Mercurial > hg > nginx
comparison src/http/ngx_http_request.c @ 5093:68ca3e824115
SNI: avoid surplus lookup of virtual server if SNI was used.
| author | Valentin Bartenev <vbart@nginx.com> |
|---|---|
| date | Wed, 27 Feb 2013 17:33:59 +0000 |
| parents | c4d3310574e0 |
| children | e0a3714a36f8 |
comparison
equal
deleted
inserted
replaced
| 5092:c4d3310574e0 | 5093:68ca3e824115 |
|---|---|
| 691 != NGX_OK) | 691 != NGX_OK) |
| 692 { | 692 { |
| 693 return SSL_TLSEXT_ERR_NOACK; | 693 return SSL_TLSEXT_ERR_NOACK; |
| 694 } | 694 } |
| 695 | 695 |
| 696 hc->ssl_servername = ngx_palloc(c->pool, sizeof(ngx_str_t)); | |
| 697 if (hc->ssl_servername == NULL) { | |
| 698 return SSL_TLSEXT_ERR_NOACK; | |
| 699 } | |
| 700 | |
| 701 *hc->ssl_servername = host; | |
| 702 | |
| 696 hc->conf_ctx = cscf->ctx; | 703 hc->conf_ctx = cscf->ctx; |
| 697 | 704 |
| 698 clcf = ngx_http_get_module_loc_conf(hc->conf_ctx, ngx_http_core_module); | 705 clcf = ngx_http_get_module_loc_conf(hc->conf_ctx, ngx_http_core_module); |
| 699 | 706 |
| 700 ngx_http_set_connection_log(c, clcf->error_log); | 707 ngx_http_set_connection_log(c, clcf->error_log); |
| 1829 ngx_http_core_loc_conf_t *clcf; | 1836 ngx_http_core_loc_conf_t *clcf; |
| 1830 ngx_http_core_srv_conf_t *cscf; | 1837 ngx_http_core_srv_conf_t *cscf; |
| 1831 | 1838 |
| 1832 hc = r->http_connection; | 1839 hc = r->http_connection; |
| 1833 | 1840 |
| 1841 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME | |
| 1842 | |
| 1843 if (hc->ssl_servername) { | |
| 1844 if (hc->ssl_servername->len == host->len | |
| 1845 && ngx_strncmp(hc->ssl_servername->data, | |
| 1846 host->data, host->len) == 0) | |
| 1847 { | |
| 1848 #if (NGX_PCRE) | |
| 1849 if (hc->ssl_servername_regex | |
| 1850 && ngx_http_regex_exec(r, hc->ssl_servername_regex, | |
| 1851 hc->ssl_servername) != NGX_OK) | |
| 1852 { | |
| 1853 ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); | |
| 1854 return NGX_ERROR; | |
| 1855 } | |
| 1856 #endif | |
| 1857 return NGX_OK; | |
| 1858 } | |
| 1859 } | |
| 1860 | |
| 1861 #endif | |
| 1862 | |
| 1834 rc = ngx_http_find_virtual_server(r->connection, | 1863 rc = ngx_http_find_virtual_server(r->connection, |
| 1835 hc->addr_conf->virtual_names, | 1864 hc->addr_conf->virtual_names, |
| 1836 host, r, &cscf); | 1865 host, r, &cscf); |
| 1837 | 1866 |
| 1838 if (rc == NGX_ERROR) { | 1867 if (rc == NGX_ERROR) { |
| 1885 sn = virtual_names->regex; | 1914 sn = virtual_names->regex; |
| 1886 | 1915 |
| 1887 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME | 1916 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME |
| 1888 | 1917 |
| 1889 if (r == NULL) { | 1918 if (r == NULL) { |
| 1919 ngx_http_connection_t *hc; | |
| 1920 | |
| 1890 for (i = 0; i < virtual_names->nregex; i++) { | 1921 for (i = 0; i < virtual_names->nregex; i++) { |
| 1891 | 1922 |
| 1892 n = ngx_regex_exec(sn[i].regex->regex, host, NULL, 0); | 1923 n = ngx_regex_exec(sn[i].regex->regex, host, NULL, 0); |
| 1893 | 1924 |
| 1894 if (n == NGX_REGEX_NO_MATCHED) { | 1925 if (n == NGX_REGEX_NO_MATCHED) { |
| 1895 continue; | 1926 continue; |
| 1896 } | 1927 } |
| 1897 | 1928 |
| 1898 if (n >= 0) { | 1929 if (n >= 0) { |
| 1930 hc = c->data; | |
| 1931 hc->ssl_servername_regex = sn[i].regex; | |
| 1932 | |
| 1899 *cscfp = sn[i].server; | 1933 *cscfp = sn[i].server; |
| 1900 return NGX_OK; | 1934 return NGX_OK; |
| 1901 } | 1935 } |
| 1902 | 1936 |
| 1903 ngx_log_error(NGX_LOG_ALERT, c->log, 0, | 1937 ngx_log_error(NGX_LOG_ALERT, c->log, 0, |