Mercurial > hg > nginx
annotate src/http/modules/ngx_http_grpc_module.c @ 7234:c693daca57f7
gRPC: special handling of the TE request header.
According to the gRPC protocol specification, the "TE" header is used
to detect incompatible proxies, and at least grpc-c server rejects
requests without "TE: trailers".
To preserve the logic, we have to pass "TE: trailers" to the backend if
and only if the original request contains "trailers" in the "TE" header.
Note that no other TE values are allowed in HTTP/2, so we have to remove
anything else.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Sat, 17 Mar 2018 23:04:25 +0300 |
parents | 2713b2dbf5bb |
children | c2a0a838c40f |
rev | line source |
---|---|
7233 | 1 |
2 /* | |
3 * Copyright (C) Maxim Dounin | |
4 * Copyright (C) Nginx, Inc. | |
5 */ | |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 #include <ngx_http.h> | |
11 | |
12 | |
13 typedef struct { | |
14 ngx_array_t *flushes; | |
15 ngx_array_t *lengths; | |
16 ngx_array_t *values; | |
17 ngx_hash_t hash; | |
18 } ngx_http_grpc_headers_t; | |
19 | |
20 | |
21 typedef struct { | |
22 ngx_http_upstream_conf_t upstream; | |
23 | |
24 ngx_http_grpc_headers_t headers; | |
25 ngx_array_t *headers_source; | |
26 | |
27 ngx_str_t host; | |
28 ngx_uint_t host_set; | |
29 | |
30 #if (NGX_HTTP_SSL) | |
31 ngx_uint_t ssl; | |
32 ngx_uint_t ssl_protocols; | |
33 ngx_str_t ssl_ciphers; | |
34 ngx_uint_t ssl_verify_depth; | |
35 ngx_str_t ssl_trusted_certificate; | |
36 ngx_str_t ssl_crl; | |
37 ngx_str_t ssl_certificate; | |
38 ngx_str_t ssl_certificate_key; | |
39 ngx_array_t *ssl_passwords; | |
40 #endif | |
41 } ngx_http_grpc_loc_conf_t; | |
42 | |
43 | |
44 typedef enum { | |
45 ngx_http_grpc_st_start = 0, | |
46 ngx_http_grpc_st_length_2, | |
47 ngx_http_grpc_st_length_3, | |
48 ngx_http_grpc_st_type, | |
49 ngx_http_grpc_st_flags, | |
50 ngx_http_grpc_st_stream_id, | |
51 ngx_http_grpc_st_stream_id_2, | |
52 ngx_http_grpc_st_stream_id_3, | |
53 ngx_http_grpc_st_stream_id_4, | |
54 ngx_http_grpc_st_payload, | |
55 ngx_http_grpc_st_padding | |
56 } ngx_http_grpc_state_e; | |
57 | |
58 | |
59 typedef struct { | |
60 size_t init_window; | |
61 size_t send_window; | |
62 size_t recv_window; | |
63 ngx_uint_t last_stream_id; | |
64 } ngx_http_grpc_conn_t; | |
65 | |
66 | |
67 typedef struct { | |
68 ngx_http_grpc_state_e state; | |
69 ngx_uint_t frame_state; | |
70 ngx_uint_t fragment_state; | |
71 | |
72 ngx_chain_t *in; | |
73 ngx_chain_t *out; | |
74 ngx_chain_t *free; | |
75 ngx_chain_t *busy; | |
76 | |
77 ngx_http_grpc_conn_t *connection; | |
78 | |
79 ngx_uint_t id; | |
80 | |
81 ssize_t send_window; | |
82 size_t recv_window; | |
83 | |
84 size_t rest; | |
85 ngx_uint_t stream_id; | |
86 u_char type; | |
87 u_char flags; | |
88 u_char padding; | |
89 | |
90 ngx_uint_t error; | |
91 ngx_uint_t window_update; | |
92 | |
93 ngx_uint_t setting_id; | |
94 ngx_uint_t setting_value; | |
95 | |
96 u_char ping_data[8]; | |
97 | |
98 ngx_uint_t index; | |
99 ngx_str_t name; | |
100 ngx_str_t value; | |
101 | |
102 u_char *field_end; | |
103 size_t field_length; | |
104 size_t field_rest; | |
105 u_char field_state; | |
106 | |
107 unsigned literal:1; | |
108 unsigned field_huffman:1; | |
109 | |
110 unsigned header_sent:1; | |
111 unsigned output_closed:1; | |
112 unsigned parsing_headers:1; | |
113 unsigned end_stream:1; | |
114 unsigned status:1; | |
115 | |
116 ngx_http_request_t *request; | |
117 } ngx_http_grpc_ctx_t; | |
118 | |
119 | |
120 typedef struct { | |
121 u_char length_0; | |
122 u_char length_1; | |
123 u_char length_2; | |
124 u_char type; | |
125 u_char flags; | |
126 u_char stream_id_0; | |
127 u_char stream_id_1; | |
128 u_char stream_id_2; | |
129 u_char stream_id_3; | |
130 } ngx_http_grpc_frame_t; | |
131 | |
132 | |
133 static ngx_int_t ngx_http_grpc_create_request(ngx_http_request_t *r); | |
134 static ngx_int_t ngx_http_grpc_reinit_request(ngx_http_request_t *r); | |
135 static ngx_int_t ngx_http_grpc_body_output_filter(void *data, ngx_chain_t *in); | |
136 static ngx_int_t ngx_http_grpc_process_header(ngx_http_request_t *r); | |
137 static ngx_int_t ngx_http_grpc_filter_init(void *data); | |
138 static ngx_int_t ngx_http_grpc_filter(void *data, ssize_t bytes); | |
139 | |
140 static ngx_int_t ngx_http_grpc_parse_frame(ngx_http_request_t *r, | |
141 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
142 static ngx_int_t ngx_http_grpc_parse_header(ngx_http_request_t *r, | |
143 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
144 static ngx_int_t ngx_http_grpc_parse_fragment(ngx_http_request_t *r, | |
145 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
146 static ngx_int_t ngx_http_grpc_validate_header_name(ngx_http_request_t *r, | |
147 ngx_str_t *s); | |
148 static ngx_int_t ngx_http_grpc_validate_header_value(ngx_http_request_t *r, | |
149 ngx_str_t *s); | |
150 static ngx_int_t ngx_http_grpc_parse_rst_stream(ngx_http_request_t *r, | |
151 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
152 static ngx_int_t ngx_http_grpc_parse_goaway(ngx_http_request_t *r, | |
153 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
154 static ngx_int_t ngx_http_grpc_parse_window_update(ngx_http_request_t *r, | |
155 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
156 static ngx_int_t ngx_http_grpc_parse_settings(ngx_http_request_t *r, | |
157 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
158 static ngx_int_t ngx_http_grpc_parse_ping(ngx_http_request_t *r, | |
159 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b); | |
160 | |
161 static ngx_int_t ngx_http_grpc_send_settings_ack(ngx_http_request_t *r, | |
162 ngx_http_grpc_ctx_t *ctx); | |
163 static ngx_int_t ngx_http_grpc_send_ping_ack(ngx_http_request_t *r, | |
164 ngx_http_grpc_ctx_t *ctx); | |
165 static ngx_int_t ngx_http_grpc_send_window_update(ngx_http_request_t *r, | |
166 ngx_http_grpc_ctx_t *ctx); | |
167 | |
168 static ngx_chain_t *ngx_http_grpc_get_buf(ngx_http_request_t *r, | |
169 ngx_http_grpc_ctx_t *ctx); | |
170 static ngx_http_grpc_ctx_t *ngx_http_grpc_get_ctx(ngx_http_request_t *r); | |
171 static ngx_int_t ngx_http_grpc_get_connection_data(ngx_http_request_t *r, | |
172 ngx_http_grpc_ctx_t *ctx, ngx_peer_connection_t *pc); | |
173 static void ngx_http_grpc_cleanup(void *data); | |
174 | |
175 static void ngx_http_grpc_abort_request(ngx_http_request_t *r); | |
176 static void ngx_http_grpc_finalize_request(ngx_http_request_t *r, | |
177 ngx_int_t rc); | |
178 | |
7234
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
179 static ngx_int_t ngx_http_grpc_internal_trailers_variable( |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
180 ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data); |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
181 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
182 static ngx_int_t ngx_http_grpc_add_variables(ngx_conf_t *cf); |
7233 | 183 static void *ngx_http_grpc_create_loc_conf(ngx_conf_t *cf); |
184 static char *ngx_http_grpc_merge_loc_conf(ngx_conf_t *cf, | |
185 void *parent, void *child); | |
186 static ngx_int_t ngx_http_grpc_init_headers(ngx_conf_t *cf, | |
187 ngx_http_grpc_loc_conf_t *conf, ngx_http_grpc_headers_t *headers, | |
188 ngx_keyval_t *default_headers); | |
189 | |
190 static char *ngx_http_grpc_pass(ngx_conf_t *cf, ngx_command_t *cmd, | |
191 void *conf); | |
192 | |
193 #if (NGX_HTTP_SSL) | |
194 static char *ngx_http_grpc_ssl_password_file(ngx_conf_t *cf, | |
195 ngx_command_t *cmd, void *conf); | |
196 static ngx_int_t ngx_http_grpc_set_ssl(ngx_conf_t *cf, | |
197 ngx_http_grpc_loc_conf_t *glcf); | |
198 #endif | |
199 | |
200 | |
201 static ngx_conf_bitmask_t ngx_http_grpc_next_upstream_masks[] = { | |
202 { ngx_string("error"), NGX_HTTP_UPSTREAM_FT_ERROR }, | |
203 { ngx_string("timeout"), NGX_HTTP_UPSTREAM_FT_TIMEOUT }, | |
204 { ngx_string("invalid_header"), NGX_HTTP_UPSTREAM_FT_INVALID_HEADER }, | |
205 { ngx_string("non_idempotent"), NGX_HTTP_UPSTREAM_FT_NON_IDEMPOTENT }, | |
206 { ngx_string("http_500"), NGX_HTTP_UPSTREAM_FT_HTTP_500 }, | |
207 { ngx_string("http_502"), NGX_HTTP_UPSTREAM_FT_HTTP_502 }, | |
208 { ngx_string("http_503"), NGX_HTTP_UPSTREAM_FT_HTTP_503 }, | |
209 { ngx_string("http_504"), NGX_HTTP_UPSTREAM_FT_HTTP_504 }, | |
210 { ngx_string("http_403"), NGX_HTTP_UPSTREAM_FT_HTTP_403 }, | |
211 { ngx_string("http_404"), NGX_HTTP_UPSTREAM_FT_HTTP_404 }, | |
212 { ngx_string("http_429"), NGX_HTTP_UPSTREAM_FT_HTTP_429 }, | |
213 { ngx_string("off"), NGX_HTTP_UPSTREAM_FT_OFF }, | |
214 { ngx_null_string, 0 } | |
215 }; | |
216 | |
217 | |
218 #if (NGX_HTTP_SSL) | |
219 | |
220 static ngx_conf_bitmask_t ngx_http_grpc_ssl_protocols[] = { | |
221 { ngx_string("SSLv2"), NGX_SSL_SSLv2 }, | |
222 { ngx_string("SSLv3"), NGX_SSL_SSLv3 }, | |
223 { ngx_string("TLSv1"), NGX_SSL_TLSv1 }, | |
224 { ngx_string("TLSv1.1"), NGX_SSL_TLSv1_1 }, | |
225 { ngx_string("TLSv1.2"), NGX_SSL_TLSv1_2 }, | |
226 { ngx_string("TLSv1.3"), NGX_SSL_TLSv1_3 }, | |
227 { ngx_null_string, 0 } | |
228 }; | |
229 | |
230 #endif | |
231 | |
232 | |
233 static ngx_command_t ngx_http_grpc_commands[] = { | |
234 | |
235 { ngx_string("grpc_pass"), | |
236 NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF|NGX_CONF_TAKE1, | |
237 ngx_http_grpc_pass, | |
238 NGX_HTTP_LOC_CONF_OFFSET, | |
239 0, | |
240 NULL }, | |
241 | |
242 { ngx_string("grpc_bind"), | |
243 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE12, | |
244 ngx_http_upstream_bind_set_slot, | |
245 NGX_HTTP_LOC_CONF_OFFSET, | |
246 offsetof(ngx_http_grpc_loc_conf_t, upstream.local), | |
247 NULL }, | |
248 | |
249 { ngx_string("grpc_connect_timeout"), | |
250 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
251 ngx_conf_set_msec_slot, | |
252 NGX_HTTP_LOC_CONF_OFFSET, | |
253 offsetof(ngx_http_grpc_loc_conf_t, upstream.connect_timeout), | |
254 NULL }, | |
255 | |
256 { ngx_string("grpc_send_timeout"), | |
257 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
258 ngx_conf_set_msec_slot, | |
259 NGX_HTTP_LOC_CONF_OFFSET, | |
260 offsetof(ngx_http_grpc_loc_conf_t, upstream.send_timeout), | |
261 NULL }, | |
262 | |
263 { ngx_string("grpc_intercept_errors"), | |
264 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, | |
265 ngx_conf_set_flag_slot, | |
266 NGX_HTTP_LOC_CONF_OFFSET, | |
267 offsetof(ngx_http_grpc_loc_conf_t, upstream.intercept_errors), | |
268 NULL }, | |
269 | |
270 { ngx_string("grpc_buffer_size"), | |
271 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
272 ngx_conf_set_size_slot, | |
273 NGX_HTTP_LOC_CONF_OFFSET, | |
274 offsetof(ngx_http_grpc_loc_conf_t, upstream.buffer_size), | |
275 NULL }, | |
276 | |
277 { ngx_string("grpc_read_timeout"), | |
278 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
279 ngx_conf_set_msec_slot, | |
280 NGX_HTTP_LOC_CONF_OFFSET, | |
281 offsetof(ngx_http_grpc_loc_conf_t, upstream.read_timeout), | |
282 NULL }, | |
283 | |
284 { ngx_string("grpc_next_upstream"), | |
285 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE, | |
286 ngx_conf_set_bitmask_slot, | |
287 NGX_HTTP_LOC_CONF_OFFSET, | |
288 offsetof(ngx_http_grpc_loc_conf_t, upstream.next_upstream), | |
289 &ngx_http_grpc_next_upstream_masks }, | |
290 | |
291 { ngx_string("grpc_next_upstream_tries"), | |
292 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
293 ngx_conf_set_num_slot, | |
294 NGX_HTTP_LOC_CONF_OFFSET, | |
295 offsetof(ngx_http_grpc_loc_conf_t, upstream.next_upstream_tries), | |
296 NULL }, | |
297 | |
298 { ngx_string("grpc_next_upstream_timeout"), | |
299 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
300 ngx_conf_set_msec_slot, | |
301 NGX_HTTP_LOC_CONF_OFFSET, | |
302 offsetof(ngx_http_grpc_loc_conf_t, upstream.next_upstream_timeout), | |
303 NULL }, | |
304 | |
305 { ngx_string("grpc_set_header"), | |
306 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE2, | |
307 ngx_conf_set_keyval_slot, | |
308 NGX_HTTP_LOC_CONF_OFFSET, | |
309 offsetof(ngx_http_grpc_loc_conf_t, headers_source), | |
310 NULL }, | |
311 | |
312 { ngx_string("grpc_pass_header"), | |
313 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
314 ngx_conf_set_str_array_slot, | |
315 NGX_HTTP_LOC_CONF_OFFSET, | |
316 offsetof(ngx_http_grpc_loc_conf_t, upstream.pass_headers), | |
317 NULL }, | |
318 | |
319 { ngx_string("grpc_hide_header"), | |
320 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
321 ngx_conf_set_str_array_slot, | |
322 NGX_HTTP_LOC_CONF_OFFSET, | |
323 offsetof(ngx_http_grpc_loc_conf_t, upstream.hide_headers), | |
324 NULL }, | |
325 | |
326 { ngx_string("grpc_ignore_headers"), | |
327 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE, | |
328 ngx_conf_set_bitmask_slot, | |
329 NGX_HTTP_LOC_CONF_OFFSET, | |
330 offsetof(ngx_http_grpc_loc_conf_t, upstream.ignore_headers), | |
331 &ngx_http_upstream_ignore_headers_masks }, | |
332 | |
333 #if (NGX_HTTP_SSL) | |
334 | |
335 { ngx_string("grpc_ssl_session_reuse"), | |
336 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, | |
337 ngx_conf_set_flag_slot, | |
338 NGX_HTTP_LOC_CONF_OFFSET, | |
339 offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_session_reuse), | |
340 NULL }, | |
341 | |
342 { ngx_string("grpc_ssl_protocols"), | |
343 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE, | |
344 ngx_conf_set_bitmask_slot, | |
345 NGX_HTTP_LOC_CONF_OFFSET, | |
346 offsetof(ngx_http_grpc_loc_conf_t, ssl_protocols), | |
347 &ngx_http_grpc_ssl_protocols }, | |
348 | |
349 { ngx_string("grpc_ssl_ciphers"), | |
350 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
351 ngx_conf_set_str_slot, | |
352 NGX_HTTP_LOC_CONF_OFFSET, | |
353 offsetof(ngx_http_grpc_loc_conf_t, ssl_ciphers), | |
354 NULL }, | |
355 | |
356 { ngx_string("grpc_ssl_name"), | |
357 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
358 ngx_http_set_complex_value_slot, | |
359 NGX_HTTP_LOC_CONF_OFFSET, | |
360 offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_name), | |
361 NULL }, | |
362 | |
363 { ngx_string("grpc_ssl_server_name"), | |
364 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, | |
365 ngx_conf_set_flag_slot, | |
366 NGX_HTTP_LOC_CONF_OFFSET, | |
367 offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_server_name), | |
368 NULL }, | |
369 | |
370 { ngx_string("grpc_ssl_verify"), | |
371 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, | |
372 ngx_conf_set_flag_slot, | |
373 NGX_HTTP_LOC_CONF_OFFSET, | |
374 offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_verify), | |
375 NULL }, | |
376 | |
377 { ngx_string("grpc_ssl_verify_depth"), | |
378 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
379 ngx_conf_set_num_slot, | |
380 NGX_HTTP_LOC_CONF_OFFSET, | |
381 offsetof(ngx_http_grpc_loc_conf_t, ssl_verify_depth), | |
382 NULL }, | |
383 | |
384 { ngx_string("grpc_ssl_trusted_certificate"), | |
385 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
386 ngx_conf_set_str_slot, | |
387 NGX_HTTP_LOC_CONF_OFFSET, | |
388 offsetof(ngx_http_grpc_loc_conf_t, ssl_trusted_certificate), | |
389 NULL }, | |
390 | |
391 { ngx_string("grpc_ssl_crl"), | |
392 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
393 ngx_conf_set_str_slot, | |
394 NGX_HTTP_LOC_CONF_OFFSET, | |
395 offsetof(ngx_http_grpc_loc_conf_t, ssl_crl), | |
396 NULL }, | |
397 | |
398 { ngx_string("grpc_ssl_certificate"), | |
399 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
400 ngx_conf_set_str_slot, | |
401 NGX_HTTP_LOC_CONF_OFFSET, | |
402 offsetof(ngx_http_grpc_loc_conf_t, ssl_certificate), | |
403 NULL }, | |
404 | |
405 { ngx_string("grpc_ssl_certificate_key"), | |
406 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
407 ngx_conf_set_str_slot, | |
408 NGX_HTTP_LOC_CONF_OFFSET, | |
409 offsetof(ngx_http_grpc_loc_conf_t, ssl_certificate_key), | |
410 NULL }, | |
411 | |
412 { ngx_string("grpc_ssl_password_file"), | |
413 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
414 ngx_http_grpc_ssl_password_file, | |
415 NGX_HTTP_LOC_CONF_OFFSET, | |
416 0, | |
417 NULL }, | |
418 | |
419 #endif | |
420 | |
421 ngx_null_command | |
422 }; | |
423 | |
424 | |
425 static ngx_http_module_t ngx_http_grpc_module_ctx = { | |
7234
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
426 ngx_http_grpc_add_variables, /* preconfiguration */ |
7233 | 427 NULL, /* postconfiguration */ |
428 | |
429 NULL, /* create main configuration */ | |
430 NULL, /* init main configuration */ | |
431 | |
432 NULL, /* create server configuration */ | |
433 NULL, /* merge server configuration */ | |
434 | |
435 ngx_http_grpc_create_loc_conf, /* create location configuration */ | |
436 ngx_http_grpc_merge_loc_conf /* merge location configuration */ | |
437 }; | |
438 | |
439 | |
440 ngx_module_t ngx_http_grpc_module = { | |
441 NGX_MODULE_V1, | |
442 &ngx_http_grpc_module_ctx, /* module context */ | |
443 ngx_http_grpc_commands, /* module directives */ | |
444 NGX_HTTP_MODULE, /* module type */ | |
445 NULL, /* init master */ | |
446 NULL, /* init module */ | |
447 NULL, /* init process */ | |
448 NULL, /* init thread */ | |
449 NULL, /* exit thread */ | |
450 NULL, /* exit process */ | |
451 NULL, /* exit master */ | |
452 NGX_MODULE_V1_PADDING | |
453 }; | |
454 | |
455 | |
456 static u_char ngx_http_grpc_connection_start[] = | |
457 "PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n" /* connection preface */ | |
458 | |
459 "\x00\x00\x12\x04\x00\x00\x00\x00\x00" /* settings frame */ | |
460 "\x00\x01\x00\x00\x00\x00" /* header table size */ | |
461 "\x00\x02\x00\x00\x00\x00" /* disable push */ | |
462 "\x00\x04\x7f\xff\xff\xff" /* initial window */ | |
463 | |
464 "\x00\x00\x04\x08\x00\x00\x00\x00\x00" /* window update frame */ | |
465 "\x7f\xff\x00\x00"; | |
466 | |
467 | |
468 static ngx_keyval_t ngx_http_grpc_headers[] = { | |
469 { ngx_string("Content-Length"), ngx_string("$content_length") }, | |
7234
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
470 { ngx_string("TE"), ngx_string("$grpc_internal_trailers") }, |
7233 | 471 { ngx_string("Host"), ngx_string("") }, |
472 { ngx_string("Connection"), ngx_string("") }, | |
473 { ngx_string("Transfer-Encoding"), ngx_string("") }, | |
474 { ngx_string("Keep-Alive"), ngx_string("") }, | |
475 { ngx_string("Expect"), ngx_string("") }, | |
476 { ngx_string("Upgrade"), ngx_string("") }, | |
477 { ngx_null_string, ngx_null_string } | |
478 }; | |
479 | |
480 | |
481 static ngx_str_t ngx_http_grpc_hide_headers[] = { | |
482 ngx_string("Date"), | |
483 ngx_string("Server"), | |
484 ngx_string("X-Accel-Expires"), | |
485 ngx_string("X-Accel-Redirect"), | |
486 ngx_string("X-Accel-Limit-Rate"), | |
487 ngx_string("X-Accel-Buffering"), | |
488 ngx_string("X-Accel-Charset"), | |
489 ngx_null_string | |
490 }; | |
491 | |
492 | |
7234
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
493 static ngx_http_variable_t ngx_http_grpc_vars[] = { |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
494 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
495 { ngx_string("grpc_internal_trailers"), NULL, |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
496 ngx_http_grpc_internal_trailers_variable, 0, |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
497 NGX_HTTP_VAR_NOCACHEABLE|NGX_HTTP_VAR_NOHASH, 0 }, |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
498 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
499 ngx_http_null_variable |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
500 }; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
501 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
502 |
7233 | 503 static ngx_int_t |
504 ngx_http_grpc_handler(ngx_http_request_t *r) | |
505 { | |
506 ngx_int_t rc; | |
507 ngx_http_upstream_t *u; | |
508 ngx_http_grpc_ctx_t *ctx; | |
509 ngx_http_grpc_loc_conf_t *glcf; | |
510 | |
511 if (ngx_http_upstream_create(r) != NGX_OK) { | |
512 return NGX_HTTP_INTERNAL_SERVER_ERROR; | |
513 } | |
514 | |
515 glcf = ngx_http_get_module_loc_conf(r, ngx_http_grpc_module); | |
516 | |
517 u = r->upstream; | |
518 | |
519 #if (NGX_HTTP_SSL) | |
520 u->ssl = (glcf->upstream.ssl != NULL); | |
521 | |
522 if (u->ssl) { | |
523 ngx_str_set(&u->schema, "grpcs://"); | |
524 | |
525 } else { | |
526 ngx_str_set(&u->schema, "grpc://"); | |
527 } | |
528 #else | |
529 ngx_str_set(&u->schema, "grpc://"); | |
530 #endif | |
531 | |
532 u->output.tag = (ngx_buf_tag_t) &ngx_http_grpc_module; | |
533 | |
534 u->conf = &glcf->upstream; | |
535 | |
536 u->create_request = ngx_http_grpc_create_request; | |
537 u->reinit_request = ngx_http_grpc_reinit_request; | |
538 u->process_header = ngx_http_grpc_process_header; | |
539 u->abort_request = ngx_http_grpc_abort_request; | |
540 u->finalize_request = ngx_http_grpc_finalize_request; | |
541 | |
542 ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_grpc_ctx_t)); | |
543 if (ctx == NULL) { | |
544 return NGX_HTTP_INTERNAL_SERVER_ERROR; | |
545 } | |
546 | |
547 ctx->request = r; | |
548 | |
549 ngx_http_set_ctx(r, ctx, ngx_http_grpc_module); | |
550 | |
551 u->input_filter_init = ngx_http_grpc_filter_init; | |
552 u->input_filter = ngx_http_grpc_filter; | |
553 u->input_filter_ctx = ctx; | |
554 | |
555 r->request_body_no_buffering = 1; | |
556 | |
557 rc = ngx_http_read_client_request_body(r, ngx_http_upstream_init); | |
558 | |
559 if (rc >= NGX_HTTP_SPECIAL_RESPONSE) { | |
560 return rc; | |
561 } | |
562 | |
563 return NGX_DONE; | |
564 } | |
565 | |
566 | |
567 static ngx_int_t | |
568 ngx_http_grpc_create_request(ngx_http_request_t *r) | |
569 { | |
570 u_char *p, *tmp, *key_tmp, *val_tmp, *headers_frame; | |
571 size_t len, tmp_len, key_len, val_len, uri_len; | |
572 uintptr_t escape; | |
573 ngx_buf_t *b; | |
574 ngx_uint_t i, next; | |
575 ngx_chain_t *cl, *body; | |
576 ngx_list_part_t *part; | |
577 ngx_table_elt_t *header; | |
578 ngx_http_upstream_t *u; | |
579 ngx_http_grpc_frame_t *f; | |
580 ngx_http_script_code_pt code; | |
581 ngx_http_grpc_loc_conf_t *glcf; | |
582 ngx_http_script_engine_t e, le; | |
583 ngx_http_script_len_code_pt lcode; | |
584 | |
585 u = r->upstream; | |
586 | |
587 glcf = ngx_http_get_module_loc_conf(r, ngx_http_grpc_module); | |
588 | |
589 len = sizeof(ngx_http_grpc_connection_start) - 1 | |
590 + sizeof(ngx_http_grpc_frame_t); /* headers frame */ | |
591 | |
592 /* :method header */ | |
593 | |
594 if (r->method == NGX_HTTP_GET || r->method == NGX_HTTP_POST) { | |
595 len += 1; | |
596 tmp_len = 0; | |
597 | |
598 } else { | |
599 len += 1 + NGX_HTTP_V2_INT_OCTETS + r->method_name.len; | |
600 tmp_len = r->method_name.len; | |
601 } | |
602 | |
603 /* :scheme header */ | |
604 | |
605 len += 1; | |
606 | |
607 /* :path header */ | |
608 | |
609 if (r->valid_unparsed_uri) { | |
610 escape = 0; | |
611 uri_len = r->unparsed_uri.len; | |
612 | |
613 } else { | |
614 escape = 2 * ngx_escape_uri(NULL, r->uri.data, r->uri.len, | |
615 NGX_ESCAPE_URI); | |
616 uri_len = r->uri.len + escape + sizeof("?") - 1 + r->args.len; | |
617 } | |
618 | |
619 len += 1 + NGX_HTTP_V2_INT_OCTETS + uri_len; | |
620 | |
621 if (tmp_len < uri_len) { | |
622 tmp_len = uri_len; | |
623 } | |
624 | |
625 /* :authority header */ | |
626 | |
627 if (!glcf->host_set) { | |
628 len += 1 + NGX_HTTP_V2_INT_OCTETS + glcf->host.len; | |
629 | |
630 if (tmp_len < glcf->host.len) { | |
631 tmp_len = glcf->host.len; | |
632 } | |
633 } | |
634 | |
635 /* other headers */ | |
636 | |
637 ngx_http_script_flush_no_cacheable_variables(r, glcf->headers.flushes); | |
638 ngx_memzero(&le, sizeof(ngx_http_script_engine_t)); | |
639 | |
640 le.ip = glcf->headers.lengths->elts; | |
641 le.request = r; | |
642 le.flushed = 1; | |
643 | |
644 while (*(uintptr_t *) le.ip) { | |
645 | |
646 lcode = *(ngx_http_script_len_code_pt *) le.ip; | |
647 key_len = lcode(&le); | |
648 | |
649 for (val_len = 0; *(uintptr_t *) le.ip; val_len += lcode(&le)) { | |
650 lcode = *(ngx_http_script_len_code_pt *) le.ip; | |
651 } | |
652 le.ip += sizeof(uintptr_t); | |
653 | |
654 if (val_len == 0) { | |
655 continue; | |
656 } | |
657 | |
658 len += 1 + NGX_HTTP_V2_INT_OCTETS + key_len | |
659 + NGX_HTTP_V2_INT_OCTETS + val_len; | |
660 | |
661 if (tmp_len < key_len) { | |
662 tmp_len = key_len; | |
663 } | |
664 | |
665 if (tmp_len < val_len) { | |
666 tmp_len = val_len; | |
667 } | |
668 } | |
669 | |
670 if (glcf->upstream.pass_request_headers) { | |
671 part = &r->headers_in.headers.part; | |
672 header = part->elts; | |
673 | |
674 for (i = 0; /* void */; i++) { | |
675 | |
676 if (i >= part->nelts) { | |
677 if (part->next == NULL) { | |
678 break; | |
679 } | |
680 | |
681 part = part->next; | |
682 header = part->elts; | |
683 i = 0; | |
684 } | |
685 | |
686 if (ngx_hash_find(&glcf->headers.hash, header[i].hash, | |
687 header[i].lowcase_key, header[i].key.len)) | |
688 { | |
689 continue; | |
690 } | |
691 | |
692 len += 1 + NGX_HTTP_V2_INT_OCTETS + header[i].key.len | |
693 + NGX_HTTP_V2_INT_OCTETS + header[i].value.len; | |
694 | |
695 if (tmp_len < header[i].key.len) { | |
696 tmp_len = header[i].key.len; | |
697 } | |
698 | |
699 if (tmp_len < header[i].value.len) { | |
700 tmp_len = header[i].value.len; | |
701 } | |
702 } | |
703 } | |
704 | |
705 /* continuation frames */ | |
706 | |
707 len += sizeof(ngx_http_grpc_frame_t) | |
708 * (len / NGX_HTTP_V2_DEFAULT_FRAME_SIZE); | |
709 | |
710 | |
711 b = ngx_create_temp_buf(r->pool, len); | |
712 if (b == NULL) { | |
713 return NGX_ERROR; | |
714 } | |
715 | |
716 cl = ngx_alloc_chain_link(r->pool); | |
717 if (cl == NULL) { | |
718 return NGX_ERROR; | |
719 } | |
720 | |
721 cl->buf = b; | |
722 cl->next = NULL; | |
723 | |
724 tmp = ngx_palloc(r->pool, tmp_len * 3); | |
725 if (tmp == NULL) { | |
726 return NGX_ERROR; | |
727 } | |
728 | |
729 key_tmp = tmp + tmp_len; | |
730 val_tmp = tmp + 2 * tmp_len; | |
731 | |
732 /* connection preface */ | |
733 | |
734 b->last = ngx_copy(b->last, ngx_http_grpc_connection_start, | |
735 sizeof(ngx_http_grpc_connection_start) - 1); | |
736 | |
737 /* headers frame */ | |
738 | |
739 headers_frame = b->last; | |
740 | |
741 f = (ngx_http_grpc_frame_t *) b->last; | |
742 b->last += sizeof(ngx_http_grpc_frame_t); | |
743 | |
744 f->length_0 = 0; | |
745 f->length_1 = 0; | |
746 f->length_2 = 0; | |
747 f->type = NGX_HTTP_V2_HEADERS_FRAME; | |
748 f->flags = 0; | |
749 f->stream_id_0 = 0; | |
750 f->stream_id_1 = 0; | |
751 f->stream_id_2 = 0; | |
752 f->stream_id_3 = 1; | |
753 | |
754 if (r->method == NGX_HTTP_GET) { | |
755 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_METHOD_GET_INDEX); | |
756 | |
757 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
758 "grpc header: \":method: GET\""); | |
759 | |
760 } else if (r->method == NGX_HTTP_POST) { | |
761 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_METHOD_POST_INDEX); | |
762 | |
763 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
764 "grpc header: \":method: POST\""); | |
765 | |
766 } else { | |
767 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_METHOD_INDEX); | |
768 b->last = ngx_http_v2_write_value(b->last, r->method_name.data, | |
769 r->method_name.len, tmp); | |
770 | |
771 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
772 "grpc header: \":method: %V\"", &r->method_name); | |
773 } | |
774 | |
775 #if (NGX_HTTP_SSL) | |
776 if (glcf->ssl) { | |
777 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_SCHEME_HTTPS_INDEX); | |
778 | |
779 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
780 "grpc header: \":scheme: https\""); | |
781 } else | |
782 #endif | |
783 { | |
784 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_SCHEME_HTTP_INDEX); | |
785 | |
786 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
787 "grpc header: \":scheme: http\""); | |
788 } | |
789 | |
790 if (r->valid_unparsed_uri) { | |
791 | |
792 if (r->unparsed_uri.len == 1 && r->unparsed_uri.data[0] == '/') { | |
793 *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_PATH_ROOT_INDEX); | |
794 | |
795 } else { | |
796 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX); | |
797 b->last = ngx_http_v2_write_value(b->last, r->unparsed_uri.data, | |
798 r->unparsed_uri.len, tmp); | |
799 } | |
800 | |
801 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
802 "grpc header: \":path: %V\"", &r->unparsed_uri); | |
803 | |
804 } else if (escape || r->args.len > 0) { | |
805 p = val_tmp; | |
806 | |
807 if (escape) { | |
808 p = (u_char *) ngx_escape_uri(p, r->uri.data, r->uri.len, | |
809 NGX_ESCAPE_URI); | |
810 | |
811 } else { | |
812 p = ngx_copy(p, r->uri.data, r->uri.len); | |
813 } | |
814 | |
815 if (r->args.len > 0) { | |
816 *p++ = '?'; | |
817 p = ngx_copy(p, r->args.data, r->args.len); | |
818 } | |
819 | |
820 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX); | |
821 b->last = ngx_http_v2_write_value(b->last, val_tmp, p - val_tmp, tmp); | |
822 | |
823 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
824 "grpc header: \":path: %*s\"", p - val_tmp, val_tmp); | |
825 | |
826 } else { | |
827 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX); | |
828 b->last = ngx_http_v2_write_value(b->last, r->uri.data, | |
829 r->uri.len, tmp); | |
830 | |
831 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
832 "grpc header: \":path: %V\"", &r->uri); | |
833 } | |
834 | |
835 if (!glcf->host_set) { | |
836 *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_AUTHORITY_INDEX); | |
837 b->last = ngx_http_v2_write_value(b->last, glcf->host.data, | |
838 glcf->host.len, tmp); | |
839 | |
840 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
841 "grpc header: \":authority: %V\"", &glcf->host); | |
842 } | |
843 | |
844 ngx_memzero(&e, sizeof(ngx_http_script_engine_t)); | |
845 | |
846 e.ip = glcf->headers.values->elts; | |
847 e.request = r; | |
848 e.flushed = 1; | |
849 | |
850 le.ip = glcf->headers.lengths->elts; | |
851 | |
852 while (*(uintptr_t *) le.ip) { | |
853 | |
854 lcode = *(ngx_http_script_len_code_pt *) le.ip; | |
855 key_len = lcode(&le); | |
856 | |
857 for (val_len = 0; *(uintptr_t *) le.ip; val_len += lcode(&le)) { | |
858 lcode = *(ngx_http_script_len_code_pt *) le.ip; | |
859 } | |
860 le.ip += sizeof(uintptr_t); | |
861 | |
862 if (val_len == 0) { | |
863 e.skip = 1; | |
864 | |
865 while (*(uintptr_t *) e.ip) { | |
866 code = *(ngx_http_script_code_pt *) e.ip; | |
867 code((ngx_http_script_engine_t *) &e); | |
868 } | |
869 e.ip += sizeof(uintptr_t); | |
870 | |
871 e.skip = 0; | |
872 | |
873 continue; | |
874 } | |
875 | |
876 *b->last++ = 0; | |
877 | |
878 e.pos = key_tmp; | |
879 | |
880 code = *(ngx_http_script_code_pt *) e.ip; | |
881 code((ngx_http_script_engine_t *) &e); | |
882 | |
883 b->last = ngx_http_v2_write_name(b->last, key_tmp, key_len, tmp); | |
884 | |
885 e.pos = val_tmp; | |
886 | |
887 while (*(uintptr_t *) e.ip) { | |
888 code = *(ngx_http_script_code_pt *) e.ip; | |
889 code((ngx_http_script_engine_t *) &e); | |
890 } | |
891 e.ip += sizeof(uintptr_t); | |
892 | |
893 b->last = ngx_http_v2_write_value(b->last, val_tmp, val_len, tmp); | |
894 | |
895 #if (NGX_DEBUG) | |
896 if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) { | |
897 ngx_strlow(key_tmp, key_tmp, key_len); | |
898 | |
899 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
900 "grpc header: \"%*s: %*s\"", | |
901 key_len, key_tmp, val_len, val_tmp); | |
902 } | |
903 #endif | |
904 } | |
905 | |
906 if (glcf->upstream.pass_request_headers) { | |
907 part = &r->headers_in.headers.part; | |
908 header = part->elts; | |
909 | |
910 for (i = 0; /* void */; i++) { | |
911 | |
912 if (i >= part->nelts) { | |
913 if (part->next == NULL) { | |
914 break; | |
915 } | |
916 | |
917 part = part->next; | |
918 header = part->elts; | |
919 i = 0; | |
920 } | |
921 | |
922 if (ngx_hash_find(&glcf->headers.hash, header[i].hash, | |
923 header[i].lowcase_key, header[i].key.len)) | |
924 { | |
925 continue; | |
926 } | |
927 | |
928 *b->last++ = 0; | |
929 | |
930 b->last = ngx_http_v2_write_name(b->last, header[i].key.data, | |
931 header[i].key.len, tmp); | |
932 | |
933 b->last = ngx_http_v2_write_value(b->last, header[i].value.data, | |
934 header[i].value.len, tmp); | |
935 | |
936 #if (NGX_DEBUG) | |
937 if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) { | |
938 ngx_strlow(tmp, header[i].key.data, header[i].key.len); | |
939 | |
940 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
941 "grpc header: \"%*s: %V\"", | |
942 header[i].key.len, tmp, &header[i].value); | |
943 } | |
944 #endif | |
945 } | |
946 } | |
947 | |
948 /* update headers frame length */ | |
949 | |
950 len = b->last - headers_frame - sizeof(ngx_http_grpc_frame_t); | |
951 | |
952 if (len > NGX_HTTP_V2_DEFAULT_FRAME_SIZE) { | |
953 len = NGX_HTTP_V2_DEFAULT_FRAME_SIZE; | |
954 next = 1; | |
955 | |
956 } else { | |
957 next = 0; | |
958 } | |
959 | |
960 f = (ngx_http_grpc_frame_t *) headers_frame; | |
961 | |
962 f->length_0 = (u_char) ((len >> 16) & 0xff); | |
963 f->length_1 = (u_char) ((len >> 8) & 0xff); | |
964 f->length_2 = (u_char) (len & 0xff); | |
965 | |
966 /* create additional continuation frames */ | |
967 | |
968 p = headers_frame; | |
969 | |
970 while (next) { | |
971 p += sizeof(ngx_http_grpc_frame_t) + NGX_HTTP_V2_DEFAULT_FRAME_SIZE; | |
972 len = b->last - p; | |
973 | |
974 ngx_memmove(p + sizeof(ngx_http_grpc_frame_t), p, len); | |
975 b->last += sizeof(ngx_http_grpc_frame_t); | |
976 | |
977 if (len > NGX_HTTP_V2_DEFAULT_FRAME_SIZE) { | |
978 len = NGX_HTTP_V2_DEFAULT_FRAME_SIZE; | |
979 next = 1; | |
980 | |
981 } else { | |
982 next = 0; | |
983 } | |
984 | |
985 f = (ngx_http_grpc_frame_t *) p; | |
986 | |
987 f->length_0 = (u_char) ((len >> 16) & 0xff); | |
988 f->length_1 = (u_char) ((len >> 8) & 0xff); | |
989 f->length_2 = (u_char) (len & 0xff); | |
990 f->type = NGX_HTTP_V2_CONTINUATION_FRAME; | |
991 f->flags = 0; | |
992 f->stream_id_0 = 0; | |
993 f->stream_id_1 = 0; | |
994 f->stream_id_2 = 0; | |
995 f->stream_id_3 = 1; | |
996 } | |
997 | |
998 f->flags |= NGX_HTTP_V2_END_HEADERS_FLAG; | |
999 | |
1000 #if (NGX_DEBUG) | |
1001 if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) { | |
1002 u_char buf[512]; | |
1003 size_t n, m; | |
1004 | |
1005 n = ngx_min(b->last - b->pos, 256); | |
1006 m = ngx_hex_dump(buf, b->pos, n) - buf; | |
1007 | |
1008 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1009 "grpc header: %*s%s, len: %uz", | |
1010 m, buf, b->last - b->pos > 256 ? "..." : "", | |
1011 b->last - b->pos); | |
1012 } | |
1013 #endif | |
1014 | |
1015 if (r->request_body_no_buffering) { | |
1016 | |
1017 u->request_bufs = cl; | |
1018 | |
1019 } else { | |
1020 | |
1021 body = u->request_bufs; | |
1022 u->request_bufs = cl; | |
1023 | |
1024 if (body == NULL) { | |
1025 f = (ngx_http_grpc_frame_t *) headers_frame; | |
1026 f->flags |= NGX_HTTP_V2_END_STREAM_FLAG; | |
1027 } | |
1028 | |
1029 while (body) { | |
1030 b = ngx_alloc_buf(r->pool); | |
1031 if (b == NULL) { | |
1032 return NGX_ERROR; | |
1033 } | |
1034 | |
1035 ngx_memcpy(b, body->buf, sizeof(ngx_buf_t)); | |
1036 | |
1037 cl->next = ngx_alloc_chain_link(r->pool); | |
1038 if (cl->next == NULL) { | |
1039 return NGX_ERROR; | |
1040 } | |
1041 | |
1042 cl = cl->next; | |
1043 cl->buf = b; | |
1044 | |
1045 body = body->next; | |
1046 } | |
1047 | |
1048 b->last_buf = 1; | |
1049 } | |
1050 | |
1051 u->output.output_filter = ngx_http_grpc_body_output_filter; | |
1052 u->output.filter_ctx = r; | |
1053 | |
1054 b->flush = 1; | |
1055 cl->next = NULL; | |
1056 | |
1057 return NGX_OK; | |
1058 } | |
1059 | |
1060 | |
1061 static ngx_int_t | |
1062 ngx_http_grpc_reinit_request(ngx_http_request_t *r) | |
1063 { | |
1064 ngx_http_grpc_ctx_t *ctx; | |
1065 | |
1066 ctx = ngx_http_get_module_ctx(r, ngx_http_grpc_module); | |
1067 | |
1068 if (ctx == NULL) { | |
1069 return NGX_OK; | |
1070 } | |
1071 | |
1072 ctx->state = 0; | |
1073 ctx->header_sent = 0; | |
1074 ctx->output_closed = 0; | |
1075 ctx->parsing_headers = 0; | |
1076 ctx->end_stream = 0; | |
1077 ctx->status = 0; | |
1078 ctx->connection = NULL; | |
1079 | |
1080 return NGX_OK; | |
1081 } | |
1082 | |
1083 | |
1084 static ngx_int_t | |
1085 ngx_http_grpc_body_output_filter(void *data, ngx_chain_t *in) | |
1086 { | |
1087 ngx_http_request_t *r = data; | |
1088 | |
1089 off_t file_pos; | |
1090 u_char *p, *pos, *start; | |
1091 size_t len, limit; | |
1092 ngx_buf_t *b; | |
1093 ngx_int_t rc; | |
1094 ngx_uint_t next, last; | |
1095 ngx_chain_t *cl, *out, **ll; | |
1096 ngx_http_grpc_ctx_t *ctx; | |
1097 ngx_http_grpc_frame_t *f; | |
1098 | |
1099 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1100 "grpc output filter"); | |
1101 | |
1102 ctx = ngx_http_grpc_get_ctx(r); | |
1103 | |
1104 if (ctx == NULL) { | |
1105 return NGX_ERROR; | |
1106 } | |
1107 | |
1108 if (in) { | |
1109 if (ngx_chain_add_copy(r->pool, &ctx->in, in) != NGX_OK) { | |
1110 return NGX_ERROR; | |
1111 } | |
1112 } | |
1113 | |
1114 out = NULL; | |
1115 ll = &out; | |
1116 | |
1117 if (!ctx->header_sent) { | |
1118 /* first buffer contains headers */ | |
1119 | |
1120 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1121 "grpc output header"); | |
1122 | |
1123 ctx->header_sent = 1; | |
1124 | |
1125 if (ctx->id != 1) { | |
1126 /* | |
1127 * keepalive connection: skip connection preface, | |
1128 * update stream identifiers | |
1129 */ | |
1130 | |
1131 b = ctx->in->buf; | |
1132 b->pos += sizeof(ngx_http_grpc_connection_start) - 1; | |
1133 | |
1134 p = b->pos; | |
1135 | |
1136 while (p < b->last) { | |
1137 f = (ngx_http_grpc_frame_t *) p; | |
1138 p += sizeof(ngx_http_grpc_frame_t); | |
1139 | |
1140 f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff); | |
1141 f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff); | |
1142 f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff); | |
1143 f->stream_id_3 = (u_char) (ctx->id & 0xff); | |
1144 | |
1145 p += (f->length_0 << 16) + (f->length_1 << 8) + f->length_2; | |
1146 } | |
1147 } | |
1148 | |
1149 if (ctx->in->buf->last_buf) { | |
1150 ctx->output_closed = 1; | |
1151 } | |
1152 | |
1153 *ll = ctx->in; | |
1154 ll = &ctx->in->next; | |
1155 | |
1156 ctx->in = ctx->in->next; | |
1157 } | |
1158 | |
1159 if (ctx->out) { | |
1160 /* queued control frames */ | |
1161 | |
1162 *ll = ctx->out; | |
1163 | |
1164 for (cl = ctx->out, ll = &cl->next; cl; cl = cl->next) { | |
1165 ll = &cl->next; | |
1166 } | |
1167 | |
1168 ctx->out = NULL; | |
1169 } | |
1170 | |
1171 f = NULL; | |
1172 last = 0; | |
1173 | |
1174 limit = ngx_max(0, ctx->send_window); | |
1175 | |
1176 if (limit > ctx->connection->send_window) { | |
1177 limit = ctx->connection->send_window; | |
1178 } | |
1179 | |
1180 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1181 "grpc output limit: %uz w:%z:%uz", | |
1182 limit, ctx->send_window, ctx->connection->send_window); | |
1183 | |
1184 #if (NGX_SUPPRESS_WARN) | |
1185 file_pos = 0; | |
1186 pos = NULL; | |
1187 cl = NULL; | |
1188 #endif | |
1189 | |
1190 in = ctx->in; | |
1191 | |
1192 while (in && limit > 0) { | |
1193 | |
1194 ngx_log_debug7(NGX_LOG_DEBUG_EVENT, r->connection->log, 0, | |
1195 "grpc output in l:%d f:%d %p, pos %p, size: %z " | |
1196 "file: %O, size: %O", | |
1197 in->buf->last_buf, | |
1198 in->buf->in_file, | |
1199 in->buf->start, in->buf->pos, | |
1200 in->buf->last - in->buf->pos, | |
1201 in->buf->file_pos, | |
1202 in->buf->file_last - in->buf->file_pos); | |
1203 | |
1204 if (ngx_buf_special(in->buf)) { | |
1205 goto next; | |
1206 } | |
1207 | |
1208 if (in->buf->in_file) { | |
1209 file_pos = in->buf->file_pos; | |
1210 | |
1211 } else { | |
1212 pos = in->buf->pos; | |
1213 } | |
1214 | |
1215 next = 0; | |
1216 | |
1217 do { | |
1218 | |
1219 cl = ngx_http_grpc_get_buf(r, ctx); | |
1220 if (cl == NULL) { | |
1221 return NGX_ERROR; | |
1222 } | |
1223 | |
1224 b = cl->buf; | |
1225 | |
1226 f = (ngx_http_grpc_frame_t *) b->last; | |
1227 b->last += sizeof(ngx_http_grpc_frame_t); | |
1228 | |
1229 *ll = cl; | |
1230 ll = &cl->next; | |
1231 | |
1232 cl = ngx_chain_get_free_buf(r->pool, &ctx->free); | |
1233 if (cl == NULL) { | |
1234 return NGX_ERROR; | |
1235 } | |
1236 | |
1237 b = cl->buf; | |
1238 start = b->start; | |
1239 | |
1240 ngx_memcpy(b, in->buf, sizeof(ngx_buf_t)); | |
1241 | |
1242 /* | |
1243 * restore b->start to preserve memory allocated in the buffer, | |
1244 * to reuse it later for headers and control frames | |
1245 */ | |
1246 | |
1247 b->start = start; | |
1248 | |
1249 if (in->buf->in_file) { | |
1250 b->file_pos = file_pos; | |
1251 file_pos += ngx_min(NGX_HTTP_V2_DEFAULT_FRAME_SIZE, limit); | |
1252 | |
1253 if (file_pos >= in->buf->file_last) { | |
1254 file_pos = in->buf->file_last; | |
1255 next = 1; | |
1256 } | |
1257 | |
1258 b->file_last = file_pos; | |
1259 len = (ngx_uint_t) (file_pos - b->file_pos); | |
1260 | |
1261 } else { | |
1262 b->pos = pos; | |
1263 pos += ngx_min(NGX_HTTP_V2_DEFAULT_FRAME_SIZE, limit); | |
1264 | |
1265 if (pos >= in->buf->last) { | |
1266 pos = in->buf->last; | |
1267 next = 1; | |
1268 } | |
1269 | |
1270 b->last = pos; | |
1271 len = (ngx_uint_t) (pos - b->pos); | |
1272 } | |
1273 | |
1274 b->tag = (ngx_buf_tag_t) &ngx_http_grpc_body_output_filter; | |
1275 b->shadow = in->buf; | |
1276 b->last_shadow = next; | |
1277 | |
1278 b->last_buf = 0; | |
1279 b->last_in_chain = 0; | |
1280 | |
1281 *ll = cl; | |
1282 ll = &cl->next; | |
1283 | |
1284 f->length_0 = (u_char) ((len >> 16) & 0xff); | |
1285 f->length_1 = (u_char) ((len >> 8) & 0xff); | |
1286 f->length_2 = (u_char) (len & 0xff); | |
1287 f->type = NGX_HTTP_V2_DATA_FRAME; | |
1288 f->flags = 0; | |
1289 f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff); | |
1290 f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff); | |
1291 f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff); | |
1292 f->stream_id_3 = (u_char) (ctx->id & 0xff); | |
1293 | |
1294 limit -= len; | |
1295 ctx->send_window -= len; | |
1296 ctx->connection->send_window -= len; | |
1297 | |
1298 } while (!next && limit > 0); | |
1299 | |
1300 if (!next) { | |
1301 /* | |
1302 * if the buffer wasn't fully sent due to flow control limits, | |
1303 * preserve position for future use | |
1304 */ | |
1305 | |
1306 if (in->buf->in_file) { | |
1307 in->buf->file_pos = file_pos; | |
1308 | |
1309 } else { | |
1310 in->buf->pos = pos; | |
1311 } | |
1312 | |
1313 break; | |
1314 } | |
1315 | |
1316 next: | |
1317 | |
1318 if (in->buf->last_buf) { | |
1319 last = 1; | |
1320 } | |
1321 | |
1322 in = in->next; | |
1323 } | |
1324 | |
1325 ctx->in = in; | |
1326 | |
1327 if (last) { | |
1328 | |
1329 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1330 "grpc output last"); | |
1331 | |
1332 ctx->output_closed = 1; | |
1333 | |
1334 if (f) { | |
1335 f->flags |= NGX_HTTP_V2_END_STREAM_FLAG; | |
1336 | |
1337 } else { | |
1338 cl = ngx_http_grpc_get_buf(r, ctx); | |
1339 if (cl == NULL) { | |
1340 return NGX_ERROR; | |
1341 } | |
1342 | |
1343 b = cl->buf; | |
1344 | |
1345 f = (ngx_http_grpc_frame_t *) b->last; | |
1346 b->last += sizeof(ngx_http_grpc_frame_t); | |
1347 | |
1348 f->length_0 = 0; | |
1349 f->length_1 = 0; | |
1350 f->length_2 = 0; | |
1351 f->type = NGX_HTTP_V2_DATA_FRAME; | |
1352 f->flags = NGX_HTTP_V2_END_STREAM_FLAG; | |
1353 f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff); | |
1354 f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff); | |
1355 f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff); | |
1356 f->stream_id_3 = (u_char) (ctx->id & 0xff); | |
1357 | |
1358 *ll = cl; | |
1359 ll = &cl->next; | |
1360 } | |
1361 | |
1362 cl->buf->last_buf = 1; | |
1363 } | |
1364 | |
1365 *ll = NULL; | |
1366 | |
1367 #if (NGX_DEBUG) | |
1368 | |
1369 for (cl = out; cl; cl = cl->next) { | |
1370 ngx_log_debug7(NGX_LOG_DEBUG_EVENT, r->connection->log, 0, | |
1371 "grpc output out l:%d f:%d %p, pos %p, size: %z " | |
1372 "file: %O, size: %O", | |
1373 cl->buf->last_buf, | |
1374 cl->buf->in_file, | |
1375 cl->buf->start, cl->buf->pos, | |
1376 cl->buf->last - cl->buf->pos, | |
1377 cl->buf->file_pos, | |
1378 cl->buf->file_last - cl->buf->file_pos); | |
1379 } | |
1380 | |
1381 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1382 "grpc output limit: %uz w:%z:%uz", | |
1383 limit, ctx->send_window, ctx->connection->send_window); | |
1384 | |
1385 #endif | |
1386 | |
1387 rc = ngx_chain_writer(&r->upstream->writer, out); | |
1388 | |
1389 ngx_chain_update_chains(r->pool, &ctx->free, &ctx->busy, &out, | |
1390 (ngx_buf_tag_t) &ngx_http_grpc_body_output_filter); | |
1391 | |
1392 for (cl = ctx->free; cl; cl = cl->next) { | |
1393 | |
1394 /* mark original buffers as sent */ | |
1395 | |
1396 if (cl->buf->shadow) { | |
1397 if (cl->buf->last_shadow) { | |
1398 b = cl->buf->shadow; | |
1399 b->pos = b->last; | |
1400 } | |
1401 | |
1402 cl->buf->shadow = NULL; | |
1403 } | |
1404 } | |
1405 | |
1406 if (rc == NGX_OK && ctx->in) { | |
1407 rc = NGX_AGAIN; | |
1408 } | |
1409 | |
1410 return rc; | |
1411 } | |
1412 | |
1413 | |
1414 static ngx_int_t | |
1415 ngx_http_grpc_process_header(ngx_http_request_t *r) | |
1416 { | |
1417 ngx_str_t *status_line; | |
1418 ngx_int_t rc, status; | |
1419 ngx_buf_t *b; | |
1420 ngx_table_elt_t *h; | |
1421 ngx_http_upstream_t *u; | |
1422 ngx_http_grpc_ctx_t *ctx; | |
1423 ngx_http_upstream_header_t *hh; | |
1424 ngx_http_upstream_main_conf_t *umcf; | |
1425 | |
1426 u = r->upstream; | |
1427 b = &u->buffer; | |
1428 | |
1429 #if (NGX_DEBUG) | |
1430 if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) { | |
1431 u_char buf[512]; | |
1432 size_t n, m; | |
1433 | |
1434 n = ngx_min(b->last - b->pos, 256); | |
1435 m = ngx_hex_dump(buf, b->pos, n) - buf; | |
1436 | |
1437 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1438 "grpc response: %*s%s, len: %uz", | |
1439 m, buf, b->last - b->pos > 256 ? "..." : "", | |
1440 b->last - b->pos); | |
1441 } | |
1442 #endif | |
1443 | |
1444 ctx = ngx_http_grpc_get_ctx(r); | |
1445 | |
1446 if (ctx == NULL) { | |
1447 return NGX_ERROR; | |
1448 } | |
1449 | |
1450 umcf = ngx_http_get_module_main_conf(r, ngx_http_upstream_module); | |
1451 | |
1452 for ( ;; ) { | |
1453 | |
1454 if (ctx->state < ngx_http_grpc_st_payload) { | |
1455 | |
1456 rc = ngx_http_grpc_parse_frame(r, ctx, b); | |
1457 | |
1458 if (rc == NGX_AGAIN) { | |
1459 | |
1460 /* | |
1461 * there can be a lot of window update frames, | |
1462 * so we reset buffer if it is empty and we haven't | |
1463 * started parsing headers yet | |
1464 */ | |
1465 | |
1466 if (!ctx->parsing_headers) { | |
1467 b->pos = b->start; | |
1468 b->last = b->pos; | |
1469 } | |
1470 | |
1471 return NGX_AGAIN; | |
1472 } | |
1473 | |
1474 if (rc == NGX_ERROR) { | |
1475 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1476 } | |
1477 | |
1478 /* | |
1479 * RFC 7540 says that implementations MUST discard frames | |
1480 * that have unknown or unsupported types. However, extension | |
1481 * frames that appear in the middle of a header block are | |
1482 * not permitted. Also, for obvious reasons CONTINUATION frames | |
1483 * cannot appear before headers, and DATA frames are not expected | |
1484 * to appear before all headers are parsed. | |
1485 */ | |
1486 | |
1487 if (ctx->type == NGX_HTTP_V2_DATA_FRAME | |
1488 || (ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME | |
1489 && !ctx->parsing_headers) | |
1490 || (ctx->type != NGX_HTTP_V2_CONTINUATION_FRAME | |
1491 && ctx->parsing_headers)) | |
1492 { | |
1493 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1494 "upstream sent unexpected http2 frame: %d", | |
1495 ctx->type); | |
1496 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1497 } | |
1498 | |
1499 if (ctx->stream_id && ctx->stream_id != ctx->id) { | |
1500 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1501 "upstream sent frame for unknown stream %ui", | |
1502 ctx->stream_id); | |
1503 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1504 } | |
1505 } | |
1506 | |
1507 /* frame payload */ | |
1508 | |
1509 if (ctx->type == NGX_HTTP_V2_RST_STREAM_FRAME) { | |
1510 | |
1511 rc = ngx_http_grpc_parse_rst_stream(r, ctx, b); | |
1512 | |
1513 if (rc == NGX_AGAIN) { | |
1514 return NGX_AGAIN; | |
1515 } | |
1516 | |
1517 if (rc == NGX_ERROR) { | |
1518 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1519 } | |
1520 | |
1521 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1522 "upstream rejected request with error %ui", | |
1523 ctx->error); | |
1524 | |
1525 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1526 } | |
1527 | |
1528 if (ctx->type == NGX_HTTP_V2_GOAWAY_FRAME) { | |
1529 | |
1530 rc = ngx_http_grpc_parse_goaway(r, ctx, b); | |
1531 | |
1532 if (rc == NGX_AGAIN) { | |
1533 return NGX_AGAIN; | |
1534 } | |
1535 | |
1536 if (rc == NGX_ERROR) { | |
1537 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1538 } | |
1539 | |
1540 /* | |
1541 * If stream_id is lower than one we use, our | |
1542 * request won't be processed and needs to be retried. | |
1543 * If stream_id is greater or equal to the one we use, | |
1544 * we can continue normally (except we can't use this | |
1545 * connection for additional requests). If there is | |
1546 * a real error, the connection will be closed. | |
1547 */ | |
1548 | |
1549 if (ctx->stream_id < ctx->id) { | |
1550 | |
1551 /* TODO: we can retry non-idempotent requests */ | |
1552 | |
1553 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1554 "upstream sent goaway with error %ui", | |
1555 ctx->error); | |
1556 | |
1557 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1558 } | |
1559 | |
1560 continue; | |
1561 } | |
1562 | |
1563 if (ctx->type == NGX_HTTP_V2_WINDOW_UPDATE_FRAME) { | |
1564 | |
1565 rc = ngx_http_grpc_parse_window_update(r, ctx, b); | |
1566 | |
1567 if (rc == NGX_AGAIN) { | |
1568 return NGX_AGAIN; | |
1569 } | |
1570 | |
1571 if (rc == NGX_ERROR) { | |
1572 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1573 } | |
1574 | |
1575 if (ctx->in) { | |
1576 ngx_post_event(u->peer.connection->write, &ngx_posted_events); | |
1577 } | |
1578 | |
1579 continue; | |
1580 } | |
1581 | |
1582 if (ctx->type == NGX_HTTP_V2_SETTINGS_FRAME) { | |
1583 | |
1584 rc = ngx_http_grpc_parse_settings(r, ctx, b); | |
1585 | |
1586 if (rc == NGX_AGAIN) { | |
1587 return NGX_AGAIN; | |
1588 } | |
1589 | |
1590 if (rc == NGX_ERROR) { | |
1591 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1592 } | |
1593 | |
1594 if (ctx->in) { | |
1595 ngx_post_event(u->peer.connection->write, &ngx_posted_events); | |
1596 } | |
1597 | |
1598 continue; | |
1599 } | |
1600 | |
1601 if (ctx->type == NGX_HTTP_V2_PING_FRAME) { | |
1602 | |
1603 rc = ngx_http_grpc_parse_ping(r, ctx, b); | |
1604 | |
1605 if (rc == NGX_AGAIN) { | |
1606 return NGX_AGAIN; | |
1607 } | |
1608 | |
1609 if (rc == NGX_ERROR) { | |
1610 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1611 } | |
1612 | |
1613 ngx_post_event(u->peer.connection->write, &ngx_posted_events); | |
1614 continue; | |
1615 } | |
1616 | |
1617 if (ctx->type == NGX_HTTP_V2_PUSH_PROMISE_FRAME) { | |
1618 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1619 "upstream sent unexpected push promise frame"); | |
1620 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1621 } | |
1622 | |
1623 if (ctx->type != NGX_HTTP_V2_HEADERS_FRAME | |
1624 && ctx->type != NGX_HTTP_V2_CONTINUATION_FRAME) | |
1625 { | |
1626 /* priority, unknown frames */ | |
1627 | |
1628 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
1629 ctx->rest -= b->last - b->pos; | |
1630 b->pos = b->last; | |
1631 return NGX_AGAIN; | |
1632 } | |
1633 | |
1634 b->pos += ctx->rest; | |
1635 ctx->rest = 0; | |
1636 ctx->state = ngx_http_grpc_st_start; | |
1637 | |
1638 continue; | |
1639 } | |
1640 | |
1641 /* headers */ | |
1642 | |
1643 for ( ;; ) { | |
1644 | |
1645 rc = ngx_http_grpc_parse_header(r, ctx, b); | |
1646 | |
1647 if (rc == NGX_AGAIN) { | |
1648 break; | |
1649 } | |
1650 | |
1651 if (rc == NGX_OK) { | |
1652 | |
1653 /* a header line has been parsed successfully */ | |
1654 | |
1655 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1656 "grpc header: \"%V: %V\"", | |
1657 &ctx->name, &ctx->value); | |
1658 | |
1659 if (ctx->name.len && ctx->name.data[0] == ':') { | |
1660 | |
1661 if (ctx->name.len != sizeof(":status") - 1 | |
1662 || ngx_strncmp(ctx->name.data, ":status", | |
1663 sizeof(":status") - 1) | |
1664 != 0) | |
1665 { | |
1666 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1667 "upstream sent invalid header \"%V: %V\"", | |
1668 &ctx->name, &ctx->value); | |
1669 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1670 } | |
1671 | |
1672 if (ctx->status) { | |
1673 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1674 "upstream sent duplicate :status header"); | |
1675 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1676 } | |
1677 | |
1678 status_line = &ctx->value; | |
1679 | |
1680 if (status_line->len != 3) { | |
1681 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1682 "upstream sent invalid :status \"%V\"", | |
1683 status_line); | |
1684 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1685 } | |
1686 | |
1687 status = ngx_atoi(status_line->data, 3); | |
1688 | |
1689 if (status == NGX_ERROR) { | |
1690 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1691 "upstream sent invalid :status \"%V\"", | |
1692 status_line); | |
1693 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1694 } | |
1695 | |
1696 if (status < NGX_HTTP_OK) { | |
1697 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1698 "upstream sent unexpected :status \"%V\"", | |
1699 status_line); | |
1700 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1701 } | |
1702 | |
1703 u->headers_in.status_n = status; | |
1704 | |
1705 if (u->state && u->state->status == 0) { | |
1706 u->state->status = status; | |
1707 } | |
1708 | |
1709 ctx->status = 1; | |
1710 | |
1711 continue; | |
1712 | |
1713 } else if (!ctx->status) { | |
1714 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1715 "upstream sent no :status header"); | |
1716 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1717 } | |
1718 | |
1719 h = ngx_list_push(&u->headers_in.headers); | |
1720 if (h == NULL) { | |
1721 return NGX_ERROR; | |
1722 } | |
1723 | |
1724 h->key = ctx->name; | |
1725 h->value = ctx->value; | |
1726 h->lowcase_key = h->key.data; | |
1727 h->hash = ngx_hash_key(h->key.data, h->key.len); | |
1728 | |
1729 hh = ngx_hash_find(&umcf->headers_in_hash, h->hash, | |
1730 h->lowcase_key, h->key.len); | |
1731 | |
1732 if (hh && hh->handler(r, h, hh->offset) != NGX_OK) { | |
1733 return NGX_ERROR; | |
1734 } | |
1735 | |
1736 continue; | |
1737 } | |
1738 | |
1739 if (rc == NGX_HTTP_PARSE_HEADER_DONE) { | |
1740 | |
1741 /* a whole header has been parsed successfully */ | |
1742 | |
1743 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1744 "grpc header done"); | |
1745 | |
1746 if (ctx->end_stream | |
1747 && ctx->in == NULL | |
1748 && ctx->out == NULL | |
1749 && ctx->output_closed | |
1750 && b->last == b->pos) | |
1751 { | |
1752 u->keepalive = 1; | |
1753 } | |
1754 | |
1755 return NGX_OK; | |
1756 } | |
1757 | |
1758 /* there was error while a header line parsing */ | |
1759 | |
1760 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1761 "upstream sent invalid header"); | |
1762 | |
1763 return NGX_HTTP_UPSTREAM_INVALID_HEADER; | |
1764 } | |
1765 | |
1766 /* rc == NGX_AGAIN */ | |
1767 | |
1768 if (ctx->rest == 0) { | |
1769 ctx->state = ngx_http_grpc_st_start; | |
1770 continue; | |
1771 } | |
1772 | |
1773 return NGX_AGAIN; | |
1774 } | |
1775 } | |
1776 | |
1777 | |
1778 static ngx_int_t | |
1779 ngx_http_grpc_filter_init(void *data) | |
1780 { | |
1781 ngx_http_grpc_ctx_t *ctx = data; | |
1782 | |
1783 ngx_http_request_t *r; | |
1784 ngx_http_upstream_t *u; | |
1785 | |
1786 r = ctx->request; | |
1787 u = r->upstream; | |
1788 | |
1789 u->length = 1; | |
1790 | |
1791 if (ctx->end_stream) { | |
1792 u->length = 0; | |
1793 } | |
1794 | |
1795 return NGX_OK; | |
1796 } | |
1797 | |
1798 | |
1799 static ngx_int_t | |
1800 ngx_http_grpc_filter(void *data, ssize_t bytes) | |
1801 { | |
1802 ngx_http_grpc_ctx_t *ctx = data; | |
1803 | |
1804 ngx_int_t rc; | |
1805 ngx_buf_t *b, *buf; | |
1806 ngx_chain_t *cl, **ll; | |
1807 ngx_table_elt_t *h; | |
1808 ngx_http_request_t *r; | |
1809 ngx_http_upstream_t *u; | |
1810 | |
1811 r = ctx->request; | |
1812 u = r->upstream; | |
1813 b = &u->buffer; | |
1814 | |
1815 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
1816 "grpc filter bytes:%z", bytes); | |
1817 | |
1818 b->pos = b->last; | |
1819 b->last += bytes; | |
1820 | |
1821 for (cl = u->out_bufs, ll = &u->out_bufs; cl; cl = cl->next) { | |
1822 ll = &cl->next; | |
1823 } | |
1824 | |
1825 for ( ;; ) { | |
1826 | |
1827 if (ctx->state < ngx_http_grpc_st_payload) { | |
1828 | |
1829 rc = ngx_http_grpc_parse_frame(r, ctx, b); | |
1830 | |
1831 if (rc == NGX_AGAIN) { | |
1832 return NGX_AGAIN; | |
1833 } | |
1834 | |
1835 if (rc == NGX_ERROR) { | |
1836 return NGX_ERROR; | |
1837 } | |
1838 | |
1839 if ((ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME | |
1840 && !ctx->parsing_headers) | |
1841 || (ctx->type != NGX_HTTP_V2_CONTINUATION_FRAME | |
1842 && ctx->parsing_headers)) | |
1843 { | |
1844 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1845 "upstream sent unexpected http2 frame: %d", | |
1846 ctx->type); | |
1847 return NGX_ERROR; | |
1848 } | |
1849 | |
1850 if (ctx->type == NGX_HTTP_V2_DATA_FRAME) { | |
1851 | |
1852 if (ctx->stream_id != ctx->id) { | |
1853 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1854 "upstream sent data frame " | |
1855 "for unknown stream %ui", | |
1856 ctx->stream_id); | |
1857 return NGX_ERROR; | |
1858 } | |
1859 | |
1860 if (ctx->rest > ctx->recv_window) { | |
1861 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1862 "upstream violated stream flow control, " | |
1863 "received %uz data frame with window %uz", | |
1864 ctx->rest, ctx->recv_window); | |
1865 return NGX_ERROR; | |
1866 } | |
1867 | |
1868 if (ctx->rest > ctx->connection->recv_window) { | |
1869 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1870 "upstream violated connection flow control, " | |
1871 "received %uz data frame with window %uz", | |
1872 ctx->rest, ctx->connection->recv_window); | |
1873 return NGX_ERROR; | |
1874 } | |
1875 | |
1876 ctx->recv_window -= ctx->rest; | |
1877 ctx->connection->recv_window -= ctx->rest; | |
1878 | |
1879 if (ctx->connection->recv_window < NGX_HTTP_V2_MAX_WINDOW / 4 | |
1880 || ctx->recv_window < NGX_HTTP_V2_MAX_WINDOW / 4) | |
1881 { | |
1882 if (ngx_http_grpc_send_window_update(r, ctx) != NGX_OK) { | |
1883 return NGX_ERROR; | |
1884 } | |
1885 | |
1886 ngx_post_event(u->peer.connection->write, | |
1887 &ngx_posted_events); | |
1888 } | |
1889 } | |
1890 | |
1891 if (ctx->stream_id && ctx->stream_id != ctx->id) { | |
1892 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1893 "upstream sent frame for unknown stream %ui", | |
1894 ctx->stream_id); | |
1895 return NGX_ERROR; | |
1896 } | |
1897 | |
1898 ctx->padding = 0; | |
1899 } | |
1900 | |
1901 if (ctx->state == ngx_http_grpc_st_padding) { | |
1902 | |
1903 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
1904 ctx->rest -= b->last - b->pos; | |
1905 b->pos = b->last; | |
1906 return NGX_AGAIN; | |
1907 } | |
1908 | |
1909 b->pos += ctx->rest; | |
1910 ctx->rest = 0; | |
1911 ctx->state = ngx_http_grpc_st_start; | |
1912 | |
1913 if (ctx->flags & NGX_HTTP_V2_END_STREAM_FLAG) { | |
1914 u->length = 0; | |
1915 | |
1916 if (ctx->in == NULL | |
1917 && ctx->out == NULL | |
1918 && ctx->output_closed | |
1919 && b->last == b->pos) | |
1920 { | |
1921 u->keepalive = 1; | |
1922 } | |
1923 | |
1924 break; | |
1925 } | |
1926 | |
1927 continue; | |
1928 } | |
1929 | |
1930 /* frame payload */ | |
1931 | |
1932 if (ctx->type == NGX_HTTP_V2_RST_STREAM_FRAME) { | |
1933 | |
1934 rc = ngx_http_grpc_parse_rst_stream(r, ctx, b); | |
1935 | |
1936 if (rc == NGX_AGAIN) { | |
1937 return NGX_AGAIN; | |
1938 } | |
1939 | |
1940 if (rc == NGX_ERROR) { | |
1941 return NGX_ERROR; | |
1942 } | |
1943 | |
1944 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1945 "upstream rejected request with error %ui", | |
1946 ctx->error); | |
1947 | |
1948 return NGX_ERROR; | |
1949 } | |
1950 | |
1951 if (ctx->type == NGX_HTTP_V2_GOAWAY_FRAME) { | |
1952 | |
1953 rc = ngx_http_grpc_parse_goaway(r, ctx, b); | |
1954 | |
1955 if (rc == NGX_AGAIN) { | |
1956 return NGX_AGAIN; | |
1957 } | |
1958 | |
1959 if (rc == NGX_ERROR) { | |
1960 return NGX_ERROR; | |
1961 } | |
1962 | |
1963 /* | |
1964 * If stream_id is lower than one we use, our | |
1965 * request won't be processed and needs to be retried. | |
1966 * If stream_id is greater or equal to the one we use, | |
1967 * we can continue normally (except we can't use this | |
1968 * connection for additional requests). If there is | |
1969 * a real error, the connection will be closed. | |
1970 */ | |
1971 | |
1972 if (ctx->stream_id < ctx->id) { | |
1973 | |
1974 /* TODO: we can retry non-idempotent requests */ | |
1975 | |
1976 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
1977 "upstream sent goaway with error %ui", | |
1978 ctx->error); | |
1979 | |
1980 return NGX_ERROR; | |
1981 } | |
1982 | |
1983 continue; | |
1984 } | |
1985 | |
1986 if (ctx->type == NGX_HTTP_V2_WINDOW_UPDATE_FRAME) { | |
1987 | |
1988 rc = ngx_http_grpc_parse_window_update(r, ctx, b); | |
1989 | |
1990 if (rc == NGX_AGAIN) { | |
1991 return NGX_AGAIN; | |
1992 } | |
1993 | |
1994 if (rc == NGX_ERROR) { | |
1995 return NGX_ERROR; | |
1996 } | |
1997 | |
1998 if (ctx->in) { | |
1999 ngx_post_event(u->peer.connection->write, &ngx_posted_events); | |
2000 } | |
2001 | |
2002 continue; | |
2003 } | |
2004 | |
2005 if (ctx->type == NGX_HTTP_V2_SETTINGS_FRAME) { | |
2006 | |
2007 rc = ngx_http_grpc_parse_settings(r, ctx, b); | |
2008 | |
2009 if (rc == NGX_AGAIN) { | |
2010 return NGX_AGAIN; | |
2011 } | |
2012 | |
2013 if (rc == NGX_ERROR) { | |
2014 return NGX_ERROR; | |
2015 } | |
2016 | |
2017 if (ctx->in) { | |
2018 ngx_post_event(u->peer.connection->write, &ngx_posted_events); | |
2019 } | |
2020 | |
2021 continue; | |
2022 } | |
2023 | |
2024 if (ctx->type == NGX_HTTP_V2_PING_FRAME) { | |
2025 | |
2026 rc = ngx_http_grpc_parse_ping(r, ctx, b); | |
2027 | |
2028 if (rc == NGX_AGAIN) { | |
2029 return NGX_AGAIN; | |
2030 } | |
2031 | |
2032 if (rc == NGX_ERROR) { | |
2033 return NGX_ERROR; | |
2034 } | |
2035 | |
2036 ngx_post_event(u->peer.connection->write, &ngx_posted_events); | |
2037 continue; | |
2038 } | |
2039 | |
2040 if (ctx->type == NGX_HTTP_V2_PUSH_PROMISE_FRAME) { | |
2041 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2042 "upstream sent unexpected push promise frame"); | |
2043 return NGX_ERROR; | |
2044 } | |
2045 | |
2046 if (ctx->type == NGX_HTTP_V2_HEADERS_FRAME | |
2047 || ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME) | |
2048 { | |
2049 for ( ;; ) { | |
2050 | |
2051 rc = ngx_http_grpc_parse_header(r, ctx, b); | |
2052 | |
2053 if (rc == NGX_AGAIN) { | |
2054 break; | |
2055 } | |
2056 | |
2057 if (rc == NGX_OK) { | |
2058 | |
2059 /* a header line has been parsed successfully */ | |
2060 | |
2061 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2062 "grpc trailer: \"%V: %V\"", | |
2063 &ctx->name, &ctx->value); | |
2064 | |
2065 if (ctx->name.len && ctx->name.data[0] == ':') { | |
2066 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2067 "upstream sent invalid " | |
2068 "trailer \"%V: %V\"", | |
2069 &ctx->name, &ctx->value); | |
2070 return NGX_ERROR; | |
2071 } | |
2072 | |
2073 h = ngx_list_push(&u->headers_in.trailers); | |
2074 if (h == NULL) { | |
2075 return NGX_ERROR; | |
2076 } | |
2077 | |
2078 h->key = ctx->name; | |
2079 h->value = ctx->value; | |
2080 h->lowcase_key = h->key.data; | |
2081 h->hash = ngx_hash_key(h->key.data, h->key.len); | |
2082 | |
2083 continue; | |
2084 } | |
2085 | |
2086 if (rc == NGX_HTTP_PARSE_HEADER_DONE) { | |
2087 | |
2088 /* a whole header has been parsed successfully */ | |
2089 | |
2090 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2091 "grpc trailer done"); | |
2092 | |
2093 if (ctx->end_stream) { | |
2094 u->length = 0; | |
2095 | |
2096 if (ctx->in == NULL | |
2097 && ctx->out == NULL | |
2098 && ctx->output_closed | |
2099 && b->last == b->pos) | |
2100 { | |
2101 u->keepalive = 1; | |
2102 } | |
2103 | |
2104 return NGX_OK; | |
2105 } | |
2106 | |
2107 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2108 "upstream sent trailer without " | |
2109 "end stream flag"); | |
2110 return NGX_ERROR; | |
2111 } | |
2112 | |
2113 /* there was error while a header line parsing */ | |
2114 | |
2115 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2116 "upstream sent invalid trailer"); | |
2117 | |
2118 return NGX_ERROR; | |
2119 } | |
2120 | |
2121 /* rc == NGX_AGAIN */ | |
2122 | |
2123 if (ctx->rest == 0) { | |
2124 ctx->state = ngx_http_grpc_st_start; | |
2125 continue; | |
2126 } | |
2127 | |
2128 return NGX_AGAIN; | |
2129 } | |
2130 | |
2131 if (ctx->type != NGX_HTTP_V2_DATA_FRAME) { | |
2132 | |
2133 /* priority, unknown frames */ | |
2134 | |
2135 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
2136 ctx->rest -= b->last - b->pos; | |
2137 b->pos = b->last; | |
2138 return NGX_AGAIN; | |
2139 } | |
2140 | |
2141 b->pos += ctx->rest; | |
2142 ctx->rest = 0; | |
2143 ctx->state = ngx_http_grpc_st_start; | |
2144 | |
2145 continue; | |
2146 } | |
2147 | |
2148 /* | |
2149 * data frame: | |
2150 * | |
2151 * +---------------+ | |
2152 * |Pad Length? (8)| | |
2153 * +---------------+-----------------------------------------------+ | |
2154 * | Data (*) ... | |
2155 * +---------------------------------------------------------------+ | |
2156 * | Padding (*) ... | |
2157 * +---------------------------------------------------------------+ | |
2158 */ | |
2159 | |
2160 if (ctx->flags & NGX_HTTP_V2_PADDED_FLAG) { | |
2161 | |
2162 if (ctx->rest == 0) { | |
2163 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2164 "upstream sent too short http2 frame"); | |
2165 return NGX_ERROR; | |
2166 } | |
2167 | |
2168 if (b->pos == b->last) { | |
2169 return NGX_AGAIN; | |
2170 } | |
2171 | |
2172 ctx->flags &= ~NGX_HTTP_V2_PADDED_FLAG; | |
2173 ctx->padding = *b->pos++; | |
2174 ctx->rest -= 1; | |
2175 | |
2176 if (ctx->padding > ctx->rest) { | |
2177 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2178 "upstream sent http2 frame with too long " | |
2179 "padding: %d in frame %uz", | |
2180 ctx->padding, ctx->rest); | |
2181 return NGX_ERROR; | |
2182 } | |
2183 | |
2184 continue; | |
2185 } | |
2186 | |
2187 if (ctx->rest == ctx->padding) { | |
2188 goto done; | |
2189 } | |
2190 | |
2191 if (b->pos == b->last) { | |
2192 return NGX_AGAIN; | |
2193 } | |
2194 | |
2195 cl = ngx_chain_get_free_buf(r->pool, &u->free_bufs); | |
2196 if (cl == NULL) { | |
2197 return NGX_ERROR; | |
2198 } | |
2199 | |
2200 *ll = cl; | |
2201 ll = &cl->next; | |
2202 | |
2203 buf = cl->buf; | |
2204 | |
2205 buf->flush = 1; | |
2206 buf->memory = 1; | |
2207 | |
2208 buf->pos = b->pos; | |
2209 buf->tag = u->output.tag; | |
2210 | |
2211 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2212 "grpc output buf %p", buf->pos); | |
2213 | |
2214 if (b->last - b->pos < (ssize_t) ctx->rest - ctx->padding) { | |
2215 | |
2216 ctx->rest -= b->last - b->pos; | |
2217 b->pos = b->last; | |
2218 buf->last = b->pos; | |
2219 | |
2220 return NGX_AGAIN; | |
2221 } | |
2222 | |
2223 b->pos += ctx->rest - ctx->padding; | |
2224 buf->last = b->pos; | |
2225 ctx->rest = ctx->padding; | |
2226 | |
2227 done: | |
2228 | |
2229 if (ctx->padding) { | |
2230 ctx->state = ngx_http_grpc_st_padding; | |
2231 continue; | |
2232 } | |
2233 | |
2234 ctx->state = ngx_http_grpc_st_start; | |
2235 | |
2236 if (ctx->flags & NGX_HTTP_V2_END_STREAM_FLAG) { | |
2237 u->length = 0; | |
2238 | |
2239 if (ctx->in == NULL | |
2240 && ctx->out == NULL | |
2241 && ctx->output_closed | |
2242 && b->last == b->pos) | |
2243 { | |
2244 u->keepalive = 1; | |
2245 } | |
2246 | |
2247 break; | |
2248 } | |
2249 } | |
2250 | |
2251 return NGX_OK; | |
2252 } | |
2253 | |
2254 | |
2255 static ngx_int_t | |
2256 ngx_http_grpc_parse_frame(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx, | |
2257 ngx_buf_t *b) | |
2258 { | |
2259 u_char ch, *p; | |
2260 ngx_http_grpc_state_e state; | |
2261 | |
2262 state = ctx->state; | |
2263 | |
2264 for (p = b->pos; p < b->last; p++) { | |
2265 ch = *p; | |
2266 | |
2267 #if 0 | |
2268 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2269 "grpc frame byte: %02Xd, s:%d", ch, state); | |
2270 #endif | |
2271 | |
2272 switch (state) { | |
2273 | |
2274 case ngx_http_grpc_st_start: | |
2275 ctx->rest = ch << 16; | |
2276 state = ngx_http_grpc_st_length_2; | |
2277 break; | |
2278 | |
2279 case ngx_http_grpc_st_length_2: | |
2280 ctx->rest |= ch << 8; | |
2281 state = ngx_http_grpc_st_length_3; | |
2282 break; | |
2283 | |
2284 case ngx_http_grpc_st_length_3: | |
2285 ctx->rest |= ch; | |
2286 | |
2287 if (ctx->rest > NGX_HTTP_V2_DEFAULT_FRAME_SIZE) { | |
2288 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2289 "upstream sent too large http2 frame: %uz", | |
2290 ctx->rest); | |
2291 return NGX_ERROR; | |
2292 } | |
2293 | |
2294 state = ngx_http_grpc_st_type; | |
2295 break; | |
2296 | |
2297 case ngx_http_grpc_st_type: | |
2298 ctx->type = ch; | |
2299 state = ngx_http_grpc_st_flags; | |
2300 break; | |
2301 | |
2302 case ngx_http_grpc_st_flags: | |
2303 ctx->flags = ch; | |
2304 state = ngx_http_grpc_st_stream_id; | |
2305 break; | |
2306 | |
2307 case ngx_http_grpc_st_stream_id: | |
2308 ctx->stream_id = (ch & 0x7f) << 24; | |
2309 state = ngx_http_grpc_st_stream_id_2; | |
2310 break; | |
2311 | |
2312 case ngx_http_grpc_st_stream_id_2: | |
2313 ctx->stream_id |= ch << 16; | |
2314 state = ngx_http_grpc_st_stream_id_3; | |
2315 break; | |
2316 | |
2317 case ngx_http_grpc_st_stream_id_3: | |
2318 ctx->stream_id |= ch << 8; | |
2319 state = ngx_http_grpc_st_stream_id_4; | |
2320 break; | |
2321 | |
2322 case ngx_http_grpc_st_stream_id_4: | |
2323 ctx->stream_id |= ch; | |
2324 | |
2325 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2326 "grpc frame: %d, len: %uz, f:%d, i:%ui", | |
2327 ctx->type, ctx->rest, ctx->flags, ctx->stream_id); | |
2328 | |
2329 b->pos = p + 1; | |
2330 | |
2331 ctx->state = ngx_http_grpc_st_payload; | |
2332 ctx->frame_state = 0; | |
2333 | |
2334 return NGX_OK; | |
2335 | |
2336 /* suppress warning */ | |
2337 case ngx_http_grpc_st_payload: | |
2338 case ngx_http_grpc_st_padding: | |
2339 break; | |
2340 } | |
2341 } | |
2342 | |
2343 b->pos = p; | |
2344 ctx->state = state; | |
2345 | |
2346 return NGX_AGAIN; | |
2347 } | |
2348 | |
2349 | |
2350 static ngx_int_t | |
2351 ngx_http_grpc_parse_header(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx, | |
2352 ngx_buf_t *b) | |
2353 { | |
2354 u_char ch, *p, *last; | |
2355 size_t min; | |
2356 ngx_int_t rc; | |
2357 enum { | |
2358 sw_start = 0, | |
2359 sw_padding_length, | |
2360 sw_dependency, | |
2361 sw_dependency_2, | |
2362 sw_dependency_3, | |
2363 sw_dependency_4, | |
2364 sw_weight, | |
2365 sw_fragment, | |
2366 sw_padding | |
2367 } state; | |
2368 | |
2369 state = ctx->frame_state; | |
2370 | |
2371 if (state == sw_start) { | |
2372 | |
2373 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2374 "grpc parse header: start"); | |
2375 | |
2376 if (ctx->type == NGX_HTTP_V2_HEADERS_FRAME) { | |
2377 ctx->parsing_headers = 1; | |
2378 ctx->fragment_state = 0; | |
2379 | |
2380 min = (ctx->flags & NGX_HTTP_V2_PADDED_FLAG ? 1 : 0) | |
2381 + (ctx->flags & NGX_HTTP_V2_PRIORITY_FLAG ? 5 : 0); | |
2382 | |
2383 if (ctx->rest < min) { | |
2384 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2385 "upstream sent headers frame " | |
2386 "with invalid length: %uz", | |
2387 ctx->rest); | |
2388 return NGX_ERROR; | |
2389 } | |
2390 | |
2391 if (ctx->flags & NGX_HTTP_V2_END_STREAM_FLAG) { | |
2392 ctx->end_stream = 1; | |
2393 } | |
2394 | |
2395 if (ctx->flags & NGX_HTTP_V2_PADDED_FLAG) { | |
2396 state = sw_padding_length; | |
2397 | |
2398 } else if (ctx->flags & NGX_HTTP_V2_PRIORITY_FLAG) { | |
2399 state = sw_dependency; | |
2400 | |
2401 } else { | |
2402 state = sw_fragment; | |
2403 } | |
2404 | |
2405 } else if (ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME) { | |
2406 state = sw_fragment; | |
2407 } | |
2408 | |
2409 ctx->padding = 0; | |
2410 } | |
2411 | |
2412 if (state < sw_fragment) { | |
2413 | |
2414 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
2415 last = b->last; | |
2416 | |
2417 } else { | |
2418 last = b->pos + ctx->rest; | |
2419 } | |
2420 | |
2421 for (p = b->pos; p < last; p++) { | |
2422 ch = *p; | |
2423 | |
2424 #if 0 | |
2425 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2426 "grpc header byte: %02Xd s:%d", ch, state); | |
2427 #endif | |
2428 | |
2429 /* | |
2430 * headers frame: | |
2431 * | |
2432 * +---------------+ | |
2433 * |Pad Length? (8)| | |
2434 * +-+-------------+----------------------------------------------+ | |
2435 * |E| Stream Dependency? (31) | | |
2436 * +-+-------------+----------------------------------------------+ | |
2437 * | Weight? (8) | | |
2438 * +-+-------------+----------------------------------------------+ | |
2439 * | Header Block Fragment (*) ... | |
2440 * +--------------------------------------------------------------+ | |
2441 * | Padding (*) ... | |
2442 * +--------------------------------------------------------------+ | |
2443 */ | |
2444 | |
2445 switch (state) { | |
2446 | |
2447 case sw_padding_length: | |
2448 | |
2449 ctx->padding = ch; | |
2450 | |
2451 if (ctx->flags & NGX_HTTP_V2_PRIORITY_FLAG) { | |
2452 state = sw_dependency; | |
2453 break; | |
2454 } | |
2455 | |
2456 goto fragment; | |
2457 | |
2458 case sw_dependency: | |
2459 state = sw_dependency_2; | |
2460 break; | |
2461 | |
2462 case sw_dependency_2: | |
2463 state = sw_dependency_3; | |
2464 break; | |
2465 | |
2466 case sw_dependency_3: | |
2467 state = sw_dependency_4; | |
2468 break; | |
2469 | |
2470 case sw_dependency_4: | |
2471 state = sw_weight; | |
2472 break; | |
2473 | |
2474 case sw_weight: | |
2475 goto fragment; | |
2476 | |
2477 /* suppress warning */ | |
2478 case sw_start: | |
2479 case sw_fragment: | |
2480 case sw_padding: | |
2481 break; | |
2482 } | |
2483 } | |
2484 | |
2485 ctx->rest -= p - b->pos; | |
2486 b->pos = p; | |
2487 | |
2488 ctx->frame_state = state; | |
2489 return NGX_AGAIN; | |
2490 | |
2491 fragment: | |
2492 | |
2493 p++; | |
2494 ctx->rest -= p - b->pos; | |
2495 b->pos = p; | |
2496 | |
2497 if (ctx->padding > ctx->rest) { | |
2498 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2499 "upstream sent http2 frame with too long " | |
2500 "padding: %d in frame %uz", | |
2501 ctx->padding, ctx->rest); | |
2502 return NGX_ERROR; | |
2503 } | |
2504 | |
2505 state = sw_fragment; | |
2506 ctx->frame_state = state; | |
2507 } | |
2508 | |
2509 if (state == sw_fragment) { | |
2510 | |
2511 rc = ngx_http_grpc_parse_fragment(r, ctx, b); | |
2512 | |
2513 if (rc == NGX_AGAIN) { | |
2514 return NGX_AGAIN; | |
2515 } | |
2516 | |
2517 if (rc == NGX_ERROR) { | |
2518 return NGX_ERROR; | |
2519 } | |
2520 | |
2521 if (rc == NGX_OK) { | |
2522 return NGX_OK; | |
2523 } | |
2524 | |
2525 /* rc == NGX_DONE */ | |
2526 | |
2527 state = sw_padding; | |
2528 ctx->frame_state = state; | |
2529 } | |
2530 | |
2531 if (state == sw_padding) { | |
2532 | |
2533 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
2534 | |
2535 ctx->rest -= b->last - b->pos; | |
2536 b->pos = b->last; | |
2537 | |
2538 return NGX_AGAIN; | |
2539 } | |
2540 | |
2541 b->pos += ctx->rest; | |
2542 ctx->rest = 0; | |
2543 | |
2544 ctx->state = ngx_http_grpc_st_start; | |
2545 | |
2546 if (ctx->flags & NGX_HTTP_V2_END_HEADERS_FLAG) { | |
2547 | |
2548 if (ctx->fragment_state) { | |
2549 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2550 "upstream sent truncated http2 header"); | |
2551 return NGX_ERROR; | |
2552 } | |
2553 | |
2554 ctx->parsing_headers = 0; | |
2555 | |
2556 return NGX_HTTP_PARSE_HEADER_DONE; | |
2557 } | |
2558 | |
2559 return NGX_AGAIN; | |
2560 } | |
2561 | |
2562 /* unreachable */ | |
2563 | |
2564 return NGX_ERROR; | |
2565 } | |
2566 | |
2567 | |
2568 static ngx_int_t | |
2569 ngx_http_grpc_parse_fragment(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx, | |
2570 ngx_buf_t *b) | |
2571 { | |
2572 u_char ch, *p, *last; | |
2573 size_t size; | |
2574 ngx_uint_t index, size_update; | |
2575 enum { | |
2576 sw_start = 0, | |
2577 sw_index, | |
2578 sw_name_length, | |
2579 sw_name_length_2, | |
2580 sw_name_length_3, | |
2581 sw_name_length_4, | |
2582 sw_name, | |
2583 sw_name_bytes, | |
2584 sw_value_length, | |
2585 sw_value_length_2, | |
2586 sw_value_length_3, | |
2587 sw_value_length_4, | |
2588 sw_value, | |
2589 sw_value_bytes | |
2590 } state; | |
2591 | |
2592 /* header block fragment */ | |
2593 | |
2594 #if 0 | |
2595 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2596 "grpc header fragment %p:%p rest:%uz", | |
2597 b->pos, b->last, ctx->rest); | |
2598 #endif | |
2599 | |
2600 if (b->last - b->pos < (ssize_t) ctx->rest - ctx->padding) { | |
2601 last = b->last; | |
2602 | |
2603 } else { | |
2604 last = b->pos + ctx->rest - ctx->padding; | |
2605 } | |
2606 | |
2607 state = ctx->fragment_state; | |
2608 | |
2609 for (p = b->pos; p < last; p++) { | |
2610 ch = *p; | |
2611 | |
2612 #if 0 | |
2613 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2614 "grpc header byte: %02Xd s:%d", ch, state); | |
2615 #endif | |
2616 | |
2617 switch (state) { | |
2618 | |
2619 case sw_start: | |
2620 ctx->index = 0; | |
2621 | |
2622 if ((ch & 0x80) == 0x80) { | |
2623 /* | |
2624 * indexed header: | |
2625 * | |
2626 * 0 1 2 3 4 5 6 7 | |
2627 * +---+---+---+---+---+---+---+---+ | |
2628 * | 1 | Index (7+) | | |
2629 * +---+---------------------------+ | |
2630 */ | |
2631 | |
2632 index = ch & ~0x80; | |
2633 | |
2634 if (index == 0 || index > 61) { | |
2635 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2636 "upstream sent invalid http2 " | |
2637 "table index: %ui", index); | |
2638 return NGX_ERROR; | |
2639 } | |
2640 | |
2641 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2642 "grpc indexed header: %ui", index); | |
2643 | |
2644 ctx->index = index; | |
2645 ctx->literal = 0; | |
2646 | |
2647 goto done; | |
2648 | |
2649 } else if ((ch & 0xc0) == 0x40) { | |
2650 /* | |
2651 * literal header with incremental indexing: | |
2652 * | |
2653 * 0 1 2 3 4 5 6 7 | |
2654 * +---+---+---+---+---+---+---+---+ | |
2655 * | 0 | 1 | Index (6+) | | |
2656 * +---+---+-----------------------+ | |
2657 * | H | Value Length (7+) | | |
2658 * +---+---------------------------+ | |
2659 * | Value String (Length octets) | | |
2660 * +-------------------------------+ | |
2661 * | |
2662 * 0 1 2 3 4 5 6 7 | |
2663 * +---+---+---+---+---+---+---+---+ | |
2664 * | 0 | 1 | 0 | | |
2665 * +---+---+-----------------------+ | |
2666 * | H | Name Length (7+) | | |
2667 * +---+---------------------------+ | |
2668 * | Name String (Length octets) | | |
2669 * +---+---------------------------+ | |
2670 * | H | Value Length (7+) | | |
2671 * +---+---------------------------+ | |
2672 * | Value String (Length octets) | | |
2673 * +-------------------------------+ | |
2674 */ | |
2675 | |
2676 index = ch & ~0xc0; | |
2677 | |
2678 if (index > 61) { | |
2679 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2680 "upstream sent invalid http2 " | |
2681 "table index: %ui", index); | |
2682 return NGX_ERROR; | |
2683 } | |
2684 | |
2685 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2686 "grpc literal header: %ui", index); | |
2687 | |
2688 if (index == 0) { | |
2689 state = sw_name_length; | |
2690 break; | |
2691 } | |
2692 | |
2693 ctx->index = index; | |
2694 ctx->literal = 1; | |
2695 | |
2696 state = sw_value_length; | |
2697 break; | |
2698 | |
2699 } else if ((ch & 0xe0) == 0x20) { | |
2700 /* | |
2701 * dynamic table size update: | |
2702 * | |
2703 * 0 1 2 3 4 5 6 7 | |
2704 * +---+---+---+---+---+---+---+---+ | |
2705 * | 0 | 0 | 1 | Max size (5+) | | |
2706 * +---+---------------------------+ | |
2707 */ | |
2708 | |
2709 size_update = ch & ~0xe0; | |
2710 | |
2711 if (size_update > 0) { | |
2712 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2713 "upstream sent invalid http2 " | |
2714 "dynamic table size update: %ui", | |
2715 size_update); | |
2716 return NGX_ERROR; | |
2717 } | |
2718 | |
2719 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2720 "grpc table size update: %ui", size_update); | |
2721 | |
2722 break; | |
2723 | |
2724 } else if ((ch & 0xf0) == 0x10) { | |
2725 /* | |
2726 * literal header field never indexed: | |
2727 * | |
2728 * 0 1 2 3 4 5 6 7 | |
2729 * +---+---+---+---+---+---+---+---+ | |
2730 * | 0 | 0 | 0 | 1 | Index (4+) | | |
2731 * +---+---+-----------------------+ | |
2732 * | H | Value Length (7+) | | |
2733 * +---+---------------------------+ | |
2734 * | Value String (Length octets) | | |
2735 * +-------------------------------+ | |
2736 * | |
2737 * 0 1 2 3 4 5 6 7 | |
2738 * +---+---+---+---+---+---+---+---+ | |
2739 * | 0 | 0 | 0 | 1 | 0 | | |
2740 * +---+---+-----------------------+ | |
2741 * | H | Name Length (7+) | | |
2742 * +---+---------------------------+ | |
2743 * | Name String (Length octets) | | |
2744 * +---+---------------------------+ | |
2745 * | H | Value Length (7+) | | |
2746 * +---+---------------------------+ | |
2747 * | Value String (Length octets) | | |
2748 * +-------------------------------+ | |
2749 */ | |
2750 | |
2751 index = ch & ~0xf0; | |
2752 | |
2753 if (index == 0x0f) { | |
2754 ctx->index = index; | |
2755 ctx->literal = 1; | |
2756 state = sw_index; | |
2757 break; | |
2758 } | |
2759 | |
2760 if (index == 0) { | |
2761 state = sw_name_length; | |
2762 break; | |
2763 } | |
2764 | |
2765 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2766 "grpc literal header never indexed: %ui", | |
2767 index); | |
2768 | |
2769 ctx->index = index; | |
2770 ctx->literal = 1; | |
2771 | |
2772 state = sw_value_length; | |
2773 break; | |
2774 | |
2775 } else if ((ch & 0xf0) == 0x00) { | |
2776 /* | |
2777 * literal header field without indexing: | |
2778 * | |
2779 * 0 1 2 3 4 5 6 7 | |
2780 * +---+---+---+---+---+---+---+---+ | |
2781 * | 0 | 0 | 0 | 0 | Index (4+) | | |
2782 * +---+---+-----------------------+ | |
2783 * | H | Value Length (7+) | | |
2784 * +---+---------------------------+ | |
2785 * | Value String (Length octets) | | |
2786 * +-------------------------------+ | |
2787 * | |
2788 * 0 1 2 3 4 5 6 7 | |
2789 * +---+---+---+---+---+---+---+---+ | |
2790 * | 0 | 0 | 0 | 0 | 0 | | |
2791 * +---+---+-----------------------+ | |
2792 * | H | Name Length (7+) | | |
2793 * +---+---------------------------+ | |
2794 * | Name String (Length octets) | | |
2795 * +---+---------------------------+ | |
2796 * | H | Value Length (7+) | | |
2797 * +---+---------------------------+ | |
2798 * | Value String (Length octets) | | |
2799 * +-------------------------------+ | |
2800 */ | |
2801 | |
2802 index = ch & ~0xf0; | |
2803 | |
2804 if (index == 0x0f) { | |
2805 ctx->index = index; | |
2806 ctx->literal = 1; | |
2807 state = sw_index; | |
2808 break; | |
2809 } | |
2810 | |
2811 if (index == 0) { | |
2812 state = sw_name_length; | |
2813 break; | |
2814 } | |
2815 | |
2816 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2817 "grpc literal header without indexing: %ui", | |
2818 index); | |
2819 | |
2820 ctx->index = index; | |
2821 ctx->literal = 1; | |
2822 | |
2823 state = sw_value_length; | |
2824 break; | |
2825 } | |
2826 | |
2827 /* not reached */ | |
2828 | |
2829 return NGX_ERROR; | |
2830 | |
2831 case sw_index: | |
2832 ctx->index = ctx->index + (ch & ~0x80); | |
2833 | |
2834 if (ch & 0x80) { | |
2835 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2836 "upstream sent http2 table index " | |
2837 "with continuation flag"); | |
2838 return NGX_ERROR; | |
2839 } | |
2840 | |
2841 if (ctx->index > 61) { | |
2842 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2843 "upstream sent invalid http2 " | |
2844 "table index: %ui", ctx->index); | |
2845 return NGX_ERROR; | |
2846 } | |
2847 | |
2848 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2849 "grpc header index: %ui", ctx->index); | |
2850 | |
2851 state = sw_value_length; | |
2852 break; | |
2853 | |
2854 case sw_name_length: | |
2855 ctx->field_huffman = ch & 0x80 ? 1 : 0; | |
2856 ctx->field_length = ch & ~0x80; | |
2857 | |
2858 if (ctx->field_length == 0x7f) { | |
2859 state = sw_name_length_2; | |
2860 break; | |
2861 } | |
2862 | |
2863 if (ctx->field_length == 0) { | |
2864 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2865 "upstream sent zero http2 " | |
2866 "header name length"); | |
2867 return NGX_ERROR; | |
2868 } | |
2869 | |
2870 state = sw_name; | |
2871 break; | |
2872 | |
2873 case sw_name_length_2: | |
2874 ctx->field_length += ch & ~0x80; | |
2875 | |
2876 if (ch & 0x80) { | |
2877 state = sw_name_length_3; | |
2878 break; | |
2879 } | |
2880 | |
2881 state = sw_name; | |
2882 break; | |
2883 | |
2884 case sw_name_length_3: | |
2885 ctx->field_length += (ch & ~0x80) << 7; | |
2886 | |
2887 if (ch & 0x80) { | |
2888 state = sw_name_length_4; | |
2889 break; | |
2890 } | |
2891 | |
2892 state = sw_name; | |
2893 break; | |
2894 | |
2895 case sw_name_length_4: | |
2896 ctx->field_length += (ch & ~0x80) << 14; | |
2897 | |
2898 if (ch & 0x80) { | |
2899 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2900 "upstream sent too large http2 " | |
2901 "header name length"); | |
2902 return NGX_ERROR; | |
2903 } | |
2904 | |
2905 state = sw_name; | |
2906 break; | |
2907 | |
2908 case sw_name: | |
2909 ctx->name.len = ctx->field_huffman ? | |
2910 ctx->field_length * 8 / 5 : ctx->field_length; | |
2911 | |
2912 ctx->name.data = ngx_pnalloc(r->pool, ctx->name.len + 1); | |
2913 if (ctx->name.data == NULL) { | |
2914 return NGX_ERROR; | |
2915 } | |
2916 | |
2917 ctx->field_end = ctx->name.data; | |
2918 ctx->field_rest = ctx->field_length; | |
2919 ctx->field_state = 0; | |
2920 | |
2921 state = sw_name_bytes; | |
2922 | |
2923 /* fall through */ | |
2924 | |
2925 case sw_name_bytes: | |
2926 | |
2927 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
2928 "grpc name: len:%uz h:%d last:%uz, rest:%uz", | |
2929 ctx->field_length, | |
2930 ctx->field_huffman, | |
2931 last - p, | |
2932 ctx->rest - (p - b->pos)); | |
2933 | |
2934 size = ngx_min(last - p, (ssize_t) ctx->field_rest); | |
2935 ctx->field_rest -= size; | |
2936 | |
2937 if (ctx->field_huffman) { | |
2938 if (ngx_http_v2_huff_decode(&ctx->field_state, p, size, | |
2939 &ctx->field_end, | |
2940 ctx->field_rest == 0, | |
2941 r->connection->log) | |
2942 != NGX_OK) | |
2943 { | |
2944 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
2945 "upstream sent invalid encoded header"); | |
2946 return NGX_ERROR; | |
2947 } | |
2948 | |
2949 ctx->name.len = ctx->field_end - ctx->name.data; | |
2950 ctx->name.data[ctx->name.len] = '\0'; | |
2951 | |
2952 } else { | |
2953 ngx_memcpy(ctx->field_end, p, size); | |
2954 ctx->name.data[ctx->name.len] = '\0'; | |
2955 } | |
2956 | |
2957 p += size - 1; | |
2958 | |
2959 if (ctx->field_rest == 0) { | |
2960 state = sw_value_length; | |
2961 } | |
2962 | |
2963 break; | |
2964 | |
2965 case sw_value_length: | |
2966 ctx->field_huffman = ch & 0x80 ? 1 : 0; | |
2967 ctx->field_length = ch & ~0x80; | |
2968 | |
2969 if (ctx->field_length == 0x7f) { | |
2970 state = sw_value_length_2; | |
2971 break; | |
2972 } | |
2973 | |
2974 if (ctx->field_length == 0) { | |
2975 ngx_str_set(&ctx->value, ""); | |
2976 goto done; | |
2977 } | |
2978 | |
2979 state = sw_value; | |
2980 break; | |
2981 | |
2982 case sw_value_length_2: | |
2983 ctx->field_length += ch & ~0x80; | |
2984 | |
2985 if (ch & 0x80) { | |
2986 state = sw_value_length_3; | |
2987 break; | |
2988 } | |
2989 | |
2990 state = sw_value; | |
2991 break; | |
2992 | |
2993 case sw_value_length_3: | |
2994 ctx->field_length += (ch & ~0x80) << 7; | |
2995 | |
2996 if (ch & 0x80) { | |
2997 state = sw_value_length_4; | |
2998 break; | |
2999 } | |
3000 | |
3001 state = sw_value; | |
3002 break; | |
3003 | |
3004 case sw_value_length_4: | |
3005 ctx->field_length += (ch & ~0x80) << 14; | |
3006 | |
3007 if (ch & 0x80) { | |
3008 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3009 "upstream sent too large http2 " | |
3010 "header value length"); | |
3011 return NGX_ERROR; | |
3012 } | |
3013 | |
3014 state = sw_value; | |
3015 break; | |
3016 | |
3017 case sw_value: | |
3018 ctx->value.len = ctx->field_huffman ? | |
3019 ctx->field_length * 8 / 5 : ctx->field_length; | |
3020 | |
3021 ctx->value.data = ngx_pnalloc(r->pool, ctx->value.len + 1); | |
3022 if (ctx->value.data == NULL) { | |
3023 return NGX_ERROR; | |
3024 } | |
3025 | |
3026 ctx->field_end = ctx->value.data; | |
3027 ctx->field_rest = ctx->field_length; | |
3028 ctx->field_state = 0; | |
3029 | |
3030 state = sw_value_bytes; | |
3031 | |
3032 /* fall through */ | |
3033 | |
3034 case sw_value_bytes: | |
3035 | |
3036 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3037 "grpc value: len:%uz h:%d last:%uz, rest:%uz", | |
3038 ctx->field_length, | |
3039 ctx->field_huffman, | |
3040 last - p, | |
3041 ctx->rest - (p - b->pos)); | |
3042 | |
3043 size = ngx_min(last - p, (ssize_t) ctx->field_rest); | |
3044 ctx->field_rest -= size; | |
3045 | |
3046 if (ctx->field_huffman) { | |
3047 if (ngx_http_v2_huff_decode(&ctx->field_state, p, size, | |
3048 &ctx->field_end, | |
3049 ctx->field_rest == 0, | |
3050 r->connection->log) | |
3051 != NGX_OK) | |
3052 { | |
3053 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3054 "upstream sent invalid encoded header"); | |
3055 return NGX_ERROR; | |
3056 } | |
3057 | |
3058 ctx->value.len = ctx->field_end - ctx->value.data; | |
3059 ctx->value.data[ctx->value.len] = '\0'; | |
3060 | |
3061 } else { | |
3062 ngx_memcpy(ctx->field_end, p, size); | |
3063 ctx->value.data[ctx->value.len] = '\0'; | |
3064 } | |
3065 | |
3066 p += size - 1; | |
3067 | |
3068 if (ctx->field_rest == 0) { | |
3069 goto done; | |
3070 } | |
3071 | |
3072 break; | |
3073 } | |
3074 | |
3075 continue; | |
3076 | |
3077 done: | |
3078 | |
3079 p++; | |
3080 ctx->rest -= p - b->pos; | |
3081 ctx->fragment_state = sw_start; | |
3082 b->pos = p; | |
3083 | |
3084 if (ctx->index) { | |
3085 ctx->name = *ngx_http_v2_get_static_name(ctx->index); | |
3086 } | |
3087 | |
3088 if (ctx->index && !ctx->literal) { | |
3089 ctx->value = *ngx_http_v2_get_static_value(ctx->index); | |
3090 } | |
3091 | |
3092 if (!ctx->index) { | |
3093 if (ngx_http_grpc_validate_header_name(r, &ctx->name) != NGX_OK) { | |
3094 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3095 "upstream sent invalid header: \"%V: %V\"", | |
3096 &ctx->name, &ctx->value); | |
3097 return NGX_ERROR; | |
3098 } | |
3099 } | |
3100 | |
3101 if (!ctx->index || ctx->literal) { | |
3102 if (ngx_http_grpc_validate_header_value(r, &ctx->value) != NGX_OK) { | |
3103 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3104 "upstream sent invalid header: \"%V: %V\"", | |
3105 &ctx->name, &ctx->value); | |
3106 return NGX_ERROR; | |
3107 } | |
3108 } | |
3109 | |
3110 return NGX_OK; | |
3111 } | |
3112 | |
3113 ctx->rest -= p - b->pos; | |
3114 ctx->fragment_state = state; | |
3115 b->pos = p; | |
3116 | |
3117 if (ctx->rest > ctx->padding) { | |
3118 return NGX_AGAIN; | |
3119 } | |
3120 | |
3121 return NGX_DONE; | |
3122 } | |
3123 | |
3124 | |
3125 static ngx_int_t | |
3126 ngx_http_grpc_validate_header_name(ngx_http_request_t *r, ngx_str_t *s) | |
3127 { | |
3128 u_char ch; | |
3129 ngx_uint_t i; | |
3130 | |
3131 for (i = 0; i < s->len; i++) { | |
3132 ch = s->data[i]; | |
3133 | |
3134 if (ch == ':' && i > 0) { | |
3135 return NGX_ERROR; | |
3136 } | |
3137 | |
3138 if (ch >= 'A' && ch <= 'Z') { | |
3139 return NGX_ERROR; | |
3140 } | |
3141 | |
3142 if (ch == '\0' || ch == CR || ch == LF) { | |
3143 return NGX_ERROR; | |
3144 } | |
3145 } | |
3146 | |
3147 return NGX_OK; | |
3148 } | |
3149 | |
3150 | |
3151 static ngx_int_t | |
3152 ngx_http_grpc_validate_header_value(ngx_http_request_t *r, ngx_str_t *s) | |
3153 { | |
3154 u_char ch; | |
3155 ngx_uint_t i; | |
3156 | |
3157 for (i = 0; i < s->len; i++) { | |
3158 ch = s->data[i]; | |
3159 | |
3160 if (ch == '\0' || ch == CR || ch == LF) { | |
3161 return NGX_ERROR; | |
3162 } | |
3163 } | |
3164 | |
3165 return NGX_OK; | |
3166 } | |
3167 | |
3168 | |
3169 static ngx_int_t | |
3170 ngx_http_grpc_parse_rst_stream(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx, | |
3171 ngx_buf_t *b) | |
3172 { | |
3173 u_char ch, *p, *last; | |
3174 enum { | |
3175 sw_start = 0, | |
3176 sw_error_2, | |
3177 sw_error_3, | |
3178 sw_error_4 | |
3179 } state; | |
3180 | |
3181 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
3182 last = b->last; | |
3183 | |
3184 } else { | |
3185 last = b->pos + ctx->rest; | |
3186 } | |
3187 | |
3188 state = ctx->frame_state; | |
3189 | |
3190 if (state == sw_start) { | |
3191 if (ctx->rest != 4) { | |
3192 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3193 "upstream sent rst stream frame " | |
3194 "with invalid length: %uz", | |
3195 ctx->rest); | |
3196 return NGX_ERROR; | |
3197 } | |
3198 } | |
3199 | |
3200 for (p = b->pos; p < last; p++) { | |
3201 ch = *p; | |
3202 | |
3203 #if 0 | |
3204 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3205 "grpc rst byte: %02Xd s:%d", ch, state); | |
3206 #endif | |
3207 | |
3208 switch (state) { | |
3209 | |
3210 case sw_start: | |
3211 ctx->error = ch << 24; | |
3212 state = sw_error_2; | |
3213 break; | |
3214 | |
3215 case sw_error_2: | |
3216 ctx->error |= ch << 16; | |
3217 state = sw_error_3; | |
3218 break; | |
3219 | |
3220 case sw_error_3: | |
3221 ctx->error |= ch << 8; | |
3222 state = sw_error_4; | |
3223 break; | |
3224 | |
3225 case sw_error_4: | |
3226 ctx->error |= ch; | |
3227 state = sw_start; | |
3228 | |
3229 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3230 "grpc error: %ui", ctx->error); | |
3231 | |
3232 break; | |
3233 } | |
3234 } | |
3235 | |
3236 ctx->rest -= p - b->pos; | |
3237 ctx->frame_state = state; | |
3238 b->pos = p; | |
3239 | |
3240 if (ctx->rest > 0) { | |
3241 return NGX_AGAIN; | |
3242 } | |
3243 | |
3244 return NGX_OK; | |
3245 } | |
3246 | |
3247 | |
3248 static ngx_int_t | |
3249 ngx_http_grpc_parse_goaway(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx, | |
3250 ngx_buf_t *b) | |
3251 { | |
3252 u_char ch, *p, *last; | |
3253 enum { | |
3254 sw_start = 0, | |
3255 sw_last_stream_id_2, | |
3256 sw_last_stream_id_3, | |
3257 sw_last_stream_id_4, | |
3258 sw_error, | |
3259 sw_error_2, | |
3260 sw_error_3, | |
3261 sw_error_4, | |
3262 sw_debug | |
3263 } state; | |
3264 | |
3265 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
3266 last = b->last; | |
3267 | |
3268 } else { | |
3269 last = b->pos + ctx->rest; | |
3270 } | |
3271 | |
3272 state = ctx->frame_state; | |
3273 | |
3274 if (state == sw_start) { | |
3275 | |
3276 if (ctx->stream_id) { | |
3277 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3278 "upstream sent goaway frame " | |
3279 "with non-zero stream id: %ui", | |
3280 ctx->stream_id); | |
3281 return NGX_ERROR; | |
3282 } | |
3283 | |
3284 if (ctx->rest < 8) { | |
3285 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3286 "upstream sent goaway frame " | |
3287 "with invalid length: %uz", | |
3288 ctx->rest); | |
3289 return NGX_ERROR; | |
3290 } | |
3291 } | |
3292 | |
3293 for (p = b->pos; p < last; p++) { | |
3294 ch = *p; | |
3295 | |
3296 #if 0 | |
3297 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3298 "grpc goaway byte: %02Xd s:%d", ch, state); | |
3299 #endif | |
3300 | |
3301 switch (state) { | |
3302 | |
3303 case sw_start: | |
3304 ctx->stream_id = (ch & 0x7f) << 24; | |
3305 state = sw_last_stream_id_2; | |
3306 break; | |
3307 | |
3308 case sw_last_stream_id_2: | |
3309 ctx->stream_id |= ch << 16; | |
3310 state = sw_last_stream_id_3; | |
3311 break; | |
3312 | |
3313 case sw_last_stream_id_3: | |
3314 ctx->stream_id |= ch << 8; | |
3315 state = sw_last_stream_id_4; | |
3316 break; | |
3317 | |
3318 case sw_last_stream_id_4: | |
3319 ctx->stream_id |= ch; | |
3320 state = sw_error; | |
3321 break; | |
3322 | |
3323 case sw_error: | |
3324 ctx->error = ch << 24; | |
3325 state = sw_error_2; | |
3326 break; | |
3327 | |
3328 case sw_error_2: | |
3329 ctx->error |= ch << 16; | |
3330 state = sw_error_3; | |
3331 break; | |
3332 | |
3333 case sw_error_3: | |
3334 ctx->error |= ch << 8; | |
3335 state = sw_error_4; | |
3336 break; | |
3337 | |
3338 case sw_error_4: | |
3339 ctx->error |= ch; | |
3340 state = sw_debug; | |
3341 break; | |
3342 | |
3343 case sw_debug: | |
3344 break; | |
3345 } | |
3346 } | |
3347 | |
3348 ctx->rest -= p - b->pos; | |
3349 ctx->frame_state = state; | |
3350 b->pos = p; | |
3351 | |
3352 if (ctx->rest > 0) { | |
3353 return NGX_AGAIN; | |
3354 } | |
3355 | |
3356 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3357 "grpc goaway: %ui, stream %ui", | |
3358 ctx->error, ctx->stream_id); | |
3359 | |
3360 ctx->state = ngx_http_grpc_st_start; | |
3361 | |
3362 return NGX_OK; | |
3363 } | |
3364 | |
3365 | |
3366 static ngx_int_t | |
3367 ngx_http_grpc_parse_window_update(ngx_http_request_t *r, | |
3368 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b) | |
3369 { | |
3370 u_char ch, *p, *last; | |
3371 enum { | |
3372 sw_start = 0, | |
3373 sw_size_2, | |
3374 sw_size_3, | |
3375 sw_size_4 | |
3376 } state; | |
3377 | |
3378 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
3379 last = b->last; | |
3380 | |
3381 } else { | |
3382 last = b->pos + ctx->rest; | |
3383 } | |
3384 | |
3385 state = ctx->frame_state; | |
3386 | |
3387 if (state == sw_start) { | |
3388 if (ctx->rest != 4) { | |
3389 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3390 "upstream sent window update frame " | |
3391 "with invalid length: %uz", | |
3392 ctx->rest); | |
3393 return NGX_ERROR; | |
3394 } | |
3395 } | |
3396 | |
3397 for (p = b->pos; p < last; p++) { | |
3398 ch = *p; | |
3399 | |
3400 #if 0 | |
3401 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3402 "grpc window update byte: %02Xd s:%d", ch, state); | |
3403 #endif | |
3404 | |
3405 switch (state) { | |
3406 | |
3407 case sw_start: | |
3408 ctx->window_update = (ch & 0x7f) << 24; | |
3409 state = sw_size_2; | |
3410 break; | |
3411 | |
3412 case sw_size_2: | |
3413 ctx->window_update |= ch << 16; | |
3414 state = sw_size_3; | |
3415 break; | |
3416 | |
3417 case sw_size_3: | |
3418 ctx->window_update |= ch << 8; | |
3419 state = sw_size_4; | |
3420 break; | |
3421 | |
3422 case sw_size_4: | |
3423 ctx->window_update |= ch; | |
3424 state = sw_start; | |
3425 break; | |
3426 } | |
3427 } | |
3428 | |
3429 ctx->rest -= p - b->pos; | |
3430 ctx->frame_state = state; | |
3431 b->pos = p; | |
3432 | |
3433 if (ctx->rest > 0) { | |
3434 return NGX_AGAIN; | |
3435 } | |
3436 | |
3437 ctx->state = ngx_http_grpc_st_start; | |
3438 | |
3439 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3440 "grpc window update: %ui", ctx->window_update); | |
3441 | |
3442 if (ctx->stream_id) { | |
3443 | |
3444 if (ctx->window_update > (size_t) NGX_HTTP_V2_MAX_WINDOW | |
3445 - ctx->send_window) | |
3446 { | |
3447 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3448 "upstream sent too large window update"); | |
3449 return NGX_ERROR; | |
3450 } | |
3451 | |
3452 ctx->send_window += ctx->window_update; | |
3453 | |
3454 } else { | |
3455 | |
3456 if (ctx->window_update > NGX_HTTP_V2_MAX_WINDOW | |
3457 - ctx->connection->send_window) | |
3458 { | |
3459 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3460 "upstream sent too large window update"); | |
3461 return NGX_ERROR; | |
3462 } | |
3463 | |
3464 ctx->connection->send_window += ctx->window_update; | |
3465 } | |
3466 | |
3467 return NGX_OK; | |
3468 } | |
3469 | |
3470 | |
3471 static ngx_int_t | |
3472 ngx_http_grpc_parse_settings(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx, | |
3473 ngx_buf_t *b) | |
3474 { | |
3475 u_char ch, *p, *last; | |
3476 ssize_t window_update; | |
3477 enum { | |
3478 sw_start = 0, | |
3479 sw_id, | |
3480 sw_id_2, | |
3481 sw_value, | |
3482 sw_value_2, | |
3483 sw_value_3, | |
3484 sw_value_4 | |
3485 } state; | |
3486 | |
3487 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
3488 last = b->last; | |
3489 | |
3490 } else { | |
3491 last = b->pos + ctx->rest; | |
3492 } | |
3493 | |
3494 state = ctx->frame_state; | |
3495 | |
3496 if (state == sw_start) { | |
3497 | |
3498 if (ctx->stream_id) { | |
3499 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3500 "upstream sent settings frame " | |
3501 "with non-zero stream id: %ui", | |
3502 ctx->stream_id); | |
3503 return NGX_ERROR; | |
3504 } | |
3505 | |
3506 if (ctx->flags & NGX_HTTP_V2_ACK_FLAG) { | |
3507 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3508 "grpc settings ack"); | |
3509 | |
3510 if (ctx->rest != 0) { | |
3511 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3512 "upstream sent settings frame " | |
3513 "with ack flag and non-zero length: %uz", | |
3514 ctx->rest); | |
3515 return NGX_ERROR; | |
3516 } | |
3517 | |
3518 ctx->state = ngx_http_grpc_st_start; | |
3519 | |
3520 return NGX_OK; | |
3521 } | |
3522 | |
3523 if (ctx->rest % 6 != 0) { | |
3524 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3525 "upstream sent settings frame " | |
3526 "with invalid length: %uz", | |
3527 ctx->rest); | |
3528 return NGX_ERROR; | |
3529 } | |
3530 } | |
3531 | |
3532 for (p = b->pos; p < last; p++) { | |
3533 ch = *p; | |
3534 | |
3535 #if 0 | |
3536 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3537 "grpc settings byte: %02Xd s:%d", ch, state); | |
3538 #endif | |
3539 | |
3540 switch (state) { | |
3541 | |
3542 case sw_start: | |
3543 case sw_id: | |
3544 ctx->setting_id = ch << 8; | |
3545 state = sw_id_2; | |
3546 break; | |
3547 | |
3548 case sw_id_2: | |
3549 ctx->setting_id |= ch; | |
3550 state = sw_value; | |
3551 break; | |
3552 | |
3553 case sw_value: | |
3554 ctx->setting_value = ch << 24; | |
3555 state = sw_value_2; | |
3556 break; | |
3557 | |
3558 case sw_value_2: | |
3559 ctx->setting_value |= ch << 16; | |
3560 state = sw_value_3; | |
3561 break; | |
3562 | |
3563 case sw_value_3: | |
3564 ctx->setting_value |= ch << 8; | |
3565 state = sw_value_4; | |
3566 break; | |
3567 | |
3568 case sw_value_4: | |
3569 ctx->setting_value |= ch; | |
3570 state = sw_id; | |
3571 | |
3572 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3573 "grpc setting: %ui %ui", | |
3574 ctx->setting_id, ctx->setting_value); | |
3575 | |
3576 /* | |
3577 * The following settings are defined by the protocol: | |
3578 * | |
3579 * SETTINGS_HEADER_TABLE_SIZE, SETTINGS_ENABLE_PUSH, | |
3580 * SETTINGS_MAX_CONCURRENT_STREAMS, SETTINGS_INITIAL_WINDOW_SIZE, | |
3581 * SETTINGS_MAX_FRAME_SIZE, SETTINGS_MAX_HEADER_LIST_SIZE | |
3582 * | |
3583 * Only SETTINGS_INITIAL_WINDOW_SIZE seems to be needed in | |
3584 * a simple client. | |
3585 */ | |
3586 | |
3587 if (ctx->setting_id == 0x04) { | |
3588 /* SETTINGS_INITIAL_WINDOW_SIZE */ | |
3589 | |
3590 if (ctx->setting_value > NGX_HTTP_V2_MAX_WINDOW) { | |
3591 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3592 "upstream sent settings frame " | |
3593 "with too large initial window size: %ui", | |
3594 ctx->setting_value); | |
3595 return NGX_ERROR; | |
3596 } | |
3597 | |
3598 window_update = ctx->setting_value | |
3599 - ctx->connection->init_window; | |
3600 ctx->connection->init_window = ctx->setting_value; | |
3601 | |
3602 if (ctx->send_window > 0 | |
3603 && window_update > (ssize_t) NGX_HTTP_V2_MAX_WINDOW | |
3604 - ctx->send_window) | |
3605 { | |
3606 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3607 "upstream sent settings frame " | |
3608 "with too large initial window size: %ui", | |
3609 ctx->setting_value); | |
3610 return NGX_ERROR; | |
3611 } | |
3612 | |
3613 ctx->send_window += window_update; | |
3614 } | |
3615 | |
3616 break; | |
3617 } | |
3618 } | |
3619 | |
3620 ctx->rest -= p - b->pos; | |
3621 ctx->frame_state = state; | |
3622 b->pos = p; | |
3623 | |
3624 if (ctx->rest > 0) { | |
3625 return NGX_AGAIN; | |
3626 } | |
3627 | |
3628 ctx->state = ngx_http_grpc_st_start; | |
3629 | |
3630 return ngx_http_grpc_send_settings_ack(r, ctx); | |
3631 } | |
3632 | |
3633 | |
3634 static ngx_int_t | |
3635 ngx_http_grpc_parse_ping(ngx_http_request_t *r, | |
3636 ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b) | |
3637 { | |
3638 u_char ch, *p, *last; | |
3639 enum { | |
3640 sw_start = 0, | |
3641 sw_data_2, | |
3642 sw_data_3, | |
3643 sw_data_4, | |
3644 sw_data_5, | |
3645 sw_data_6, | |
3646 sw_data_7, | |
3647 sw_data_8 | |
3648 } state; | |
3649 | |
3650 if (b->last - b->pos < (ssize_t) ctx->rest) { | |
3651 last = b->last; | |
3652 | |
3653 } else { | |
3654 last = b->pos + ctx->rest; | |
3655 } | |
3656 | |
3657 state = ctx->frame_state; | |
3658 | |
3659 if (state == sw_start) { | |
3660 | |
3661 if (ctx->stream_id) { | |
3662 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3663 "upstream sent ping frame " | |
3664 "with non-zero stream id: %ui", | |
3665 ctx->stream_id); | |
3666 return NGX_ERROR; | |
3667 } | |
3668 | |
3669 if (ctx->rest != 8) { | |
3670 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3671 "upstream sent ping frame " | |
3672 "with invalid length: %uz", | |
3673 ctx->rest); | |
3674 return NGX_ERROR; | |
3675 } | |
3676 | |
3677 if (ctx->flags & NGX_HTTP_V2_ACK_FLAG) { | |
3678 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
3679 "upstream sent ping frame with ack flag"); | |
3680 return NGX_ERROR; | |
3681 } | |
3682 } | |
3683 | |
3684 for (p = b->pos; p < last; p++) { | |
3685 ch = *p; | |
3686 | |
3687 #if 0 | |
3688 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3689 "grpc ping byte: %02Xd s:%d", ch, state); | |
3690 #endif | |
3691 | |
3692 if (state < sw_data_8) { | |
3693 ctx->ping_data[state] = ch; | |
3694 state++; | |
3695 | |
3696 } else { | |
3697 ctx->ping_data[7] = ch; | |
3698 state = sw_start; | |
3699 | |
3700 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3701 "grpc ping"); | |
3702 } | |
3703 } | |
3704 | |
3705 ctx->rest -= p - b->pos; | |
3706 ctx->frame_state = state; | |
3707 b->pos = p; | |
3708 | |
3709 if (ctx->rest > 0) { | |
3710 return NGX_AGAIN; | |
3711 } | |
3712 | |
3713 ctx->state = ngx_http_grpc_st_start; | |
3714 | |
3715 return ngx_http_grpc_send_ping_ack(r, ctx); | |
3716 } | |
3717 | |
3718 | |
3719 static ngx_int_t | |
3720 ngx_http_grpc_send_settings_ack(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx) | |
3721 { | |
3722 ngx_chain_t *cl, **ll; | |
3723 ngx_http_grpc_frame_t *f; | |
3724 | |
3725 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3726 "grpc send settings ack"); | |
3727 | |
3728 for (cl = ctx->out, ll = &ctx->out; cl; cl = cl->next) { | |
3729 ll = &cl->next; | |
3730 } | |
3731 | |
3732 cl = ngx_http_grpc_get_buf(r, ctx); | |
3733 if (cl == NULL) { | |
3734 return NGX_ERROR; | |
3735 } | |
3736 | |
3737 f = (ngx_http_grpc_frame_t *) cl->buf->last; | |
3738 cl->buf->last += sizeof(ngx_http_grpc_frame_t); | |
3739 | |
3740 f->length_0 = 0; | |
3741 f->length_1 = 0; | |
3742 f->length_2 = 0; | |
3743 f->type = NGX_HTTP_V2_SETTINGS_FRAME; | |
3744 f->flags = NGX_HTTP_V2_ACK_FLAG; | |
3745 f->stream_id_0 = 0; | |
3746 f->stream_id_1 = 0; | |
3747 f->stream_id_2 = 0; | |
3748 f->stream_id_3 = 0; | |
3749 | |
3750 *ll = cl; | |
3751 | |
3752 return NGX_OK; | |
3753 } | |
3754 | |
3755 | |
3756 static ngx_int_t | |
3757 ngx_http_grpc_send_ping_ack(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx) | |
3758 { | |
3759 ngx_chain_t *cl, **ll; | |
3760 ngx_http_grpc_frame_t *f; | |
3761 | |
3762 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3763 "grpc send ping ack"); | |
3764 | |
3765 for (cl = ctx->out, ll = &ctx->out; cl; cl = cl->next) { | |
3766 ll = &cl->next; | |
3767 } | |
3768 | |
3769 cl = ngx_http_grpc_get_buf(r, ctx); | |
3770 if (cl == NULL) { | |
3771 return NGX_ERROR; | |
3772 } | |
3773 | |
3774 f = (ngx_http_grpc_frame_t *) cl->buf->last; | |
3775 cl->buf->last += sizeof(ngx_http_grpc_frame_t); | |
3776 | |
3777 f->length_0 = 0; | |
3778 f->length_1 = 0; | |
3779 f->length_2 = 8; | |
3780 f->type = NGX_HTTP_V2_PING_FRAME; | |
3781 f->flags = NGX_HTTP_V2_ACK_FLAG; | |
3782 f->stream_id_0 = 0; | |
3783 f->stream_id_1 = 0; | |
3784 f->stream_id_2 = 0; | |
3785 f->stream_id_3 = 0; | |
3786 | |
3787 cl->buf->last = ngx_copy(cl->buf->last, ctx->ping_data, 8); | |
3788 | |
3789 *ll = cl; | |
3790 | |
3791 return NGX_OK; | |
3792 } | |
3793 | |
3794 | |
3795 static ngx_int_t | |
3796 ngx_http_grpc_send_window_update(ngx_http_request_t *r, | |
3797 ngx_http_grpc_ctx_t *ctx) | |
3798 { | |
3799 size_t n; | |
3800 ngx_chain_t *cl, **ll; | |
3801 ngx_http_grpc_frame_t *f; | |
3802 | |
3803 ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3804 "grpc send window update: %uz %uz", | |
3805 ctx->connection->recv_window, ctx->recv_window); | |
3806 | |
3807 for (cl = ctx->out, ll = &ctx->out; cl; cl = cl->next) { | |
3808 ll = &cl->next; | |
3809 } | |
3810 | |
3811 cl = ngx_http_grpc_get_buf(r, ctx); | |
3812 if (cl == NULL) { | |
3813 return NGX_ERROR; | |
3814 } | |
3815 | |
3816 f = (ngx_http_grpc_frame_t *) cl->buf->last; | |
3817 cl->buf->last += sizeof(ngx_http_grpc_frame_t); | |
3818 | |
3819 f->length_0 = 0; | |
3820 f->length_1 = 0; | |
3821 f->length_2 = 4; | |
3822 f->type = NGX_HTTP_V2_WINDOW_UPDATE_FRAME; | |
3823 f->flags = 0; | |
3824 f->stream_id_0 = 0; | |
3825 f->stream_id_1 = 0; | |
3826 f->stream_id_2 = 0; | |
3827 f->stream_id_3 = 0; | |
3828 | |
3829 n = NGX_HTTP_V2_MAX_WINDOW - ctx->connection->recv_window; | |
3830 ctx->connection->recv_window = NGX_HTTP_V2_MAX_WINDOW; | |
3831 | |
3832 *cl->buf->last++ = (u_char) ((n >> 24) & 0xff); | |
3833 *cl->buf->last++ = (u_char) ((n >> 16) & 0xff); | |
3834 *cl->buf->last++ = (u_char) ((n >> 8) & 0xff); | |
3835 *cl->buf->last++ = (u_char) (n & 0xff); | |
3836 | |
3837 f = (ngx_http_grpc_frame_t *) cl->buf->last; | |
3838 cl->buf->last += sizeof(ngx_http_grpc_frame_t); | |
3839 | |
3840 f->length_0 = 0; | |
3841 f->length_1 = 0; | |
3842 f->length_2 = 4; | |
3843 f->type = NGX_HTTP_V2_WINDOW_UPDATE_FRAME; | |
3844 f->flags = 0; | |
3845 f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff); | |
3846 f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff); | |
3847 f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff); | |
3848 f->stream_id_3 = (u_char) (ctx->id & 0xff); | |
3849 | |
3850 n = NGX_HTTP_V2_MAX_WINDOW - ctx->recv_window; | |
3851 ctx->recv_window = NGX_HTTP_V2_MAX_WINDOW; | |
3852 | |
3853 *cl->buf->last++ = (u_char) ((n >> 24) & 0xff); | |
3854 *cl->buf->last++ = (u_char) ((n >> 16) & 0xff); | |
3855 *cl->buf->last++ = (u_char) ((n >> 8) & 0xff); | |
3856 *cl->buf->last++ = (u_char) (n & 0xff); | |
3857 | |
3858 *ll = cl; | |
3859 | |
3860 return NGX_OK; | |
3861 } | |
3862 | |
3863 | |
3864 static ngx_chain_t * | |
3865 ngx_http_grpc_get_buf(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx) | |
3866 { | |
3867 ngx_buf_t *b; | |
3868 ngx_chain_t *cl; | |
3869 | |
3870 cl = ngx_chain_get_free_buf(r->pool, &ctx->free); | |
3871 if (cl == NULL) { | |
3872 return NULL; | |
3873 } | |
3874 | |
3875 b = cl->buf; | |
3876 | |
3877 b->tag = (ngx_buf_tag_t) &ngx_http_grpc_body_output_filter; | |
3878 b->temporary = 1; | |
3879 b->flush = 1; | |
3880 | |
3881 if (b->start == NULL) { | |
3882 | |
3883 /* | |
3884 * each buffer is large enough to hold two window update | |
3885 * frames in a row | |
3886 */ | |
3887 | |
3888 b->start = ngx_palloc(r->pool, 2 * sizeof(ngx_http_grpc_frame_t) + 8); | |
3889 if (b->start == NULL) { | |
3890 return NULL; | |
3891 } | |
3892 | |
3893 b->pos = b->start; | |
3894 b->last = b->start; | |
3895 | |
3896 b->end = b->start + 2 * sizeof(ngx_http_grpc_frame_t) + 8; | |
3897 } | |
3898 | |
3899 return cl; | |
3900 } | |
3901 | |
3902 | |
3903 static ngx_http_grpc_ctx_t * | |
3904 ngx_http_grpc_get_ctx(ngx_http_request_t *r) | |
3905 { | |
3906 ngx_http_grpc_ctx_t *ctx; | |
3907 ngx_http_upstream_t *u; | |
3908 | |
3909 ctx = ngx_http_get_module_ctx(r, ngx_http_grpc_module); | |
3910 | |
3911 if (ctx->connection == NULL) { | |
3912 u = r->upstream; | |
3913 | |
3914 if (ngx_http_grpc_get_connection_data(r, ctx, &u->peer) != NGX_OK) { | |
3915 return NULL; | |
3916 } | |
3917 } | |
3918 | |
3919 return ctx; | |
3920 } | |
3921 | |
3922 | |
3923 static ngx_int_t | |
3924 ngx_http_grpc_get_connection_data(ngx_http_request_t *r, | |
3925 ngx_http_grpc_ctx_t *ctx, ngx_peer_connection_t *pc) | |
3926 { | |
3927 ngx_connection_t *c; | |
3928 ngx_pool_cleanup_t *cln; | |
3929 | |
3930 c = pc->connection; | |
3931 | |
3932 if (pc->cached) { | |
3933 | |
3934 /* | |
3935 * for cached connections, connection data can be found | |
3936 * in the cleanup handler | |
3937 */ | |
3938 | |
3939 for (cln = c->pool->cleanup; cln; cln = cln->next) { | |
3940 if (cln->handler == ngx_http_grpc_cleanup) { | |
3941 ctx->connection = cln->data; | |
3942 break; | |
3943 } | |
3944 } | |
3945 | |
3946 if (ctx->connection == NULL) { | |
3947 ngx_log_error(NGX_LOG_ERR, c->log, 0, | |
3948 "no connection data found for " | |
3949 "keepalive http2 connection"); | |
3950 return NGX_ERROR; | |
3951 } | |
3952 | |
3953 ctx->send_window = ctx->connection->init_window; | |
3954 ctx->recv_window = NGX_HTTP_V2_MAX_WINDOW; | |
3955 | |
3956 ctx->connection->last_stream_id += 2; | |
3957 ctx->id = ctx->connection->last_stream_id; | |
3958 | |
3959 return NGX_OK; | |
3960 } | |
3961 | |
3962 cln = ngx_pool_cleanup_add(c->pool, sizeof(ngx_http_grpc_conn_t)); | |
3963 if (cln == NULL) { | |
3964 return NGX_ERROR; | |
3965 } | |
3966 | |
3967 cln->handler = ngx_http_grpc_cleanup; | |
3968 ctx->connection = cln->data; | |
3969 | |
3970 ctx->connection->init_window = NGX_HTTP_V2_DEFAULT_WINDOW; | |
3971 ctx->connection->send_window = NGX_HTTP_V2_DEFAULT_WINDOW; | |
3972 ctx->connection->recv_window = NGX_HTTP_V2_MAX_WINDOW; | |
3973 | |
3974 ctx->send_window = NGX_HTTP_V2_DEFAULT_WINDOW; | |
3975 ctx->recv_window = NGX_HTTP_V2_MAX_WINDOW; | |
3976 | |
3977 ctx->id = 1; | |
3978 ctx->connection->last_stream_id = 1; | |
3979 | |
3980 return NGX_OK; | |
3981 } | |
3982 | |
3983 | |
3984 static void | |
3985 ngx_http_grpc_cleanup(void *data) | |
3986 { | |
3987 #if 0 | |
3988 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, | |
3989 "grpc cleanup"); | |
3990 #endif | |
3991 return; | |
3992 } | |
3993 | |
3994 | |
3995 static void | |
3996 ngx_http_grpc_abort_request(ngx_http_request_t *r) | |
3997 { | |
3998 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
3999 "abort grpc request"); | |
4000 return; | |
4001 } | |
4002 | |
4003 | |
4004 static void | |
4005 ngx_http_grpc_finalize_request(ngx_http_request_t *r, ngx_int_t rc) | |
4006 { | |
4007 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | |
4008 "finalize grpc request"); | |
4009 return; | |
4010 } | |
4011 | |
4012 | |
7234
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4013 static ngx_int_t |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4014 ngx_http_grpc_internal_trailers_variable(ngx_http_request_t *r, |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4015 ngx_http_variable_value_t *v, uintptr_t data) |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4016 { |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4017 ngx_table_elt_t *te; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4018 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4019 te = r->headers_in.te; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4020 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4021 if (te == NULL) { |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4022 v->not_found = 1; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4023 return NGX_OK; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4024 } |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4025 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4026 if (ngx_strlcasestrn(te->value.data, te->value.data + te->value.len, |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4027 (u_char *) "trailers", 8 - 1) |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4028 == NULL) |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4029 { |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4030 v->not_found = 1; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4031 return NGX_OK; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4032 } |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4033 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4034 v->valid = 1; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4035 v->no_cacheable = 0; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4036 v->not_found = 0; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4037 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4038 v->data = (u_char *) "trailers"; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4039 v->len = sizeof("trailers") - 1; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4040 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4041 return NGX_OK; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4042 } |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4043 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4044 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4045 static ngx_int_t |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4046 ngx_http_grpc_add_variables(ngx_conf_t *cf) |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4047 { |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4048 ngx_http_variable_t *var, *v; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4049 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4050 for (v = ngx_http_grpc_vars; v->name.len; v++) { |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4051 var = ngx_http_add_variable(cf, &v->name, v->flags); |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4052 if (var == NULL) { |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4053 return NGX_ERROR; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4054 } |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4055 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4056 var->get_handler = v->get_handler; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4057 var->data = v->data; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4058 } |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4059 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4060 return NGX_OK; |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4061 } |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4062 |
c693daca57f7
gRPC: special handling of the TE request header.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7233
diff
changeset
|
4063 |
7233 | 4064 static void * |
4065 ngx_http_grpc_create_loc_conf(ngx_conf_t *cf) | |
4066 { | |
4067 ngx_http_grpc_loc_conf_t *conf; | |
4068 | |
4069 conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_grpc_loc_conf_t)); | |
4070 if (conf == NULL) { | |
4071 return NULL; | |
4072 } | |
4073 | |
4074 /* | |
4075 * set by ngx_pcalloc(): | |
4076 * | |
4077 * conf->upstream.ignore_headers = 0; | |
4078 * conf->upstream.next_upstream = 0; | |
4079 * conf->upstream.hide_headers_hash = { NULL, 0 }; | |
4080 * conf->upstream.ssl_name = NULL; | |
4081 * | |
4082 * conf->headers_source = NULL; | |
4083 * conf->headers.lengths = NULL; | |
4084 * conf->headers.values = NULL; | |
4085 * conf->headers.hash = { NULL, 0 }; | |
4086 * conf->host = { 0, NULL }; | |
4087 * conf->host_set = 0; | |
4088 * conf->ssl = 0; | |
4089 * conf->ssl_protocols = 0; | |
4090 * conf->ssl_ciphers = { 0, NULL }; | |
4091 * conf->ssl_trusted_certificate = { 0, NULL }; | |
4092 * conf->ssl_crl = { 0, NULL }; | |
4093 * conf->ssl_certificate = { 0, NULL }; | |
4094 * conf->ssl_certificate_key = { 0, NULL }; | |
4095 */ | |
4096 | |
4097 conf->upstream.local = NGX_CONF_UNSET_PTR; | |
4098 conf->upstream.next_upstream_tries = NGX_CONF_UNSET_UINT; | |
4099 conf->upstream.connect_timeout = NGX_CONF_UNSET_MSEC; | |
4100 conf->upstream.send_timeout = NGX_CONF_UNSET_MSEC; | |
4101 conf->upstream.read_timeout = NGX_CONF_UNSET_MSEC; | |
4102 conf->upstream.next_upstream_timeout = NGX_CONF_UNSET_MSEC; | |
4103 | |
4104 conf->upstream.buffer_size = NGX_CONF_UNSET_SIZE; | |
4105 | |
4106 conf->upstream.hide_headers = NGX_CONF_UNSET_PTR; | |
4107 conf->upstream.pass_headers = NGX_CONF_UNSET_PTR; | |
4108 | |
4109 conf->upstream.intercept_errors = NGX_CONF_UNSET; | |
4110 | |
4111 #if (NGX_HTTP_SSL) | |
4112 conf->upstream.ssl_session_reuse = NGX_CONF_UNSET; | |
4113 conf->upstream.ssl_server_name = NGX_CONF_UNSET; | |
4114 conf->upstream.ssl_verify = NGX_CONF_UNSET; | |
4115 conf->ssl_verify_depth = NGX_CONF_UNSET_UINT; | |
4116 conf->ssl_passwords = NGX_CONF_UNSET_PTR; | |
4117 #endif | |
4118 | |
4119 /* the hardcoded values */ | |
4120 conf->upstream.cyclic_temp_file = 0; | |
4121 conf->upstream.buffering = 0; | |
4122 conf->upstream.ignore_client_abort = 0; | |
4123 conf->upstream.send_lowat = 0; | |
4124 conf->upstream.bufs.num = 0; | |
4125 conf->upstream.busy_buffers_size = 0; | |
4126 conf->upstream.max_temp_file_size = 0; | |
4127 conf->upstream.temp_file_write_size = 0; | |
4128 conf->upstream.pass_request_headers = 1; | |
4129 conf->upstream.pass_request_body = 1; | |
4130 conf->upstream.force_ranges = 0; | |
4131 conf->upstream.pass_trailers = 1; | |
4132 conf->upstream.preserve_output = 1; | |
4133 | |
4134 ngx_str_set(&conf->upstream.module, "grpc"); | |
4135 | |
4136 return conf; | |
4137 } | |
4138 | |
4139 | |
4140 static char * | |
4141 ngx_http_grpc_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child) | |
4142 { | |
4143 ngx_http_grpc_loc_conf_t *prev = parent; | |
4144 ngx_http_grpc_loc_conf_t *conf = child; | |
4145 | |
4146 ngx_int_t rc; | |
4147 ngx_hash_init_t hash; | |
4148 ngx_http_core_loc_conf_t *clcf; | |
4149 | |
4150 ngx_conf_merge_ptr_value(conf->upstream.local, | |
4151 prev->upstream.local, NULL); | |
4152 | |
4153 ngx_conf_merge_uint_value(conf->upstream.next_upstream_tries, | |
4154 prev->upstream.next_upstream_tries, 0); | |
4155 | |
4156 ngx_conf_merge_msec_value(conf->upstream.connect_timeout, | |
4157 prev->upstream.connect_timeout, 60000); | |
4158 | |
4159 ngx_conf_merge_msec_value(conf->upstream.send_timeout, | |
4160 prev->upstream.send_timeout, 60000); | |
4161 | |
4162 ngx_conf_merge_msec_value(conf->upstream.read_timeout, | |
4163 prev->upstream.read_timeout, 60000); | |
4164 | |
4165 ngx_conf_merge_msec_value(conf->upstream.next_upstream_timeout, | |
4166 prev->upstream.next_upstream_timeout, 0); | |
4167 | |
4168 ngx_conf_merge_size_value(conf->upstream.buffer_size, | |
4169 prev->upstream.buffer_size, | |
4170 (size_t) ngx_pagesize); | |
4171 | |
4172 ngx_conf_merge_bitmask_value(conf->upstream.ignore_headers, | |
4173 prev->upstream.ignore_headers, | |
4174 NGX_CONF_BITMASK_SET); | |
4175 | |
4176 ngx_conf_merge_bitmask_value(conf->upstream.next_upstream, | |
4177 prev->upstream.next_upstream, | |
4178 (NGX_CONF_BITMASK_SET | |
4179 |NGX_HTTP_UPSTREAM_FT_ERROR | |
4180 |NGX_HTTP_UPSTREAM_FT_TIMEOUT)); | |
4181 | |
4182 if (conf->upstream.next_upstream & NGX_HTTP_UPSTREAM_FT_OFF) { | |
4183 conf->upstream.next_upstream = NGX_CONF_BITMASK_SET | |
4184 |NGX_HTTP_UPSTREAM_FT_OFF; | |
4185 } | |
4186 | |
4187 ngx_conf_merge_value(conf->upstream.intercept_errors, | |
4188 prev->upstream.intercept_errors, 0); | |
4189 | |
4190 #if (NGX_HTTP_SSL) | |
4191 | |
4192 ngx_conf_merge_value(conf->upstream.ssl_session_reuse, | |
4193 prev->upstream.ssl_session_reuse, 1); | |
4194 | |
4195 ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols, | |
4196 (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1 | |
4197 |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2)); | |
4198 | |
4199 ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers, | |
4200 "DEFAULT"); | |
4201 | |
4202 if (conf->upstream.ssl_name == NULL) { | |
4203 conf->upstream.ssl_name = prev->upstream.ssl_name; | |
4204 } | |
4205 | |
4206 ngx_conf_merge_value(conf->upstream.ssl_server_name, | |
4207 prev->upstream.ssl_server_name, 0); | |
4208 ngx_conf_merge_value(conf->upstream.ssl_verify, | |
4209 prev->upstream.ssl_verify, 0); | |
4210 ngx_conf_merge_uint_value(conf->ssl_verify_depth, | |
4211 prev->ssl_verify_depth, 1); | |
4212 ngx_conf_merge_str_value(conf->ssl_trusted_certificate, | |
4213 prev->ssl_trusted_certificate, ""); | |
4214 ngx_conf_merge_str_value(conf->ssl_crl, prev->ssl_crl, ""); | |
4215 | |
4216 ngx_conf_merge_str_value(conf->ssl_certificate, | |
4217 prev->ssl_certificate, ""); | |
4218 ngx_conf_merge_str_value(conf->ssl_certificate_key, | |
4219 prev->ssl_certificate_key, ""); | |
4220 ngx_conf_merge_ptr_value(conf->ssl_passwords, prev->ssl_passwords, NULL); | |
4221 | |
4222 if (conf->ssl && ngx_http_grpc_set_ssl(cf, conf) != NGX_OK) { | |
4223 return NGX_CONF_ERROR; | |
4224 } | |
4225 | |
4226 #endif | |
4227 | |
4228 hash.max_size = 512; | |
4229 hash.bucket_size = ngx_align(64, ngx_cacheline_size); | |
4230 hash.name = "grpc_headers_hash"; | |
4231 | |
4232 if (ngx_http_upstream_hide_headers_hash(cf, &conf->upstream, | |
4233 &prev->upstream, ngx_http_grpc_hide_headers, &hash) | |
4234 != NGX_OK) | |
4235 { | |
4236 return NGX_CONF_ERROR; | |
4237 } | |
4238 | |
4239 clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module); | |
4240 | |
4241 if (clcf->noname && conf->upstream.upstream == NULL) { | |
4242 conf->upstream.upstream = prev->upstream.upstream; | |
4243 conf->host = prev->host; | |
4244 #if (NGX_HTTP_SSL) | |
4245 conf->upstream.ssl = prev->upstream.ssl; | |
4246 #endif | |
4247 } | |
4248 | |
4249 if (clcf->lmt_excpt && clcf->handler == NULL && conf->upstream.upstream) { | |
4250 clcf->handler = ngx_http_grpc_handler; | |
4251 } | |
4252 | |
4253 if (conf->headers_source == NULL) { | |
4254 conf->headers = prev->headers; | |
4255 conf->headers_source = prev->headers_source; | |
4256 conf->host_set = prev->host_set; | |
4257 } | |
4258 | |
4259 rc = ngx_http_grpc_init_headers(cf, conf, &conf->headers, | |
4260 ngx_http_grpc_headers); | |
4261 if (rc != NGX_OK) { | |
4262 return NGX_CONF_ERROR; | |
4263 } | |
4264 | |
4265 /* | |
4266 * special handling to preserve conf->headers in the "http" section | |
4267 * to inherit it to all servers | |
4268 */ | |
4269 | |
4270 if (prev->headers.hash.buckets == NULL | |
4271 && conf->headers_source == prev->headers_source) | |
4272 { | |
4273 prev->headers = conf->headers; | |
4274 prev->host_set = conf->host_set; | |
4275 } | |
4276 | |
4277 return NGX_CONF_OK; | |
4278 } | |
4279 | |
4280 | |
4281 static ngx_int_t | |
4282 ngx_http_grpc_init_headers(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *conf, | |
4283 ngx_http_grpc_headers_t *headers, ngx_keyval_t *default_headers) | |
4284 { | |
4285 u_char *p; | |
4286 size_t size; | |
4287 uintptr_t *code; | |
4288 ngx_uint_t i; | |
4289 ngx_array_t headers_names, headers_merged; | |
4290 ngx_keyval_t *src, *s, *h; | |
4291 ngx_hash_key_t *hk; | |
4292 ngx_hash_init_t hash; | |
4293 ngx_http_script_compile_t sc; | |
4294 ngx_http_script_copy_code_t *copy; | |
4295 | |
4296 if (headers->hash.buckets) { | |
4297 return NGX_OK; | |
4298 } | |
4299 | |
4300 if (ngx_array_init(&headers_names, cf->temp_pool, 4, sizeof(ngx_hash_key_t)) | |
4301 != NGX_OK) | |
4302 { | |
4303 return NGX_ERROR; | |
4304 } | |
4305 | |
4306 if (ngx_array_init(&headers_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t)) | |
4307 != NGX_OK) | |
4308 { | |
4309 return NGX_ERROR; | |
4310 } | |
4311 | |
4312 headers->lengths = ngx_array_create(cf->pool, 64, 1); | |
4313 if (headers->lengths == NULL) { | |
4314 return NGX_ERROR; | |
4315 } | |
4316 | |
4317 headers->values = ngx_array_create(cf->pool, 512, 1); | |
4318 if (headers->values == NULL) { | |
4319 return NGX_ERROR; | |
4320 } | |
4321 | |
4322 if (conf->headers_source) { | |
4323 | |
4324 src = conf->headers_source->elts; | |
4325 for (i = 0; i < conf->headers_source->nelts; i++) { | |
4326 | |
4327 if (src[i].key.len == 4 | |
4328 && ngx_strncasecmp(src[i].key.data, (u_char *) "Host", 4) == 0) | |
4329 { | |
4330 conf->host_set = 1; | |
4331 } | |
4332 | |
4333 s = ngx_array_push(&headers_merged); | |
4334 if (s == NULL) { | |
4335 return NGX_ERROR; | |
4336 } | |
4337 | |
4338 *s = src[i]; | |
4339 } | |
4340 } | |
4341 | |
4342 h = default_headers; | |
4343 | |
4344 while (h->key.len) { | |
4345 | |
4346 src = headers_merged.elts; | |
4347 for (i = 0; i < headers_merged.nelts; i++) { | |
4348 if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) { | |
4349 goto next; | |
4350 } | |
4351 } | |
4352 | |
4353 s = ngx_array_push(&headers_merged); | |
4354 if (s == NULL) { | |
4355 return NGX_ERROR; | |
4356 } | |
4357 | |
4358 *s = *h; | |
4359 | |
4360 next: | |
4361 | |
4362 h++; | |
4363 } | |
4364 | |
4365 | |
4366 src = headers_merged.elts; | |
4367 for (i = 0; i < headers_merged.nelts; i++) { | |
4368 | |
4369 hk = ngx_array_push(&headers_names); | |
4370 if (hk == NULL) { | |
4371 return NGX_ERROR; | |
4372 } | |
4373 | |
4374 hk->key = src[i].key; | |
4375 hk->key_hash = ngx_hash_key_lc(src[i].key.data, src[i].key.len); | |
4376 hk->value = (void *) 1; | |
4377 | |
4378 if (src[i].value.len == 0) { | |
4379 continue; | |
4380 } | |
4381 | |
4382 copy = ngx_array_push_n(headers->lengths, | |
4383 sizeof(ngx_http_script_copy_code_t)); | |
4384 if (copy == NULL) { | |
4385 return NGX_ERROR; | |
4386 } | |
4387 | |
4388 copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code; | |
4389 copy->len = src[i].key.len; | |
4390 | |
4391 size = (sizeof(ngx_http_script_copy_code_t) | |
4392 + src[i].key.len + sizeof(uintptr_t) - 1) | |
4393 & ~(sizeof(uintptr_t) - 1); | |
4394 | |
4395 copy = ngx_array_push_n(headers->values, size); | |
4396 if (copy == NULL) { | |
4397 return NGX_ERROR; | |
4398 } | |
4399 | |
4400 copy->code = ngx_http_script_copy_code; | |
4401 copy->len = src[i].key.len; | |
4402 | |
4403 p = (u_char *) copy + sizeof(ngx_http_script_copy_code_t); | |
4404 ngx_memcpy(p, src[i].key.data, src[i].key.len); | |
4405 | |
4406 ngx_memzero(&sc, sizeof(ngx_http_script_compile_t)); | |
4407 | |
4408 sc.cf = cf; | |
4409 sc.source = &src[i].value; | |
4410 sc.flushes = &headers->flushes; | |
4411 sc.lengths = &headers->lengths; | |
4412 sc.values = &headers->values; | |
4413 | |
4414 if (ngx_http_script_compile(&sc) != NGX_OK) { | |
4415 return NGX_ERROR; | |
4416 } | |
4417 | |
4418 code = ngx_array_push_n(headers->lengths, sizeof(uintptr_t)); | |
4419 if (code == NULL) { | |
4420 return NGX_ERROR; | |
4421 } | |
4422 | |
4423 *code = (uintptr_t) NULL; | |
4424 | |
4425 code = ngx_array_push_n(headers->values, sizeof(uintptr_t)); | |
4426 if (code == NULL) { | |
4427 return NGX_ERROR; | |
4428 } | |
4429 | |
4430 *code = (uintptr_t) NULL; | |
4431 } | |
4432 | |
4433 code = ngx_array_push_n(headers->lengths, sizeof(uintptr_t)); | |
4434 if (code == NULL) { | |
4435 return NGX_ERROR; | |
4436 } | |
4437 | |
4438 *code = (uintptr_t) NULL; | |
4439 | |
4440 | |
4441 hash.hash = &headers->hash; | |
4442 hash.key = ngx_hash_key_lc; | |
4443 hash.max_size = 512; | |
4444 hash.bucket_size = 64; | |
4445 hash.name = "grpc_headers_hash"; | |
4446 hash.pool = cf->pool; | |
4447 hash.temp_pool = NULL; | |
4448 | |
4449 return ngx_hash_init(&hash, headers_names.elts, headers_names.nelts); | |
4450 } | |
4451 | |
4452 | |
4453 static char * | |
4454 ngx_http_grpc_pass(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
4455 { | |
4456 ngx_http_grpc_loc_conf_t *glcf = conf; | |
4457 | |
4458 size_t add; | |
4459 ngx_str_t *value, *url; | |
4460 ngx_url_t u; | |
4461 ngx_http_core_loc_conf_t *clcf; | |
4462 | |
4463 if (glcf->upstream.upstream) { | |
4464 return "is duplicate"; | |
4465 } | |
4466 | |
4467 value = cf->args->elts; | |
4468 url = &value[1]; | |
4469 | |
4470 if (ngx_strncasecmp(url->data, (u_char *) "grpc://", 7) == 0) { | |
4471 add = 7; | |
4472 | |
4473 } else if (ngx_strncasecmp(url->data, (u_char *) "grpcs://", 8) == 0) { | |
4474 | |
4475 #if (NGX_HTTP_SSL) | |
4476 glcf->ssl = 1; | |
4477 | |
4478 add = 8; | |
4479 #else | |
4480 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, | |
4481 "grpcs protocol requires SSL support"); | |
4482 return NGX_CONF_ERROR; | |
4483 #endif | |
4484 | |
4485 } else { | |
4486 add = 0; | |
4487 } | |
4488 | |
4489 ngx_memzero(&u, sizeof(ngx_url_t)); | |
4490 | |
4491 u.url.len = url->len - add; | |
4492 u.url.data = url->data + add; | |
4493 u.no_resolve = 1; | |
4494 | |
4495 glcf->upstream.upstream = ngx_http_upstream_add(cf, &u, 0); | |
4496 if (glcf->upstream.upstream == NULL) { | |
4497 return NGX_CONF_ERROR; | |
4498 } | |
4499 | |
4500 if (u.family != AF_UNIX) { | |
4501 | |
4502 if (u.no_port) { | |
4503 glcf->host = u.host; | |
4504 | |
4505 } else { | |
4506 glcf->host.len = u.host.len + 1 + u.port_text.len; | |
4507 glcf->host.data = u.host.data; | |
4508 } | |
4509 | |
4510 } else { | |
4511 ngx_str_set(&glcf->host, "localhost"); | |
4512 } | |
4513 | |
4514 clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module); | |
4515 | |
4516 clcf->handler = ngx_http_grpc_handler; | |
4517 | |
4518 if (clcf->name.data[clcf->name.len - 1] == '/') { | |
4519 clcf->auto_redirect = 1; | |
4520 } | |
4521 | |
4522 return NGX_CONF_OK; | |
4523 } | |
4524 | |
4525 | |
4526 #if (NGX_HTTP_SSL) | |
4527 | |
4528 static char * | |
4529 ngx_http_grpc_ssl_password_file(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
4530 { | |
4531 ngx_http_grpc_loc_conf_t *glcf = conf; | |
4532 | |
4533 ngx_str_t *value; | |
4534 | |
4535 if (glcf->ssl_passwords != NGX_CONF_UNSET_PTR) { | |
4536 return "is duplicate"; | |
4537 } | |
4538 | |
4539 value = cf->args->elts; | |
4540 | |
4541 glcf->ssl_passwords = ngx_ssl_read_password_file(cf, &value[1]); | |
4542 | |
4543 if (glcf->ssl_passwords == NULL) { | |
4544 return NGX_CONF_ERROR; | |
4545 } | |
4546 | |
4547 return NGX_CONF_OK; | |
4548 } | |
4549 | |
4550 | |
4551 static ngx_int_t | |
4552 ngx_http_grpc_set_ssl(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *glcf) | |
4553 { | |
4554 ngx_pool_cleanup_t *cln; | |
4555 | |
4556 glcf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); | |
4557 if (glcf->upstream.ssl == NULL) { | |
4558 return NGX_ERROR; | |
4559 } | |
4560 | |
4561 glcf->upstream.ssl->log = cf->log; | |
4562 | |
4563 if (ngx_ssl_create(glcf->upstream.ssl, glcf->ssl_protocols, NULL) | |
4564 != NGX_OK) | |
4565 { | |
4566 return NGX_ERROR; | |
4567 } | |
4568 | |
4569 cln = ngx_pool_cleanup_add(cf->pool, 0); | |
4570 if (cln == NULL) { | |
4571 return NGX_ERROR; | |
4572 } | |
4573 | |
4574 cln->handler = ngx_ssl_cleanup_ctx; | |
4575 cln->data = glcf->upstream.ssl; | |
4576 | |
4577 if (glcf->ssl_certificate.len) { | |
4578 | |
4579 if (glcf->ssl_certificate_key.len == 0) { | |
4580 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | |
4581 "no \"grpc_ssl_certificate_key\" is defined " | |
4582 "for certificate \"%V\"", &glcf->ssl_certificate); | |
4583 return NGX_ERROR; | |
4584 } | |
4585 | |
4586 if (ngx_ssl_certificate(cf, glcf->upstream.ssl, &glcf->ssl_certificate, | |
4587 &glcf->ssl_certificate_key, glcf->ssl_passwords) | |
4588 != NGX_OK) | |
4589 { | |
4590 return NGX_ERROR; | |
4591 } | |
4592 } | |
4593 | |
4594 if (ngx_ssl_ciphers(cf, glcf->upstream.ssl, &glcf->ssl_ciphers, 0) | |
4595 != NGX_OK) | |
4596 { | |
4597 return NGX_ERROR; | |
4598 } | |
4599 | |
4600 if (glcf->upstream.ssl_verify) { | |
4601 if (glcf->ssl_trusted_certificate.len == 0) { | |
4602 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | |
4603 "no grpc_ssl_trusted_certificate for grpc_ssl_verify"); | |
4604 return NGX_ERROR; | |
4605 } | |
4606 | |
4607 if (ngx_ssl_trusted_certificate(cf, glcf->upstream.ssl, | |
4608 &glcf->ssl_trusted_certificate, | |
4609 glcf->ssl_verify_depth) | |
4610 != NGX_OK) | |
4611 { | |
4612 return NGX_ERROR; | |
4613 } | |
4614 | |
4615 if (ngx_ssl_crl(cf, glcf->upstream.ssl, &glcf->ssl_crl) != NGX_OK) { | |
4616 return NGX_ERROR; | |
4617 } | |
4618 } | |
4619 | |
4620 #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation | |
4621 | |
4622 if (SSL_CTX_set_alpn_protos(glcf->upstream.ssl->ctx, | |
4623 (u_char *) "\x02h2", 3) | |
4624 != 0) | |
4625 { | |
4626 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, | |
4627 "SSL_CTX_set_alpn_protos() failed"); | |
4628 return NGX_ERROR; | |
4629 } | |
4630 | |
4631 #endif | |
4632 | |
4633 return NGX_OK; | |
4634 } | |
4635 | |
4636 #endif |