7233
|
1
|
|
2 /*
|
|
3 * Copyright (C) Maxim Dounin
|
|
4 * Copyright (C) Nginx, Inc.
|
|
5 */
|
|
6
|
|
7
|
|
8 #include <ngx_config.h>
|
|
9 #include <ngx_core.h>
|
|
10 #include <ngx_http.h>
|
|
11
|
|
12
|
|
13 typedef struct {
|
|
14 ngx_array_t *flushes;
|
|
15 ngx_array_t *lengths;
|
|
16 ngx_array_t *values;
|
|
17 ngx_hash_t hash;
|
|
18 } ngx_http_grpc_headers_t;
|
|
19
|
|
20
|
|
21 typedef struct {
|
|
22 ngx_http_upstream_conf_t upstream;
|
|
23
|
|
24 ngx_http_grpc_headers_t headers;
|
|
25 ngx_array_t *headers_source;
|
|
26
|
|
27 ngx_str_t host;
|
|
28 ngx_uint_t host_set;
|
|
29
|
|
30 #if (NGX_HTTP_SSL)
|
|
31 ngx_uint_t ssl;
|
|
32 ngx_uint_t ssl_protocols;
|
|
33 ngx_str_t ssl_ciphers;
|
|
34 ngx_uint_t ssl_verify_depth;
|
|
35 ngx_str_t ssl_trusted_certificate;
|
|
36 ngx_str_t ssl_crl;
|
|
37 ngx_str_t ssl_certificate;
|
|
38 ngx_str_t ssl_certificate_key;
|
|
39 ngx_array_t *ssl_passwords;
|
|
40 #endif
|
|
41 } ngx_http_grpc_loc_conf_t;
|
|
42
|
|
43
|
|
44 typedef enum {
|
|
45 ngx_http_grpc_st_start = 0,
|
|
46 ngx_http_grpc_st_length_2,
|
|
47 ngx_http_grpc_st_length_3,
|
|
48 ngx_http_grpc_st_type,
|
|
49 ngx_http_grpc_st_flags,
|
|
50 ngx_http_grpc_st_stream_id,
|
|
51 ngx_http_grpc_st_stream_id_2,
|
|
52 ngx_http_grpc_st_stream_id_3,
|
|
53 ngx_http_grpc_st_stream_id_4,
|
|
54 ngx_http_grpc_st_payload,
|
|
55 ngx_http_grpc_st_padding
|
|
56 } ngx_http_grpc_state_e;
|
|
57
|
|
58
|
|
59 typedef struct {
|
|
60 size_t init_window;
|
|
61 size_t send_window;
|
|
62 size_t recv_window;
|
|
63 ngx_uint_t last_stream_id;
|
|
64 } ngx_http_grpc_conn_t;
|
|
65
|
|
66
|
|
67 typedef struct {
|
|
68 ngx_http_grpc_state_e state;
|
|
69 ngx_uint_t frame_state;
|
|
70 ngx_uint_t fragment_state;
|
|
71
|
|
72 ngx_chain_t *in;
|
|
73 ngx_chain_t *out;
|
|
74 ngx_chain_t *free;
|
|
75 ngx_chain_t *busy;
|
|
76
|
|
77 ngx_http_grpc_conn_t *connection;
|
|
78
|
|
79 ngx_uint_t id;
|
|
80
|
|
81 ssize_t send_window;
|
|
82 size_t recv_window;
|
|
83
|
|
84 size_t rest;
|
|
85 ngx_uint_t stream_id;
|
|
86 u_char type;
|
|
87 u_char flags;
|
|
88 u_char padding;
|
|
89
|
|
90 ngx_uint_t error;
|
|
91 ngx_uint_t window_update;
|
|
92
|
|
93 ngx_uint_t setting_id;
|
|
94 ngx_uint_t setting_value;
|
|
95
|
|
96 u_char ping_data[8];
|
|
97
|
|
98 ngx_uint_t index;
|
|
99 ngx_str_t name;
|
|
100 ngx_str_t value;
|
|
101
|
|
102 u_char *field_end;
|
|
103 size_t field_length;
|
|
104 size_t field_rest;
|
|
105 u_char field_state;
|
|
106
|
|
107 unsigned literal:1;
|
|
108 unsigned field_huffman:1;
|
|
109
|
|
110 unsigned header_sent:1;
|
|
111 unsigned output_closed:1;
|
|
112 unsigned parsing_headers:1;
|
|
113 unsigned end_stream:1;
|
|
114 unsigned status:1;
|
|
115
|
|
116 ngx_http_request_t *request;
|
|
117 } ngx_http_grpc_ctx_t;
|
|
118
|
|
119
|
|
120 typedef struct {
|
|
121 u_char length_0;
|
|
122 u_char length_1;
|
|
123 u_char length_2;
|
|
124 u_char type;
|
|
125 u_char flags;
|
|
126 u_char stream_id_0;
|
|
127 u_char stream_id_1;
|
|
128 u_char stream_id_2;
|
|
129 u_char stream_id_3;
|
|
130 } ngx_http_grpc_frame_t;
|
|
131
|
|
132
|
|
133 static ngx_int_t ngx_http_grpc_create_request(ngx_http_request_t *r);
|
|
134 static ngx_int_t ngx_http_grpc_reinit_request(ngx_http_request_t *r);
|
|
135 static ngx_int_t ngx_http_grpc_body_output_filter(void *data, ngx_chain_t *in);
|
|
136 static ngx_int_t ngx_http_grpc_process_header(ngx_http_request_t *r);
|
|
137 static ngx_int_t ngx_http_grpc_filter_init(void *data);
|
|
138 static ngx_int_t ngx_http_grpc_filter(void *data, ssize_t bytes);
|
|
139
|
|
140 static ngx_int_t ngx_http_grpc_parse_frame(ngx_http_request_t *r,
|
|
141 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
|
|
142 static ngx_int_t ngx_http_grpc_parse_header(ngx_http_request_t *r,
|
|
143 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
|
|
144 static ngx_int_t ngx_http_grpc_parse_fragment(ngx_http_request_t *r,
|
|
145 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
|
|
146 static ngx_int_t ngx_http_grpc_validate_header_name(ngx_http_request_t *r,
|
|
147 ngx_str_t *s);
|
|
148 static ngx_int_t ngx_http_grpc_validate_header_value(ngx_http_request_t *r,
|
|
149 ngx_str_t *s);
|
|
150 static ngx_int_t ngx_http_grpc_parse_rst_stream(ngx_http_request_t *r,
|
|
151 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
|
|
152 static ngx_int_t ngx_http_grpc_parse_goaway(ngx_http_request_t *r,
|
|
153 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
|
|
154 static ngx_int_t ngx_http_grpc_parse_window_update(ngx_http_request_t *r,
|
|
155 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
|
|
156 static ngx_int_t ngx_http_grpc_parse_settings(ngx_http_request_t *r,
|
|
157 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
|
|
158 static ngx_int_t ngx_http_grpc_parse_ping(ngx_http_request_t *r,
|
|
159 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
|
|
160
|
|
161 static ngx_int_t ngx_http_grpc_send_settings_ack(ngx_http_request_t *r,
|
|
162 ngx_http_grpc_ctx_t *ctx);
|
|
163 static ngx_int_t ngx_http_grpc_send_ping_ack(ngx_http_request_t *r,
|
|
164 ngx_http_grpc_ctx_t *ctx);
|
|
165 static ngx_int_t ngx_http_grpc_send_window_update(ngx_http_request_t *r,
|
|
166 ngx_http_grpc_ctx_t *ctx);
|
|
167
|
|
168 static ngx_chain_t *ngx_http_grpc_get_buf(ngx_http_request_t *r,
|
|
169 ngx_http_grpc_ctx_t *ctx);
|
|
170 static ngx_http_grpc_ctx_t *ngx_http_grpc_get_ctx(ngx_http_request_t *r);
|
|
171 static ngx_int_t ngx_http_grpc_get_connection_data(ngx_http_request_t *r,
|
|
172 ngx_http_grpc_ctx_t *ctx, ngx_peer_connection_t *pc);
|
|
173 static void ngx_http_grpc_cleanup(void *data);
|
|
174
|
|
175 static void ngx_http_grpc_abort_request(ngx_http_request_t *r);
|
|
176 static void ngx_http_grpc_finalize_request(ngx_http_request_t *r,
|
|
177 ngx_int_t rc);
|
|
178
|
|
179 static void *ngx_http_grpc_create_loc_conf(ngx_conf_t *cf);
|
|
180 static char *ngx_http_grpc_merge_loc_conf(ngx_conf_t *cf,
|
|
181 void *parent, void *child);
|
|
182 static ngx_int_t ngx_http_grpc_init_headers(ngx_conf_t *cf,
|
|
183 ngx_http_grpc_loc_conf_t *conf, ngx_http_grpc_headers_t *headers,
|
|
184 ngx_keyval_t *default_headers);
|
|
185
|
|
186 static char *ngx_http_grpc_pass(ngx_conf_t *cf, ngx_command_t *cmd,
|
|
187 void *conf);
|
|
188
|
|
189 #if (NGX_HTTP_SSL)
|
|
190 static char *ngx_http_grpc_ssl_password_file(ngx_conf_t *cf,
|
|
191 ngx_command_t *cmd, void *conf);
|
|
192 static ngx_int_t ngx_http_grpc_set_ssl(ngx_conf_t *cf,
|
|
193 ngx_http_grpc_loc_conf_t *glcf);
|
|
194 #endif
|
|
195
|
|
196
|
|
197 static ngx_conf_bitmask_t ngx_http_grpc_next_upstream_masks[] = {
|
|
198 { ngx_string("error"), NGX_HTTP_UPSTREAM_FT_ERROR },
|
|
199 { ngx_string("timeout"), NGX_HTTP_UPSTREAM_FT_TIMEOUT },
|
|
200 { ngx_string("invalid_header"), NGX_HTTP_UPSTREAM_FT_INVALID_HEADER },
|
|
201 { ngx_string("non_idempotent"), NGX_HTTP_UPSTREAM_FT_NON_IDEMPOTENT },
|
|
202 { ngx_string("http_500"), NGX_HTTP_UPSTREAM_FT_HTTP_500 },
|
|
203 { ngx_string("http_502"), NGX_HTTP_UPSTREAM_FT_HTTP_502 },
|
|
204 { ngx_string("http_503"), NGX_HTTP_UPSTREAM_FT_HTTP_503 },
|
|
205 { ngx_string("http_504"), NGX_HTTP_UPSTREAM_FT_HTTP_504 },
|
|
206 { ngx_string("http_403"), NGX_HTTP_UPSTREAM_FT_HTTP_403 },
|
|
207 { ngx_string("http_404"), NGX_HTTP_UPSTREAM_FT_HTTP_404 },
|
|
208 { ngx_string("http_429"), NGX_HTTP_UPSTREAM_FT_HTTP_429 },
|
|
209 { ngx_string("off"), NGX_HTTP_UPSTREAM_FT_OFF },
|
|
210 { ngx_null_string, 0 }
|
|
211 };
|
|
212
|
|
213
|
|
214 #if (NGX_HTTP_SSL)
|
|
215
|
|
216 static ngx_conf_bitmask_t ngx_http_grpc_ssl_protocols[] = {
|
|
217 { ngx_string("SSLv2"), NGX_SSL_SSLv2 },
|
|
218 { ngx_string("SSLv3"), NGX_SSL_SSLv3 },
|
|
219 { ngx_string("TLSv1"), NGX_SSL_TLSv1 },
|
|
220 { ngx_string("TLSv1.1"), NGX_SSL_TLSv1_1 },
|
|
221 { ngx_string("TLSv1.2"), NGX_SSL_TLSv1_2 },
|
|
222 { ngx_string("TLSv1.3"), NGX_SSL_TLSv1_3 },
|
|
223 { ngx_null_string, 0 }
|
|
224 };
|
|
225
|
|
226 #endif
|
|
227
|
|
228
|
|
229 static ngx_command_t ngx_http_grpc_commands[] = {
|
|
230
|
|
231 { ngx_string("grpc_pass"),
|
|
232 NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF|NGX_CONF_TAKE1,
|
|
233 ngx_http_grpc_pass,
|
|
234 NGX_HTTP_LOC_CONF_OFFSET,
|
|
235 0,
|
|
236 NULL },
|
|
237
|
|
238 { ngx_string("grpc_bind"),
|
|
239 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE12,
|
|
240 ngx_http_upstream_bind_set_slot,
|
|
241 NGX_HTTP_LOC_CONF_OFFSET,
|
|
242 offsetof(ngx_http_grpc_loc_conf_t, upstream.local),
|
|
243 NULL },
|
|
244
|
|
245 { ngx_string("grpc_connect_timeout"),
|
|
246 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
247 ngx_conf_set_msec_slot,
|
|
248 NGX_HTTP_LOC_CONF_OFFSET,
|
|
249 offsetof(ngx_http_grpc_loc_conf_t, upstream.connect_timeout),
|
|
250 NULL },
|
|
251
|
|
252 { ngx_string("grpc_send_timeout"),
|
|
253 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
254 ngx_conf_set_msec_slot,
|
|
255 NGX_HTTP_LOC_CONF_OFFSET,
|
|
256 offsetof(ngx_http_grpc_loc_conf_t, upstream.send_timeout),
|
|
257 NULL },
|
|
258
|
|
259 { ngx_string("grpc_intercept_errors"),
|
|
260 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
|
|
261 ngx_conf_set_flag_slot,
|
|
262 NGX_HTTP_LOC_CONF_OFFSET,
|
|
263 offsetof(ngx_http_grpc_loc_conf_t, upstream.intercept_errors),
|
|
264 NULL },
|
|
265
|
|
266 { ngx_string("grpc_buffer_size"),
|
|
267 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
268 ngx_conf_set_size_slot,
|
|
269 NGX_HTTP_LOC_CONF_OFFSET,
|
|
270 offsetof(ngx_http_grpc_loc_conf_t, upstream.buffer_size),
|
|
271 NULL },
|
|
272
|
|
273 { ngx_string("grpc_read_timeout"),
|
|
274 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
275 ngx_conf_set_msec_slot,
|
|
276 NGX_HTTP_LOC_CONF_OFFSET,
|
|
277 offsetof(ngx_http_grpc_loc_conf_t, upstream.read_timeout),
|
|
278 NULL },
|
|
279
|
|
280 { ngx_string("grpc_next_upstream"),
|
|
281 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
|
|
282 ngx_conf_set_bitmask_slot,
|
|
283 NGX_HTTP_LOC_CONF_OFFSET,
|
|
284 offsetof(ngx_http_grpc_loc_conf_t, upstream.next_upstream),
|
|
285 &ngx_http_grpc_next_upstream_masks },
|
|
286
|
|
287 { ngx_string("grpc_next_upstream_tries"),
|
|
288 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
289 ngx_conf_set_num_slot,
|
|
290 NGX_HTTP_LOC_CONF_OFFSET,
|
|
291 offsetof(ngx_http_grpc_loc_conf_t, upstream.next_upstream_tries),
|
|
292 NULL },
|
|
293
|
|
294 { ngx_string("grpc_next_upstream_timeout"),
|
|
295 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
296 ngx_conf_set_msec_slot,
|
|
297 NGX_HTTP_LOC_CONF_OFFSET,
|
|
298 offsetof(ngx_http_grpc_loc_conf_t, upstream.next_upstream_timeout),
|
|
299 NULL },
|
|
300
|
|
301 { ngx_string("grpc_set_header"),
|
|
302 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE2,
|
|
303 ngx_conf_set_keyval_slot,
|
|
304 NGX_HTTP_LOC_CONF_OFFSET,
|
|
305 offsetof(ngx_http_grpc_loc_conf_t, headers_source),
|
|
306 NULL },
|
|
307
|
|
308 { ngx_string("grpc_pass_header"),
|
|
309 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
310 ngx_conf_set_str_array_slot,
|
|
311 NGX_HTTP_LOC_CONF_OFFSET,
|
|
312 offsetof(ngx_http_grpc_loc_conf_t, upstream.pass_headers),
|
|
313 NULL },
|
|
314
|
|
315 { ngx_string("grpc_hide_header"),
|
|
316 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
317 ngx_conf_set_str_array_slot,
|
|
318 NGX_HTTP_LOC_CONF_OFFSET,
|
|
319 offsetof(ngx_http_grpc_loc_conf_t, upstream.hide_headers),
|
|
320 NULL },
|
|
321
|
|
322 { ngx_string("grpc_ignore_headers"),
|
|
323 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
|
|
324 ngx_conf_set_bitmask_slot,
|
|
325 NGX_HTTP_LOC_CONF_OFFSET,
|
|
326 offsetof(ngx_http_grpc_loc_conf_t, upstream.ignore_headers),
|
|
327 &ngx_http_upstream_ignore_headers_masks },
|
|
328
|
|
329 #if (NGX_HTTP_SSL)
|
|
330
|
|
331 { ngx_string("grpc_ssl_session_reuse"),
|
|
332 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
|
|
333 ngx_conf_set_flag_slot,
|
|
334 NGX_HTTP_LOC_CONF_OFFSET,
|
|
335 offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_session_reuse),
|
|
336 NULL },
|
|
337
|
|
338 { ngx_string("grpc_ssl_protocols"),
|
|
339 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
|
|
340 ngx_conf_set_bitmask_slot,
|
|
341 NGX_HTTP_LOC_CONF_OFFSET,
|
|
342 offsetof(ngx_http_grpc_loc_conf_t, ssl_protocols),
|
|
343 &ngx_http_grpc_ssl_protocols },
|
|
344
|
|
345 { ngx_string("grpc_ssl_ciphers"),
|
|
346 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
347 ngx_conf_set_str_slot,
|
|
348 NGX_HTTP_LOC_CONF_OFFSET,
|
|
349 offsetof(ngx_http_grpc_loc_conf_t, ssl_ciphers),
|
|
350 NULL },
|
|
351
|
|
352 { ngx_string("grpc_ssl_name"),
|
|
353 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
354 ngx_http_set_complex_value_slot,
|
|
355 NGX_HTTP_LOC_CONF_OFFSET,
|
|
356 offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_name),
|
|
357 NULL },
|
|
358
|
|
359 { ngx_string("grpc_ssl_server_name"),
|
|
360 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
|
|
361 ngx_conf_set_flag_slot,
|
|
362 NGX_HTTP_LOC_CONF_OFFSET,
|
|
363 offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_server_name),
|
|
364 NULL },
|
|
365
|
|
366 { ngx_string("grpc_ssl_verify"),
|
|
367 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
|
|
368 ngx_conf_set_flag_slot,
|
|
369 NGX_HTTP_LOC_CONF_OFFSET,
|
|
370 offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_verify),
|
|
371 NULL },
|
|
372
|
|
373 { ngx_string("grpc_ssl_verify_depth"),
|
|
374 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
375 ngx_conf_set_num_slot,
|
|
376 NGX_HTTP_LOC_CONF_OFFSET,
|
|
377 offsetof(ngx_http_grpc_loc_conf_t, ssl_verify_depth),
|
|
378 NULL },
|
|
379
|
|
380 { ngx_string("grpc_ssl_trusted_certificate"),
|
|
381 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
382 ngx_conf_set_str_slot,
|
|
383 NGX_HTTP_LOC_CONF_OFFSET,
|
|
384 offsetof(ngx_http_grpc_loc_conf_t, ssl_trusted_certificate),
|
|
385 NULL },
|
|
386
|
|
387 { ngx_string("grpc_ssl_crl"),
|
|
388 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
389 ngx_conf_set_str_slot,
|
|
390 NGX_HTTP_LOC_CONF_OFFSET,
|
|
391 offsetof(ngx_http_grpc_loc_conf_t, ssl_crl),
|
|
392 NULL },
|
|
393
|
|
394 { ngx_string("grpc_ssl_certificate"),
|
|
395 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
396 ngx_conf_set_str_slot,
|
|
397 NGX_HTTP_LOC_CONF_OFFSET,
|
|
398 offsetof(ngx_http_grpc_loc_conf_t, ssl_certificate),
|
|
399 NULL },
|
|
400
|
|
401 { ngx_string("grpc_ssl_certificate_key"),
|
|
402 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
403 ngx_conf_set_str_slot,
|
|
404 NGX_HTTP_LOC_CONF_OFFSET,
|
|
405 offsetof(ngx_http_grpc_loc_conf_t, ssl_certificate_key),
|
|
406 NULL },
|
|
407
|
|
408 { ngx_string("grpc_ssl_password_file"),
|
|
409 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
|
|
410 ngx_http_grpc_ssl_password_file,
|
|
411 NGX_HTTP_LOC_CONF_OFFSET,
|
|
412 0,
|
|
413 NULL },
|
|
414
|
|
415 #endif
|
|
416
|
|
417 ngx_null_command
|
|
418 };
|
|
419
|
|
420
|
|
421 static ngx_http_module_t ngx_http_grpc_module_ctx = {
|
|
422 NULL, /* preconfiguration */
|
|
423 NULL, /* postconfiguration */
|
|
424
|
|
425 NULL, /* create main configuration */
|
|
426 NULL, /* init main configuration */
|
|
427
|
|
428 NULL, /* create server configuration */
|
|
429 NULL, /* merge server configuration */
|
|
430
|
|
431 ngx_http_grpc_create_loc_conf, /* create location configuration */
|
|
432 ngx_http_grpc_merge_loc_conf /* merge location configuration */
|
|
433 };
|
|
434
|
|
435
|
|
436 ngx_module_t ngx_http_grpc_module = {
|
|
437 NGX_MODULE_V1,
|
|
438 &ngx_http_grpc_module_ctx, /* module context */
|
|
439 ngx_http_grpc_commands, /* module directives */
|
|
440 NGX_HTTP_MODULE, /* module type */
|
|
441 NULL, /* init master */
|
|
442 NULL, /* init module */
|
|
443 NULL, /* init process */
|
|
444 NULL, /* init thread */
|
|
445 NULL, /* exit thread */
|
|
446 NULL, /* exit process */
|
|
447 NULL, /* exit master */
|
|
448 NGX_MODULE_V1_PADDING
|
|
449 };
|
|
450
|
|
451
|
|
452 static u_char ngx_http_grpc_connection_start[] =
|
|
453 "PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n" /* connection preface */
|
|
454
|
|
455 "\x00\x00\x12\x04\x00\x00\x00\x00\x00" /* settings frame */
|
|
456 "\x00\x01\x00\x00\x00\x00" /* header table size */
|
|
457 "\x00\x02\x00\x00\x00\x00" /* disable push */
|
|
458 "\x00\x04\x7f\xff\xff\xff" /* initial window */
|
|
459
|
|
460 "\x00\x00\x04\x08\x00\x00\x00\x00\x00" /* window update frame */
|
|
461 "\x7f\xff\x00\x00";
|
|
462
|
|
463
|
|
464 static ngx_keyval_t ngx_http_grpc_headers[] = {
|
|
465 { ngx_string("Content-Length"), ngx_string("$content_length") },
|
|
466 { ngx_string("Host"), ngx_string("") },
|
|
467 { ngx_string("Connection"), ngx_string("") },
|
|
468 { ngx_string("Transfer-Encoding"), ngx_string("") },
|
|
469 { ngx_string("TE"), ngx_string("") },
|
|
470 { ngx_string("Keep-Alive"), ngx_string("") },
|
|
471 { ngx_string("Expect"), ngx_string("") },
|
|
472 { ngx_string("Upgrade"), ngx_string("") },
|
|
473 { ngx_null_string, ngx_null_string }
|
|
474 };
|
|
475
|
|
476
|
|
477 static ngx_str_t ngx_http_grpc_hide_headers[] = {
|
|
478 ngx_string("Date"),
|
|
479 ngx_string("Server"),
|
|
480 ngx_string("X-Accel-Expires"),
|
|
481 ngx_string("X-Accel-Redirect"),
|
|
482 ngx_string("X-Accel-Limit-Rate"),
|
|
483 ngx_string("X-Accel-Buffering"),
|
|
484 ngx_string("X-Accel-Charset"),
|
|
485 ngx_null_string
|
|
486 };
|
|
487
|
|
488
|
|
489 static ngx_int_t
|
|
490 ngx_http_grpc_handler(ngx_http_request_t *r)
|
|
491 {
|
|
492 ngx_int_t rc;
|
|
493 ngx_http_upstream_t *u;
|
|
494 ngx_http_grpc_ctx_t *ctx;
|
|
495 ngx_http_grpc_loc_conf_t *glcf;
|
|
496
|
|
497 if (ngx_http_upstream_create(r) != NGX_OK) {
|
|
498 return NGX_HTTP_INTERNAL_SERVER_ERROR;
|
|
499 }
|
|
500
|
|
501 glcf = ngx_http_get_module_loc_conf(r, ngx_http_grpc_module);
|
|
502
|
|
503 u = r->upstream;
|
|
504
|
|
505 #if (NGX_HTTP_SSL)
|
|
506 u->ssl = (glcf->upstream.ssl != NULL);
|
|
507
|
|
508 if (u->ssl) {
|
|
509 ngx_str_set(&u->schema, "grpcs://");
|
|
510
|
|
511 } else {
|
|
512 ngx_str_set(&u->schema, "grpc://");
|
|
513 }
|
|
514 #else
|
|
515 ngx_str_set(&u->schema, "grpc://");
|
|
516 #endif
|
|
517
|
|
518 u->output.tag = (ngx_buf_tag_t) &ngx_http_grpc_module;
|
|
519
|
|
520 u->conf = &glcf->upstream;
|
|
521
|
|
522 u->create_request = ngx_http_grpc_create_request;
|
|
523 u->reinit_request = ngx_http_grpc_reinit_request;
|
|
524 u->process_header = ngx_http_grpc_process_header;
|
|
525 u->abort_request = ngx_http_grpc_abort_request;
|
|
526 u->finalize_request = ngx_http_grpc_finalize_request;
|
|
527
|
|
528 ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_grpc_ctx_t));
|
|
529 if (ctx == NULL) {
|
|
530 return NGX_HTTP_INTERNAL_SERVER_ERROR;
|
|
531 }
|
|
532
|
|
533 ctx->request = r;
|
|
534
|
|
535 ngx_http_set_ctx(r, ctx, ngx_http_grpc_module);
|
|
536
|
|
537 u->input_filter_init = ngx_http_grpc_filter_init;
|
|
538 u->input_filter = ngx_http_grpc_filter;
|
|
539 u->input_filter_ctx = ctx;
|
|
540
|
|
541 r->request_body_no_buffering = 1;
|
|
542
|
|
543 rc = ngx_http_read_client_request_body(r, ngx_http_upstream_init);
|
|
544
|
|
545 if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
|
|
546 return rc;
|
|
547 }
|
|
548
|
|
549 return NGX_DONE;
|
|
550 }
|
|
551
|
|
552
|
|
553 static ngx_int_t
|
|
554 ngx_http_grpc_create_request(ngx_http_request_t *r)
|
|
555 {
|
|
556 u_char *p, *tmp, *key_tmp, *val_tmp, *headers_frame;
|
|
557 size_t len, tmp_len, key_len, val_len, uri_len;
|
|
558 uintptr_t escape;
|
|
559 ngx_buf_t *b;
|
|
560 ngx_uint_t i, next;
|
|
561 ngx_chain_t *cl, *body;
|
|
562 ngx_list_part_t *part;
|
|
563 ngx_table_elt_t *header;
|
|
564 ngx_http_upstream_t *u;
|
|
565 ngx_http_grpc_frame_t *f;
|
|
566 ngx_http_script_code_pt code;
|
|
567 ngx_http_grpc_loc_conf_t *glcf;
|
|
568 ngx_http_script_engine_t e, le;
|
|
569 ngx_http_script_len_code_pt lcode;
|
|
570
|
|
571 u = r->upstream;
|
|
572
|
|
573 glcf = ngx_http_get_module_loc_conf(r, ngx_http_grpc_module);
|
|
574
|
|
575 len = sizeof(ngx_http_grpc_connection_start) - 1
|
|
576 + sizeof(ngx_http_grpc_frame_t); /* headers frame */
|
|
577
|
|
578 /* :method header */
|
|
579
|
|
580 if (r->method == NGX_HTTP_GET || r->method == NGX_HTTP_POST) {
|
|
581 len += 1;
|
|
582 tmp_len = 0;
|
|
583
|
|
584 } else {
|
|
585 len += 1 + NGX_HTTP_V2_INT_OCTETS + r->method_name.len;
|
|
586 tmp_len = r->method_name.len;
|
|
587 }
|
|
588
|
|
589 /* :scheme header */
|
|
590
|
|
591 len += 1;
|
|
592
|
|
593 /* :path header */
|
|
594
|
|
595 if (r->valid_unparsed_uri) {
|
|
596 escape = 0;
|
|
597 uri_len = r->unparsed_uri.len;
|
|
598
|
|
599 } else {
|
|
600 escape = 2 * ngx_escape_uri(NULL, r->uri.data, r->uri.len,
|
|
601 NGX_ESCAPE_URI);
|
|
602 uri_len = r->uri.len + escape + sizeof("?") - 1 + r->args.len;
|
|
603 }
|
|
604
|
|
605 len += 1 + NGX_HTTP_V2_INT_OCTETS + uri_len;
|
|
606
|
|
607 if (tmp_len < uri_len) {
|
|
608 tmp_len = uri_len;
|
|
609 }
|
|
610
|
|
611 /* :authority header */
|
|
612
|
|
613 if (!glcf->host_set) {
|
|
614 len += 1 + NGX_HTTP_V2_INT_OCTETS + glcf->host.len;
|
|
615
|
|
616 if (tmp_len < glcf->host.len) {
|
|
617 tmp_len = glcf->host.len;
|
|
618 }
|
|
619 }
|
|
620
|
|
621 /* other headers */
|
|
622
|
|
623 ngx_http_script_flush_no_cacheable_variables(r, glcf->headers.flushes);
|
|
624 ngx_memzero(&le, sizeof(ngx_http_script_engine_t));
|
|
625
|
|
626 le.ip = glcf->headers.lengths->elts;
|
|
627 le.request = r;
|
|
628 le.flushed = 1;
|
|
629
|
|
630 while (*(uintptr_t *) le.ip) {
|
|
631
|
|
632 lcode = *(ngx_http_script_len_code_pt *) le.ip;
|
|
633 key_len = lcode(&le);
|
|
634
|
|
635 for (val_len = 0; *(uintptr_t *) le.ip; val_len += lcode(&le)) {
|
|
636 lcode = *(ngx_http_script_len_code_pt *) le.ip;
|
|
637 }
|
|
638 le.ip += sizeof(uintptr_t);
|
|
639
|
|
640 if (val_len == 0) {
|
|
641 continue;
|
|
642 }
|
|
643
|
|
644 len += 1 + NGX_HTTP_V2_INT_OCTETS + key_len
|
|
645 + NGX_HTTP_V2_INT_OCTETS + val_len;
|
|
646
|
|
647 if (tmp_len < key_len) {
|
|
648 tmp_len = key_len;
|
|
649 }
|
|
650
|
|
651 if (tmp_len < val_len) {
|
|
652 tmp_len = val_len;
|
|
653 }
|
|
654 }
|
|
655
|
|
656 if (glcf->upstream.pass_request_headers) {
|
|
657 part = &r->headers_in.headers.part;
|
|
658 header = part->elts;
|
|
659
|
|
660 for (i = 0; /* void */; i++) {
|
|
661
|
|
662 if (i >= part->nelts) {
|
|
663 if (part->next == NULL) {
|
|
664 break;
|
|
665 }
|
|
666
|
|
667 part = part->next;
|
|
668 header = part->elts;
|
|
669 i = 0;
|
|
670 }
|
|
671
|
|
672 if (ngx_hash_find(&glcf->headers.hash, header[i].hash,
|
|
673 header[i].lowcase_key, header[i].key.len))
|
|
674 {
|
|
675 continue;
|
|
676 }
|
|
677
|
|
678 len += 1 + NGX_HTTP_V2_INT_OCTETS + header[i].key.len
|
|
679 + NGX_HTTP_V2_INT_OCTETS + header[i].value.len;
|
|
680
|
|
681 if (tmp_len < header[i].key.len) {
|
|
682 tmp_len = header[i].key.len;
|
|
683 }
|
|
684
|
|
685 if (tmp_len < header[i].value.len) {
|
|
686 tmp_len = header[i].value.len;
|
|
687 }
|
|
688 }
|
|
689 }
|
|
690
|
|
691 /* continuation frames */
|
|
692
|
|
693 len += sizeof(ngx_http_grpc_frame_t)
|
|
694 * (len / NGX_HTTP_V2_DEFAULT_FRAME_SIZE);
|
|
695
|
|
696
|
|
697 b = ngx_create_temp_buf(r->pool, len);
|
|
698 if (b == NULL) {
|
|
699 return NGX_ERROR;
|
|
700 }
|
|
701
|
|
702 cl = ngx_alloc_chain_link(r->pool);
|
|
703 if (cl == NULL) {
|
|
704 return NGX_ERROR;
|
|
705 }
|
|
706
|
|
707 cl->buf = b;
|
|
708 cl->next = NULL;
|
|
709
|
|
710 tmp = ngx_palloc(r->pool, tmp_len * 3);
|
|
711 if (tmp == NULL) {
|
|
712 return NGX_ERROR;
|
|
713 }
|
|
714
|
|
715 key_tmp = tmp + tmp_len;
|
|
716 val_tmp = tmp + 2 * tmp_len;
|
|
717
|
|
718 /* connection preface */
|
|
719
|
|
720 b->last = ngx_copy(b->last, ngx_http_grpc_connection_start,
|
|
721 sizeof(ngx_http_grpc_connection_start) - 1);
|
|
722
|
|
723 /* headers frame */
|
|
724
|
|
725 headers_frame = b->last;
|
|
726
|
|
727 f = (ngx_http_grpc_frame_t *) b->last;
|
|
728 b->last += sizeof(ngx_http_grpc_frame_t);
|
|
729
|
|
730 f->length_0 = 0;
|
|
731 f->length_1 = 0;
|
|
732 f->length_2 = 0;
|
|
733 f->type = NGX_HTTP_V2_HEADERS_FRAME;
|
|
734 f->flags = 0;
|
|
735 f->stream_id_0 = 0;
|
|
736 f->stream_id_1 = 0;
|
|
737 f->stream_id_2 = 0;
|
|
738 f->stream_id_3 = 1;
|
|
739
|
|
740 if (r->method == NGX_HTTP_GET) {
|
|
741 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_METHOD_GET_INDEX);
|
|
742
|
|
743 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
744 "grpc header: \":method: GET\"");
|
|
745
|
|
746 } else if (r->method == NGX_HTTP_POST) {
|
|
747 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_METHOD_POST_INDEX);
|
|
748
|
|
749 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
750 "grpc header: \":method: POST\"");
|
|
751
|
|
752 } else {
|
|
753 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_METHOD_INDEX);
|
|
754 b->last = ngx_http_v2_write_value(b->last, r->method_name.data,
|
|
755 r->method_name.len, tmp);
|
|
756
|
|
757 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
758 "grpc header: \":method: %V\"", &r->method_name);
|
|
759 }
|
|
760
|
|
761 #if (NGX_HTTP_SSL)
|
|
762 if (glcf->ssl) {
|
|
763 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_SCHEME_HTTPS_INDEX);
|
|
764
|
|
765 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
766 "grpc header: \":scheme: https\"");
|
|
767 } else
|
|
768 #endif
|
|
769 {
|
|
770 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_SCHEME_HTTP_INDEX);
|
|
771
|
|
772 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
773 "grpc header: \":scheme: http\"");
|
|
774 }
|
|
775
|
|
776 if (r->valid_unparsed_uri) {
|
|
777
|
|
778 if (r->unparsed_uri.len == 1 && r->unparsed_uri.data[0] == '/') {
|
|
779 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_PATH_ROOT_INDEX);
|
|
780
|
|
781 } else {
|
|
782 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX);
|
|
783 b->last = ngx_http_v2_write_value(b->last, r->unparsed_uri.data,
|
|
784 r->unparsed_uri.len, tmp);
|
|
785 }
|
|
786
|
|
787 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
788 "grpc header: \":path: %V\"", &r->unparsed_uri);
|
|
789
|
|
790 } else if (escape || r->args.len > 0) {
|
|
791 p = val_tmp;
|
|
792
|
|
793 if (escape) {
|
|
794 p = (u_char *) ngx_escape_uri(p, r->uri.data, r->uri.len,
|
|
795 NGX_ESCAPE_URI);
|
|
796
|
|
797 } else {
|
|
798 p = ngx_copy(p, r->uri.data, r->uri.len);
|
|
799 }
|
|
800
|
|
801 if (r->args.len > 0) {
|
|
802 *p++ = '?';
|
|
803 p = ngx_copy(p, r->args.data, r->args.len);
|
|
804 }
|
|
805
|
|
806 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX);
|
|
807 b->last = ngx_http_v2_write_value(b->last, val_tmp, p - val_tmp, tmp);
|
|
808
|
|
809 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
810 "grpc header: \":path: %*s\"", p - val_tmp, val_tmp);
|
|
811
|
|
812 } else {
|
|
813 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX);
|
|
814 b->last = ngx_http_v2_write_value(b->last, r->uri.data,
|
|
815 r->uri.len, tmp);
|
|
816
|
|
817 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
818 "grpc header: \":path: %V\"", &r->uri);
|
|
819 }
|
|
820
|
|
821 if (!glcf->host_set) {
|
|
822 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_AUTHORITY_INDEX);
|
|
823 b->last = ngx_http_v2_write_value(b->last, glcf->host.data,
|
|
824 glcf->host.len, tmp);
|
|
825
|
|
826 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
827 "grpc header: \":authority: %V\"", &glcf->host);
|
|
828 }
|
|
829
|
|
830 ngx_memzero(&e, sizeof(ngx_http_script_engine_t));
|
|
831
|
|
832 e.ip = glcf->headers.values->elts;
|
|
833 e.request = r;
|
|
834 e.flushed = 1;
|
|
835
|
|
836 le.ip = glcf->headers.lengths->elts;
|
|
837
|
|
838 while (*(uintptr_t *) le.ip) {
|
|
839
|
|
840 lcode = *(ngx_http_script_len_code_pt *) le.ip;
|
|
841 key_len = lcode(&le);
|
|
842
|
|
843 for (val_len = 0; *(uintptr_t *) le.ip; val_len += lcode(&le)) {
|
|
844 lcode = *(ngx_http_script_len_code_pt *) le.ip;
|
|
845 }
|
|
846 le.ip += sizeof(uintptr_t);
|
|
847
|
|
848 if (val_len == 0) {
|
|
849 e.skip = 1;
|
|
850
|
|
851 while (*(uintptr_t *) e.ip) {
|
|
852 code = *(ngx_http_script_code_pt *) e.ip;
|
|
853 code((ngx_http_script_engine_t *) &e);
|
|
854 }
|
|
855 e.ip += sizeof(uintptr_t);
|
|
856
|
|
857 e.skip = 0;
|
|
858
|
|
859 continue;
|
|
860 }
|
|
861
|
|
862 *b->last++ = 0;
|
|
863
|
|
864 e.pos = key_tmp;
|
|
865
|
|
866 code = *(ngx_http_script_code_pt *) e.ip;
|
|
867 code((ngx_http_script_engine_t *) &e);
|
|
868
|
|
869 b->last = ngx_http_v2_write_name(b->last, key_tmp, key_len, tmp);
|
|
870
|
|
871 e.pos = val_tmp;
|
|
872
|
|
873 while (*(uintptr_t *) e.ip) {
|
|
874 code = *(ngx_http_script_code_pt *) e.ip;
|
|
875 code((ngx_http_script_engine_t *) &e);
|
|
876 }
|
|
877 e.ip += sizeof(uintptr_t);
|
|
878
|
|
879 b->last = ngx_http_v2_write_value(b->last, val_tmp, val_len, tmp);
|
|
880
|
|
881 #if (NGX_DEBUG)
|
|
882 if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) {
|
|
883 ngx_strlow(key_tmp, key_tmp, key_len);
|
|
884
|
|
885 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
886 "grpc header: \"%*s: %*s\"",
|
|
887 key_len, key_tmp, val_len, val_tmp);
|
|
888 }
|
|
889 #endif
|
|
890 }
|
|
891
|
|
892 if (glcf->upstream.pass_request_headers) {
|
|
893 part = &r->headers_in.headers.part;
|
|
894 header = part->elts;
|
|
895
|
|
896 for (i = 0; /* void */; i++) {
|
|
897
|
|
898 if (i >= part->nelts) {
|
|
899 if (part->next == NULL) {
|
|
900 break;
|
|
901 }
|
|
902
|
|
903 part = part->next;
|
|
904 header = part->elts;
|
|
905 i = 0;
|
|
906 }
|
|
907
|
|
908 if (ngx_hash_find(&glcf->headers.hash, header[i].hash,
|
|
909 header[i].lowcase_key, header[i].key.len))
|
|
910 {
|
|
911 continue;
|
|
912 }
|
|
913
|
|
914 *b->last++ = 0;
|
|
915
|
|
916 b->last = ngx_http_v2_write_name(b->last, header[i].key.data,
|
|
917 header[i].key.len, tmp);
|
|
918
|
|
919 b->last = ngx_http_v2_write_value(b->last, header[i].value.data,
|
|
920 header[i].value.len, tmp);
|
|
921
|
|
922 #if (NGX_DEBUG)
|
|
923 if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) {
|
|
924 ngx_strlow(tmp, header[i].key.data, header[i].key.len);
|
|
925
|
|
926 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
927 "grpc header: \"%*s: %V\"",
|
|
928 header[i].key.len, tmp, &header[i].value);
|
|
929 }
|
|
930 #endif
|
|
931 }
|
|
932 }
|
|
933
|
|
934 /* update headers frame length */
|
|
935
|
|
936 len = b->last - headers_frame - sizeof(ngx_http_grpc_frame_t);
|
|
937
|
|
938 if (len > NGX_HTTP_V2_DEFAULT_FRAME_SIZE) {
|
|
939 len = NGX_HTTP_V2_DEFAULT_FRAME_SIZE;
|
|
940 next = 1;
|
|
941
|
|
942 } else {
|
|
943 next = 0;
|
|
944 }
|
|
945
|
|
946 f = (ngx_http_grpc_frame_t *) headers_frame;
|
|
947
|
|
948 f->length_0 = (u_char) ((len >> 16) & 0xff);
|
|
949 f->length_1 = (u_char) ((len >> 8) & 0xff);
|
|
950 f->length_2 = (u_char) (len & 0xff);
|
|
951
|
|
952 /* create additional continuation frames */
|
|
953
|
|
954 p = headers_frame;
|
|
955
|
|
956 while (next) {
|
|
957 p += sizeof(ngx_http_grpc_frame_t) + NGX_HTTP_V2_DEFAULT_FRAME_SIZE;
|
|
958 len = b->last - p;
|
|
959
|
|
960 ngx_memmove(p + sizeof(ngx_http_grpc_frame_t), p, len);
|
|
961 b->last += sizeof(ngx_http_grpc_frame_t);
|
|
962
|
|
963 if (len > NGX_HTTP_V2_DEFAULT_FRAME_SIZE) {
|
|
964 len = NGX_HTTP_V2_DEFAULT_FRAME_SIZE;
|
|
965 next = 1;
|
|
966
|
|
967 } else {
|
|
968 next = 0;
|
|
969 }
|
|
970
|
|
971 f = (ngx_http_grpc_frame_t *) p;
|
|
972
|
|
973 f->length_0 = (u_char) ((len >> 16) & 0xff);
|
|
974 f->length_1 = (u_char) ((len >> 8) & 0xff);
|
|
975 f->length_2 = (u_char) (len & 0xff);
|
|
976 f->type = NGX_HTTP_V2_CONTINUATION_FRAME;
|
|
977 f->flags = 0;
|
|
978 f->stream_id_0 = 0;
|
|
979 f->stream_id_1 = 0;
|
|
980 f->stream_id_2 = 0;
|
|
981 f->stream_id_3 = 1;
|
|
982 }
|
|
983
|
|
984 f->flags |= NGX_HTTP_V2_END_HEADERS_FLAG;
|
|
985
|
|
986 #if (NGX_DEBUG)
|
|
987 if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) {
|
|
988 u_char buf[512];
|
|
989 size_t n, m;
|
|
990
|
|
991 n = ngx_min(b->last - b->pos, 256);
|
|
992 m = ngx_hex_dump(buf, b->pos, n) - buf;
|
|
993
|
|
994 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
995 "grpc header: %*s%s, len: %uz",
|
|
996 m, buf, b->last - b->pos > 256 ? "..." : "",
|
|
997 b->last - b->pos);
|
|
998 }
|
|
999 #endif
|
|
1000
|
|
1001 if (r->request_body_no_buffering) {
|
|
1002
|
|
1003 u->request_bufs = cl;
|
|
1004
|
|
1005 } else {
|
|
1006
|
|
1007 body = u->request_bufs;
|
|
1008 u->request_bufs = cl;
|
|
1009
|
|
1010 if (body == NULL) {
|
|
1011 f = (ngx_http_grpc_frame_t *) headers_frame;
|
|
1012 f->flags |= NGX_HTTP_V2_END_STREAM_FLAG;
|
|
1013 }
|
|
1014
|
|
1015 while (body) {
|
|
1016 b = ngx_alloc_buf(r->pool);
|
|
1017 if (b == NULL) {
|
|
1018 return NGX_ERROR;
|
|
1019 }
|
|
1020
|
|
1021 ngx_memcpy(b, body->buf, sizeof(ngx_buf_t));
|
|
1022
|
|
1023 cl->next = ngx_alloc_chain_link(r->pool);
|
|
1024 if (cl->next == NULL) {
|
|
1025 return NGX_ERROR;
|
|
1026 }
|
|
1027
|
|
1028 cl = cl->next;
|
|
1029 cl->buf = b;
|
|
1030
|
|
1031 body = body->next;
|
|
1032 }
|
|
1033
|
|
1034 b->last_buf = 1;
|
|
1035 }
|
|
1036
|
|
1037 u->output.output_filter = ngx_http_grpc_body_output_filter;
|
|
1038 u->output.filter_ctx = r;
|
|
1039
|
|
1040 b->flush = 1;
|
|
1041 cl->next = NULL;
|
|
1042
|
|
1043 return NGX_OK;
|
|
1044 }
|
|
1045
|
|
1046
|
|
1047 static ngx_int_t
|
|
1048 ngx_http_grpc_reinit_request(ngx_http_request_t *r)
|
|
1049 {
|
|
1050 ngx_http_grpc_ctx_t *ctx;
|
|
1051
|
|
1052 ctx = ngx_http_get_module_ctx(r, ngx_http_grpc_module);
|
|
1053
|
|
1054 if (ctx == NULL) {
|
|
1055 return NGX_OK;
|
|
1056 }
|
|
1057
|
|
1058 ctx->state = 0;
|
|
1059 ctx->header_sent = 0;
|
|
1060 ctx->output_closed = 0;
|
|
1061 ctx->parsing_headers = 0;
|
|
1062 ctx->end_stream = 0;
|
|
1063 ctx->status = 0;
|
|
1064 ctx->connection = NULL;
|
|
1065
|
|
1066 return NGX_OK;
|
|
1067 }
|
|
1068
|
|
1069
|
|
1070 static ngx_int_t
|
|
1071 ngx_http_grpc_body_output_filter(void *data, ngx_chain_t *in)
|
|
1072 {
|
|
1073 ngx_http_request_t *r = data;
|
|
1074
|
|
1075 off_t file_pos;
|
|
1076 u_char *p, *pos, *start;
|
|
1077 size_t len, limit;
|
|
1078 ngx_buf_t *b;
|
|
1079 ngx_int_t rc;
|
|
1080 ngx_uint_t next, last;
|
|
1081 ngx_chain_t *cl, *out, **ll;
|
|
1082 ngx_http_grpc_ctx_t *ctx;
|
|
1083 ngx_http_grpc_frame_t *f;
|
|
1084
|
|
1085 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
1086 "grpc output filter");
|
|
1087
|
|
1088 ctx = ngx_http_grpc_get_ctx(r);
|
|
1089
|
|
1090 if (ctx == NULL) {
|
|
1091 return NGX_ERROR;
|
|
1092 }
|
|
1093
|
|
1094 if (in) {
|
|
1095 if (ngx_chain_add_copy(r->pool, &ctx->in, in) != NGX_OK) {
|
|
1096 return NGX_ERROR;
|
|
1097 }
|
|
1098 }
|
|
1099
|
|
1100 out = NULL;
|
|
1101 ll = &out;
|
|
1102
|
|
1103 if (!ctx->header_sent) {
|
|
1104 /* first buffer contains headers */
|
|
1105
|
|
1106 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
1107 "grpc output header");
|
|
1108
|
|
1109 ctx->header_sent = 1;
|
|
1110
|
|
1111 if (ctx->id != 1) {
|
|
1112 /*
|
|
1113 * keepalive connection: skip connection preface,
|
|
1114 * update stream identifiers
|
|
1115 */
|
|
1116
|
|
1117 b = ctx->in->buf;
|
|
1118 b->pos += sizeof(ngx_http_grpc_connection_start) - 1;
|
|
1119
|
|
1120 p = b->pos;
|
|
1121
|
|
1122 while (p < b->last) {
|
|
1123 f = (ngx_http_grpc_frame_t *) p;
|
|
1124 p += sizeof(ngx_http_grpc_frame_t);
|
|
1125
|
|
1126 f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff);
|
|
1127 f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff);
|
|
1128 f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff);
|
|
1129 f->stream_id_3 = (u_char) (ctx->id & 0xff);
|
|
1130
|
|
1131 p += (f->length_0 << 16) + (f->length_1 << 8) + f->length_2;
|
|
1132 }
|
|
1133 }
|
|
1134
|
|
1135 if (ctx->in->buf->last_buf) {
|
|
1136 ctx->output_closed = 1;
|
|
1137 }
|
|
1138
|
|
1139 *ll = ctx->in;
|
|
1140 ll = &ctx->in->next;
|
|
1141
|
|
1142 ctx->in = ctx->in->next;
|
|
1143 }
|
|
1144
|
|
1145 if (ctx->out) {
|
|
1146 /* queued control frames */
|
|
1147
|
|
1148 *ll = ctx->out;
|
|
1149
|
|
1150 for (cl = ctx->out, ll = &cl->next; cl; cl = cl->next) {
|
|
1151 ll = &cl->next;
|
|
1152 }
|
|
1153
|
|
1154 ctx->out = NULL;
|
|
1155 }
|
|
1156
|
|
1157 f = NULL;
|
|
1158 last = 0;
|
|
1159
|
|
1160 limit = ngx_max(0, ctx->send_window);
|
|
1161
|
|
1162 if (limit > ctx->connection->send_window) {
|
|
1163 limit = ctx->connection->send_window;
|
|
1164 }
|
|
1165
|
|
1166 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
1167 "grpc output limit: %uz w:%z:%uz",
|
|
1168 limit, ctx->send_window, ctx->connection->send_window);
|
|
1169
|
|
1170 #if (NGX_SUPPRESS_WARN)
|
|
1171 file_pos = 0;
|
|
1172 pos = NULL;
|
|
1173 cl = NULL;
|
|
1174 #endif
|
|
1175
|
|
1176 in = ctx->in;
|
|
1177
|
|
1178 while (in && limit > 0) {
|
|
1179
|
|
1180 ngx_log_debug7(NGX_LOG_DEBUG_EVENT, r->connection->log, 0,
|
|
1181 "grpc output in l:%d f:%d %p, pos %p, size: %z "
|
|
1182 "file: %O, size: %O",
|
|
1183 in->buf->last_buf,
|
|
1184 in->buf->in_file,
|
|
1185 in->buf->start, in->buf->pos,
|
|
1186 in->buf->last - in->buf->pos,
|
|
1187 in->buf->file_pos,
|
|
1188 in->buf->file_last - in->buf->file_pos);
|
|
1189
|
|
1190 if (ngx_buf_special(in->buf)) {
|
|
1191 goto next;
|
|
1192 }
|
|
1193
|
|
1194 if (in->buf->in_file) {
|
|
1195 file_pos = in->buf->file_pos;
|
|
1196
|
|
1197 } else {
|
|
1198 pos = in->buf->pos;
|
|
1199 }
|
|
1200
|
|
1201 next = 0;
|
|
1202
|
|
1203 do {
|
|
1204
|
|
1205 cl = ngx_http_grpc_get_buf(r, ctx);
|
|
1206 if (cl == NULL) {
|
|
1207 return NGX_ERROR;
|
|
1208 }
|
|
1209
|
|
1210 b = cl->buf;
|
|
1211
|
|
1212 f = (ngx_http_grpc_frame_t *) b->last;
|
|
1213 b->last += sizeof(ngx_http_grpc_frame_t);
|
|
1214
|
|
1215 *ll = cl;
|
|
1216 ll = &cl->next;
|
|
1217
|
|
1218 cl = ngx_chain_get_free_buf(r->pool, &ctx->free);
|
|
1219 if (cl == NULL) {
|
|
1220 return NGX_ERROR;
|
|
1221 }
|
|
1222
|
|
1223 b = cl->buf;
|
|
1224 start = b->start;
|
|
1225
|
|
1226 ngx_memcpy(b, in->buf, sizeof(ngx_buf_t));
|
|
1227
|
|
1228 /*
|
|
1229 * restore b->start to preserve memory allocated in the buffer,
|
|
1230 * to reuse it later for headers and control frames
|
|
1231 */
|
|
1232
|
|
1233 b->start = start;
|
|
1234
|
|
1235 if (in->buf->in_file) {
|
|
1236 b->file_pos = file_pos;
|
|
1237 file_pos += ngx_min(NGX_HTTP_V2_DEFAULT_FRAME_SIZE, limit);
|
|
1238
|
|
1239 if (file_pos >= in->buf->file_last) {
|
|
1240 file_pos = in->buf->file_last;
|
|
1241 next = 1;
|
|
1242 }
|
|
1243
|
|
1244 b->file_last = file_pos;
|
|
1245 len = (ngx_uint_t) (file_pos - b->file_pos);
|
|
1246
|
|
1247 } else {
|
|
1248 b->pos = pos;
|
|
1249 pos += ngx_min(NGX_HTTP_V2_DEFAULT_FRAME_SIZE, limit);
|
|
1250
|
|
1251 if (pos >= in->buf->last) {
|
|
1252 pos = in->buf->last;
|
|
1253 next = 1;
|
|
1254 }
|
|
1255
|
|
1256 b->last = pos;
|
|
1257 len = (ngx_uint_t) (pos - b->pos);
|
|
1258 }
|
|
1259
|
|
1260 b->tag = (ngx_buf_tag_t) &ngx_http_grpc_body_output_filter;
|
|
1261 b->shadow = in->buf;
|
|
1262 b->last_shadow = next;
|
|
1263
|
|
1264 b->last_buf = 0;
|
|
1265 b->last_in_chain = 0;
|
|
1266
|
|
1267 *ll = cl;
|
|
1268 ll = &cl->next;
|
|
1269
|
|
1270 f->length_0 = (u_char) ((len >> 16) & 0xff);
|
|
1271 f->length_1 = (u_char) ((len >> 8) & 0xff);
|
|
1272 f->length_2 = (u_char) (len & 0xff);
|
|
1273 f->type = NGX_HTTP_V2_DATA_FRAME;
|
|
1274 f->flags = 0;
|
|
1275 f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff);
|
|
1276 f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff);
|
|
1277 f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff);
|
|
1278 f->stream_id_3 = (u_char) (ctx->id & 0xff);
|
|
1279
|
|
1280 limit -= len;
|
|
1281 ctx->send_window -= len;
|
|
1282 ctx->connection->send_window -= len;
|
|
1283
|
|
1284 } while (!next && limit > 0);
|
|
1285
|
|
1286 if (!next) {
|
|
1287 /*
|
|
1288 * if the buffer wasn't fully sent due to flow control limits,
|
|
1289 * preserve position for future use
|
|
1290 */
|
|
1291
|
|
1292 if (in->buf->in_file) {
|
|
1293 in->buf->file_pos = file_pos;
|
|
1294
|
|
1295 } else {
|
|
1296 in->buf->pos = pos;
|
|
1297 }
|
|
1298
|
|
1299 break;
|
|
1300 }
|
|
1301
|
|
1302 next:
|
|
1303
|
|
1304 if (in->buf->last_buf) {
|
|
1305 last = 1;
|
|
1306 }
|
|
1307
|
|
1308 in = in->next;
|
|
1309 }
|
|
1310
|
|
1311 ctx->in = in;
|
|
1312
|
|
1313 if (last) {
|
|
1314
|
|
1315 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
1316 "grpc output last");
|
|
1317
|
|
1318 ctx->output_closed = 1;
|
|
1319
|
|
1320 if (f) {
|
|
1321 f->flags |= NGX_HTTP_V2_END_STREAM_FLAG;
|
|
1322
|
|
1323 } else {
|
|
1324 cl = ngx_http_grpc_get_buf(r, ctx);
|
|
1325 if (cl == NULL) {
|
|
1326 return NGX_ERROR;
|
|
1327 }
|
|
1328
|
|
1329 b = cl->buf;
|
|
1330
|
|
1331 f = (ngx_http_grpc_frame_t *) b->last;
|
|
1332 b->last += sizeof(ngx_http_grpc_frame_t);
|
|
1333
|
|
1334 f->length_0 = 0;
|
|
1335 f->length_1 = 0;
|
|
1336 f->length_2 = 0;
|
|
1337 f->type = NGX_HTTP_V2_DATA_FRAME;
|
|
1338 f->flags = NGX_HTTP_V2_END_STREAM_FLAG;
|
|
1339 f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff);
|
|
1340 f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff);
|
|
1341 f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff);
|
|
1342 f->stream_id_3 = (u_char) (ctx->id & 0xff);
|
|
1343
|
|
1344 *ll = cl;
|
|
1345 ll = &cl->next;
|
|
1346 }
|
|
1347
|
|
1348 cl->buf->last_buf = 1;
|
|
1349 }
|
|
1350
|
|
1351 *ll = NULL;
|
|
1352
|
|
1353 #if (NGX_DEBUG)
|
|
1354
|
|
1355 for (cl = out; cl; cl = cl->next) {
|
|
1356 ngx_log_debug7(NGX_LOG_DEBUG_EVENT, r->connection->log, 0,
|
|
1357 "grpc output out l:%d f:%d %p, pos %p, size: %z "
|
|
1358 "file: %O, size: %O",
|
|
1359 cl->buf->last_buf,
|
|
1360 cl->buf->in_file,
|
|
1361 cl->buf->start, cl->buf->pos,
|
|
1362 cl->buf->last - cl->buf->pos,
|
|
1363 cl->buf->file_pos,
|
|
1364 cl->buf->file_last - cl->buf->file_pos);
|
|
1365 }
|
|
1366
|
|
1367 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
1368 "grpc output limit: %uz w:%z:%uz",
|
|
1369 limit, ctx->send_window, ctx->connection->send_window);
|
|
1370
|
|
1371 #endif
|
|
1372
|
|
1373 rc = ngx_chain_writer(&r->upstream->writer, out);
|
|
1374
|
|
1375 ngx_chain_update_chains(r->pool, &ctx->free, &ctx->busy, &out,
|
|
1376 (ngx_buf_tag_t) &ngx_http_grpc_body_output_filter);
|
|
1377
|
|
1378 for (cl = ctx->free; cl; cl = cl->next) {
|
|
1379
|
|
1380 /* mark original buffers as sent */
|
|
1381
|
|
1382 if (cl->buf->shadow) {
|
|
1383 if (cl->buf->last_shadow) {
|
|
1384 b = cl->buf->shadow;
|
|
1385 b->pos = b->last;
|
|
1386 }
|
|
1387
|
|
1388 cl->buf->shadow = NULL;
|
|
1389 }
|
|
1390 }
|
|
1391
|
|
1392 if (rc == NGX_OK && ctx->in) {
|
|
1393 rc = NGX_AGAIN;
|
|
1394 }
|
|
1395
|
|
1396 return rc;
|
|
1397 }
|
|
1398
|
|
1399
|
|
1400 static ngx_int_t
|
|
1401 ngx_http_grpc_process_header(ngx_http_request_t *r)
|
|
1402 {
|
|
1403 ngx_str_t *status_line;
|
|
1404 ngx_int_t rc, status;
|
|
1405 ngx_buf_t *b;
|
|
1406 ngx_table_elt_t *h;
|
|
1407 ngx_http_upstream_t *u;
|
|
1408 ngx_http_grpc_ctx_t *ctx;
|
|
1409 ngx_http_upstream_header_t *hh;
|
|
1410 ngx_http_upstream_main_conf_t *umcf;
|
|
1411
|
|
1412 u = r->upstream;
|
|
1413 b = &u->buffer;
|
|
1414
|
|
1415 #if (NGX_DEBUG)
|
|
1416 if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) {
|
|
1417 u_char buf[512];
|
|
1418 size_t n, m;
|
|
1419
|
|
1420 n = ngx_min(b->last - b->pos, 256);
|
|
1421 m = ngx_hex_dump(buf, b->pos, n) - buf;
|
|
1422
|
|
1423 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
1424 "grpc response: %*s%s, len: %uz",
|
|
1425 m, buf, b->last - b->pos > 256 ? "..." : "",
|
|
1426 b->last - b->pos);
|
|
1427 }
|
|
1428 #endif
|
|
1429
|
|
1430 ctx = ngx_http_grpc_get_ctx(r);
|
|
1431
|
|
1432 if (ctx == NULL) {
|
|
1433 return NGX_ERROR;
|
|
1434 }
|
|
1435
|
|
1436 umcf = ngx_http_get_module_main_conf(r, ngx_http_upstream_module);
|
|
1437
|
|
1438 for ( ;; ) {
|
|
1439
|
|
1440 if (ctx->state < ngx_http_grpc_st_payload) {
|
|
1441
|
|
1442 rc = ngx_http_grpc_parse_frame(r, ctx, b);
|
|
1443
|
|
1444 if (rc == NGX_AGAIN) {
|
|
1445
|
|
1446 /*
|
|
1447 * there can be a lot of window update frames,
|
|
1448 * so we reset buffer if it is empty and we haven't
|
|
1449 * started parsing headers yet
|
|
1450 */
|
|
1451
|
|
1452 if (!ctx->parsing_headers) {
|
|
1453 b->pos = b->start;
|
|
1454 b->last = b->pos;
|
|
1455 }
|
|
1456
|
|
1457 return NGX_AGAIN;
|
|
1458 }
|
|
1459
|
|
1460 if (rc == NGX_ERROR) {
|
|
1461 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1462 }
|
|
1463
|
|
1464 /*
|
|
1465 * RFC 7540 says that implementations MUST discard frames
|
|
1466 * that have unknown or unsupported types. However, extension
|
|
1467 * frames that appear in the middle of a header block are
|
|
1468 * not permitted. Also, for obvious reasons CONTINUATION frames
|
|
1469 * cannot appear before headers, and DATA frames are not expected
|
|
1470 * to appear before all headers are parsed.
|
|
1471 */
|
|
1472
|
|
1473 if (ctx->type == NGX_HTTP_V2_DATA_FRAME
|
|
1474 || (ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME
|
|
1475 && !ctx->parsing_headers)
|
|
1476 || (ctx->type != NGX_HTTP_V2_CONTINUATION_FRAME
|
|
1477 && ctx->parsing_headers))
|
|
1478 {
|
|
1479 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1480 "upstream sent unexpected http2 frame: %d",
|
|
1481 ctx->type);
|
|
1482 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1483 }
|
|
1484
|
|
1485 if (ctx->stream_id && ctx->stream_id != ctx->id) {
|
|
1486 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1487 "upstream sent frame for unknown stream %ui",
|
|
1488 ctx->stream_id);
|
|
1489 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1490 }
|
|
1491 }
|
|
1492
|
|
1493 /* frame payload */
|
|
1494
|
|
1495 if (ctx->type == NGX_HTTP_V2_RST_STREAM_FRAME) {
|
|
1496
|
|
1497 rc = ngx_http_grpc_parse_rst_stream(r, ctx, b);
|
|
1498
|
|
1499 if (rc == NGX_AGAIN) {
|
|
1500 return NGX_AGAIN;
|
|
1501 }
|
|
1502
|
|
1503 if (rc == NGX_ERROR) {
|
|
1504 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1505 }
|
|
1506
|
|
1507 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1508 "upstream rejected request with error %ui",
|
|
1509 ctx->error);
|
|
1510
|
|
1511 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1512 }
|
|
1513
|
|
1514 if (ctx->type == NGX_HTTP_V2_GOAWAY_FRAME) {
|
|
1515
|
|
1516 rc = ngx_http_grpc_parse_goaway(r, ctx, b);
|
|
1517
|
|
1518 if (rc == NGX_AGAIN) {
|
|
1519 return NGX_AGAIN;
|
|
1520 }
|
|
1521
|
|
1522 if (rc == NGX_ERROR) {
|
|
1523 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1524 }
|
|
1525
|
|
1526 /*
|
|
1527 * If stream_id is lower than one we use, our
|
|
1528 * request won't be processed and needs to be retried.
|
|
1529 * If stream_id is greater or equal to the one we use,
|
|
1530 * we can continue normally (except we can't use this
|
|
1531 * connection for additional requests). If there is
|
|
1532 * a real error, the connection will be closed.
|
|
1533 */
|
|
1534
|
|
1535 if (ctx->stream_id < ctx->id) {
|
|
1536
|
|
1537 /* TODO: we can retry non-idempotent requests */
|
|
1538
|
|
1539 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1540 "upstream sent goaway with error %ui",
|
|
1541 ctx->error);
|
|
1542
|
|
1543 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1544 }
|
|
1545
|
|
1546 continue;
|
|
1547 }
|
|
1548
|
|
1549 if (ctx->type == NGX_HTTP_V2_WINDOW_UPDATE_FRAME) {
|
|
1550
|
|
1551 rc = ngx_http_grpc_parse_window_update(r, ctx, b);
|
|
1552
|
|
1553 if (rc == NGX_AGAIN) {
|
|
1554 return NGX_AGAIN;
|
|
1555 }
|
|
1556
|
|
1557 if (rc == NGX_ERROR) {
|
|
1558 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1559 }
|
|
1560
|
|
1561 if (ctx->in) {
|
|
1562 ngx_post_event(u->peer.connection->write, &ngx_posted_events);
|
|
1563 }
|
|
1564
|
|
1565 continue;
|
|
1566 }
|
|
1567
|
|
1568 if (ctx->type == NGX_HTTP_V2_SETTINGS_FRAME) {
|
|
1569
|
|
1570 rc = ngx_http_grpc_parse_settings(r, ctx, b);
|
|
1571
|
|
1572 if (rc == NGX_AGAIN) {
|
|
1573 return NGX_AGAIN;
|
|
1574 }
|
|
1575
|
|
1576 if (rc == NGX_ERROR) {
|
|
1577 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1578 }
|
|
1579
|
|
1580 if (ctx->in) {
|
|
1581 ngx_post_event(u->peer.connection->write, &ngx_posted_events);
|
|
1582 }
|
|
1583
|
|
1584 continue;
|
|
1585 }
|
|
1586
|
|
1587 if (ctx->type == NGX_HTTP_V2_PING_FRAME) {
|
|
1588
|
|
1589 rc = ngx_http_grpc_parse_ping(r, ctx, b);
|
|
1590
|
|
1591 if (rc == NGX_AGAIN) {
|
|
1592 return NGX_AGAIN;
|
|
1593 }
|
|
1594
|
|
1595 if (rc == NGX_ERROR) {
|
|
1596 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1597 }
|
|
1598
|
|
1599 ngx_post_event(u->peer.connection->write, &ngx_posted_events);
|
|
1600 continue;
|
|
1601 }
|
|
1602
|
|
1603 if (ctx->type == NGX_HTTP_V2_PUSH_PROMISE_FRAME) {
|
|
1604 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1605 "upstream sent unexpected push promise frame");
|
|
1606 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1607 }
|
|
1608
|
|
1609 if (ctx->type != NGX_HTTP_V2_HEADERS_FRAME
|
|
1610 && ctx->type != NGX_HTTP_V2_CONTINUATION_FRAME)
|
|
1611 {
|
|
1612 /* priority, unknown frames */
|
|
1613
|
|
1614 if (b->last - b->pos < (ssize_t) ctx->rest) {
|
|
1615 ctx->rest -= b->last - b->pos;
|
|
1616 b->pos = b->last;
|
|
1617 return NGX_AGAIN;
|
|
1618 }
|
|
1619
|
|
1620 b->pos += ctx->rest;
|
|
1621 ctx->rest = 0;
|
|
1622 ctx->state = ngx_http_grpc_st_start;
|
|
1623
|
|
1624 continue;
|
|
1625 }
|
|
1626
|
|
1627 /* headers */
|
|
1628
|
|
1629 for ( ;; ) {
|
|
1630
|
|
1631 rc = ngx_http_grpc_parse_header(r, ctx, b);
|
|
1632
|
|
1633 if (rc == NGX_AGAIN) {
|
|
1634 break;
|
|
1635 }
|
|
1636
|
|
1637 if (rc == NGX_OK) {
|
|
1638
|
|
1639 /* a header line has been parsed successfully */
|
|
1640
|
|
1641 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
1642 "grpc header: \"%V: %V\"",
|
|
1643 &ctx->name, &ctx->value);
|
|
1644
|
|
1645 if (ctx->name.len && ctx->name.data[0] == ':') {
|
|
1646
|
|
1647 if (ctx->name.len != sizeof(":status") - 1
|
|
1648 || ngx_strncmp(ctx->name.data, ":status",
|
|
1649 sizeof(":status") - 1)
|
|
1650 != 0)
|
|
1651 {
|
|
1652 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1653 "upstream sent invalid header \"%V: %V\"",
|
|
1654 &ctx->name, &ctx->value);
|
|
1655 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1656 }
|
|
1657
|
|
1658 if (ctx->status) {
|
|
1659 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1660 "upstream sent duplicate :status header");
|
|
1661 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1662 }
|
|
1663
|
|
1664 status_line = &ctx->value;
|
|
1665
|
|
1666 if (status_line->len != 3) {
|
|
1667 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1668 "upstream sent invalid :status \"%V\"",
|
|
1669 status_line);
|
|
1670 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1671 }
|
|
1672
|
|
1673 status = ngx_atoi(status_line->data, 3);
|
|
1674
|
|
1675 if (status == NGX_ERROR) {
|
|
1676 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1677 "upstream sent invalid :status \"%V\"",
|
|
1678 status_line);
|
|
1679 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1680 }
|
|
1681
|
|
1682 if (status < NGX_HTTP_OK) {
|
|
1683 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1684 "upstream sent unexpected :status \"%V\"",
|
|
1685 status_line);
|
|
1686 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1687 }
|
|
1688
|
|
1689 u->headers_in.status_n = status;
|
|
1690
|
|
1691 if (u->state && u->state->status == 0) {
|
|
1692 u->state->status = status;
|
|
1693 }
|
|
1694
|
|
1695 ctx->status = 1;
|
|
1696
|
|
1697 continue;
|
|
1698
|
|
1699 } else if (!ctx->status) {
|
|
1700 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1701 "upstream sent no :status header");
|
|
1702 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1703 }
|
|
1704
|
|
1705 h = ngx_list_push(&u->headers_in.headers);
|
|
1706 if (h == NULL) {
|
|
1707 return NGX_ERROR;
|
|
1708 }
|
|
1709
|
|
1710 h->key = ctx->name;
|
|
1711 h->value = ctx->value;
|
|
1712 h->lowcase_key = h->key.data;
|
|
1713 h->hash = ngx_hash_key(h->key.data, h->key.len);
|
|
1714
|
|
1715 hh = ngx_hash_find(&umcf->headers_in_hash, h->hash,
|
|
1716 h->lowcase_key, h->key.len);
|
|
1717
|
|
1718 if (hh && hh->handler(r, h, hh->offset) != NGX_OK) {
|
|
1719 return NGX_ERROR;
|
|
1720 }
|
|
1721
|
|
1722 continue;
|
|
1723 }
|
|
1724
|
|
1725 if (rc == NGX_HTTP_PARSE_HEADER_DONE) {
|
|
1726
|
|
1727 /* a whole header has been parsed successfully */
|
|
1728
|
|
1729 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
1730 "grpc header done");
|
|
1731
|
|
1732 if (ctx->end_stream
|
|
1733 && ctx->in == NULL
|
|
1734 && ctx->out == NULL
|
|
1735 && ctx->output_closed
|
|
1736 && b->last == b->pos)
|
|
1737 {
|
|
1738 u->keepalive = 1;
|
|
1739 }
|
|
1740
|
|
1741 return NGX_OK;
|
|
1742 }
|
|
1743
|
|
1744 /* there was error while a header line parsing */
|
|
1745
|
|
1746 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1747 "upstream sent invalid header");
|
|
1748
|
|
1749 return NGX_HTTP_UPSTREAM_INVALID_HEADER;
|
|
1750 }
|
|
1751
|
|
1752 /* rc == NGX_AGAIN */
|
|
1753
|
|
1754 if (ctx->rest == 0) {
|
|
1755 ctx->state = ngx_http_grpc_st_start;
|
|
1756 continue;
|
|
1757 }
|
|
1758
|
|
1759 return NGX_AGAIN;
|
|
1760 }
|
|
1761 }
|
|
1762
|
|
1763
|
|
1764 static ngx_int_t
|
|
1765 ngx_http_grpc_filter_init(void *data)
|
|
1766 {
|
|
1767 ngx_http_grpc_ctx_t *ctx = data;
|
|
1768
|
|
1769 ngx_http_request_t *r;
|
|
1770 ngx_http_upstream_t *u;
|
|
1771
|
|
1772 r = ctx->request;
|
|
1773 u = r->upstream;
|
|
1774
|
|
1775 u->length = 1;
|
|
1776
|
|
1777 if (ctx->end_stream) {
|
|
1778 u->length = 0;
|
|
1779 }
|
|
1780
|
|
1781 return NGX_OK;
|
|
1782 }
|
|
1783
|
|
1784
|
|
1785 static ngx_int_t
|
|
1786 ngx_http_grpc_filter(void *data, ssize_t bytes)
|
|
1787 {
|
|
1788 ngx_http_grpc_ctx_t *ctx = data;
|
|
1789
|
|
1790 ngx_int_t rc;
|
|
1791 ngx_buf_t *b, *buf;
|
|
1792 ngx_chain_t *cl, **ll;
|
|
1793 ngx_table_elt_t *h;
|
|
1794 ngx_http_request_t *r;
|
|
1795 ngx_http_upstream_t *u;
|
|
1796
|
|
1797 r = ctx->request;
|
|
1798 u = r->upstream;
|
|
1799 b = &u->buffer;
|
|
1800
|
|
1801 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
1802 "grpc filter bytes:%z", bytes);
|
|
1803
|
|
1804 b->pos = b->last;
|
|
1805 b->last += bytes;
|
|
1806
|
|
1807 for (cl = u->out_bufs, ll = &u->out_bufs; cl; cl = cl->next) {
|
|
1808 ll = &cl->next;
|
|
1809 }
|
|
1810
|
|
1811 for ( ;; ) {
|
|
1812
|
|
1813 if (ctx->state < ngx_http_grpc_st_payload) {
|
|
1814
|
|
1815 rc = ngx_http_grpc_parse_frame(r, ctx, b);
|
|
1816
|
|
1817 if (rc == NGX_AGAIN) {
|
|
1818 return NGX_AGAIN;
|
|
1819 }
|
|
1820
|
|
1821 if (rc == NGX_ERROR) {
|
|
1822 return NGX_ERROR;
|
|
1823 }
|
|
1824
|
|
1825 if ((ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME
|
|
1826 && !ctx->parsing_headers)
|
|
1827 || (ctx->type != NGX_HTTP_V2_CONTINUATION_FRAME
|
|
1828 && ctx->parsing_headers))
|
|
1829 {
|
|
1830 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1831 "upstream sent unexpected http2 frame: %d",
|
|
1832 ctx->type);
|
|
1833 return NGX_ERROR;
|
|
1834 }
|
|
1835
|
|
1836 if (ctx->type == NGX_HTTP_V2_DATA_FRAME) {
|
|
1837
|
|
1838 if (ctx->stream_id != ctx->id) {
|
|
1839 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1840 "upstream sent data frame "
|
|
1841 "for unknown stream %ui",
|
|
1842 ctx->stream_id);
|
|
1843 return NGX_ERROR;
|
|
1844 }
|
|
1845
|
|
1846 if (ctx->rest > ctx->recv_window) {
|
|
1847 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1848 "upstream violated stream flow control, "
|
|
1849 "received %uz data frame with window %uz",
|
|
1850 ctx->rest, ctx->recv_window);
|
|
1851 return NGX_ERROR;
|
|
1852 }
|
|
1853
|
|
1854 if (ctx->rest > ctx->connection->recv_window) {
|
|
1855 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1856 "upstream violated connection flow control, "
|
|
1857 "received %uz data frame with window %uz",
|
|
1858 ctx->rest, ctx->connection->recv_window);
|
|
1859 return NGX_ERROR;
|
|
1860 }
|
|
1861
|
|
1862 ctx->recv_window -= ctx->rest;
|
|
1863 ctx->connection->recv_window -= ctx->rest;
|
|
1864
|
|
1865 if (ctx->connection->recv_window < NGX_HTTP_V2_MAX_WINDOW / 4
|
|
1866 || ctx->recv_window < NGX_HTTP_V2_MAX_WINDOW / 4)
|
|
1867 {
|
|
1868 if (ngx_http_grpc_send_window_update(r, ctx) != NGX_OK) {
|
|
1869 return NGX_ERROR;
|
|
1870 }
|
|
1871
|
|
1872 ngx_post_event(u->peer.connection->write,
|
|
1873 &ngx_posted_events);
|
|
1874 }
|
|
1875 }
|
|
1876
|
|
1877 if (ctx->stream_id && ctx->stream_id != ctx->id) {
|
|
1878 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1879 "upstream sent frame for unknown stream %ui",
|
|
1880 ctx->stream_id);
|
|
1881 return NGX_ERROR;
|
|
1882 }
|
|
1883
|
|
1884 ctx->padding = 0;
|
|
1885 }
|
|
1886
|
|
1887 if (ctx->state == ngx_http_grpc_st_padding) {
|
|
1888
|
|
1889 if (b->last - b->pos < (ssize_t) ctx->rest) {
|
|
1890 ctx->rest -= b->last - b->pos;
|
|
1891 b->pos = b->last;
|
|
1892 return NGX_AGAIN;
|
|
1893 }
|
|
1894
|
|
1895 b->pos += ctx->rest;
|
|
1896 ctx->rest = 0;
|
|
1897 ctx->state = ngx_http_grpc_st_start;
|
|
1898
|
|
1899 if (ctx->flags & NGX_HTTP_V2_END_STREAM_FLAG) {
|
|
1900 u->length = 0;
|
|
1901
|
|
1902 if (ctx->in == NULL
|
|
1903 && ctx->out == NULL
|
|
1904 && ctx->output_closed
|
|
1905 && b->last == b->pos)
|
|
1906 {
|
|
1907 u->keepalive = 1;
|
|
1908 }
|
|
1909
|
|
1910 break;
|
|
1911 }
|
|
1912
|
|
1913 continue;
|
|
1914 }
|
|
1915
|
|
1916 /* frame payload */
|
|
1917
|
|
1918 if (ctx->type == NGX_HTTP_V2_RST_STREAM_FRAME) {
|
|
1919
|
|
1920 rc = ngx_http_grpc_parse_rst_stream(r, ctx, b);
|
|
1921
|
|
1922 if (rc == NGX_AGAIN) {
|
|
1923 return NGX_AGAIN;
|
|
1924 }
|
|
1925
|
|
1926 if (rc == NGX_ERROR) {
|
|
1927 return NGX_ERROR;
|
|
1928 }
|
|
1929
|
|
1930 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1931 "upstream rejected request with error %ui",
|
|
1932 ctx->error);
|
|
1933
|
|
1934 return NGX_ERROR;
|
|
1935 }
|
|
1936
|
|
1937 if (ctx->type == NGX_HTTP_V2_GOAWAY_FRAME) {
|
|
1938
|
|
1939 rc = ngx_http_grpc_parse_goaway(r, ctx, b);
|
|
1940
|
|
1941 if (rc == NGX_AGAIN) {
|
|
1942 return NGX_AGAIN;
|
|
1943 }
|
|
1944
|
|
1945 if (rc == NGX_ERROR) {
|
|
1946 return NGX_ERROR;
|
|
1947 }
|
|
1948
|
|
1949 /*
|
|
1950 * If stream_id is lower than one we use, our
|
|
1951 * request won't be processed and needs to be retried.
|
|
1952 * If stream_id is greater or equal to the one we use,
|
|
1953 * we can continue normally (except we can't use this
|
|
1954 * connection for additional requests). If there is
|
|
1955 * a real error, the connection will be closed.
|
|
1956 */
|
|
1957
|
|
1958 if (ctx->stream_id < ctx->id) {
|
|
1959
|
|
1960 /* TODO: we can retry non-idempotent requests */
|
|
1961
|
|
1962 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
1963 "upstream sent goaway with error %ui",
|
|
1964 ctx->error);
|
|
1965
|
|
1966 return NGX_ERROR;
|
|
1967 }
|
|
1968
|
|
1969 continue;
|
|
1970 }
|
|
1971
|
|
1972 if (ctx->type == NGX_HTTP_V2_WINDOW_UPDATE_FRAME) {
|
|
1973
|
|
1974 rc = ngx_http_grpc_parse_window_update(r, ctx, b);
|
|
1975
|
|
1976 if (rc == NGX_AGAIN) {
|
|
1977 return NGX_AGAIN;
|
|
1978 }
|
|
1979
|
|
1980 if (rc == NGX_ERROR) {
|
|
1981 return NGX_ERROR;
|
|
1982 }
|
|
1983
|
|
1984 if (ctx->in) {
|
|
1985 ngx_post_event(u->peer.connection->write, &ngx_posted_events);
|
|
1986 }
|
|
1987
|
|
1988 continue;
|
|
1989 }
|
|
1990
|
|
1991 if (ctx->type == NGX_HTTP_V2_SETTINGS_FRAME) {
|
|
1992
|
|
1993 rc = ngx_http_grpc_parse_settings(r, ctx, b);
|
|
1994
|
|
1995 if (rc == NGX_AGAIN) {
|
|
1996 return NGX_AGAIN;
|
|
1997 }
|
|
1998
|
|
1999 if (rc == NGX_ERROR) {
|
|
2000 return NGX_ERROR;
|
|
2001 }
|
|
2002
|
|
2003 if (ctx->in) {
|
|
2004 ngx_post_event(u->peer.connection->write, &ngx_posted_events);
|
|
2005 }
|
|
2006
|
|
2007 continue;
|
|
2008 }
|
|
2009
|
|
2010 if (ctx->type == NGX_HTTP_V2_PING_FRAME) {
|
|
2011
|
|
2012 rc = ngx_http_grpc_parse_ping(r, ctx, b);
|
|
2013
|
|
2014 if (rc == NGX_AGAIN) {
|
|
2015 return NGX_AGAIN;
|
|
2016 }
|
|
2017
|
|
2018 if (rc == NGX_ERROR) {
|
|
2019 return NGX_ERROR;
|
|
2020 }
|
|
2021
|
|
2022 ngx_post_event(u->peer.connection->write, &ngx_posted_events);
|
|
2023 continue;
|
|
2024 }
|
|
2025
|
|
2026 if (ctx->type == NGX_HTTP_V2_PUSH_PROMISE_FRAME) {
|
|
2027 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2028 "upstream sent unexpected push promise frame");
|
|
2029 return NGX_ERROR;
|
|
2030 }
|
|
2031
|
|
2032 if (ctx->type == NGX_HTTP_V2_HEADERS_FRAME
|
|
2033 || ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME)
|
|
2034 {
|
|
2035 for ( ;; ) {
|
|
2036
|
|
2037 rc = ngx_http_grpc_parse_header(r, ctx, b);
|
|
2038
|
|
2039 if (rc == NGX_AGAIN) {
|
|
2040 break;
|
|
2041 }
|
|
2042
|
|
2043 if (rc == NGX_OK) {
|
|
2044
|
|
2045 /* a header line has been parsed successfully */
|
|
2046
|
|
2047 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2048 "grpc trailer: \"%V: %V\"",
|
|
2049 &ctx->name, &ctx->value);
|
|
2050
|
|
2051 if (ctx->name.len && ctx->name.data[0] == ':') {
|
|
2052 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2053 "upstream sent invalid "
|
|
2054 "trailer \"%V: %V\"",
|
|
2055 &ctx->name, &ctx->value);
|
|
2056 return NGX_ERROR;
|
|
2057 }
|
|
2058
|
|
2059 h = ngx_list_push(&u->headers_in.trailers);
|
|
2060 if (h == NULL) {
|
|
2061 return NGX_ERROR;
|
|
2062 }
|
|
2063
|
|
2064 h->key = ctx->name;
|
|
2065 h->value = ctx->value;
|
|
2066 h->lowcase_key = h->key.data;
|
|
2067 h->hash = ngx_hash_key(h->key.data, h->key.len);
|
|
2068
|
|
2069 continue;
|
|
2070 }
|
|
2071
|
|
2072 if (rc == NGX_HTTP_PARSE_HEADER_DONE) {
|
|
2073
|
|
2074 /* a whole header has been parsed successfully */
|
|
2075
|
|
2076 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2077 "grpc trailer done");
|
|
2078
|
|
2079 if (ctx->end_stream) {
|
|
2080 u->length = 0;
|
|
2081
|
|
2082 if (ctx->in == NULL
|
|
2083 && ctx->out == NULL
|
|
2084 && ctx->output_closed
|
|
2085 && b->last == b->pos)
|
|
2086 {
|
|
2087 u->keepalive = 1;
|
|
2088 }
|
|
2089
|
|
2090 return NGX_OK;
|
|
2091 }
|
|
2092
|
|
2093 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2094 "upstream sent trailer without "
|
|
2095 "end stream flag");
|
|
2096 return NGX_ERROR;
|
|
2097 }
|
|
2098
|
|
2099 /* there was error while a header line parsing */
|
|
2100
|
|
2101 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2102 "upstream sent invalid trailer");
|
|
2103
|
|
2104 return NGX_ERROR;
|
|
2105 }
|
|
2106
|
|
2107 /* rc == NGX_AGAIN */
|
|
2108
|
|
2109 if (ctx->rest == 0) {
|
|
2110 ctx->state = ngx_http_grpc_st_start;
|
|
2111 continue;
|
|
2112 }
|
|
2113
|
|
2114 return NGX_AGAIN;
|
|
2115 }
|
|
2116
|
|
2117 if (ctx->type != NGX_HTTP_V2_DATA_FRAME) {
|
|
2118
|
|
2119 /* priority, unknown frames */
|
|
2120
|
|
2121 if (b->last - b->pos < (ssize_t) ctx->rest) {
|
|
2122 ctx->rest -= b->last - b->pos;
|
|
2123 b->pos = b->last;
|
|
2124 return NGX_AGAIN;
|
|
2125 }
|
|
2126
|
|
2127 b->pos += ctx->rest;
|
|
2128 ctx->rest = 0;
|
|
2129 ctx->state = ngx_http_grpc_st_start;
|
|
2130
|
|
2131 continue;
|
|
2132 }
|
|
2133
|
|
2134 /*
|
|
2135 * data frame:
|
|
2136 *
|
|
2137 * +---------------+
|
|
2138 * |Pad Length? (8)|
|
|
2139 * +---------------+-----------------------------------------------+
|
|
2140 * | Data (*) ...
|
|
2141 * +---------------------------------------------------------------+
|
|
2142 * | Padding (*) ...
|
|
2143 * +---------------------------------------------------------------+
|
|
2144 */
|
|
2145
|
|
2146 if (ctx->flags & NGX_HTTP_V2_PADDED_FLAG) {
|
|
2147
|
|
2148 if (ctx->rest == 0) {
|
|
2149 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2150 "upstream sent too short http2 frame");
|
|
2151 return NGX_ERROR;
|
|
2152 }
|
|
2153
|
|
2154 if (b->pos == b->last) {
|
|
2155 return NGX_AGAIN;
|
|
2156 }
|
|
2157
|
|
2158 ctx->flags &= ~NGX_HTTP_V2_PADDED_FLAG;
|
|
2159 ctx->padding = *b->pos++;
|
|
2160 ctx->rest -= 1;
|
|
2161
|
|
2162 if (ctx->padding > ctx->rest) {
|
|
2163 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2164 "upstream sent http2 frame with too long "
|
|
2165 "padding: %d in frame %uz",
|
|
2166 ctx->padding, ctx->rest);
|
|
2167 return NGX_ERROR;
|
|
2168 }
|
|
2169
|
|
2170 continue;
|
|
2171 }
|
|
2172
|
|
2173 if (ctx->rest == ctx->padding) {
|
|
2174 goto done;
|
|
2175 }
|
|
2176
|
|
2177 if (b->pos == b->last) {
|
|
2178 return NGX_AGAIN;
|
|
2179 }
|
|
2180
|
|
2181 cl = ngx_chain_get_free_buf(r->pool, &u->free_bufs);
|
|
2182 if (cl == NULL) {
|
|
2183 return NGX_ERROR;
|
|
2184 }
|
|
2185
|
|
2186 *ll = cl;
|
|
2187 ll = &cl->next;
|
|
2188
|
|
2189 buf = cl->buf;
|
|
2190
|
|
2191 buf->flush = 1;
|
|
2192 buf->memory = 1;
|
|
2193
|
|
2194 buf->pos = b->pos;
|
|
2195 buf->tag = u->output.tag;
|
|
2196
|
|
2197 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2198 "grpc output buf %p", buf->pos);
|
|
2199
|
|
2200 if (b->last - b->pos < (ssize_t) ctx->rest - ctx->padding) {
|
|
2201
|
|
2202 ctx->rest -= b->last - b->pos;
|
|
2203 b->pos = b->last;
|
|
2204 buf->last = b->pos;
|
|
2205
|
|
2206 return NGX_AGAIN;
|
|
2207 }
|
|
2208
|
|
2209 b->pos += ctx->rest - ctx->padding;
|
|
2210 buf->last = b->pos;
|
|
2211 ctx->rest = ctx->padding;
|
|
2212
|
|
2213 done:
|
|
2214
|
|
2215 if (ctx->padding) {
|
|
2216 ctx->state = ngx_http_grpc_st_padding;
|
|
2217 continue;
|
|
2218 }
|
|
2219
|
|
2220 ctx->state = ngx_http_grpc_st_start;
|
|
2221
|
|
2222 if (ctx->flags & NGX_HTTP_V2_END_STREAM_FLAG) {
|
|
2223 u->length = 0;
|
|
2224
|
|
2225 if (ctx->in == NULL
|
|
2226 && ctx->out == NULL
|
|
2227 && ctx->output_closed
|
|
2228 && b->last == b->pos)
|
|
2229 {
|
|
2230 u->keepalive = 1;
|
|
2231 }
|
|
2232
|
|
2233 break;
|
|
2234 }
|
|
2235 }
|
|
2236
|
|
2237 return NGX_OK;
|
|
2238 }
|
|
2239
|
|
2240
|
|
2241 static ngx_int_t
|
|
2242 ngx_http_grpc_parse_frame(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
|
|
2243 ngx_buf_t *b)
|
|
2244 {
|
|
2245 u_char ch, *p;
|
|
2246 ngx_http_grpc_state_e state;
|
|
2247
|
|
2248 state = ctx->state;
|
|
2249
|
|
2250 for (p = b->pos; p < b->last; p++) {
|
|
2251 ch = *p;
|
|
2252
|
|
2253 #if 0
|
|
2254 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2255 "grpc frame byte: %02Xd, s:%d", ch, state);
|
|
2256 #endif
|
|
2257
|
|
2258 switch (state) {
|
|
2259
|
|
2260 case ngx_http_grpc_st_start:
|
|
2261 ctx->rest = ch << 16;
|
|
2262 state = ngx_http_grpc_st_length_2;
|
|
2263 break;
|
|
2264
|
|
2265 case ngx_http_grpc_st_length_2:
|
|
2266 ctx->rest |= ch << 8;
|
|
2267 state = ngx_http_grpc_st_length_3;
|
|
2268 break;
|
|
2269
|
|
2270 case ngx_http_grpc_st_length_3:
|
|
2271 ctx->rest |= ch;
|
|
2272
|
|
2273 if (ctx->rest > NGX_HTTP_V2_DEFAULT_FRAME_SIZE) {
|
|
2274 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2275 "upstream sent too large http2 frame: %uz",
|
|
2276 ctx->rest);
|
|
2277 return NGX_ERROR;
|
|
2278 }
|
|
2279
|
|
2280 state = ngx_http_grpc_st_type;
|
|
2281 break;
|
|
2282
|
|
2283 case ngx_http_grpc_st_type:
|
|
2284 ctx->type = ch;
|
|
2285 state = ngx_http_grpc_st_flags;
|
|
2286 break;
|
|
2287
|
|
2288 case ngx_http_grpc_st_flags:
|
|
2289 ctx->flags = ch;
|
|
2290 state = ngx_http_grpc_st_stream_id;
|
|
2291 break;
|
|
2292
|
|
2293 case ngx_http_grpc_st_stream_id:
|
|
2294 ctx->stream_id = (ch & 0x7f) << 24;
|
|
2295 state = ngx_http_grpc_st_stream_id_2;
|
|
2296 break;
|
|
2297
|
|
2298 case ngx_http_grpc_st_stream_id_2:
|
|
2299 ctx->stream_id |= ch << 16;
|
|
2300 state = ngx_http_grpc_st_stream_id_3;
|
|
2301 break;
|
|
2302
|
|
2303 case ngx_http_grpc_st_stream_id_3:
|
|
2304 ctx->stream_id |= ch << 8;
|
|
2305 state = ngx_http_grpc_st_stream_id_4;
|
|
2306 break;
|
|
2307
|
|
2308 case ngx_http_grpc_st_stream_id_4:
|
|
2309 ctx->stream_id |= ch;
|
|
2310
|
|
2311 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2312 "grpc frame: %d, len: %uz, f:%d, i:%ui",
|
|
2313 ctx->type, ctx->rest, ctx->flags, ctx->stream_id);
|
|
2314
|
|
2315 b->pos = p + 1;
|
|
2316
|
|
2317 ctx->state = ngx_http_grpc_st_payload;
|
|
2318 ctx->frame_state = 0;
|
|
2319
|
|
2320 return NGX_OK;
|
|
2321
|
|
2322 /* suppress warning */
|
|
2323 case ngx_http_grpc_st_payload:
|
|
2324 case ngx_http_grpc_st_padding:
|
|
2325 break;
|
|
2326 }
|
|
2327 }
|
|
2328
|
|
2329 b->pos = p;
|
|
2330 ctx->state = state;
|
|
2331
|
|
2332 return NGX_AGAIN;
|
|
2333 }
|
|
2334
|
|
2335
|
|
2336 static ngx_int_t
|
|
2337 ngx_http_grpc_parse_header(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
|
|
2338 ngx_buf_t *b)
|
|
2339 {
|
|
2340 u_char ch, *p, *last;
|
|
2341 size_t min;
|
|
2342 ngx_int_t rc;
|
|
2343 enum {
|
|
2344 sw_start = 0,
|
|
2345 sw_padding_length,
|
|
2346 sw_dependency,
|
|
2347 sw_dependency_2,
|
|
2348 sw_dependency_3,
|
|
2349 sw_dependency_4,
|
|
2350 sw_weight,
|
|
2351 sw_fragment,
|
|
2352 sw_padding
|
|
2353 } state;
|
|
2354
|
|
2355 state = ctx->frame_state;
|
|
2356
|
|
2357 if (state == sw_start) {
|
|
2358
|
|
2359 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2360 "grpc parse header: start");
|
|
2361
|
|
2362 if (ctx->type == NGX_HTTP_V2_HEADERS_FRAME) {
|
|
2363 ctx->parsing_headers = 1;
|
|
2364 ctx->fragment_state = 0;
|
|
2365
|
|
2366 min = (ctx->flags & NGX_HTTP_V2_PADDED_FLAG ? 1 : 0)
|
|
2367 + (ctx->flags & NGX_HTTP_V2_PRIORITY_FLAG ? 5 : 0);
|
|
2368
|
|
2369 if (ctx->rest < min) {
|
|
2370 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2371 "upstream sent headers frame "
|
|
2372 "with invalid length: %uz",
|
|
2373 ctx->rest);
|
|
2374 return NGX_ERROR;
|
|
2375 }
|
|
2376
|
|
2377 if (ctx->flags & NGX_HTTP_V2_END_STREAM_FLAG) {
|
|
2378 ctx->end_stream = 1;
|
|
2379 }
|
|
2380
|
|
2381 if (ctx->flags & NGX_HTTP_V2_PADDED_FLAG) {
|
|
2382 state = sw_padding_length;
|
|
2383
|
|
2384 } else if (ctx->flags & NGX_HTTP_V2_PRIORITY_FLAG) {
|
|
2385 state = sw_dependency;
|
|
2386
|
|
2387 } else {
|
|
2388 state = sw_fragment;
|
|
2389 }
|
|
2390
|
|
2391 } else if (ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME) {
|
|
2392 state = sw_fragment;
|
|
2393 }
|
|
2394
|
|
2395 ctx->padding = 0;
|
|
2396 }
|
|
2397
|
|
2398 if (state < sw_fragment) {
|
|
2399
|
|
2400 if (b->last - b->pos < (ssize_t) ctx->rest) {
|
|
2401 last = b->last;
|
|
2402
|
|
2403 } else {
|
|
2404 last = b->pos + ctx->rest;
|
|
2405 }
|
|
2406
|
|
2407 for (p = b->pos; p < last; p++) {
|
|
2408 ch = *p;
|
|
2409
|
|
2410 #if 0
|
|
2411 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2412 "grpc header byte: %02Xd s:%d", ch, state);
|
|
2413 #endif
|
|
2414
|
|
2415 /*
|
|
2416 * headers frame:
|
|
2417 *
|
|
2418 * +---------------+
|
|
2419 * |Pad Length? (8)|
|
|
2420 * +-+-------------+----------------------------------------------+
|
|
2421 * |E| Stream Dependency? (31) |
|
|
2422 * +-+-------------+----------------------------------------------+
|
|
2423 * | Weight? (8) |
|
|
2424 * +-+-------------+----------------------------------------------+
|
|
2425 * | Header Block Fragment (*) ...
|
|
2426 * +--------------------------------------------------------------+
|
|
2427 * | Padding (*) ...
|
|
2428 * +--------------------------------------------------------------+
|
|
2429 */
|
|
2430
|
|
2431 switch (state) {
|
|
2432
|
|
2433 case sw_padding_length:
|
|
2434
|
|
2435 ctx->padding = ch;
|
|
2436
|
|
2437 if (ctx->flags & NGX_HTTP_V2_PRIORITY_FLAG) {
|
|
2438 state = sw_dependency;
|
|
2439 break;
|
|
2440 }
|
|
2441
|
|
2442 goto fragment;
|
|
2443
|
|
2444 case sw_dependency:
|
|
2445 state = sw_dependency_2;
|
|
2446 break;
|
|
2447
|
|
2448 case sw_dependency_2:
|
|
2449 state = sw_dependency_3;
|
|
2450 break;
|
|
2451
|
|
2452 case sw_dependency_3:
|
|
2453 state = sw_dependency_4;
|
|
2454 break;
|
|
2455
|
|
2456 case sw_dependency_4:
|
|
2457 state = sw_weight;
|
|
2458 break;
|
|
2459
|
|
2460 case sw_weight:
|
|
2461 goto fragment;
|
|
2462
|
|
2463 /* suppress warning */
|
|
2464 case sw_start:
|
|
2465 case sw_fragment:
|
|
2466 case sw_padding:
|
|
2467 break;
|
|
2468 }
|
|
2469 }
|
|
2470
|
|
2471 ctx->rest -= p - b->pos;
|
|
2472 b->pos = p;
|
|
2473
|
|
2474 ctx->frame_state = state;
|
|
2475 return NGX_AGAIN;
|
|
2476
|
|
2477 fragment:
|
|
2478
|
|
2479 p++;
|
|
2480 ctx->rest -= p - b->pos;
|
|
2481 b->pos = p;
|
|
2482
|
|
2483 if (ctx->padding > ctx->rest) {
|
|
2484 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2485 "upstream sent http2 frame with too long "
|
|
2486 "padding: %d in frame %uz",
|
|
2487 ctx->padding, ctx->rest);
|
|
2488 return NGX_ERROR;
|
|
2489 }
|
|
2490
|
|
2491 state = sw_fragment;
|
|
2492 ctx->frame_state = state;
|
|
2493 }
|
|
2494
|
|
2495 if (state == sw_fragment) {
|
|
2496
|
|
2497 rc = ngx_http_grpc_parse_fragment(r, ctx, b);
|
|
2498
|
|
2499 if (rc == NGX_AGAIN) {
|
|
2500 return NGX_AGAIN;
|
|
2501 }
|
|
2502
|
|
2503 if (rc == NGX_ERROR) {
|
|
2504 return NGX_ERROR;
|
|
2505 }
|
|
2506
|
|
2507 if (rc == NGX_OK) {
|
|
2508 return NGX_OK;
|
|
2509 }
|
|
2510
|
|
2511 /* rc == NGX_DONE */
|
|
2512
|
|
2513 state = sw_padding;
|
|
2514 ctx->frame_state = state;
|
|
2515 }
|
|
2516
|
|
2517 if (state == sw_padding) {
|
|
2518
|
|
2519 if (b->last - b->pos < (ssize_t) ctx->rest) {
|
|
2520
|
|
2521 ctx->rest -= b->last - b->pos;
|
|
2522 b->pos = b->last;
|
|
2523
|
|
2524 return NGX_AGAIN;
|
|
2525 }
|
|
2526
|
|
2527 b->pos += ctx->rest;
|
|
2528 ctx->rest = 0;
|
|
2529
|
|
2530 ctx->state = ngx_http_grpc_st_start;
|
|
2531
|
|
2532 if (ctx->flags & NGX_HTTP_V2_END_HEADERS_FLAG) {
|
|
2533
|
|
2534 if (ctx->fragment_state) {
|
|
2535 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2536 "upstream sent truncated http2 header");
|
|
2537 return NGX_ERROR;
|
|
2538 }
|
|
2539
|
|
2540 ctx->parsing_headers = 0;
|
|
2541
|
|
2542 return NGX_HTTP_PARSE_HEADER_DONE;
|
|
2543 }
|
|
2544
|
|
2545 return NGX_AGAIN;
|
|
2546 }
|
|
2547
|
|
2548 /* unreachable */
|
|
2549
|
|
2550 return NGX_ERROR;
|
|
2551 }
|
|
2552
|
|
2553
|
|
2554 static ngx_int_t
|
|
2555 ngx_http_grpc_parse_fragment(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
|
|
2556 ngx_buf_t *b)
|
|
2557 {
|
|
2558 u_char ch, *p, *last;
|
|
2559 size_t size;
|
|
2560 ngx_uint_t index, size_update;
|
|
2561 enum {
|
|
2562 sw_start = 0,
|
|
2563 sw_index,
|
|
2564 sw_name_length,
|
|
2565 sw_name_length_2,
|
|
2566 sw_name_length_3,
|
|
2567 sw_name_length_4,
|
|
2568 sw_name,
|
|
2569 sw_name_bytes,
|
|
2570 sw_value_length,
|
|
2571 sw_value_length_2,
|
|
2572 sw_value_length_3,
|
|
2573 sw_value_length_4,
|
|
2574 sw_value,
|
|
2575 sw_value_bytes
|
|
2576 } state;
|
|
2577
|
|
2578 /* header block fragment */
|
|
2579
|
|
2580 #if 0
|
|
2581 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2582 "grpc header fragment %p:%p rest:%uz",
|
|
2583 b->pos, b->last, ctx->rest);
|
|
2584 #endif
|
|
2585
|
|
2586 if (b->last - b->pos < (ssize_t) ctx->rest - ctx->padding) {
|
|
2587 last = b->last;
|
|
2588
|
|
2589 } else {
|
|
2590 last = b->pos + ctx->rest - ctx->padding;
|
|
2591 }
|
|
2592
|
|
2593 state = ctx->fragment_state;
|
|
2594
|
|
2595 for (p = b->pos; p < last; p++) {
|
|
2596 ch = *p;
|
|
2597
|
|
2598 #if 0
|
|
2599 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2600 "grpc header byte: %02Xd s:%d", ch, state);
|
|
2601 #endif
|
|
2602
|
|
2603 switch (state) {
|
|
2604
|
|
2605 case sw_start:
|
|
2606 ctx->index = 0;
|
|
2607
|
|
2608 if ((ch & 0x80) == 0x80) {
|
|
2609 /*
|
|
2610 * indexed header:
|
|
2611 *
|
|
2612 * 0 1 2 3 4 5 6 7
|
|
2613 * +---+---+---+---+---+---+---+---+
|
|
2614 * | 1 | Index (7+) |
|
|
2615 * +---+---------------------------+
|
|
2616 */
|
|
2617
|
|
2618 index = ch & ~0x80;
|
|
2619
|
|
2620 if (index == 0 || index > 61) {
|
|
2621 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2622 "upstream sent invalid http2 "
|
|
2623 "table index: %ui", index);
|
|
2624 return NGX_ERROR;
|
|
2625 }
|
|
2626
|
|
2627 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2628 "grpc indexed header: %ui", index);
|
|
2629
|
|
2630 ctx->index = index;
|
|
2631 ctx->literal = 0;
|
|
2632
|
|
2633 goto done;
|
|
2634
|
|
2635 } else if ((ch & 0xc0) == 0x40) {
|
|
2636 /*
|
|
2637 * literal header with incremental indexing:
|
|
2638 *
|
|
2639 * 0 1 2 3 4 5 6 7
|
|
2640 * +---+---+---+---+---+---+---+---+
|
|
2641 * | 0 | 1 | Index (6+) |
|
|
2642 * +---+---+-----------------------+
|
|
2643 * | H | Value Length (7+) |
|
|
2644 * +---+---------------------------+
|
|
2645 * | Value String (Length octets) |
|
|
2646 * +-------------------------------+
|
|
2647 *
|
|
2648 * 0 1 2 3 4 5 6 7
|
|
2649 * +---+---+---+---+---+---+---+---+
|
|
2650 * | 0 | 1 | 0 |
|
|
2651 * +---+---+-----------------------+
|
|
2652 * | H | Name Length (7+) |
|
|
2653 * +---+---------------------------+
|
|
2654 * | Name String (Length octets) |
|
|
2655 * +---+---------------------------+
|
|
2656 * | H | Value Length (7+) |
|
|
2657 * +---+---------------------------+
|
|
2658 * | Value String (Length octets) |
|
|
2659 * +-------------------------------+
|
|
2660 */
|
|
2661
|
|
2662 index = ch & ~0xc0;
|
|
2663
|
|
2664 if (index > 61) {
|
|
2665 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2666 "upstream sent invalid http2 "
|
|
2667 "table index: %ui", index);
|
|
2668 return NGX_ERROR;
|
|
2669 }
|
|
2670
|
|
2671 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2672 "grpc literal header: %ui", index);
|
|
2673
|
|
2674 if (index == 0) {
|
|
2675 state = sw_name_length;
|
|
2676 break;
|
|
2677 }
|
|
2678
|
|
2679 ctx->index = index;
|
|
2680 ctx->literal = 1;
|
|
2681
|
|
2682 state = sw_value_length;
|
|
2683 break;
|
|
2684
|
|
2685 } else if ((ch & 0xe0) == 0x20) {
|
|
2686 /*
|
|
2687 * dynamic table size update:
|
|
2688 *
|
|
2689 * 0 1 2 3 4 5 6 7
|
|
2690 * +---+---+---+---+---+---+---+---+
|
|
2691 * | 0 | 0 | 1 | Max size (5+) |
|
|
2692 * +---+---------------------------+
|
|
2693 */
|
|
2694
|
|
2695 size_update = ch & ~0xe0;
|
|
2696
|
|
2697 if (size_update > 0) {
|
|
2698 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2699 "upstream sent invalid http2 "
|
|
2700 "dynamic table size update: %ui",
|
|
2701 size_update);
|
|
2702 return NGX_ERROR;
|
|
2703 }
|
|
2704
|
|
2705 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2706 "grpc table size update: %ui", size_update);
|
|
2707
|
|
2708 break;
|
|
2709
|
|
2710 } else if ((ch & 0xf0) == 0x10) {
|
|
2711 /*
|
|
2712 * literal header field never indexed:
|
|
2713 *
|
|
2714 * 0 1 2 3 4 5 6 7
|
|
2715 * +---+---+---+---+---+---+---+---+
|
|
2716 * | 0 | 0 | 0 | 1 | Index (4+) |
|
|
2717 * +---+---+-----------------------+
|
|
2718 * | H | Value Length (7+) |
|
|
2719 * +---+---------------------------+
|
|
2720 * | Value String (Length octets) |
|
|
2721 * +-------------------------------+
|
|
2722 *
|
|
2723 * 0 1 2 3 4 5 6 7
|
|
2724 * +---+---+---+---+---+---+---+---+
|
|
2725 * | 0 | 0 | 0 | 1 | 0 |
|
|
2726 * +---+---+-----------------------+
|
|
2727 * | H | Name Length (7+) |
|
|
2728 * +---+---------------------------+
|
|
2729 * | Name String (Length octets) |
|
|
2730 * +---+---------------------------+
|
|
2731 * | H | Value Length (7+) |
|
|
2732 * +---+---------------------------+
|
|
2733 * | Value String (Length octets) |
|
|
2734 * +-------------------------------+
|
|
2735 */
|
|
2736
|
|
2737 index = ch & ~0xf0;
|
|
2738
|
|
2739 if (index == 0x0f) {
|
|
2740 ctx->index = index;
|
|
2741 ctx->literal = 1;
|
|
2742 state = sw_index;
|
|
2743 break;
|
|
2744 }
|
|
2745
|
|
2746 if (index == 0) {
|
|
2747 state = sw_name_length;
|
|
2748 break;
|
|
2749 }
|
|
2750
|
|
2751 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2752 "grpc literal header never indexed: %ui",
|
|
2753 index);
|
|
2754
|
|
2755 ctx->index = index;
|
|
2756 ctx->literal = 1;
|
|
2757
|
|
2758 state = sw_value_length;
|
|
2759 break;
|
|
2760
|
|
2761 } else if ((ch & 0xf0) == 0x00) {
|
|
2762 /*
|
|
2763 * literal header field without indexing:
|
|
2764 *
|
|
2765 * 0 1 2 3 4 5 6 7
|
|
2766 * +---+---+---+---+---+---+---+---+
|
|
2767 * | 0 | 0 | 0 | 0 | Index (4+) |
|
|
2768 * +---+---+-----------------------+
|
|
2769 * | H | Value Length (7+) |
|
|
2770 * +---+---------------------------+
|
|
2771 * | Value String (Length octets) |
|
|
2772 * +-------------------------------+
|
|
2773 *
|
|
2774 * 0 1 2 3 4 5 6 7
|
|
2775 * +---+---+---+---+---+---+---+---+
|
|
2776 * | 0 | 0 | 0 | 0 | 0 |
|
|
2777 * +---+---+-----------------------+
|
|
2778 * | H | Name Length (7+) |
|
|
2779 * +---+---------------------------+
|
|
2780 * | Name String (Length octets) |
|
|
2781 * +---+---------------------------+
|
|
2782 * | H | Value Length (7+) |
|
|
2783 * +---+---------------------------+
|
|
2784 * | Value String (Length octets) |
|
|
2785 * +-------------------------------+
|
|
2786 */
|
|
2787
|
|
2788 index = ch & ~0xf0;
|
|
2789
|
|
2790 if (index == 0x0f) {
|
|
2791 ctx->index = index;
|
|
2792 ctx->literal = 1;
|
|
2793 state = sw_index;
|
|
2794 break;
|
|
2795 }
|
|
2796
|
|
2797 if (index == 0) {
|
|
2798 state = sw_name_length;
|
|
2799 break;
|
|
2800 }
|
|
2801
|
|
2802 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2803 "grpc literal header without indexing: %ui",
|
|
2804 index);
|
|
2805
|
|
2806 ctx->index = index;
|
|
2807 ctx->literal = 1;
|
|
2808
|
|
2809 state = sw_value_length;
|
|
2810 break;
|
|
2811 }
|
|
2812
|
|
2813 /* not reached */
|
|
2814
|
|
2815 return NGX_ERROR;
|
|
2816
|
|
2817 case sw_index:
|
|
2818 ctx->index = ctx->index + (ch & ~0x80);
|
|
2819
|
|
2820 if (ch & 0x80) {
|
|
2821 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2822 "upstream sent http2 table index "
|
|
2823 "with continuation flag");
|
|
2824 return NGX_ERROR;
|
|
2825 }
|
|
2826
|
|
2827 if (ctx->index > 61) {
|
|
2828 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2829 "upstream sent invalid http2 "
|
|
2830 "table index: %ui", ctx->index);
|
|
2831 return NGX_ERROR;
|
|
2832 }
|
|
2833
|
|
2834 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2835 "grpc header index: %ui", ctx->index);
|
|
2836
|
|
2837 state = sw_value_length;
|
|
2838 break;
|
|
2839
|
|
2840 case sw_name_length:
|
|
2841 ctx->field_huffman = ch & 0x80 ? 1 : 0;
|
|
2842 ctx->field_length = ch & ~0x80;
|
|
2843
|
|
2844 if (ctx->field_length == 0x7f) {
|
|
2845 state = sw_name_length_2;
|
|
2846 break;
|
|
2847 }
|
|
2848
|
|
2849 if (ctx->field_length == 0) {
|
|
2850 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2851 "upstream sent zero http2 "
|
|
2852 "header name length");
|
|
2853 return NGX_ERROR;
|
|
2854 }
|
|
2855
|
|
2856 state = sw_name;
|
|
2857 break;
|
|
2858
|
|
2859 case sw_name_length_2:
|
|
2860 ctx->field_length += ch & ~0x80;
|
|
2861
|
|
2862 if (ch & 0x80) {
|
|
2863 state = sw_name_length_3;
|
|
2864 break;
|
|
2865 }
|
|
2866
|
|
2867 state = sw_name;
|
|
2868 break;
|
|
2869
|
|
2870 case sw_name_length_3:
|
|
2871 ctx->field_length += (ch & ~0x80) << 7;
|
|
2872
|
|
2873 if (ch & 0x80) {
|
|
2874 state = sw_name_length_4;
|
|
2875 break;
|
|
2876 }
|
|
2877
|
|
2878 state = sw_name;
|
|
2879 break;
|
|
2880
|
|
2881 case sw_name_length_4:
|
|
2882 ctx->field_length += (ch & ~0x80) << 14;
|
|
2883
|
|
2884 if (ch & 0x80) {
|
|
2885 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2886 "upstream sent too large http2 "
|
|
2887 "header name length");
|
|
2888 return NGX_ERROR;
|
|
2889 }
|
|
2890
|
|
2891 state = sw_name;
|
|
2892 break;
|
|
2893
|
|
2894 case sw_name:
|
|
2895 ctx->name.len = ctx->field_huffman ?
|
|
2896 ctx->field_length * 8 / 5 : ctx->field_length;
|
|
2897
|
|
2898 ctx->name.data = ngx_pnalloc(r->pool, ctx->name.len + 1);
|
|
2899 if (ctx->name.data == NULL) {
|
|
2900 return NGX_ERROR;
|
|
2901 }
|
|
2902
|
|
2903 ctx->field_end = ctx->name.data;
|
|
2904 ctx->field_rest = ctx->field_length;
|
|
2905 ctx->field_state = 0;
|
|
2906
|
|
2907 state = sw_name_bytes;
|
|
2908
|
|
2909 /* fall through */
|
|
2910
|
|
2911 case sw_name_bytes:
|
|
2912
|
|
2913 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
2914 "grpc name: len:%uz h:%d last:%uz, rest:%uz",
|
|
2915 ctx->field_length,
|
|
2916 ctx->field_huffman,
|
|
2917 last - p,
|
|
2918 ctx->rest - (p - b->pos));
|
|
2919
|
|
2920 size = ngx_min(last - p, (ssize_t) ctx->field_rest);
|
|
2921 ctx->field_rest -= size;
|
|
2922
|
|
2923 if (ctx->field_huffman) {
|
|
2924 if (ngx_http_v2_huff_decode(&ctx->field_state, p, size,
|
|
2925 &ctx->field_end,
|
|
2926 ctx->field_rest == 0,
|
|
2927 r->connection->log)
|
|
2928 != NGX_OK)
|
|
2929 {
|
|
2930 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2931 "upstream sent invalid encoded header");
|
|
2932 return NGX_ERROR;
|
|
2933 }
|
|
2934
|
|
2935 ctx->name.len = ctx->field_end - ctx->name.data;
|
|
2936 ctx->name.data[ctx->name.len] = '\0';
|
|
2937
|
|
2938 } else {
|
|
2939 ngx_memcpy(ctx->field_end, p, size);
|
|
2940 ctx->name.data[ctx->name.len] = '\0';
|
|
2941 }
|
|
2942
|
|
2943 p += size - 1;
|
|
2944
|
|
2945 if (ctx->field_rest == 0) {
|
|
2946 state = sw_value_length;
|
|
2947 }
|
|
2948
|
|
2949 break;
|
|
2950
|
|
2951 case sw_value_length:
|
|
2952 ctx->field_huffman = ch & 0x80 ? 1 : 0;
|
|
2953 ctx->field_length = ch & ~0x80;
|
|
2954
|
|
2955 if (ctx->field_length == 0x7f) {
|
|
2956 state = sw_value_length_2;
|
|
2957 break;
|
|
2958 }
|
|
2959
|
|
2960 if (ctx->field_length == 0) {
|
|
2961 ngx_str_set(&ctx->value, "");
|
|
2962 goto done;
|
|
2963 }
|
|
2964
|
|
2965 state = sw_value;
|
|
2966 break;
|
|
2967
|
|
2968 case sw_value_length_2:
|
|
2969 ctx->field_length += ch & ~0x80;
|
|
2970
|
|
2971 if (ch & 0x80) {
|
|
2972 state = sw_value_length_3;
|
|
2973 break;
|
|
2974 }
|
|
2975
|
|
2976 state = sw_value;
|
|
2977 break;
|
|
2978
|
|
2979 case sw_value_length_3:
|
|
2980 ctx->field_length += (ch & ~0x80) << 7;
|
|
2981
|
|
2982 if (ch & 0x80) {
|
|
2983 state = sw_value_length_4;
|
|
2984 break;
|
|
2985 }
|
|
2986
|
|
2987 state = sw_value;
|
|
2988 break;
|
|
2989
|
|
2990 case sw_value_length_4:
|
|
2991 ctx->field_length += (ch & ~0x80) << 14;
|
|
2992
|
|
2993 if (ch & 0x80) {
|
|
2994 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
2995 "upstream sent too large http2 "
|
|
2996 "header value length");
|
|
2997 return NGX_ERROR;
|
|
2998 }
|
|
2999
|
|
3000 state = sw_value;
|
|
3001 break;
|
|
3002
|
|
3003 case sw_value:
|
|
3004 ctx->value.len = ctx->field_huffman ?
|
|
3005 ctx->field_length * 8 / 5 : ctx->field_length;
|
|
3006
|
|
3007 ctx->value.data = ngx_pnalloc(r->pool, ctx->value.len + 1);
|
|
3008 if (ctx->value.data == NULL) {
|
|
3009 return NGX_ERROR;
|
|
3010 }
|
|
3011
|
|
3012 ctx->field_end = ctx->value.data;
|
|
3013 ctx->field_rest = ctx->field_length;
|
|
3014 ctx->field_state = 0;
|
|
3015
|
|
3016 state = sw_value_bytes;
|
|
3017
|
|
3018 /* fall through */
|
|
3019
|
|
3020 case sw_value_bytes:
|
|
3021
|
|
3022 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3023 "grpc value: len:%uz h:%d last:%uz, rest:%uz",
|
|
3024 ctx->field_length,
|
|
3025 ctx->field_huffman,
|
|
3026 last - p,
|
|
3027 ctx->rest - (p - b->pos));
|
|
3028
|
|
3029 size = ngx_min(last - p, (ssize_t) ctx->field_rest);
|
|
3030 ctx->field_rest -= size;
|
|
3031
|
|
3032 if (ctx->field_huffman) {
|
|
3033 if (ngx_http_v2_huff_decode(&ctx->field_state, p, size,
|
|
3034 &ctx->field_end,
|
|
3035 ctx->field_rest == 0,
|
|
3036 r->connection->log)
|
|
3037 != NGX_OK)
|
|
3038 {
|
|
3039 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3040 "upstream sent invalid encoded header");
|
|
3041 return NGX_ERROR;
|
|
3042 }
|
|
3043
|
|
3044 ctx->value.len = ctx->field_end - ctx->value.data;
|
|
3045 ctx->value.data[ctx->value.len] = '\0';
|
|
3046
|
|
3047 } else {
|
|
3048 ngx_memcpy(ctx->field_end, p, size);
|
|
3049 ctx->value.data[ctx->value.len] = '\0';
|
|
3050 }
|
|
3051
|
|
3052 p += size - 1;
|
|
3053
|
|
3054 if (ctx->field_rest == 0) {
|
|
3055 goto done;
|
|
3056 }
|
|
3057
|
|
3058 break;
|
|
3059 }
|
|
3060
|
|
3061 continue;
|
|
3062
|
|
3063 done:
|
|
3064
|
|
3065 p++;
|
|
3066 ctx->rest -= p - b->pos;
|
|
3067 ctx->fragment_state = sw_start;
|
|
3068 b->pos = p;
|
|
3069
|
|
3070 if (ctx->index) {
|
|
3071 ctx->name = *ngx_http_v2_get_static_name(ctx->index);
|
|
3072 }
|
|
3073
|
|
3074 if (ctx->index && !ctx->literal) {
|
|
3075 ctx->value = *ngx_http_v2_get_static_value(ctx->index);
|
|
3076 }
|
|
3077
|
|
3078 if (!ctx->index) {
|
|
3079 if (ngx_http_grpc_validate_header_name(r, &ctx->name) != NGX_OK) {
|
|
3080 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3081 "upstream sent invalid header: \"%V: %V\"",
|
|
3082 &ctx->name, &ctx->value);
|
|
3083 return NGX_ERROR;
|
|
3084 }
|
|
3085 }
|
|
3086
|
|
3087 if (!ctx->index || ctx->literal) {
|
|
3088 if (ngx_http_grpc_validate_header_value(r, &ctx->value) != NGX_OK) {
|
|
3089 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3090 "upstream sent invalid header: \"%V: %V\"",
|
|
3091 &ctx->name, &ctx->value);
|
|
3092 return NGX_ERROR;
|
|
3093 }
|
|
3094 }
|
|
3095
|
|
3096 return NGX_OK;
|
|
3097 }
|
|
3098
|
|
3099 ctx->rest -= p - b->pos;
|
|
3100 ctx->fragment_state = state;
|
|
3101 b->pos = p;
|
|
3102
|
|
3103 if (ctx->rest > ctx->padding) {
|
|
3104 return NGX_AGAIN;
|
|
3105 }
|
|
3106
|
|
3107 return NGX_DONE;
|
|
3108 }
|
|
3109
|
|
3110
|
|
3111 static ngx_int_t
|
|
3112 ngx_http_grpc_validate_header_name(ngx_http_request_t *r, ngx_str_t *s)
|
|
3113 {
|
|
3114 u_char ch;
|
|
3115 ngx_uint_t i;
|
|
3116
|
|
3117 for (i = 0; i < s->len; i++) {
|
|
3118 ch = s->data[i];
|
|
3119
|
|
3120 if (ch == ':' && i > 0) {
|
|
3121 return NGX_ERROR;
|
|
3122 }
|
|
3123
|
|
3124 if (ch >= 'A' && ch <= 'Z') {
|
|
3125 return NGX_ERROR;
|
|
3126 }
|
|
3127
|
|
3128 if (ch == '\0' || ch == CR || ch == LF) {
|
|
3129 return NGX_ERROR;
|
|
3130 }
|
|
3131 }
|
|
3132
|
|
3133 return NGX_OK;
|
|
3134 }
|
|
3135
|
|
3136
|
|
3137 static ngx_int_t
|
|
3138 ngx_http_grpc_validate_header_value(ngx_http_request_t *r, ngx_str_t *s)
|
|
3139 {
|
|
3140 u_char ch;
|
|
3141 ngx_uint_t i;
|
|
3142
|
|
3143 for (i = 0; i < s->len; i++) {
|
|
3144 ch = s->data[i];
|
|
3145
|
|
3146 if (ch == '\0' || ch == CR || ch == LF) {
|
|
3147 return NGX_ERROR;
|
|
3148 }
|
|
3149 }
|
|
3150
|
|
3151 return NGX_OK;
|
|
3152 }
|
|
3153
|
|
3154
|
|
3155 static ngx_int_t
|
|
3156 ngx_http_grpc_parse_rst_stream(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
|
|
3157 ngx_buf_t *b)
|
|
3158 {
|
|
3159 u_char ch, *p, *last;
|
|
3160 enum {
|
|
3161 sw_start = 0,
|
|
3162 sw_error_2,
|
|
3163 sw_error_3,
|
|
3164 sw_error_4
|
|
3165 } state;
|
|
3166
|
|
3167 if (b->last - b->pos < (ssize_t) ctx->rest) {
|
|
3168 last = b->last;
|
|
3169
|
|
3170 } else {
|
|
3171 last = b->pos + ctx->rest;
|
|
3172 }
|
|
3173
|
|
3174 state = ctx->frame_state;
|
|
3175
|
|
3176 if (state == sw_start) {
|
|
3177 if (ctx->rest != 4) {
|
|
3178 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3179 "upstream sent rst stream frame "
|
|
3180 "with invalid length: %uz",
|
|
3181 ctx->rest);
|
|
3182 return NGX_ERROR;
|
|
3183 }
|
|
3184 }
|
|
3185
|
|
3186 for (p = b->pos; p < last; p++) {
|
|
3187 ch = *p;
|
|
3188
|
|
3189 #if 0
|
|
3190 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3191 "grpc rst byte: %02Xd s:%d", ch, state);
|
|
3192 #endif
|
|
3193
|
|
3194 switch (state) {
|
|
3195
|
|
3196 case sw_start:
|
|
3197 ctx->error = ch << 24;
|
|
3198 state = sw_error_2;
|
|
3199 break;
|
|
3200
|
|
3201 case sw_error_2:
|
|
3202 ctx->error |= ch << 16;
|
|
3203 state = sw_error_3;
|
|
3204 break;
|
|
3205
|
|
3206 case sw_error_3:
|
|
3207 ctx->error |= ch << 8;
|
|
3208 state = sw_error_4;
|
|
3209 break;
|
|
3210
|
|
3211 case sw_error_4:
|
|
3212 ctx->error |= ch;
|
|
3213 state = sw_start;
|
|
3214
|
|
3215 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3216 "grpc error: %ui", ctx->error);
|
|
3217
|
|
3218 break;
|
|
3219 }
|
|
3220 }
|
|
3221
|
|
3222 ctx->rest -= p - b->pos;
|
|
3223 ctx->frame_state = state;
|
|
3224 b->pos = p;
|
|
3225
|
|
3226 if (ctx->rest > 0) {
|
|
3227 return NGX_AGAIN;
|
|
3228 }
|
|
3229
|
|
3230 return NGX_OK;
|
|
3231 }
|
|
3232
|
|
3233
|
|
3234 static ngx_int_t
|
|
3235 ngx_http_grpc_parse_goaway(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
|
|
3236 ngx_buf_t *b)
|
|
3237 {
|
|
3238 u_char ch, *p, *last;
|
|
3239 enum {
|
|
3240 sw_start = 0,
|
|
3241 sw_last_stream_id_2,
|
|
3242 sw_last_stream_id_3,
|
|
3243 sw_last_stream_id_4,
|
|
3244 sw_error,
|
|
3245 sw_error_2,
|
|
3246 sw_error_3,
|
|
3247 sw_error_4,
|
|
3248 sw_debug
|
|
3249 } state;
|
|
3250
|
|
3251 if (b->last - b->pos < (ssize_t) ctx->rest) {
|
|
3252 last = b->last;
|
|
3253
|
|
3254 } else {
|
|
3255 last = b->pos + ctx->rest;
|
|
3256 }
|
|
3257
|
|
3258 state = ctx->frame_state;
|
|
3259
|
|
3260 if (state == sw_start) {
|
|
3261
|
|
3262 if (ctx->stream_id) {
|
|
3263 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3264 "upstream sent goaway frame "
|
|
3265 "with non-zero stream id: %ui",
|
|
3266 ctx->stream_id);
|
|
3267 return NGX_ERROR;
|
|
3268 }
|
|
3269
|
|
3270 if (ctx->rest < 8) {
|
|
3271 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3272 "upstream sent goaway frame "
|
|
3273 "with invalid length: %uz",
|
|
3274 ctx->rest);
|
|
3275 return NGX_ERROR;
|
|
3276 }
|
|
3277 }
|
|
3278
|
|
3279 for (p = b->pos; p < last; p++) {
|
|
3280 ch = *p;
|
|
3281
|
|
3282 #if 0
|
|
3283 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3284 "grpc goaway byte: %02Xd s:%d", ch, state);
|
|
3285 #endif
|
|
3286
|
|
3287 switch (state) {
|
|
3288
|
|
3289 case sw_start:
|
|
3290 ctx->stream_id = (ch & 0x7f) << 24;
|
|
3291 state = sw_last_stream_id_2;
|
|
3292 break;
|
|
3293
|
|
3294 case sw_last_stream_id_2:
|
|
3295 ctx->stream_id |= ch << 16;
|
|
3296 state = sw_last_stream_id_3;
|
|
3297 break;
|
|
3298
|
|
3299 case sw_last_stream_id_3:
|
|
3300 ctx->stream_id |= ch << 8;
|
|
3301 state = sw_last_stream_id_4;
|
|
3302 break;
|
|
3303
|
|
3304 case sw_last_stream_id_4:
|
|
3305 ctx->stream_id |= ch;
|
|
3306 state = sw_error;
|
|
3307 break;
|
|
3308
|
|
3309 case sw_error:
|
|
3310 ctx->error = ch << 24;
|
|
3311 state = sw_error_2;
|
|
3312 break;
|
|
3313
|
|
3314 case sw_error_2:
|
|
3315 ctx->error |= ch << 16;
|
|
3316 state = sw_error_3;
|
|
3317 break;
|
|
3318
|
|
3319 case sw_error_3:
|
|
3320 ctx->error |= ch << 8;
|
|
3321 state = sw_error_4;
|
|
3322 break;
|
|
3323
|
|
3324 case sw_error_4:
|
|
3325 ctx->error |= ch;
|
|
3326 state = sw_debug;
|
|
3327 break;
|
|
3328
|
|
3329 case sw_debug:
|
|
3330 break;
|
|
3331 }
|
|
3332 }
|
|
3333
|
|
3334 ctx->rest -= p - b->pos;
|
|
3335 ctx->frame_state = state;
|
|
3336 b->pos = p;
|
|
3337
|
|
3338 if (ctx->rest > 0) {
|
|
3339 return NGX_AGAIN;
|
|
3340 }
|
|
3341
|
|
3342 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3343 "grpc goaway: %ui, stream %ui",
|
|
3344 ctx->error, ctx->stream_id);
|
|
3345
|
|
3346 ctx->state = ngx_http_grpc_st_start;
|
|
3347
|
|
3348 return NGX_OK;
|
|
3349 }
|
|
3350
|
|
3351
|
|
3352 static ngx_int_t
|
|
3353 ngx_http_grpc_parse_window_update(ngx_http_request_t *r,
|
|
3354 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b)
|
|
3355 {
|
|
3356 u_char ch, *p, *last;
|
|
3357 enum {
|
|
3358 sw_start = 0,
|
|
3359 sw_size_2,
|
|
3360 sw_size_3,
|
|
3361 sw_size_4
|
|
3362 } state;
|
|
3363
|
|
3364 if (b->last - b->pos < (ssize_t) ctx->rest) {
|
|
3365 last = b->last;
|
|
3366
|
|
3367 } else {
|
|
3368 last = b->pos + ctx->rest;
|
|
3369 }
|
|
3370
|
|
3371 state = ctx->frame_state;
|
|
3372
|
|
3373 if (state == sw_start) {
|
|
3374 if (ctx->rest != 4) {
|
|
3375 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3376 "upstream sent window update frame "
|
|
3377 "with invalid length: %uz",
|
|
3378 ctx->rest);
|
|
3379 return NGX_ERROR;
|
|
3380 }
|
|
3381 }
|
|
3382
|
|
3383 for (p = b->pos; p < last; p++) {
|
|
3384 ch = *p;
|
|
3385
|
|
3386 #if 0
|
|
3387 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3388 "grpc window update byte: %02Xd s:%d", ch, state);
|
|
3389 #endif
|
|
3390
|
|
3391 switch (state) {
|
|
3392
|
|
3393 case sw_start:
|
|
3394 ctx->window_update = (ch & 0x7f) << 24;
|
|
3395 state = sw_size_2;
|
|
3396 break;
|
|
3397
|
|
3398 case sw_size_2:
|
|
3399 ctx->window_update |= ch << 16;
|
|
3400 state = sw_size_3;
|
|
3401 break;
|
|
3402
|
|
3403 case sw_size_3:
|
|
3404 ctx->window_update |= ch << 8;
|
|
3405 state = sw_size_4;
|
|
3406 break;
|
|
3407
|
|
3408 case sw_size_4:
|
|
3409 ctx->window_update |= ch;
|
|
3410 state = sw_start;
|
|
3411 break;
|
|
3412 }
|
|
3413 }
|
|
3414
|
|
3415 ctx->rest -= p - b->pos;
|
|
3416 ctx->frame_state = state;
|
|
3417 b->pos = p;
|
|
3418
|
|
3419 if (ctx->rest > 0) {
|
|
3420 return NGX_AGAIN;
|
|
3421 }
|
|
3422
|
|
3423 ctx->state = ngx_http_grpc_st_start;
|
|
3424
|
|
3425 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3426 "grpc window update: %ui", ctx->window_update);
|
|
3427
|
|
3428 if (ctx->stream_id) {
|
|
3429
|
|
3430 if (ctx->window_update > (size_t) NGX_HTTP_V2_MAX_WINDOW
|
|
3431 - ctx->send_window)
|
|
3432 {
|
|
3433 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3434 "upstream sent too large window update");
|
|
3435 return NGX_ERROR;
|
|
3436 }
|
|
3437
|
|
3438 ctx->send_window += ctx->window_update;
|
|
3439
|
|
3440 } else {
|
|
3441
|
|
3442 if (ctx->window_update > NGX_HTTP_V2_MAX_WINDOW
|
|
3443 - ctx->connection->send_window)
|
|
3444 {
|
|
3445 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3446 "upstream sent too large window update");
|
|
3447 return NGX_ERROR;
|
|
3448 }
|
|
3449
|
|
3450 ctx->connection->send_window += ctx->window_update;
|
|
3451 }
|
|
3452
|
|
3453 return NGX_OK;
|
|
3454 }
|
|
3455
|
|
3456
|
|
3457 static ngx_int_t
|
|
3458 ngx_http_grpc_parse_settings(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
|
|
3459 ngx_buf_t *b)
|
|
3460 {
|
|
3461 u_char ch, *p, *last;
|
|
3462 ssize_t window_update;
|
|
3463 enum {
|
|
3464 sw_start = 0,
|
|
3465 sw_id,
|
|
3466 sw_id_2,
|
|
3467 sw_value,
|
|
3468 sw_value_2,
|
|
3469 sw_value_3,
|
|
3470 sw_value_4
|
|
3471 } state;
|
|
3472
|
|
3473 if (b->last - b->pos < (ssize_t) ctx->rest) {
|
|
3474 last = b->last;
|
|
3475
|
|
3476 } else {
|
|
3477 last = b->pos + ctx->rest;
|
|
3478 }
|
|
3479
|
|
3480 state = ctx->frame_state;
|
|
3481
|
|
3482 if (state == sw_start) {
|
|
3483
|
|
3484 if (ctx->stream_id) {
|
|
3485 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3486 "upstream sent settings frame "
|
|
3487 "with non-zero stream id: %ui",
|
|
3488 ctx->stream_id);
|
|
3489 return NGX_ERROR;
|
|
3490 }
|
|
3491
|
|
3492 if (ctx->flags & NGX_HTTP_V2_ACK_FLAG) {
|
|
3493 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3494 "grpc settings ack");
|
|
3495
|
|
3496 if (ctx->rest != 0) {
|
|
3497 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3498 "upstream sent settings frame "
|
|
3499 "with ack flag and non-zero length: %uz",
|
|
3500 ctx->rest);
|
|
3501 return NGX_ERROR;
|
|
3502 }
|
|
3503
|
|
3504 ctx->state = ngx_http_grpc_st_start;
|
|
3505
|
|
3506 return NGX_OK;
|
|
3507 }
|
|
3508
|
|
3509 if (ctx->rest % 6 != 0) {
|
|
3510 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3511 "upstream sent settings frame "
|
|
3512 "with invalid length: %uz",
|
|
3513 ctx->rest);
|
|
3514 return NGX_ERROR;
|
|
3515 }
|
|
3516 }
|
|
3517
|
|
3518 for (p = b->pos; p < last; p++) {
|
|
3519 ch = *p;
|
|
3520
|
|
3521 #if 0
|
|
3522 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3523 "grpc settings byte: %02Xd s:%d", ch, state);
|
|
3524 #endif
|
|
3525
|
|
3526 switch (state) {
|
|
3527
|
|
3528 case sw_start:
|
|
3529 case sw_id:
|
|
3530 ctx->setting_id = ch << 8;
|
|
3531 state = sw_id_2;
|
|
3532 break;
|
|
3533
|
|
3534 case sw_id_2:
|
|
3535 ctx->setting_id |= ch;
|
|
3536 state = sw_value;
|
|
3537 break;
|
|
3538
|
|
3539 case sw_value:
|
|
3540 ctx->setting_value = ch << 24;
|
|
3541 state = sw_value_2;
|
|
3542 break;
|
|
3543
|
|
3544 case sw_value_2:
|
|
3545 ctx->setting_value |= ch << 16;
|
|
3546 state = sw_value_3;
|
|
3547 break;
|
|
3548
|
|
3549 case sw_value_3:
|
|
3550 ctx->setting_value |= ch << 8;
|
|
3551 state = sw_value_4;
|
|
3552 break;
|
|
3553
|
|
3554 case sw_value_4:
|
|
3555 ctx->setting_value |= ch;
|
|
3556 state = sw_id;
|
|
3557
|
|
3558 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3559 "grpc setting: %ui %ui",
|
|
3560 ctx->setting_id, ctx->setting_value);
|
|
3561
|
|
3562 /*
|
|
3563 * The following settings are defined by the protocol:
|
|
3564 *
|
|
3565 * SETTINGS_HEADER_TABLE_SIZE, SETTINGS_ENABLE_PUSH,
|
|
3566 * SETTINGS_MAX_CONCURRENT_STREAMS, SETTINGS_INITIAL_WINDOW_SIZE,
|
|
3567 * SETTINGS_MAX_FRAME_SIZE, SETTINGS_MAX_HEADER_LIST_SIZE
|
|
3568 *
|
|
3569 * Only SETTINGS_INITIAL_WINDOW_SIZE seems to be needed in
|
|
3570 * a simple client.
|
|
3571 */
|
|
3572
|
|
3573 if (ctx->setting_id == 0x04) {
|
|
3574 /* SETTINGS_INITIAL_WINDOW_SIZE */
|
|
3575
|
|
3576 if (ctx->setting_value > NGX_HTTP_V2_MAX_WINDOW) {
|
|
3577 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3578 "upstream sent settings frame "
|
|
3579 "with too large initial window size: %ui",
|
|
3580 ctx->setting_value);
|
|
3581 return NGX_ERROR;
|
|
3582 }
|
|
3583
|
|
3584 window_update = ctx->setting_value
|
|
3585 - ctx->connection->init_window;
|
|
3586 ctx->connection->init_window = ctx->setting_value;
|
|
3587
|
|
3588 if (ctx->send_window > 0
|
|
3589 && window_update > (ssize_t) NGX_HTTP_V2_MAX_WINDOW
|
|
3590 - ctx->send_window)
|
|
3591 {
|
|
3592 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3593 "upstream sent settings frame "
|
|
3594 "with too large initial window size: %ui",
|
|
3595 ctx->setting_value);
|
|
3596 return NGX_ERROR;
|
|
3597 }
|
|
3598
|
|
3599 ctx->send_window += window_update;
|
|
3600 }
|
|
3601
|
|
3602 break;
|
|
3603 }
|
|
3604 }
|
|
3605
|
|
3606 ctx->rest -= p - b->pos;
|
|
3607 ctx->frame_state = state;
|
|
3608 b->pos = p;
|
|
3609
|
|
3610 if (ctx->rest > 0) {
|
|
3611 return NGX_AGAIN;
|
|
3612 }
|
|
3613
|
|
3614 ctx->state = ngx_http_grpc_st_start;
|
|
3615
|
|
3616 return ngx_http_grpc_send_settings_ack(r, ctx);
|
|
3617 }
|
|
3618
|
|
3619
|
|
3620 static ngx_int_t
|
|
3621 ngx_http_grpc_parse_ping(ngx_http_request_t *r,
|
|
3622 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b)
|
|
3623 {
|
|
3624 u_char ch, *p, *last;
|
|
3625 enum {
|
|
3626 sw_start = 0,
|
|
3627 sw_data_2,
|
|
3628 sw_data_3,
|
|
3629 sw_data_4,
|
|
3630 sw_data_5,
|
|
3631 sw_data_6,
|
|
3632 sw_data_7,
|
|
3633 sw_data_8
|
|
3634 } state;
|
|
3635
|
|
3636 if (b->last - b->pos < (ssize_t) ctx->rest) {
|
|
3637 last = b->last;
|
|
3638
|
|
3639 } else {
|
|
3640 last = b->pos + ctx->rest;
|
|
3641 }
|
|
3642
|
|
3643 state = ctx->frame_state;
|
|
3644
|
|
3645 if (state == sw_start) {
|
|
3646
|
|
3647 if (ctx->stream_id) {
|
|
3648 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3649 "upstream sent ping frame "
|
|
3650 "with non-zero stream id: %ui",
|
|
3651 ctx->stream_id);
|
|
3652 return NGX_ERROR;
|
|
3653 }
|
|
3654
|
|
3655 if (ctx->rest != 8) {
|
|
3656 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3657 "upstream sent ping frame "
|
|
3658 "with invalid length: %uz",
|
|
3659 ctx->rest);
|
|
3660 return NGX_ERROR;
|
|
3661 }
|
|
3662
|
|
3663 if (ctx->flags & NGX_HTTP_V2_ACK_FLAG) {
|
|
3664 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
|
|
3665 "upstream sent ping frame with ack flag");
|
|
3666 return NGX_ERROR;
|
|
3667 }
|
|
3668 }
|
|
3669
|
|
3670 for (p = b->pos; p < last; p++) {
|
|
3671 ch = *p;
|
|
3672
|
|
3673 #if 0
|
|
3674 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3675 "grpc ping byte: %02Xd s:%d", ch, state);
|
|
3676 #endif
|
|
3677
|
|
3678 if (state < sw_data_8) {
|
|
3679 ctx->ping_data[state] = ch;
|
|
3680 state++;
|
|
3681
|
|
3682 } else {
|
|
3683 ctx->ping_data[7] = ch;
|
|
3684 state = sw_start;
|
|
3685
|
|
3686 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3687 "grpc ping");
|
|
3688 }
|
|
3689 }
|
|
3690
|
|
3691 ctx->rest -= p - b->pos;
|
|
3692 ctx->frame_state = state;
|
|
3693 b->pos = p;
|
|
3694
|
|
3695 if (ctx->rest > 0) {
|
|
3696 return NGX_AGAIN;
|
|
3697 }
|
|
3698
|
|
3699 ctx->state = ngx_http_grpc_st_start;
|
|
3700
|
|
3701 return ngx_http_grpc_send_ping_ack(r, ctx);
|
|
3702 }
|
|
3703
|
|
3704
|
|
3705 static ngx_int_t
|
|
3706 ngx_http_grpc_send_settings_ack(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx)
|
|
3707 {
|
|
3708 ngx_chain_t *cl, **ll;
|
|
3709 ngx_http_grpc_frame_t *f;
|
|
3710
|
|
3711 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3712 "grpc send settings ack");
|
|
3713
|
|
3714 for (cl = ctx->out, ll = &ctx->out; cl; cl = cl->next) {
|
|
3715 ll = &cl->next;
|
|
3716 }
|
|
3717
|
|
3718 cl = ngx_http_grpc_get_buf(r, ctx);
|
|
3719 if (cl == NULL) {
|
|
3720 return NGX_ERROR;
|
|
3721 }
|
|
3722
|
|
3723 f = (ngx_http_grpc_frame_t *) cl->buf->last;
|
|
3724 cl->buf->last += sizeof(ngx_http_grpc_frame_t);
|
|
3725
|
|
3726 f->length_0 = 0;
|
|
3727 f->length_1 = 0;
|
|
3728 f->length_2 = 0;
|
|
3729 f->type = NGX_HTTP_V2_SETTINGS_FRAME;
|
|
3730 f->flags = NGX_HTTP_V2_ACK_FLAG;
|
|
3731 f->stream_id_0 = 0;
|
|
3732 f->stream_id_1 = 0;
|
|
3733 f->stream_id_2 = 0;
|
|
3734 f->stream_id_3 = 0;
|
|
3735
|
|
3736 *ll = cl;
|
|
3737
|
|
3738 return NGX_OK;
|
|
3739 }
|
|
3740
|
|
3741
|
|
3742 static ngx_int_t
|
|
3743 ngx_http_grpc_send_ping_ack(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx)
|
|
3744 {
|
|
3745 ngx_chain_t *cl, **ll;
|
|
3746 ngx_http_grpc_frame_t *f;
|
|
3747
|
|
3748 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3749 "grpc send ping ack");
|
|
3750
|
|
3751 for (cl = ctx->out, ll = &ctx->out; cl; cl = cl->next) {
|
|
3752 ll = &cl->next;
|
|
3753 }
|
|
3754
|
|
3755 cl = ngx_http_grpc_get_buf(r, ctx);
|
|
3756 if (cl == NULL) {
|
|
3757 return NGX_ERROR;
|
|
3758 }
|
|
3759
|
|
3760 f = (ngx_http_grpc_frame_t *) cl->buf->last;
|
|
3761 cl->buf->last += sizeof(ngx_http_grpc_frame_t);
|
|
3762
|
|
3763 f->length_0 = 0;
|
|
3764 f->length_1 = 0;
|
|
3765 f->length_2 = 8;
|
|
3766 f->type = NGX_HTTP_V2_PING_FRAME;
|
|
3767 f->flags = NGX_HTTP_V2_ACK_FLAG;
|
|
3768 f->stream_id_0 = 0;
|
|
3769 f->stream_id_1 = 0;
|
|
3770 f->stream_id_2 = 0;
|
|
3771 f->stream_id_3 = 0;
|
|
3772
|
|
3773 cl->buf->last = ngx_copy(cl->buf->last, ctx->ping_data, 8);
|
|
3774
|
|
3775 *ll = cl;
|
|
3776
|
|
3777 return NGX_OK;
|
|
3778 }
|
|
3779
|
|
3780
|
|
3781 static ngx_int_t
|
|
3782 ngx_http_grpc_send_window_update(ngx_http_request_t *r,
|
|
3783 ngx_http_grpc_ctx_t *ctx)
|
|
3784 {
|
|
3785 size_t n;
|
|
3786 ngx_chain_t *cl, **ll;
|
|
3787 ngx_http_grpc_frame_t *f;
|
|
3788
|
|
3789 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3790 "grpc send window update: %uz %uz",
|
|
3791 ctx->connection->recv_window, ctx->recv_window);
|
|
3792
|
|
3793 for (cl = ctx->out, ll = &ctx->out; cl; cl = cl->next) {
|
|
3794 ll = &cl->next;
|
|
3795 }
|
|
3796
|
|
3797 cl = ngx_http_grpc_get_buf(r, ctx);
|
|
3798 if (cl == NULL) {
|
|
3799 return NGX_ERROR;
|
|
3800 }
|
|
3801
|
|
3802 f = (ngx_http_grpc_frame_t *) cl->buf->last;
|
|
3803 cl->buf->last += sizeof(ngx_http_grpc_frame_t);
|
|
3804
|
|
3805 f->length_0 = 0;
|
|
3806 f->length_1 = 0;
|
|
3807 f->length_2 = 4;
|
|
3808 f->type = NGX_HTTP_V2_WINDOW_UPDATE_FRAME;
|
|
3809 f->flags = 0;
|
|
3810 f->stream_id_0 = 0;
|
|
3811 f->stream_id_1 = 0;
|
|
3812 f->stream_id_2 = 0;
|
|
3813 f->stream_id_3 = 0;
|
|
3814
|
|
3815 n = NGX_HTTP_V2_MAX_WINDOW - ctx->connection->recv_window;
|
|
3816 ctx->connection->recv_window = NGX_HTTP_V2_MAX_WINDOW;
|
|
3817
|
|
3818 *cl->buf->last++ = (u_char) ((n >> 24) & 0xff);
|
|
3819 *cl->buf->last++ = (u_char) ((n >> 16) & 0xff);
|
|
3820 *cl->buf->last++ = (u_char) ((n >> 8) & 0xff);
|
|
3821 *cl->buf->last++ = (u_char) (n & 0xff);
|
|
3822
|
|
3823 f = (ngx_http_grpc_frame_t *) cl->buf->last;
|
|
3824 cl->buf->last += sizeof(ngx_http_grpc_frame_t);
|
|
3825
|
|
3826 f->length_0 = 0;
|
|
3827 f->length_1 = 0;
|
|
3828 f->length_2 = 4;
|
|
3829 f->type = NGX_HTTP_V2_WINDOW_UPDATE_FRAME;
|
|
3830 f->flags = 0;
|
|
3831 f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff);
|
|
3832 f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff);
|
|
3833 f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff);
|
|
3834 f->stream_id_3 = (u_char) (ctx->id & 0xff);
|
|
3835
|
|
3836 n = NGX_HTTP_V2_MAX_WINDOW - ctx->recv_window;
|
|
3837 ctx->recv_window = NGX_HTTP_V2_MAX_WINDOW;
|
|
3838
|
|
3839 *cl->buf->last++ = (u_char) ((n >> 24) & 0xff);
|
|
3840 *cl->buf->last++ = (u_char) ((n >> 16) & 0xff);
|
|
3841 *cl->buf->last++ = (u_char) ((n >> 8) & 0xff);
|
|
3842 *cl->buf->last++ = (u_char) (n & 0xff);
|
|
3843
|
|
3844 *ll = cl;
|
|
3845
|
|
3846 return NGX_OK;
|
|
3847 }
|
|
3848
|
|
3849
|
|
3850 static ngx_chain_t *
|
|
3851 ngx_http_grpc_get_buf(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx)
|
|
3852 {
|
|
3853 ngx_buf_t *b;
|
|
3854 ngx_chain_t *cl;
|
|
3855
|
|
3856 cl = ngx_chain_get_free_buf(r->pool, &ctx->free);
|
|
3857 if (cl == NULL) {
|
|
3858 return NULL;
|
|
3859 }
|
|
3860
|
|
3861 b = cl->buf;
|
|
3862
|
|
3863 b->tag = (ngx_buf_tag_t) &ngx_http_grpc_body_output_filter;
|
|
3864 b->temporary = 1;
|
|
3865 b->flush = 1;
|
|
3866
|
|
3867 if (b->start == NULL) {
|
|
3868
|
|
3869 /*
|
|
3870 * each buffer is large enough to hold two window update
|
|
3871 * frames in a row
|
|
3872 */
|
|
3873
|
|
3874 b->start = ngx_palloc(r->pool, 2 * sizeof(ngx_http_grpc_frame_t) + 8);
|
|
3875 if (b->start == NULL) {
|
|
3876 return NULL;
|
|
3877 }
|
|
3878
|
|
3879 b->pos = b->start;
|
|
3880 b->last = b->start;
|
|
3881
|
|
3882 b->end = b->start + 2 * sizeof(ngx_http_grpc_frame_t) + 8;
|
|
3883 }
|
|
3884
|
|
3885 return cl;
|
|
3886 }
|
|
3887
|
|
3888
|
|
3889 static ngx_http_grpc_ctx_t *
|
|
3890 ngx_http_grpc_get_ctx(ngx_http_request_t *r)
|
|
3891 {
|
|
3892 ngx_http_grpc_ctx_t *ctx;
|
|
3893 ngx_http_upstream_t *u;
|
|
3894
|
|
3895 ctx = ngx_http_get_module_ctx(r, ngx_http_grpc_module);
|
|
3896
|
|
3897 if (ctx->connection == NULL) {
|
|
3898 u = r->upstream;
|
|
3899
|
|
3900 if (ngx_http_grpc_get_connection_data(r, ctx, &u->peer) != NGX_OK) {
|
|
3901 return NULL;
|
|
3902 }
|
|
3903 }
|
|
3904
|
|
3905 return ctx;
|
|
3906 }
|
|
3907
|
|
3908
|
|
3909 static ngx_int_t
|
|
3910 ngx_http_grpc_get_connection_data(ngx_http_request_t *r,
|
|
3911 ngx_http_grpc_ctx_t *ctx, ngx_peer_connection_t *pc)
|
|
3912 {
|
|
3913 ngx_connection_t *c;
|
|
3914 ngx_pool_cleanup_t *cln;
|
|
3915
|
|
3916 c = pc->connection;
|
|
3917
|
|
3918 if (pc->cached) {
|
|
3919
|
|
3920 /*
|
|
3921 * for cached connections, connection data can be found
|
|
3922 * in the cleanup handler
|
|
3923 */
|
|
3924
|
|
3925 for (cln = c->pool->cleanup; cln; cln = cln->next) {
|
|
3926 if (cln->handler == ngx_http_grpc_cleanup) {
|
|
3927 ctx->connection = cln->data;
|
|
3928 break;
|
|
3929 }
|
|
3930 }
|
|
3931
|
|
3932 if (ctx->connection == NULL) {
|
|
3933 ngx_log_error(NGX_LOG_ERR, c->log, 0,
|
|
3934 "no connection data found for "
|
|
3935 "keepalive http2 connection");
|
|
3936 return NGX_ERROR;
|
|
3937 }
|
|
3938
|
|
3939 ctx->send_window = ctx->connection->init_window;
|
|
3940 ctx->recv_window = NGX_HTTP_V2_MAX_WINDOW;
|
|
3941
|
|
3942 ctx->connection->last_stream_id += 2;
|
|
3943 ctx->id = ctx->connection->last_stream_id;
|
|
3944
|
|
3945 return NGX_OK;
|
|
3946 }
|
|
3947
|
|
3948 cln = ngx_pool_cleanup_add(c->pool, sizeof(ngx_http_grpc_conn_t));
|
|
3949 if (cln == NULL) {
|
|
3950 return NGX_ERROR;
|
|
3951 }
|
|
3952
|
|
3953 cln->handler = ngx_http_grpc_cleanup;
|
|
3954 ctx->connection = cln->data;
|
|
3955
|
|
3956 ctx->connection->init_window = NGX_HTTP_V2_DEFAULT_WINDOW;
|
|
3957 ctx->connection->send_window = NGX_HTTP_V2_DEFAULT_WINDOW;
|
|
3958 ctx->connection->recv_window = NGX_HTTP_V2_MAX_WINDOW;
|
|
3959
|
|
3960 ctx->send_window = NGX_HTTP_V2_DEFAULT_WINDOW;
|
|
3961 ctx->recv_window = NGX_HTTP_V2_MAX_WINDOW;
|
|
3962
|
|
3963 ctx->id = 1;
|
|
3964 ctx->connection->last_stream_id = 1;
|
|
3965
|
|
3966 return NGX_OK;
|
|
3967 }
|
|
3968
|
|
3969
|
|
3970 static void
|
|
3971 ngx_http_grpc_cleanup(void *data)
|
|
3972 {
|
|
3973 #if 0
|
|
3974 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0,
|
|
3975 "grpc cleanup");
|
|
3976 #endif
|
|
3977 return;
|
|
3978 }
|
|
3979
|
|
3980
|
|
3981 static void
|
|
3982 ngx_http_grpc_abort_request(ngx_http_request_t *r)
|
|
3983 {
|
|
3984 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3985 "abort grpc request");
|
|
3986 return;
|
|
3987 }
|
|
3988
|
|
3989
|
|
3990 static void
|
|
3991 ngx_http_grpc_finalize_request(ngx_http_request_t *r, ngx_int_t rc)
|
|
3992 {
|
|
3993 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
|
3994 "finalize grpc request");
|
|
3995 return;
|
|
3996 }
|
|
3997
|
|
3998
|
|
3999 static void *
|
|
4000 ngx_http_grpc_create_loc_conf(ngx_conf_t *cf)
|
|
4001 {
|
|
4002 ngx_http_grpc_loc_conf_t *conf;
|
|
4003
|
|
4004 conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_grpc_loc_conf_t));
|
|
4005 if (conf == NULL) {
|
|
4006 return NULL;
|
|
4007 }
|
|
4008
|
|
4009 /*
|
|
4010 * set by ngx_pcalloc():
|
|
4011 *
|
|
4012 * conf->upstream.ignore_headers = 0;
|
|
4013 * conf->upstream.next_upstream = 0;
|
|
4014 * conf->upstream.hide_headers_hash = { NULL, 0 };
|
|
4015 * conf->upstream.ssl_name = NULL;
|
|
4016 *
|
|
4017 * conf->headers_source = NULL;
|
|
4018 * conf->headers.lengths = NULL;
|
|
4019 * conf->headers.values = NULL;
|
|
4020 * conf->headers.hash = { NULL, 0 };
|
|
4021 * conf->host = { 0, NULL };
|
|
4022 * conf->host_set = 0;
|
|
4023 * conf->ssl = 0;
|
|
4024 * conf->ssl_protocols = 0;
|
|
4025 * conf->ssl_ciphers = { 0, NULL };
|
|
4026 * conf->ssl_trusted_certificate = { 0, NULL };
|
|
4027 * conf->ssl_crl = { 0, NULL };
|
|
4028 * conf->ssl_certificate = { 0, NULL };
|
|
4029 * conf->ssl_certificate_key = { 0, NULL };
|
|
4030 */
|
|
4031
|
|
4032 conf->upstream.local = NGX_CONF_UNSET_PTR;
|
|
4033 conf->upstream.next_upstream_tries = NGX_CONF_UNSET_UINT;
|
|
4034 conf->upstream.connect_timeout = NGX_CONF_UNSET_MSEC;
|
|
4035 conf->upstream.send_timeout = NGX_CONF_UNSET_MSEC;
|
|
4036 conf->upstream.read_timeout = NGX_CONF_UNSET_MSEC;
|
|
4037 conf->upstream.next_upstream_timeout = NGX_CONF_UNSET_MSEC;
|
|
4038
|
|
4039 conf->upstream.buffer_size = NGX_CONF_UNSET_SIZE;
|
|
4040
|
|
4041 conf->upstream.hide_headers = NGX_CONF_UNSET_PTR;
|
|
4042 conf->upstream.pass_headers = NGX_CONF_UNSET_PTR;
|
|
4043
|
|
4044 conf->upstream.intercept_errors = NGX_CONF_UNSET;
|
|
4045
|
|
4046 #if (NGX_HTTP_SSL)
|
|
4047 conf->upstream.ssl_session_reuse = NGX_CONF_UNSET;
|
|
4048 conf->upstream.ssl_server_name = NGX_CONF_UNSET;
|
|
4049 conf->upstream.ssl_verify = NGX_CONF_UNSET;
|
|
4050 conf->ssl_verify_depth = NGX_CONF_UNSET_UINT;
|
|
4051 conf->ssl_passwords = NGX_CONF_UNSET_PTR;
|
|
4052 #endif
|
|
4053
|
|
4054 /* the hardcoded values */
|
|
4055 conf->upstream.cyclic_temp_file = 0;
|
|
4056 conf->upstream.buffering = 0;
|
|
4057 conf->upstream.ignore_client_abort = 0;
|
|
4058 conf->upstream.send_lowat = 0;
|
|
4059 conf->upstream.bufs.num = 0;
|
|
4060 conf->upstream.busy_buffers_size = 0;
|
|
4061 conf->upstream.max_temp_file_size = 0;
|
|
4062 conf->upstream.temp_file_write_size = 0;
|
|
4063 conf->upstream.pass_request_headers = 1;
|
|
4064 conf->upstream.pass_request_body = 1;
|
|
4065 conf->upstream.force_ranges = 0;
|
|
4066 conf->upstream.pass_trailers = 1;
|
|
4067 conf->upstream.preserve_output = 1;
|
|
4068
|
|
4069 ngx_str_set(&conf->upstream.module, "grpc");
|
|
4070
|
|
4071 return conf;
|
|
4072 }
|
|
4073
|
|
4074
|
|
4075 static char *
|
|
4076 ngx_http_grpc_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
|
|
4077 {
|
|
4078 ngx_http_grpc_loc_conf_t *prev = parent;
|
|
4079 ngx_http_grpc_loc_conf_t *conf = child;
|
|
4080
|
|
4081 ngx_int_t rc;
|
|
4082 ngx_hash_init_t hash;
|
|
4083 ngx_http_core_loc_conf_t *clcf;
|
|
4084
|
|
4085 ngx_conf_merge_ptr_value(conf->upstream.local,
|
|
4086 prev->upstream.local, NULL);
|
|
4087
|
|
4088 ngx_conf_merge_uint_value(conf->upstream.next_upstream_tries,
|
|
4089 prev->upstream.next_upstream_tries, 0);
|
|
4090
|
|
4091 ngx_conf_merge_msec_value(conf->upstream.connect_timeout,
|
|
4092 prev->upstream.connect_timeout, 60000);
|
|
4093
|
|
4094 ngx_conf_merge_msec_value(conf->upstream.send_timeout,
|
|
4095 prev->upstream.send_timeout, 60000);
|
|
4096
|
|
4097 ngx_conf_merge_msec_value(conf->upstream.read_timeout,
|
|
4098 prev->upstream.read_timeout, 60000);
|
|
4099
|
|
4100 ngx_conf_merge_msec_value(conf->upstream.next_upstream_timeout,
|
|
4101 prev->upstream.next_upstream_timeout, 0);
|
|
4102
|
|
4103 ngx_conf_merge_size_value(conf->upstream.buffer_size,
|
|
4104 prev->upstream.buffer_size,
|
|
4105 (size_t) ngx_pagesize);
|
|
4106
|
|
4107 ngx_conf_merge_bitmask_value(conf->upstream.ignore_headers,
|
|
4108 prev->upstream.ignore_headers,
|
|
4109 NGX_CONF_BITMASK_SET);
|
|
4110
|
|
4111 ngx_conf_merge_bitmask_value(conf->upstream.next_upstream,
|
|
4112 prev->upstream.next_upstream,
|
|
4113 (NGX_CONF_BITMASK_SET
|
|
4114 |NGX_HTTP_UPSTREAM_FT_ERROR
|
|
4115 |NGX_HTTP_UPSTREAM_FT_TIMEOUT));
|
|
4116
|
|
4117 if (conf->upstream.next_upstream & NGX_HTTP_UPSTREAM_FT_OFF) {
|
|
4118 conf->upstream.next_upstream = NGX_CONF_BITMASK_SET
|
|
4119 |NGX_HTTP_UPSTREAM_FT_OFF;
|
|
4120 }
|
|
4121
|
|
4122 ngx_conf_merge_value(conf->upstream.intercept_errors,
|
|
4123 prev->upstream.intercept_errors, 0);
|
|
4124
|
|
4125 #if (NGX_HTTP_SSL)
|
|
4126
|
|
4127 ngx_conf_merge_value(conf->upstream.ssl_session_reuse,
|
|
4128 prev->upstream.ssl_session_reuse, 1);
|
|
4129
|
|
4130 ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols,
|
|
4131 (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1
|
|
4132 |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2));
|
|
4133
|
|
4134 ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers,
|
|
4135 "DEFAULT");
|
|
4136
|
|
4137 if (conf->upstream.ssl_name == NULL) {
|
|
4138 conf->upstream.ssl_name = prev->upstream.ssl_name;
|
|
4139 }
|
|
4140
|
|
4141 ngx_conf_merge_value(conf->upstream.ssl_server_name,
|
|
4142 prev->upstream.ssl_server_name, 0);
|
|
4143 ngx_conf_merge_value(conf->upstream.ssl_verify,
|
|
4144 prev->upstream.ssl_verify, 0);
|
|
4145 ngx_conf_merge_uint_value(conf->ssl_verify_depth,
|
|
4146 prev->ssl_verify_depth, 1);
|
|
4147 ngx_conf_merge_str_value(conf->ssl_trusted_certificate,
|
|
4148 prev->ssl_trusted_certificate, "");
|
|
4149 ngx_conf_merge_str_value(conf->ssl_crl, prev->ssl_crl, "");
|
|
4150
|
|
4151 ngx_conf_merge_str_value(conf->ssl_certificate,
|
|
4152 prev->ssl_certificate, "");
|
|
4153 ngx_conf_merge_str_value(conf->ssl_certificate_key,
|
|
4154 prev->ssl_certificate_key, "");
|
|
4155 ngx_conf_merge_ptr_value(conf->ssl_passwords, prev->ssl_passwords, NULL);
|
|
4156
|
|
4157 if (conf->ssl && ngx_http_grpc_set_ssl(cf, conf) != NGX_OK) {
|
|
4158 return NGX_CONF_ERROR;
|
|
4159 }
|
|
4160
|
|
4161 #endif
|
|
4162
|
|
4163 hash.max_size = 512;
|
|
4164 hash.bucket_size = ngx_align(64, ngx_cacheline_size);
|
|
4165 hash.name = "grpc_headers_hash";
|
|
4166
|
|
4167 if (ngx_http_upstream_hide_headers_hash(cf, &conf->upstream,
|
|
4168 &prev->upstream, ngx_http_grpc_hide_headers, &hash)
|
|
4169 != NGX_OK)
|
|
4170 {
|
|
4171 return NGX_CONF_ERROR;
|
|
4172 }
|
|
4173
|
|
4174 clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
|
|
4175
|
|
4176 if (clcf->noname && conf->upstream.upstream == NULL) {
|
|
4177 conf->upstream.upstream = prev->upstream.upstream;
|
|
4178 conf->host = prev->host;
|
|
4179 #if (NGX_HTTP_SSL)
|
|
4180 conf->upstream.ssl = prev->upstream.ssl;
|
|
4181 #endif
|
|
4182 }
|
|
4183
|
|
4184 if (clcf->lmt_excpt && clcf->handler == NULL && conf->upstream.upstream) {
|
|
4185 clcf->handler = ngx_http_grpc_handler;
|
|
4186 }
|
|
4187
|
|
4188 if (conf->headers_source == NULL) {
|
|
4189 conf->headers = prev->headers;
|
|
4190 conf->headers_source = prev->headers_source;
|
|
4191 conf->host_set = prev->host_set;
|
|
4192 }
|
|
4193
|
|
4194 rc = ngx_http_grpc_init_headers(cf, conf, &conf->headers,
|
|
4195 ngx_http_grpc_headers);
|
|
4196 if (rc != NGX_OK) {
|
|
4197 return NGX_CONF_ERROR;
|
|
4198 }
|
|
4199
|
|
4200 /*
|
|
4201 * special handling to preserve conf->headers in the "http" section
|
|
4202 * to inherit it to all servers
|
|
4203 */
|
|
4204
|
|
4205 if (prev->headers.hash.buckets == NULL
|
|
4206 && conf->headers_source == prev->headers_source)
|
|
4207 {
|
|
4208 prev->headers = conf->headers;
|
|
4209 prev->host_set = conf->host_set;
|
|
4210 }
|
|
4211
|
|
4212 return NGX_CONF_OK;
|
|
4213 }
|
|
4214
|
|
4215
|
|
4216 static ngx_int_t
|
|
4217 ngx_http_grpc_init_headers(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *conf,
|
|
4218 ngx_http_grpc_headers_t *headers, ngx_keyval_t *default_headers)
|
|
4219 {
|
|
4220 u_char *p;
|
|
4221 size_t size;
|
|
4222 uintptr_t *code;
|
|
4223 ngx_uint_t i;
|
|
4224 ngx_array_t headers_names, headers_merged;
|
|
4225 ngx_keyval_t *src, *s, *h;
|
|
4226 ngx_hash_key_t *hk;
|
|
4227 ngx_hash_init_t hash;
|
|
4228 ngx_http_script_compile_t sc;
|
|
4229 ngx_http_script_copy_code_t *copy;
|
|
4230
|
|
4231 if (headers->hash.buckets) {
|
|
4232 return NGX_OK;
|
|
4233 }
|
|
4234
|
|
4235 if (ngx_array_init(&headers_names, cf->temp_pool, 4, sizeof(ngx_hash_key_t))
|
|
4236 != NGX_OK)
|
|
4237 {
|
|
4238 return NGX_ERROR;
|
|
4239 }
|
|
4240
|
|
4241 if (ngx_array_init(&headers_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t))
|
|
4242 != NGX_OK)
|
|
4243 {
|
|
4244 return NGX_ERROR;
|
|
4245 }
|
|
4246
|
|
4247 headers->lengths = ngx_array_create(cf->pool, 64, 1);
|
|
4248 if (headers->lengths == NULL) {
|
|
4249 return NGX_ERROR;
|
|
4250 }
|
|
4251
|
|
4252 headers->values = ngx_array_create(cf->pool, 512, 1);
|
|
4253 if (headers->values == NULL) {
|
|
4254 return NGX_ERROR;
|
|
4255 }
|
|
4256
|
|
4257 if (conf->headers_source) {
|
|
4258
|
|
4259 src = conf->headers_source->elts;
|
|
4260 for (i = 0; i < conf->headers_source->nelts; i++) {
|
|
4261
|
|
4262 if (src[i].key.len == 4
|
|
4263 && ngx_strncasecmp(src[i].key.data, (u_char *) "Host", 4) == 0)
|
|
4264 {
|
|
4265 conf->host_set = 1;
|
|
4266 }
|
|
4267
|
|
4268 s = ngx_array_push(&headers_merged);
|
|
4269 if (s == NULL) {
|
|
4270 return NGX_ERROR;
|
|
4271 }
|
|
4272
|
|
4273 *s = src[i];
|
|
4274 }
|
|
4275 }
|
|
4276
|
|
4277 h = default_headers;
|
|
4278
|
|
4279 while (h->key.len) {
|
|
4280
|
|
4281 src = headers_merged.elts;
|
|
4282 for (i = 0; i < headers_merged.nelts; i++) {
|
|
4283 if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) {
|
|
4284 goto next;
|
|
4285 }
|
|
4286 }
|
|
4287
|
|
4288 s = ngx_array_push(&headers_merged);
|
|
4289 if (s == NULL) {
|
|
4290 return NGX_ERROR;
|
|
4291 }
|
|
4292
|
|
4293 *s = *h;
|
|
4294
|
|
4295 next:
|
|
4296
|
|
4297 h++;
|
|
4298 }
|
|
4299
|
|
4300
|
|
4301 src = headers_merged.elts;
|
|
4302 for (i = 0; i < headers_merged.nelts; i++) {
|
|
4303
|
|
4304 hk = ngx_array_push(&headers_names);
|
|
4305 if (hk == NULL) {
|
|
4306 return NGX_ERROR;
|
|
4307 }
|
|
4308
|
|
4309 hk->key = src[i].key;
|
|
4310 hk->key_hash = ngx_hash_key_lc(src[i].key.data, src[i].key.len);
|
|
4311 hk->value = (void *) 1;
|
|
4312
|
|
4313 if (src[i].value.len == 0) {
|
|
4314 continue;
|
|
4315 }
|
|
4316
|
|
4317 copy = ngx_array_push_n(headers->lengths,
|
|
4318 sizeof(ngx_http_script_copy_code_t));
|
|
4319 if (copy == NULL) {
|
|
4320 return NGX_ERROR;
|
|
4321 }
|
|
4322
|
|
4323 copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
|
|
4324 copy->len = src[i].key.len;
|
|
4325
|
|
4326 size = (sizeof(ngx_http_script_copy_code_t)
|
|
4327 + src[i].key.len + sizeof(uintptr_t) - 1)
|
|
4328 & ~(sizeof(uintptr_t) - 1);
|
|
4329
|
|
4330 copy = ngx_array_push_n(headers->values, size);
|
|
4331 if (copy == NULL) {
|
|
4332 return NGX_ERROR;
|
|
4333 }
|
|
4334
|
|
4335 copy->code = ngx_http_script_copy_code;
|
|
4336 copy->len = src[i].key.len;
|
|
4337
|
|
4338 p = (u_char *) copy + sizeof(ngx_http_script_copy_code_t);
|
|
4339 ngx_memcpy(p, src[i].key.data, src[i].key.len);
|
|
4340
|
|
4341 ngx_memzero(&sc, sizeof(ngx_http_script_compile_t));
|
|
4342
|
|
4343 sc.cf = cf;
|
|
4344 sc.source = &src[i].value;
|
|
4345 sc.flushes = &headers->flushes;
|
|
4346 sc.lengths = &headers->lengths;
|
|
4347 sc.values = &headers->values;
|
|
4348
|
|
4349 if (ngx_http_script_compile(&sc) != NGX_OK) {
|
|
4350 return NGX_ERROR;
|
|
4351 }
|
|
4352
|
|
4353 code = ngx_array_push_n(headers->lengths, sizeof(uintptr_t));
|
|
4354 if (code == NULL) {
|
|
4355 return NGX_ERROR;
|
|
4356 }
|
|
4357
|
|
4358 *code = (uintptr_t) NULL;
|
|
4359
|
|
4360 code = ngx_array_push_n(headers->values, sizeof(uintptr_t));
|
|
4361 if (code == NULL) {
|
|
4362 return NGX_ERROR;
|
|
4363 }
|
|
4364
|
|
4365 *code = (uintptr_t) NULL;
|
|
4366 }
|
|
4367
|
|
4368 code = ngx_array_push_n(headers->lengths, sizeof(uintptr_t));
|
|
4369 if (code == NULL) {
|
|
4370 return NGX_ERROR;
|
|
4371 }
|
|
4372
|
|
4373 *code = (uintptr_t) NULL;
|
|
4374
|
|
4375
|
|
4376 hash.hash = &headers->hash;
|
|
4377 hash.key = ngx_hash_key_lc;
|
|
4378 hash.max_size = 512;
|
|
4379 hash.bucket_size = 64;
|
|
4380 hash.name = "grpc_headers_hash";
|
|
4381 hash.pool = cf->pool;
|
|
4382 hash.temp_pool = NULL;
|
|
4383
|
|
4384 return ngx_hash_init(&hash, headers_names.elts, headers_names.nelts);
|
|
4385 }
|
|
4386
|
|
4387
|
|
4388 static char *
|
|
4389 ngx_http_grpc_pass(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
|
|
4390 {
|
|
4391 ngx_http_grpc_loc_conf_t *glcf = conf;
|
|
4392
|
|
4393 size_t add;
|
|
4394 ngx_str_t *value, *url;
|
|
4395 ngx_url_t u;
|
|
4396 ngx_http_core_loc_conf_t *clcf;
|
|
4397
|
|
4398 if (glcf->upstream.upstream) {
|
|
4399 return "is duplicate";
|
|
4400 }
|
|
4401
|
|
4402 value = cf->args->elts;
|
|
4403 url = &value[1];
|
|
4404
|
|
4405 if (ngx_strncasecmp(url->data, (u_char *) "grpc://", 7) == 0) {
|
|
4406 add = 7;
|
|
4407
|
|
4408 } else if (ngx_strncasecmp(url->data, (u_char *) "grpcs://", 8) == 0) {
|
|
4409
|
|
4410 #if (NGX_HTTP_SSL)
|
|
4411 glcf->ssl = 1;
|
|
4412
|
|
4413 add = 8;
|
|
4414 #else
|
|
4415 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
|
|
4416 "grpcs protocol requires SSL support");
|
|
4417 return NGX_CONF_ERROR;
|
|
4418 #endif
|
|
4419
|
|
4420 } else {
|
|
4421 add = 0;
|
|
4422 }
|
|
4423
|
|
4424 ngx_memzero(&u, sizeof(ngx_url_t));
|
|
4425
|
|
4426 u.url.len = url->len - add;
|
|
4427 u.url.data = url->data + add;
|
|
4428 u.no_resolve = 1;
|
|
4429
|
|
4430 glcf->upstream.upstream = ngx_http_upstream_add(cf, &u, 0);
|
|
4431 if (glcf->upstream.upstream == NULL) {
|
|
4432 return NGX_CONF_ERROR;
|
|
4433 }
|
|
4434
|
|
4435 if (u.family != AF_UNIX) {
|
|
4436
|
|
4437 if (u.no_port) {
|
|
4438 glcf->host = u.host;
|
|
4439
|
|
4440 } else {
|
|
4441 glcf->host.len = u.host.len + 1 + u.port_text.len;
|
|
4442 glcf->host.data = u.host.data;
|
|
4443 }
|
|
4444
|
|
4445 } else {
|
|
4446 ngx_str_set(&glcf->host, "localhost");
|
|
4447 }
|
|
4448
|
|
4449 clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
|
|
4450
|
|
4451 clcf->handler = ngx_http_grpc_handler;
|
|
4452
|
|
4453 if (clcf->name.data[clcf->name.len - 1] == '/') {
|
|
4454 clcf->auto_redirect = 1;
|
|
4455 }
|
|
4456
|
|
4457 return NGX_CONF_OK;
|
|
4458 }
|
|
4459
|
|
4460
|
|
4461 #if (NGX_HTTP_SSL)
|
|
4462
|
|
4463 static char *
|
|
4464 ngx_http_grpc_ssl_password_file(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
|
|
4465 {
|
|
4466 ngx_http_grpc_loc_conf_t *glcf = conf;
|
|
4467
|
|
4468 ngx_str_t *value;
|
|
4469
|
|
4470 if (glcf->ssl_passwords != NGX_CONF_UNSET_PTR) {
|
|
4471 return "is duplicate";
|
|
4472 }
|
|
4473
|
|
4474 value = cf->args->elts;
|
|
4475
|
|
4476 glcf->ssl_passwords = ngx_ssl_read_password_file(cf, &value[1]);
|
|
4477
|
|
4478 if (glcf->ssl_passwords == NULL) {
|
|
4479 return NGX_CONF_ERROR;
|
|
4480 }
|
|
4481
|
|
4482 return NGX_CONF_OK;
|
|
4483 }
|
|
4484
|
|
4485
|
|
4486 static ngx_int_t
|
|
4487 ngx_http_grpc_set_ssl(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *glcf)
|
|
4488 {
|
|
4489 ngx_pool_cleanup_t *cln;
|
|
4490
|
|
4491 glcf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t));
|
|
4492 if (glcf->upstream.ssl == NULL) {
|
|
4493 return NGX_ERROR;
|
|
4494 }
|
|
4495
|
|
4496 glcf->upstream.ssl->log = cf->log;
|
|
4497
|
|
4498 if (ngx_ssl_create(glcf->upstream.ssl, glcf->ssl_protocols, NULL)
|
|
4499 != NGX_OK)
|
|
4500 {
|
|
4501 return NGX_ERROR;
|
|
4502 }
|
|
4503
|
|
4504 cln = ngx_pool_cleanup_add(cf->pool, 0);
|
|
4505 if (cln == NULL) {
|
|
4506 return NGX_ERROR;
|
|
4507 }
|
|
4508
|
|
4509 cln->handler = ngx_ssl_cleanup_ctx;
|
|
4510 cln->data = glcf->upstream.ssl;
|
|
4511
|
|
4512 if (glcf->ssl_certificate.len) {
|
|
4513
|
|
4514 if (glcf->ssl_certificate_key.len == 0) {
|
|
4515 ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
|
|
4516 "no \"grpc_ssl_certificate_key\" is defined "
|
|
4517 "for certificate \"%V\"", &glcf->ssl_certificate);
|
|
4518 return NGX_ERROR;
|
|
4519 }
|
|
4520
|
|
4521 if (ngx_ssl_certificate(cf, glcf->upstream.ssl, &glcf->ssl_certificate,
|
|
4522 &glcf->ssl_certificate_key, glcf->ssl_passwords)
|
|
4523 != NGX_OK)
|
|
4524 {
|
|
4525 return NGX_ERROR;
|
|
4526 }
|
|
4527 }
|
|
4528
|
|
4529 if (ngx_ssl_ciphers(cf, glcf->upstream.ssl, &glcf->ssl_ciphers, 0)
|
|
4530 != NGX_OK)
|
|
4531 {
|
|
4532 return NGX_ERROR;
|
|
4533 }
|
|
4534
|
|
4535 if (glcf->upstream.ssl_verify) {
|
|
4536 if (glcf->ssl_trusted_certificate.len == 0) {
|
|
4537 ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
|
|
4538 "no grpc_ssl_trusted_certificate for grpc_ssl_verify");
|
|
4539 return NGX_ERROR;
|
|
4540 }
|
|
4541
|
|
4542 if (ngx_ssl_trusted_certificate(cf, glcf->upstream.ssl,
|
|
4543 &glcf->ssl_trusted_certificate,
|
|
4544 glcf->ssl_verify_depth)
|
|
4545 != NGX_OK)
|
|
4546 {
|
|
4547 return NGX_ERROR;
|
|
4548 }
|
|
4549
|
|
4550 if (ngx_ssl_crl(cf, glcf->upstream.ssl, &glcf->ssl_crl) != NGX_OK) {
|
|
4551 return NGX_ERROR;
|
|
4552 }
|
|
4553 }
|
|
4554
|
|
4555 #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
|
|
4556
|
|
4557 if (SSL_CTX_set_alpn_protos(glcf->upstream.ssl->ctx,
|
|
4558 (u_char *) "\x02h2", 3)
|
|
4559 != 0)
|
|
4560 {
|
|
4561 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0,
|
|
4562 "SSL_CTX_set_alpn_protos() failed");
|
|
4563 return NGX_ERROR;
|
|
4564 }
|
|
4565
|
|
4566 #endif
|
|
4567
|
|
4568 return NGX_OK;
|
|
4569 }
|
|
4570
|
|
4571 #endif
|