Mercurial > hg > nginx
comparison src/stream/ngx_stream_proxy_module.c @ 6643:9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Tue, 14 Jun 2016 18:29:46 +0300 |
parents | d5b5866c06c4 |
children | d43ee392e825 |
comparison
equal
deleted
inserted
replaced
6642:72282dd5884e | 6643:9757cffc1e2f |
---|---|
35 #if (NGX_STREAM_SSL) | 35 #if (NGX_STREAM_SSL) |
36 ngx_flag_t ssl_enable; | 36 ngx_flag_t ssl_enable; |
37 ngx_flag_t ssl_session_reuse; | 37 ngx_flag_t ssl_session_reuse; |
38 ngx_uint_t ssl_protocols; | 38 ngx_uint_t ssl_protocols; |
39 ngx_str_t ssl_ciphers; | 39 ngx_str_t ssl_ciphers; |
40 ngx_str_t ssl_name; | 40 ngx_stream_complex_value_t *ssl_name; |
41 ngx_flag_t ssl_server_name; | 41 ngx_flag_t ssl_server_name; |
42 | 42 |
43 ngx_flag_t ssl_verify; | 43 ngx_flag_t ssl_verify; |
44 ngx_uint_t ssl_verify_depth; | 44 ngx_uint_t ssl_verify_depth; |
45 ngx_str_t ssl_trusted_certificate; | 45 ngx_str_t ssl_trusted_certificate; |
50 | 50 |
51 ngx_ssl_t *ssl; | 51 ngx_ssl_t *ssl; |
52 #endif | 52 #endif |
53 | 53 |
54 ngx_stream_upstream_srv_conf_t *upstream; | 54 ngx_stream_upstream_srv_conf_t *upstream; |
55 ngx_stream_complex_value_t *upstream_value; | |
55 } ngx_stream_proxy_srv_conf_t; | 56 } ngx_stream_proxy_srv_conf_t; |
56 | 57 |
57 | 58 |
58 static void ngx_stream_proxy_handler(ngx_stream_session_t *s); | 59 static void ngx_stream_proxy_handler(ngx_stream_session_t *s); |
60 static ngx_int_t ngx_stream_proxy_eval(ngx_stream_session_t *s, | |
61 ngx_stream_proxy_srv_conf_t *pscf); | |
59 static ngx_int_t ngx_stream_proxy_set_local(ngx_stream_session_t *s, | 62 static ngx_int_t ngx_stream_proxy_set_local(ngx_stream_session_t *s, |
60 ngx_stream_upstream_t *u, ngx_stream_upstream_local_t *local); | 63 ngx_stream_upstream_t *u, ngx_stream_upstream_local_t *local); |
61 static void ngx_stream_proxy_connect(ngx_stream_session_t *s); | 64 static void ngx_stream_proxy_connect(ngx_stream_session_t *s); |
62 static void ngx_stream_proxy_init_upstream(ngx_stream_session_t *s); | 65 static void ngx_stream_proxy_init_upstream(ngx_stream_session_t *s); |
66 static void ngx_stream_proxy_resolve_handler(ngx_resolver_ctx_t *ctx); | |
63 static void ngx_stream_proxy_upstream_handler(ngx_event_t *ev); | 67 static void ngx_stream_proxy_upstream_handler(ngx_event_t *ev); |
64 static void ngx_stream_proxy_downstream_handler(ngx_event_t *ev); | 68 static void ngx_stream_proxy_downstream_handler(ngx_event_t *ev); |
65 static void ngx_stream_proxy_process_connection(ngx_event_t *ev, | 69 static void ngx_stream_proxy_process_connection(ngx_event_t *ev, |
66 ngx_uint_t from_upstream); | 70 ngx_uint_t from_upstream); |
67 static void ngx_stream_proxy_connect_handler(ngx_event_t *ev); | 71 static void ngx_stream_proxy_connect_handler(ngx_event_t *ev); |
244 offsetof(ngx_stream_proxy_srv_conf_t, ssl_ciphers), | 248 offsetof(ngx_stream_proxy_srv_conf_t, ssl_ciphers), |
245 NULL }, | 249 NULL }, |
246 | 250 |
247 { ngx_string("proxy_ssl_name"), | 251 { ngx_string("proxy_ssl_name"), |
248 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | 252 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
249 ngx_conf_set_str_slot, | 253 ngx_stream_set_complex_value_slot, |
250 NGX_STREAM_SRV_CONF_OFFSET, | 254 NGX_STREAM_SRV_CONF_OFFSET, |
251 offsetof(ngx_stream_proxy_srv_conf_t, ssl_name), | 255 offsetof(ngx_stream_proxy_srv_conf_t, ssl_name), |
252 NULL }, | 256 NULL }, |
253 | 257 |
254 { ngx_string("proxy_ssl_server_name"), | 258 { ngx_string("proxy_ssl_server_name"), |
342 | 346 |
343 | 347 |
344 static void | 348 static void |
345 ngx_stream_proxy_handler(ngx_stream_session_t *s) | 349 ngx_stream_proxy_handler(ngx_stream_session_t *s) |
346 { | 350 { |
347 u_char *p; | 351 u_char *p; |
348 ngx_connection_t *c; | 352 ngx_str_t *host; |
349 ngx_stream_upstream_t *u; | 353 ngx_uint_t i; |
350 ngx_stream_proxy_srv_conf_t *pscf; | 354 ngx_connection_t *c; |
351 ngx_stream_upstream_srv_conf_t *uscf; | 355 ngx_resolver_ctx_t *ctx, temp; |
356 ngx_stream_upstream_t *u; | |
357 ngx_stream_core_srv_conf_t *cscf; | |
358 ngx_stream_proxy_srv_conf_t *pscf; | |
359 ngx_stream_upstream_srv_conf_t *uscf, **uscfp; | |
360 ngx_stream_upstream_main_conf_t *umcf; | |
352 | 361 |
353 c = s->connection; | 362 c = s->connection; |
354 | 363 |
355 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | 364 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
356 | 365 |
375 return; | 384 return; |
376 } | 385 } |
377 | 386 |
378 u->peer.type = c->type; | 387 u->peer.type = c->type; |
379 | 388 |
380 uscf = pscf->upstream; | 389 u->proxy_protocol = pscf->proxy_protocol; |
390 u->start_sec = ngx_time(); | |
391 | |
392 c->write->handler = ngx_stream_proxy_downstream_handler; | |
393 c->read->handler = ngx_stream_proxy_downstream_handler; | |
394 | |
395 if (c->type == SOCK_STREAM) { | |
396 p = ngx_pnalloc(c->pool, pscf->buffer_size); | |
397 if (p == NULL) { | |
398 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
399 return; | |
400 } | |
401 | |
402 u->downstream_buf.start = p; | |
403 u->downstream_buf.end = p + pscf->buffer_size; | |
404 u->downstream_buf.pos = p; | |
405 u->downstream_buf.last = p; | |
406 | |
407 if (u->proxy_protocol | |
408 #if (NGX_STREAM_SSL) | |
409 && pscf->ssl == NULL | |
410 #endif | |
411 && pscf->buffer_size >= NGX_PROXY_PROTOCOL_MAX_HEADER) | |
412 { | |
413 /* optimization for a typical case */ | |
414 | |
415 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, | |
416 "stream proxy send PROXY protocol header"); | |
417 | |
418 p = ngx_proxy_protocol_write(c, u->downstream_buf.last, | |
419 u->downstream_buf.end); | |
420 if (p == NULL) { | |
421 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
422 return; | |
423 } | |
424 | |
425 u->downstream_buf.last = p; | |
426 u->proxy_protocol = 0; | |
427 } | |
428 | |
429 if (c->read->ready) { | |
430 ngx_post_event(c->read, &ngx_posted_events); | |
431 } | |
432 } | |
433 | |
434 if (pscf->upstream_value) { | |
435 if (ngx_stream_proxy_eval(s, pscf) != NGX_OK) { | |
436 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
437 return; | |
438 } | |
439 } | |
440 | |
441 if (u->resolved == NULL) { | |
442 | |
443 uscf = pscf->upstream; | |
444 | |
445 } else { | |
446 | |
447 #if (NGX_STREAM_SSL) | |
448 u->ssl_name = u->resolved->host; | |
449 #endif | |
450 | |
451 host = &u->resolved->host; | |
452 | |
453 if (u->resolved->sockaddr) { | |
454 | |
455 if (u->resolved->port == 0 | |
456 && u->resolved->sockaddr->sa_family != AF_UNIX) | |
457 { | |
458 ngx_log_error(NGX_LOG_ERR, c->log, 0, | |
459 "no port in upstream \"%V\"", host); | |
460 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
461 return; | |
462 } | |
463 | |
464 if (ngx_stream_upstream_create_round_robin_peer(s, u->resolved) | |
465 != NGX_OK) | |
466 { | |
467 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
468 return; | |
469 } | |
470 | |
471 ngx_stream_proxy_connect(s); | |
472 | |
473 return; | |
474 } | |
475 | |
476 umcf = ngx_stream_get_module_main_conf(s, ngx_stream_upstream_module); | |
477 | |
478 uscfp = umcf->upstreams.elts; | |
479 | |
480 for (i = 0; i < umcf->upstreams.nelts; i++) { | |
481 | |
482 uscf = uscfp[i]; | |
483 | |
484 if (uscf->host.len == host->len | |
485 && ((uscf->port == 0 && u->resolved->no_port) | |
486 || uscf->port == u->resolved->port) | |
487 && ngx_strncasecmp(uscf->host.data, host->data, host->len) == 0) | |
488 { | |
489 goto found; | |
490 } | |
491 } | |
492 | |
493 if (u->resolved->port == 0) { | |
494 ngx_log_error(NGX_LOG_ERR, c->log, 0, | |
495 "no port in upstream \"%V\"", host); | |
496 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
497 return; | |
498 } | |
499 | |
500 temp.name = *host; | |
501 | |
502 cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); | |
503 | |
504 ctx = ngx_resolve_start(cscf->resolver, &temp); | |
505 if (ctx == NULL) { | |
506 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
507 return; | |
508 } | |
509 | |
510 if (ctx == NGX_NO_RESOLVER) { | |
511 ngx_log_error(NGX_LOG_ERR, c->log, 0, | |
512 "no resolver defined to resolve %V", host); | |
513 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
514 return; | |
515 } | |
516 | |
517 ctx->name = *host; | |
518 ctx->handler = ngx_stream_proxy_resolve_handler; | |
519 ctx->data = s; | |
520 ctx->timeout = cscf->resolver_timeout; | |
521 | |
522 u->resolved->ctx = ctx; | |
523 | |
524 if (ngx_resolve_name(ctx) != NGX_OK) { | |
525 u->resolved->ctx = NULL; | |
526 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
527 return; | |
528 } | |
529 | |
530 return; | |
531 } | |
532 | |
533 found: | |
534 | |
535 if (uscf == NULL) { | |
536 ngx_log_error(NGX_LOG_ALERT, c->log, 0, "no upstream configuration"); | |
537 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
538 return; | |
539 } | |
540 | |
541 #if (NGX_HTTP_SSL) | |
542 u->ssl_name = uscf->host; | |
543 #endif | |
381 | 544 |
382 if (uscf->peer.init(s, uscf) != NGX_OK) { | 545 if (uscf->peer.init(s, uscf) != NGX_OK) { |
383 ngx_stream_proxy_finalize(s, NGX_ERROR); | 546 ngx_stream_proxy_finalize(s, NGX_ERROR); |
384 return; | 547 return; |
385 } | 548 } |
390 && u->peer.tries > pscf->next_upstream_tries) | 553 && u->peer.tries > pscf->next_upstream_tries) |
391 { | 554 { |
392 u->peer.tries = pscf->next_upstream_tries; | 555 u->peer.tries = pscf->next_upstream_tries; |
393 } | 556 } |
394 | 557 |
395 u->proxy_protocol = pscf->proxy_protocol; | |
396 u->start_sec = ngx_time(); | |
397 | |
398 c->write->handler = ngx_stream_proxy_downstream_handler; | |
399 c->read->handler = ngx_stream_proxy_downstream_handler; | |
400 | |
401 if (c->type == SOCK_DGRAM) { | |
402 ngx_stream_proxy_connect(s); | |
403 return; | |
404 } | |
405 | |
406 p = ngx_pnalloc(c->pool, pscf->buffer_size); | |
407 if (p == NULL) { | |
408 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
409 return; | |
410 } | |
411 | |
412 u->downstream_buf.start = p; | |
413 u->downstream_buf.end = p + pscf->buffer_size; | |
414 u->downstream_buf.pos = p; | |
415 u->downstream_buf.last = p; | |
416 | |
417 if (u->proxy_protocol | |
418 #if (NGX_STREAM_SSL) | |
419 && pscf->ssl == NULL | |
420 #endif | |
421 && pscf->buffer_size >= NGX_PROXY_PROTOCOL_MAX_HEADER) | |
422 { | |
423 /* optimization for a typical case */ | |
424 | |
425 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, | |
426 "stream proxy send PROXY protocol header"); | |
427 | |
428 p = ngx_proxy_protocol_write(c, u->downstream_buf.last, | |
429 u->downstream_buf.end); | |
430 if (p == NULL) { | |
431 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
432 return; | |
433 } | |
434 | |
435 u->downstream_buf.last = p; | |
436 u->proxy_protocol = 0; | |
437 } | |
438 | |
439 if (c->read->ready) { | |
440 ngx_post_event(c->read, &ngx_posted_events); | |
441 } | |
442 | |
443 ngx_stream_proxy_connect(s); | 558 ngx_stream_proxy_connect(s); |
559 } | |
560 | |
561 | |
562 static ngx_int_t | |
563 ngx_stream_proxy_eval(ngx_stream_session_t *s, | |
564 ngx_stream_proxy_srv_conf_t *pscf) | |
565 { | |
566 ngx_str_t host; | |
567 ngx_url_t url; | |
568 ngx_stream_upstream_t *u; | |
569 | |
570 if (ngx_stream_complex_value(s, pscf->upstream_value, &host) != NGX_OK) { | |
571 return NGX_ERROR; | |
572 } | |
573 | |
574 ngx_memzero(&url, sizeof(ngx_url_t)); | |
575 | |
576 url.url = host; | |
577 url.no_resolve = 1; | |
578 | |
579 if (ngx_parse_url(s->connection->pool, &url) != NGX_OK) { | |
580 if (url.err) { | |
581 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
582 "%s in upstream \"%V\"", url.err, &url.url); | |
583 } | |
584 | |
585 return NGX_ERROR; | |
586 } | |
587 | |
588 u = s->upstream; | |
589 | |
590 u->resolved = ngx_pcalloc(s->connection->pool, | |
591 sizeof(ngx_stream_upstream_resolved_t)); | |
592 if (u->resolved == NULL) { | |
593 return NGX_ERROR; | |
594 } | |
595 | |
596 if (url.addrs && url.addrs[0].sockaddr) { | |
597 u->resolved->sockaddr = url.addrs[0].sockaddr; | |
598 u->resolved->socklen = url.addrs[0].socklen; | |
599 u->resolved->naddrs = 1; | |
600 u->resolved->host = url.addrs[0].name; | |
601 | |
602 } else { | |
603 u->resolved->host = url.host; | |
604 } | |
605 | |
606 u->resolved->port = url.port; | |
607 u->resolved->no_port = url.no_port; | |
608 | |
609 return NGX_OK; | |
444 } | 610 } |
445 | 611 |
446 | 612 |
447 static ngx_int_t | 613 static ngx_int_t |
448 ngx_stream_proxy_set_local(ngx_stream_session_t *s, ngx_stream_upstream_t *u, | 614 ngx_stream_proxy_set_local(ngx_stream_session_t *s, ngx_stream_upstream_t *u, |
881 | 1047 |
882 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | 1048 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
883 | 1049 |
884 u = s->upstream; | 1050 u = s->upstream; |
885 | 1051 |
886 name = pscf->ssl_name; | 1052 if (pscf->ssl_name) { |
887 | 1053 if (ngx_stream_complex_value(s, pscf->ssl_name, &name) != NGX_OK) { |
888 if (name.len == 0) { | 1054 return NGX_ERROR; |
889 name = pscf->upstream->host; | 1055 } |
1056 | |
1057 } else { | |
1058 name = u->ssl_name; | |
890 } | 1059 } |
891 | 1060 |
892 if (name.len == 0) { | 1061 if (name.len == 0) { |
893 goto done; | 1062 goto done; |
894 } | 1063 } |
970 | 1139 |
971 static void | 1140 static void |
972 ngx_stream_proxy_downstream_handler(ngx_event_t *ev) | 1141 ngx_stream_proxy_downstream_handler(ngx_event_t *ev) |
973 { | 1142 { |
974 ngx_stream_proxy_process_connection(ev, ev->write); | 1143 ngx_stream_proxy_process_connection(ev, ev->write); |
1144 } | |
1145 | |
1146 | |
1147 static void | |
1148 ngx_stream_proxy_resolve_handler(ngx_resolver_ctx_t *ctx) | |
1149 { | |
1150 ngx_stream_session_t *s; | |
1151 ngx_stream_upstream_t *u; | |
1152 ngx_stream_proxy_srv_conf_t *pscf; | |
1153 ngx_stream_upstream_resolved_t *ur; | |
1154 | |
1155 s = ctx->data; | |
1156 | |
1157 u = s->upstream; | |
1158 ur = u->resolved; | |
1159 | |
1160 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, s->connection->log, 0, | |
1161 "stream upstream resolve"); | |
1162 | |
1163 if (ctx->state) { | |
1164 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, | |
1165 "%V could not be resolved (%i: %s)", | |
1166 &ctx->name, ctx->state, | |
1167 ngx_resolver_strerror(ctx->state)); | |
1168 | |
1169 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
1170 return; | |
1171 } | |
1172 | |
1173 ur->naddrs = ctx->naddrs; | |
1174 ur->addrs = ctx->addrs; | |
1175 | |
1176 #if (NGX_DEBUG) | |
1177 { | |
1178 u_char text[NGX_SOCKADDR_STRLEN]; | |
1179 ngx_str_t addr; | |
1180 ngx_uint_t i; | |
1181 | |
1182 addr.data = text; | |
1183 | |
1184 for (i = 0; i < ctx->naddrs; i++) { | |
1185 addr.len = ngx_sock_ntop(ur->addrs[i].sockaddr, ur->addrs[i].socklen, | |
1186 text, NGX_SOCKADDR_STRLEN, 0); | |
1187 | |
1188 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, | |
1189 "name was resolved to %V", &addr); | |
1190 } | |
1191 } | |
1192 #endif | |
1193 | |
1194 if (ngx_stream_upstream_create_round_robin_peer(s, ur) != NGX_OK) { | |
1195 ngx_stream_proxy_finalize(s, NGX_ERROR); | |
1196 return; | |
1197 } | |
1198 | |
1199 ngx_resolve_name_done(ctx); | |
1200 ur->ctx = NULL; | |
1201 | |
1202 u->peer.start_time = ngx_current_msec; | |
1203 | |
1204 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
1205 | |
1206 if (pscf->next_upstream_tries | |
1207 && u->peer.tries > pscf->next_upstream_tries) | |
1208 { | |
1209 u->peer.tries = pscf->next_upstream_tries; | |
1210 } | |
1211 | |
1212 ngx_stream_proxy_connect(s); | |
975 } | 1213 } |
976 | 1214 |
977 | 1215 |
978 static void | 1216 static void |
979 ngx_stream_proxy_upstream_handler(ngx_event_t *ev) | 1217 ngx_stream_proxy_upstream_handler(ngx_event_t *ev) |
1395 | 1633 |
1396 if (u == NULL) { | 1634 if (u == NULL) { |
1397 goto noupstream; | 1635 goto noupstream; |
1398 } | 1636 } |
1399 | 1637 |
1638 if (u->resolved && u->resolved->ctx) { | |
1639 ngx_resolve_name_done(u->resolved->ctx); | |
1640 u->resolved->ctx = NULL; | |
1641 } | |
1642 | |
1400 if (u->peer.free && u->peer.sockaddr) { | 1643 if (u->peer.free && u->peer.sockaddr) { |
1401 u->peer.free(&u->peer, u->peer.data, 0); | 1644 u->peer.free(&u->peer, u->peer.data, 0); |
1402 u->peer.sockaddr = NULL; | 1645 u->peer.sockaddr = NULL; |
1403 } | 1646 } |
1404 | 1647 |
1469 /* | 1712 /* |
1470 * set by ngx_pcalloc(): | 1713 * set by ngx_pcalloc(): |
1471 * | 1714 * |
1472 * conf->ssl_protocols = 0; | 1715 * conf->ssl_protocols = 0; |
1473 * conf->ssl_ciphers = { 0, NULL }; | 1716 * conf->ssl_ciphers = { 0, NULL }; |
1474 * conf->ssl_name = { 0, NULL }; | 1717 * conf->ssl_name = NULL; |
1475 * conf->ssl_trusted_certificate = { 0, NULL }; | 1718 * conf->ssl_trusted_certificate = { 0, NULL }; |
1476 * conf->ssl_crl = { 0, NULL }; | 1719 * conf->ssl_crl = { 0, NULL }; |
1477 * conf->ssl_certificate = { 0, NULL }; | 1720 * conf->ssl_certificate = { 0, NULL }; |
1478 * conf->ssl_certificate_key = { 0, NULL }; | 1721 * conf->ssl_certificate_key = { 0, NULL }; |
1479 * | 1722 * |
1480 * conf->ssl = NULL; | 1723 * conf->ssl = NULL; |
1481 * conf->upstream = NULL; | 1724 * conf->upstream = NULL; |
1725 * conf->upstream_value = NULL; | |
1482 */ | 1726 */ |
1483 | 1727 |
1484 conf->connect_timeout = NGX_CONF_UNSET_MSEC; | 1728 conf->connect_timeout = NGX_CONF_UNSET_MSEC; |
1485 conf->timeout = NGX_CONF_UNSET_MSEC; | 1729 conf->timeout = NGX_CONF_UNSET_MSEC; |
1486 conf->next_upstream_timeout = NGX_CONF_UNSET_MSEC; | 1730 conf->next_upstream_timeout = NGX_CONF_UNSET_MSEC; |
1553 (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1 | 1797 (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1 |
1554 |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2)); | 1798 |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2)); |
1555 | 1799 |
1556 ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers, "DEFAULT"); | 1800 ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers, "DEFAULT"); |
1557 | 1801 |
1558 ngx_conf_merge_str_value(conf->ssl_name, prev->ssl_name, ""); | 1802 if (conf->ssl_name == NULL) { |
1803 conf->ssl_name = prev->ssl_name; | |
1804 } | |
1559 | 1805 |
1560 ngx_conf_merge_value(conf->ssl_server_name, prev->ssl_server_name, 0); | 1806 ngx_conf_merge_value(conf->ssl_server_name, prev->ssl_server_name, 0); |
1561 | 1807 |
1562 ngx_conf_merge_value(conf->ssl_verify, prev->ssl_verify, 0); | 1808 ngx_conf_merge_value(conf->ssl_verify, prev->ssl_verify, 0); |
1563 | 1809 |
1663 static char * | 1909 static char * |
1664 ngx_stream_proxy_pass(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | 1910 ngx_stream_proxy_pass(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
1665 { | 1911 { |
1666 ngx_stream_proxy_srv_conf_t *pscf = conf; | 1912 ngx_stream_proxy_srv_conf_t *pscf = conf; |
1667 | 1913 |
1668 ngx_url_t u; | 1914 ngx_url_t u; |
1669 ngx_str_t *value, *url; | 1915 ngx_str_t *value, *url; |
1670 ngx_stream_core_srv_conf_t *cscf; | 1916 ngx_stream_complex_value_t cv; |
1671 | 1917 ngx_stream_core_srv_conf_t *cscf; |
1672 if (pscf->upstream) { | 1918 ngx_stream_compile_complex_value_t ccv; |
1919 | |
1920 if (pscf->upstream || pscf->upstream_value) { | |
1673 return "is duplicate"; | 1921 return "is duplicate"; |
1674 } | 1922 } |
1675 | 1923 |
1676 cscf = ngx_stream_conf_get_module_srv_conf(cf, ngx_stream_core_module); | 1924 cscf = ngx_stream_conf_get_module_srv_conf(cf, ngx_stream_core_module); |
1677 | 1925 |
1678 cscf->handler = ngx_stream_proxy_handler; | 1926 cscf->handler = ngx_stream_proxy_handler; |
1679 | 1927 |
1680 value = cf->args->elts; | 1928 value = cf->args->elts; |
1681 | 1929 |
1682 url = &value[1]; | 1930 url = &value[1]; |
1931 | |
1932 ngx_memzero(&ccv, sizeof(ngx_stream_compile_complex_value_t)); | |
1933 | |
1934 ccv.cf = cf; | |
1935 ccv.value = url; | |
1936 ccv.complex_value = &cv; | |
1937 | |
1938 if (ngx_stream_compile_complex_value(&ccv) != NGX_OK) { | |
1939 return NGX_CONF_ERROR; | |
1940 } | |
1941 | |
1942 if (cv.lengths) { | |
1943 pscf->upstream_value = ngx_palloc(cf->pool, | |
1944 sizeof(ngx_stream_complex_value_t)); | |
1945 if (pscf->upstream_value == NULL) { | |
1946 return NGX_CONF_ERROR; | |
1947 } | |
1948 | |
1949 *pscf->upstream_value = cv; | |
1950 | |
1951 return NGX_CONF_OK; | |
1952 } | |
1683 | 1953 |
1684 ngx_memzero(&u, sizeof(ngx_url_t)); | 1954 ngx_memzero(&u, sizeof(ngx_url_t)); |
1685 | 1955 |
1686 u.url = *url; | 1956 u.url = *url; |
1687 u.no_resolve = 1; | 1957 u.no_resolve = 1; |