Mercurial > hg > nginx
annotate src/stream/ngx_stream_proxy_module.c @ 6694:ea9dfe2f62e7
Stream: preread phase.
In this phase, head of a stream is read and analysed before proceeding to the
content phase. Amount of data read is controlled by the module implementing
the phase, but not more than defined by the "preread_buffer_size" directive.
The time spent on processing preread is controlled by the "preread_timeout"
directive.
The typical preread phase module will parse the beginning of a stream and set
variable that may be used by the content phase, for example to make routing
decision.
| author | Vladimir Homutov <vl@nginx.com> |
|---|---|
| date | Thu, 15 Sep 2016 14:56:02 +0300 |
| parents | 56fc55e32f23 |
| children | edcd9303a4d3 |
| rev | line source |
|---|---|
| 6115 | 1 |
| 2 /* | |
| 3 * Copyright (C) Roman Arutyunyan | |
| 4 * Copyright (C) Nginx, Inc. | |
| 5 */ | |
| 6 | |
| 7 | |
| 8 #include <ngx_config.h> | |
| 9 #include <ngx_core.h> | |
| 10 #include <ngx_stream.h> | |
| 11 | |
| 12 | |
| 13 typedef struct { | |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
14 ngx_addr_t *addr; |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
15 ngx_stream_complex_value_t *value; |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
16 #if (NGX_HAVE_TRANSPARENT_PROXY) |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
17 ngx_uint_t transparent; /* unsigned transparent:1; */ |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
18 #endif |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
19 } ngx_stream_upstream_local_t; |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
20 |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
21 |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
22 typedef struct { |
| 6115 | 23 ngx_msec_t connect_timeout; |
| 24 ngx_msec_t timeout; | |
| 25 ngx_msec_t next_upstream_timeout; | |
|
6215
8ee6a08ea3eb
Stream: added proxy_buffer_size to set the size of data buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
6208
diff
changeset
|
26 size_t buffer_size; |
|
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
27 size_t upload_rate; |
|
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
28 size_t download_rate; |
| 6436 | 29 ngx_uint_t responses; |
| 6115 | 30 ngx_uint_t next_upstream_tries; |
| 31 ngx_flag_t next_upstream; | |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
32 ngx_flag_t proxy_protocol; |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
33 ngx_stream_upstream_local_t *local; |
| 6115 | 34 |
| 35 #if (NGX_STREAM_SSL) | |
| 36 ngx_flag_t ssl_enable; | |
| 37 ngx_flag_t ssl_session_reuse; | |
| 38 ngx_uint_t ssl_protocols; | |
| 39 ngx_str_t ssl_ciphers; | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
40 ngx_stream_complex_value_t *ssl_name; |
| 6115 | 41 ngx_flag_t ssl_server_name; |
| 42 | |
| 43 ngx_flag_t ssl_verify; | |
| 44 ngx_uint_t ssl_verify_depth; | |
| 45 ngx_str_t ssl_trusted_certificate; | |
| 46 ngx_str_t ssl_crl; | |
| 47 ngx_str_t ssl_certificate; | |
| 48 ngx_str_t ssl_certificate_key; | |
| 49 ngx_array_t *ssl_passwords; | |
| 50 | |
| 51 ngx_ssl_t *ssl; | |
| 52 #endif | |
| 53 | |
| 54 ngx_stream_upstream_srv_conf_t *upstream; | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
55 ngx_stream_complex_value_t *upstream_value; |
| 6115 | 56 } ngx_stream_proxy_srv_conf_t; |
| 57 | |
| 58 | |
| 59 static void ngx_stream_proxy_handler(ngx_stream_session_t *s); | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
60 static ngx_int_t ngx_stream_proxy_eval(ngx_stream_session_t *s, |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
61 ngx_stream_proxy_srv_conf_t *pscf); |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
62 static ngx_int_t ngx_stream_proxy_set_local(ngx_stream_session_t *s, |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
63 ngx_stream_upstream_t *u, ngx_stream_upstream_local_t *local); |
| 6115 | 64 static void ngx_stream_proxy_connect(ngx_stream_session_t *s); |
| 65 static void ngx_stream_proxy_init_upstream(ngx_stream_session_t *s); | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
66 static void ngx_stream_proxy_resolve_handler(ngx_resolver_ctx_t *ctx); |
| 6115 | 67 static void ngx_stream_proxy_upstream_handler(ngx_event_t *ev); |
| 68 static void ngx_stream_proxy_downstream_handler(ngx_event_t *ev); | |
|
6200
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
69 static void ngx_stream_proxy_process_connection(ngx_event_t *ev, |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
70 ngx_uint_t from_upstream); |
| 6115 | 71 static void ngx_stream_proxy_connect_handler(ngx_event_t *ev); |
| 72 static ngx_int_t ngx_stream_proxy_test_connect(ngx_connection_t *c); | |
|
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
73 static void ngx_stream_proxy_process(ngx_stream_session_t *s, |
| 6115 | 74 ngx_uint_t from_upstream, ngx_uint_t do_write); |
| 75 static void ngx_stream_proxy_next_upstream(ngx_stream_session_t *s); | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
76 static void ngx_stream_proxy_finalize(ngx_stream_session_t *s, ngx_uint_t rc); |
| 6115 | 77 static u_char *ngx_stream_proxy_log_error(ngx_log_t *log, u_char *buf, |
| 78 size_t len); | |
| 79 | |
| 80 static void *ngx_stream_proxy_create_srv_conf(ngx_conf_t *cf); | |
| 81 static char *ngx_stream_proxy_merge_srv_conf(ngx_conf_t *cf, void *parent, | |
| 82 void *child); | |
| 83 static char *ngx_stream_proxy_pass(ngx_conf_t *cf, ngx_command_t *cmd, | |
| 84 void *conf); | |
|
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
85 static char *ngx_stream_proxy_bind(ngx_conf_t *cf, ngx_command_t *cmd, |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
86 void *conf); |
| 6115 | 87 |
| 88 #if (NGX_STREAM_SSL) | |
| 89 | |
| 6692 | 90 static ngx_int_t ngx_stream_proxy_send_proxy_protocol(ngx_stream_session_t *s); |
| 6115 | 91 static char *ngx_stream_proxy_ssl_password_file(ngx_conf_t *cf, |
| 92 ngx_command_t *cmd, void *conf); | |
| 93 static void ngx_stream_proxy_ssl_init_connection(ngx_stream_session_t *s); | |
| 94 static void ngx_stream_proxy_ssl_handshake(ngx_connection_t *pc); | |
| 95 static ngx_int_t ngx_stream_proxy_ssl_name(ngx_stream_session_t *s); | |
| 96 static ngx_int_t ngx_stream_proxy_set_ssl(ngx_conf_t *cf, | |
| 97 ngx_stream_proxy_srv_conf_t *pscf); | |
| 98 | |
| 99 | |
| 100 static ngx_conf_bitmask_t ngx_stream_proxy_ssl_protocols[] = { | |
| 101 { ngx_string("SSLv2"), NGX_SSL_SSLv2 }, | |
| 102 { ngx_string("SSLv3"), NGX_SSL_SSLv3 }, | |
| 103 { ngx_string("TLSv1"), NGX_SSL_TLSv1 }, | |
| 104 { ngx_string("TLSv1.1"), NGX_SSL_TLSv1_1 }, | |
| 105 { ngx_string("TLSv1.2"), NGX_SSL_TLSv1_2 }, | |
| 106 { ngx_null_string, 0 } | |
| 107 }; | |
| 108 | |
| 109 #endif | |
| 110 | |
| 111 | |
|
6217
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
112 static ngx_conf_deprecated_t ngx_conf_deprecated_proxy_downstream_buffer = { |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
113 ngx_conf_deprecated, "proxy_downstream_buffer", "proxy_buffer_size" |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
114 }; |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
115 |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
116 static ngx_conf_deprecated_t ngx_conf_deprecated_proxy_upstream_buffer = { |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
117 ngx_conf_deprecated, "proxy_upstream_buffer", "proxy_buffer_size" |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
118 }; |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
119 |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
120 |
| 6115 | 121 static ngx_command_t ngx_stream_proxy_commands[] = { |
| 122 | |
| 123 { ngx_string("proxy_pass"), | |
| 124 NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 125 ngx_stream_proxy_pass, | |
| 126 NGX_STREAM_SRV_CONF_OFFSET, | |
| 127 0, | |
| 128 NULL }, | |
| 129 | |
|
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
130 { ngx_string("proxy_bind"), |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
131 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE12, |
|
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
132 ngx_stream_proxy_bind, |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
133 NGX_STREAM_SRV_CONF_OFFSET, |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
134 0, |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
135 NULL }, |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
136 |
| 6115 | 137 { ngx_string("proxy_connect_timeout"), |
| 138 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 139 ngx_conf_set_msec_slot, | |
| 140 NGX_STREAM_SRV_CONF_OFFSET, | |
| 141 offsetof(ngx_stream_proxy_srv_conf_t, connect_timeout), | |
| 142 NULL }, | |
| 143 | |
| 144 { ngx_string("proxy_timeout"), | |
| 145 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 146 ngx_conf_set_msec_slot, | |
| 147 NGX_STREAM_SRV_CONF_OFFSET, | |
| 148 offsetof(ngx_stream_proxy_srv_conf_t, timeout), | |
| 149 NULL }, | |
| 150 | |
|
6215
8ee6a08ea3eb
Stream: added proxy_buffer_size to set the size of data buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
6208
diff
changeset
|
151 { ngx_string("proxy_buffer_size"), |
| 6115 | 152 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
| 153 ngx_conf_set_size_slot, | |
| 154 NGX_STREAM_SRV_CONF_OFFSET, | |
|
6215
8ee6a08ea3eb
Stream: added proxy_buffer_size to set the size of data buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
6208
diff
changeset
|
155 offsetof(ngx_stream_proxy_srv_conf_t, buffer_size), |
| 6115 | 156 NULL }, |
| 157 | |
|
6217
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
158 { ngx_string("proxy_downstream_buffer"), |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
159 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
160 ngx_conf_set_size_slot, |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
161 NGX_STREAM_SRV_CONF_OFFSET, |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
162 offsetof(ngx_stream_proxy_srv_conf_t, buffer_size), |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
163 &ngx_conf_deprecated_proxy_downstream_buffer }, |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
164 |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
165 { ngx_string("proxy_upstream_buffer"), |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
166 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
167 ngx_conf_set_size_slot, |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
168 NGX_STREAM_SRV_CONF_OFFSET, |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
169 offsetof(ngx_stream_proxy_srv_conf_t, buffer_size), |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
170 &ngx_conf_deprecated_proxy_upstream_buffer }, |
|
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
171 |
|
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
172 { ngx_string("proxy_upload_rate"), |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
173 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
174 ngx_conf_set_size_slot, |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
175 NGX_STREAM_SRV_CONF_OFFSET, |
|
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
176 offsetof(ngx_stream_proxy_srv_conf_t, upload_rate), |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
177 NULL }, |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
178 |
|
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
179 { ngx_string("proxy_download_rate"), |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
180 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
181 ngx_conf_set_size_slot, |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
182 NGX_STREAM_SRV_CONF_OFFSET, |
|
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
183 offsetof(ngx_stream_proxy_srv_conf_t, download_rate), |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
184 NULL }, |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
185 |
| 6436 | 186 { ngx_string("proxy_responses"), |
| 187 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 188 ngx_conf_set_num_slot, | |
| 189 NGX_STREAM_SRV_CONF_OFFSET, | |
| 190 offsetof(ngx_stream_proxy_srv_conf_t, responses), | |
| 191 NULL }, | |
| 192 | |
| 6115 | 193 { ngx_string("proxy_next_upstream"), |
| 194 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, | |
| 195 ngx_conf_set_flag_slot, | |
| 196 NGX_STREAM_SRV_CONF_OFFSET, | |
| 197 offsetof(ngx_stream_proxy_srv_conf_t, next_upstream), | |
| 198 NULL }, | |
| 199 | |
| 200 { ngx_string("proxy_next_upstream_tries"), | |
| 201 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 202 ngx_conf_set_num_slot, | |
| 203 NGX_STREAM_SRV_CONF_OFFSET, | |
| 204 offsetof(ngx_stream_proxy_srv_conf_t, next_upstream_tries), | |
| 205 NULL }, | |
| 206 | |
| 207 { ngx_string("proxy_next_upstream_timeout"), | |
| 208 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 209 ngx_conf_set_msec_slot, | |
| 210 NGX_STREAM_SRV_CONF_OFFSET, | |
| 211 offsetof(ngx_stream_proxy_srv_conf_t, next_upstream_timeout), | |
| 212 NULL }, | |
| 213 | |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
214 { ngx_string("proxy_protocol"), |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
215 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
216 ngx_conf_set_flag_slot, |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
217 NGX_STREAM_SRV_CONF_OFFSET, |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
218 offsetof(ngx_stream_proxy_srv_conf_t, proxy_protocol), |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
219 NULL }, |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
220 |
| 6115 | 221 #if (NGX_STREAM_SSL) |
| 222 | |
| 223 { ngx_string("proxy_ssl"), | |
| 224 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, | |
| 225 ngx_conf_set_flag_slot, | |
| 226 NGX_STREAM_SRV_CONF_OFFSET, | |
| 227 offsetof(ngx_stream_proxy_srv_conf_t, ssl_enable), | |
| 228 NULL }, | |
| 229 | |
| 230 { ngx_string("proxy_ssl_session_reuse"), | |
| 231 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, | |
| 232 ngx_conf_set_flag_slot, | |
| 233 NGX_STREAM_SRV_CONF_OFFSET, | |
| 234 offsetof(ngx_stream_proxy_srv_conf_t, ssl_session_reuse), | |
| 235 NULL }, | |
| 236 | |
| 237 { ngx_string("proxy_ssl_protocols"), | |
| 238 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_1MORE, | |
| 239 ngx_conf_set_bitmask_slot, | |
| 240 NGX_STREAM_SRV_CONF_OFFSET, | |
| 241 offsetof(ngx_stream_proxy_srv_conf_t, ssl_protocols), | |
| 242 &ngx_stream_proxy_ssl_protocols }, | |
| 243 | |
| 244 { ngx_string("proxy_ssl_ciphers"), | |
| 245 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 246 ngx_conf_set_str_slot, | |
| 247 NGX_STREAM_SRV_CONF_OFFSET, | |
| 248 offsetof(ngx_stream_proxy_srv_conf_t, ssl_ciphers), | |
| 249 NULL }, | |
| 250 | |
| 251 { ngx_string("proxy_ssl_name"), | |
| 252 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
253 ngx_stream_set_complex_value_slot, |
| 6115 | 254 NGX_STREAM_SRV_CONF_OFFSET, |
| 255 offsetof(ngx_stream_proxy_srv_conf_t, ssl_name), | |
| 256 NULL }, | |
| 257 | |
| 258 { ngx_string("proxy_ssl_server_name"), | |
| 259 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, | |
| 260 ngx_conf_set_flag_slot, | |
| 261 NGX_STREAM_SRV_CONF_OFFSET, | |
| 262 offsetof(ngx_stream_proxy_srv_conf_t, ssl_server_name), | |
| 263 NULL }, | |
| 264 | |
| 265 { ngx_string("proxy_ssl_verify"), | |
| 266 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, | |
| 267 ngx_conf_set_flag_slot, | |
| 268 NGX_STREAM_SRV_CONF_OFFSET, | |
| 269 offsetof(ngx_stream_proxy_srv_conf_t, ssl_verify), | |
| 270 NULL }, | |
| 271 | |
| 272 { ngx_string("proxy_ssl_verify_depth"), | |
| 273 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 274 ngx_conf_set_num_slot, | |
| 275 NGX_STREAM_SRV_CONF_OFFSET, | |
| 276 offsetof(ngx_stream_proxy_srv_conf_t, ssl_verify_depth), | |
| 277 NULL }, | |
| 278 | |
| 279 { ngx_string("proxy_ssl_trusted_certificate"), | |
| 280 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 281 ngx_conf_set_str_slot, | |
| 282 NGX_STREAM_SRV_CONF_OFFSET, | |
| 283 offsetof(ngx_stream_proxy_srv_conf_t, ssl_trusted_certificate), | |
| 284 NULL }, | |
| 285 | |
| 286 { ngx_string("proxy_ssl_crl"), | |
| 287 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 288 ngx_conf_set_str_slot, | |
| 289 NGX_STREAM_SRV_CONF_OFFSET, | |
| 290 offsetof(ngx_stream_proxy_srv_conf_t, ssl_crl), | |
| 291 NULL }, | |
| 292 | |
| 293 { ngx_string("proxy_ssl_certificate"), | |
| 294 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 295 ngx_conf_set_str_slot, | |
| 296 NGX_STREAM_SRV_CONF_OFFSET, | |
| 297 offsetof(ngx_stream_proxy_srv_conf_t, ssl_certificate), | |
| 298 NULL }, | |
| 299 | |
| 300 { ngx_string("proxy_ssl_certificate_key"), | |
| 301 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 302 ngx_conf_set_str_slot, | |
| 303 NGX_STREAM_SRV_CONF_OFFSET, | |
| 304 offsetof(ngx_stream_proxy_srv_conf_t, ssl_certificate_key), | |
| 305 NULL }, | |
| 306 | |
| 307 { ngx_string("proxy_ssl_password_file"), | |
| 308 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
| 309 ngx_stream_proxy_ssl_password_file, | |
| 310 NGX_STREAM_SRV_CONF_OFFSET, | |
| 311 0, | |
| 312 NULL }, | |
| 313 | |
| 314 #endif | |
| 315 | |
| 316 ngx_null_command | |
| 317 }; | |
| 318 | |
| 319 | |
| 320 static ngx_stream_module_t ngx_stream_proxy_module_ctx = { | |
|
6606
2f41d383c9c7
Stream: added preconfiguration step.
Vladimir Homutov <vl@nginx.com>
parents:
6599
diff
changeset
|
321 NULL, /* preconfiguration */ |
|
6174
68c106e6fa0a
Stream: added postconfiguration method to stream modules.
Vladimir Homutov <vl@nginx.com>
parents:
6157
diff
changeset
|
322 NULL, /* postconfiguration */ |
|
68c106e6fa0a
Stream: added postconfiguration method to stream modules.
Vladimir Homutov <vl@nginx.com>
parents:
6157
diff
changeset
|
323 |
| 6115 | 324 NULL, /* create main configuration */ |
| 325 NULL, /* init main configuration */ | |
| 326 | |
| 327 ngx_stream_proxy_create_srv_conf, /* create server configuration */ | |
| 328 ngx_stream_proxy_merge_srv_conf /* merge server configuration */ | |
| 329 }; | |
| 330 | |
| 331 | |
| 332 ngx_module_t ngx_stream_proxy_module = { | |
| 333 NGX_MODULE_V1, | |
| 334 &ngx_stream_proxy_module_ctx, /* module context */ | |
| 335 ngx_stream_proxy_commands, /* module directives */ | |
| 336 NGX_STREAM_MODULE, /* module type */ | |
| 337 NULL, /* init master */ | |
| 338 NULL, /* init module */ | |
| 339 NULL, /* init process */ | |
| 340 NULL, /* init thread */ | |
| 341 NULL, /* exit thread */ | |
| 342 NULL, /* exit process */ | |
| 343 NULL, /* exit master */ | |
| 344 NGX_MODULE_V1_PADDING | |
| 345 }; | |
| 346 | |
| 347 | |
| 348 static void | |
| 349 ngx_stream_proxy_handler(ngx_stream_session_t *s) | |
| 350 { | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
351 u_char *p; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
352 ngx_str_t *host; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
353 ngx_uint_t i; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
354 ngx_connection_t *c; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
355 ngx_resolver_ctx_t *ctx, temp; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
356 ngx_stream_upstream_t *u; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
357 ngx_stream_core_srv_conf_t *cscf; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
358 ngx_stream_proxy_srv_conf_t *pscf; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
359 ngx_stream_upstream_srv_conf_t *uscf, **uscfp; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
360 ngx_stream_upstream_main_conf_t *umcf; |
| 6115 | 361 |
| 362 c = s->connection; | |
| 363 | |
| 364 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
| 365 | |
| 366 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, | |
| 367 "proxy connection handler"); | |
| 368 | |
| 369 u = ngx_pcalloc(c->pool, sizeof(ngx_stream_upstream_t)); | |
| 370 if (u == NULL) { | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
371 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
| 6115 | 372 return; |
| 373 } | |
| 374 | |
| 375 s->upstream = u; | |
| 376 | |
| 377 s->log_handler = ngx_stream_proxy_log_error; | |
| 378 | |
| 379 u->peer.log = c->log; | |
| 380 u->peer.log_error = NGX_ERROR_ERR; | |
| 381 | |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
382 if (ngx_stream_proxy_set_local(s, u, pscf->local) != NGX_OK) { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
383 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
384 return; |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
385 } |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
386 |
| 6436 | 387 u->peer.type = c->type; |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
388 u->start_sec = ngx_time(); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
389 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
390 c->write->handler = ngx_stream_proxy_downstream_handler; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
391 c->read->handler = ngx_stream_proxy_downstream_handler; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
392 |
|
6675
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
393 s->upstream_states = ngx_array_create(c->pool, 1, |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
394 sizeof(ngx_stream_upstream_state_t)); |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
395 if (s->upstream_states == NULL) { |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
396 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
397 return; |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
398 } |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
399 |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
400 if (c->type == SOCK_STREAM) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
401 p = ngx_pnalloc(c->pool, pscf->buffer_size); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
402 if (p == NULL) { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
403 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
404 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
405 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
406 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
407 u->downstream_buf.start = p; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
408 u->downstream_buf.end = p + pscf->buffer_size; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
409 u->downstream_buf.pos = p; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
410 u->downstream_buf.last = p; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
411 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
412 if (c->read->ready) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
413 ngx_post_event(c->read, &ngx_posted_events); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
414 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
415 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
416 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
417 if (pscf->upstream_value) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
418 if (ngx_stream_proxy_eval(s, pscf) != NGX_OK) { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
419 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
420 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
421 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
422 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
423 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
424 if (u->resolved == NULL) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
425 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
426 uscf = pscf->upstream; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
427 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
428 } else { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
429 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
430 #if (NGX_STREAM_SSL) |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
431 u->ssl_name = u->resolved->host; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
432 #endif |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
433 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
434 host = &u->resolved->host; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
435 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
436 if (u->resolved->sockaddr) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
437 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
438 if (u->resolved->port == 0 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
439 && u->resolved->sockaddr->sa_family != AF_UNIX) |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
440 { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
441 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
442 "no port in upstream \"%V\"", host); |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
443 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
444 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
445 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
446 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
447 if (ngx_stream_upstream_create_round_robin_peer(s, u->resolved) |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
448 != NGX_OK) |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
449 { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
450 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
451 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
452 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
453 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
454 ngx_stream_proxy_connect(s); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
455 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
456 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
457 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
458 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
459 umcf = ngx_stream_get_module_main_conf(s, ngx_stream_upstream_module); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
460 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
461 uscfp = umcf->upstreams.elts; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
462 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
463 for (i = 0; i < umcf->upstreams.nelts; i++) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
464 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
465 uscf = uscfp[i]; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
466 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
467 if (uscf->host.len == host->len |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
468 && ((uscf->port == 0 && u->resolved->no_port) |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
469 || uscf->port == u->resolved->port) |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
470 && ngx_strncasecmp(uscf->host.data, host->data, host->len) == 0) |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
471 { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
472 goto found; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
473 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
474 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
475 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
476 if (u->resolved->port == 0) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
477 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
478 "no port in upstream \"%V\"", host); |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
479 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
480 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
481 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
482 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
483 temp.name = *host; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
484 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
485 cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
486 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
487 ctx = ngx_resolve_start(cscf->resolver, &temp); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
488 if (ctx == NULL) { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
489 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
490 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
491 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
492 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
493 if (ctx == NGX_NO_RESOLVER) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
494 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
495 "no resolver defined to resolve %V", host); |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
496 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
497 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
498 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
499 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
500 ctx->name = *host; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
501 ctx->handler = ngx_stream_proxy_resolve_handler; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
502 ctx->data = s; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
503 ctx->timeout = cscf->resolver_timeout; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
504 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
505 u->resolved->ctx = ctx; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
506 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
507 if (ngx_resolve_name(ctx) != NGX_OK) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
508 u->resolved->ctx = NULL; |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
509 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
510 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
511 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
512 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
513 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
514 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
515 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
516 found: |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
517 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
518 if (uscf == NULL) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
519 ngx_log_error(NGX_LOG_ALERT, c->log, 0, "no upstream configuration"); |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
520 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
521 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
522 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
523 |
|
6648
d43ee392e825
Stream: fixed build without stream_ssl_module (ticket #1032).
Vladimir Homutov <vl@nginx.com>
parents:
6643
diff
changeset
|
524 #if (NGX_STREAM_SSL) |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
525 u->ssl_name = uscf->host; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
526 #endif |
| 6115 | 527 |
| 528 if (uscf->peer.init(s, uscf) != NGX_OK) { | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
529 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
| 6115 | 530 return; |
| 531 } | |
| 532 | |
| 533 u->peer.start_time = ngx_current_msec; | |
| 534 | |
| 535 if (pscf->next_upstream_tries | |
| 536 && u->peer.tries > pscf->next_upstream_tries) | |
| 537 { | |
| 538 u->peer.tries = pscf->next_upstream_tries; | |
| 539 } | |
| 540 | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
541 ngx_stream_proxy_connect(s); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
542 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
543 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
544 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
545 static ngx_int_t |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
546 ngx_stream_proxy_eval(ngx_stream_session_t *s, |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
547 ngx_stream_proxy_srv_conf_t *pscf) |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
548 { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
549 ngx_str_t host; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
550 ngx_url_t url; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
551 ngx_stream_upstream_t *u; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
552 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
553 if (ngx_stream_complex_value(s, pscf->upstream_value, &host) != NGX_OK) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
554 return NGX_ERROR; |
| 6115 | 555 } |
| 556 | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
557 ngx_memzero(&url, sizeof(ngx_url_t)); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
558 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
559 url.url = host; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
560 url.no_resolve = 1; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
561 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
562 if (ngx_parse_url(s->connection->pool, &url) != NGX_OK) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
563 if (url.err) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
564 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
565 "%s in upstream \"%V\"", url.err, &url.url); |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
566 } |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
567 |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
568 return NGX_ERROR; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
569 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
570 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
571 u = s->upstream; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
572 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
573 u->resolved = ngx_pcalloc(s->connection->pool, |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
574 sizeof(ngx_stream_upstream_resolved_t)); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
575 if (u->resolved == NULL) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
576 return NGX_ERROR; |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
577 } |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
578 |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
579 if (url.addrs && url.addrs[0].sockaddr) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
580 u->resolved->sockaddr = url.addrs[0].sockaddr; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
581 u->resolved->socklen = url.addrs[0].socklen; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
582 u->resolved->naddrs = 1; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
583 u->resolved->host = url.addrs[0].name; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
584 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
585 } else { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
586 u->resolved->host = url.host; |
| 6115 | 587 } |
| 588 | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
589 u->resolved->port = url.port; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
590 u->resolved->no_port = url.no_port; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
591 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
592 return NGX_OK; |
| 6115 | 593 } |
| 594 | |
| 595 | |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
596 static ngx_int_t |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
597 ngx_stream_proxy_set_local(ngx_stream_session_t *s, ngx_stream_upstream_t *u, |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
598 ngx_stream_upstream_local_t *local) |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
599 { |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
600 ngx_int_t rc; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
601 ngx_str_t val; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
602 ngx_addr_t *addr; |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
603 |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
604 if (local == NULL) { |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
605 u->peer.local = NULL; |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
606 return NGX_OK; |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
607 } |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
608 |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
609 #if (NGX_HAVE_TRANSPARENT_PROXY) |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
610 u->peer.transparent = local->transparent; |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
611 #endif |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
612 |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
613 if (local->value == NULL) { |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
614 u->peer.local = local->addr; |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
615 return NGX_OK; |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
616 } |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
617 |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
618 if (ngx_stream_complex_value(s, local->value, &val) != NGX_OK) { |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
619 return NGX_ERROR; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
620 } |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
621 |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
622 if (val.len == 0) { |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
623 return NGX_OK; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
624 } |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
625 |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
626 addr = ngx_palloc(s->connection->pool, sizeof(ngx_addr_t)); |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
627 if (addr == NULL) { |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
628 return NGX_ERROR; |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
629 } |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
630 |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
631 rc = ngx_parse_addr_port(s->connection->pool, addr, val.data, val.len); |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
632 if (rc == NGX_ERROR) { |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
633 return NGX_ERROR; |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
634 } |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
635 |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
636 if (rc != NGX_OK) { |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
637 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
638 "invalid local address \"%V\"", &val); |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
639 return NGX_OK; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
640 } |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
641 |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
642 addr->name = val; |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
643 u->peer.local = addr; |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
644 |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
645 return NGX_OK; |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
646 } |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
647 |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
648 |
| 6115 | 649 static void |
| 650 ngx_stream_proxy_connect(ngx_stream_session_t *s) | |
| 651 { | |
| 652 ngx_int_t rc; | |
| 653 ngx_connection_t *c, *pc; | |
| 654 ngx_stream_upstream_t *u; | |
| 655 ngx_stream_proxy_srv_conf_t *pscf; | |
| 656 | |
| 657 c = s->connection; | |
| 658 | |
| 659 c->log->action = "connecting to upstream"; | |
| 660 | |
| 6692 | 661 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
| 662 | |
| 6115 | 663 u = s->upstream; |
| 664 | |
| 6692 | 665 u->connected = 0; |
| 666 u->proxy_protocol = pscf->proxy_protocol; | |
| 667 | |
|
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
668 if (u->state) { |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
669 u->state->response_time = ngx_current_msec - u->state->response_time; |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
670 } |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
671 |
|
6675
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
672 u->state = ngx_array_push(s->upstream_states); |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
673 if (u->state == NULL) { |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
674 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
675 return; |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
676 } |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
677 |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
678 ngx_memzero(u->state, sizeof(ngx_stream_upstream_state_t)); |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
679 |
|
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
680 u->state->connect_time = (ngx_msec_t) -1; |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
681 u->state->first_byte_time = (ngx_msec_t) -1; |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
682 u->state->response_time = ngx_current_msec; |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
683 |
| 6115 | 684 rc = ngx_event_connect_peer(&u->peer); |
| 685 | |
| 686 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0, "proxy connect: %i", rc); | |
| 687 | |
| 688 if (rc == NGX_ERROR) { | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
689 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
| 6115 | 690 return; |
| 691 } | |
| 692 | |
|
6675
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
693 u->state->peer = u->peer.name; |
|
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
694 |
| 6115 | 695 if (rc == NGX_BUSY) { |
| 696 ngx_log_error(NGX_LOG_ERR, c->log, 0, "no live upstreams"); | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
697 ngx_stream_proxy_finalize(s, NGX_STREAM_BAD_GATEWAY); |
| 6115 | 698 return; |
| 699 } | |
| 700 | |
| 701 if (rc == NGX_DECLINED) { | |
| 702 ngx_stream_proxy_next_upstream(s); | |
| 703 return; | |
| 704 } | |
| 705 | |
| 706 /* rc == NGX_OK || rc == NGX_AGAIN || rc == NGX_DONE */ | |
| 707 | |
| 708 pc = u->peer.connection; | |
| 709 | |
| 710 pc->data = s; | |
| 711 pc->log = c->log; | |
| 712 pc->pool = c->pool; | |
| 713 pc->read->log = c->log; | |
| 714 pc->write->log = c->log; | |
| 715 | |
| 716 if (rc != NGX_AGAIN) { | |
| 717 ngx_stream_proxy_init_upstream(s); | |
| 718 return; | |
| 719 } | |
| 720 | |
| 721 pc->read->handler = ngx_stream_proxy_connect_handler; | |
| 722 pc->write->handler = ngx_stream_proxy_connect_handler; | |
| 723 | |
| 724 ngx_add_timer(pc->write, pscf->connect_timeout); | |
| 725 } | |
| 726 | |
| 727 | |
| 728 static void | |
| 729 ngx_stream_proxy_init_upstream(ngx_stream_session_t *s) | |
| 730 { | |
| 6222 | 731 int tcp_nodelay; |
| 6115 | 732 u_char *p; |
| 6692 | 733 ngx_chain_t *cl; |
| 6115 | 734 ngx_connection_t *c, *pc; |
| 735 ngx_log_handler_pt handler; | |
| 736 ngx_stream_upstream_t *u; | |
|
6221
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
737 ngx_stream_core_srv_conf_t *cscf; |
| 6115 | 738 ngx_stream_proxy_srv_conf_t *pscf; |
| 739 | |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
740 u = s->upstream; |
|
6221
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
741 pc = u->peer.connection; |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
742 |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
743 cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
744 |
| 6436 | 745 if (pc->type == SOCK_STREAM |
| 746 && cscf->tcp_nodelay | |
| 747 && pc->tcp_nodelay == NGX_TCP_NODELAY_UNSET) | |
| 748 { | |
|
6221
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
749 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, pc->log, 0, "tcp_nodelay"); |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
750 |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
751 tcp_nodelay = 1; |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
752 |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
753 if (setsockopt(pc->fd, IPPROTO_TCP, TCP_NODELAY, |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
754 (const void *) &tcp_nodelay, sizeof(int)) == -1) |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
755 { |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
756 ngx_connection_error(pc, ngx_socket_errno, |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
757 "setsockopt(TCP_NODELAY) failed"); |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
758 ngx_stream_proxy_next_upstream(s); |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
759 return; |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
760 } |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
761 |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
762 pc->tcp_nodelay = NGX_TCP_NODELAY_SET; |
|
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
763 } |
| 6115 | 764 |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
765 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
| 6115 | 766 |
| 767 #if (NGX_STREAM_SSL) | |
| 6692 | 768 |
| 769 if (pc->type == SOCK_STREAM && pscf->ssl) { | |
| 770 | |
| 771 if (u->proxy_protocol) { | |
| 772 if (ngx_stream_proxy_send_proxy_protocol(s) != NGX_OK) { | |
| 773 return; | |
| 774 } | |
| 775 | |
| 776 u->proxy_protocol = 0; | |
| 777 } | |
| 778 | |
| 779 if (pc->ssl == NULL) { | |
| 780 ngx_stream_proxy_ssl_init_connection(s); | |
| 781 return; | |
| 782 } | |
| 6115 | 783 } |
| 6692 | 784 |
| 6115 | 785 #endif |
| 786 | |
| 787 c = s->connection; | |
| 788 | |
| 789 if (c->log->log_level >= NGX_LOG_INFO) { | |
|
6230
2a621245f4cf
Win32: MSVC 2015 compatibility.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6222
diff
changeset
|
790 ngx_str_t str; |
| 6115 | 791 u_char addr[NGX_SOCKADDR_STRLEN]; |
| 792 | |
|
6230
2a621245f4cf
Win32: MSVC 2015 compatibility.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6222
diff
changeset
|
793 str.len = NGX_SOCKADDR_STRLEN; |
|
2a621245f4cf
Win32: MSVC 2015 compatibility.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6222
diff
changeset
|
794 str.data = addr; |
| 6115 | 795 |
|
6230
2a621245f4cf
Win32: MSVC 2015 compatibility.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6222
diff
changeset
|
796 if (ngx_connection_local_sockaddr(pc, &str, 1) == NGX_OK) { |
| 6115 | 797 handler = c->log->handler; |
| 798 c->log->handler = NULL; | |
| 799 | |
|
6461
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
800 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
|
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
801 "%sproxy %V connected to %V", |
|
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
802 pc->type == SOCK_DGRAM ? "udp " : "", |
|
6230
2a621245f4cf
Win32: MSVC 2015 compatibility.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6222
diff
changeset
|
803 &str, u->peer.name); |
| 6115 | 804 |
| 805 c->log->handler = handler; | |
| 806 } | |
| 807 } | |
| 808 | |
|
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
809 u->state->connect_time = ngx_current_msec - u->state->response_time; |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
810 |
| 6115 | 811 c->log->action = "proxying connection"; |
| 812 | |
| 6436 | 813 if (u->upstream_buf.start == NULL) { |
| 814 p = ngx_pnalloc(c->pool, pscf->buffer_size); | |
| 815 if (p == NULL) { | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
816 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
| 6436 | 817 return; |
| 818 } | |
| 819 | |
| 820 u->upstream_buf.start = p; | |
| 821 u->upstream_buf.end = p + pscf->buffer_size; | |
| 822 u->upstream_buf.pos = p; | |
| 823 u->upstream_buf.last = p; | |
| 6115 | 824 } |
| 825 | |
| 6692 | 826 if (c->buffer && c->buffer->pos < c->buffer->last) { |
| 827 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0, | |
| 828 "stream proxy add preread buffer: %uz", | |
| 829 c->buffer->last - c->buffer->pos); | |
| 830 | |
| 831 cl = ngx_chain_get_free_buf(c->pool, &u->free); | |
| 832 if (cl == NULL) { | |
| 833 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); | |
| 834 return; | |
| 835 } | |
| 836 | |
| 837 *cl->buf = *c->buffer; | |
| 838 | |
| 839 cl->buf->tag = (ngx_buf_tag_t) &ngx_stream_proxy_module; | |
| 840 cl->buf->flush = 1; | |
| 841 cl->buf->last_buf = (c->type == SOCK_DGRAM); | |
| 842 | |
| 843 cl->next = u->upstream_out; | |
| 844 u->upstream_out = cl; | |
| 845 } | |
| 846 | |
| 847 if (u->proxy_protocol) { | |
| 848 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, | |
| 849 "stream proxy add PROXY protocol header"); | |
| 850 | |
| 851 cl = ngx_chain_get_free_buf(c->pool, &u->free); | |
| 852 if (cl == NULL) { | |
| 853 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); | |
| 854 return; | |
| 6436 | 855 } |
| 6692 | 856 |
| 857 p = ngx_pnalloc(c->pool, NGX_PROXY_PROTOCOL_MAX_HEADER); | |
| 858 if (p == NULL) { | |
| 859 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); | |
| 860 return; | |
| 861 } | |
| 862 | |
| 863 cl->buf->pos = p; | |
| 864 | |
| 865 p = ngx_proxy_protocol_write(c, p, p + NGX_PROXY_PROTOCOL_MAX_HEADER); | |
| 866 if (p == NULL) { | |
| 867 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); | |
| 868 return; | |
| 869 } | |
| 870 | |
| 871 cl->buf->last = p; | |
| 872 cl->buf->temporary = 1; | |
| 873 cl->buf->flush = 0; | |
| 874 cl->buf->last_buf = 0; | |
| 875 cl->buf->tag = (ngx_buf_tag_t) &ngx_stream_proxy_module; | |
| 876 | |
| 877 cl->next = u->upstream_out; | |
| 878 u->upstream_out = cl; | |
| 879 | |
| 880 u->proxy_protocol = 0; | |
| 881 } | |
| 882 | |
| 883 if (c->type == SOCK_DGRAM && pscf->responses == 0) { | |
| 884 pc->read->ready = 0; | |
| 885 pc->read->eof = 1; | |
| 6436 | 886 } |
| 6115 | 887 |
|
6202
6345822f0abb
Stream: upstream "connected" flag.
Roman Arutyunyan <arut@nginx.com>
parents:
6201
diff
changeset
|
888 u->connected = 1; |
|
6345822f0abb
Stream: upstream "connected" flag.
Roman Arutyunyan <arut@nginx.com>
parents:
6201
diff
changeset
|
889 |
| 6115 | 890 pc->read->handler = ngx_stream_proxy_upstream_handler; |
| 891 pc->write->handler = ngx_stream_proxy_upstream_handler; | |
| 892 | |
| 6436 | 893 if (pc->read->ready || pc->read->eof) { |
|
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
894 ngx_post_event(pc->read, &ngx_posted_events); |
| 6115 | 895 } |
| 896 | |
| 897 ngx_stream_proxy_process(s, 0, 1); | |
| 898 } | |
| 899 | |
| 900 | |
| 6692 | 901 #if (NGX_STREAM_SSL) |
| 902 | |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
903 static ngx_int_t |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
904 ngx_stream_proxy_send_proxy_protocol(ngx_stream_session_t *s) |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
905 { |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
906 u_char *p; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
907 ssize_t n, size; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
908 ngx_connection_t *c, *pc; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
909 ngx_stream_upstream_t *u; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
910 ngx_stream_proxy_srv_conf_t *pscf; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
911 u_char buf[NGX_PROXY_PROTOCOL_MAX_HEADER]; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
912 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
913 c = s->connection; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
914 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
915 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
916 "stream proxy send PROXY protocol header"); |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
917 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
918 p = ngx_proxy_protocol_write(c, buf, buf + NGX_PROXY_PROTOCOL_MAX_HEADER); |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
919 if (p == NULL) { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
920 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
921 return NGX_ERROR; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
922 } |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
923 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
924 u = s->upstream; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
925 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
926 pc = u->peer.connection; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
927 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
928 size = p - buf; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
929 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
930 n = pc->send(pc, buf, size); |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
931 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
932 if (n == NGX_AGAIN) { |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
933 if (ngx_handle_write_event(pc->write, 0) != NGX_OK) { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
934 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
935 return NGX_ERROR; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
936 } |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
937 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
938 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
939 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
940 ngx_add_timer(pc->write, pscf->timeout); |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
941 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
942 pc->write->handler = ngx_stream_proxy_connect_handler; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
943 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
944 return NGX_AGAIN; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
945 } |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
946 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
947 if (n == NGX_ERROR) { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
948 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
949 return NGX_ERROR; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
950 } |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
951 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
952 if (n != size) { |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
953 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
954 /* |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
955 * PROXY protocol specification: |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
956 * The sender must always ensure that the header |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
957 * is sent at once, so that the transport layer |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
958 * maintains atomicity along the path to the receiver. |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
959 */ |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
960 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
961 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
962 "could not send PROXY protocol header at once"); |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
963 |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
964 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
965 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
966 return NGX_ERROR; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
967 } |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
968 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
969 return NGX_OK; |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
970 } |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
971 |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
972 |
| 6115 | 973 static char * |
| 974 ngx_stream_proxy_ssl_password_file(ngx_conf_t *cf, ngx_command_t *cmd, | |
| 975 void *conf) | |
| 976 { | |
| 977 ngx_stream_proxy_srv_conf_t *pscf = conf; | |
| 978 | |
| 979 ngx_str_t *value; | |
| 980 | |
| 981 if (pscf->ssl_passwords != NGX_CONF_UNSET_PTR) { | |
| 982 return "is duplicate"; | |
| 983 } | |
| 984 | |
| 985 value = cf->args->elts; | |
| 986 | |
| 987 pscf->ssl_passwords = ngx_ssl_read_password_file(cf, &value[1]); | |
| 988 | |
| 989 if (pscf->ssl_passwords == NULL) { | |
| 990 return NGX_CONF_ERROR; | |
| 991 } | |
| 992 | |
| 993 return NGX_CONF_OK; | |
| 994 } | |
| 995 | |
| 996 | |
| 997 static void | |
| 998 ngx_stream_proxy_ssl_init_connection(ngx_stream_session_t *s) | |
| 999 { | |
| 1000 ngx_int_t rc; | |
| 1001 ngx_connection_t *pc; | |
| 1002 ngx_stream_upstream_t *u; | |
| 1003 ngx_stream_proxy_srv_conf_t *pscf; | |
| 1004 | |
| 1005 u = s->upstream; | |
| 1006 | |
| 1007 pc = u->peer.connection; | |
| 1008 | |
| 1009 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
| 1010 | |
| 1011 if (ngx_ssl_create_connection(pscf->ssl, pc, NGX_SSL_BUFFER|NGX_SSL_CLIENT) | |
| 1012 != NGX_OK) | |
| 1013 { | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1014 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
| 6115 | 1015 return; |
| 1016 } | |
| 1017 | |
| 1018 if (pscf->ssl_server_name || pscf->ssl_verify) { | |
| 1019 if (ngx_stream_proxy_ssl_name(s) != NGX_OK) { | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1020 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
| 6115 | 1021 return; |
| 1022 } | |
| 1023 } | |
| 1024 | |
| 1025 if (pscf->ssl_session_reuse) { | |
| 1026 if (u->peer.set_session(&u->peer, u->peer.data) != NGX_OK) { | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1027 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
| 6115 | 1028 return; |
| 1029 } | |
| 1030 } | |
| 1031 | |
| 1032 s->connection->log->action = "SSL handshaking to upstream"; | |
| 1033 | |
| 1034 rc = ngx_ssl_handshake(pc); | |
| 1035 | |
| 1036 if (rc == NGX_AGAIN) { | |
| 1037 | |
| 1038 if (!pc->write->timer_set) { | |
| 1039 ngx_add_timer(pc->write, pscf->connect_timeout); | |
| 1040 } | |
| 1041 | |
| 1042 pc->ssl->handler = ngx_stream_proxy_ssl_handshake; | |
| 1043 return; | |
| 1044 } | |
| 1045 | |
| 1046 ngx_stream_proxy_ssl_handshake(pc); | |
| 1047 } | |
| 1048 | |
| 1049 | |
| 1050 static void | |
| 1051 ngx_stream_proxy_ssl_handshake(ngx_connection_t *pc) | |
| 1052 { | |
| 1053 long rc; | |
| 1054 ngx_stream_session_t *s; | |
| 1055 ngx_stream_upstream_t *u; | |
| 1056 ngx_stream_proxy_srv_conf_t *pscf; | |
| 1057 | |
| 1058 s = pc->data; | |
| 1059 | |
| 1060 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
| 1061 | |
| 1062 if (pc->ssl->handshaked) { | |
| 1063 | |
| 1064 if (pscf->ssl_verify) { | |
| 1065 rc = SSL_get_verify_result(pc->ssl->connection); | |
| 1066 | |
| 1067 if (rc != X509_V_OK) { | |
| 1068 ngx_log_error(NGX_LOG_ERR, pc->log, 0, | |
| 1069 "upstream SSL certificate verify error: (%l:%s)", | |
| 1070 rc, X509_verify_cert_error_string(rc)); | |
| 1071 goto failed; | |
| 1072 } | |
| 1073 | |
| 1074 u = s->upstream; | |
| 1075 | |
| 1076 if (ngx_ssl_check_host(pc, &u->ssl_name) != NGX_OK) { | |
| 1077 ngx_log_error(NGX_LOG_ERR, pc->log, 0, | |
| 1078 "upstream SSL certificate does not match \"%V\"", | |
| 1079 &u->ssl_name); | |
| 1080 goto failed; | |
| 1081 } | |
| 1082 } | |
| 1083 | |
| 1084 if (pscf->ssl_session_reuse) { | |
| 1085 u = s->upstream; | |
| 1086 u->peer.save_session(&u->peer, u->peer.data); | |
| 1087 } | |
| 1088 | |
|
6258
4b4aee40c508
Stream: delete proxy connection timer after SSL handshake.
Ruslan Ermilov <ru@nginx.com>
parents:
6230
diff
changeset
|
1089 if (pc->write->timer_set) { |
|
4b4aee40c508
Stream: delete proxy connection timer after SSL handshake.
Ruslan Ermilov <ru@nginx.com>
parents:
6230
diff
changeset
|
1090 ngx_del_timer(pc->write); |
|
4b4aee40c508
Stream: delete proxy connection timer after SSL handshake.
Ruslan Ermilov <ru@nginx.com>
parents:
6230
diff
changeset
|
1091 } |
|
4b4aee40c508
Stream: delete proxy connection timer after SSL handshake.
Ruslan Ermilov <ru@nginx.com>
parents:
6230
diff
changeset
|
1092 |
| 6115 | 1093 ngx_stream_proxy_init_upstream(s); |
| 1094 | |
| 1095 return; | |
| 1096 } | |
| 1097 | |
| 1098 failed: | |
| 1099 | |
| 1100 ngx_stream_proxy_next_upstream(s); | |
| 1101 } | |
| 1102 | |
| 1103 | |
| 1104 static ngx_int_t | |
| 1105 ngx_stream_proxy_ssl_name(ngx_stream_session_t *s) | |
| 1106 { | |
| 1107 u_char *p, *last; | |
| 1108 ngx_str_t name; | |
| 1109 ngx_stream_upstream_t *u; | |
| 1110 ngx_stream_proxy_srv_conf_t *pscf; | |
| 1111 | |
| 1112 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
| 1113 | |
| 1114 u = s->upstream; | |
| 1115 | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1116 if (pscf->ssl_name) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1117 if (ngx_stream_complex_value(s, pscf->ssl_name, &name) != NGX_OK) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1118 return NGX_ERROR; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1119 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1120 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1121 } else { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1122 name = u->ssl_name; |
| 6115 | 1123 } |
| 1124 | |
| 1125 if (name.len == 0) { | |
| 1126 goto done; | |
| 1127 } | |
| 1128 | |
| 1129 /* | |
| 1130 * ssl name here may contain port, strip it for compatibility | |
| 1131 * with the http module | |
| 1132 */ | |
| 1133 | |
| 1134 p = name.data; | |
| 1135 last = name.data + name.len; | |
| 1136 | |
| 1137 if (*p == '[') { | |
| 1138 p = ngx_strlchr(p, last, ']'); | |
| 1139 | |
| 1140 if (p == NULL) { | |
| 1141 p = name.data; | |
| 1142 } | |
| 1143 } | |
| 1144 | |
| 1145 p = ngx_strlchr(p, last, ':'); | |
| 1146 | |
| 1147 if (p != NULL) { | |
| 1148 name.len = p - name.data; | |
| 1149 } | |
| 1150 | |
| 1151 if (!pscf->ssl_server_name) { | |
| 1152 goto done; | |
| 1153 } | |
| 1154 | |
| 1155 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME | |
| 1156 | |
| 1157 /* as per RFC 6066, literal IPv4 and IPv6 addresses are not permitted */ | |
| 1158 | |
| 1159 if (name.len == 0 || *name.data == '[') { | |
| 1160 goto done; | |
| 1161 } | |
| 1162 | |
| 1163 if (ngx_inet_addr(name.data, name.len) != INADDR_NONE) { | |
| 1164 goto done; | |
| 1165 } | |
| 1166 | |
| 1167 /* | |
| 1168 * SSL_set_tlsext_host_name() needs a null-terminated string, | |
| 1169 * hence we explicitly null-terminate name here | |
| 1170 */ | |
| 1171 | |
| 1172 p = ngx_pnalloc(s->connection->pool, name.len + 1); | |
| 1173 if (p == NULL) { | |
| 1174 return NGX_ERROR; | |
| 1175 } | |
| 1176 | |
| 1177 (void) ngx_cpystrn(p, name.data, name.len + 1); | |
| 1178 | |
| 1179 name.data = p; | |
| 1180 | |
| 1181 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, | |
| 1182 "upstream SSL server name: \"%s\"", name.data); | |
| 1183 | |
| 1184 if (SSL_set_tlsext_host_name(u->peer.connection->ssl->connection, name.data) | |
| 1185 == 0) | |
| 1186 { | |
| 1187 ngx_ssl_error(NGX_LOG_ERR, s->connection->log, 0, | |
| 1188 "SSL_set_tlsext_host_name(\"%s\") failed", name.data); | |
| 1189 return NGX_ERROR; | |
| 1190 } | |
| 1191 | |
| 1192 #endif | |
| 1193 | |
| 1194 done: | |
| 1195 | |
| 1196 u->ssl_name = name; | |
| 1197 | |
| 1198 return NGX_OK; | |
| 1199 } | |
| 1200 | |
| 1201 #endif | |
| 1202 | |
| 1203 | |
| 1204 static void | |
| 1205 ngx_stream_proxy_downstream_handler(ngx_event_t *ev) | |
| 1206 { | |
|
6200
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1207 ngx_stream_proxy_process_connection(ev, ev->write); |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1208 } |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1209 |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1210 |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1211 static void |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1212 ngx_stream_proxy_resolve_handler(ngx_resolver_ctx_t *ctx) |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1213 { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1214 ngx_stream_session_t *s; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1215 ngx_stream_upstream_t *u; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1216 ngx_stream_proxy_srv_conf_t *pscf; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1217 ngx_stream_upstream_resolved_t *ur; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1218 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1219 s = ctx->data; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1220 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1221 u = s->upstream; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1222 ur = u->resolved; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1223 |
|
6648
d43ee392e825
Stream: fixed build without stream_ssl_module (ticket #1032).
Vladimir Homutov <vl@nginx.com>
parents:
6643
diff
changeset
|
1224 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1225 "stream upstream resolve"); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1226 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1227 if (ctx->state) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1228 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1229 "%V could not be resolved (%i: %s)", |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1230 &ctx->name, ctx->state, |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1231 ngx_resolver_strerror(ctx->state)); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1232 |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1233 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1234 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1235 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1236 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1237 ur->naddrs = ctx->naddrs; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1238 ur->addrs = ctx->addrs; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1239 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1240 #if (NGX_DEBUG) |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1241 { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1242 u_char text[NGX_SOCKADDR_STRLEN]; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1243 ngx_str_t addr; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1244 ngx_uint_t i; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1245 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1246 addr.data = text; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1247 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1248 for (i = 0; i < ctx->naddrs; i++) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1249 addr.len = ngx_sock_ntop(ur->addrs[i].sockaddr, ur->addrs[i].socklen, |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1250 text, NGX_SOCKADDR_STRLEN, 0); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1251 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1252 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1253 "name was resolved to %V", &addr); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1254 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1255 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1256 #endif |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1257 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1258 if (ngx_stream_upstream_create_round_robin_peer(s, ur) != NGX_OK) { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1259 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1260 return; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1261 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1262 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1263 ngx_resolve_name_done(ctx); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1264 ur->ctx = NULL; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1265 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1266 u->peer.start_time = ngx_current_msec; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1267 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1268 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1269 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1270 if (pscf->next_upstream_tries |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1271 && u->peer.tries > pscf->next_upstream_tries) |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1272 { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1273 u->peer.tries = pscf->next_upstream_tries; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1274 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1275 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1276 ngx_stream_proxy_connect(s); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1277 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1278 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1279 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1280 static void |
|
6200
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1281 ngx_stream_proxy_upstream_handler(ngx_event_t *ev) |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1282 { |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1283 ngx_stream_proxy_process_connection(ev, !ev->write); |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1284 } |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1285 |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1286 |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1287 static void |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1288 ngx_stream_proxy_process_connection(ngx_event_t *ev, ngx_uint_t from_upstream) |
|
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1289 { |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1290 ngx_connection_t *c, *pc; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1291 ngx_stream_session_t *s; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1292 ngx_stream_upstream_t *u; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1293 ngx_stream_proxy_srv_conf_t *pscf; |
| 6115 | 1294 |
| 1295 c = ev->data; | |
| 1296 s = c->data; | |
|
6200
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1297 u = s->upstream; |
| 6115 | 1298 |
| 6436 | 1299 c = s->connection; |
| 1300 pc = u->peer.connection; | |
| 1301 | |
| 1302 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
| 1303 | |
| 6115 | 1304 if (ev->timedout) { |
| 6436 | 1305 ev->timedout = 0; |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1306 |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1307 if (ev->delayed) { |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1308 ev->delayed = 0; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1309 |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1310 if (!ev->ready) { |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1311 if (ngx_handle_read_event(ev, 0) != NGX_OK) { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1312 ngx_stream_proxy_finalize(s, |
|
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1313 NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1314 return; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1315 } |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1316 |
| 6436 | 1317 if (u->connected && !c->read->delayed && !pc->read->delayed) { |
| 1318 ngx_add_timer(c->write, pscf->timeout); | |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1319 } |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1320 |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1321 return; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1322 } |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1323 |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1324 } else { |
| 6436 | 1325 if (s->connection->type == SOCK_DGRAM) { |
| 1326 if (pscf->responses == NGX_MAX_INT32_VALUE) { | |
| 1327 | |
| 1328 /* | |
| 1329 * successfully terminate timed out UDP session | |
| 1330 * with unspecified number of responses | |
| 1331 */ | |
| 1332 | |
| 1333 pc->read->ready = 0; | |
| 1334 pc->read->eof = 1; | |
| 1335 | |
| 1336 ngx_stream_proxy_process(s, 1, 0); | |
| 1337 return; | |
| 1338 } | |
| 1339 | |
| 1340 if (u->received == 0) { | |
| 1341 ngx_stream_proxy_next_upstream(s); | |
| 1342 return; | |
| 1343 } | |
| 1344 } | |
| 1345 | |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1346 ngx_connection_error(c, NGX_ETIMEDOUT, "connection timed out"); |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1347 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1348 return; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1349 } |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1350 |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1351 } else if (ev->delayed) { |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1352 |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1353 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1354 "stream connection delayed"); |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1355 |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1356 if (ngx_handle_read_event(ev, 0) != NGX_OK) { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1357 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1358 } |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1359 |
| 6115 | 1360 return; |
| 1361 } | |
| 1362 | |
|
6202
6345822f0abb
Stream: upstream "connected" flag.
Roman Arutyunyan <arut@nginx.com>
parents:
6201
diff
changeset
|
1363 if (from_upstream && !u->connected) { |
|
6200
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1364 return; |
| 6115 | 1365 } |
| 1366 | |
|
6200
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1367 ngx_stream_proxy_process(s, from_upstream, ev->write); |
| 6115 | 1368 } |
| 1369 | |
| 1370 | |
| 1371 static void | |
| 1372 ngx_stream_proxy_connect_handler(ngx_event_t *ev) | |
| 1373 { | |
| 1374 ngx_connection_t *c; | |
| 1375 ngx_stream_session_t *s; | |
| 1376 | |
| 1377 c = ev->data; | |
| 1378 s = c->data; | |
| 1379 | |
| 1380 if (ev->timedout) { | |
| 1381 ngx_log_error(NGX_LOG_ERR, c->log, NGX_ETIMEDOUT, "upstream timed out"); | |
| 1382 ngx_stream_proxy_next_upstream(s); | |
| 1383 return; | |
| 1384 } | |
| 1385 | |
| 1386 ngx_del_timer(c->write); | |
| 1387 | |
| 1388 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, | |
| 1389 "stream proxy connect upstream"); | |
| 1390 | |
| 1391 if (ngx_stream_proxy_test_connect(c) != NGX_OK) { | |
| 1392 ngx_stream_proxy_next_upstream(s); | |
| 1393 return; | |
| 1394 } | |
| 1395 | |
| 1396 ngx_stream_proxy_init_upstream(s); | |
| 1397 } | |
| 1398 | |
| 1399 | |
| 1400 static ngx_int_t | |
| 1401 ngx_stream_proxy_test_connect(ngx_connection_t *c) | |
| 1402 { | |
| 1403 int err; | |
| 1404 socklen_t len; | |
| 1405 | |
| 1406 #if (NGX_HAVE_KQUEUE) | |
| 1407 | |
| 1408 if (ngx_event_flags & NGX_USE_KQUEUE_EVENT) { | |
| 1409 err = c->write->kq_errno ? c->write->kq_errno : c->read->kq_errno; | |
| 1410 | |
| 1411 if (err) { | |
| 1412 (void) ngx_connection_error(c, err, | |
| 1413 "kevent() reported that connect() failed"); | |
| 1414 return NGX_ERROR; | |
| 1415 } | |
| 1416 | |
| 1417 } else | |
| 1418 #endif | |
| 1419 { | |
| 1420 err = 0; | |
| 1421 len = sizeof(int); | |
| 1422 | |
| 1423 /* | |
| 1424 * BSDs and Linux return 0 and set a pending error in err | |
| 1425 * Solaris returns -1 and sets errno | |
| 1426 */ | |
| 1427 | |
| 1428 if (getsockopt(c->fd, SOL_SOCKET, SO_ERROR, (void *) &err, &len) | |
| 1429 == -1) | |
| 1430 { | |
| 1431 err = ngx_socket_errno; | |
| 1432 } | |
| 1433 | |
| 1434 if (err) { | |
| 1435 (void) ngx_connection_error(c, err, "connect() failed"); | |
| 1436 return NGX_ERROR; | |
| 1437 } | |
| 1438 } | |
| 1439 | |
| 1440 return NGX_OK; | |
| 1441 } | |
| 1442 | |
| 1443 | |
|
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
1444 static void |
| 6115 | 1445 ngx_stream_proxy_process(ngx_stream_session_t *s, ngx_uint_t from_upstream, |
| 1446 ngx_uint_t do_write) | |
| 1447 { | |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1448 off_t *received, limit; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1449 size_t size, limit_rate; |
| 6115 | 1450 ssize_t n; |
| 1451 ngx_buf_t *b; | |
| 6692 | 1452 ngx_int_t rc; |
|
6124
f1f222db290b
Stream: prevent repeated event notifications after eof.
Roman Arutyunyan <arut@nginx.com>
parents:
6115
diff
changeset
|
1453 ngx_uint_t flags; |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1454 ngx_msec_t delay; |
| 6692 | 1455 ngx_chain_t *cl, **ll, **out, **busy; |
| 6115 | 1456 ngx_connection_t *c, *pc, *src, *dst; |
| 1457 ngx_log_handler_pt handler; | |
| 1458 ngx_stream_upstream_t *u; | |
| 1459 ngx_stream_proxy_srv_conf_t *pscf; | |
| 1460 | |
| 1461 u = s->upstream; | |
| 1462 | |
| 1463 c = s->connection; | |
|
6202
6345822f0abb
Stream: upstream "connected" flag.
Roman Arutyunyan <arut@nginx.com>
parents:
6201
diff
changeset
|
1464 pc = u->connected ? u->peer.connection : NULL; |
| 6115 | 1465 |
| 6436 | 1466 if (c->type == SOCK_DGRAM && (ngx_terminate || ngx_exiting)) { |
| 1467 | |
| 1468 /* socket is already closed on worker shutdown */ | |
| 1469 | |
| 1470 handler = c->log->handler; | |
| 1471 c->log->handler = NULL; | |
| 1472 | |
| 1473 ngx_log_error(NGX_LOG_INFO, c->log, 0, "disconnected on shutdown"); | |
| 1474 | |
| 1475 c->log->handler = handler; | |
| 1476 | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1477 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); |
| 6436 | 1478 return; |
| 1479 } | |
| 1480 | |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1481 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1482 |
| 6115 | 1483 if (from_upstream) { |
| 1484 src = pc; | |
| 1485 dst = c; | |
| 1486 b = &u->upstream_buf; | |
|
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
1487 limit_rate = pscf->download_rate; |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1488 received = &u->received; |
| 6692 | 1489 out = &u->downstream_out; |
| 1490 busy = &u->downstream_busy; | |
| 6115 | 1491 |
| 1492 } else { | |
| 1493 src = c; | |
| 1494 dst = pc; | |
| 1495 b = &u->downstream_buf; | |
|
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
1496 limit_rate = pscf->upload_rate; |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1497 received = &s->received; |
| 6692 | 1498 out = &u->upstream_out; |
| 1499 busy = &u->upstream_busy; | |
| 6115 | 1500 } |
| 1501 | |
| 1502 for ( ;; ) { | |
| 1503 | |
| 6692 | 1504 if (do_write && dst) { |
| 1505 | |
| 1506 if (*out || *busy || dst->buffered) { | |
| 1507 rc = ngx_stream_top_filter(s, *out, from_upstream); | |
| 1508 | |
| 1509 if (rc == NGX_ERROR) { | |
| 6436 | 1510 if (c->type == SOCK_DGRAM && !from_upstream) { |
| 1511 ngx_stream_proxy_next_upstream(s); | |
| 1512 return; | |
| 1513 } | |
| 1514 | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1515 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); |
|
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
1516 return; |
| 6115 | 1517 } |
| 1518 | |
| 6692 | 1519 ngx_chain_update_chains(c->pool, &u->free, busy, out, |
| 1520 (ngx_buf_tag_t) &ngx_stream_proxy_module); | |
| 1521 | |
| 1522 if (*busy == NULL) { | |
| 1523 b->pos = b->start; | |
| 1524 b->last = b->start; | |
| 6115 | 1525 } |
| 1526 } | |
| 1527 } | |
| 1528 | |
| 1529 size = b->end - b->last; | |
| 1530 | |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1531 if (size && src->read->ready && !src->read->delayed) { |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1532 |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1533 if (limit_rate) { |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1534 limit = (off_t) limit_rate * (ngx_time() - u->start_sec + 1) |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1535 - *received; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1536 |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1537 if (limit <= 0) { |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1538 src->read->delayed = 1; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1539 delay = (ngx_msec_t) (- limit * 1000 / limit_rate + 1); |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1540 ngx_add_timer(src->read, delay); |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1541 break; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1542 } |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1543 |
|
6204
114d1f8cdcab
Stream: fixed possible integer overflow in rate limiting.
Valentin Bartenev <vbart@nginx.com>
parents:
6203
diff
changeset
|
1544 if ((off_t) size > limit) { |
|
6203
fdfdcad62875
Stream: fixed MSVC compilation warning.
Roman Arutyunyan <arut@nginx.com>
parents:
6202
diff
changeset
|
1545 size = (size_t) limit; |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1546 } |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1547 } |
| 6115 | 1548 |
| 1549 n = src->recv(src, b->last, size); | |
| 1550 | |
| 6692 | 1551 if (n == NGX_AGAIN) { |
| 6115 | 1552 break; |
| 1553 } | |
| 1554 | |
| 6692 | 1555 if (n == NGX_ERROR) { |
| 1556 if (c->type == SOCK_DGRAM && u->received == 0) { | |
| 1557 ngx_stream_proxy_next_upstream(s); | |
| 1558 return; | |
| 1559 } | |
| 1560 | |
| 1561 src->read->eof = 1; | |
| 1562 n = 0; | |
| 1563 } | |
| 1564 | |
| 1565 if (n >= 0) { | |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1566 if (limit_rate) { |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1567 delay = (ngx_msec_t) (n * 1000 / limit_rate); |
| 6115 | 1568 |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1569 if (delay > 0) { |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1570 src->read->delayed = 1; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1571 ngx_add_timer(src->read, delay); |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1572 } |
| 6115 | 1573 } |
| 1574 | |
|
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1575 if (from_upstream) { |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1576 if (u->state->first_byte_time == (ngx_msec_t) -1) { |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1577 u->state->first_byte_time = ngx_current_msec |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1578 - u->state->response_time; |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1579 } |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1580 } |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1581 |
| 6436 | 1582 if (c->type == SOCK_DGRAM && ++u->responses == pscf->responses) |
| 1583 { | |
| 1584 src->read->ready = 0; | |
| 1585 src->read->eof = 1; | |
| 1586 } | |
| 1587 | |
| 6692 | 1588 for (ll = out; *ll; ll = &(*ll)->next) { /* void */ } |
| 1589 | |
| 1590 cl = ngx_chain_get_free_buf(c->pool, &u->free); | |
| 1591 if (cl == NULL) { | |
| 1592 ngx_stream_proxy_finalize(s, | |
| 1593 NGX_STREAM_INTERNAL_SERVER_ERROR); | |
| 1594 return; | |
| 1595 } | |
| 1596 | |
| 1597 *ll = cl; | |
| 1598 | |
| 1599 cl->buf->pos = b->last; | |
| 1600 cl->buf->last = b->last + n; | |
| 1601 cl->buf->tag = (ngx_buf_tag_t) &ngx_stream_proxy_module; | |
| 1602 | |
| 1603 cl->buf->temporary = (n ? 1 : 0); | |
| 1604 cl->buf->last_buf = src->read->eof; | |
| 1605 cl->buf->flush = 1; | |
| 1606 | |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1607 *received += n; |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1608 b->last += n; |
| 6115 | 1609 do_write = 1; |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1610 |
| 6115 | 1611 continue; |
| 1612 } | |
| 1613 } | |
| 1614 | |
| 1615 break; | |
| 1616 } | |
| 1617 | |
| 6692 | 1618 if (src->read->eof && dst && (dst->read->eof || !dst->buffered)) { |
| 6115 | 1619 handler = c->log->handler; |
| 1620 c->log->handler = NULL; | |
| 1621 | |
| 1622 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
|
6461
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
1623 "%s%s disconnected" |
| 6115 | 1624 ", bytes from/to client:%O/%O" |
| 1625 ", bytes from/to upstream:%O/%O", | |
|
6461
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
1626 src->type == SOCK_DGRAM ? "udp " : "", |
| 6115 | 1627 from_upstream ? "upstream" : "client", |
| 1628 s->received, c->sent, u->received, pc ? pc->sent : 0); | |
| 1629 | |
| 1630 c->log->handler = handler; | |
| 1631 | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1632 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); |
|
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
1633 return; |
| 6115 | 1634 } |
| 1635 | |
|
6124
f1f222db290b
Stream: prevent repeated event notifications after eof.
Roman Arutyunyan <arut@nginx.com>
parents:
6115
diff
changeset
|
1636 flags = src->read->eof ? NGX_CLOSE_EVENT : 0; |
|
f1f222db290b
Stream: prevent repeated event notifications after eof.
Roman Arutyunyan <arut@nginx.com>
parents:
6115
diff
changeset
|
1637 |
| 6436 | 1638 if (!src->shared && ngx_handle_read_event(src->read, flags) != NGX_OK) { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1639 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
1640 return; |
| 6115 | 1641 } |
| 1642 | |
| 1643 if (dst) { | |
| 6436 | 1644 if (!dst->shared && ngx_handle_write_event(dst->write, 0) != NGX_OK) { |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1645 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
|
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
1646 return; |
| 6115 | 1647 } |
| 1648 | |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1649 if (!c->read->delayed && !pc->read->delayed) { |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1650 ngx_add_timer(c->write, pscf->timeout); |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1651 |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1652 } else if (c->write->timer_set) { |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1653 ngx_del_timer(c->write); |
|
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1654 } |
| 6115 | 1655 } |
| 1656 } | |
| 1657 | |
| 1658 | |
| 1659 static void | |
| 1660 ngx_stream_proxy_next_upstream(ngx_stream_session_t *s) | |
| 1661 { | |
| 1662 ngx_msec_t timeout; | |
| 1663 ngx_connection_t *pc; | |
| 1664 ngx_stream_upstream_t *u; | |
| 1665 ngx_stream_proxy_srv_conf_t *pscf; | |
| 1666 | |
| 1667 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, | |
| 1668 "stream proxy next upstream"); | |
| 1669 | |
| 1670 u = s->upstream; | |
| 6692 | 1671 pc = u->peer.connection; |
| 1672 | |
| 1673 if (u->upstream_out || u->upstream_busy || (pc && pc->buffered)) { | |
| 1674 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
| 1675 "pending buffers on next upstream"); | |
| 1676 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); | |
| 1677 return; | |
| 1678 } | |
| 6115 | 1679 |
| 1680 if (u->peer.sockaddr) { | |
| 1681 u->peer.free(&u->peer, u->peer.data, NGX_PEER_FAILED); | |
| 1682 u->peer.sockaddr = NULL; | |
| 1683 } | |
| 1684 | |
| 1685 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
| 1686 | |
| 1687 timeout = pscf->next_upstream_timeout; | |
| 1688 | |
| 1689 if (u->peer.tries == 0 | |
| 1690 || !pscf->next_upstream | |
| 1691 || (timeout && ngx_current_msec - u->peer.start_time >= timeout)) | |
| 1692 { | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1693 ngx_stream_proxy_finalize(s, NGX_STREAM_BAD_GATEWAY); |
| 6115 | 1694 return; |
| 1695 } | |
| 1696 | |
| 1697 if (pc) { | |
| 1698 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, | |
| 1699 "close proxy upstream connection: %d", pc->fd); | |
| 1700 | |
| 1701 #if (NGX_STREAM_SSL) | |
| 1702 if (pc->ssl) { | |
| 1703 pc->ssl->no_wait_shutdown = 1; | |
| 1704 pc->ssl->no_send_shutdown = 1; | |
| 1705 | |
| 1706 (void) ngx_ssl_shutdown(pc); | |
| 1707 } | |
| 1708 #endif | |
| 1709 | |
|
6676
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1710 u->state->bytes_received = u->received; |
|
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1711 u->state->bytes_sent = pc->sent; |
|
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1712 |
| 6115 | 1713 ngx_close_connection(pc); |
| 1714 u->peer.connection = NULL; | |
| 1715 } | |
| 1716 | |
| 1717 ngx_stream_proxy_connect(s); | |
| 1718 } | |
| 1719 | |
| 1720 | |
| 1721 static void | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1722 ngx_stream_proxy_finalize(ngx_stream_session_t *s, ngx_uint_t rc) |
| 6115 | 1723 { |
| 1724 ngx_connection_t *pc; | |
| 1725 ngx_stream_upstream_t *u; | |
| 1726 | |
| 1727 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, | |
| 1728 "finalize stream proxy: %i", rc); | |
| 1729 | |
| 1730 u = s->upstream; | |
| 1731 | |
| 1732 if (u == NULL) { | |
| 1733 goto noupstream; | |
| 1734 } | |
| 1735 | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1736 if (u->resolved && u->resolved->ctx) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1737 ngx_resolve_name_done(u->resolved->ctx); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1738 u->resolved->ctx = NULL; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1739 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1740 |
|
6676
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1741 pc = u->peer.connection; |
|
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1742 |
|
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1743 if (u->state) { |
|
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1744 u->state->response_time = ngx_current_msec - u->state->response_time; |
|
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1745 |
|
6676
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1746 if (pc) { |
|
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1747 u->state->bytes_received = u->received; |
|
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1748 u->state->bytes_sent = pc->sent; |
|
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1749 } |
|
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1750 } |
|
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1751 |
| 6115 | 1752 if (u->peer.free && u->peer.sockaddr) { |
| 1753 u->peer.free(&u->peer, u->peer.data, 0); | |
| 1754 u->peer.sockaddr = NULL; | |
| 1755 } | |
| 1756 | |
| 1757 if (pc) { | |
| 1758 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, | |
| 1759 "close stream proxy upstream connection: %d", pc->fd); | |
| 1760 | |
| 1761 #if (NGX_STREAM_SSL) | |
| 1762 if (pc->ssl) { | |
| 1763 pc->ssl->no_wait_shutdown = 1; | |
| 1764 (void) ngx_ssl_shutdown(pc); | |
| 1765 } | |
| 1766 #endif | |
| 1767 | |
| 1768 ngx_close_connection(pc); | |
| 1769 u->peer.connection = NULL; | |
| 1770 } | |
| 1771 | |
| 1772 noupstream: | |
| 1773 | |
|
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1774 ngx_stream_finalize_session(s, rc); |
| 6115 | 1775 } |
| 1776 | |
| 1777 | |
| 1778 static u_char * | |
| 1779 ngx_stream_proxy_log_error(ngx_log_t *log, u_char *buf, size_t len) | |
| 1780 { | |
| 1781 u_char *p; | |
| 1782 ngx_connection_t *pc; | |
| 1783 ngx_stream_session_t *s; | |
| 1784 ngx_stream_upstream_t *u; | |
| 1785 | |
| 1786 s = log->data; | |
| 1787 | |
| 1788 u = s->upstream; | |
| 1789 | |
| 1790 p = buf; | |
| 1791 | |
| 1792 if (u->peer.name) { | |
| 1793 p = ngx_snprintf(p, len, ", upstream: \"%V\"", u->peer.name); | |
| 1794 len -= p - buf; | |
| 1795 } | |
| 1796 | |
| 1797 pc = u->peer.connection; | |
| 1798 | |
| 1799 p = ngx_snprintf(p, len, | |
| 1800 ", bytes from/to client:%O/%O" | |
| 1801 ", bytes from/to upstream:%O/%O", | |
| 1802 s->received, s->connection->sent, | |
| 1803 u->received, pc ? pc->sent : 0); | |
| 1804 | |
| 1805 return p; | |
| 1806 } | |
| 1807 | |
| 1808 | |
| 1809 static void * | |
| 1810 ngx_stream_proxy_create_srv_conf(ngx_conf_t *cf) | |
| 1811 { | |
| 1812 ngx_stream_proxy_srv_conf_t *conf; | |
| 1813 | |
| 1814 conf = ngx_pcalloc(cf->pool, sizeof(ngx_stream_proxy_srv_conf_t)); | |
| 1815 if (conf == NULL) { | |
| 1816 return NULL; | |
| 1817 } | |
| 1818 | |
| 1819 /* | |
| 1820 * set by ngx_pcalloc(): | |
| 1821 * | |
| 1822 * conf->ssl_protocols = 0; | |
| 1823 * conf->ssl_ciphers = { 0, NULL }; | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1824 * conf->ssl_name = NULL; |
| 6115 | 1825 * conf->ssl_trusted_certificate = { 0, NULL }; |
| 1826 * conf->ssl_crl = { 0, NULL }; | |
| 1827 * conf->ssl_certificate = { 0, NULL }; | |
| 1828 * conf->ssl_certificate_key = { 0, NULL }; | |
| 1829 * | |
| 1830 * conf->ssl = NULL; | |
| 1831 * conf->upstream = NULL; | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1832 * conf->upstream_value = NULL; |
| 6115 | 1833 */ |
| 1834 | |
| 1835 conf->connect_timeout = NGX_CONF_UNSET_MSEC; | |
| 1836 conf->timeout = NGX_CONF_UNSET_MSEC; | |
| 1837 conf->next_upstream_timeout = NGX_CONF_UNSET_MSEC; | |
|
6215
8ee6a08ea3eb
Stream: added proxy_buffer_size to set the size of data buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
6208
diff
changeset
|
1838 conf->buffer_size = NGX_CONF_UNSET_SIZE; |
|
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
1839 conf->upload_rate = NGX_CONF_UNSET_SIZE; |
|
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
1840 conf->download_rate = NGX_CONF_UNSET_SIZE; |
| 6436 | 1841 conf->responses = NGX_CONF_UNSET_UINT; |
| 6115 | 1842 conf->next_upstream_tries = NGX_CONF_UNSET_UINT; |
| 1843 conf->next_upstream = NGX_CONF_UNSET; | |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
1844 conf->proxy_protocol = NGX_CONF_UNSET; |
|
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
1845 conf->local = NGX_CONF_UNSET_PTR; |
| 6115 | 1846 |
| 1847 #if (NGX_STREAM_SSL) | |
| 1848 conf->ssl_enable = NGX_CONF_UNSET; | |
| 1849 conf->ssl_session_reuse = NGX_CONF_UNSET; | |
| 1850 conf->ssl_server_name = NGX_CONF_UNSET; | |
| 1851 conf->ssl_verify = NGX_CONF_UNSET; | |
| 1852 conf->ssl_verify_depth = NGX_CONF_UNSET_UINT; | |
| 1853 conf->ssl_passwords = NGX_CONF_UNSET_PTR; | |
| 1854 #endif | |
| 1855 | |
| 1856 return conf; | |
| 1857 } | |
| 1858 | |
| 1859 | |
| 1860 static char * | |
| 1861 ngx_stream_proxy_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) | |
| 1862 { | |
| 1863 ngx_stream_proxy_srv_conf_t *prev = parent; | |
| 1864 ngx_stream_proxy_srv_conf_t *conf = child; | |
| 1865 | |
| 1866 ngx_conf_merge_msec_value(conf->connect_timeout, | |
| 1867 prev->connect_timeout, 60000); | |
| 1868 | |
| 1869 ngx_conf_merge_msec_value(conf->timeout, | |
| 1870 prev->timeout, 10 * 60000); | |
| 1871 | |
| 1872 ngx_conf_merge_msec_value(conf->next_upstream_timeout, | |
| 1873 prev->next_upstream_timeout, 0); | |
| 1874 | |
|
6215
8ee6a08ea3eb
Stream: added proxy_buffer_size to set the size of data buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
6208
diff
changeset
|
1875 ngx_conf_merge_size_value(conf->buffer_size, |
|
8ee6a08ea3eb
Stream: added proxy_buffer_size to set the size of data buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
6208
diff
changeset
|
1876 prev->buffer_size, 16384); |
| 6115 | 1877 |
|
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
1878 ngx_conf_merge_size_value(conf->upload_rate, |
|
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
1879 prev->upload_rate, 0); |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1880 |
|
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
1881 ngx_conf_merge_size_value(conf->download_rate, |
|
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
1882 prev->download_rate, 0); |
|
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1883 |
| 6436 | 1884 ngx_conf_merge_uint_value(conf->responses, |
| 1885 prev->responses, NGX_MAX_INT32_VALUE); | |
| 1886 | |
| 6115 | 1887 ngx_conf_merge_uint_value(conf->next_upstream_tries, |
| 1888 prev->next_upstream_tries, 0); | |
| 1889 | |
| 1890 ngx_conf_merge_value(conf->next_upstream, prev->next_upstream, 1); | |
| 1891 | |
|
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
1892 ngx_conf_merge_value(conf->proxy_protocol, prev->proxy_protocol, 0); |
|
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
1893 |
|
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
1894 ngx_conf_merge_ptr_value(conf->local, prev->local, NULL); |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
1895 |
| 6115 | 1896 #if (NGX_STREAM_SSL) |
| 1897 | |
| 1898 ngx_conf_merge_value(conf->ssl_enable, prev->ssl_enable, 0); | |
| 1899 | |
| 1900 ngx_conf_merge_value(conf->ssl_session_reuse, | |
| 1901 prev->ssl_session_reuse, 1); | |
| 1902 | |
| 1903 ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols, | |
|
6157
b2899e7d0ef8
Disabled SSLv3 by default (ticket #653).
Maxim Dounin <mdounin@mdounin.ru>
parents:
6124
diff
changeset
|
1904 (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1 |
|
b2899e7d0ef8
Disabled SSLv3 by default (ticket #653).
Maxim Dounin <mdounin@mdounin.ru>
parents:
6124
diff
changeset
|
1905 |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2)); |
| 6115 | 1906 |
| 1907 ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers, "DEFAULT"); | |
| 1908 | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1909 if (conf->ssl_name == NULL) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1910 conf->ssl_name = prev->ssl_name; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1911 } |
| 6115 | 1912 |
| 1913 ngx_conf_merge_value(conf->ssl_server_name, prev->ssl_server_name, 0); | |
| 1914 | |
| 1915 ngx_conf_merge_value(conf->ssl_verify, prev->ssl_verify, 0); | |
| 1916 | |
| 1917 ngx_conf_merge_uint_value(conf->ssl_verify_depth, | |
| 1918 prev->ssl_verify_depth, 1); | |
| 1919 | |
| 1920 ngx_conf_merge_str_value(conf->ssl_trusted_certificate, | |
| 1921 prev->ssl_trusted_certificate, ""); | |
| 1922 | |
| 1923 ngx_conf_merge_str_value(conf->ssl_crl, prev->ssl_crl, ""); | |
| 1924 | |
| 1925 ngx_conf_merge_str_value(conf->ssl_certificate, | |
| 1926 prev->ssl_certificate, ""); | |
| 1927 | |
| 1928 ngx_conf_merge_str_value(conf->ssl_certificate_key, | |
| 1929 prev->ssl_certificate_key, ""); | |
| 1930 | |
| 1931 ngx_conf_merge_ptr_value(conf->ssl_passwords, prev->ssl_passwords, NULL); | |
| 1932 | |
| 1933 if (conf->ssl_enable && ngx_stream_proxy_set_ssl(cf, conf) != NGX_OK) { | |
| 1934 return NGX_CONF_ERROR; | |
| 1935 } | |
| 1936 | |
| 1937 #endif | |
| 1938 | |
| 1939 return NGX_CONF_OK; | |
| 1940 } | |
| 1941 | |
| 1942 | |
| 1943 #if (NGX_STREAM_SSL) | |
| 1944 | |
| 1945 static ngx_int_t | |
| 1946 ngx_stream_proxy_set_ssl(ngx_conf_t *cf, ngx_stream_proxy_srv_conf_t *pscf) | |
| 1947 { | |
| 1948 ngx_pool_cleanup_t *cln; | |
| 1949 | |
| 1950 pscf->ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); | |
| 1951 if (pscf->ssl == NULL) { | |
| 1952 return NGX_ERROR; | |
| 1953 } | |
| 1954 | |
| 1955 pscf->ssl->log = cf->log; | |
| 1956 | |
| 1957 if (ngx_ssl_create(pscf->ssl, pscf->ssl_protocols, NULL) != NGX_OK) { | |
| 1958 return NGX_ERROR; | |
| 1959 } | |
| 1960 | |
| 1961 cln = ngx_pool_cleanup_add(cf->pool, 0); | |
| 1962 if (cln == NULL) { | |
| 1963 return NGX_ERROR; | |
| 1964 } | |
| 1965 | |
| 1966 cln->handler = ngx_ssl_cleanup_ctx; | |
| 1967 cln->data = pscf->ssl; | |
| 1968 | |
| 1969 if (pscf->ssl_certificate.len) { | |
| 1970 | |
| 1971 if (pscf->ssl_certificate_key.len == 0) { | |
| 1972 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | |
| 1973 "no \"proxy_ssl_certificate_key\" is defined " | |
| 1974 "for certificate \"%V\"", &pscf->ssl_certificate); | |
| 1975 return NGX_ERROR; | |
| 1976 } | |
| 1977 | |
| 1978 if (ngx_ssl_certificate(cf, pscf->ssl, &pscf->ssl_certificate, | |
| 1979 &pscf->ssl_certificate_key, pscf->ssl_passwords) | |
| 1980 != NGX_OK) | |
| 1981 { | |
| 1982 return NGX_ERROR; | |
| 1983 } | |
| 1984 } | |
| 1985 | |
|
6591
04d8d1f85649
SSL: ngx_ssl_ciphers() to set list of ciphers.
Tim Taubert <tim@timtaubert.de>
parents:
6530
diff
changeset
|
1986 if (ngx_ssl_ciphers(cf, pscf->ssl, &pscf->ssl_ciphers, 0) != NGX_OK) { |
| 6115 | 1987 return NGX_ERROR; |
| 1988 } | |
| 1989 | |
| 1990 if (pscf->ssl_verify) { | |
| 1991 if (pscf->ssl_trusted_certificate.len == 0) { | |
| 1992 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | |
| 1993 "no proxy_ssl_trusted_certificate for proxy_ssl_verify"); | |
| 1994 return NGX_ERROR; | |
| 1995 } | |
| 1996 | |
| 1997 if (ngx_ssl_trusted_certificate(cf, pscf->ssl, | |
| 1998 &pscf->ssl_trusted_certificate, | |
| 1999 pscf->ssl_verify_depth) | |
| 2000 != NGX_OK) | |
| 2001 { | |
| 2002 return NGX_ERROR; | |
| 2003 } | |
| 2004 | |
| 2005 if (ngx_ssl_crl(cf, pscf->ssl, &pscf->ssl_crl) != NGX_OK) { | |
| 2006 return NGX_ERROR; | |
| 2007 } | |
| 2008 } | |
| 2009 | |
| 2010 return NGX_OK; | |
| 2011 } | |
| 2012 | |
| 2013 #endif | |
| 2014 | |
| 2015 | |
| 2016 static char * | |
| 2017 ngx_stream_proxy_pass(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
| 2018 { | |
| 2019 ngx_stream_proxy_srv_conf_t *pscf = conf; | |
| 2020 | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2021 ngx_url_t u; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2022 ngx_str_t *value, *url; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2023 ngx_stream_complex_value_t cv; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2024 ngx_stream_core_srv_conf_t *cscf; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2025 ngx_stream_compile_complex_value_t ccv; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2026 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2027 if (pscf->upstream || pscf->upstream_value) { |
| 6115 | 2028 return "is duplicate"; |
| 2029 } | |
| 2030 | |
| 2031 cscf = ngx_stream_conf_get_module_srv_conf(cf, ngx_stream_core_module); | |
| 2032 | |
| 2033 cscf->handler = ngx_stream_proxy_handler; | |
| 2034 | |
| 2035 value = cf->args->elts; | |
| 2036 | |
| 2037 url = &value[1]; | |
| 2038 | |
|
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2039 ngx_memzero(&ccv, sizeof(ngx_stream_compile_complex_value_t)); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2040 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2041 ccv.cf = cf; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2042 ccv.value = url; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2043 ccv.complex_value = &cv; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2044 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2045 if (ngx_stream_compile_complex_value(&ccv) != NGX_OK) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2046 return NGX_CONF_ERROR; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2047 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2048 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2049 if (cv.lengths) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2050 pscf->upstream_value = ngx_palloc(cf->pool, |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2051 sizeof(ngx_stream_complex_value_t)); |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2052 if (pscf->upstream_value == NULL) { |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2053 return NGX_CONF_ERROR; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2054 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2055 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2056 *pscf->upstream_value = cv; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2057 |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2058 return NGX_CONF_OK; |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2059 } |
|
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2060 |
| 6115 | 2061 ngx_memzero(&u, sizeof(ngx_url_t)); |
| 2062 | |
| 2063 u.url = *url; | |
| 2064 u.no_resolve = 1; | |
| 2065 | |
| 2066 pscf->upstream = ngx_stream_upstream_add(cf, &u, 0); | |
| 2067 if (pscf->upstream == NULL) { | |
| 2068 return NGX_CONF_ERROR; | |
| 2069 } | |
| 2070 | |
| 2071 return NGX_CONF_OK; | |
| 2072 } | |
|
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2073 |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2074 |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2075 static char * |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2076 ngx_stream_proxy_bind(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2077 { |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2078 ngx_stream_proxy_srv_conf_t *pscf = conf; |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2079 |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2080 ngx_int_t rc; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2081 ngx_str_t *value; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2082 ngx_stream_complex_value_t cv; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2083 ngx_stream_upstream_local_t *local; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2084 ngx_stream_compile_complex_value_t ccv; |
|
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2085 |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2086 if (pscf->local != NGX_CONF_UNSET_PTR) { |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2087 return "is duplicate"; |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2088 } |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2089 |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2090 value = cf->args->elts; |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2091 |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2092 if (cf->args->nelts == 2 && ngx_strcmp(value[1].data, "off") == 0) { |
|
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2093 pscf->local = NULL; |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2094 return NGX_CONF_OK; |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2095 } |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2096 |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2097 ngx_memzero(&ccv, sizeof(ngx_stream_compile_complex_value_t)); |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2098 |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2099 ccv.cf = cf; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2100 ccv.value = &value[1]; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2101 ccv.complex_value = &cv; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2102 |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2103 if (ngx_stream_compile_complex_value(&ccv) != NGX_OK) { |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2104 return NGX_CONF_ERROR; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2105 } |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2106 |
|
6598
4a724d6006ee
Stream: use ngx_pcalloc() in ngx_stream_proxy_bind().
Roman Arutyunyan <arut@nginx.com>
parents:
6595
diff
changeset
|
2107 local = ngx_pcalloc(cf->pool, sizeof(ngx_stream_upstream_local_t)); |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2108 if (local == NULL) { |
|
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2109 return NGX_CONF_ERROR; |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2110 } |
|
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2111 |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2112 pscf->local = local; |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2113 |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2114 if (cv.lengths) { |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2115 local->value = ngx_palloc(cf->pool, sizeof(ngx_stream_complex_value_t)); |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2116 if (local->value == NULL) { |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2117 return NGX_CONF_ERROR; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2118 } |
|
6595
0c98c4092440
Stream: support for $remote_port in proxy_bind.
Roman Arutyunyan <arut@nginx.com>
parents:
6594
diff
changeset
|
2119 |
|
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2120 *local->value = cv; |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2121 |
|
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2122 } else { |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2123 local->addr = ngx_palloc(cf->pool, sizeof(ngx_addr_t)); |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2124 if (local->addr == NULL) { |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2125 return NGX_CONF_ERROR; |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2126 } |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2127 |
|
6594
3c87b82b17d4
Upstream: support for port in proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6593
diff
changeset
|
2128 rc = ngx_parse_addr_port(cf->pool, local->addr, value[1].data, |
|
3c87b82b17d4
Upstream: support for port in proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6593
diff
changeset
|
2129 value[1].len); |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2130 |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2131 switch (rc) { |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2132 case NGX_OK: |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2133 local->addr->name = value[1]; |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2134 break; |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2135 |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2136 case NGX_DECLINED: |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2137 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2138 "invalid address \"%V\"", &value[1]); |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2139 /* fall through */ |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2140 |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2141 default: |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2142 return NGX_CONF_ERROR; |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2143 } |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2144 } |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2145 |
|
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2146 if (cf->args->nelts > 2) { |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2147 if (ngx_strcmp(value[2].data, "transparent") == 0) { |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2148 #if (NGX_HAVE_TRANSPARENT_PROXY) |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2149 local->transparent = 1; |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2150 #else |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2151 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2152 "transparent proxying is not supported " |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2153 "on this platform, ignored"); |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2154 #endif |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2155 } else { |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2156 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2157 "invalid parameter \"%V\"", &value[2]); |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2158 return NGX_CONF_ERROR; |
|
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2159 } |
|
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2160 } |
|
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2161 |
|
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2162 return NGX_CONF_OK; |
|
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2163 } |