Mercurial > hg > nginx
annotate src/core/ngx_proxy_protocol.c @ 9331:dbf76fdd109f default tip
release-1.27.4 tag
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 03 Sep 2024 13:11:25 +0300 |
parents | 42bc158a47ec |
children |
rev | line source |
---|---|
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
1 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
2 /* |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
3 * Copyright (C) Roman Arutyunyan |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
4 * Copyright (C) Nginx, Inc. |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
5 */ |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
6 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
7 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
8 #include <ngx_config.h> |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
9 #include <ngx_core.h> |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
10 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
11 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
12 #define NGX_PROXY_PROTOCOL_AF_INET 1 |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
13 #define NGX_PROXY_PROTOCOL_AF_INET6 2 |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
14 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
15 |
8073
aa663cc2a77d
Added type cast to ngx_proxy_protocol_parse_uint16().
Roman Arutyunyan <arut@nginx.com>
parents:
8072
diff
changeset
|
16 #define ngx_proxy_protocol_parse_uint16(p) \ |
aa663cc2a77d
Added type cast to ngx_proxy_protocol_parse_uint16().
Roman Arutyunyan <arut@nginx.com>
parents:
8072
diff
changeset
|
17 ( ((uint16_t) (p)[0] << 8) \ |
aa663cc2a77d
Added type cast to ngx_proxy_protocol_parse_uint16().
Roman Arutyunyan <arut@nginx.com>
parents:
8072
diff
changeset
|
18 + ( (p)[1]) ) |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
19 |
8072
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
20 #define ngx_proxy_protocol_parse_uint32(p) \ |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
21 ( ((uint32_t) (p)[0] << 24) \ |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
22 + ( (p)[1] << 16) \ |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
23 + ( (p)[2] << 8) \ |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
24 + ( (p)[3]) ) |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
25 |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
26 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
27 typedef struct { |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
28 u_char signature[12]; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
29 u_char version_command; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
30 u_char family_transport; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
31 u_char len[2]; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
32 } ngx_proxy_protocol_header_t; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
33 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
34 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
35 typedef struct { |
7254
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
36 u_char src_addr[4]; |
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
37 u_char dst_addr[4]; |
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
38 u_char src_port[2]; |
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
39 u_char dst_port[2]; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
40 } ngx_proxy_protocol_inet_addrs_t; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
41 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
42 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
43 typedef struct { |
7254
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
44 u_char src_addr[16]; |
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
45 u_char dst_addr[16]; |
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
46 u_char src_port[2]; |
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
47 u_char dst_port[2]; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
48 } ngx_proxy_protocol_inet6_addrs_t; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
49 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
50 |
8072
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
51 typedef struct { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
52 u_char type; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
53 u_char len[2]; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
54 } ngx_proxy_protocol_tlv_t; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
55 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
56 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
57 typedef struct { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
58 u_char client; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
59 u_char verify[4]; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
60 } ngx_proxy_protocol_tlv_ssl_t; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
61 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
62 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
63 typedef struct { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
64 ngx_str_t name; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
65 ngx_uint_t type; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
66 } ngx_proxy_protocol_tlv_entry_t; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
67 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
68 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
69 static u_char *ngx_proxy_protocol_read_addr(ngx_connection_t *c, u_char *p, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
70 u_char *last, ngx_str_t *addr); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
71 static u_char *ngx_proxy_protocol_read_port(u_char *p, u_char *last, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
72 in_port_t *port, u_char sep); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
73 static u_char *ngx_proxy_protocol_v2_read(ngx_connection_t *c, u_char *buf, |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
74 u_char *last); |
8072
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
75 static ngx_int_t ngx_proxy_protocol_lookup_tlv(ngx_connection_t *c, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
76 ngx_str_t *tlvs, ngx_uint_t type, ngx_str_t *value); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
77 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
78 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
79 static ngx_proxy_protocol_tlv_entry_t ngx_proxy_protocol_tlv_entries[] = { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
80 { ngx_string("alpn"), 0x01 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
81 { ngx_string("authority"), 0x02 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
82 { ngx_string("unique_id"), 0x05 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
83 { ngx_string("ssl"), 0x20 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
84 { ngx_string("netns"), 0x30 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
85 { ngx_null_string, 0x00 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
86 }; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
87 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
88 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
89 static ngx_proxy_protocol_tlv_entry_t ngx_proxy_protocol_tlv_ssl_entries[] = { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
90 { ngx_string("version"), 0x21 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
91 { ngx_string("cn"), 0x22 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
92 { ngx_string("cipher"), 0x23 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
93 { ngx_string("sig_alg"), 0x24 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
94 { ngx_string("key_alg"), 0x25 }, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
95 { ngx_null_string, 0x00 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
96 }; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
97 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
98 |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
99 u_char * |
6185
a420cb1c170b
Core: renamed ngx_proxy_protocol_parse to ngx_proxy_protocol_read.
Roman Arutyunyan <arut@nginx.com>
parents:
6184
diff
changeset
|
100 ngx_proxy_protocol_read(ngx_connection_t *c, u_char *buf, u_char *last) |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
101 { |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
102 size_t len; |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
103 u_char *p; |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
104 ngx_proxy_protocol_t *pp; |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
105 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
106 static const u_char signature[] = "\r\n\r\n\0\r\nQUIT\n"; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
107 |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
108 p = buf; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
109 len = last - buf; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
110 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
111 if (len >= sizeof(ngx_proxy_protocol_header_t) |
8101
42bc158a47ec
Fixed PROXY protocol to use ngx_memcpy()/ngx_memcmp().
Maxim Dounin <mdounin@mdounin.ru>
parents:
8100
diff
changeset
|
112 && ngx_memcmp(p, signature, sizeof(signature) - 1) == 0) |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
113 { |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
114 return ngx_proxy_protocol_v2_read(c, buf, last); |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
115 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
116 |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
117 if (len < 8 || ngx_strncmp(p, "PROXY ", 6) != 0) { |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
118 goto invalid; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
119 } |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
120 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
121 p += 6; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
122 len -= 6; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
123 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
124 if (len >= 7 && ngx_strncmp(p, "UNKNOWN", 7) == 0) { |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
125 ngx_log_debug0(NGX_LOG_DEBUG_CORE, c->log, 0, |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
126 "PROXY protocol unknown protocol"); |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
127 p += 7; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
128 goto skip; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
129 } |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
130 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
131 if (len < 5 || ngx_strncmp(p, "TCP", 3) != 0 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
132 || (p[3] != '4' && p[3] != '6') || p[4] != ' ') |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
133 { |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
134 goto invalid; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
135 } |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
136 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
137 p += 5; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
138 |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
139 pp = ngx_pcalloc(c->pool, sizeof(ngx_proxy_protocol_t)); |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
140 if (pp == NULL) { |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
141 return NULL; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
142 } |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
143 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
144 p = ngx_proxy_protocol_read_addr(c, p, last, &pp->src_addr); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
145 if (p == NULL) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
146 goto invalid; |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
147 } |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
148 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
149 p = ngx_proxy_protocol_read_addr(c, p, last, &pp->dst_addr); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
150 if (p == NULL) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
151 goto invalid; |
6561
28c76d9d75b7
Added the $proxy_protocol_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6185
diff
changeset
|
152 } |
28c76d9d75b7
Added the $proxy_protocol_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6185
diff
changeset
|
153 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
154 p = ngx_proxy_protocol_read_port(p, last, &pp->src_port, ' '); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
155 if (p == NULL) { |
6561
28c76d9d75b7
Added the $proxy_protocol_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6185
diff
changeset
|
156 goto invalid; |
28c76d9d75b7
Added the $proxy_protocol_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6185
diff
changeset
|
157 } |
28c76d9d75b7
Added the $proxy_protocol_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6185
diff
changeset
|
158 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
159 p = ngx_proxy_protocol_read_port(p, last, &pp->dst_port, CR); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
160 if (p == NULL) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
161 goto invalid; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
162 } |
6561
28c76d9d75b7
Added the $proxy_protocol_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents:
6185
diff
changeset
|
163 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
164 if (p == last) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
165 goto invalid; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
166 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
167 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
168 if (*p++ != LF) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
169 goto invalid; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
170 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
171 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
172 ngx_log_debug4(NGX_LOG_DEBUG_CORE, c->log, 0, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
173 "PROXY protocol src: %V %d, dst: %V %d", |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
174 &pp->src_addr, pp->src_port, &pp->dst_addr, pp->dst_port); |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
175 |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
176 c->proxy_protocol = pp; |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
177 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
178 return p; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
179 |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
180 skip: |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
181 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
182 for ( /* void */ ; p < last - 1; p++) { |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
183 if (p[0] == CR && p[1] == LF) { |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
184 return p + 2; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
185 } |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
186 } |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
187 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
188 invalid: |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
189 |
8071
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
190 for (p = buf; p < last; p++) { |
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
191 if (*p == CR || *p == LF) { |
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
192 break; |
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
193 } |
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
194 } |
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
195 |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
196 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
8071
017fd847f4f7
Log only the first line of user input on PROXY protocol v1 error.
Roman Arutyunyan <arut@nginx.com>
parents:
7591
diff
changeset
|
197 "broken header: \"%*s\"", (size_t) (p - buf), buf); |
5605
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
198 |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
199 return NULL; |
3a72b1805c52
Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents:
diff
changeset
|
200 } |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
201 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
202 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
203 static u_char * |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
204 ngx_proxy_protocol_read_addr(ngx_connection_t *c, u_char *p, u_char *last, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
205 ngx_str_t *addr) |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
206 { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
207 size_t len; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
208 u_char ch, *pos; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
209 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
210 pos = p; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
211 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
212 for ( ;; ) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
213 if (p == last) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
214 return NULL; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
215 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
216 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
217 ch = *p++; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
218 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
219 if (ch == ' ') { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
220 break; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
221 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
222 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
223 if (ch != ':' && ch != '.' |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
224 && (ch < 'a' || ch > 'f') |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
225 && (ch < 'A' || ch > 'F') |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
226 && (ch < '0' || ch > '9')) |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
227 { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
228 return NULL; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
229 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
230 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
231 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
232 len = p - pos - 1; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
233 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
234 addr->data = ngx_pnalloc(c->pool, len); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
235 if (addr->data == NULL) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
236 return NULL; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
237 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
238 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
239 ngx_memcpy(addr->data, pos, len); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
240 addr->len = len; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
241 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
242 return p; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
243 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
244 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
245 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
246 static u_char * |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
247 ngx_proxy_protocol_read_port(u_char *p, u_char *last, in_port_t *port, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
248 u_char sep) |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
249 { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
250 size_t len; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
251 u_char *pos; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
252 ngx_int_t n; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
253 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
254 pos = p; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
255 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
256 for ( ;; ) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
257 if (p == last) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
258 return NULL; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
259 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
260 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
261 if (*p++ == sep) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
262 break; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
263 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
264 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
265 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
266 len = p - pos - 1; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
267 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
268 n = ngx_atoi(pos, len); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
269 if (n < 0 || n > 65535) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
270 return NULL; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
271 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
272 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
273 *port = (in_port_t) n; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
274 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
275 return p; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
276 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
277 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
278 |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
279 u_char * |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
280 ngx_proxy_protocol_write(ngx_connection_t *c, u_char *buf, u_char *last) |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
281 { |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
282 ngx_uint_t port, lport; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
283 |
8099
17d6a537fb1b
Increased maximum read PROXY protocol header size.
Roman Arutyunyan <arut@nginx.com>
parents:
8073
diff
changeset
|
284 if (last - buf < NGX_PROXY_PROTOCOL_V1_MAX_HEADER) { |
8100
251daa98cc87
Added logging to PROXY protocol write buffer check.
Maxim Dounin <mdounin@mdounin.ru>
parents:
8099
diff
changeset
|
285 ngx_log_error(NGX_LOG_ALERT, c->log, 0, |
251daa98cc87
Added logging to PROXY protocol write buffer check.
Maxim Dounin <mdounin@mdounin.ru>
parents:
8099
diff
changeset
|
286 "too small buffer for PROXY protocol"); |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
287 return NULL; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
288 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
289 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
290 if (ngx_connection_local_sockaddr(c, NULL, 0) != NGX_OK) { |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
291 return NULL; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
292 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
293 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
294 switch (c->sockaddr->sa_family) { |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
295 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
296 case AF_INET: |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
297 buf = ngx_cpymem(buf, "PROXY TCP4 ", sizeof("PROXY TCP4 ") - 1); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
298 break; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
299 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
300 #if (NGX_HAVE_INET6) |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
301 case AF_INET6: |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
302 buf = ngx_cpymem(buf, "PROXY TCP6 ", sizeof("PROXY TCP6 ") - 1); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
303 break; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
304 #endif |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
305 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
306 default: |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
307 return ngx_cpymem(buf, "PROXY UNKNOWN" CRLF, |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
308 sizeof("PROXY UNKNOWN" CRLF) - 1); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
309 } |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
310 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
311 buf += ngx_sock_ntop(c->sockaddr, c->socklen, buf, last - buf, 0); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
312 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
313 *buf++ = ' '; |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
314 |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
315 buf += ngx_sock_ntop(c->local_sockaddr, c->local_socklen, buf, last - buf, |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
316 0); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
317 |
6593
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6561
diff
changeset
|
318 port = ngx_inet_get_port(c->sockaddr); |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6561
diff
changeset
|
319 lport = ngx_inet_get_port(c->local_sockaddr); |
b3b7e33083ac
Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
Roman Arutyunyan <arut@nginx.com>
parents:
6561
diff
changeset
|
320 |
6184
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
321 return ngx_slprintf(buf, last, " %ui %ui" CRLF, port, lport); |
fa663739e115
Stream: client-side PROXY protocol.
Roman Arutyunyan <arut@nginx.com>
parents:
5605
diff
changeset
|
322 } |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
323 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
324 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
325 static u_char * |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
326 ngx_proxy_protocol_v2_read(ngx_connection_t *c, u_char *buf, u_char *last) |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
327 { |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
328 u_char *end; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
329 size_t len; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
330 socklen_t socklen; |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
331 ngx_uint_t version, command, family, transport; |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
332 ngx_sockaddr_t src_sockaddr, dst_sockaddr; |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
333 ngx_proxy_protocol_t *pp; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
334 ngx_proxy_protocol_header_t *header; |
7254
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
335 ngx_proxy_protocol_inet_addrs_t *in; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
336 #if (NGX_HAVE_INET6) |
7254
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
337 ngx_proxy_protocol_inet6_addrs_t *in6; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
338 #endif |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
339 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
340 header = (ngx_proxy_protocol_header_t *) buf; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
341 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
342 buf += sizeof(ngx_proxy_protocol_header_t); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
343 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
344 version = header->version_command >> 4; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
345 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
346 if (version != 2) { |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
347 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
348 "unknown PROXY protocol version: %ui", version); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
349 return NULL; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
350 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
351 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
352 len = ngx_proxy_protocol_parse_uint16(header->len); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
353 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
354 if ((size_t) (last - buf) < len) { |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
355 ngx_log_error(NGX_LOG_ERR, c->log, 0, "header is too large"); |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
356 return NULL; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
357 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
358 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
359 end = buf + len; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
360 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
361 command = header->version_command & 0x0f; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
362 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
363 /* only PROXY is supported */ |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
364 if (command != 1) { |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
365 ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0, |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
366 "PROXY protocol v2 unsupported command %ui", command); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
367 return end; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
368 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
369 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
370 transport = header->family_transport & 0x0f; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
371 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
372 /* only STREAM is supported */ |
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
373 if (transport != 1) { |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
374 ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0, |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
375 "PROXY protocol v2 unsupported transport %ui", |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
376 transport); |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
377 return end; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
378 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
379 |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
380 pp = ngx_pcalloc(c->pool, sizeof(ngx_proxy_protocol_t)); |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
381 if (pp == NULL) { |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
382 return NULL; |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
383 } |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
384 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
385 family = header->family_transport >> 4; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
386 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
387 switch (family) { |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
388 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
389 case NGX_PROXY_PROTOCOL_AF_INET: |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
390 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
391 if ((size_t) (end - buf) < sizeof(ngx_proxy_protocol_inet_addrs_t)) { |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
392 return NULL; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
393 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
394 |
7254
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
395 in = (ngx_proxy_protocol_inet_addrs_t *) buf; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
396 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
397 src_sockaddr.sockaddr_in.sin_family = AF_INET; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
398 src_sockaddr.sockaddr_in.sin_port = 0; |
8101
42bc158a47ec
Fixed PROXY protocol to use ngx_memcpy()/ngx_memcmp().
Maxim Dounin <mdounin@mdounin.ru>
parents:
8100
diff
changeset
|
399 ngx_memcpy(&src_sockaddr.sockaddr_in.sin_addr, in->src_addr, 4); |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
400 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
401 dst_sockaddr.sockaddr_in.sin_family = AF_INET; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
402 dst_sockaddr.sockaddr_in.sin_port = 0; |
8101
42bc158a47ec
Fixed PROXY protocol to use ngx_memcpy()/ngx_memcmp().
Maxim Dounin <mdounin@mdounin.ru>
parents:
8100
diff
changeset
|
403 ngx_memcpy(&dst_sockaddr.sockaddr_in.sin_addr, in->dst_addr, 4); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
404 |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
405 pp->src_port = ngx_proxy_protocol_parse_uint16(in->src_port); |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
406 pp->dst_port = ngx_proxy_protocol_parse_uint16(in->dst_port); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
407 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
408 socklen = sizeof(struct sockaddr_in); |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
409 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
410 buf += sizeof(ngx_proxy_protocol_inet_addrs_t); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
411 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
412 break; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
413 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
414 #if (NGX_HAVE_INET6) |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
415 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
416 case NGX_PROXY_PROTOCOL_AF_INET6: |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
417 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
418 if ((size_t) (end - buf) < sizeof(ngx_proxy_protocol_inet6_addrs_t)) { |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
419 return NULL; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
420 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
421 |
7254
1fd992589ffe
Core: fixed build, broken by 63e91f263a49.
Vladimir Homutov <vl@nginx.com>
parents:
7253
diff
changeset
|
422 in6 = (ngx_proxy_protocol_inet6_addrs_t *) buf; |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
423 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
424 src_sockaddr.sockaddr_in6.sin6_family = AF_INET6; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
425 src_sockaddr.sockaddr_in6.sin6_port = 0; |
8101
42bc158a47ec
Fixed PROXY protocol to use ngx_memcpy()/ngx_memcmp().
Maxim Dounin <mdounin@mdounin.ru>
parents:
8100
diff
changeset
|
426 ngx_memcpy(&src_sockaddr.sockaddr_in6.sin6_addr, in6->src_addr, 16); |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
427 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
428 dst_sockaddr.sockaddr_in6.sin6_family = AF_INET6; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
429 dst_sockaddr.sockaddr_in6.sin6_port = 0; |
8101
42bc158a47ec
Fixed PROXY protocol to use ngx_memcpy()/ngx_memcmp().
Maxim Dounin <mdounin@mdounin.ru>
parents:
8100
diff
changeset
|
430 ngx_memcpy(&dst_sockaddr.sockaddr_in6.sin6_addr, in6->dst_addr, 16); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
431 |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
432 pp->src_port = ngx_proxy_protocol_parse_uint16(in6->src_port); |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
433 pp->dst_port = ngx_proxy_protocol_parse_uint16(in6->dst_port); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
434 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
435 socklen = sizeof(struct sockaddr_in6); |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
436 |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
437 buf += sizeof(ngx_proxy_protocol_inet6_addrs_t); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
438 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
439 break; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
440 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
441 #endif |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
442 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
443 default: |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
444 ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0, |
7253
63e91f263a49
Core: revised the PROXY protocol v2 code.
Ruslan Ermilov <ru@nginx.com>
parents:
7252
diff
changeset
|
445 "PROXY protocol v2 unsupported address family %ui", |
7252 | 446 family); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
447 return end; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
448 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
449 |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
450 pp->src_addr.data = ngx_pnalloc(c->pool, NGX_SOCKADDR_STRLEN); |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
451 if (pp->src_addr.data == NULL) { |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
452 return NULL; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
453 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
454 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
455 pp->src_addr.len = ngx_sock_ntop(&src_sockaddr.sockaddr, socklen, |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
456 pp->src_addr.data, NGX_SOCKADDR_STRLEN, 0); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
457 |
7591
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
458 pp->dst_addr.data = ngx_pnalloc(c->pool, NGX_SOCKADDR_STRLEN); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
459 if (pp->dst_addr.data == NULL) { |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
460 return NULL; |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
461 } |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
462 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
463 pp->dst_addr.len = ngx_sock_ntop(&dst_sockaddr.sockaddr, socklen, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
464 pp->dst_addr.data, NGX_SOCKADDR_STRLEN, 0); |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
465 |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
466 ngx_log_debug4(NGX_LOG_DEBUG_CORE, c->log, 0, |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
467 "PROXY protocol v2 src: %V %d, dst: %V %d", |
89adf49fe76a
Parsing server PROXY protocol address and port (ticket #1206).
Roman Arutyunyan <arut@nginx.com>
parents:
7590
diff
changeset
|
468 &pp->src_addr, pp->src_port, &pp->dst_addr, pp->dst_port); |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
469 |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
470 if (buf < end) { |
8072
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
471 pp->tlvs.data = ngx_pnalloc(c->pool, end - buf); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
472 if (pp->tlvs.data == NULL) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
473 return NULL; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
474 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
475 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
476 ngx_memcpy(pp->tlvs.data, buf, end - buf); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
477 pp->tlvs.len = end - buf; |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
478 } |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
479 |
7590
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
480 c->proxy_protocol = pp; |
06b01840bd42
Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents:
7254
diff
changeset
|
481 |
7251
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
482 return end; |
416953ef0428
Core: added processing of version 2 of the PROXY protocol.
Vladimir Homutov <vl@nginx.com>
parents:
6593
diff
changeset
|
483 } |
8072
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
484 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
485 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
486 ngx_int_t |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
487 ngx_proxy_protocol_get_tlv(ngx_connection_t *c, ngx_str_t *name, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
488 ngx_str_t *value) |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
489 { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
490 u_char *p; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
491 size_t n; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
492 uint32_t verify; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
493 ngx_str_t ssl, *tlvs; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
494 ngx_int_t rc, type; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
495 ngx_proxy_protocol_tlv_ssl_t *tlv_ssl; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
496 ngx_proxy_protocol_tlv_entry_t *te; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
497 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
498 if (c->proxy_protocol == NULL) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
499 return NGX_DECLINED; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
500 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
501 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
502 ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
503 "PROXY protocol v2 get tlv \"%V\"", name); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
504 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
505 te = ngx_proxy_protocol_tlv_entries; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
506 tlvs = &c->proxy_protocol->tlvs; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
507 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
508 p = name->data; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
509 n = name->len; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
510 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
511 if (n >= 4 && p[0] == 's' && p[1] == 's' && p[2] == 'l' && p[3] == '_') { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
512 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
513 rc = ngx_proxy_protocol_lookup_tlv(c, tlvs, 0x20, &ssl); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
514 if (rc != NGX_OK) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
515 return rc; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
516 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
517 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
518 if (ssl.len < sizeof(ngx_proxy_protocol_tlv_ssl_t)) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
519 return NGX_ERROR; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
520 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
521 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
522 p += 4; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
523 n -= 4; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
524 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
525 if (n == 6 && ngx_strncmp(p, "verify", 6) == 0) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
526 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
527 tlv_ssl = (ngx_proxy_protocol_tlv_ssl_t *) ssl.data; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
528 verify = ngx_proxy_protocol_parse_uint32(tlv_ssl->verify); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
529 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
530 value->data = ngx_pnalloc(c->pool, NGX_INT32_LEN); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
531 if (value->data == NULL) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
532 return NGX_ERROR; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
533 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
534 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
535 value->len = ngx_sprintf(value->data, "%uD", verify) |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
536 - value->data; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
537 return NGX_OK; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
538 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
539 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
540 ssl.data += sizeof(ngx_proxy_protocol_tlv_ssl_t); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
541 ssl.len -= sizeof(ngx_proxy_protocol_tlv_ssl_t); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
542 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
543 te = ngx_proxy_protocol_tlv_ssl_entries; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
544 tlvs = &ssl; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
545 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
546 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
547 if (n >= 2 && p[0] == '0' && p[1] == 'x') { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
548 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
549 type = ngx_hextoi(p + 2, n - 2); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
550 if (type == NGX_ERROR) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
551 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
552 "invalid PROXY protocol TLV \"%V\"", name); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
553 return NGX_ERROR; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
554 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
555 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
556 return ngx_proxy_protocol_lookup_tlv(c, tlvs, type, value); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
557 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
558 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
559 for ( /* void */ ; te->type; te++) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
560 if (te->name.len == n && ngx_strncmp(te->name.data, p, n) == 0) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
561 return ngx_proxy_protocol_lookup_tlv(c, tlvs, te->type, value); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
562 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
563 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
564 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
565 ngx_log_error(NGX_LOG_ERR, c->log, 0, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
566 "unknown PROXY protocol TLV \"%V\"", name); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
567 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
568 return NGX_DECLINED; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
569 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
570 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
571 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
572 static ngx_int_t |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
573 ngx_proxy_protocol_lookup_tlv(ngx_connection_t *c, ngx_str_t *tlvs, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
574 ngx_uint_t type, ngx_str_t *value) |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
575 { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
576 u_char *p; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
577 size_t n, len; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
578 ngx_proxy_protocol_tlv_t *tlv; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
579 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
580 ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0, |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
581 "PROXY protocol v2 lookup tlv:%02xi", type); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
582 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
583 p = tlvs->data; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
584 n = tlvs->len; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
585 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
586 while (n) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
587 if (n < sizeof(ngx_proxy_protocol_tlv_t)) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
588 ngx_log_error(NGX_LOG_ERR, c->log, 0, "broken PROXY protocol TLV"); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
589 return NGX_ERROR; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
590 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
591 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
592 tlv = (ngx_proxy_protocol_tlv_t *) p; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
593 len = ngx_proxy_protocol_parse_uint16(tlv->len); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
594 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
595 p += sizeof(ngx_proxy_protocol_tlv_t); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
596 n -= sizeof(ngx_proxy_protocol_tlv_t); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
597 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
598 if (n < len) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
599 ngx_log_error(NGX_LOG_ERR, c->log, 0, "broken PROXY protocol TLV"); |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
600 return NGX_ERROR; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
601 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
602 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
603 if (tlv->type == type) { |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
604 value->data = p; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
605 value->len = len; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
606 return NGX_OK; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
607 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
608 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
609 p += len; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
610 n -= len; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
611 } |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
612 |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
613 return NGX_DECLINED; |
cca4c8a715de
PROXY protocol v2 TLV variables.
Roman Arutyunyan <arut@nginx.com>
parents:
8071
diff
changeset
|
614 } |