Mercurial > hg > nginx
annotate src/core/ngx_proxy_protocol.c @ 9103:b9230e37b8a1 quic
QUIC: removed "quic_mtu" directive.
The directive used to set the value of the "max_udp_payload_size" transport
parameter. According to RFC 9000, Section 18.2, the value specifies the size
of buffer for reading incoming datagrams:
This limit does act as an additional constraint on datagram size in
the same way as the path MTU, but it is a property of the endpoint
and not the path; see Section 14. It is expected that this is the
space an endpoint dedicates to holding incoming packets.
Current QUIC implementation uses the maximum possible buffer size (65527) for
reading datagrams.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Thu, 11 May 2023 10:37:51 +0400 |
parents | 42bc158a47ec |
children |
rev | line source |
---|---|
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
1 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
2 /* |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
3 * Copyright (C) Roman Arutyunyan |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
4 * Copyright (C) Nginx, Inc. |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
5 */ |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
6 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
7 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
8 #include <ngx_config.h> |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
9 #include <ngx_core.h> |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
10 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
11 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
12 #define NGX_PROXY_PROTOCOL_AF_INET 1 |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
13 #define NGX_PROXY_PROTOCOL_AF_INET6 2 |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
14 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
15 |
8073
aa663cc2a77d
Added type cast to ngx_proxy_protocol_parse_uint16().
Roman Arutyunyan <arut@nginx.com>
parents:
8072
diff
changeset
|
16 #define ngx_proxy_protocol_parse_uint16(p) \ |
aa663cc2a77d
Added type cast to ngx_proxy_protocol_parse_uint16().
Roman Arutyunyan <arut@nginx.com>
parents:
8072
diff
changeset
|
17 ( ((uint16_t) (p)[0] << 8) \ |
aa663cc2a77d
Added type cast to ngx_proxy_protocol_parse_uint16().
Roman Arutyunyan <arut@nginx.com>
parents:
8072
diff
changeset
|
18 + ( (p)[1]) ) |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
19 |
8072
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
20 #define ngx_proxy_protocol_parse_uint32(p) \ |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
21 ( ((uint32_t) (p)[0] << 24) \ |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
22 + ( (p)[1] << 16) \ |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
23 + ( (p)[2] << 8) \ |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
24 + ( (p)[3]) ) |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
25 |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
26 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
27 typedef struct { |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
28 u_char signature[12]; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
29 u_char version_command; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
30 u_char family_transport; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
31 u_char len[2]; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
32 } ngx_proxy_protocol_header_t; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
33 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
34 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
35 typedef struct { |
7254
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
36 u_char src_addr[4]; |
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
37 u_char dst_addr[4]; |
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
38 u_char src_port[2]; |
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
39 u_char dst_port[2]; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
40 } ngx_proxy_protocol_inet_addrs_t; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
41 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
42 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
43 typedef struct { |
7254
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
44 u_char src_addr[16]; |
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
45 u_char dst_addr[16]; |
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
46 u_char src_port[2]; |
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
47 u_char dst_port[2]; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
48 } ngx_proxy_protocol_inet6_addrs_t; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
49 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
50 |
8072
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
51 typedef struct { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
52 u_char type; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
53 u_char len[2]; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
54 } ngx_proxy_protocol_tlv_t; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
55 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
56 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
57 typedef struct { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
58 u_char client; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
59 u_char verify[4]; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
60 } ngx_proxy_protocol_tlv_ssl_t; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
61 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
62 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
63 typedef struct { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
64 ngx_str_t name; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
65 ngx_uint_t type; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
66 } ngx_proxy_protocol_tlv_entry_t; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
67 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
68 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
69 static u_char *ngx_proxy_protocol_read_addr(ngx_connection_t *c, u_char *p, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
70 u_char *last, ngx_str_t *addr); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
71 static u_char *ngx_proxy_protocol_read_port(u_char *p, u_char *last, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
72 in_port_t *port, u_char sep); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
73 static u_char *ngx_proxy_protocol_v2_read(ngx_connection_t *c, u_char *buf, |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
74 u_char *last); |
8072
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
75 static ngx_int_t ngx_proxy_protocol_lookup_tlv(ngx_connection_t *c, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
76 ngx_str_t *tlvs, ngx_uint_t type, ngx_str_t *value); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
77 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
78 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
79 static ngx_proxy_protocol_tlv_entry_t ngx_proxy_protocol_tlv_entries[] = { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
80 { ngx_string("alpn"), 0x01 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
81 { ngx_string("authority"), 0x02 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
82 { ngx_string("unique_id"), 0x05 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
83 { ngx_string("ssl"), 0x20 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
84 { ngx_string("netns"), 0x30 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
85 { ngx_null_string, 0x00 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
86 }; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
87 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
88 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
89 static ngx_proxy_protocol_tlv_entry_t ngx_proxy_protocol_tlv_ssl_entries[] = { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
90 { ngx_string("version"), 0x21 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
91 { ngx_string("cn"), 0x22 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
92 { ngx_string("cipher"), 0x23 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
93 { ngx_string("sig_alg"), 0x24 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
94 { ngx_string("key_alg"), 0x25 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
95 { ngx_null_string, 0x00 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
96 }; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
97 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
98 |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
99 u_char * |
6185
a420cb1c170b
Core: renamed ngx_proxy_protocol_parse to ngx_proxy_protocol_read.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
100 ngx_proxy_protocol_read(ngx_connection_t *c, u_char *buf, u_char *last) |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
101 { |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
102 size_t len; |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
103 u_char *p; |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
104 ngx_proxy_protocol_t *pp; |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
105 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
106 static const u_char signature[] = "\r\n\r\n\0\r\nQUIT\n"; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
107 |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
108 p = buf; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
109 len = last - buf; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
110 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
111 if (len >= sizeof(ngx_proxy_protocol_header_t) |
8101
42bc158a47ec
Fixed PROXY protocol to use ngx_memcpy()/ngx_memcmp().
Maxim Dounin <mdounin@mdounin.ru>
parents:
8100
diff
changeset
|
112 && ngx_memcmp(p, signature, sizeof(signature) - 1) == 0) |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
113 { |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
114 return ngx_proxy_protocol_v2_read(c, buf, last); |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
115 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
116 |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
117 if (len < 8 || ngx_strncmp(p, "PROXY ", 6) != 0) { |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
118 goto invalid; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
119 } |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
120 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
121 p += 6; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
122 len -= 6; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
123 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
124 if (len >= 7 && ngx_strncmp(p, "UNKNOWN", 7) == 0) { |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
125 ngx_log_debug0(NGX_LOG_DEBUG_CORE, c->log, 0, |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
126 "PROXY protocol unknown protocol"); |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
127 p += 7; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
128 goto skip; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
129 } |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
130 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
131 if (len < 5 || ngx_strncmp(p, "TCP", 3) != 0 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
132 || (p[3] != '4' && p[3] != '6') || p[4] != ' ') |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
133 { |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
134 goto invalid; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
135 } |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
136 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
137 p += 5; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
138 |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
139 pp = ngx_pcalloc(c->pool, sizeof(ngx_proxy_protocol_t)); |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
140 if (pp == NULL) { |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
141 return NULL; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
142 } |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
143 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
144 p = ngx_proxy_protocol_read_addr(c, p, last, &pp->src_addr); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
145 if (p == NULL) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
146 goto invalid; |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
147 } |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
148 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
149 p = ngx_proxy_protocol_read_addr(c, p, last, &pp->dst_addr); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
150 if (p == NULL) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
151 goto invalid; |
6561
28c76d9d75b7
Added the $proxy_protocol_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6185
diff
changeset
|
152 } |
28c76d9d75b7
Added the $proxy_protocol_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6185
diff
changeset
|
153 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
154 p = ngx_proxy_protocol_read_port(p, last, &pp->src_port, ' '); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
155 if (p == NULL) { |
6561
28c76d9d75b7
Added the $proxy_protocol_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6185
diff
changeset
|
156 goto invalid; |
28c76d9d75b7
Added the $proxy_protocol_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6185
diff
changeset
|
157 } |
28c76d9d75b7
Added the $proxy_protocol_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6185
diff
changeset
|
158 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
159 p = ngx_proxy_protocol_read_port(p, last, &pp->dst_port, CR); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
160 if (p == NULL) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
161 goto invalid; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
162 } |
6561
28c76d9d75b7
Added the $proxy_protocol_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6185
diff
changeset
|
163 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
164 if (p == last) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
165 goto invalid; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
166 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
167 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
168 if (*p++ != LF) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
169 goto invalid; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
170 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
171 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
172 ngx_log_debug4(NGX_LOG_DEBUG_CORE, c->log, 0, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
173 "PROXY protocol src: %V %d, dst: %V %d", |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
174 &pp->src_addr, pp->src_port, &pp->dst_addr, pp->dst_port); |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
175 |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
176 c->proxy_protocol = pp; |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
177 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
178 return p; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
179 |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
180 skip: |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
181 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
182 for ( /* void */ ; p < last - 1; p++) { |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
183 if (p[0] == CR && p[1] == LF) { |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
184 return p + 2; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
185 } |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
186 } |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
187 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
188 invalid: |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
189 |
8071
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
190 for (p = buf; p < last; p++) { |
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
191 if (*p == CR || *p == LF) { |
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
192 break; |
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
193 } |
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
194 } |
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
195 |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
196 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
8071
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
197 "broken header: \"%*s\"", (size_t) (p - buf), buf); |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
198 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
199 return NULL; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
200 } |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
201 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
202 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
203 static u_char * |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
204 ngx_proxy_protocol_read_addr(ngx_connection_t *c, u_char *p, u_char *last, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
205 ngx_str_t *addr) |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
206 { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
207 size_t len; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
208 u_char ch, *pos; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
209 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
210 pos = p; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
211 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
212 for ( ;; ) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
213 if (p == last) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
214 return NULL; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
215 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
216 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
217 ch = *p++; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
218 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
219 if (ch == ' ') { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
220 break; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
221 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
222 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
223 if (ch != ':' && ch != '.' |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
224 && (ch < 'a' || ch > 'f') |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
225 && (ch < 'A' || ch > 'F') |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
226 && (ch < '0' || ch > '9')) |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
227 { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
228 return NULL; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
229 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
230 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
231 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
232 len = p - pos - 1; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
233 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
234 addr->data = ngx_pnalloc(c->pool, len); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
235 if (addr->data == NULL) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
236 return NULL; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
237 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
238 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
239 ngx_memcpy(addr->data, pos, len); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
240 addr->len = len; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
241 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
242 return p; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
243 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
244 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
245 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
246 static u_char * |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
247 ngx_proxy_protocol_read_port(u_char *p, u_char *last, in_port_t *port, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
248 u_char sep) |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
249 { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
250 size_t len; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
251 u_char *pos; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
252 ngx_int_t n; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
253 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
254 pos = p; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
255 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
256 for ( ;; ) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
257 if (p == last) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
258 return NULL; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
259 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
260 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
261 if (*p++ == sep) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
262 break; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
263 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
264 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
265 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
266 len = p - pos - 1; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
267 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
268 n = ngx_atoi(pos, len); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
269 if (n < 0 || n > 65535) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
270 return NULL; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
271 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
272 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
273 *port = (in_port_t) n; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
274 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
275 return p; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
276 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
277 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
278 |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
279 u_char * |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
280 ngx_proxy_protocol_write(ngx_connection_t *c, u_char *buf, u_char *last) |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
281 { |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
282 ngx_uint_t port, lport; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
283 |
8099
17d6a537fb1b
Increased maximum read PROXY protocol header size.
Roman Arutyunyan <arut@nginx.com>
parents:
8073
diff
changeset
|
284 if (last - buf < NGX_PROXY_PROTOCOL_V1_MAX_HEADER) { |
8100
251daa98cc87
Added logging to PROXY protocol write buffer check.
Maxim Dounin <mdounin@mdounin.ru>
parents:
8099
diff
changeset
|
285 ngx_log_error(NGX_LOG_ALERT, c->log, 0, |
251daa98cc87
Added logging to PROXY protocol write buffer check.
Maxim Dounin <mdounin@mdounin.ru>
parents:
8099
diff
changeset
|
286 "too small buffer for PROXY protocol"); |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
287 return NULL; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
288 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
289 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
290 if (ngx_connection_local_sockaddr(c, NULL, 0) != NGX_OK) { |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
291 return NULL; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
292 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
293 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
294 switch (c->sockaddr->sa_family) { |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
295 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
296 case AF_INET: |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
297 buf = ngx_cpymem(buf, "PROXY TCP4 ", sizeof("PROXY TCP4 ") - 1); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
298 break; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
299 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
300 #if (NGX_HAVE_INET6) |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
301 case AF_INET6: |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
302 buf = ngx_cpymem(buf, "PROXY TCP6 ", sizeof("PROXY TCP6 ") - 1); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
303 break; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
304 #endif |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
305 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
306 default: |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
307 return ngx_cpymem(buf, "PROXY UNKNOWN" CRLF, |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
308 sizeof("PROXY UNKNOWN" CRLF) - 1); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
309 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
310 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
311 buf += ngx_sock_ntop(c->sockaddr, c->socklen, buf, last - buf, 0); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
312 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
313 *buf++ = ' '; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
314 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
315 buf += ngx_sock_ntop(c->local_sockaddr, c->local_socklen, buf, last - buf, |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
316 0); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
317 |
6593
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6561
diff
changeset
|
318 port = ngx_inet_get_port(c->sockaddr); |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6561
diff
changeset
|
319 lport = ngx_inet_get_port(c->local_sockaddr); |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6561
diff
changeset
|
320 |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
321 return ngx_slprintf(buf, last, " %ui %ui" CRLF, port, lport); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
322 } |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
323 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
324 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
325 static u_char * |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
326 ngx_proxy_protocol_v2_read(ngx_connection_t *c, u_char *buf, u_char *last) |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
327 { |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
328 u_char *end; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
329 size_t len; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
330 socklen_t socklen; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
331 ngx_uint_t version, command, family, transport; |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
332 ngx_sockaddr_t src_sockaddr, dst_sockaddr; |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
333 ngx_proxy_protocol_t *pp; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
334 ngx_proxy_protocol_header_t *header; |
7254
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
335 ngx_proxy_protocol_inet_addrs_t *in; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
336 #if (NGX_HAVE_INET6) |
7254
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
337 ngx_proxy_protocol_inet6_addrs_t *in6; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
338 #endif |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
339 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
340 header = (ngx_proxy_protocol_header_t *) buf; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
341 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
342 buf += sizeof(ngx_proxy_protocol_header_t); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
343 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
344 version = header->version_command >> 4; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
345 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
346 if (version != 2) { |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
347 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
348 "unknown PROXY protocol version: %ui", version); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
349 return NULL; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
350 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
351 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
352 len = ngx_proxy_protocol_parse_uint16(header->len); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
353 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
354 if ((size_t) (last - buf) < len) { |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
355 ngx_log_error(NGX_LOG_ERR, c->log, 0, "header is too large"); |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
356 return NULL; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
357 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
358 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
359 end = buf + len; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
360 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
361 command = header->version_command & 0x0f; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
362 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
363 /* only PROXY is supported */ |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
364 if (command != 1) { |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
365 ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0, |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
366 "PROXY protocol v2 unsupported command %ui", command); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
367 return end; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
368 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
369 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
370 transport = header->family_transport & 0x0f; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
371 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
372 /* only STREAM is supported */ |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
373 if (transport != 1) { |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
374 ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0, |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
375 "PROXY protocol v2 unsupported transport %ui", |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
376 transport); |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
377 return end; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
378 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
379 |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
380 pp = ngx_pcalloc(c->pool, sizeof(ngx_proxy_protocol_t)); |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
381 if (pp == NULL) { |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
382 return NULL; |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
383 } |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
384 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
385 family = header->family_transport >> 4; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
386 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
387 switch (family) { |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
388 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
389 case NGX_PROXY_PROTOCOL_AF_INET: |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
390 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
391 if ((size_t) (end - buf) < sizeof(ngx_proxy_protocol_inet_addrs_t)) { |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
392 return NULL; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
393 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
394 |
7254
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
395 in = (ngx_proxy_protocol_inet_addrs_t *) buf; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
396 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
397 src_sockaddr.sockaddr_in.sin_family = AF_INET; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
398 src_sockaddr.sockaddr_in.sin_port = 0; |
8101
42bc158a47ec
Fixed PROXY protocol to use ngx_memcpy()/ngx_memcmp().
Maxim Dounin <mdounin@mdounin.ru>
parents:
8100
diff
changeset
|
399 ngx_memcpy(&src_sockaddr.sockaddr_in.sin_addr, in->src_addr, 4); |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
400 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
401 dst_sockaddr.sockaddr_in.sin_family = AF_INET; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
402 dst_sockaddr.sockaddr_in.sin_port = 0; |
8101
42bc158a47ec
Fixed PROXY protocol to use ngx_memcpy()/ngx_memcmp().
Maxim Dounin <mdounin@mdounin.ru>
parents:
8100
diff
changeset
|
403 ngx_memcpy(&dst_sockaddr.sockaddr_in.sin_addr, in->dst_addr, 4); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
404 |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
405 pp->src_port = ngx_proxy_protocol_parse_uint16(in->src_port); |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
406 pp->dst_port = ngx_proxy_protocol_parse_uint16(in->dst_port); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
407 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
408 socklen = sizeof(struct sockaddr_in); |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
409 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
410 buf += sizeof(ngx_proxy_protocol_inet_addrs_t); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
411 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
412 break; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
413 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
414 #if (NGX_HAVE_INET6) |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
415 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
416 case NGX_PROXY_PROTOCOL_AF_INET6: |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
417 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
418 if ((size_t) (end - buf) < sizeof(ngx_proxy_protocol_inet6_addrs_t)) { |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
419 return NULL; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
420 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
421 |
7254
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
422 in6 = (ngx_proxy_protocol_inet6_addrs_t *) buf; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
423 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
424 src_sockaddr.sockaddr_in6.sin6_family = AF_INET6; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
425 src_sockaddr.sockaddr_in6.sin6_port = 0; |
8101
42bc158a47ec
Fixed PROXY protocol to use ngx_memcpy()/ngx_memcmp().
Maxim Dounin <mdounin@mdounin.ru>
parents:
8100
diff
changeset
|
426 ngx_memcpy(&src_sockaddr.sockaddr_in6.sin6_addr, in6->src_addr, 16); |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
427 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
428 dst_sockaddr.sockaddr_in6.sin6_family = AF_INET6; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
429 dst_sockaddr.sockaddr_in6.sin6_port = 0; |
8101
42bc158a47ec
Fixed PROXY protocol to use ngx_memcpy()/ngx_memcmp().
Maxim Dounin <mdounin@mdounin.ru>
parents:
8100
diff
changeset
|
430 ngx_memcpy(&dst_sockaddr.sockaddr_in6.sin6_addr, in6->dst_addr, 16); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
431 |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
432 pp->src_port = ngx_proxy_protocol_parse_uint16(in6->src_port); |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
433 pp->dst_port = ngx_proxy_protocol_parse_uint16(in6->dst_port); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
434 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
435 socklen = sizeof(struct sockaddr_in6); |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
436 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
437 buf += sizeof(ngx_proxy_protocol_inet6_addrs_t); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
438 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
439 break; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
440 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
441 #endif |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
442 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
443 default: |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
444 ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0, |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
445 "PROXY protocol v2 unsupported address family %ui", |
7252 | 446 family); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
447 return end; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
448 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
449 |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
450 pp->src_addr.data = ngx_pnalloc(c->pool, NGX_SOCKADDR_STRLEN); |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
451 if (pp->src_addr.data == NULL) { |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
452 return NULL; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
453 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
454 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
455 pp->src_addr.len = ngx_sock_ntop(&src_sockaddr.sockaddr, socklen, |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
456 pp->src_addr.data, NGX_SOCKADDR_STRLEN, 0); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
457 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
458 pp->dst_addr.data = ngx_pnalloc(c->pool, NGX_SOCKADDR_STRLEN); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
459 if (pp->dst_addr.data == NULL) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
460 return NULL; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
461 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
462 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
463 pp->dst_addr.len = ngx_sock_ntop(&dst_sockaddr.sockaddr, socklen, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
464 pp->dst_addr.data, NGX_SOCKADDR_STRLEN, 0); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
465 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
466 ngx_log_debug4(NGX_LOG_DEBUG_CORE, c->log, 0, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
467 "PROXY protocol v2 src: %V %d, dst: %V %d", |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
468 &pp->src_addr, pp->src_port, &pp->dst_addr, pp->dst_port); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
469 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
470 if (buf < end) { |
8072
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
471 pp->tlvs.data = ngx_pnalloc(c->pool, end - buf); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
472 if (pp->tlvs.data == NULL) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
473 return NULL; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
474 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
475 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
476 ngx_memcpy(pp->tlvs.data, buf, end - buf); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
477 pp->tlvs.len = end - buf; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
478 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
479 |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
480 c->proxy_protocol = pp; |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
481 |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
482 return end; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
483 } |
8072
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
484 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
485 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
486 ngx_int_t |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
487 ngx_proxy_protocol_get_tlv(ngx_connection_t *c, ngx_str_t *name, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
488 ngx_str_t *value) |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
489 { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
490 u_char *p; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
491 size_t n; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
492 uint32_t verify; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
493 ngx_str_t ssl, *tlvs; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
494 ngx_int_t rc, type; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
495 ngx_proxy_protocol_tlv_ssl_t *tlv_ssl; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
496 ngx_proxy_protocol_tlv_entry_t *te; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
497 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
498 if (c->proxy_protocol == NULL) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
499 return NGX_DECLINED; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
500 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
501 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
502 ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
503 "PROXY protocol v2 get tlv \"%V\"", name); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
504 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
505 te = ngx_proxy_protocol_tlv_entries; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
506 tlvs = &c->proxy_protocol->tlvs; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
507 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
508 p = name->data; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
509 n = name->len; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
510 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
511 if (n >= 4 && p[0] == 's' && p[1] == 's' && p[2] == 'l' && p[3] == '_') { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
512 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
513 rc = ngx_proxy_protocol_lookup_tlv(c, tlvs, 0x20, &ssl); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
514 if (rc != NGX_OK) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
515 return rc; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
516 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
517 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
518 if (ssl.len < sizeof(ngx_proxy_protocol_tlv_ssl_t)) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
519 return NGX_ERROR; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
520 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
521 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
522 p += 4; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
523 n -= 4; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
524 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
525 if (n == 6 && ngx_strncmp(p, "verify", 6) == 0) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
526 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
527 tlv_ssl = (ngx_proxy_protocol_tlv_ssl_t *) ssl.data; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
528 verify = ngx_proxy_protocol_parse_uint32(tlv_ssl->verify); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
529 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
530 value->data = ngx_pnalloc(c->pool, NGX_INT32_LEN); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
531 if (value->data == NULL) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
532 return NGX_ERROR; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
533 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
534 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
535 value->len = ngx_sprintf(value->data, "%uD", verify) |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
536 - value->data; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
537 return NGX_OK; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
538 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
539 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
540 ssl.data += sizeof(ngx_proxy_protocol_tlv_ssl_t); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
541 ssl.len -= sizeof(ngx_proxy_protocol_tlv_ssl_t); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
542 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
543 te = ngx_proxy_protocol_tlv_ssl_entries; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
544 tlvs = &ssl; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
545 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
546 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
547 if (n >= 2 && p[0] == '0' && p[1] == 'x') { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
548 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
549 type = ngx_hextoi(p + 2, n - 2); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
550 if (type == NGX_ERROR) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
551 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
552 "invalid PROXY protocol TLV \"%V\"", name); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
553 return NGX_ERROR; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
554 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
555 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
556 return ngx_proxy_protocol_lookup_tlv(c, tlvs, type, value); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
557 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
558 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
559 for ( /* void */ ; te->type; te++) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
560 if (te->name.len == n && ngx_strncmp(te->name.data, p, n) == 0) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
561 return ngx_proxy_protocol_lookup_tlv(c, tlvs, te->type, value); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
562 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
563 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
564 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
565 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
566 "unknown PROXY protocol TLV \"%V\"", name); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
567 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
568 return NGX_DECLINED; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
569 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
570 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
571 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
572 static ngx_int_t |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
573 ngx_proxy_protocol_lookup_tlv(ngx_connection_t *c, ngx_str_t *tlvs, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
574 ngx_uint_t type, ngx_str_t *value) |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
575 { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
576 u_char *p; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
577 size_t n, len; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
578 ngx_proxy_protocol_tlv_t *tlv; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
579 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
580 ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
581 "PROXY protocol v2 lookup tlv:%02xi", type); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
582 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
583 p = tlvs->data; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
584 n = tlvs->len; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
585 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
586 while (n) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
587 if (n < sizeof(ngx_proxy_protocol_tlv_t)) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
588 ngx_log_error(NGX_LOG_ERR, c->log, 0, "broken PROXY protocol TLV"); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
589 return NGX_ERROR; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
590 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
591 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
592 tlv = (ngx_proxy_protocol_tlv_t *) p; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
593 len = ngx_proxy_protocol_parse_uint16(tlv->len); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
594 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
595 p += sizeof(ngx_proxy_protocol_tlv_t); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
596 n -= sizeof(ngx_proxy_protocol_tlv_t); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
597 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
598 if (n < len) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
599 ngx_log_error(NGX_LOG_ERR, c->log, 0, "broken PROXY protocol TLV"); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
600 return NGX_ERROR; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
601 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
602 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
603 if (tlv->type == type) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
604 value->data = p; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
605 value->len = len; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
606 return NGX_OK; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
607 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
608 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
609 p += len; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
610 n -= len; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
611 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
612 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
613 return NGX_DECLINED; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
614 } |