | |
4093 | |
4094 ngx_conf_merge_msec_value(conf->upstream.send_timeout, | |
4095 prev->upstream.send_timeout, 60000); | |
4096 | |
4097 ngx_conf_merge_msec_value(conf->upstream.read_timeout, | |
4098 prev->upstream.read_timeout, 60000); | |
4099 | |
4100 ngx_conf_merge_msec_value(conf->upstream.next_upstream_timeout, | |
4101 prev->upstream.next_upstream_timeout, 0); | |
4102 | |
4103 ngx_conf_merge_size_value(conf->upstream.buffer_size, | |
4104 prev->upstream.buffer_size, | |
4105 (size_t) ngx_pagesize); | |
4106 | |
4107 ngx_conf_merge_bitmask_value(conf->upstream.ignore_headers, | |
4108 prev->upstream.ignore_headers, | |
4109 NGX_CONF_BITMASK_SET); | |
4110 | |
4111 ngx_conf_merge_bitmask_value(conf->upstream.next_upstream, | |
4112 prev->upstream.next_upstream, | |
4113 (NGX_CONF_BITMASK_SET | |
4114 |NGX_HTTP_UPSTREAM_FT_ERROR | |
4115 |NGX_HTTP_UPSTREAM_FT_TIMEOUT)); | |
4116 | |
4117 if (conf->upstream.next_upstream & NGX_HTTP_UPSTREAM_FT_OFF) { | |
4118 conf->upstream.next_upstream = NGX_CONF_BITMASK_SET | |
4119 |NGX_HTTP_UPSTREAM_FT_OFF; | |
4120 } | |
4121 | |
4122 ngx_conf_merge_value(conf->upstream.intercept_errors, | |
4123 prev->upstream.intercept_errors, 0); | |
4124 | |
4125 #if (NGX_HTTP_SSL) | |
4126 | |
4127 ngx_conf_merge_value(conf->upstream.ssl_session_reuse, | |
4128 prev->upstream.ssl_session_reuse, 1); | |
4129 | |
4130 ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols, | |
4131 (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1 | |
4132 |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2)); | |
4133 | |
4134 ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers, | |
4135 "DEFAULT"); | |
4136 | |
4137 if (conf->upstream.ssl_name == NULL) { | |
4138 conf->upstream.ssl_name = prev->upstream.ssl_name; | |
4139 } | |
4140 | |
4141 ngx_conf_merge_value(conf->upstream.ssl_server_name, | |
4142 prev->upstream.ssl_server_name, 0); | |
4143 ngx_conf_merge_value(conf->upstream.ssl_verify, | |
4144 prev->upstream.ssl_verify, 0); | |
4145 ngx_conf_merge_uint_value(conf->ssl_verify_depth, | |
4146 prev->ssl_verify_depth, 1); | |
4147 ngx_conf_merge_str_value(conf->ssl_trusted_certificate, | |
4148 prev->ssl_trusted_certificate, ""); | |
4149 ngx_conf_merge_str_value(conf->ssl_crl, prev->ssl_crl, ""); | |
4150 | |
4151 ngx_conf_merge_str_value(conf->ssl_certificate, | |
4152 prev->ssl_certificate, ""); | |
4153 ngx_conf_merge_str_value(conf->ssl_certificate_key, | |
4154 prev->ssl_certificate_key, ""); | |
4155 ngx_conf_merge_ptr_value(conf->ssl_passwords, prev->ssl_passwords, NULL); | |
4156 | |
4157 if (conf->ssl && ngx_http_grpc_set_ssl(cf, conf) != NGX_OK) { | |
4158 return NGX_CONF_ERROR; | |
4159 } | |
4160 | |
4161 #endif | |
4162 | |
4163 hash.max_size = 512; | |
4164 hash.bucket_size = ngx_align(64, ngx_cacheline_size); | |
4165 hash.name = "grpc_headers_hash"; | |
4166 | |
4167 if (ngx_http_upstream_hide_headers_hash(cf, &conf->upstream, | |
4168 &prev->upstream, ngx_http_grpc_hide_headers, &hash) | |
4169 != NGX_OK) | |
4170 { | |
4171 return NGX_CONF_ERROR; | |
4172 } | |
4173 | |
4174 clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module); | |
4175 | |
4176 if (clcf->noname && conf->upstream.upstream == NULL) { | |
4177 conf->upstream.upstream = prev->upstream.upstream; | |
4178 conf->host = prev->host; | |
4179 #if (NGX_HTTP_SSL) | |
4180 conf->upstream.ssl = prev->upstream.ssl; | |
4181 #endif | |
4182 } | |
4183 | |
4184 if (clcf->lmt_excpt && clcf->handler == NULL && conf->upstream.upstream) { | |
4185 clcf->handler = ngx_http_grpc_handler; | |
4186 } | |
4187 | |
4188 if (conf->headers_source == NULL) { | |
4189 conf->headers = prev->headers; | |
4190 conf->headers_source = prev->headers_source; | |
4191 conf->host_set = prev->host_set; | |
4192 } | |
4193 | |
4194 rc = ngx_http_grpc_init_headers(cf, conf, &conf->headers, | |
4195 ngx_http_grpc_headers); | |
4196 if (rc != NGX_OK) { | |
4197 return NGX_CONF_ERROR; | |
4198 } | |
4199 | |
4200 /* | |
4201 * special handling to preserve conf->headers in the "http" section | |
4202 * to inherit it to all servers | |
4203 */ | |
4204 | |
4205 if (prev->headers.hash.buckets == NULL | |
4206 && conf->headers_source == prev->headers_source) | |
4207 { | |
4208 prev->headers = conf->headers; | |
4209 prev->host_set = conf->host_set; | |
4210 } | |
4211 | |
4212 return NGX_CONF_OK; | |
4213 } | |
4214 | |
4215 | |
4216 static ngx_int_t | |
4217 ngx_http_grpc_init_headers(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *conf, | |
4218 ngx_http_grpc_headers_t *headers, ngx_keyval_t *default_headers) | |
4219 { | |
4220 u_char *p; | |
4221 size_t size; | |
4222 uintptr_t *code; | |
4223 ngx_uint_t i; | |
4224 ngx_array_t headers_names, headers_merged; | |
4225 ngx_keyval_t *src, *s, *h; | |
4226 ngx_hash_key_t *hk; | |
4227 ngx_hash_init_t hash; | |
4228 ngx_http_script_compile_t sc; | |
4229 ngx_http_script_copy_code_t *copy; | |
4230 | |
4231 if (headers->hash.buckets) { | |
4232 return NGX_OK; | |
4233 } | |
4234 | |
4235 if (ngx_array_init(&headers_names, cf->temp_pool, 4, sizeof(ngx_hash_key_t)) | |
4236 != NGX_OK) | |
4237 { | |
4238 return NGX_ERROR; | |
4239 } | |
4240 | |
4241 if (ngx_array_init(&headers_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t)) | |
4242 != NGX_OK) | |
4243 { | |
4244 return NGX_ERROR; | |
4245 } | |
4246 | |
4247 headers->lengths = ngx_array_create(cf->pool, 64, 1); | |
4248 if (headers->lengths == NULL) { | |
4249 return NGX_ERROR; | |
4250 } | |
4251 | |
4252 headers->values = ngx_array_create(cf->pool, 512, 1); | |
4253 if (headers->values == NULL) { | |
4254 return NGX_ERROR; | |
4255 } | |
4256 | |
4257 if (conf->headers_source) { | |
4258 | |
4259 src = conf->headers_source->elts; | |
4260 for (i = 0; i < conf->headers_source->nelts; i++) { | |
4261 | |
4262 if (src[i].key.len == 4 | |
4263 && ngx_strncasecmp(src[i].key.data, (u_char *) "Host", 4) == 0) | |
4264 { | |
4265 conf->host_set = 1; | |
4266 } | |
4267 | |
4268 s = ngx_array_push(&headers_merged); | |
4269 if (s == NULL) { | |
4270 return NGX_ERROR; | |
4271 } | |
4272 | |
4273 *s = src[i]; | |
4274 } | |
4275 } | |
4276 | |
4277 h = default_headers; | |
4278 | |
4279 while (h->key.len) { | |
4280 | |
4281 src = headers_merged.elts; | |
4282 for (i = 0; i < headers_merged.nelts; i++) { | |
4283 if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) { | |
4284 goto next; | |
4285 } | |
4286 } | |
4287 | |
4288 s = ngx_array_push(&headers_merged); | |
4289 if (s == NULL) { | |
4290 return NGX_ERROR; | |
4291 } | |
4292 | |
4293 *s = *h; | |
4294 | |
4295 next: | |
4296 | |
4297 h++; | |
4298 } | |
4299 | |
4300 | |
4301 src = headers_merged.elts; | |
4302 for (i = 0; i < headers_merged.nelts; i++) { | |
4303 | |
4304 hk = ngx_array_push(&headers_names); | |
4305 if (hk == NULL) { | |
4306 return NGX_ERROR; | |
4307 } | |
4308 | |
4309 hk->key = src[i].key; | |
4310 hk->key_hash = ngx_hash_key_lc(src[i].key.data, src[i].key.len); | |
4311 hk->value = (void *) 1; | |
4312 | |
4313 if (src[i].value.len == 0) { | |
4314 continue; | |
4315 } | |
4316 | |
4317 copy = ngx_array_push_n(headers->lengths, | |
4318 sizeof(ngx_http_script_copy_code_t)); | |
4319 if (copy == NULL) { | |
4320 return NGX_ERROR; | |
4321 } | |
4322 | |
4323 copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code; | |
4324 copy->len = src[i].key.len; | |
4325 | |
4326 size = (sizeof(ngx_http_script_copy_code_t) | |
4327 + src[i].key.len + sizeof(uintptr_t) - 1) | |
4328 & ~(sizeof(uintptr_t) - 1); | |
4329 | |
4330 copy = ngx_array_push_n(headers->values, size); | |
4331 if (copy == NULL) { | |
4332 return NGX_ERROR; | |
4333 } | |
4334 | |
4335 copy->code = ngx_http_script_copy_code; | |
4336 copy->len = src[i].key.len; | |
4337 | |
4338 p = (u_char *) copy + sizeof(ngx_http_script_copy_code_t); | |
4339 ngx_memcpy(p, src[i].key.data, src[i].key.len); | |
4340 | |
4341 ngx_memzero(&sc, sizeof(ngx_http_script_compile_t)); | |
4342 | |
4343 sc.cf = cf; | |
4344 sc.source = &src[i].value; | |
4345 sc.flushes = &headers->flushes; | |
4346 sc.lengths = &headers->lengths; | |
4347 sc.values = &headers->values; | |
4348 | |
4349 if (ngx_http_script_compile(&sc) != NGX_OK) { | |
4350 return NGX_ERROR; | |
4351 } | |
4352 | |
4353 code = ngx_array_push_n(headers->lengths, sizeof(uintptr_t)); | |
4354 if (code == NULL) { | |
4355 return NGX_ERROR; | |
4356 } | |
4357 | |
4358 *code = (uintptr_t) NULL; | |
4359 | |
4360 code = ngx_array_push_n(headers->values, sizeof(uintptr_t)); | |
4361 if (code == NULL) { | |
4362 return NGX_ERROR; | |
4363 } | |
4364 | |
4365 *code = (uintptr_t) NULL; | |
4366 } | |
4367 | |
4368 code = ngx_array_push_n(headers->lengths, sizeof(uintptr_t)); | |
4369 if (code == NULL) { | |
4370 return NGX_ERROR; | |
4371 } | |
4372 | |
4373 *code = (uintptr_t) NULL; | |
4374 | |
4375 | |
4376 hash.hash = &headers->hash; | |
4377 hash.key = ngx_hash_key_lc; | |
4378 hash.max_size = 512; | |
4379 hash.bucket_size = 64; | |
4380 hash.name = "grpc_headers_hash"; | |
4381 hash.pool = cf->pool; | |
4382 hash.temp_pool = NULL; | |
4383 | |
4384 return ngx_hash_init(&hash, headers_names.elts, headers_names.nelts); | |
4385 } | |
4386 | |
4387 | |
4388 static char * | |
4389 ngx_http_grpc_pass(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
4390 { | |
4391 ngx_http_grpc_loc_conf_t *glcf = conf; | |
4392 | |
4393 size_t add; | |
4394 ngx_str_t *value, *url; | |
4395 ngx_url_t u; | |
4396 ngx_http_core_loc_conf_t *clcf; | |
4397 | |
4398 if (glcf->upstream.upstream) { | |
4399 return "is duplicate"; | |
4400 } | |
4401 | |
4402 value = cf->args->elts; | |
4403 url = &value[1]; | |
4404 | |
4405 if (ngx_strncasecmp(url->data, (u_char *) "grpc://", 7) == 0) { | |
4406 add = 7; | |
4407 | |
4408 } else if (ngx_strncasecmp(url->data, (u_char *) "grpcs://", 8) == 0) { | |
4409 | |
4410 #if (NGX_HTTP_SSL) | |
4411 glcf->ssl = 1; | |
4412 | |
4413 add = 8; | |
4414 #else | |
4415 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, | |
4416 "grpcs protocol requires SSL support"); | |
4417 return NGX_CONF_ERROR; | |
4418 #endif | |
4419 | |
4420 } else { | |
4421 add = 0; | |
4422 } | |
4423 | |
4424 ngx_memzero(&u, sizeof(ngx_url_t)); | |
4425 | |
4426 u.url.len = url->len - add; | |
4427 u.url.data = url->data + add; | |
4428 u.no_resolve = 1; | |
4429 | |
4430 glcf->upstream.upstream = ngx_http_upstream_add(cf, &u, 0); | |
4431 if (glcf->upstream.upstream == NULL) { | |
4432 return NGX_CONF_ERROR; | |
4433 } | |
4434 | |
4435 if (u.family != AF_UNIX) { | |
4436 | |
4437 if (u.no_port) { | |
4438 glcf->host = u.host; | |
4439 | |
4440 } else { | |
4441 glcf->host.len = u.host.len + 1 + u.port_text.len; | |
4442 glcf->host.data = u.host.data; | |
4443 } | |
4444 | |
4445 } else { | |
4446 ngx_str_set(&glcf->host, "localhost"); | |
4447 } | |
4448 | |
4449 clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module); | |
4450 | |
4451 clcf->handler = ngx_http_grpc_handler; | |
4452 | |
4453 if (clcf->name.data[clcf->name.len - 1] == '/') { | |
4454 clcf->auto_redirect = 1; | |
4455 } | |
4456 | |
4457 return NGX_CONF_OK; | |
4458 } | |
4459 | |
4460 | |
4461 #if (NGX_HTTP_SSL) | |
4462 | |
4463 static char * | |
4464 ngx_http_grpc_ssl_password_file(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
4465 { | |
4466 ngx_http_grpc_loc_conf_t *glcf = conf; | |
4467 | |
4468 ngx_str_t *value; | |
4469 | |
4470 if (glcf->ssl_passwords != NGX_CONF_UNSET_PTR) { | |
4471 return "is duplicate"; | |
4472 } | |
4473 | |
4474 value = cf->args->elts; | |
4475 | |
4476 glcf->ssl_passwords = ngx_ssl_read_password_file(cf, &value[1]); | |
4477 | |
4478 if (glcf->ssl_passwords == NULL) { | |
4479 return NGX_CONF_ERROR; | |
4480 } | |
4481 | |
4482 return NGX_CONF_OK; | |
4483 } | |
4484 | |
4485 | |
4486 static ngx_int_t | |
4487 ngx_http_grpc_set_ssl(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *glcf) | |
4488 { | |
4489 ngx_pool_cleanup_t *cln; | |
4490 | |
4491 glcf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); | |
4492 if (glcf->upstream.ssl == NULL) { | |
4493 return NGX_ERROR; | |
4494 } | |
4495 | |
4496 glcf->upstream.ssl->log = cf->log; | |
4497 | |
4498 if (ngx_ssl_create(glcf->upstream.ssl, glcf->ssl_protocols, NULL) | |
4499 != NGX_OK) | |
4500 { | |
4501 return NGX_ERROR; | |
4502 } | |
4503 | |
4504 cln = ngx_pool_cleanup_add(cf->pool, 0); | |
4505 if (cln == NULL) { | |
4506 return NGX_ERROR; | |
4507 } | |
4508 | |
4509 cln->handler = ngx_ssl_cleanup_ctx; | |
4510 cln->data = glcf->upstream.ssl; | |
4511 | |
4512 if (glcf->ssl_certificate.len) { | |
4513 | |
4514 if (glcf->ssl_certificate_key.len == 0) { | |
4515 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | |
4516 "no \"grpc_ssl_certificate_key\" is defined " | |
4517 "for certificate \"%V\"", &glcf->ssl_certificate); | |
4518 return NGX_ERROR; | |
4519 } | |
4520 | |
4521 if (ngx_ssl_certificate(cf, glcf->upstream.ssl, &glcf->ssl_certificate, | |
4522 &glcf->ssl_certificate_key, glcf->ssl_passwords) | |
4523 != NGX_OK) | |
4524 { | |
4525 return NGX_ERROR; | |
4526 } | |
4527 } | |
4528 | |
4529 if (ngx_ssl_ciphers(cf, glcf->upstream.ssl, &glcf->ssl_ciphers, 0) | |
4530 != NGX_OK) | |
4531 { | |
4532 return NGX_ERROR; | |
4533 } | |
4534 | |
4535 if (glcf->upstream.ssl_verify) { | |
4536 if (glcf->ssl_trusted_certificate.len == 0) { | |
4537 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | |
4538 "no grpc_ssl_trusted_certificate for grpc_ssl_verify"); | |
4539 return NGX_ERROR; | |
4540 } | |
4541 | |
4542 if (ngx_ssl_trusted_certificate(cf, glcf->upstream.ssl, | |
4543 &glcf->ssl_trusted_certificate, | |
4544 glcf->ssl_verify_depth) | |
4545 != NGX_OK) | |
4546 { | |
4547 return NGX_ERROR; | |
4548 } | |
4549 | |
4550 if (ngx_ssl_crl(cf, glcf->upstream.ssl, &glcf->ssl_crl) != NGX_OK) { | |
4551 return NGX_ERROR; | |
4552 } | |
4553 } | |
4554 | |
4555 #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation | |
4556 | |
4557 if (SSL_CTX_set_alpn_protos(glcf->upstream.ssl->ctx, | |
4558 (u_char *) "\x02h2", 3) | |
4559 != 0) | |
4560 { | |
4561 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, | |
4562 "SSL_CTX_set_alpn_protos() failed"); | |
4563 return NGX_ERROR; | |
4564 } | |
4565 | |
4566 #endif | |
4567 | |
4568 return NGX_OK; | |
4569 } | |
4570 | |
4571 #endif |