Mercurial > hg > nginx

view auto/os/freebsd @ 4668:ba2c7463ce18 stable-1.2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merge of r4614, r4624-r4629, r4631: proxy recursive changes. *) Added IPv6 and UNIX-domain socket support in "debug_connection" directive. *) New function ngx_http_get_forwarded_addr() to look up real client address. On input it takes an original address, string in the X-Forwarded-For format and its length, list of trusted proxies, and a flag indicating to perform the recursive search. On output it returns NGX_OK and the "deepest" valid address in a chain, or NGX_DECLINED. It supports AF_INET and AF_INET6. Additionally, original address and/or proxy may be specified as AF_UNIX. *) Realip: chains of trusted proxies and IPv6 support. The module now supports recursive search of client address through the chain of trusted proxies, controlled by the "real_ip_recursive" directive (closes #2). It also gets full IPv6 support (closes #44) and canonical value of the $client_addr variable on address change. Example: real_ip_header X-Forwarded-For; set_real_ip_from 127.0.0.0/8; set_real_ip_from ::1; set_real_ip_from unix:; real_ip_recursive on; *) Geo: chains of trusted proxies and partial IPv6 support. The module now supports recursive search of client address through the chain of trusted proxies, controlled by the "proxy_recursive" directive in the "geo" block. It also gets partial IPv6 support: now proxies may be specified with IPv6 addresses. Example: geo $test { ... proxy 127.0.0.1; proxy ::1; proxy_recursive; } There's also a slight change in behavior. When original client address (as specified by the "geo" directive) is one of the trusted proxies, and the value of the X-Forwarded-For request header cannot not be parsed as a valid address, an original client address will be used for lookup. Previously, 255.255.255.255 was used in this case. *) Geoip: trusted proxies support and partial IPv6 support. The module now supports recursive search of client address through the chain of trusted proxies (closes #100), in the same scope as the geo module. Proxies are listed by the "geoip_proxy" directive, recursive search is enabled by the "geoip_proxy_recursive" directive. IPv6 is partially supported: proxies may be specified with IPv6 addresses. Example: geoip_country .../GeoIP.dat; geoip_proxy 127.0.0.1; geoip_proxy ::1; geoip_proxy 10.0.0.0/8; geoip_proxy_recursive on;
author Maxim Dounin <mdounin@mdounin.ru>
date Mon, 04 Jun 2012 11:58:12 +0000
parents f31162fefe01
children 0f234ee664f7
line wrap: on
line source


# Copyright (C) Igor Sysoev
# Copyright (C) Nginx, Inc.


have=NGX_FREEBSD . auto/have_headers

CORE_INCS="$UNIX_INCS"
CORE_DEPS="$UNIX_DEPS $FREEBSD_DEPS"
CORE_SRCS="$UNIX_SRCS $FREEBSD_SRCS"

ngx_spacer='
'


# __FreeBSD_version and sysctl kern.osreldate are the best ways
# to determine whether some capability exists and is safe to use.
# __FreeBSD_version is used for the testing of the build environment.
# sysctl kern.osreldate is used for the testing of the kernel capabilities.

version=`grep "#define __FreeBSD_version" /usr/include/osreldate.h \
         | sed -e 's/^.* \(.*\)$/\1/'`

osreldate=`/sbin/sysctl -n kern.osreldate`


# setproctitle() in libutil

if [ \( $version -ge 500000 -a $version -lt 500012 \) \
     -o $version -lt 410002 ]
then
    echo " + setproctitle() in libutil"

    CORE_LIBS="$CORE_LIBS -lutil"
    NGX_SETPROCTITLE_LIB="-lutil"
fi

# sendfile

if [ $osreldate -gt 300007 ]; then
    echo " + sendfile() found"

    have=NGX_HAVE_SENDFILE . auto/have
    CORE_SRCS="$CORE_SRCS $FREEBSD_SENDFILE_SRCS"
fi

if [ $osreldate -gt 502103 ]; then
    echo " + sendfile()'s SF_NODISKIO found"

    have=NGX_HAVE_AIO_SENDFILE . auto/have
fi

# POSIX semaphores
# http://www.freebsd.org/cgi/query-pr.cgi?pr=kern/127545

if [ $osreldate -ge 701106 ]; then
    echo " + POSIX semaphores should work"
else
    have=NGX_HAVE_POSIX_SEM . auto/nohave
fi


# kqueue

if [ \( $osreldate -lt 500000 -a $osreldate -ge 410000 \) \
     -o $osreldate -ge 500011 ]
then
    echo " + kqueue found"

    have=NGX_HAVE_KQUEUE . auto/have
    have=NGX_HAVE_CLEAR_EVENT . auto/have
    EVENT_MODULES="$EVENT_MODULES $KQUEUE_MODULE"
    CORE_SRCS="$CORE_SRCS $KQUEUE_SRCS"
    EVENT_FOUND=YES
fi


NGX_KQUEUE_CHECKED=YES


# kqueue's NOTE_LAWAT

if [ \( $version -lt 500000 -a $version -ge 430000 \) \
     -o $version -ge 500018 ]
then
    echo " + kqueue's NOTE_LOWAT found"
    have=NGX_HAVE_LOWAT_EVENT . auto/have
fi

# kqueue's EVFILT_TIMER

if [ \( $version -lt 500000 -a $version -ge 440001 \) \
     -o $version -ge 500023 ]
then
    echo " + kqueue's EVFILT_TIMER found"
    have=NGX_HAVE_TIMER_EVENT . auto/have
fi


if [ $USE_THREADS = "rfork" ]; then

    echo " + using rfork()"

#    # kqueue's EVFILT_SIGNAL is safe
#
#    if [ $version -gt 460101 ]; then
#        echo " + kqueue's EVFILT_SIGNAL is safe"
#        have=NGX_HAVE_SAFE_EVFILT_SIGNAL . auto/have
#    else
#        echo "$0: error: the kqueue's EVFILT_SIGNAL is unsafe on this"
#        echo "FreeBSD version, so --with-threads=rfork could not be used"
#        echo
#
#        exit 1
#    fi
fi


if [ $EVENT_AIO = YES ]; then
    if [ \( $version -lt 500000 -a $version -ge 430000 \) \
         -o $version -ge 500014 ]
    then
        have=NGX_HAVE_AIO . auto/have
        EVENT_MODULES="$EVENT_MODULES $AIO_MODULE"
        CORE_SRCS="$CORE_SRCS $AIO_SRCS"
    else

cat << END

$0: error: the kqueue does not support AIO on this FreeBSD version

END

        exit 1
    fi
fi


# cpuset_setaffinity()

if [ $version -ge 701000 ]; then
    echo " + cpuset_setaffinity() found"
    have=NGX_HAVE_CPUSET_SETAFFINITY . auto/have
fi