nginx: src/stream/ngx_stream_proxy

annotate src/stream/ngx_stream_proxy_module.c @ 6749:f88a145b093e stable-1.10

HTTP/2: the "421 Misdirected Request" response (closes #848). Since 4fbef397c753 nginx rejects with the 400 error any attempts of requesting different host over the same connection, if the relevant virtual server requires verification of a client certificate. While requesting hosts other than negotiated isn't something legal in HTTP/1.x, the HTTP/2 specification explicitly permits such requests for connection reuse and has introduced a special response code 421. According to RFC 7540 Section 9.1.2 this code can be sent by a server that is not configured to produce responses for the combination of scheme and authority that are included in the request URI. And the client may retry the request over a different connection. Now this code is used for requests that aren't authorized in current connection. After receiving the 421 response a client will be able to open a new connection, provide the required certificate and retry the request. Unfortunately, not all clients currently are able to handle it well. Notably Chrome just shows an error, while at least the latest version of Firefox retries the request over a new connection.

author	Valentin Bartenev <vbart@nginx.com>
date	Fri, 20 May 2016 18:41:17 +0300
parents	a01e315b3a78
children	cb8177ca0990

rev	line source
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	2 /*
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	3 * Copyright (C) Roman Arutyunyan
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	4 * Copyright (C) Nginx, Inc.
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	5 */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	6
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	7
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	8 #include <ngx_config.h>
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	9 #include <ngx_core.h>
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	10 #include <ngx_stream.h>
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	11
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	12
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	13 typedef struct {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	14 ngx_msec_t connect_timeout;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	15 ngx_msec_t timeout;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	16 ngx_msec_t next_upstream_timeout;
6215 8ee6a08ea3eb Stream: added proxy_buffer_size to set the size of data buffers. Roman Arutyunyan <arut@nginx.com> parents: 6208 diff changeset	17 size_t buffer_size;
6208 7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	18 size_t upload_rate;
7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	19 size_t download_rate;
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	20 ngx_uint_t responses;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	21 ngx_uint_t next_upstream_tries;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	22 ngx_flag_t next_upstream;
6184 fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	23 ngx_flag_t proxy_protocol;
6183 4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	24 ngx_addr_t *local;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	25
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	26 #if (NGX_STREAM_SSL)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	27 ngx_flag_t ssl_enable;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	28 ngx_flag_t ssl_session_reuse;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	29 ngx_uint_t ssl_protocols;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	30 ngx_str_t ssl_ciphers;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	31 ngx_str_t ssl_name;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	32 ngx_flag_t ssl_server_name;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	33
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	34 ngx_flag_t ssl_verify;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	35 ngx_uint_t ssl_verify_depth;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	36 ngx_str_t ssl_trusted_certificate;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	37 ngx_str_t ssl_crl;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	38 ngx_str_t ssl_certificate;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	39 ngx_str_t ssl_certificate_key;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	40 ngx_array_t *ssl_passwords;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	41
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	42 ngx_ssl_t *ssl;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	43 #endif
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	44
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	45 ngx_stream_upstream_srv_conf_t *upstream;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	46 } ngx_stream_proxy_srv_conf_t;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	47
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	48
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	49 static void ngx_stream_proxy_handler(ngx_stream_session_t *s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	50 static void ngx_stream_proxy_connect(ngx_stream_session_t *s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	51 static void ngx_stream_proxy_init_upstream(ngx_stream_session_t *s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	52 static void ngx_stream_proxy_upstream_handler(ngx_event_t *ev);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	53 static void ngx_stream_proxy_downstream_handler(ngx_event_t *ev);
6200 abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	54 static void ngx_stream_proxy_process_connection(ngx_event_t *ev,
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	55 ngx_uint_t from_upstream);
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	56 static void ngx_stream_proxy_connect_handler(ngx_event_t *ev);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	57 static ngx_int_t ngx_stream_proxy_test_connect(ngx_connection_t *c);
6435 d1c791479bbb Stream: post first read events from client and upstream. Roman Arutyunyan <arut@nginx.com> parents: 6393 diff changeset	58 static void ngx_stream_proxy_process(ngx_stream_session_t *s,
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	59 ngx_uint_t from_upstream, ngx_uint_t do_write);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	60 static void ngx_stream_proxy_next_upstream(ngx_stream_session_t *s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	61 static void ngx_stream_proxy_finalize(ngx_stream_session_t *s, ngx_int_t rc);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	62 static u_char ngx_stream_proxy_log_error(ngx_log_t log, u_char *buf,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	63 size_t len);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	64
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	65 static void ngx_stream_proxy_create_srv_conf(ngx_conf_t cf);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	66 static char ngx_stream_proxy_merge_srv_conf(ngx_conf_t cf, void *parent,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	67 void *child);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	68 static char ngx_stream_proxy_pass(ngx_conf_t cf, ngx_command_t *cmd,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	69 void *conf);
6183 4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	70 static char ngx_stream_proxy_bind(ngx_conf_t cf, ngx_command_t *cmd,
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	71 void *conf);
6184 fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	72 static ngx_int_t ngx_stream_proxy_send_proxy_protocol(ngx_stream_session_t *s);
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	73
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	74 #if (NGX_STREAM_SSL)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	75
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	76 static char ngx_stream_proxy_ssl_password_file(ngx_conf_t cf,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	77 ngx_command_t cmd, void conf);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	78 static void ngx_stream_proxy_ssl_init_connection(ngx_stream_session_t *s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	79 static void ngx_stream_proxy_ssl_handshake(ngx_connection_t *pc);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	80 static ngx_int_t ngx_stream_proxy_ssl_name(ngx_stream_session_t *s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	81 static ngx_int_t ngx_stream_proxy_set_ssl(ngx_conf_t *cf,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	82 ngx_stream_proxy_srv_conf_t *pscf);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	83
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	84
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	85 static ngx_conf_bitmask_t ngx_stream_proxy_ssl_protocols[] = {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	86 { ngx_string("SSLv2"), NGX_SSL_SSLv2 },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	87 { ngx_string("SSLv3"), NGX_SSL_SSLv3 },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	88 { ngx_string("TLSv1"), NGX_SSL_TLSv1 },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	89 { ngx_string("TLSv1.1"), NGX_SSL_TLSv1_1 },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	90 { ngx_string("TLSv1.2"), NGX_SSL_TLSv1_2 },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	91 { ngx_null_string, 0 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	92 };
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	93
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	94 #endif
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	95
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	96
6217 b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	97 static ngx_conf_deprecated_t ngx_conf_deprecated_proxy_downstream_buffer = {
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	98 ngx_conf_deprecated, "proxy_downstream_buffer", "proxy_buffer_size"
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	99 };
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	100
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	101 static ngx_conf_deprecated_t ngx_conf_deprecated_proxy_upstream_buffer = {
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	102 ngx_conf_deprecated, "proxy_upstream_buffer", "proxy_buffer_size"
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	103 };
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	104
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	105
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	106 static ngx_command_t ngx_stream_proxy_commands[] = {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	107
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	108 { ngx_string("proxy_pass"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	109 NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	110 ngx_stream_proxy_pass,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	111 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	112 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	113 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	114
6183 4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	115 { ngx_string("proxy_bind"),
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	116 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	117 ngx_stream_proxy_bind,
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	118 NGX_STREAM_SRV_CONF_OFFSET,
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	119 0,
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	120 NULL },
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	121
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	122 { ngx_string("proxy_connect_timeout"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	123 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	124 ngx_conf_set_msec_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	125 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	126 offsetof(ngx_stream_proxy_srv_conf_t, connect_timeout),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	127 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	128
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	129 { ngx_string("proxy_timeout"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	130 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	131 ngx_conf_set_msec_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	132 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	133 offsetof(ngx_stream_proxy_srv_conf_t, timeout),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	134 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	135
6215 8ee6a08ea3eb Stream: added proxy_buffer_size to set the size of data buffers. Roman Arutyunyan <arut@nginx.com> parents: 6208 diff changeset	136 { ngx_string("proxy_buffer_size"),
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	137 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	138 ngx_conf_set_size_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	139 NGX_STREAM_SRV_CONF_OFFSET,
6215 8ee6a08ea3eb Stream: added proxy_buffer_size to set the size of data buffers. Roman Arutyunyan <arut@nginx.com> parents: 6208 diff changeset	140 offsetof(ngx_stream_proxy_srv_conf_t, buffer_size),
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	141 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	142
6217 b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	143 { ngx_string("proxy_downstream_buffer"),
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	144 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	145 ngx_conf_set_size_slot,
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	146 NGX_STREAM_SRV_CONF_OFFSET,
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	147 offsetof(ngx_stream_proxy_srv_conf_t, buffer_size),
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	148 &ngx_conf_deprecated_proxy_downstream_buffer },
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	149
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	150 { ngx_string("proxy_upstream_buffer"),
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	151 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	152 ngx_conf_set_size_slot,
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	153 NGX_STREAM_SRV_CONF_OFFSET,
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	154 offsetof(ngx_stream_proxy_srv_conf_t, buffer_size),
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	155 &ngx_conf_deprecated_proxy_upstream_buffer },
b544f8e0d921 Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer. Roman Arutyunyan <arut@nginx.com> parents: 6216 diff changeset	156
6208 7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	157 { ngx_string("proxy_upload_rate"),
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	158 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	159 ngx_conf_set_size_slot,
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	160 NGX_STREAM_SRV_CONF_OFFSET,
6208 7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	161 offsetof(ngx_stream_proxy_srv_conf_t, upload_rate),
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	162 NULL },
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	163
6208 7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	164 { ngx_string("proxy_download_rate"),
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	165 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	166 ngx_conf_set_size_slot,
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	167 NGX_STREAM_SRV_CONF_OFFSET,
6208 7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	168 offsetof(ngx_stream_proxy_srv_conf_t, download_rate),
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	169 NULL },
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	170
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	171 { ngx_string("proxy_responses"),
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	172 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	173 ngx_conf_set_num_slot,
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	174 NGX_STREAM_SRV_CONF_OFFSET,
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	175 offsetof(ngx_stream_proxy_srv_conf_t, responses),
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	176 NULL },
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	177
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	178 { ngx_string("proxy_next_upstream"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	179 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_FLAG,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	180 ngx_conf_set_flag_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	181 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	182 offsetof(ngx_stream_proxy_srv_conf_t, next_upstream),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	183 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	184
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	185 { ngx_string("proxy_next_upstream_tries"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	186 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	187 ngx_conf_set_num_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	188 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	189 offsetof(ngx_stream_proxy_srv_conf_t, next_upstream_tries),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	190 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	191
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	192 { ngx_string("proxy_next_upstream_timeout"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	193 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	194 ngx_conf_set_msec_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	195 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	196 offsetof(ngx_stream_proxy_srv_conf_t, next_upstream_timeout),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	197 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	198
6184 fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	199 { ngx_string("proxy_protocol"),
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	200 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_FLAG,
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	201 ngx_conf_set_flag_slot,
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	202 NGX_STREAM_SRV_CONF_OFFSET,
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	203 offsetof(ngx_stream_proxy_srv_conf_t, proxy_protocol),
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	204 NULL },
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	205
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	206 #if (NGX_STREAM_SSL)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	207
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	208 { ngx_string("proxy_ssl"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	209 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_FLAG,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	210 ngx_conf_set_flag_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	211 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	212 offsetof(ngx_stream_proxy_srv_conf_t, ssl_enable),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	213 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	214
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	215 { ngx_string("proxy_ssl_session_reuse"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	216 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_FLAG,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	217 ngx_conf_set_flag_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	218 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	219 offsetof(ngx_stream_proxy_srv_conf_t, ssl_session_reuse),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	220 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	221
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	222 { ngx_string("proxy_ssl_protocols"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	223 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_1MORE,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	224 ngx_conf_set_bitmask_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	225 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	226 offsetof(ngx_stream_proxy_srv_conf_t, ssl_protocols),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	227 &ngx_stream_proxy_ssl_protocols },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	228
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	229 { ngx_string("proxy_ssl_ciphers"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	230 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	231 ngx_conf_set_str_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	232 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	233 offsetof(ngx_stream_proxy_srv_conf_t, ssl_ciphers),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	234 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	235
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	236 { ngx_string("proxy_ssl_name"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	237 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	238 ngx_conf_set_str_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	239 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	240 offsetof(ngx_stream_proxy_srv_conf_t, ssl_name),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	241 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	242
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	243 { ngx_string("proxy_ssl_server_name"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	244 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_FLAG,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	245 ngx_conf_set_flag_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	246 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	247 offsetof(ngx_stream_proxy_srv_conf_t, ssl_server_name),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	248 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	249
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	250 { ngx_string("proxy_ssl_verify"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	251 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_FLAG,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	252 ngx_conf_set_flag_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	253 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	254 offsetof(ngx_stream_proxy_srv_conf_t, ssl_verify),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	255 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	256
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	257 { ngx_string("proxy_ssl_verify_depth"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	258 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	259 ngx_conf_set_num_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	260 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	261 offsetof(ngx_stream_proxy_srv_conf_t, ssl_verify_depth),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	262 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	263
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	264 { ngx_string("proxy_ssl_trusted_certificate"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	265 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	266 ngx_conf_set_str_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	267 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	268 offsetof(ngx_stream_proxy_srv_conf_t, ssl_trusted_certificate),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	269 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	270
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	271 { ngx_string("proxy_ssl_crl"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	272 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	273 ngx_conf_set_str_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	274 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	275 offsetof(ngx_stream_proxy_srv_conf_t, ssl_crl),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	276 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	277
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	278 { ngx_string("proxy_ssl_certificate"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	279 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	280 ngx_conf_set_str_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	281 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	282 offsetof(ngx_stream_proxy_srv_conf_t, ssl_certificate),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	283 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	284
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	285 { ngx_string("proxy_ssl_certificate_key"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	286 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	287 ngx_conf_set_str_slot,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	288 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	289 offsetof(ngx_stream_proxy_srv_conf_t, ssl_certificate_key),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	290 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	291
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	292 { ngx_string("proxy_ssl_password_file"),
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	293 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	294 ngx_stream_proxy_ssl_password_file,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	295 NGX_STREAM_SRV_CONF_OFFSET,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	296 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	297 NULL },
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	298
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	299 #endif
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	300
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	301 ngx_null_command
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	302 };
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	303
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	304
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	305 static ngx_stream_module_t ngx_stream_proxy_module_ctx = {
6174 68c106e6fa0a Stream: added postconfiguration method to stream modules. Vladimir Homutov <vl@nginx.com> parents: 6157 diff changeset	306 NULL, /* postconfiguration */
68c106e6fa0a Stream: added postconfiguration method to stream modules. Vladimir Homutov <vl@nginx.com> parents: 6157 diff changeset	307
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	308 NULL, /* create main configuration */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	309 NULL, /* init main configuration */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	310
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	311 ngx_stream_proxy_create_srv_conf, /* create server configuration */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	312 ngx_stream_proxy_merge_srv_conf /* merge server configuration */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	313 };
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	314
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	315
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	316 ngx_module_t ngx_stream_proxy_module = {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	317 NGX_MODULE_V1,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	318 &ngx_stream_proxy_module_ctx, /* module context */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	319 ngx_stream_proxy_commands, /* module directives */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	320 NGX_STREAM_MODULE, /* module type */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	321 NULL, /* init master */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	322 NULL, /* init module */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	323 NULL, /* init process */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	324 NULL, /* init thread */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	325 NULL, /* exit thread */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	326 NULL, /* exit process */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	327 NULL, /* exit master */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	328 NGX_MODULE_V1_PADDING
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	329 };
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	330
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	331
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	332 static void
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	333 ngx_stream_proxy_handler(ngx_stream_session_t *s)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	334 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	335 u_char *p;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	336 ngx_connection_t *c;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	337 ngx_stream_upstream_t *u;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	338 ngx_stream_proxy_srv_conf_t *pscf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	339 ngx_stream_upstream_srv_conf_t *uscf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	340
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	341 c = s->connection;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	342
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	343 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	344
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	345 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	346 "proxy connection handler");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	347
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	348 u = ngx_pcalloc(c->pool, sizeof(ngx_stream_upstream_t));
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	349 if (u == NULL) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	350 ngx_stream_proxy_finalize(s, NGX_ERROR);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	351 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	352 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	353
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	354 s->upstream = u;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	355
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	356 s->log_handler = ngx_stream_proxy_log_error;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	357
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	358 u->peer.log = c->log;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	359 u->peer.log_error = NGX_ERROR_ERR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	360
6183 4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	361 u->peer.local = pscf->local;
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	362 u->peer.type = c->type;
6183 4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	363
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	364 uscf = pscf->upstream;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	365
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	366 if (uscf->peer.init(s, uscf) != NGX_OK) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	367 ngx_stream_proxy_finalize(s, NGX_ERROR);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	368 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	369 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	370
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	371 u->peer.start_time = ngx_current_msec;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	372
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	373 if (pscf->next_upstream_tries
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	374 && u->peer.tries > pscf->next_upstream_tries)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	375 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	376 u->peer.tries = pscf->next_upstream_tries;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	377 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	378
6184 fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	379 u->proxy_protocol = pscf->proxy_protocol;
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	380 u->start_sec = ngx_time();
6184 fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	381
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	382 c->write->handler = ngx_stream_proxy_downstream_handler;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	383 c->read->handler = ngx_stream_proxy_downstream_handler;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	384
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	385 if (c->type == SOCK_DGRAM) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	386 ngx_stream_proxy_connect(s);
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	387 return;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	388 }
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	389
6215 8ee6a08ea3eb Stream: added proxy_buffer_size to set the size of data buffers. Roman Arutyunyan <arut@nginx.com> parents: 6208 diff changeset	390 p = ngx_pnalloc(c->pool, pscf->buffer_size);
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	391 if (p == NULL) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	392 ngx_stream_proxy_finalize(s, NGX_ERROR);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	393 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	394 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	395
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	396 u->downstream_buf.start = p;
6215 8ee6a08ea3eb Stream: added proxy_buffer_size to set the size of data buffers. Roman Arutyunyan <arut@nginx.com> parents: 6208 diff changeset	397 u->downstream_buf.end = p + pscf->buffer_size;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	398 u->downstream_buf.pos = p;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	399 u->downstream_buf.last = p;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	400
6184 fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	401 if (u->proxy_protocol
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	402 #if (NGX_STREAM_SSL)
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	403 && pscf->ssl == NULL
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	404 #endif
6216 543f10fe34d2 Style. Roman Arutyunyan <arut@nginx.com> parents: 6215 diff changeset	405 && pscf->buffer_size >= NGX_PROXY_PROTOCOL_MAX_HEADER)
6184 fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	406 {
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	407 /* optimization for a typical case */
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	408
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	409 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0,
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	410 "stream proxy send PROXY protocol header");
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	411
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	412 p = ngx_proxy_protocol_write(c, u->downstream_buf.last,
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	413 u->downstream_buf.end);
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	414 if (p == NULL) {
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	415 ngx_stream_proxy_finalize(s, NGX_ERROR);
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	416 return;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	417 }
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	418
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	419 u->downstream_buf.last = p;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	420 u->proxy_protocol = 0;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	421 }
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	422
6435 d1c791479bbb Stream: post first read events from client and upstream. Roman Arutyunyan <arut@nginx.com> parents: 6393 diff changeset	423 if (c->read->ready) {
d1c791479bbb Stream: post first read events from client and upstream. Roman Arutyunyan <arut@nginx.com> parents: 6393 diff changeset	424 ngx_post_event(c->read, &ngx_posted_events);
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	425 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	426
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	427 ngx_stream_proxy_connect(s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	428 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	429
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	430
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	431 static void
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	432 ngx_stream_proxy_connect(ngx_stream_session_t *s)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	433 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	434 ngx_int_t rc;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	435 ngx_connection_t c, pc;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	436 ngx_stream_upstream_t *u;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	437 ngx_stream_proxy_srv_conf_t *pscf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	438
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	439 c = s->connection;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	440
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	441 c->log->action = "connecting to upstream";
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	442
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	443 u = s->upstream;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	444
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	445 rc = ngx_event_connect_peer(&u->peer);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	446
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	447 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0, "proxy connect: %i", rc);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	448
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	449 if (rc == NGX_ERROR) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	450 ngx_stream_proxy_finalize(s, NGX_ERROR);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	451 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	452 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	453
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	454 if (rc == NGX_BUSY) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	455 ngx_log_error(NGX_LOG_ERR, c->log, 0, "no live upstreams");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	456 ngx_stream_proxy_finalize(s, NGX_DECLINED);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	457 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	458 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	459
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	460 if (rc == NGX_DECLINED) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	461 ngx_stream_proxy_next_upstream(s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	462 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	463 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	464
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	465 /* rc == NGX_OK \|\| rc == NGX_AGAIN \|\| rc == NGX_DONE */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	466
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	467 pc = u->peer.connection;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	468
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	469 pc->data = s;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	470 pc->log = c->log;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	471 pc->pool = c->pool;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	472 pc->read->log = c->log;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	473 pc->write->log = c->log;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	474
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	475 if (rc != NGX_AGAIN) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	476 ngx_stream_proxy_init_upstream(s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	477 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	478 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	479
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	480 pc->read->handler = ngx_stream_proxy_connect_handler;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	481 pc->write->handler = ngx_stream_proxy_connect_handler;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	482
6393 70e6e1f12dee Stream: initialize variable right before using it. Roman Arutyunyan <arut@nginx.com> parents: 6392 diff changeset	483 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
70e6e1f12dee Stream: initialize variable right before using it. Roman Arutyunyan <arut@nginx.com> parents: 6392 diff changeset	484
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	485 ngx_add_timer(pc->write, pscf->connect_timeout);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	486 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	487
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	488
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	489 static void
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	490 ngx_stream_proxy_init_upstream(ngx_stream_session_t *s)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	491 {
6222 1bd5eb20bd7c Style. Vladimir Homutov <vl@nginx.com> parents: 6221 diff changeset	492 int tcp_nodelay;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	493 u_char *p;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	494 ngx_connection_t c, pc;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	495 ngx_log_handler_pt handler;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	496 ngx_stream_upstream_t *u;
6221 7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	497 ngx_stream_core_srv_conf_t *cscf;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	498 ngx_stream_proxy_srv_conf_t *pscf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	499
6184 fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	500 u = s->upstream;
6221 7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	501 pc = u->peer.connection;
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	502
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	503 cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module);
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	504
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	505 if (pc->type == SOCK_STREAM
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	506 && cscf->tcp_nodelay
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	507 && pc->tcp_nodelay == NGX_TCP_NODELAY_UNSET)
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	508 {
6221 7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	509 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, pc->log, 0, "tcp_nodelay");
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	510
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	511 tcp_nodelay = 1;
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	512
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	513 if (setsockopt(pc->fd, IPPROTO_TCP, TCP_NODELAY,
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	514 (const void *) &tcp_nodelay, sizeof(int)) == -1)
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	515 {
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	516 ngx_connection_error(pc, ngx_socket_errno,
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	517 "setsockopt(TCP_NODELAY) failed");
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	518 ngx_stream_proxy_next_upstream(s);
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	519 return;
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	520 }
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	521
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	522 pc->tcp_nodelay = NGX_TCP_NODELAY_SET;
7565e056fad6 Stream: the "tcp_nodelay" directive. Vladimir Homutov <vl@nginx.com> parents: 6217 diff changeset	523 }
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	524
6184 fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	525 if (u->proxy_protocol) {
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	526 if (ngx_stream_proxy_send_proxy_protocol(s) != NGX_OK) {
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	527 return;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	528 }
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	529
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	530 u->proxy_protocol = 0;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	531 }
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	532
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	533 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	534
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	535 #if (NGX_STREAM_SSL)
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	536 if (pc->type == SOCK_STREAM && pscf->ssl && pc->ssl == NULL) {
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	537 ngx_stream_proxy_ssl_init_connection(s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	538 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	539 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	540 #endif
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	541
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	542 c = s->connection;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	543
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	544 if (c->log->log_level >= NGX_LOG_INFO) {
6230 2a621245f4cf Win32: MSVC 2015 compatibility. Maxim Dounin <mdounin@mdounin.ru> parents: 6222 diff changeset	545 ngx_str_t str;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	546 u_char addr[NGX_SOCKADDR_STRLEN];
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	547
6230 2a621245f4cf Win32: MSVC 2015 compatibility. Maxim Dounin <mdounin@mdounin.ru> parents: 6222 diff changeset	548 str.len = NGX_SOCKADDR_STRLEN;
2a621245f4cf Win32: MSVC 2015 compatibility. Maxim Dounin <mdounin@mdounin.ru> parents: 6222 diff changeset	549 str.data = addr;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	550
6230 2a621245f4cf Win32: MSVC 2015 compatibility. Maxim Dounin <mdounin@mdounin.ru> parents: 6222 diff changeset	551 if (ngx_connection_local_sockaddr(pc, &str, 1) == NGX_OK) {
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	552 handler = c->log->handler;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	553 c->log->handler = NULL;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	554
6461 a01e315b3a78 Stream: additional logging for UDP. Vladimir Homutov <vl@nginx.com> parents: 6436 diff changeset	555 ngx_log_error(NGX_LOG_INFO, c->log, 0,
a01e315b3a78 Stream: additional logging for UDP. Vladimir Homutov <vl@nginx.com> parents: 6436 diff changeset	556 "%sproxy %V connected to %V",
a01e315b3a78 Stream: additional logging for UDP. Vladimir Homutov <vl@nginx.com> parents: 6436 diff changeset	557 pc->type == SOCK_DGRAM ? "udp " : "",
6230 2a621245f4cf Win32: MSVC 2015 compatibility. Maxim Dounin <mdounin@mdounin.ru> parents: 6222 diff changeset	558 &str, u->peer.name);
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	559
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	560 c->log->handler = handler;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	561 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	562 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	563
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	564 c->log->action = "proxying connection";
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	565
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	566 if (u->upstream_buf.start == NULL) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	567 p = ngx_pnalloc(c->pool, pscf->buffer_size);
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	568 if (p == NULL) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	569 ngx_stream_proxy_finalize(s, NGX_ERROR);
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	570 return;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	571 }
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	572
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	573 u->upstream_buf.start = p;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	574 u->upstream_buf.end = p + pscf->buffer_size;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	575 u->upstream_buf.pos = p;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	576 u->upstream_buf.last = p;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	577 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	578
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	579 if (c->type == SOCK_DGRAM) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	580 s->received = c->buffer->last - c->buffer->pos;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	581 u->downstream_buf = *c->buffer;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	582
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	583 if (pscf->responses == 0) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	584 pc->read->ready = 0;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	585 pc->read->eof = 1;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	586 }
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	587 }
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	588
6202 6345822f0abb Stream: upstream "connected" flag. Roman Arutyunyan <arut@nginx.com> parents: 6201 diff changeset	589 u->connected = 1;
6345822f0abb Stream: upstream "connected" flag. Roman Arutyunyan <arut@nginx.com> parents: 6201 diff changeset	590
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	591 pc->read->handler = ngx_stream_proxy_upstream_handler;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	592 pc->write->handler = ngx_stream_proxy_upstream_handler;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	593
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	594 if (pc->read->ready \|\| pc->read->eof) {
6435 d1c791479bbb Stream: post first read events from client and upstream. Roman Arutyunyan <arut@nginx.com> parents: 6393 diff changeset	595 ngx_post_event(pc->read, &ngx_posted_events);
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	596 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	597
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	598 ngx_stream_proxy_process(s, 0, 1);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	599 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	600
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	601
6184 fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	602 static ngx_int_t
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	603 ngx_stream_proxy_send_proxy_protocol(ngx_stream_session_t *s)
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	604 {
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	605 u_char *p;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	606 ssize_t n, size;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	607 ngx_connection_t c, pc;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	608 ngx_stream_upstream_t *u;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	609 ngx_stream_proxy_srv_conf_t *pscf;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	610 u_char buf[NGX_PROXY_PROTOCOL_MAX_HEADER];
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	611
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	612 c = s->connection;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	613
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	614 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0,
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	615 "stream proxy send PROXY protocol header");
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	616
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	617 p = ngx_proxy_protocol_write(c, buf, buf + NGX_PROXY_PROTOCOL_MAX_HEADER);
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	618 if (p == NULL) {
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	619 ngx_stream_proxy_finalize(s, NGX_ERROR);
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	620 return NGX_ERROR;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	621 }
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	622
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	623 u = s->upstream;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	624
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	625 pc = u->peer.connection;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	626
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	627 size = p - buf;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	628
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	629 n = pc->send(pc, buf, size);
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	630
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	631 if (n == NGX_AGAIN) {
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	632 if (ngx_handle_write_event(pc->write, 0) != NGX_OK) {
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	633 ngx_stream_proxy_finalize(s, NGX_ERROR);
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	634 return NGX_ERROR;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	635 }
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	636
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	637 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	638
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	639 ngx_add_timer(pc->write, pscf->timeout);
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	640
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	641 pc->write->handler = ngx_stream_proxy_connect_handler;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	642
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	643 return NGX_AGAIN;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	644 }
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	645
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	646 if (n == NGX_ERROR) {
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	647 ngx_stream_proxy_finalize(s, NGX_DECLINED);
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	648 return NGX_ERROR;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	649 }
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	650
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	651 if (n != size) {
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	652
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	653 /*
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	654 * PROXY protocol specification:
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	655 * The sender must always ensure that the header
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	656 * is sent at once, so that the transport layer
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	657 * maintains atomicity along the path to the receiver.
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	658 */
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	659
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	660 ngx_log_error(NGX_LOG_ERR, c->log, 0,
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	661 "could not send PROXY protocol header at once");
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	662
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	663 ngx_stream_proxy_finalize(s, NGX_DECLINED);
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	664
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	665 return NGX_ERROR;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	666 }
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	667
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	668 return NGX_OK;
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	669 }
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	670
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	671
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	672 #if (NGX_STREAM_SSL)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	673
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	674 static char *
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	675 ngx_stream_proxy_ssl_password_file(ngx_conf_t cf, ngx_command_t cmd,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	676 void *conf)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	677 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	678 ngx_stream_proxy_srv_conf_t *pscf = conf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	679
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	680 ngx_str_t *value;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	681
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	682 if (pscf->ssl_passwords != NGX_CONF_UNSET_PTR) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	683 return "is duplicate";
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	684 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	685
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	686 value = cf->args->elts;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	687
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	688 pscf->ssl_passwords = ngx_ssl_read_password_file(cf, &value[1]);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	689
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	690 if (pscf->ssl_passwords == NULL) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	691 return NGX_CONF_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	692 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	693
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	694 return NGX_CONF_OK;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	695 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	696
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	697
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	698 static void
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	699 ngx_stream_proxy_ssl_init_connection(ngx_stream_session_t *s)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	700 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	701 ngx_int_t rc;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	702 ngx_connection_t *pc;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	703 ngx_stream_upstream_t *u;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	704 ngx_stream_proxy_srv_conf_t *pscf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	705
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	706 u = s->upstream;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	707
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	708 pc = u->peer.connection;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	709
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	710 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	711
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	712 if (ngx_ssl_create_connection(pscf->ssl, pc, NGX_SSL_BUFFER\|NGX_SSL_CLIENT)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	713 != NGX_OK)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	714 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	715 ngx_stream_proxy_finalize(s, NGX_ERROR);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	716 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	717 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	718
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	719 if (pscf->ssl_server_name \|\| pscf->ssl_verify) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	720 if (ngx_stream_proxy_ssl_name(s) != NGX_OK) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	721 ngx_stream_proxy_finalize(s, NGX_ERROR);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	722 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	723 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	724 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	725
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	726 if (pscf->ssl_session_reuse) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	727 if (u->peer.set_session(&u->peer, u->peer.data) != NGX_OK) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	728 ngx_stream_proxy_finalize(s, NGX_ERROR);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	729 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	730 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	731 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	732
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	733 s->connection->log->action = "SSL handshaking to upstream";
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	734
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	735 rc = ngx_ssl_handshake(pc);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	736
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	737 if (rc == NGX_AGAIN) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	738
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	739 if (!pc->write->timer_set) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	740 ngx_add_timer(pc->write, pscf->connect_timeout);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	741 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	742
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	743 pc->ssl->handler = ngx_stream_proxy_ssl_handshake;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	744 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	745 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	746
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	747 ngx_stream_proxy_ssl_handshake(pc);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	748 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	749
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	750
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	751 static void
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	752 ngx_stream_proxy_ssl_handshake(ngx_connection_t *pc)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	753 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	754 long rc;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	755 ngx_stream_session_t *s;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	756 ngx_stream_upstream_t *u;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	757 ngx_stream_proxy_srv_conf_t *pscf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	758
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	759 s = pc->data;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	760
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	761 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	762
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	763 if (pc->ssl->handshaked) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	764
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	765 if (pscf->ssl_verify) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	766 rc = SSL_get_verify_result(pc->ssl->connection);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	767
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	768 if (rc != X509_V_OK) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	769 ngx_log_error(NGX_LOG_ERR, pc->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	770 "upstream SSL certificate verify error: (%l:%s)",
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	771 rc, X509_verify_cert_error_string(rc));
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	772 goto failed;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	773 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	774
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	775 u = s->upstream;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	776
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	777 if (ngx_ssl_check_host(pc, &u->ssl_name) != NGX_OK) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	778 ngx_log_error(NGX_LOG_ERR, pc->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	779 "upstream SSL certificate does not match \"%V\"",
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	780 &u->ssl_name);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	781 goto failed;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	782 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	783 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	784
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	785 if (pscf->ssl_session_reuse) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	786 u = s->upstream;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	787 u->peer.save_session(&u->peer, u->peer.data);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	788 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	789
6258 4b4aee40c508 Stream: delete proxy connection timer after SSL handshake. Ruslan Ermilov <ru@nginx.com> parents: 6230 diff changeset	790 if (pc->write->timer_set) {
4b4aee40c508 Stream: delete proxy connection timer after SSL handshake. Ruslan Ermilov <ru@nginx.com> parents: 6230 diff changeset	791 ngx_del_timer(pc->write);
4b4aee40c508 Stream: delete proxy connection timer after SSL handshake. Ruslan Ermilov <ru@nginx.com> parents: 6230 diff changeset	792 }
4b4aee40c508 Stream: delete proxy connection timer after SSL handshake. Ruslan Ermilov <ru@nginx.com> parents: 6230 diff changeset	793
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	794 ngx_stream_proxy_init_upstream(s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	795
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	796 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	797 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	798
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	799 failed:
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	800
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	801 ngx_stream_proxy_next_upstream(s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	802 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	803
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	804
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	805 static ngx_int_t
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	806 ngx_stream_proxy_ssl_name(ngx_stream_session_t *s)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	807 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	808 u_char p, last;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	809 ngx_str_t name;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	810 ngx_stream_upstream_t *u;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	811 ngx_stream_proxy_srv_conf_t *pscf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	812
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	813 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	814
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	815 u = s->upstream;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	816
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	817 name = pscf->ssl_name;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	818
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	819 if (name.len == 0) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	820 name = pscf->upstream->host;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	821 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	822
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	823 if (name.len == 0) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	824 goto done;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	825 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	826
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	827 /*
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	828 * ssl name here may contain port, strip it for compatibility
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	829 * with the http module
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	830 */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	831
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	832 p = name.data;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	833 last = name.data + name.len;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	834
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	835 if (*p == '[') {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	836 p = ngx_strlchr(p, last, ']');
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	837
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	838 if (p == NULL) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	839 p = name.data;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	840 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	841 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	842
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	843 p = ngx_strlchr(p, last, ':');
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	844
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	845 if (p != NULL) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	846 name.len = p - name.data;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	847 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	848
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	849 if (!pscf->ssl_server_name) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	850 goto done;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	851 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	852
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	853 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	854
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	855 /* as per RFC 6066, literal IPv4 and IPv6 addresses are not permitted */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	856
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	857 if (name.len == 0 \|\| *name.data == '[') {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	858 goto done;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	859 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	860
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	861 if (ngx_inet_addr(name.data, name.len) != INADDR_NONE) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	862 goto done;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	863 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	864
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	865 /*
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	866 * SSL_set_tlsext_host_name() needs a null-terminated string,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	867 * hence we explicitly null-terminate name here
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	868 */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	869
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	870 p = ngx_pnalloc(s->connection->pool, name.len + 1);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	871 if (p == NULL) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	872 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	873 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	874
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	875 (void) ngx_cpystrn(p, name.data, name.len + 1);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	876
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	877 name.data = p;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	878
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	879 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	880 "upstream SSL server name: \"%s\"", name.data);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	881
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	882 if (SSL_set_tlsext_host_name(u->peer.connection->ssl->connection, name.data)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	883 == 0)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	884 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	885 ngx_ssl_error(NGX_LOG_ERR, s->connection->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	886 "SSL_set_tlsext_host_name(\"%s\") failed", name.data);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	887 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	888 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	889
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	890 #endif
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	891
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	892 done:
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	893
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	894 u->ssl_name = name;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	895
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	896 return NGX_OK;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	897 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	898
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	899 #endif
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	900
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	901
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	902 static void
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	903 ngx_stream_proxy_downstream_handler(ngx_event_t *ev)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	904 {
6200 abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	905 ngx_stream_proxy_process_connection(ev, ev->write);
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	906 }
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	907
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	908
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	909 static void
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	910 ngx_stream_proxy_upstream_handler(ngx_event_t *ev)
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	911 {
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	912 ngx_stream_proxy_process_connection(ev, !ev->write);
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	913 }
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	914
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	915
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	916 static void
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	917 ngx_stream_proxy_process_connection(ngx_event_t *ev, ngx_uint_t from_upstream)
abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	918 {
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	919 ngx_connection_t c, pc;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	920 ngx_stream_session_t *s;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	921 ngx_stream_upstream_t *u;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	922 ngx_stream_proxy_srv_conf_t *pscf;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	923
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	924 c = ev->data;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	925 s = c->data;
6200 abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	926 u = s->upstream;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	927
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	928 c = s->connection;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	929 pc = u->peer.connection;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	930
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	931 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	932
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	933 if (ev->timedout) {
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	934 ev->timedout = 0;
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	935
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	936 if (ev->delayed) {
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	937 ev->delayed = 0;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	938
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	939 if (!ev->ready) {
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	940 if (ngx_handle_read_event(ev, 0) != NGX_OK) {
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	941 ngx_stream_proxy_finalize(s, NGX_ERROR);
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	942 return;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	943 }
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	944
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	945 if (u->connected && !c->read->delayed && !pc->read->delayed) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	946 ngx_add_timer(c->write, pscf->timeout);
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	947 }
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	948
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	949 return;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	950 }
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	951
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	952 } else {
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	953 if (s->connection->type == SOCK_DGRAM) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	954 if (pscf->responses == NGX_MAX_INT32_VALUE) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	955
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	956 /*
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	957 * successfully terminate timed out UDP session
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	958 * with unspecified number of responses
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	959 */
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	960
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	961 pc->read->ready = 0;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	962 pc->read->eof = 1;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	963
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	964 ngx_stream_proxy_process(s, 1, 0);
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	965 return;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	966 }
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	967
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	968 if (u->received == 0) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	969 ngx_stream_proxy_next_upstream(s);
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	970 return;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	971 }
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	972 }
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	973
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	974 ngx_connection_error(c, NGX_ETIMEDOUT, "connection timed out");
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	975 ngx_stream_proxy_finalize(s, NGX_DECLINED);
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	976 return;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	977 }
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	978
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	979 } else if (ev->delayed) {
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	980
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	981 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0,
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	982 "stream connection delayed");
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	983
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	984 if (ngx_handle_read_event(ev, 0) != NGX_OK) {
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	985 ngx_stream_proxy_finalize(s, NGX_ERROR);
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	986 }
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	987
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	988 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	989 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	990
6202 6345822f0abb Stream: upstream "connected" flag. Roman Arutyunyan <arut@nginx.com> parents: 6201 diff changeset	991 if (from_upstream && !u->connected) {
6200 abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	992 return;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	993 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	994
6200 abee77018d3a Stream: common handler for upstream and downstream. Roman Arutyunyan <arut@nginx.com> parents: 6184 diff changeset	995 ngx_stream_proxy_process(s, from_upstream, ev->write);
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	996 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	997
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	998
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	999 static void
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1000 ngx_stream_proxy_connect_handler(ngx_event_t *ev)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1001 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1002 ngx_connection_t *c;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1003 ngx_stream_session_t *s;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1004
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1005 c = ev->data;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1006 s = c->data;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1007
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1008 if (ev->timedout) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1009 ngx_log_error(NGX_LOG_ERR, c->log, NGX_ETIMEDOUT, "upstream timed out");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1010 ngx_stream_proxy_next_upstream(s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1011 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1012 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1013
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1014 ngx_del_timer(c->write);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1015
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1016 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1017 "stream proxy connect upstream");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1018
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1019 if (ngx_stream_proxy_test_connect(c) != NGX_OK) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1020 ngx_stream_proxy_next_upstream(s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1021 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1022 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1023
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1024 ngx_stream_proxy_init_upstream(s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1025 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1026
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1027
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1028 static ngx_int_t
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1029 ngx_stream_proxy_test_connect(ngx_connection_t *c)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1030 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1031 int err;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1032 socklen_t len;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1033
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1034 #if (NGX_HAVE_KQUEUE)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1035
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1036 if (ngx_event_flags & NGX_USE_KQUEUE_EVENT) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1037 err = c->write->kq_errno ? c->write->kq_errno : c->read->kq_errno;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1038
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1039 if (err) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1040 (void) ngx_connection_error(c, err,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1041 "kevent() reported that connect() failed");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1042 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1043 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1044
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1045 } else
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1046 #endif
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1047 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1048 err = 0;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1049 len = sizeof(int);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1050
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1051 /*
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1052 * BSDs and Linux return 0 and set a pending error in err
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1053 * Solaris returns -1 and sets errno
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1054 */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1055
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1056 if (getsockopt(c->fd, SOL_SOCKET, SO_ERROR, (void *) &err, &len)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1057 == -1)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1058 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1059 err = ngx_socket_errno;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1060 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1061
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1062 if (err) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1063 (void) ngx_connection_error(c, err, "connect() failed");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1064 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1065 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1066 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1067
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1068 return NGX_OK;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1069 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1070
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1071
6435 d1c791479bbb Stream: post first read events from client and upstream. Roman Arutyunyan <arut@nginx.com> parents: 6393 diff changeset	1072 static void
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1073 ngx_stream_proxy_process(ngx_stream_session_t *s, ngx_uint_t from_upstream,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1074 ngx_uint_t do_write)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1075 {
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1076 off_t *received, limit;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1077 size_t size, limit_rate;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1078 ssize_t n;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1079 ngx_buf_t *b;
6124 f1f222db290b Stream: prevent repeated event notifications after eof. Roman Arutyunyan <arut@nginx.com> parents: 6115 diff changeset	1080 ngx_uint_t flags;
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1081 ngx_msec_t delay;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1082 ngx_connection_t c, pc, src, dst;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1083 ngx_log_handler_pt handler;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1084 ngx_stream_upstream_t *u;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1085 ngx_stream_proxy_srv_conf_t *pscf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1086
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1087 u = s->upstream;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1088
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1089 c = s->connection;
6202 6345822f0abb Stream: upstream "connected" flag. Roman Arutyunyan <arut@nginx.com> parents: 6201 diff changeset	1090 pc = u->connected ? u->peer.connection : NULL;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1091
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1092 if (c->type == SOCK_DGRAM && (ngx_terminate \|\| ngx_exiting)) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1093
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1094 /* socket is already closed on worker shutdown */
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1095
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1096 handler = c->log->handler;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1097 c->log->handler = NULL;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1098
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1099 ngx_log_error(NGX_LOG_INFO, c->log, 0, "disconnected on shutdown");
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1100
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1101 c->log->handler = handler;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1102
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1103 ngx_stream_proxy_finalize(s, NGX_OK);
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1104 return;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1105 }
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1106
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1107 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1108
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1109 if (from_upstream) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1110 src = pc;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1111 dst = c;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1112 b = &u->upstream_buf;
6208 7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	1113 limit_rate = pscf->download_rate;
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1114 received = &u->received;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1115
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1116 } else {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1117 src = c;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1118 dst = pc;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1119 b = &u->downstream_buf;
6208 7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	1120 limit_rate = pscf->upload_rate;
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1121 received = &s->received;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1122 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1123
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1124 for ( ;; ) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1125
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1126 if (do_write) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1127
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1128 size = b->last - b->pos;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1129
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1130 if (size && dst && dst->write->ready) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1131
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1132 n = dst->send(dst, b->pos, size);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1133
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1134 if (n == NGX_AGAIN && dst->shared) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1135 /* cannot wait on a shared socket */
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1136 n = NGX_ERROR;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1137 }
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1138
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1139 if (n == NGX_ERROR) {
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1140 if (c->type == SOCK_DGRAM && !from_upstream) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1141 ngx_stream_proxy_next_upstream(s);
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1142 return;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1143 }
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1144
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1145 ngx_stream_proxy_finalize(s, NGX_DECLINED);
6435 d1c791479bbb Stream: post first read events from client and upstream. Roman Arutyunyan <arut@nginx.com> parents: 6393 diff changeset	1146 return;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1147 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1148
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1149 if (n > 0) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1150 b->pos += n;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1151
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1152 if (b->pos == b->last) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1153 b->pos = b->start;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1154 b->last = b->start;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1155 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1156 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1157 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1158 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1159
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1160 size = b->end - b->last;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1161
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1162 if (size && src->read->ready && !src->read->delayed) {
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1163
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1164 if (limit_rate) {
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1165 limit = (off_t) limit_rate * (ngx_time() - u->start_sec + 1)
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1166 - *received;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1167
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1168 if (limit <= 0) {
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1169 src->read->delayed = 1;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1170 delay = (ngx_msec_t) (- limit * 1000 / limit_rate + 1);
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1171 ngx_add_timer(src->read, delay);
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1172 break;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1173 }
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1174
6204 114d1f8cdcab Stream: fixed possible integer overflow in rate limiting. Valentin Bartenev <vbart@nginx.com> parents: 6203 diff changeset	1175 if ((off_t) size > limit) {
6203 fdfdcad62875 Stream: fixed MSVC compilation warning. Roman Arutyunyan <arut@nginx.com> parents: 6202 diff changeset	1176 size = (size_t) limit;
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1177 }
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1178 }
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1179
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1180 n = src->recv(src, b->last, size);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1181
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1182 if (n == NGX_AGAIN \|\| n == 0) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1183 break;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1184 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1185
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1186 if (n > 0) {
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1187 if (limit_rate) {
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1188 delay = (ngx_msec_t) (n * 1000 / limit_rate);
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1189
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1190 if (delay > 0) {
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1191 src->read->delayed = 1;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1192 ngx_add_timer(src->read, delay);
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1193 }
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1194 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1195
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1196 if (c->type == SOCK_DGRAM && ++u->responses == pscf->responses)
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1197 {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1198 src->read->ready = 0;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1199 src->read->eof = 1;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1200 }
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1201
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1202 *received += n;
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1203 b->last += n;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1204 do_write = 1;
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1205
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1206 continue;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1207 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1208
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1209 if (n == NGX_ERROR) {
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1210 if (c->type == SOCK_DGRAM && u->received == 0) {
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1211 ngx_stream_proxy_next_upstream(s);
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1212 return;
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1213 }
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1214
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1215 src->read->eof = 1;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1216 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1217 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1218
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1219 break;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1220 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1221
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1222 if (src->read->eof && (b->pos == b->last \|\| (dst && dst->read->eof))) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1223 handler = c->log->handler;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1224 c->log->handler = NULL;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1225
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1226 ngx_log_error(NGX_LOG_INFO, c->log, 0,
6461 a01e315b3a78 Stream: additional logging for UDP. Vladimir Homutov <vl@nginx.com> parents: 6436 diff changeset	1227 "%s%s disconnected"
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1228 ", bytes from/to client:%O/%O"
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1229 ", bytes from/to upstream:%O/%O",
6461 a01e315b3a78 Stream: additional logging for UDP. Vladimir Homutov <vl@nginx.com> parents: 6436 diff changeset	1230 src->type == SOCK_DGRAM ? "udp " : "",
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1231 from_upstream ? "upstream" : "client",
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1232 s->received, c->sent, u->received, pc ? pc->sent : 0);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1233
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1234 c->log->handler = handler;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1235
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1236 ngx_stream_proxy_finalize(s, NGX_OK);
6435 d1c791479bbb Stream: post first read events from client and upstream. Roman Arutyunyan <arut@nginx.com> parents: 6393 diff changeset	1237 return;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1238 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1239
6124 f1f222db290b Stream: prevent repeated event notifications after eof. Roman Arutyunyan <arut@nginx.com> parents: 6115 diff changeset	1240 flags = src->read->eof ? NGX_CLOSE_EVENT : 0;
f1f222db290b Stream: prevent repeated event notifications after eof. Roman Arutyunyan <arut@nginx.com> parents: 6115 diff changeset	1241
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1242 if (!src->shared && ngx_handle_read_event(src->read, flags) != NGX_OK) {
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1243 ngx_stream_proxy_finalize(s, NGX_ERROR);
6435 d1c791479bbb Stream: post first read events from client and upstream. Roman Arutyunyan <arut@nginx.com> parents: 6393 diff changeset	1244 return;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1245 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1246
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1247 if (dst) {
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1248 if (!dst->shared && ngx_handle_write_event(dst->write, 0) != NGX_OK) {
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1249 ngx_stream_proxy_finalize(s, NGX_ERROR);
6435 d1c791479bbb Stream: post first read events from client and upstream. Roman Arutyunyan <arut@nginx.com> parents: 6393 diff changeset	1250 return;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1251 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1252
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1253 if (!c->read->delayed && !pc->read->delayed) {
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1254 ngx_add_timer(c->write, pscf->timeout);
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1255
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1256 } else if (c->write->timer_set) {
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1257 ngx_del_timer(c->write);
24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1258 }
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1259 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1260 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1261
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1262
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1263 static void
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1264 ngx_stream_proxy_next_upstream(ngx_stream_session_t *s)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1265 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1266 ngx_msec_t timeout;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1267 ngx_connection_t *pc;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1268 ngx_stream_upstream_t *u;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1269 ngx_stream_proxy_srv_conf_t *pscf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1270
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1271 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, s->connection->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1272 "stream proxy next upstream");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1273
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1274 u = s->upstream;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1275
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1276 if (u->peer.sockaddr) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1277 u->peer.free(&u->peer, u->peer.data, NGX_PEER_FAILED);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1278 u->peer.sockaddr = NULL;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1279 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1280
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1281 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1282
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1283 timeout = pscf->next_upstream_timeout;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1284
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1285 if (u->peer.tries == 0
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1286 \|\| !pscf->next_upstream
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1287 \|\| (timeout && ngx_current_msec - u->peer.start_time >= timeout))
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1288 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1289 ngx_stream_proxy_finalize(s, NGX_DECLINED);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1290 return;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1291 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1292
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1293 pc = u->peer.connection;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1294
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1295 if (pc) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1296 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1297 "close proxy upstream connection: %d", pc->fd);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1298
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1299 #if (NGX_STREAM_SSL)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1300 if (pc->ssl) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1301 pc->ssl->no_wait_shutdown = 1;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1302 pc->ssl->no_send_shutdown = 1;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1303
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1304 (void) ngx_ssl_shutdown(pc);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1305 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1306 #endif
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1307
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1308 ngx_close_connection(pc);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1309 u->peer.connection = NULL;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1310 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1311
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1312 ngx_stream_proxy_connect(s);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1313 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1314
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1315
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1316 static void
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1317 ngx_stream_proxy_finalize(ngx_stream_session_t *s, ngx_int_t rc)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1318 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1319 ngx_connection_t *pc;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1320 ngx_stream_upstream_t *u;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1321
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1322 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1323 "finalize stream proxy: %i", rc);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1324
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1325 u = s->upstream;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1326
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1327 if (u == NULL) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1328 goto noupstream;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1329 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1330
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1331 if (u->peer.free && u->peer.sockaddr) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1332 u->peer.free(&u->peer, u->peer.data, 0);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1333 u->peer.sockaddr = NULL;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1334 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1335
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1336 pc = u->peer.connection;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1337
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1338 if (pc) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1339 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1340 "close stream proxy upstream connection: %d", pc->fd);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1341
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1342 #if (NGX_STREAM_SSL)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1343 if (pc->ssl) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1344 pc->ssl->no_wait_shutdown = 1;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1345 (void) ngx_ssl_shutdown(pc);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1346 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1347 #endif
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1348
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1349 ngx_close_connection(pc);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1350 u->peer.connection = NULL;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1351 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1352
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1353 noupstream:
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1354
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1355 ngx_stream_close_connection(s->connection);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1356 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1357
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1358
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1359 static u_char *
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1360 ngx_stream_proxy_log_error(ngx_log_t log, u_char buf, size_t len)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1361 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1362 u_char *p;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1363 ngx_connection_t *pc;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1364 ngx_stream_session_t *s;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1365 ngx_stream_upstream_t *u;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1366
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1367 s = log->data;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1368
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1369 u = s->upstream;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1370
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1371 p = buf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1372
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1373 if (u->peer.name) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1374 p = ngx_snprintf(p, len, ", upstream: \"%V\"", u->peer.name);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1375 len -= p - buf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1376 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1377
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1378 pc = u->peer.connection;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1379
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1380 p = ngx_snprintf(p, len,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1381 ", bytes from/to client:%O/%O"
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1382 ", bytes from/to upstream:%O/%O",
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1383 s->received, s->connection->sent,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1384 u->received, pc ? pc->sent : 0);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1385
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1386 return p;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1387 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1388
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1389
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1390 static void *
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1391 ngx_stream_proxy_create_srv_conf(ngx_conf_t *cf)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1392 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1393 ngx_stream_proxy_srv_conf_t *conf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1394
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1395 conf = ngx_pcalloc(cf->pool, sizeof(ngx_stream_proxy_srv_conf_t));
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1396 if (conf == NULL) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1397 return NULL;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1398 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1399
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1400 /*
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1401 * set by ngx_pcalloc():
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1402 *
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1403 * conf->ssl_protocols = 0;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1404 * conf->ssl_ciphers = { 0, NULL };
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1405 * conf->ssl_name = { 0, NULL };
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1406 * conf->ssl_trusted_certificate = { 0, NULL };
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1407 * conf->ssl_crl = { 0, NULL };
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1408 * conf->ssl_certificate = { 0, NULL };
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1409 * conf->ssl_certificate_key = { 0, NULL };
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1410 *
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1411 * conf->ssl = NULL;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1412 * conf->upstream = NULL;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1413 */
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1414
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1415 conf->connect_timeout = NGX_CONF_UNSET_MSEC;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1416 conf->timeout = NGX_CONF_UNSET_MSEC;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1417 conf->next_upstream_timeout = NGX_CONF_UNSET_MSEC;
6215 8ee6a08ea3eb Stream: added proxy_buffer_size to set the size of data buffers. Roman Arutyunyan <arut@nginx.com> parents: 6208 diff changeset	1418 conf->buffer_size = NGX_CONF_UNSET_SIZE;
6208 7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	1419 conf->upload_rate = NGX_CONF_UNSET_SIZE;
7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	1420 conf->download_rate = NGX_CONF_UNSET_SIZE;
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1421 conf->responses = NGX_CONF_UNSET_UINT;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1422 conf->next_upstream_tries = NGX_CONF_UNSET_UINT;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1423 conf->next_upstream = NGX_CONF_UNSET;
6184 fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	1424 conf->proxy_protocol = NGX_CONF_UNSET;
6183 4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1425 conf->local = NGX_CONF_UNSET_PTR;
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1426
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1427 #if (NGX_STREAM_SSL)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1428 conf->ssl_enable = NGX_CONF_UNSET;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1429 conf->ssl_session_reuse = NGX_CONF_UNSET;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1430 conf->ssl_server_name = NGX_CONF_UNSET;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1431 conf->ssl_verify = NGX_CONF_UNSET;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1432 conf->ssl_verify_depth = NGX_CONF_UNSET_UINT;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1433 conf->ssl_passwords = NGX_CONF_UNSET_PTR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1434 #endif
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1435
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1436 return conf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1437 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1438
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1439
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1440 static char *
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1441 ngx_stream_proxy_merge_srv_conf(ngx_conf_t cf, void parent, void *child)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1442 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1443 ngx_stream_proxy_srv_conf_t *prev = parent;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1444 ngx_stream_proxy_srv_conf_t *conf = child;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1445
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1446 ngx_conf_merge_msec_value(conf->connect_timeout,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1447 prev->connect_timeout, 60000);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1448
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1449 ngx_conf_merge_msec_value(conf->timeout,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1450 prev->timeout, 10 * 60000);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1451
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1452 ngx_conf_merge_msec_value(conf->next_upstream_timeout,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1453 prev->next_upstream_timeout, 0);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1454
6215 8ee6a08ea3eb Stream: added proxy_buffer_size to set the size of data buffers. Roman Arutyunyan <arut@nginx.com> parents: 6208 diff changeset	1455 ngx_conf_merge_size_value(conf->buffer_size,
8ee6a08ea3eb Stream: added proxy_buffer_size to set the size of data buffers. Roman Arutyunyan <arut@nginx.com> parents: 6208 diff changeset	1456 prev->buffer_size, 16384);
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1457
6208 7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	1458 ngx_conf_merge_size_value(conf->upload_rate,
7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	1459 prev->upload_rate, 0);
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1460
6208 7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	1461 ngx_conf_merge_size_value(conf->download_rate,
7a14a0d754ad Stream: renamed rate limiting directives. Roman Arutyunyan <arut@nginx.com> parents: 6204 diff changeset	1462 prev->download_rate, 0);
6201 24488e6db782 Stream: upstream and downstream limit rates. Roman Arutyunyan <arut@nginx.com> parents: 6200 diff changeset	1463
6436 8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1464 ngx_conf_merge_uint_value(conf->responses,
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1465 prev->responses, NGX_MAX_INT32_VALUE);
8f038068f4bc Stream: UDP proxy. Roman Arutyunyan <arut@nginx.com> parents: 6435 diff changeset	1466
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1467 ngx_conf_merge_uint_value(conf->next_upstream_tries,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1468 prev->next_upstream_tries, 0);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1469
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1470 ngx_conf_merge_value(conf->next_upstream, prev->next_upstream, 1);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1471
6184 fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	1472 ngx_conf_merge_value(conf->proxy_protocol, prev->proxy_protocol, 0);
fa663739e115 Stream: client-side PROXY protocol. Roman Arutyunyan <arut@nginx.com> parents: 6183 diff changeset	1473
6183 4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1474 ngx_conf_merge_ptr_value(conf->local, prev->local, NULL);
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1475
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1476 #if (NGX_STREAM_SSL)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1477
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1478 ngx_conf_merge_value(conf->ssl_enable, prev->ssl_enable, 0);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1479
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1480 ngx_conf_merge_value(conf->ssl_session_reuse,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1481 prev->ssl_session_reuse, 1);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1482
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1483 ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols,
6157 b2899e7d0ef8 Disabled SSLv3 by default (ticket #653). Maxim Dounin <mdounin@mdounin.ru> parents: 6124 diff changeset	1484 (NGX_CONF_BITMASK_SET\|NGX_SSL_TLSv1
b2899e7d0ef8 Disabled SSLv3 by default (ticket #653). Maxim Dounin <mdounin@mdounin.ru> parents: 6124 diff changeset	1485 \|NGX_SSL_TLSv1_1\|NGX_SSL_TLSv1_2));
6115 61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1486
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1487 ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers, "DEFAULT");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1488
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1489 ngx_conf_merge_str_value(conf->ssl_name, prev->ssl_name, "");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1490
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1491 ngx_conf_merge_value(conf->ssl_server_name, prev->ssl_server_name, 0);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1492
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1493 ngx_conf_merge_value(conf->ssl_verify, prev->ssl_verify, 0);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1494
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1495 ngx_conf_merge_uint_value(conf->ssl_verify_depth,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1496 prev->ssl_verify_depth, 1);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1497
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1498 ngx_conf_merge_str_value(conf->ssl_trusted_certificate,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1499 prev->ssl_trusted_certificate, "");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1500
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1501 ngx_conf_merge_str_value(conf->ssl_crl, prev->ssl_crl, "");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1502
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1503 ngx_conf_merge_str_value(conf->ssl_certificate,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1504 prev->ssl_certificate, "");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1505
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1506 ngx_conf_merge_str_value(conf->ssl_certificate_key,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1507 prev->ssl_certificate_key, "");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1508
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1509 ngx_conf_merge_ptr_value(conf->ssl_passwords, prev->ssl_passwords, NULL);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1510
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1511 if (conf->ssl_enable && ngx_stream_proxy_set_ssl(cf, conf) != NGX_OK) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1512 return NGX_CONF_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1513 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1514
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1515 #endif
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1516
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1517 return NGX_CONF_OK;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1518 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1519
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1520
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1521 #if (NGX_STREAM_SSL)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1522
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1523 static ngx_int_t
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1524 ngx_stream_proxy_set_ssl(ngx_conf_t cf, ngx_stream_proxy_srv_conf_t pscf)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1525 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1526 ngx_pool_cleanup_t *cln;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1527
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1528 pscf->ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t));
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1529 if (pscf->ssl == NULL) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1530 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1531 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1532
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1533 pscf->ssl->log = cf->log;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1534
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1535 if (ngx_ssl_create(pscf->ssl, pscf->ssl_protocols, NULL) != NGX_OK) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1536 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1537 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1538
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1539 cln = ngx_pool_cleanup_add(cf->pool, 0);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1540 if (cln == NULL) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1541 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1542 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1543
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1544 cln->handler = ngx_ssl_cleanup_ctx;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1545 cln->data = pscf->ssl;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1546
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1547 if (pscf->ssl_certificate.len) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1548
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1549 if (pscf->ssl_certificate_key.len == 0) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1550 ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1551 "no \"proxy_ssl_certificate_key\" is defined "
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1552 "for certificate \"%V\"", &pscf->ssl_certificate);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1553 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1554 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1555
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1556 if (ngx_ssl_certificate(cf, pscf->ssl, &pscf->ssl_certificate,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1557 &pscf->ssl_certificate_key, pscf->ssl_passwords)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1558 != NGX_OK)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1559 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1560 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1561 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1562 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1563
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1564 if (SSL_CTX_set_cipher_list(pscf->ssl->ctx,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1565 (const char *) pscf->ssl_ciphers.data)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1566 == 0)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1567 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1568 ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1569 "SSL_CTX_set_cipher_list(\"%V\") failed",
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1570 &pscf->ssl_ciphers);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1571 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1572 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1573
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1574 if (pscf->ssl_verify) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1575 if (pscf->ssl_trusted_certificate.len == 0) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1576 ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1577 "no proxy_ssl_trusted_certificate for proxy_ssl_verify");
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1578 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1579 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1580
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1581 if (ngx_ssl_trusted_certificate(cf, pscf->ssl,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1582 &pscf->ssl_trusted_certificate,
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1583 pscf->ssl_verify_depth)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1584 != NGX_OK)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1585 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1586 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1587 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1588
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1589 if (ngx_ssl_crl(cf, pscf->ssl, &pscf->ssl_crl) != NGX_OK) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1590 return NGX_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1591 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1592 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1593
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1594 return NGX_OK;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1595 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1596
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1597 #endif
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1598
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1599
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1600 static char *
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1601 ngx_stream_proxy_pass(ngx_conf_t cf, ngx_command_t cmd, void *conf)
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1602 {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1603 ngx_stream_proxy_srv_conf_t *pscf = conf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1604
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1605 ngx_url_t u;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1606 ngx_str_t value, url;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1607 ngx_stream_core_srv_conf_t *cscf;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1608
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1609 if (pscf->upstream) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1610 return "is duplicate";
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1611 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1612
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1613 cscf = ngx_stream_conf_get_module_srv_conf(cf, ngx_stream_core_module);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1614
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1615 cscf->handler = ngx_stream_proxy_handler;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1616
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1617 value = cf->args->elts;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1618
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1619 url = &value[1];
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1620
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1621 ngx_memzero(&u, sizeof(ngx_url_t));
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1622
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1623 u.url = *url;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1624 u.no_resolve = 1;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1625
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1626 pscf->upstream = ngx_stream_upstream_add(cf, &u, 0);
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1627 if (pscf->upstream == NULL) {
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1628 return NGX_CONF_ERROR;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1629 }
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1630
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1631 return NGX_CONF_OK;
61d7ae76647d Stream: port from NGINX+. Ruslan Ermilov <ru@nginx.com> parents: diff changeset	1632 }
6183 4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1633
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1634
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1635 static char *
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1636 ngx_stream_proxy_bind(ngx_conf_t cf, ngx_command_t cmd, void *conf)
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1637 {
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1638 ngx_stream_proxy_srv_conf_t *pscf = conf;
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1639
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1640 ngx_int_t rc;
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1641 ngx_str_t *value;
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1642
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1643 if (pscf->local != NGX_CONF_UNSET_PTR) {
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1644 return "is duplicate";
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1645 }
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1646
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1647 value = cf->args->elts;
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1648
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1649 if (ngx_strcmp(value[1].data, "off") == 0) {
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1650 pscf->local = NULL;
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1651 return NGX_CONF_OK;
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1652 }
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1653
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1654 pscf->local = ngx_palloc(cf->pool, sizeof(ngx_addr_t));
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1655 if (pscf->local == NULL) {
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1656 return NGX_CONF_ERROR;
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1657 }
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1658
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1659 rc = ngx_parse_addr(cf->pool, pscf->local, value[1].data, value[1].len);
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1660
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1661 switch (rc) {
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1662 case NGX_OK:
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1663 pscf->local->name = value[1];
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1664 return NGX_CONF_OK;
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1665
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1666 case NGX_DECLINED:
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1667 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1668 "invalid address \"%V\"", &value[1]);
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1669 /* fall through */
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1670
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1671 default:
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1672 return NGX_CONF_ERROR;
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1673 }
4dcffe43a7ea Stream: the "proxy_bind" directive. Vladimir Homutov <vl@nginx.com> parents: 6174 diff changeset	1674 }

Mercurial > hg > nginx

annotate src/stream/ngx_stream_proxy_module.c @ 6749:f88a145b093e stable-1.10