Mercurial > hg > nginx
comparison src/http/modules/ngx_http_grpc_module.c @ 9022:b30bec3d71d6 quic
Merged with the default branch.
author | Sergey Kandaurov <pluknet@nginx.com> |
---|---|
date | Tue, 26 Jul 2022 19:54:11 +0400 |
parents | 9d98d524bd02 |
children | d1cf09451ae8 |
comparison
equal
deleted
inserted
replaced
9021:8d0753760546 | 9022:b30bec3d71d6 |
---|---|
207 #if (NGX_HTTP_SSL) | 207 #if (NGX_HTTP_SSL) |
208 static char *ngx_http_grpc_ssl_password_file(ngx_conf_t *cf, | 208 static char *ngx_http_grpc_ssl_password_file(ngx_conf_t *cf, |
209 ngx_command_t *cmd, void *conf); | 209 ngx_command_t *cmd, void *conf); |
210 static char *ngx_http_grpc_ssl_conf_command_check(ngx_conf_t *cf, void *post, | 210 static char *ngx_http_grpc_ssl_conf_command_check(ngx_conf_t *cf, void *post, |
211 void *data); | 211 void *data); |
212 static ngx_int_t ngx_http_grpc_merge_ssl(ngx_conf_t *cf, | |
213 ngx_http_grpc_loc_conf_t *conf, ngx_http_grpc_loc_conf_t *prev); | |
212 static ngx_int_t ngx_http_grpc_set_ssl(ngx_conf_t *cf, | 214 static ngx_int_t ngx_http_grpc_set_ssl(ngx_conf_t *cf, |
213 ngx_http_grpc_loc_conf_t *glcf); | 215 ngx_http_grpc_loc_conf_t *glcf); |
214 #endif | 216 #endif |
215 | 217 |
216 | 218 |
560 | 562 |
561 if (glcf->grpc_lengths == NULL) { | 563 if (glcf->grpc_lengths == NULL) { |
562 ctx->host = glcf->host; | 564 ctx->host = glcf->host; |
563 | 565 |
564 #if (NGX_HTTP_SSL) | 566 #if (NGX_HTTP_SSL) |
565 u->ssl = (glcf->upstream.ssl != NULL); | 567 u->ssl = glcf->ssl; |
566 | 568 |
567 if (u->ssl) { | 569 if (u->ssl) { |
568 ngx_str_set(&u->schema, "grpcs://"); | 570 ngx_str_set(&u->schema, "grpcs://"); |
569 | 571 |
570 } else { | 572 } else { |
4461 ngx_conf_merge_value(conf->upstream.intercept_errors, | 4463 ngx_conf_merge_value(conf->upstream.intercept_errors, |
4462 prev->upstream.intercept_errors, 0); | 4464 prev->upstream.intercept_errors, 0); |
4463 | 4465 |
4464 #if (NGX_HTTP_SSL) | 4466 #if (NGX_HTTP_SSL) |
4465 | 4467 |
4468 if (ngx_http_grpc_merge_ssl(cf, conf, prev) != NGX_OK) { | |
4469 return NGX_CONF_ERROR; | |
4470 } | |
4471 | |
4466 ngx_conf_merge_value(conf->upstream.ssl_session_reuse, | 4472 ngx_conf_merge_value(conf->upstream.ssl_session_reuse, |
4467 prev->upstream.ssl_session_reuse, 1); | 4473 prev->upstream.ssl_session_reuse, 1); |
4468 | 4474 |
4469 ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols, | 4475 ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols, |
4470 (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1 | 4476 (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1 |
4522 | 4528 |
4523 conf->grpc_lengths = prev->grpc_lengths; | 4529 conf->grpc_lengths = prev->grpc_lengths; |
4524 conf->grpc_values = prev->grpc_values; | 4530 conf->grpc_values = prev->grpc_values; |
4525 | 4531 |
4526 #if (NGX_HTTP_SSL) | 4532 #if (NGX_HTTP_SSL) |
4527 conf->upstream.ssl = prev->upstream.ssl; | 4533 conf->ssl = prev->ssl; |
4528 #endif | 4534 #endif |
4529 } | 4535 } |
4530 | 4536 |
4531 if (clcf->lmt_excpt && clcf->handler == NULL | 4537 if (clcf->lmt_excpt && clcf->handler == NULL |
4532 && (conf->upstream.upstream || conf->grpc_lengths)) | 4538 && (conf->upstream.upstream || conf->grpc_lengths)) |
4872 #endif | 4878 #endif |
4873 } | 4879 } |
4874 | 4880 |
4875 | 4881 |
4876 static ngx_int_t | 4882 static ngx_int_t |
4883 ngx_http_grpc_merge_ssl(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *conf, | |
4884 ngx_http_grpc_loc_conf_t *prev) | |
4885 { | |
4886 ngx_uint_t preserve; | |
4887 | |
4888 if (conf->ssl_protocols == 0 | |
4889 && conf->ssl_ciphers.data == NULL | |
4890 && conf->upstream.ssl_certificate == NGX_CONF_UNSET_PTR | |
4891 && conf->upstream.ssl_certificate_key == NGX_CONF_UNSET_PTR | |
4892 && conf->upstream.ssl_passwords == NGX_CONF_UNSET_PTR | |
4893 && conf->upstream.ssl_verify == NGX_CONF_UNSET | |
4894 && conf->ssl_verify_depth == NGX_CONF_UNSET_UINT | |
4895 && conf->ssl_trusted_certificate.data == NULL | |
4896 && conf->ssl_crl.data == NULL | |
4897 && conf->upstream.ssl_session_reuse == NGX_CONF_UNSET | |
4898 && conf->ssl_conf_commands == NGX_CONF_UNSET_PTR) | |
4899 { | |
4900 if (prev->upstream.ssl) { | |
4901 conf->upstream.ssl = prev->upstream.ssl; | |
4902 return NGX_OK; | |
4903 } | |
4904 | |
4905 preserve = 1; | |
4906 | |
4907 } else { | |
4908 preserve = 0; | |
4909 } | |
4910 | |
4911 conf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); | |
4912 if (conf->upstream.ssl == NULL) { | |
4913 return NGX_ERROR; | |
4914 } | |
4915 | |
4916 conf->upstream.ssl->log = cf->log; | |
4917 | |
4918 /* | |
4919 * special handling to preserve conf->upstream.ssl | |
4920 * in the "http" section to inherit it to all servers | |
4921 */ | |
4922 | |
4923 if (preserve) { | |
4924 prev->upstream.ssl = conf->upstream.ssl; | |
4925 } | |
4926 | |
4927 return NGX_OK; | |
4928 } | |
4929 | |
4930 | |
4931 static ngx_int_t | |
4877 ngx_http_grpc_set_ssl(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *glcf) | 4932 ngx_http_grpc_set_ssl(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *glcf) |
4878 { | 4933 { |
4879 ngx_pool_cleanup_t *cln; | 4934 ngx_pool_cleanup_t *cln; |
4880 | 4935 |
4881 glcf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t)); | 4936 if (glcf->upstream.ssl->ctx) { |
4882 if (glcf->upstream.ssl == NULL) { | 4937 return NGX_OK; |
4883 return NGX_ERROR; | 4938 } |
4884 } | |
4885 | |
4886 glcf->upstream.ssl->log = cf->log; | |
4887 | 4939 |
4888 if (ngx_ssl_create(glcf->upstream.ssl, glcf->ssl_protocols, NULL) | 4940 if (ngx_ssl_create(glcf->upstream.ssl, glcf->ssl_protocols, NULL) |
4889 != NGX_OK) | 4941 != NGX_OK) |
4890 { | 4942 { |
4891 return NGX_ERROR; | 4943 return NGX_ERROR; |