Mercurial > hg > nginx
annotate src/stream/ngx_stream_proxy_module.c @ 8830:d4a6c03cfcb6 quic
HTTP/3: got rid of HTTP/2 module dependency.
The Huffman encoder/decoder now can be built separately from HTTP/2 module.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Thu, 05 Aug 2021 11:09:13 +0300 |
parents | 3ab8e1e2f0f7 |
children | 419c066cb710 |
rev | line source |
---|---|
6115 | 1 |
2 /* | |
3 * Copyright (C) Roman Arutyunyan | |
4 * Copyright (C) Nginx, Inc. | |
5 */ | |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 #include <ngx_stream.h> | |
11 | |
12 | |
13 typedef struct { | |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
14 ngx_addr_t *addr; |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
15 ngx_stream_complex_value_t *value; |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
16 #if (NGX_HAVE_TRANSPARENT_PROXY) |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
17 ngx_uint_t transparent; /* unsigned transparent:1; */ |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
18 #endif |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
19 } ngx_stream_upstream_local_t; |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
20 |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
21 |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
22 typedef struct { |
6115 | 23 ngx_msec_t connect_timeout; |
24 ngx_msec_t timeout; | |
25 ngx_msec_t next_upstream_timeout; | |
6215
8ee6a08ea3eb
Stream: added proxy_buffer_size to set the size of data buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
6208
diff
changeset
|
26 size_t buffer_size; |
7505
16a1adadf437
Variables support in proxy_upload_rate and proxy_download_rate.
Ruslan Ermilov <ru@nginx.com>
parents:
7473
diff
changeset
|
27 ngx_stream_complex_value_t *upload_rate; |
16a1adadf437
Variables support in proxy_upload_rate and proxy_download_rate.
Ruslan Ermilov <ru@nginx.com>
parents:
7473
diff
changeset
|
28 ngx_stream_complex_value_t *download_rate; |
7393
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
29 ngx_uint_t requests; |
6436 | 30 ngx_uint_t responses; |
6115 | 31 ngx_uint_t next_upstream_tries; |
32 ngx_flag_t next_upstream; | |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
33 ngx_flag_t proxy_protocol; |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
34 ngx_stream_upstream_local_t *local; |
7371
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
35 ngx_flag_t socket_keepalive; |
6115 | 36 |
37 #if (NGX_STREAM_SSL) | |
38 ngx_flag_t ssl_enable; | |
39 ngx_flag_t ssl_session_reuse; | |
40 ngx_uint_t ssl_protocols; | |
41 ngx_str_t ssl_ciphers; | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
42 ngx_stream_complex_value_t *ssl_name; |
6115 | 43 ngx_flag_t ssl_server_name; |
44 | |
45 ngx_flag_t ssl_verify; | |
46 ngx_uint_t ssl_verify_depth; | |
47 ngx_str_t ssl_trusted_certificate; | |
48 ngx_str_t ssl_crl; | |
7833
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
49 ngx_stream_complex_value_t *ssl_certificate; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
50 ngx_stream_complex_value_t *ssl_certificate_key; |
6115 | 51 ngx_array_t *ssl_passwords; |
7731
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
52 ngx_array_t *ssl_conf_commands; |
6115 | 53 |
54 ngx_ssl_t *ssl; | |
55 #endif | |
56 | |
57 ngx_stream_upstream_srv_conf_t *upstream; | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
58 ngx_stream_complex_value_t *upstream_value; |
6115 | 59 } ngx_stream_proxy_srv_conf_t; |
60 | |
61 | |
62 static void ngx_stream_proxy_handler(ngx_stream_session_t *s); | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
63 static ngx_int_t ngx_stream_proxy_eval(ngx_stream_session_t *s, |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
64 ngx_stream_proxy_srv_conf_t *pscf); |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
65 static ngx_int_t ngx_stream_proxy_set_local(ngx_stream_session_t *s, |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
66 ngx_stream_upstream_t *u, ngx_stream_upstream_local_t *local); |
6115 | 67 static void ngx_stream_proxy_connect(ngx_stream_session_t *s); |
68 static void ngx_stream_proxy_init_upstream(ngx_stream_session_t *s); | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
69 static void ngx_stream_proxy_resolve_handler(ngx_resolver_ctx_t *ctx); |
6115 | 70 static void ngx_stream_proxy_upstream_handler(ngx_event_t *ev); |
71 static void ngx_stream_proxy_downstream_handler(ngx_event_t *ev); | |
6200
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
72 static void ngx_stream_proxy_process_connection(ngx_event_t *ev, |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
73 ngx_uint_t from_upstream); |
6115 | 74 static void ngx_stream_proxy_connect_handler(ngx_event_t *ev); |
75 static ngx_int_t ngx_stream_proxy_test_connect(ngx_connection_t *c); | |
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
76 static void ngx_stream_proxy_process(ngx_stream_session_t *s, |
6115 | 77 ngx_uint_t from_upstream, ngx_uint_t do_write); |
7392
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
78 static ngx_int_t ngx_stream_proxy_test_finalize(ngx_stream_session_t *s, |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
79 ngx_uint_t from_upstream); |
6115 | 80 static void ngx_stream_proxy_next_upstream(ngx_stream_session_t *s); |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
81 static void ngx_stream_proxy_finalize(ngx_stream_session_t *s, ngx_uint_t rc); |
6115 | 82 static u_char *ngx_stream_proxy_log_error(ngx_log_t *log, u_char *buf, |
83 size_t len); | |
84 | |
85 static void *ngx_stream_proxy_create_srv_conf(ngx_conf_t *cf); | |
86 static char *ngx_stream_proxy_merge_srv_conf(ngx_conf_t *cf, void *parent, | |
87 void *child); | |
88 static char *ngx_stream_proxy_pass(ngx_conf_t *cf, ngx_command_t *cmd, | |
89 void *conf); | |
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
90 static char *ngx_stream_proxy_bind(ngx_conf_t *cf, ngx_command_t *cmd, |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
91 void *conf); |
6115 | 92 |
93 #if (NGX_STREAM_SSL) | |
94 | |
6692 | 95 static ngx_int_t ngx_stream_proxy_send_proxy_protocol(ngx_stream_session_t *s); |
6115 | 96 static char *ngx_stream_proxy_ssl_password_file(ngx_conf_t *cf, |
97 ngx_command_t *cmd, void *conf); | |
7731
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
98 static char *ngx_stream_proxy_ssl_conf_command_check(ngx_conf_t *cf, void *post, |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
99 void *data); |
6115 | 100 static void ngx_stream_proxy_ssl_init_connection(ngx_stream_session_t *s); |
101 static void ngx_stream_proxy_ssl_handshake(ngx_connection_t *pc); | |
7320
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
102 static void ngx_stream_proxy_ssl_save_session(ngx_connection_t *c); |
6115 | 103 static ngx_int_t ngx_stream_proxy_ssl_name(ngx_stream_session_t *s); |
7833
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
104 static ngx_int_t ngx_stream_proxy_ssl_certificate(ngx_stream_session_t *s); |
6115 | 105 static ngx_int_t ngx_stream_proxy_set_ssl(ngx_conf_t *cf, |
106 ngx_stream_proxy_srv_conf_t *pscf); | |
107 | |
108 | |
109 static ngx_conf_bitmask_t ngx_stream_proxy_ssl_protocols[] = { | |
110 { ngx_string("SSLv2"), NGX_SSL_SSLv2 }, | |
111 { ngx_string("SSLv3"), NGX_SSL_SSLv3 }, | |
112 { ngx_string("TLSv1"), NGX_SSL_TLSv1 }, | |
113 { ngx_string("TLSv1.1"), NGX_SSL_TLSv1_1 }, | |
114 { ngx_string("TLSv1.2"), NGX_SSL_TLSv1_2 }, | |
6981
08dc60979133
SSL: added support for TLSv1.3 in ssl_protocols directive.
Sergey Kandaurov <pluknet@nginx.com>
parents:
6868
diff
changeset
|
115 { ngx_string("TLSv1.3"), NGX_SSL_TLSv1_3 }, |
6115 | 116 { ngx_null_string, 0 } |
117 }; | |
118 | |
7731
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
119 static ngx_conf_post_t ngx_stream_proxy_ssl_conf_command_post = |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
120 { ngx_stream_proxy_ssl_conf_command_check }; |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
121 |
6115 | 122 #endif |
123 | |
124 | |
6217
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
125 static ngx_conf_deprecated_t ngx_conf_deprecated_proxy_downstream_buffer = { |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
126 ngx_conf_deprecated, "proxy_downstream_buffer", "proxy_buffer_size" |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
127 }; |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
128 |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
129 static ngx_conf_deprecated_t ngx_conf_deprecated_proxy_upstream_buffer = { |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
130 ngx_conf_deprecated, "proxy_upstream_buffer", "proxy_buffer_size" |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
131 }; |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
132 |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
133 |
6115 | 134 static ngx_command_t ngx_stream_proxy_commands[] = { |
135 | |
136 { ngx_string("proxy_pass"), | |
137 NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
138 ngx_stream_proxy_pass, | |
139 NGX_STREAM_SRV_CONF_OFFSET, | |
140 0, | |
141 NULL }, | |
142 | |
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
143 { ngx_string("proxy_bind"), |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
144 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE12, |
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
145 ngx_stream_proxy_bind, |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
146 NGX_STREAM_SRV_CONF_OFFSET, |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
147 0, |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
148 NULL }, |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
149 |
7371
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
150 { ngx_string("proxy_socket_keepalive"), |
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
151 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, |
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
152 ngx_conf_set_flag_slot, |
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
153 NGX_STREAM_SRV_CONF_OFFSET, |
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
154 offsetof(ngx_stream_proxy_srv_conf_t, socket_keepalive), |
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
155 NULL }, |
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
156 |
6115 | 157 { ngx_string("proxy_connect_timeout"), |
158 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
159 ngx_conf_set_msec_slot, | |
160 NGX_STREAM_SRV_CONF_OFFSET, | |
161 offsetof(ngx_stream_proxy_srv_conf_t, connect_timeout), | |
162 NULL }, | |
163 | |
164 { ngx_string("proxy_timeout"), | |
165 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
166 ngx_conf_set_msec_slot, | |
167 NGX_STREAM_SRV_CONF_OFFSET, | |
168 offsetof(ngx_stream_proxy_srv_conf_t, timeout), | |
169 NULL }, | |
170 | |
6215
8ee6a08ea3eb
Stream: added proxy_buffer_size to set the size of data buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
6208
diff
changeset
|
171 { ngx_string("proxy_buffer_size"), |
6115 | 172 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
173 ngx_conf_set_size_slot, | |
174 NGX_STREAM_SRV_CONF_OFFSET, | |
6215
8ee6a08ea3eb
Stream: added proxy_buffer_size to set the size of data buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
6208
diff
changeset
|
175 offsetof(ngx_stream_proxy_srv_conf_t, buffer_size), |
6115 | 176 NULL }, |
177 | |
6217
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
178 { ngx_string("proxy_downstream_buffer"), |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
179 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
180 ngx_conf_set_size_slot, |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
181 NGX_STREAM_SRV_CONF_OFFSET, |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
182 offsetof(ngx_stream_proxy_srv_conf_t, buffer_size), |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
183 &ngx_conf_deprecated_proxy_downstream_buffer }, |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
184 |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
185 { ngx_string("proxy_upstream_buffer"), |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
186 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
187 ngx_conf_set_size_slot, |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
188 NGX_STREAM_SRV_CONF_OFFSET, |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
189 offsetof(ngx_stream_proxy_srv_conf_t, buffer_size), |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
190 &ngx_conf_deprecated_proxy_upstream_buffer }, |
b544f8e0d921
Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.
Roman Arutyunyan <arut@nginx.com>
parents:
6216
diff
changeset
|
191 |
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
192 { ngx_string("proxy_upload_rate"), |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
193 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
7505
16a1adadf437
Variables support in proxy_upload_rate and proxy_download_rate.
Ruslan Ermilov <ru@nginx.com>
parents:
7473
diff
changeset
|
194 ngx_stream_set_complex_value_size_slot, |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
195 NGX_STREAM_SRV_CONF_OFFSET, |
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
196 offsetof(ngx_stream_proxy_srv_conf_t, upload_rate), |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
197 NULL }, |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
198 |
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
199 { ngx_string("proxy_download_rate"), |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
200 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
7505
16a1adadf437
Variables support in proxy_upload_rate and proxy_download_rate.
Ruslan Ermilov <ru@nginx.com>
parents:
7473
diff
changeset
|
201 ngx_stream_set_complex_value_size_slot, |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
202 NGX_STREAM_SRV_CONF_OFFSET, |
6208
7a14a0d754ad
Stream: renamed rate limiting directives.
Roman Arutyunyan <arut@nginx.com>
parents:
6204
diff
changeset
|
203 offsetof(ngx_stream_proxy_srv_conf_t, download_rate), |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
204 NULL }, |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
205 |
7393
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
206 { ngx_string("proxy_requests"), |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
207 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
208 ngx_conf_set_num_slot, |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
209 NGX_STREAM_SRV_CONF_OFFSET, |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
210 offsetof(ngx_stream_proxy_srv_conf_t, requests), |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
211 NULL }, |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
212 |
6436 | 213 { ngx_string("proxy_responses"), |
214 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
215 ngx_conf_set_num_slot, | |
216 NGX_STREAM_SRV_CONF_OFFSET, | |
217 offsetof(ngx_stream_proxy_srv_conf_t, responses), | |
218 NULL }, | |
219 | |
6115 | 220 { ngx_string("proxy_next_upstream"), |
221 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, | |
222 ngx_conf_set_flag_slot, | |
223 NGX_STREAM_SRV_CONF_OFFSET, | |
224 offsetof(ngx_stream_proxy_srv_conf_t, next_upstream), | |
225 NULL }, | |
226 | |
227 { ngx_string("proxy_next_upstream_tries"), | |
228 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
229 ngx_conf_set_num_slot, | |
230 NGX_STREAM_SRV_CONF_OFFSET, | |
231 offsetof(ngx_stream_proxy_srv_conf_t, next_upstream_tries), | |
232 NULL }, | |
233 | |
234 { ngx_string("proxy_next_upstream_timeout"), | |
235 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
236 ngx_conf_set_msec_slot, | |
237 NGX_STREAM_SRV_CONF_OFFSET, | |
238 offsetof(ngx_stream_proxy_srv_conf_t, next_upstream_timeout), | |
239 NULL }, | |
240 | |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
241 { ngx_string("proxy_protocol"), |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
242 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
243 ngx_conf_set_flag_slot, |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
244 NGX_STREAM_SRV_CONF_OFFSET, |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
245 offsetof(ngx_stream_proxy_srv_conf_t, proxy_protocol), |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
246 NULL }, |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
247 |
6115 | 248 #if (NGX_STREAM_SSL) |
249 | |
250 { ngx_string("proxy_ssl"), | |
251 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, | |
252 ngx_conf_set_flag_slot, | |
253 NGX_STREAM_SRV_CONF_OFFSET, | |
254 offsetof(ngx_stream_proxy_srv_conf_t, ssl_enable), | |
255 NULL }, | |
256 | |
257 { ngx_string("proxy_ssl_session_reuse"), | |
258 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, | |
259 ngx_conf_set_flag_slot, | |
260 NGX_STREAM_SRV_CONF_OFFSET, | |
261 offsetof(ngx_stream_proxy_srv_conf_t, ssl_session_reuse), | |
262 NULL }, | |
263 | |
264 { ngx_string("proxy_ssl_protocols"), | |
265 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_1MORE, | |
266 ngx_conf_set_bitmask_slot, | |
267 NGX_STREAM_SRV_CONF_OFFSET, | |
268 offsetof(ngx_stream_proxy_srv_conf_t, ssl_protocols), | |
269 &ngx_stream_proxy_ssl_protocols }, | |
270 | |
271 { ngx_string("proxy_ssl_ciphers"), | |
272 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
273 ngx_conf_set_str_slot, | |
274 NGX_STREAM_SRV_CONF_OFFSET, | |
275 offsetof(ngx_stream_proxy_srv_conf_t, ssl_ciphers), | |
276 NULL }, | |
277 | |
278 { ngx_string("proxy_ssl_name"), | |
279 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
280 ngx_stream_set_complex_value_slot, |
6115 | 281 NGX_STREAM_SRV_CONF_OFFSET, |
282 offsetof(ngx_stream_proxy_srv_conf_t, ssl_name), | |
283 NULL }, | |
284 | |
285 { ngx_string("proxy_ssl_server_name"), | |
286 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, | |
287 ngx_conf_set_flag_slot, | |
288 NGX_STREAM_SRV_CONF_OFFSET, | |
289 offsetof(ngx_stream_proxy_srv_conf_t, ssl_server_name), | |
290 NULL }, | |
291 | |
292 { ngx_string("proxy_ssl_verify"), | |
293 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, | |
294 ngx_conf_set_flag_slot, | |
295 NGX_STREAM_SRV_CONF_OFFSET, | |
296 offsetof(ngx_stream_proxy_srv_conf_t, ssl_verify), | |
297 NULL }, | |
298 | |
299 { ngx_string("proxy_ssl_verify_depth"), | |
300 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
301 ngx_conf_set_num_slot, | |
302 NGX_STREAM_SRV_CONF_OFFSET, | |
303 offsetof(ngx_stream_proxy_srv_conf_t, ssl_verify_depth), | |
304 NULL }, | |
305 | |
306 { ngx_string("proxy_ssl_trusted_certificate"), | |
307 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
308 ngx_conf_set_str_slot, | |
309 NGX_STREAM_SRV_CONF_OFFSET, | |
310 offsetof(ngx_stream_proxy_srv_conf_t, ssl_trusted_certificate), | |
311 NULL }, | |
312 | |
313 { ngx_string("proxy_ssl_crl"), | |
314 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
315 ngx_conf_set_str_slot, | |
316 NGX_STREAM_SRV_CONF_OFFSET, | |
317 offsetof(ngx_stream_proxy_srv_conf_t, ssl_crl), | |
318 NULL }, | |
319 | |
320 { ngx_string("proxy_ssl_certificate"), | |
321 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
7833
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
322 ngx_stream_set_complex_value_zero_slot, |
6115 | 323 NGX_STREAM_SRV_CONF_OFFSET, |
324 offsetof(ngx_stream_proxy_srv_conf_t, ssl_certificate), | |
325 NULL }, | |
326 | |
327 { ngx_string("proxy_ssl_certificate_key"), | |
328 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
7833
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
329 ngx_stream_set_complex_value_zero_slot, |
6115 | 330 NGX_STREAM_SRV_CONF_OFFSET, |
331 offsetof(ngx_stream_proxy_srv_conf_t, ssl_certificate_key), | |
332 NULL }, | |
333 | |
334 { ngx_string("proxy_ssl_password_file"), | |
335 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, | |
336 ngx_stream_proxy_ssl_password_file, | |
337 NGX_STREAM_SRV_CONF_OFFSET, | |
338 0, | |
339 NULL }, | |
340 | |
7731
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
341 { ngx_string("proxy_ssl_conf_command"), |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
342 NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE2, |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
343 ngx_conf_set_keyval_slot, |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
344 NGX_STREAM_SRV_CONF_OFFSET, |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
345 offsetof(ngx_stream_proxy_srv_conf_t, ssl_conf_commands), |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
346 &ngx_stream_proxy_ssl_conf_command_post }, |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
347 |
6115 | 348 #endif |
349 | |
350 ngx_null_command | |
351 }; | |
352 | |
353 | |
354 static ngx_stream_module_t ngx_stream_proxy_module_ctx = { | |
6606
2f41d383c9c7
Stream: added preconfiguration step.
Vladimir Homutov <vl@nginx.com>
parents:
6599
diff
changeset
|
355 NULL, /* preconfiguration */ |
6174
68c106e6fa0a
Stream: added postconfiguration method to stream modules.
Vladimir Homutov <vl@nginx.com>
parents:
6157
diff
changeset
|
356 NULL, /* postconfiguration */ |
68c106e6fa0a
Stream: added postconfiguration method to stream modules.
Vladimir Homutov <vl@nginx.com>
parents:
6157
diff
changeset
|
357 |
6115 | 358 NULL, /* create main configuration */ |
359 NULL, /* init main configuration */ | |
360 | |
361 ngx_stream_proxy_create_srv_conf, /* create server configuration */ | |
362 ngx_stream_proxy_merge_srv_conf /* merge server configuration */ | |
363 }; | |
364 | |
365 | |
366 ngx_module_t ngx_stream_proxy_module = { | |
367 NGX_MODULE_V1, | |
368 &ngx_stream_proxy_module_ctx, /* module context */ | |
369 ngx_stream_proxy_commands, /* module directives */ | |
370 NGX_STREAM_MODULE, /* module type */ | |
371 NULL, /* init master */ | |
372 NULL, /* init module */ | |
373 NULL, /* init process */ | |
374 NULL, /* init thread */ | |
375 NULL, /* exit thread */ | |
376 NULL, /* exit process */ | |
377 NULL, /* exit master */ | |
378 NGX_MODULE_V1_PADDING | |
379 }; | |
380 | |
381 | |
382 static void | |
383 ngx_stream_proxy_handler(ngx_stream_session_t *s) | |
384 { | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
385 u_char *p; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
386 ngx_str_t *host; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
387 ngx_uint_t i; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
388 ngx_connection_t *c; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
389 ngx_resolver_ctx_t *ctx, temp; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
390 ngx_stream_upstream_t *u; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
391 ngx_stream_core_srv_conf_t *cscf; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
392 ngx_stream_proxy_srv_conf_t *pscf; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
393 ngx_stream_upstream_srv_conf_t *uscf, **uscfp; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
394 ngx_stream_upstream_main_conf_t *umcf; |
6115 | 395 |
396 c = s->connection; | |
397 | |
398 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
399 | |
400 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, | |
401 "proxy connection handler"); | |
402 | |
403 u = ngx_pcalloc(c->pool, sizeof(ngx_stream_upstream_t)); | |
404 if (u == NULL) { | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
405 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6115 | 406 return; |
407 } | |
408 | |
409 s->upstream = u; | |
410 | |
411 s->log_handler = ngx_stream_proxy_log_error; | |
412 | |
7286 | 413 u->requests = 1; |
414 | |
6115 | 415 u->peer.log = c->log; |
416 u->peer.log_error = NGX_ERROR_ERR; | |
417 | |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
418 if (ngx_stream_proxy_set_local(s, u, pscf->local) != NGX_OK) { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
419 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
420 return; |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
421 } |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
422 |
7371
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
423 if (pscf->socket_keepalive) { |
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
424 u->peer.so_keepalive = 1; |
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
425 } |
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
426 |
6436 | 427 u->peer.type = c->type; |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
428 u->start_sec = ngx_time(); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
429 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
430 c->write->handler = ngx_stream_proxy_downstream_handler; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
431 c->read->handler = ngx_stream_proxy_downstream_handler; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
432 |
6675
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
433 s->upstream_states = ngx_array_create(c->pool, 1, |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
434 sizeof(ngx_stream_upstream_state_t)); |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
435 if (s->upstream_states == NULL) { |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
436 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
437 return; |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
438 } |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
439 |
7286 | 440 p = ngx_pnalloc(c->pool, pscf->buffer_size); |
441 if (p == NULL) { | |
442 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); | |
443 return; | |
444 } | |
445 | |
446 u->downstream_buf.start = p; | |
447 u->downstream_buf.end = p + pscf->buffer_size; | |
448 u->downstream_buf.pos = p; | |
449 u->downstream_buf.last = p; | |
450 | |
451 if (c->read->ready) { | |
452 ngx_post_event(c->read, &ngx_posted_events); | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
453 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
454 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
455 if (pscf->upstream_value) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
456 if (ngx_stream_proxy_eval(s, pscf) != NGX_OK) { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
457 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
458 return; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
459 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
460 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
461 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
462 if (u->resolved == NULL) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
463 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
464 uscf = pscf->upstream; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
465 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
466 } else { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
467 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
468 #if (NGX_STREAM_SSL) |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
469 u->ssl_name = u->resolved->host; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
470 #endif |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
471 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
472 host = &u->resolved->host; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
473 |
6786
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
474 umcf = ngx_stream_get_module_main_conf(s, ngx_stream_upstream_module); |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
475 |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
476 uscfp = umcf->upstreams.elts; |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
477 |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
478 for (i = 0; i < umcf->upstreams.nelts; i++) { |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
479 |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
480 uscf = uscfp[i]; |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
481 |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
482 if (uscf->host.len == host->len |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
483 && ((uscf->port == 0 && u->resolved->no_port) |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
484 || uscf->port == u->resolved->port) |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
485 && ngx_strncasecmp(uscf->host.data, host->data, host->len) == 0) |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
486 { |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
487 goto found; |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
488 } |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
489 } |
906ac20234ed
Upstream: do not unnecessarily create per-request upstreams.
Ruslan Ermilov <ru@nginx.com>
parents:
6785
diff
changeset
|
490 |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
491 if (u->resolved->sockaddr) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
492 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
493 if (u->resolved->port == 0 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
494 && u->resolved->sockaddr->sa_family != AF_UNIX) |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
495 { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
496 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
497 "no port in upstream \"%V\"", host); |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
498 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
499 return; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
500 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
501 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
502 if (ngx_stream_upstream_create_round_robin_peer(s, u->resolved) |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
503 != NGX_OK) |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
504 { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
505 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
506 return; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
507 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
508 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
509 ngx_stream_proxy_connect(s); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
510 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
511 return; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
512 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
513 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
514 if (u->resolved->port == 0) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
515 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
516 "no port in upstream \"%V\"", host); |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
517 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
518 return; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
519 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
520 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
521 temp.name = *host; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
522 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
523 cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
524 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
525 ctx = ngx_resolve_start(cscf->resolver, &temp); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
526 if (ctx == NULL) { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
527 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
528 return; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
529 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
530 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
531 if (ctx == NGX_NO_RESOLVER) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
532 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
533 "no resolver defined to resolve %V", host); |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
534 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
535 return; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
536 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
537 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
538 ctx->name = *host; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
539 ctx->handler = ngx_stream_proxy_resolve_handler; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
540 ctx->data = s; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
541 ctx->timeout = cscf->resolver_timeout; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
542 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
543 u->resolved->ctx = ctx; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
544 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
545 if (ngx_resolve_name(ctx) != NGX_OK) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
546 u->resolved->ctx = NULL; |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
547 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
548 return; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
549 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
550 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
551 return; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
552 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
553 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
554 found: |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
555 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
556 if (uscf == NULL) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
557 ngx_log_error(NGX_LOG_ALERT, c->log, 0, "no upstream configuration"); |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
558 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
559 return; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
560 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
561 |
6703
edcd9303a4d3
Upstream: introduced u->upstream.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6692
diff
changeset
|
562 u->upstream = uscf; |
edcd9303a4d3
Upstream: introduced u->upstream.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6692
diff
changeset
|
563 |
6648
d43ee392e825
Stream: fixed build without stream_ssl_module (ticket #1032).
Vladimir Homutov <vl@nginx.com>
parents:
6643
diff
changeset
|
564 #if (NGX_STREAM_SSL) |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
565 u->ssl_name = uscf->host; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
566 #endif |
6115 | 567 |
568 if (uscf->peer.init(s, uscf) != NGX_OK) { | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
569 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6115 | 570 return; |
571 } | |
572 | |
573 u->peer.start_time = ngx_current_msec; | |
574 | |
575 if (pscf->next_upstream_tries | |
576 && u->peer.tries > pscf->next_upstream_tries) | |
577 { | |
578 u->peer.tries = pscf->next_upstream_tries; | |
579 } | |
580 | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
581 ngx_stream_proxy_connect(s); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
582 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
583 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
584 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
585 static ngx_int_t |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
586 ngx_stream_proxy_eval(ngx_stream_session_t *s, |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
587 ngx_stream_proxy_srv_conf_t *pscf) |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
588 { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
589 ngx_str_t host; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
590 ngx_url_t url; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
591 ngx_stream_upstream_t *u; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
592 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
593 if (ngx_stream_complex_value(s, pscf->upstream_value, &host) != NGX_OK) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
594 return NGX_ERROR; |
6115 | 595 } |
596 | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
597 ngx_memzero(&url, sizeof(ngx_url_t)); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
598 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
599 url.url = host; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
600 url.no_resolve = 1; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
601 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
602 if (ngx_parse_url(s->connection->pool, &url) != NGX_OK) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
603 if (url.err) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
604 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
605 "%s in upstream \"%V\"", url.err, &url.url); |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
606 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
607 |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
608 return NGX_ERROR; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
609 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
610 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
611 u = s->upstream; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
612 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
613 u->resolved = ngx_pcalloc(s->connection->pool, |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
614 sizeof(ngx_stream_upstream_resolved_t)); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
615 if (u->resolved == NULL) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
616 return NGX_ERROR; |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
617 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
618 |
6784
1af120241cde
Upstream: removed unnecessary condition in proxy_eval() and friends.
Ruslan Ermilov <ru@nginx.com>
parents:
6777
diff
changeset
|
619 if (url.addrs) { |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
620 u->resolved->sockaddr = url.addrs[0].sockaddr; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
621 u->resolved->socklen = url.addrs[0].socklen; |
6785
d1d0dd69a419
Upstream: added the ngx_http_upstream_resolved_t.name field.
Ruslan Ermilov <ru@nginx.com>
parents:
6784
diff
changeset
|
622 u->resolved->name = url.addrs[0].name; |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
623 u->resolved->naddrs = 1; |
6115 | 624 } |
625 | |
6785
d1d0dd69a419
Upstream: added the ngx_http_upstream_resolved_t.name field.
Ruslan Ermilov <ru@nginx.com>
parents:
6784
diff
changeset
|
626 u->resolved->host = url.host; |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
627 u->resolved->port = url.port; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
628 u->resolved->no_port = url.no_port; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
629 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
630 return NGX_OK; |
6115 | 631 } |
632 | |
633 | |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
634 static ngx_int_t |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
635 ngx_stream_proxy_set_local(ngx_stream_session_t *s, ngx_stream_upstream_t *u, |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
636 ngx_stream_upstream_local_t *local) |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
637 { |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
638 ngx_int_t rc; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
639 ngx_str_t val; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
640 ngx_addr_t *addr; |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
641 |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
642 if (local == NULL) { |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
643 u->peer.local = NULL; |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
644 return NGX_OK; |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
645 } |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
646 |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
647 #if (NGX_HAVE_TRANSPARENT_PROXY) |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
648 u->peer.transparent = local->transparent; |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
649 #endif |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
650 |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
651 if (local->value == NULL) { |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
652 u->peer.local = local->addr; |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
653 return NGX_OK; |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
654 } |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
655 |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
656 if (ngx_stream_complex_value(s, local->value, &val) != NGX_OK) { |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
657 return NGX_ERROR; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
658 } |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
659 |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
660 if (val.len == 0) { |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
661 return NGX_OK; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
662 } |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
663 |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
664 addr = ngx_palloc(s->connection->pool, sizeof(ngx_addr_t)); |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
665 if (addr == NULL) { |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
666 return NGX_ERROR; |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
667 } |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
668 |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
669 rc = ngx_parse_addr_port(s->connection->pool, addr, val.data, val.len); |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
670 if (rc == NGX_ERROR) { |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
671 return NGX_ERROR; |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
672 } |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
673 |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
674 if (rc != NGX_OK) { |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
675 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
676 "invalid local address \"%V\"", &val); |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
677 return NGX_OK; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
678 } |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
679 |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
680 addr->name = val; |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
681 u->peer.local = addr; |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
682 |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
683 return NGX_OK; |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
684 } |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
685 |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
686 |
6115 | 687 static void |
688 ngx_stream_proxy_connect(ngx_stream_session_t *s) | |
689 { | |
690 ngx_int_t rc; | |
691 ngx_connection_t *c, *pc; | |
692 ngx_stream_upstream_t *u; | |
693 ngx_stream_proxy_srv_conf_t *pscf; | |
694 | |
695 c = s->connection; | |
696 | |
697 c->log->action = "connecting to upstream"; | |
698 | |
6692 | 699 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
700 | |
6115 | 701 u = s->upstream; |
702 | |
6692 | 703 u->connected = 0; |
704 u->proxy_protocol = pscf->proxy_protocol; | |
705 | |
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
706 if (u->state) { |
7397
860d3907da1c
Upstream: revised upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
7393
diff
changeset
|
707 u->state->response_time = ngx_current_msec - u->start_time; |
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
708 } |
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
709 |
6675
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
710 u->state = ngx_array_push(s->upstream_states); |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
711 if (u->state == NULL) { |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
712 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
713 return; |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
714 } |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
715 |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
716 ngx_memzero(u->state, sizeof(ngx_stream_upstream_state_t)); |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
717 |
7397
860d3907da1c
Upstream: revised upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
7393
diff
changeset
|
718 u->start_time = ngx_current_msec; |
860d3907da1c
Upstream: revised upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
7393
diff
changeset
|
719 |
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
720 u->state->connect_time = (ngx_msec_t) -1; |
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
721 u->state->first_byte_time = (ngx_msec_t) -1; |
7397
860d3907da1c
Upstream: revised upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
7393
diff
changeset
|
722 u->state->response_time = (ngx_msec_t) -1; |
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
723 |
6115 | 724 rc = ngx_event_connect_peer(&u->peer); |
725 | |
726 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0, "proxy connect: %i", rc); | |
727 | |
728 if (rc == NGX_ERROR) { | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
729 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6115 | 730 return; |
731 } | |
732 | |
6675
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
733 u->state->peer = u->peer.name; |
ab9b4fd8c5b7
Stream: the $upstream_addr variable.
Vladimir Homutov <vl@nginx.com>
parents:
6674
diff
changeset
|
734 |
6115 | 735 if (rc == NGX_BUSY) { |
736 ngx_log_error(NGX_LOG_ERR, c->log, 0, "no live upstreams"); | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
737 ngx_stream_proxy_finalize(s, NGX_STREAM_BAD_GATEWAY); |
6115 | 738 return; |
739 } | |
740 | |
741 if (rc == NGX_DECLINED) { | |
742 ngx_stream_proxy_next_upstream(s); | |
743 return; | |
744 } | |
745 | |
746 /* rc == NGX_OK || rc == NGX_AGAIN || rc == NGX_DONE */ | |
747 | |
748 pc = u->peer.connection; | |
749 | |
750 pc->data = s; | |
751 pc->log = c->log; | |
752 pc->pool = c->pool; | |
753 pc->read->log = c->log; | |
754 pc->write->log = c->log; | |
755 | |
756 if (rc != NGX_AGAIN) { | |
757 ngx_stream_proxy_init_upstream(s); | |
758 return; | |
759 } | |
760 | |
761 pc->read->handler = ngx_stream_proxy_connect_handler; | |
762 pc->write->handler = ngx_stream_proxy_connect_handler; | |
763 | |
764 ngx_add_timer(pc->write, pscf->connect_timeout); | |
765 } | |
766 | |
767 | |
768 static void | |
769 ngx_stream_proxy_init_upstream(ngx_stream_session_t *s) | |
770 { | |
771 u_char *p; | |
6692 | 772 ngx_chain_t *cl; |
6115 | 773 ngx_connection_t *c, *pc; |
774 ngx_log_handler_pt handler; | |
775 ngx_stream_upstream_t *u; | |
6221
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
776 ngx_stream_core_srv_conf_t *cscf; |
6115 | 777 ngx_stream_proxy_srv_conf_t *pscf; |
778 | |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
779 u = s->upstream; |
6221
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
780 pc = u->peer.connection; |
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
781 |
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
782 cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); |
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
783 |
6436 | 784 if (pc->type == SOCK_STREAM |
785 && cscf->tcp_nodelay | |
7007
ed1101bbf19f
Introduced ngx_tcp_nodelay().
Ruslan Ermilov <ru@nginx.com>
parents:
6981
diff
changeset
|
786 && ngx_tcp_nodelay(pc) != NGX_OK) |
6436 | 787 { |
7007
ed1101bbf19f
Introduced ngx_tcp_nodelay().
Ruslan Ermilov <ru@nginx.com>
parents:
6981
diff
changeset
|
788 ngx_stream_proxy_next_upstream(s); |
ed1101bbf19f
Introduced ngx_tcp_nodelay().
Ruslan Ermilov <ru@nginx.com>
parents:
6981
diff
changeset
|
789 return; |
6221
7565e056fad6
Stream: the "tcp_nodelay" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6217
diff
changeset
|
790 } |
6115 | 791 |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
792 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
6115 | 793 |
794 #if (NGX_STREAM_SSL) | |
6692 | 795 |
796 if (pc->type == SOCK_STREAM && pscf->ssl) { | |
797 | |
798 if (u->proxy_protocol) { | |
799 if (ngx_stream_proxy_send_proxy_protocol(s) != NGX_OK) { | |
800 return; | |
801 } | |
802 | |
803 u->proxy_protocol = 0; | |
804 } | |
805 | |
806 if (pc->ssl == NULL) { | |
807 ngx_stream_proxy_ssl_init_connection(s); | |
808 return; | |
809 } | |
6115 | 810 } |
6692 | 811 |
6115 | 812 #endif |
813 | |
814 c = s->connection; | |
815 | |
816 if (c->log->log_level >= NGX_LOG_INFO) { | |
6230
2a621245f4cf
Win32: MSVC 2015 compatibility.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6222
diff
changeset
|
817 ngx_str_t str; |
6115 | 818 u_char addr[NGX_SOCKADDR_STRLEN]; |
819 | |
6230
2a621245f4cf
Win32: MSVC 2015 compatibility.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6222
diff
changeset
|
820 str.len = NGX_SOCKADDR_STRLEN; |
2a621245f4cf
Win32: MSVC 2015 compatibility.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6222
diff
changeset
|
821 str.data = addr; |
6115 | 822 |
6230
2a621245f4cf
Win32: MSVC 2015 compatibility.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6222
diff
changeset
|
823 if (ngx_connection_local_sockaddr(pc, &str, 1) == NGX_OK) { |
6115 | 824 handler = c->log->handler; |
825 c->log->handler = NULL; | |
826 | |
6461
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
827 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
828 "%sproxy %V connected to %V", |
a01e315b3a78
Stream: additional logging for UDP.
Vladimir Homutov <vl@nginx.com>
parents:
6436
diff
changeset
|
829 pc->type == SOCK_DGRAM ? "udp " : "", |
6230
2a621245f4cf
Win32: MSVC 2015 compatibility.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6222
diff
changeset
|
830 &str, u->peer.name); |
6115 | 831 |
832 c->log->handler = handler; | |
833 } | |
834 } | |
835 | |
7397
860d3907da1c
Upstream: revised upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
7393
diff
changeset
|
836 u->state->connect_time = ngx_current_msec - u->start_time; |
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
837 |
6863
54cf51c4f07a
Stream: speed up TCP peer recovery.
Roman Arutyunyan <arut@nginx.com>
parents:
6786
diff
changeset
|
838 if (u->peer.notify) { |
54cf51c4f07a
Stream: speed up TCP peer recovery.
Roman Arutyunyan <arut@nginx.com>
parents:
6786
diff
changeset
|
839 u->peer.notify(&u->peer, u->peer.data, |
54cf51c4f07a
Stream: speed up TCP peer recovery.
Roman Arutyunyan <arut@nginx.com>
parents:
6786
diff
changeset
|
840 NGX_STREAM_UPSTREAM_NOTIFY_CONNECT); |
54cf51c4f07a
Stream: speed up TCP peer recovery.
Roman Arutyunyan <arut@nginx.com>
parents:
6786
diff
changeset
|
841 } |
54cf51c4f07a
Stream: speed up TCP peer recovery.
Roman Arutyunyan <arut@nginx.com>
parents:
6786
diff
changeset
|
842 |
6436 | 843 if (u->upstream_buf.start == NULL) { |
844 p = ngx_pnalloc(c->pool, pscf->buffer_size); | |
845 if (p == NULL) { | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
846 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6436 | 847 return; |
848 } | |
849 | |
850 u->upstream_buf.start = p; | |
851 u->upstream_buf.end = p + pscf->buffer_size; | |
852 u->upstream_buf.pos = p; | |
853 u->upstream_buf.last = p; | |
6115 | 854 } |
855 | |
7665
d127837c714f
Stream: fixed processing of zero length UDP packets (ticket #1982).
Vladimir Homutov <vl@nginx.com>
parents:
7505
diff
changeset
|
856 if (c->buffer && c->buffer->pos <= c->buffer->last) { |
6692 | 857 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0, |
858 "stream proxy add preread buffer: %uz", | |
859 c->buffer->last - c->buffer->pos); | |
860 | |
861 cl = ngx_chain_get_free_buf(c->pool, &u->free); | |
862 if (cl == NULL) { | |
863 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); | |
864 return; | |
865 } | |
866 | |
867 *cl->buf = *c->buffer; | |
868 | |
869 cl->buf->tag = (ngx_buf_tag_t) &ngx_stream_proxy_module; | |
7665
d127837c714f
Stream: fixed processing of zero length UDP packets (ticket #1982).
Vladimir Homutov <vl@nginx.com>
parents:
7505
diff
changeset
|
870 cl->buf->temporary = (cl->buf->pos == cl->buf->last) ? 0 : 1; |
6692 | 871 cl->buf->flush = 1; |
872 | |
873 cl->next = u->upstream_out; | |
874 u->upstream_out = cl; | |
875 } | |
876 | |
877 if (u->proxy_protocol) { | |
878 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, | |
879 "stream proxy add PROXY protocol header"); | |
880 | |
881 cl = ngx_chain_get_free_buf(c->pool, &u->free); | |
882 if (cl == NULL) { | |
883 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); | |
884 return; | |
6436 | 885 } |
6692 | 886 |
887 p = ngx_pnalloc(c->pool, NGX_PROXY_PROTOCOL_MAX_HEADER); | |
888 if (p == NULL) { | |
889 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); | |
890 return; | |
891 } | |
892 | |
893 cl->buf->pos = p; | |
894 | |
895 p = ngx_proxy_protocol_write(c, p, p + NGX_PROXY_PROTOCOL_MAX_HEADER); | |
896 if (p == NULL) { | |
897 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); | |
898 return; | |
899 } | |
900 | |
901 cl->buf->last = p; | |
902 cl->buf->temporary = 1; | |
903 cl->buf->flush = 0; | |
904 cl->buf->last_buf = 0; | |
905 cl->buf->tag = (ngx_buf_tag_t) &ngx_stream_proxy_module; | |
906 | |
907 cl->next = u->upstream_out; | |
908 u->upstream_out = cl; | |
909 | |
910 u->proxy_protocol = 0; | |
911 } | |
912 | |
7505
16a1adadf437
Variables support in proxy_upload_rate and proxy_download_rate.
Ruslan Ermilov <ru@nginx.com>
parents:
7473
diff
changeset
|
913 u->upload_rate = ngx_stream_complex_value_size(s, pscf->upload_rate, 0); |
16a1adadf437
Variables support in proxy_upload_rate and proxy_download_rate.
Ruslan Ermilov <ru@nginx.com>
parents:
7473
diff
changeset
|
914 u->download_rate = ngx_stream_complex_value_size(s, pscf->download_rate, 0); |
16a1adadf437
Variables support in proxy_upload_rate and proxy_download_rate.
Ruslan Ermilov <ru@nginx.com>
parents:
7473
diff
changeset
|
915 |
6202
6345822f0abb
Stream: upstream "connected" flag.
Roman Arutyunyan <arut@nginx.com>
parents:
6201
diff
changeset
|
916 u->connected = 1; |
6345822f0abb
Stream: upstream "connected" flag.
Roman Arutyunyan <arut@nginx.com>
parents:
6201
diff
changeset
|
917 |
6115 | 918 pc->read->handler = ngx_stream_proxy_upstream_handler; |
919 pc->write->handler = ngx_stream_proxy_upstream_handler; | |
920 | |
7286 | 921 if (pc->read->ready) { |
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
922 ngx_post_event(pc->read, &ngx_posted_events); |
6115 | 923 } |
924 | |
925 ngx_stream_proxy_process(s, 0, 1); | |
926 } | |
927 | |
928 | |
6692 | 929 #if (NGX_STREAM_SSL) |
930 | |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
931 static ngx_int_t |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
932 ngx_stream_proxy_send_proxy_protocol(ngx_stream_session_t *s) |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
933 { |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
934 u_char *p; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
935 ssize_t n, size; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
936 ngx_connection_t *c, *pc; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
937 ngx_stream_upstream_t *u; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
938 ngx_stream_proxy_srv_conf_t *pscf; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
939 u_char buf[NGX_PROXY_PROTOCOL_MAX_HEADER]; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
940 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
941 c = s->connection; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
942 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
943 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
944 "stream proxy send PROXY protocol header"); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
945 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
946 p = ngx_proxy_protocol_write(c, buf, buf + NGX_PROXY_PROTOCOL_MAX_HEADER); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
947 if (p == NULL) { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
948 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
949 return NGX_ERROR; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
950 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
951 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
952 u = s->upstream; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
953 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
954 pc = u->peer.connection; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
955 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
956 size = p - buf; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
957 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
958 n = pc->send(pc, buf, size); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
959 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
960 if (n == NGX_AGAIN) { |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
961 if (ngx_handle_write_event(pc->write, 0) != NGX_OK) { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
962 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
963 return NGX_ERROR; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
964 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
965 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
966 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
967 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
968 ngx_add_timer(pc->write, pscf->timeout); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
969 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
970 pc->write->handler = ngx_stream_proxy_connect_handler; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
971 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
972 return NGX_AGAIN; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
973 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
974 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
975 if (n == NGX_ERROR) { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
976 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
977 return NGX_ERROR; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
978 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
979 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
980 if (n != size) { |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
981 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
982 /* |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
983 * PROXY protocol specification: |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
984 * The sender must always ensure that the header |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
985 * is sent at once, so that the transport layer |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
986 * maintains atomicity along the path to the receiver. |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
987 */ |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
988 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
989 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
990 "could not send PROXY protocol header at once"); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
991 |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
992 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
993 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
994 return NGX_ERROR; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
995 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
996 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
997 return NGX_OK; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
998 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
999 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
1000 |
6115 | 1001 static char * |
1002 ngx_stream_proxy_ssl_password_file(ngx_conf_t *cf, ngx_command_t *cmd, | |
1003 void *conf) | |
1004 { | |
1005 ngx_stream_proxy_srv_conf_t *pscf = conf; | |
1006 | |
1007 ngx_str_t *value; | |
1008 | |
1009 if (pscf->ssl_passwords != NGX_CONF_UNSET_PTR) { | |
1010 return "is duplicate"; | |
1011 } | |
1012 | |
1013 value = cf->args->elts; | |
1014 | |
1015 pscf->ssl_passwords = ngx_ssl_read_password_file(cf, &value[1]); | |
1016 | |
1017 if (pscf->ssl_passwords == NULL) { | |
1018 return NGX_CONF_ERROR; | |
1019 } | |
1020 | |
1021 return NGX_CONF_OK; | |
1022 } | |
1023 | |
1024 | |
7731
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
1025 static char * |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
1026 ngx_stream_proxy_ssl_conf_command_check(ngx_conf_t *cf, void *post, void *data) |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
1027 { |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
1028 #ifndef SSL_CONF_FLAG_FILE |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
1029 return "is not supported on this platform"; |
7787
7ce28b4cc57e
SSL: fixed build by Sun C with old OpenSSL versions.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7731
diff
changeset
|
1030 #else |
7ce28b4cc57e
SSL: fixed build by Sun C with old OpenSSL versions.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7731
diff
changeset
|
1031 return NGX_CONF_OK; |
7731
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
1032 #endif |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
1033 } |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
1034 |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
1035 |
6115 | 1036 static void |
1037 ngx_stream_proxy_ssl_init_connection(ngx_stream_session_t *s) | |
1038 { | |
1039 ngx_int_t rc; | |
1040 ngx_connection_t *pc; | |
1041 ngx_stream_upstream_t *u; | |
1042 ngx_stream_proxy_srv_conf_t *pscf; | |
1043 | |
1044 u = s->upstream; | |
1045 | |
1046 pc = u->peer.connection; | |
1047 | |
1048 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
1049 | |
1050 if (ngx_ssl_create_connection(pscf->ssl, pc, NGX_SSL_BUFFER|NGX_SSL_CLIENT) | |
1051 != NGX_OK) | |
1052 { | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1053 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6115 | 1054 return; |
1055 } | |
1056 | |
1057 if (pscf->ssl_server_name || pscf->ssl_verify) { | |
1058 if (ngx_stream_proxy_ssl_name(s) != NGX_OK) { | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1059 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6115 | 1060 return; |
1061 } | |
1062 } | |
1063 | |
7833
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1064 if (pscf->ssl_certificate && (pscf->ssl_certificate->lengths |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1065 || pscf->ssl_certificate_key->lengths)) |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1066 { |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1067 if (ngx_stream_proxy_ssl_certificate(s) != NGX_OK) { |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1068 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1069 return; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1070 } |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1071 } |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1072 |
6115 | 1073 if (pscf->ssl_session_reuse) { |
7320
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1074 pc->ssl->save_session = ngx_stream_proxy_ssl_save_session; |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1075 |
6115 | 1076 if (u->peer.set_session(&u->peer, u->peer.data) != NGX_OK) { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1077 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6115 | 1078 return; |
1079 } | |
1080 } | |
1081 | |
1082 s->connection->log->action = "SSL handshaking to upstream"; | |
1083 | |
1084 rc = ngx_ssl_handshake(pc); | |
1085 | |
1086 if (rc == NGX_AGAIN) { | |
1087 | |
1088 if (!pc->write->timer_set) { | |
1089 ngx_add_timer(pc->write, pscf->connect_timeout); | |
1090 } | |
1091 | |
1092 pc->ssl->handler = ngx_stream_proxy_ssl_handshake; | |
1093 return; | |
1094 } | |
1095 | |
1096 ngx_stream_proxy_ssl_handshake(pc); | |
1097 } | |
1098 | |
1099 | |
1100 static void | |
1101 ngx_stream_proxy_ssl_handshake(ngx_connection_t *pc) | |
1102 { | |
1103 long rc; | |
1104 ngx_stream_session_t *s; | |
1105 ngx_stream_upstream_t *u; | |
1106 ngx_stream_proxy_srv_conf_t *pscf; | |
1107 | |
1108 s = pc->data; | |
1109 | |
1110 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
1111 | |
1112 if (pc->ssl->handshaked) { | |
1113 | |
1114 if (pscf->ssl_verify) { | |
1115 rc = SSL_get_verify_result(pc->ssl->connection); | |
1116 | |
1117 if (rc != X509_V_OK) { | |
1118 ngx_log_error(NGX_LOG_ERR, pc->log, 0, | |
1119 "upstream SSL certificate verify error: (%l:%s)", | |
1120 rc, X509_verify_cert_error_string(rc)); | |
1121 goto failed; | |
1122 } | |
1123 | |
1124 u = s->upstream; | |
1125 | |
1126 if (ngx_ssl_check_host(pc, &u->ssl_name) != NGX_OK) { | |
1127 ngx_log_error(NGX_LOG_ERR, pc->log, 0, | |
1128 "upstream SSL certificate does not match \"%V\"", | |
1129 &u->ssl_name); | |
1130 goto failed; | |
1131 } | |
1132 } | |
1133 | |
6258
4b4aee40c508
Stream: delete proxy connection timer after SSL handshake.
Ruslan Ermilov <ru@nginx.com>
parents:
6230
diff
changeset
|
1134 if (pc->write->timer_set) { |
4b4aee40c508
Stream: delete proxy connection timer after SSL handshake.
Ruslan Ermilov <ru@nginx.com>
parents:
6230
diff
changeset
|
1135 ngx_del_timer(pc->write); |
4b4aee40c508
Stream: delete proxy connection timer after SSL handshake.
Ruslan Ermilov <ru@nginx.com>
parents:
6230
diff
changeset
|
1136 } |
4b4aee40c508
Stream: delete proxy connection timer after SSL handshake.
Ruslan Ermilov <ru@nginx.com>
parents:
6230
diff
changeset
|
1137 |
6115 | 1138 ngx_stream_proxy_init_upstream(s); |
1139 | |
1140 return; | |
1141 } | |
1142 | |
1143 failed: | |
1144 | |
1145 ngx_stream_proxy_next_upstream(s); | |
1146 } | |
1147 | |
1148 | |
7320
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1149 static void |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1150 ngx_stream_proxy_ssl_save_session(ngx_connection_t *c) |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1151 { |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1152 ngx_stream_session_t *s; |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1153 ngx_stream_upstream_t *u; |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1154 |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1155 s = c->data; |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1156 u = s->upstream; |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1157 |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1158 u->peer.save_session(&u->peer, u->peer.data); |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1159 } |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1160 |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
1161 |
6115 | 1162 static ngx_int_t |
1163 ngx_stream_proxy_ssl_name(ngx_stream_session_t *s) | |
1164 { | |
1165 u_char *p, *last; | |
1166 ngx_str_t name; | |
1167 ngx_stream_upstream_t *u; | |
1168 ngx_stream_proxy_srv_conf_t *pscf; | |
1169 | |
1170 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
1171 | |
1172 u = s->upstream; | |
1173 | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1174 if (pscf->ssl_name) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1175 if (ngx_stream_complex_value(s, pscf->ssl_name, &name) != NGX_OK) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1176 return NGX_ERROR; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1177 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1178 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1179 } else { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1180 name = u->ssl_name; |
6115 | 1181 } |
1182 | |
1183 if (name.len == 0) { | |
1184 goto done; | |
1185 } | |
1186 | |
1187 /* | |
1188 * ssl name here may contain port, strip it for compatibility | |
1189 * with the http module | |
1190 */ | |
1191 | |
1192 p = name.data; | |
1193 last = name.data + name.len; | |
1194 | |
1195 if (*p == '[') { | |
1196 p = ngx_strlchr(p, last, ']'); | |
1197 | |
1198 if (p == NULL) { | |
1199 p = name.data; | |
1200 } | |
1201 } | |
1202 | |
1203 p = ngx_strlchr(p, last, ':'); | |
1204 | |
1205 if (p != NULL) { | |
1206 name.len = p - name.data; | |
1207 } | |
1208 | |
1209 if (!pscf->ssl_server_name) { | |
1210 goto done; | |
1211 } | |
1212 | |
1213 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME | |
1214 | |
1215 /* as per RFC 6066, literal IPv4 and IPv6 addresses are not permitted */ | |
1216 | |
1217 if (name.len == 0 || *name.data == '[') { | |
1218 goto done; | |
1219 } | |
1220 | |
1221 if (ngx_inet_addr(name.data, name.len) != INADDR_NONE) { | |
1222 goto done; | |
1223 } | |
1224 | |
1225 /* | |
1226 * SSL_set_tlsext_host_name() needs a null-terminated string, | |
1227 * hence we explicitly null-terminate name here | |
1228 */ | |
1229 | |
1230 p = ngx_pnalloc(s->connection->pool, name.len + 1); | |
1231 if (p == NULL) { | |
1232 return NGX_ERROR; | |
1233 } | |
1234 | |
1235 (void) ngx_cpystrn(p, name.data, name.len + 1); | |
1236 | |
1237 name.data = p; | |
1238 | |
1239 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, | |
1240 "upstream SSL server name: \"%s\"", name.data); | |
1241 | |
6777
563a1ee345a4
SSL: compatibility with BoringSSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6703
diff
changeset
|
1242 if (SSL_set_tlsext_host_name(u->peer.connection->ssl->connection, |
563a1ee345a4
SSL: compatibility with BoringSSL.
Maxim Dounin <mdounin@mdounin.ru>
parents:
6703
diff
changeset
|
1243 (char *) name.data) |
6115 | 1244 == 0) |
1245 { | |
1246 ngx_ssl_error(NGX_LOG_ERR, s->connection->log, 0, | |
1247 "SSL_set_tlsext_host_name(\"%s\") failed", name.data); | |
1248 return NGX_ERROR; | |
1249 } | |
1250 | |
1251 #endif | |
1252 | |
1253 done: | |
1254 | |
1255 u->ssl_name = name; | |
1256 | |
1257 return NGX_OK; | |
1258 } | |
1259 | |
7833
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1260 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1261 static ngx_int_t |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1262 ngx_stream_proxy_ssl_certificate(ngx_stream_session_t *s) |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1263 { |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1264 ngx_str_t cert, key; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1265 ngx_connection_t *c; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1266 ngx_stream_proxy_srv_conf_t *pscf; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1267 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1268 c = s->upstream->peer.connection; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1269 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1270 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1271 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1272 if (ngx_stream_complex_value(s, pscf->ssl_certificate, &cert) |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1273 != NGX_OK) |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1274 { |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1275 return NGX_ERROR; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1276 } |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1277 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1278 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0, |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1279 "stream upstream ssl cert: \"%s\"", cert.data); |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1280 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1281 if (*cert.data == '\0') { |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1282 return NGX_OK; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1283 } |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1284 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1285 if (ngx_stream_complex_value(s, pscf->ssl_certificate_key, &key) |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1286 != NGX_OK) |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1287 { |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1288 return NGX_ERROR; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1289 } |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1290 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1291 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0, |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1292 "stream upstream ssl key: \"%s\"", key.data); |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1293 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1294 if (ngx_ssl_connection_certificate(c, c->pool, &cert, &key, |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1295 pscf->ssl_passwords) |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1296 != NGX_OK) |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1297 { |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1298 return NGX_ERROR; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1299 } |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1300 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1301 return NGX_OK; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1302 } |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
1303 |
6115 | 1304 #endif |
1305 | |
1306 | |
1307 static void | |
1308 ngx_stream_proxy_downstream_handler(ngx_event_t *ev) | |
1309 { | |
6200
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1310 ngx_stream_proxy_process_connection(ev, ev->write); |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1311 } |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1312 |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1313 |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1314 static void |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1315 ngx_stream_proxy_resolve_handler(ngx_resolver_ctx_t *ctx) |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1316 { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1317 ngx_stream_session_t *s; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1318 ngx_stream_upstream_t *u; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1319 ngx_stream_proxy_srv_conf_t *pscf; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1320 ngx_stream_upstream_resolved_t *ur; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1321 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1322 s = ctx->data; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1323 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1324 u = s->upstream; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1325 ur = u->resolved; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1326 |
6648
d43ee392e825
Stream: fixed build without stream_ssl_module (ticket #1032).
Vladimir Homutov <vl@nginx.com>
parents:
6643
diff
changeset
|
1327 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1328 "stream upstream resolve"); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1329 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1330 if (ctx->state) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1331 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1332 "%V could not be resolved (%i: %s)", |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1333 &ctx->name, ctx->state, |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1334 ngx_resolver_strerror(ctx->state)); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1335 |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1336 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1337 return; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1338 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1339 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1340 ur->naddrs = ctx->naddrs; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1341 ur->addrs = ctx->addrs; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1342 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1343 #if (NGX_DEBUG) |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1344 { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1345 u_char text[NGX_SOCKADDR_STRLEN]; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1346 ngx_str_t addr; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1347 ngx_uint_t i; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1348 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1349 addr.data = text; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1350 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1351 for (i = 0; i < ctx->naddrs; i++) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1352 addr.len = ngx_sock_ntop(ur->addrs[i].sockaddr, ur->addrs[i].socklen, |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1353 text, NGX_SOCKADDR_STRLEN, 0); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1354 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1355 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1356 "name was resolved to %V", &addr); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1357 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1358 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1359 #endif |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1360 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1361 if (ngx_stream_upstream_create_round_robin_peer(s, ur) != NGX_OK) { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1362 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1363 return; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1364 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1365 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1366 ngx_resolve_name_done(ctx); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1367 ur->ctx = NULL; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1368 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1369 u->peer.start_time = ngx_current_msec; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1370 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1371 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1372 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1373 if (pscf->next_upstream_tries |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1374 && u->peer.tries > pscf->next_upstream_tries) |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1375 { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1376 u->peer.tries = pscf->next_upstream_tries; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1377 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1378 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1379 ngx_stream_proxy_connect(s); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1380 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1381 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1382 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1383 static void |
6200
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1384 ngx_stream_proxy_upstream_handler(ngx_event_t *ev) |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1385 { |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1386 ngx_stream_proxy_process_connection(ev, !ev->write); |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1387 } |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1388 |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1389 |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1390 static void |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1391 ngx_stream_proxy_process_connection(ngx_event_t *ev, ngx_uint_t from_upstream) |
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1392 { |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1393 ngx_connection_t *c, *pc; |
7286 | 1394 ngx_log_handler_pt handler; |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1395 ngx_stream_session_t *s; |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1396 ngx_stream_upstream_t *u; |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1397 ngx_stream_proxy_srv_conf_t *pscf; |
6115 | 1398 |
1399 c = ev->data; | |
1400 s = c->data; | |
6200
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1401 u = s->upstream; |
6115 | 1402 |
7156
9c29644f6d03
Fixed worker_shutdown_timeout in various cases.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7105
diff
changeset
|
1403 if (c->close) { |
9c29644f6d03
Fixed worker_shutdown_timeout in various cases.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7105
diff
changeset
|
1404 ngx_log_error(NGX_LOG_INFO, c->log, 0, "shutdown timeout"); |
9c29644f6d03
Fixed worker_shutdown_timeout in various cases.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7105
diff
changeset
|
1405 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); |
9c29644f6d03
Fixed worker_shutdown_timeout in various cases.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7105
diff
changeset
|
1406 return; |
9c29644f6d03
Fixed worker_shutdown_timeout in various cases.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7105
diff
changeset
|
1407 } |
9c29644f6d03
Fixed worker_shutdown_timeout in various cases.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7105
diff
changeset
|
1408 |
6436 | 1409 c = s->connection; |
1410 pc = u->peer.connection; | |
1411 | |
1412 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
1413 | |
6115 | 1414 if (ev->timedout) { |
6436 | 1415 ev->timedout = 0; |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1416 |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1417 if (ev->delayed) { |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1418 ev->delayed = 0; |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1419 |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1420 if (!ev->ready) { |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1421 if (ngx_handle_read_event(ev, 0) != NGX_OK) { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1422 ngx_stream_proxy_finalize(s, |
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1423 NGX_STREAM_INTERNAL_SERVER_ERROR); |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1424 return; |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1425 } |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1426 |
6436 | 1427 if (u->connected && !c->read->delayed && !pc->read->delayed) { |
1428 ngx_add_timer(c->write, pscf->timeout); | |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1429 } |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1430 |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1431 return; |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1432 } |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1433 |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1434 } else { |
6436 | 1435 if (s->connection->type == SOCK_DGRAM) { |
7393
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1436 |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1437 if (pscf->responses == NGX_MAX_INT32_VALUE |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1438 || (u->responses >= pscf->responses * u->requests)) |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1439 { |
6436 | 1440 |
1441 /* | |
1442 * successfully terminate timed out UDP session | |
7393
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1443 * if expected number of responses was received |
6436 | 1444 */ |
1445 | |
7286 | 1446 handler = c->log->handler; |
1447 c->log->handler = NULL; | |
1448 | |
1449 ngx_log_error(NGX_LOG_INFO, c->log, 0, | |
1450 "udp timed out" | |
1451 ", packets from/to client:%ui/%ui" | |
1452 ", bytes from/to client:%O/%O" | |
1453 ", bytes from/to upstream:%O/%O", | |
1454 u->requests, u->responses, | |
1455 s->received, c->sent, u->received, | |
1456 pc ? pc->sent : 0); | |
1457 | |
1458 c->log->handler = handler; | |
1459 | |
1460 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); | |
6436 | 1461 return; |
1462 } | |
1463 | |
7105
0846dd76a487
Stream: fixed logging UDP upstream timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7098
diff
changeset
|
1464 ngx_connection_error(pc, NGX_ETIMEDOUT, "upstream timed out"); |
0846dd76a487
Stream: fixed logging UDP upstream timeout.
Roman Arutyunyan <arut@nginx.com>
parents:
7098
diff
changeset
|
1465 |
7286 | 1466 pc->read->error = 1; |
1467 | |
1468 ngx_stream_proxy_finalize(s, NGX_STREAM_BAD_GATEWAY); | |
1469 | |
1470 return; | |
6436 | 1471 } |
1472 | |
7286 | 1473 ngx_connection_error(c, NGX_ETIMEDOUT, "connection timed out"); |
1474 | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1475 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); |
7286 | 1476 |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1477 return; |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1478 } |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1479 |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1480 } else if (ev->delayed) { |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1481 |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1482 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1483 "stream connection delayed"); |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1484 |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1485 if (ngx_handle_read_event(ev, 0) != NGX_OK) { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1486 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1487 } |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1488 |
6115 | 1489 return; |
1490 } | |
1491 | |
6202
6345822f0abb
Stream: upstream "connected" flag.
Roman Arutyunyan <arut@nginx.com>
parents:
6201
diff
changeset
|
1492 if (from_upstream && !u->connected) { |
6200
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1493 return; |
6115 | 1494 } |
1495 | |
6200
abee77018d3a
Stream: common handler for upstream and downstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
1496 ngx_stream_proxy_process(s, from_upstream, ev->write); |
6115 | 1497 } |
1498 | |
1499 | |
1500 static void | |
1501 ngx_stream_proxy_connect_handler(ngx_event_t *ev) | |
1502 { | |
1503 ngx_connection_t *c; | |
1504 ngx_stream_session_t *s; | |
1505 | |
1506 c = ev->data; | |
1507 s = c->data; | |
1508 | |
1509 if (ev->timedout) { | |
1510 ngx_log_error(NGX_LOG_ERR, c->log, NGX_ETIMEDOUT, "upstream timed out"); | |
1511 ngx_stream_proxy_next_upstream(s); | |
1512 return; | |
1513 } | |
1514 | |
1515 ngx_del_timer(c->write); | |
1516 | |
1517 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, | |
1518 "stream proxy connect upstream"); | |
1519 | |
1520 if (ngx_stream_proxy_test_connect(c) != NGX_OK) { | |
1521 ngx_stream_proxy_next_upstream(s); | |
1522 return; | |
1523 } | |
1524 | |
1525 ngx_stream_proxy_init_upstream(s); | |
1526 } | |
1527 | |
1528 | |
1529 static ngx_int_t | |
1530 ngx_stream_proxy_test_connect(ngx_connection_t *c) | |
1531 { | |
1532 int err; | |
1533 socklen_t len; | |
1534 | |
1535 #if (NGX_HAVE_KQUEUE) | |
1536 | |
1537 if (ngx_event_flags & NGX_USE_KQUEUE_EVENT) { | |
1538 err = c->write->kq_errno ? c->write->kq_errno : c->read->kq_errno; | |
1539 | |
1540 if (err) { | |
1541 (void) ngx_connection_error(c, err, | |
1542 "kevent() reported that connect() failed"); | |
1543 return NGX_ERROR; | |
1544 } | |
1545 | |
1546 } else | |
1547 #endif | |
1548 { | |
1549 err = 0; | |
1550 len = sizeof(int); | |
1551 | |
1552 /* | |
1553 * BSDs and Linux return 0 and set a pending error in err | |
1554 * Solaris returns -1 and sets errno | |
1555 */ | |
1556 | |
1557 if (getsockopt(c->fd, SOL_SOCKET, SO_ERROR, (void *) &err, &len) | |
1558 == -1) | |
1559 { | |
1560 err = ngx_socket_errno; | |
1561 } | |
1562 | |
1563 if (err) { | |
1564 (void) ngx_connection_error(c, err, "connect() failed"); | |
1565 return NGX_ERROR; | |
1566 } | |
1567 } | |
1568 | |
1569 return NGX_OK; | |
1570 } | |
1571 | |
1572 | |
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
1573 static void |
6115 | 1574 ngx_stream_proxy_process(ngx_stream_session_t *s, ngx_uint_t from_upstream, |
1575 ngx_uint_t do_write) | |
1576 { | |
7250
ec4d95eed062
Stream: set action before each recv/send while proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7174
diff
changeset
|
1577 char *recv_action, *send_action; |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1578 off_t *received, limit; |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1579 size_t size, limit_rate; |
6115 | 1580 ssize_t n; |
1581 ngx_buf_t *b; | |
6692 | 1582 ngx_int_t rc; |
7286 | 1583 ngx_uint_t flags, *packets; |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1584 ngx_msec_t delay; |
6692 | 1585 ngx_chain_t *cl, **ll, **out, **busy; |
6115 | 1586 ngx_connection_t *c, *pc, *src, *dst; |
1587 ngx_log_handler_pt handler; | |
1588 ngx_stream_upstream_t *u; | |
1589 ngx_stream_proxy_srv_conf_t *pscf; | |
1590 | |
1591 u = s->upstream; | |
1592 | |
1593 c = s->connection; | |
6202
6345822f0abb
Stream: upstream "connected" flag.
Roman Arutyunyan <arut@nginx.com>
parents:
6201
diff
changeset
|
1594 pc = u->connected ? u->peer.connection : NULL; |
6115 | 1595 |
6436 | 1596 if (c->type == SOCK_DGRAM && (ngx_terminate || ngx_exiting)) { |
1597 | |
1598 /* socket is already closed on worker shutdown */ | |
1599 | |
1600 handler = c->log->handler; | |
1601 c->log->handler = NULL; | |
1602 | |
1603 ngx_log_error(NGX_LOG_INFO, c->log, 0, "disconnected on shutdown"); | |
1604 | |
1605 c->log->handler = handler; | |
1606 | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1607 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); |
6436 | 1608 return; |
1609 } | |
1610 | |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1611 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1612 |
6115 | 1613 if (from_upstream) { |
1614 src = pc; | |
1615 dst = c; | |
1616 b = &u->upstream_buf; | |
7505
16a1adadf437
Variables support in proxy_upload_rate and proxy_download_rate.
Ruslan Ermilov <ru@nginx.com>
parents:
7473
diff
changeset
|
1617 limit_rate = u->download_rate; |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1618 received = &u->received; |
7286 | 1619 packets = &u->responses; |
6692 | 1620 out = &u->downstream_out; |
1621 busy = &u->downstream_busy; | |
7250
ec4d95eed062
Stream: set action before each recv/send while proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7174
diff
changeset
|
1622 recv_action = "proxying and reading from upstream"; |
ec4d95eed062
Stream: set action before each recv/send while proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7174
diff
changeset
|
1623 send_action = "proxying and sending to client"; |
6115 | 1624 |
1625 } else { | |
1626 src = c; | |
1627 dst = pc; | |
1628 b = &u->downstream_buf; | |
7505
16a1adadf437
Variables support in proxy_upload_rate and proxy_download_rate.
Ruslan Ermilov <ru@nginx.com>
parents:
7473
diff
changeset
|
1629 limit_rate = u->upload_rate; |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1630 received = &s->received; |
7286 | 1631 packets = &u->requests; |
6692 | 1632 out = &u->upstream_out; |
1633 busy = &u->upstream_busy; | |
7250
ec4d95eed062
Stream: set action before each recv/send while proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7174
diff
changeset
|
1634 recv_action = "proxying and reading from client"; |
ec4d95eed062
Stream: set action before each recv/send while proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7174
diff
changeset
|
1635 send_action = "proxying and sending to upstream"; |
6115 | 1636 } |
1637 | |
1638 for ( ;; ) { | |
1639 | |
6692 | 1640 if (do_write && dst) { |
1641 | |
1642 if (*out || *busy || dst->buffered) { | |
7250
ec4d95eed062
Stream: set action before each recv/send while proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7174
diff
changeset
|
1643 c->log->action = send_action; |
ec4d95eed062
Stream: set action before each recv/send while proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7174
diff
changeset
|
1644 |
6692 | 1645 rc = ngx_stream_top_filter(s, *out, from_upstream); |
1646 | |
1647 if (rc == NGX_ERROR) { | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1648 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); |
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
1649 return; |
6115 | 1650 } |
1651 | |
6692 | 1652 ngx_chain_update_chains(c->pool, &u->free, busy, out, |
1653 (ngx_buf_tag_t) &ngx_stream_proxy_module); | |
1654 | |
1655 if (*busy == NULL) { | |
1656 b->pos = b->start; | |
1657 b->last = b->start; | |
6115 | 1658 } |
1659 } | |
1660 } | |
1661 | |
1662 size = b->end - b->last; | |
1663 | |
6868
ee3645078759
Stream: avoid infinite loop in case of socket read error.
Vladimir Homutov <vl@nginx.com>
parents:
6863
diff
changeset
|
1664 if (size && src->read->ready && !src->read->delayed |
ee3645078759
Stream: avoid infinite loop in case of socket read error.
Vladimir Homutov <vl@nginx.com>
parents:
6863
diff
changeset
|
1665 && !src->read->error) |
ee3645078759
Stream: avoid infinite loop in case of socket read error.
Vladimir Homutov <vl@nginx.com>
parents:
6863
diff
changeset
|
1666 { |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1667 if (limit_rate) { |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1668 limit = (off_t) limit_rate * (ngx_time() - u->start_sec + 1) |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1669 - *received; |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1670 |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1671 if (limit <= 0) { |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1672 src->read->delayed = 1; |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1673 delay = (ngx_msec_t) (- limit * 1000 / limit_rate + 1); |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1674 ngx_add_timer(src->read, delay); |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1675 break; |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1676 } |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1677 |
7441
8acaa1161783
Stream: do not split datagrams when limiting proxy rate.
Roman Arutyunyan <arut@nginx.com>
parents:
7440
diff
changeset
|
1678 if (c->type == SOCK_STREAM && (off_t) size > limit) { |
6203
fdfdcad62875
Stream: fixed MSVC compilation warning.
Roman Arutyunyan <arut@nginx.com>
parents:
6202
diff
changeset
|
1679 size = (size_t) limit; |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1680 } |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1681 } |
6115 | 1682 |
7250
ec4d95eed062
Stream: set action before each recv/send while proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7174
diff
changeset
|
1683 c->log->action = recv_action; |
ec4d95eed062
Stream: set action before each recv/send while proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7174
diff
changeset
|
1684 |
6115 | 1685 n = src->recv(src, b->last, size); |
1686 | |
6692 | 1687 if (n == NGX_AGAIN) { |
6115 | 1688 break; |
1689 } | |
1690 | |
6692 | 1691 if (n == NGX_ERROR) { |
1692 src->read->eof = 1; | |
1693 n = 0; | |
1694 } | |
1695 | |
1696 if (n >= 0) { | |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1697 if (limit_rate) { |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1698 delay = (ngx_msec_t) (n * 1000 / limit_rate); |
6115 | 1699 |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1700 if (delay > 0) { |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1701 src->read->delayed = 1; |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1702 ngx_add_timer(src->read, delay); |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1703 } |
6115 | 1704 } |
1705 | |
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1706 if (from_upstream) { |
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1707 if (u->state->first_byte_time == (ngx_msec_t) -1) { |
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1708 u->state->first_byte_time = ngx_current_msec |
7397
860d3907da1c
Upstream: revised upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
7393
diff
changeset
|
1709 - u->start_time; |
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1710 } |
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1711 } |
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1712 |
6692 | 1713 for (ll = out; *ll; ll = &(*ll)->next) { /* void */ } |
1714 | |
1715 cl = ngx_chain_get_free_buf(c->pool, &u->free); | |
1716 if (cl == NULL) { | |
1717 ngx_stream_proxy_finalize(s, | |
1718 NGX_STREAM_INTERNAL_SERVER_ERROR); | |
1719 return; | |
1720 } | |
1721 | |
1722 *ll = cl; | |
1723 | |
1724 cl->buf->pos = b->last; | |
1725 cl->buf->last = b->last + n; | |
1726 cl->buf->tag = (ngx_buf_tag_t) &ngx_stream_proxy_module; | |
1727 | |
1728 cl->buf->temporary = (n ? 1 : 0); | |
1729 cl->buf->last_buf = src->read->eof; | |
1730 cl->buf->flush = 1; | |
1731 | |
7286 | 1732 (*packets)++; |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1733 *received += n; |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1734 b->last += n; |
6115 | 1735 do_write = 1; |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1736 |
6115 | 1737 continue; |
1738 } | |
1739 } | |
1740 | |
1741 break; | |
1742 } | |
1743 | |
7250
ec4d95eed062
Stream: set action before each recv/send while proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7174
diff
changeset
|
1744 c->log->action = "proxying connection"; |
ec4d95eed062
Stream: set action before each recv/send while proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7174
diff
changeset
|
1745 |
7392
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1746 if (ngx_stream_proxy_test_finalize(s, from_upstream) == NGX_OK) { |
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
1747 return; |
6115 | 1748 } |
1749 | |
6124
f1f222db290b
Stream: prevent repeated event notifications after eof.
Roman Arutyunyan <arut@nginx.com>
parents:
6115
diff
changeset
|
1750 flags = src->read->eof ? NGX_CLOSE_EVENT : 0; |
f1f222db290b
Stream: prevent repeated event notifications after eof.
Roman Arutyunyan <arut@nginx.com>
parents:
6115
diff
changeset
|
1751 |
7440
6d4bc025c5a7
Prevented scheduling events on a shared connection.
Roman Arutyunyan <arut@nginx.com>
parents:
7397
diff
changeset
|
1752 if (ngx_handle_read_event(src->read, flags) != NGX_OK) { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1753 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
1754 return; |
6115 | 1755 } |
1756 | |
1757 if (dst) { | |
7440
6d4bc025c5a7
Prevented scheduling events on a shared connection.
Roman Arutyunyan <arut@nginx.com>
parents:
7397
diff
changeset
|
1758 if (ngx_handle_write_event(dst->write, 0) != NGX_OK) { |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1759 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
6435
d1c791479bbb
Stream: post first read events from client and upstream.
Roman Arutyunyan <arut@nginx.com>
parents:
6393
diff
changeset
|
1760 return; |
6115 | 1761 } |
1762 | |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1763 if (!c->read->delayed && !pc->read->delayed) { |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1764 ngx_add_timer(c->write, pscf->timeout); |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1765 |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1766 } else if (c->write->timer_set) { |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1767 ngx_del_timer(c->write); |
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
1768 } |
6115 | 1769 } |
1770 } | |
1771 | |
1772 | |
7392
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1773 static ngx_int_t |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1774 ngx_stream_proxy_test_finalize(ngx_stream_session_t *s, |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1775 ngx_uint_t from_upstream) |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1776 { |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1777 ngx_connection_t *c, *pc; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1778 ngx_log_handler_pt handler; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1779 ngx_stream_upstream_t *u; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1780 ngx_stream_proxy_srv_conf_t *pscf; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1781 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1782 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1783 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1784 c = s->connection; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1785 u = s->upstream; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1786 pc = u->connected ? u->peer.connection : NULL; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1787 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1788 if (c->type == SOCK_DGRAM) { |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1789 |
7393
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1790 if (pscf->requests && u->requests < pscf->requests) { |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1791 return NGX_DECLINED; |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1792 } |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1793 |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1794 if (pscf->requests) { |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1795 ngx_delete_udp_connection(c); |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1796 } |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
1797 |
7392
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1798 if (pscf->responses == NGX_MAX_INT32_VALUE |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1799 || u->responses < pscf->responses * u->requests) |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1800 { |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1801 return NGX_DECLINED; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1802 } |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1803 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1804 if (pc == NULL || c->buffered || pc->buffered) { |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1805 return NGX_DECLINED; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1806 } |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1807 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1808 handler = c->log->handler; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1809 c->log->handler = NULL; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1810 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1811 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1812 "udp done" |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1813 ", packets from/to client:%ui/%ui" |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1814 ", bytes from/to client:%O/%O" |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1815 ", bytes from/to upstream:%O/%O", |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1816 u->requests, u->responses, |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1817 s->received, c->sent, u->received, pc ? pc->sent : 0); |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1818 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1819 c->log->handler = handler; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1820 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1821 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1822 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1823 return NGX_OK; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1824 } |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1825 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1826 /* c->type == SOCK_STREAM */ |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1827 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1828 if (pc == NULL |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1829 || (!c->read->eof && !pc->read->eof) |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1830 || (!c->read->eof && c->buffered) |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1831 || (!pc->read->eof && pc->buffered)) |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1832 { |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1833 return NGX_DECLINED; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1834 } |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1835 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1836 handler = c->log->handler; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1837 c->log->handler = NULL; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1838 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1839 ngx_log_error(NGX_LOG_INFO, c->log, 0, |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1840 "%s disconnected" |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1841 ", bytes from/to client:%O/%O" |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1842 ", bytes from/to upstream:%O/%O", |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1843 from_upstream ? "upstream" : "client", |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1844 s->received, c->sent, u->received, pc ? pc->sent : 0); |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1845 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1846 c->log->handler = handler; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1847 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1848 ngx_stream_proxy_finalize(s, NGX_STREAM_OK); |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1849 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1850 return NGX_OK; |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1851 } |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1852 |
04ff25798002
Stream: session completion check code moved to a separate function.
Vladimir Homutov <vl@nginx.com>
parents:
7371
diff
changeset
|
1853 |
6115 | 1854 static void |
1855 ngx_stream_proxy_next_upstream(ngx_stream_session_t *s) | |
1856 { | |
1857 ngx_msec_t timeout; | |
1858 ngx_connection_t *pc; | |
1859 ngx_stream_upstream_t *u; | |
1860 ngx_stream_proxy_srv_conf_t *pscf; | |
1861 | |
1862 ngx_log_debug0(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, | |
1863 "stream proxy next upstream"); | |
1864 | |
1865 u = s->upstream; | |
6692 | 1866 pc = u->peer.connection; |
1867 | |
7098
7bfbf73db920
Stream: relaxed next upstream condition (ticket #1317).
Roman Arutyunyan <arut@nginx.com>
parents:
7007
diff
changeset
|
1868 if (pc && pc->buffered) { |
6692 | 1869 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, |
7098
7bfbf73db920
Stream: relaxed next upstream condition (ticket #1317).
Roman Arutyunyan <arut@nginx.com>
parents:
7007
diff
changeset
|
1870 "buffered data on next upstream"); |
6692 | 1871 ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); |
1872 return; | |
1873 } | |
6115 | 1874 |
7098
7bfbf73db920
Stream: relaxed next upstream condition (ticket #1317).
Roman Arutyunyan <arut@nginx.com>
parents:
7007
diff
changeset
|
1875 if (s->connection->type == SOCK_DGRAM) { |
7bfbf73db920
Stream: relaxed next upstream condition (ticket #1317).
Roman Arutyunyan <arut@nginx.com>
parents:
7007
diff
changeset
|
1876 u->upstream_out = NULL; |
7bfbf73db920
Stream: relaxed next upstream condition (ticket #1317).
Roman Arutyunyan <arut@nginx.com>
parents:
7007
diff
changeset
|
1877 } |
7bfbf73db920
Stream: relaxed next upstream condition (ticket #1317).
Roman Arutyunyan <arut@nginx.com>
parents:
7007
diff
changeset
|
1878 |
6115 | 1879 if (u->peer.sockaddr) { |
1880 u->peer.free(&u->peer, u->peer.data, NGX_PEER_FAILED); | |
1881 u->peer.sockaddr = NULL; | |
1882 } | |
1883 | |
1884 pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); | |
1885 | |
1886 timeout = pscf->next_upstream_timeout; | |
1887 | |
1888 if (u->peer.tries == 0 | |
1889 || !pscf->next_upstream | |
1890 || (timeout && ngx_current_msec - u->peer.start_time >= timeout)) | |
1891 { | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1892 ngx_stream_proxy_finalize(s, NGX_STREAM_BAD_GATEWAY); |
6115 | 1893 return; |
1894 } | |
1895 | |
1896 if (pc) { | |
1897 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, | |
1898 "close proxy upstream connection: %d", pc->fd); | |
1899 | |
1900 #if (NGX_STREAM_SSL) | |
1901 if (pc->ssl) { | |
1902 pc->ssl->no_wait_shutdown = 1; | |
1903 pc->ssl->no_send_shutdown = 1; | |
1904 | |
1905 (void) ngx_ssl_shutdown(pc); | |
1906 } | |
1907 #endif | |
1908 | |
6676
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1909 u->state->bytes_received = u->received; |
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1910 u->state->bytes_sent = pc->sent; |
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1911 |
6115 | 1912 ngx_close_connection(pc); |
1913 u->peer.connection = NULL; | |
1914 } | |
1915 | |
1916 ngx_stream_proxy_connect(s); | |
1917 } | |
1918 | |
1919 | |
1920 static void | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1921 ngx_stream_proxy_finalize(ngx_stream_session_t *s, ngx_uint_t rc) |
6115 | 1922 { |
7286 | 1923 ngx_uint_t state; |
6115 | 1924 ngx_connection_t *pc; |
1925 ngx_stream_upstream_t *u; | |
1926 | |
1927 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, | |
1928 "finalize stream proxy: %i", rc); | |
1929 | |
1930 u = s->upstream; | |
1931 | |
1932 if (u == NULL) { | |
1933 goto noupstream; | |
1934 } | |
1935 | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1936 if (u->resolved && u->resolved->ctx) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1937 ngx_resolve_name_done(u->resolved->ctx); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1938 u->resolved->ctx = NULL; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1939 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
1940 |
6676
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1941 pc = u->peer.connection; |
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1942 |
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1943 if (u->state) { |
7397
860d3907da1c
Upstream: revised upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
7393
diff
changeset
|
1944 if (u->state->response_time == (ngx_msec_t) -1) { |
860d3907da1c
Upstream: revised upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
7393
diff
changeset
|
1945 u->state->response_time = ngx_current_msec - u->start_time; |
860d3907da1c
Upstream: revised upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
7393
diff
changeset
|
1946 } |
6677
c02290241cbe
Stream: upstream response time variables.
Vladimir Homutov <vl@nginx.com>
parents:
6676
diff
changeset
|
1947 |
6676
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1948 if (pc) { |
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1949 u->state->bytes_received = u->received; |
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1950 u->state->bytes_sent = pc->sent; |
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1951 } |
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1952 } |
df3a7c029dec
Stream: $upstream_bytes_sent and $upstream_bytes_received.
Vladimir Homutov <vl@nginx.com>
parents:
6675
diff
changeset
|
1953 |
6115 | 1954 if (u->peer.free && u->peer.sockaddr) { |
7286 | 1955 state = 0; |
1956 | |
1957 if (pc && pc->type == SOCK_DGRAM | |
1958 && (pc->read->error || pc->write->error)) | |
1959 { | |
1960 state = NGX_PEER_FAILED; | |
1961 } | |
1962 | |
1963 u->peer.free(&u->peer, u->peer.data, state); | |
6115 | 1964 u->peer.sockaddr = NULL; |
1965 } | |
1966 | |
1967 if (pc) { | |
1968 ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, | |
1969 "close stream proxy upstream connection: %d", pc->fd); | |
1970 | |
1971 #if (NGX_STREAM_SSL) | |
1972 if (pc->ssl) { | |
1973 pc->ssl->no_wait_shutdown = 1; | |
1974 (void) ngx_ssl_shutdown(pc); | |
1975 } | |
1976 #endif | |
1977 | |
1978 ngx_close_connection(pc); | |
1979 u->peer.connection = NULL; | |
1980 } | |
1981 | |
1982 noupstream: | |
1983 | |
6674
38143d1abdec
Stream: the $status variable.
Roman Arutyunyan <arut@nginx.com>
parents:
6648
diff
changeset
|
1984 ngx_stream_finalize_session(s, rc); |
6115 | 1985 } |
1986 | |
1987 | |
1988 static u_char * | |
1989 ngx_stream_proxy_log_error(ngx_log_t *log, u_char *buf, size_t len) | |
1990 { | |
1991 u_char *p; | |
1992 ngx_connection_t *pc; | |
1993 ngx_stream_session_t *s; | |
1994 ngx_stream_upstream_t *u; | |
1995 | |
1996 s = log->data; | |
1997 | |
1998 u = s->upstream; | |
1999 | |
2000 p = buf; | |
2001 | |
2002 if (u->peer.name) { | |
2003 p = ngx_snprintf(p, len, ", upstream: \"%V\"", u->peer.name); | |
2004 len -= p - buf; | |
2005 } | |
2006 | |
2007 pc = u->peer.connection; | |
2008 | |
2009 p = ngx_snprintf(p, len, | |
2010 ", bytes from/to client:%O/%O" | |
2011 ", bytes from/to upstream:%O/%O", | |
2012 s->received, s->connection->sent, | |
2013 u->received, pc ? pc->sent : 0); | |
2014 | |
2015 return p; | |
2016 } | |
2017 | |
2018 | |
2019 static void * | |
2020 ngx_stream_proxy_create_srv_conf(ngx_conf_t *cf) | |
2021 { | |
2022 ngx_stream_proxy_srv_conf_t *conf; | |
2023 | |
2024 conf = ngx_pcalloc(cf->pool, sizeof(ngx_stream_proxy_srv_conf_t)); | |
2025 if (conf == NULL) { | |
2026 return NULL; | |
2027 } | |
2028 | |
2029 /* | |
2030 * set by ngx_pcalloc(): | |
2031 * | |
2032 * conf->ssl_protocols = 0; | |
2033 * conf->ssl_ciphers = { 0, NULL }; | |
2034 * conf->ssl_trusted_certificate = { 0, NULL }; | |
2035 * conf->ssl_crl = { 0, NULL }; | |
2036 * | |
2037 * conf->ssl = NULL; | |
2038 * conf->upstream = NULL; | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2039 * conf->upstream_value = NULL; |
6115 | 2040 */ |
2041 | |
2042 conf->connect_timeout = NGX_CONF_UNSET_MSEC; | |
2043 conf->timeout = NGX_CONF_UNSET_MSEC; | |
2044 conf->next_upstream_timeout = NGX_CONF_UNSET_MSEC; | |
6215
8ee6a08ea3eb
Stream: added proxy_buffer_size to set the size of data buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
6208
diff
changeset
|
2045 conf->buffer_size = NGX_CONF_UNSET_SIZE; |
7831
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7787
diff
changeset
|
2046 conf->upload_rate = NGX_CONF_UNSET_PTR; |
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7787
diff
changeset
|
2047 conf->download_rate = NGX_CONF_UNSET_PTR; |
7393
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
2048 conf->requests = NGX_CONF_UNSET_UINT; |
6436 | 2049 conf->responses = NGX_CONF_UNSET_UINT; |
6115 | 2050 conf->next_upstream_tries = NGX_CONF_UNSET_UINT; |
2051 conf->next_upstream = NGX_CONF_UNSET; | |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
2052 conf->proxy_protocol = NGX_CONF_UNSET; |
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2053 conf->local = NGX_CONF_UNSET_PTR; |
7371
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
2054 conf->socket_keepalive = NGX_CONF_UNSET; |
6115 | 2055 |
2056 #if (NGX_STREAM_SSL) | |
2057 conf->ssl_enable = NGX_CONF_UNSET; | |
2058 conf->ssl_session_reuse = NGX_CONF_UNSET; | |
7831
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7787
diff
changeset
|
2059 conf->ssl_name = NGX_CONF_UNSET_PTR; |
6115 | 2060 conf->ssl_server_name = NGX_CONF_UNSET; |
2061 conf->ssl_verify = NGX_CONF_UNSET; | |
2062 conf->ssl_verify_depth = NGX_CONF_UNSET_UINT; | |
7833
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2063 conf->ssl_certificate = NGX_CONF_UNSET_PTR; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2064 conf->ssl_certificate_key = NGX_CONF_UNSET_PTR; |
6115 | 2065 conf->ssl_passwords = NGX_CONF_UNSET_PTR; |
7731
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
2066 conf->ssl_conf_commands = NGX_CONF_UNSET_PTR; |
6115 | 2067 #endif |
2068 | |
2069 return conf; | |
2070 } | |
2071 | |
2072 | |
2073 static char * | |
2074 ngx_stream_proxy_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) | |
2075 { | |
2076 ngx_stream_proxy_srv_conf_t *prev = parent; | |
2077 ngx_stream_proxy_srv_conf_t *conf = child; | |
2078 | |
2079 ngx_conf_merge_msec_value(conf->connect_timeout, | |
2080 prev->connect_timeout, 60000); | |
2081 | |
2082 ngx_conf_merge_msec_value(conf->timeout, | |
2083 prev->timeout, 10 * 60000); | |
2084 | |
2085 ngx_conf_merge_msec_value(conf->next_upstream_timeout, | |
2086 prev->next_upstream_timeout, 0); | |
2087 | |
6215
8ee6a08ea3eb
Stream: added proxy_buffer_size to set the size of data buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
6208
diff
changeset
|
2088 ngx_conf_merge_size_value(conf->buffer_size, |
8ee6a08ea3eb
Stream: added proxy_buffer_size to set the size of data buffers.
Roman Arutyunyan <arut@nginx.com>
parents:
6208
diff
changeset
|
2089 prev->buffer_size, 16384); |
6115 | 2090 |
7831
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7787
diff
changeset
|
2091 ngx_conf_merge_ptr_value(conf->upload_rate, prev->upload_rate, NULL); |
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7787
diff
changeset
|
2092 |
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7787
diff
changeset
|
2093 ngx_conf_merge_ptr_value(conf->download_rate, prev->download_rate, NULL); |
6201
24488e6db782
Stream: upstream and downstream limit rates.
Roman Arutyunyan <arut@nginx.com>
parents:
6200
diff
changeset
|
2094 |
7393
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
2095 ngx_conf_merge_uint_value(conf->requests, |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
2096 prev->requests, 0); |
4698cede59ff
Stream: proxy_requests directive.
Vladimir Homutov <vl@nginx.com>
parents:
7392
diff
changeset
|
2097 |
6436 | 2098 ngx_conf_merge_uint_value(conf->responses, |
2099 prev->responses, NGX_MAX_INT32_VALUE); | |
2100 | |
6115 | 2101 ngx_conf_merge_uint_value(conf->next_upstream_tries, |
2102 prev->next_upstream_tries, 0); | |
2103 | |
2104 ngx_conf_merge_value(conf->next_upstream, prev->next_upstream, 1); | |
2105 | |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
2106 ngx_conf_merge_value(conf->proxy_protocol, prev->proxy_protocol, 0); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
6183
diff
changeset
|
2107 |
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2108 ngx_conf_merge_ptr_value(conf->local, prev->local, NULL); |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2109 |
7371
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
2110 ngx_conf_merge_value(conf->socket_keepalive, |
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
2111 prev->socket_keepalive, 0); |
8b68d50090e4
Upstream: proxy_socket_keepalive and friends.
Vladimir Homutov <vl@nginx.com>
parents:
7320
diff
changeset
|
2112 |
6115 | 2113 #if (NGX_STREAM_SSL) |
2114 | |
2115 ngx_conf_merge_value(conf->ssl_enable, prev->ssl_enable, 0); | |
2116 | |
2117 ngx_conf_merge_value(conf->ssl_session_reuse, | |
2118 prev->ssl_session_reuse, 1); | |
2119 | |
2120 ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols, | |
6157
b2899e7d0ef8
Disabled SSLv3 by default (ticket #653).
Maxim Dounin <mdounin@mdounin.ru>
parents:
6124
diff
changeset
|
2121 (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1 |
b2899e7d0ef8
Disabled SSLv3 by default (ticket #653).
Maxim Dounin <mdounin@mdounin.ru>
parents:
6124
diff
changeset
|
2122 |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2)); |
6115 | 2123 |
2124 ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers, "DEFAULT"); | |
2125 | |
7831
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7787
diff
changeset
|
2126 ngx_conf_merge_ptr_value(conf->ssl_name, prev->ssl_name, NULL); |
6115 | 2127 |
2128 ngx_conf_merge_value(conf->ssl_server_name, prev->ssl_server_name, 0); | |
2129 | |
2130 ngx_conf_merge_value(conf->ssl_verify, prev->ssl_verify, 0); | |
2131 | |
2132 ngx_conf_merge_uint_value(conf->ssl_verify_depth, | |
2133 prev->ssl_verify_depth, 1); | |
2134 | |
2135 ngx_conf_merge_str_value(conf->ssl_trusted_certificate, | |
2136 prev->ssl_trusted_certificate, ""); | |
2137 | |
2138 ngx_conf_merge_str_value(conf->ssl_crl, prev->ssl_crl, ""); | |
2139 | |
7833
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2140 ngx_conf_merge_ptr_value(conf->ssl_certificate, |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2141 prev->ssl_certificate, NULL); |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2142 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2143 ngx_conf_merge_ptr_value(conf->ssl_certificate_key, |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2144 prev->ssl_certificate_key, NULL); |
6115 | 2145 |
2146 ngx_conf_merge_ptr_value(conf->ssl_passwords, prev->ssl_passwords, NULL); | |
2147 | |
7731
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
2148 ngx_conf_merge_ptr_value(conf->ssl_conf_commands, |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
2149 prev->ssl_conf_commands, NULL); |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
2150 |
6115 | 2151 if (conf->ssl_enable && ngx_stream_proxy_set_ssl(cf, conf) != NGX_OK) { |
2152 return NGX_CONF_ERROR; | |
2153 } | |
2154 | |
2155 #endif | |
2156 | |
2157 return NGX_CONF_OK; | |
2158 } | |
2159 | |
2160 | |
2161 #if (NGX_STREAM_SSL) | |
2162 | |
2163 static ngx_int_t | |
2164 ngx_stream_proxy_set_ssl(ngx_conf_t *cf, ngx_stream_proxy_srv_conf_t *pscf) | |
2165 { | |
2166 ngx_pool_cleanup_t *cln; | |
2167 | |
2168 pscf->ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); | |
2169 if (pscf->ssl == NULL) { | |
2170 return NGX_ERROR; | |
2171 } | |
2172 | |
2173 pscf->ssl->log = cf->log; | |
2174 | |
2175 if (ngx_ssl_create(pscf->ssl, pscf->ssl_protocols, NULL) != NGX_OK) { | |
2176 return NGX_ERROR; | |
2177 } | |
2178 | |
2179 cln = ngx_pool_cleanup_add(cf->pool, 0); | |
2180 if (cln == NULL) { | |
7473
8981dbb12254
SSL: fixed potential leak on memory allocation errors.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7441
diff
changeset
|
2181 ngx_ssl_cleanup_ctx(pscf->ssl); |
6115 | 2182 return NGX_ERROR; |
2183 } | |
2184 | |
2185 cln->handler = ngx_ssl_cleanup_ctx; | |
2186 cln->data = pscf->ssl; | |
2187 | |
7833
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2188 if (pscf->ssl_certificate) { |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2189 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2190 if (pscf->ssl_certificate_key == NULL) { |
6115 | 2191 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, |
2192 "no \"proxy_ssl_certificate_key\" is defined " | |
7833
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2193 "for certificate \"%V\"", |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2194 &pscf->ssl_certificate->value); |
6115 | 2195 return NGX_ERROR; |
2196 } | |
2197 | |
7833
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2198 if (pscf->ssl_certificate->lengths |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2199 || pscf->ssl_certificate_key->lengths) |
6115 | 2200 { |
7833
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2201 pscf->ssl_passwords = |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2202 ngx_ssl_preserve_passwords(cf, pscf->ssl_passwords); |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2203 if (pscf->ssl_passwords == NULL) { |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2204 return NGX_ERROR; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2205 } |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2206 |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2207 } else { |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2208 if (ngx_ssl_certificate(cf, pscf->ssl, |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2209 &pscf->ssl_certificate->value, |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2210 &pscf->ssl_certificate_key->value, |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2211 pscf->ssl_passwords) |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2212 != NGX_OK) |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2213 { |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2214 return NGX_ERROR; |
3ab8e1e2f0f7
Upstream: variables support in certificates.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7831
diff
changeset
|
2215 } |
6115 | 2216 } |
2217 } | |
2218 | |
6591
04d8d1f85649
SSL: ngx_ssl_ciphers() to set list of ciphers.
Tim Taubert <tim@timtaubert.de>
parents:
6530
diff
changeset
|
2219 if (ngx_ssl_ciphers(cf, pscf->ssl, &pscf->ssl_ciphers, 0) != NGX_OK) { |
6115 | 2220 return NGX_ERROR; |
2221 } | |
2222 | |
2223 if (pscf->ssl_verify) { | |
2224 if (pscf->ssl_trusted_certificate.len == 0) { | |
2225 ngx_log_error(NGX_LOG_EMERG, cf->log, 0, | |
2226 "no proxy_ssl_trusted_certificate for proxy_ssl_verify"); | |
2227 return NGX_ERROR; | |
2228 } | |
2229 | |
2230 if (ngx_ssl_trusted_certificate(cf, pscf->ssl, | |
2231 &pscf->ssl_trusted_certificate, | |
2232 pscf->ssl_verify_depth) | |
2233 != NGX_OK) | |
2234 { | |
2235 return NGX_ERROR; | |
2236 } | |
2237 | |
2238 if (ngx_ssl_crl(cf, pscf->ssl, &pscf->ssl_crl) != NGX_OK) { | |
2239 return NGX_ERROR; | |
2240 } | |
2241 } | |
2242 | |
7320
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
2243 if (ngx_ssl_client_session_cache(cf, pscf->ssl, pscf->ssl_session_reuse) |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
2244 != NGX_OK) |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
2245 { |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
2246 return NGX_ERROR; |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
2247 } |
696df3ac27ac
SSL: save sessions for upstream peers using a callback function.
Sergey Kandaurov <pluknet@nginx.com>
parents:
7286
diff
changeset
|
2248 |
7731
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
2249 if (ngx_ssl_conf_commands(cf, pscf->ssl, pscf->ssl_conf_commands) |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
2250 != NGX_OK) |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
2251 { |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
2252 return NGX_ERROR; |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
2253 } |
fd0b2226919b
Stream: proxy_ssl_conf_command directive.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7665
diff
changeset
|
2254 |
6115 | 2255 return NGX_OK; |
2256 } | |
2257 | |
2258 #endif | |
2259 | |
2260 | |
2261 static char * | |
2262 ngx_stream_proxy_pass(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
2263 { | |
2264 ngx_stream_proxy_srv_conf_t *pscf = conf; | |
2265 | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2266 ngx_url_t u; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2267 ngx_str_t *value, *url; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2268 ngx_stream_complex_value_t cv; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2269 ngx_stream_core_srv_conf_t *cscf; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2270 ngx_stream_compile_complex_value_t ccv; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2271 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2272 if (pscf->upstream || pscf->upstream_value) { |
6115 | 2273 return "is duplicate"; |
2274 } | |
2275 | |
2276 cscf = ngx_stream_conf_get_module_srv_conf(cf, ngx_stream_core_module); | |
2277 | |
2278 cscf->handler = ngx_stream_proxy_handler; | |
2279 | |
2280 value = cf->args->elts; | |
2281 | |
2282 url = &value[1]; | |
2283 | |
6643
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2284 ngx_memzero(&ccv, sizeof(ngx_stream_compile_complex_value_t)); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2285 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2286 ccv.cf = cf; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2287 ccv.value = url; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2288 ccv.complex_value = &cv; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2289 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2290 if (ngx_stream_compile_complex_value(&ccv) != NGX_OK) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2291 return NGX_CONF_ERROR; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2292 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2293 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2294 if (cv.lengths) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2295 pscf->upstream_value = ngx_palloc(cf->pool, |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2296 sizeof(ngx_stream_complex_value_t)); |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2297 if (pscf->upstream_value == NULL) { |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2298 return NGX_CONF_ERROR; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2299 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2300 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2301 *pscf->upstream_value = cv; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2302 |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2303 return NGX_CONF_OK; |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2304 } |
9757cffc1e2f
Stream: variables in proxy_pass and proxy_ssl_name.
Vladimir Homutov <vl@nginx.com>
parents:
6610
diff
changeset
|
2305 |
6115 | 2306 ngx_memzero(&u, sizeof(ngx_url_t)); |
2307 | |
2308 u.url = *url; | |
2309 u.no_resolve = 1; | |
2310 | |
2311 pscf->upstream = ngx_stream_upstream_add(cf, &u, 0); | |
2312 if (pscf->upstream == NULL) { | |
2313 return NGX_CONF_ERROR; | |
2314 } | |
2315 | |
2316 return NGX_CONF_OK; | |
2317 } | |
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2318 |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2319 |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2320 static char * |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2321 ngx_stream_proxy_bind(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2322 { |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2323 ngx_stream_proxy_srv_conf_t *pscf = conf; |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2324 |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2325 ngx_int_t rc; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2326 ngx_str_t *value; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2327 ngx_stream_complex_value_t cv; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2328 ngx_stream_upstream_local_t *local; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2329 ngx_stream_compile_complex_value_t ccv; |
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2330 |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2331 if (pscf->local != NGX_CONF_UNSET_PTR) { |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2332 return "is duplicate"; |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2333 } |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2334 |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2335 value = cf->args->elts; |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2336 |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2337 if (cf->args->nelts == 2 && ngx_strcmp(value[1].data, "off") == 0) { |
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2338 pscf->local = NULL; |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2339 return NGX_CONF_OK; |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2340 } |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2341 |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2342 ngx_memzero(&ccv, sizeof(ngx_stream_compile_complex_value_t)); |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2343 |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2344 ccv.cf = cf; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2345 ccv.value = &value[1]; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2346 ccv.complex_value = &cv; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2347 |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2348 if (ngx_stream_compile_complex_value(&ccv) != NGX_OK) { |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2349 return NGX_CONF_ERROR; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2350 } |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2351 |
6598
4a724d6006ee
Stream: use ngx_pcalloc() in ngx_stream_proxy_bind().
Roman Arutyunyan <arut@nginx.com>
parents:
6595
diff
changeset
|
2352 local = ngx_pcalloc(cf->pool, sizeof(ngx_stream_upstream_local_t)); |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2353 if (local == NULL) { |
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2354 return NGX_CONF_ERROR; |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2355 } |
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2356 |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2357 pscf->local = local; |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2358 |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2359 if (cv.lengths) { |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2360 local->value = ngx_palloc(cf->pool, sizeof(ngx_stream_complex_value_t)); |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2361 if (local->value == NULL) { |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2362 return NGX_CONF_ERROR; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2363 } |
6595
0c98c4092440
Stream: support for $remote_port in proxy_bind.
Roman Arutyunyan <arut@nginx.com>
parents:
6594
diff
changeset
|
2364 |
6610
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2365 *local->value = cv; |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2366 |
d5b5866c06c4
Stream: got rid of pseudo variables.
Vladimir Homutov <vl@nginx.com>
parents:
6606
diff
changeset
|
2367 } else { |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2368 local->addr = ngx_palloc(cf->pool, sizeof(ngx_addr_t)); |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2369 if (local->addr == NULL) { |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2370 return NGX_CONF_ERROR; |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2371 } |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2372 |
6594
3c87b82b17d4
Upstream: support for port in proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6593
diff
changeset
|
2373 rc = ngx_parse_addr_port(cf->pool, local->addr, value[1].data, |
3c87b82b17d4
Upstream: support for port in proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6593
diff
changeset
|
2374 value[1].len); |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2375 |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2376 switch (rc) { |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2377 case NGX_OK: |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2378 local->addr->name = value[1]; |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2379 break; |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2380 |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2381 case NGX_DECLINED: |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2382 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2383 "invalid address \"%V\"", &value[1]); |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2384 /* fall through */ |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2385 |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2386 default: |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2387 return NGX_CONF_ERROR; |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2388 } |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2389 } |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2390 |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2391 if (cf->args->nelts > 2) { |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2392 if (ngx_strcmp(value[2].data, "transparent") == 0) { |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2393 #if (NGX_HAVE_TRANSPARENT_PROXY) |
7174
84e53e4735a4
Retain CAP_NET_RAW capability for transparent proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7156
diff
changeset
|
2394 ngx_core_conf_t *ccf; |
84e53e4735a4
Retain CAP_NET_RAW capability for transparent proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7156
diff
changeset
|
2395 |
84e53e4735a4
Retain CAP_NET_RAW capability for transparent proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7156
diff
changeset
|
2396 ccf = (ngx_core_conf_t *) ngx_get_conf(cf->cycle->conf_ctx, |
84e53e4735a4
Retain CAP_NET_RAW capability for transparent proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7156
diff
changeset
|
2397 ngx_core_module); |
84e53e4735a4
Retain CAP_NET_RAW capability for transparent proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7156
diff
changeset
|
2398 |
84e53e4735a4
Retain CAP_NET_RAW capability for transparent proxying.
Roman Arutyunyan <arut@nginx.com>
parents:
7156
diff
changeset
|
2399 ccf->transparent = 1; |
6530
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2400 local->transparent = 1; |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2401 #else |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2402 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2403 "transparent proxying is not supported " |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2404 "on this platform, ignored"); |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2405 #endif |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2406 } else { |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2407 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2408 "invalid parameter \"%V\"", &value[2]); |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2409 return NGX_CONF_ERROR; |
1d0e03db9f8e
Upstream: the "transparent" parameter of proxy_bind and friends.
Roman Arutyunyan <arut@nginx.com>
parents:
6529
diff
changeset
|
2410 } |
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2411 } |
6529
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2412 |
cb8177ca0990
Stream: prepared proxy_bind to accept parameters.
Roman Arutyunyan <arut@nginx.com>
parents:
6461
diff
changeset
|
2413 return NGX_CONF_OK; |
6183
4dcffe43a7ea
Stream: the "proxy_bind" directive.
Vladimir Homutov <vl@nginx.com>
parents:
6174
diff
changeset
|
2414 } |