/* * Copyright (C) Roman Arutyunyan * Copyright (C) Nginx, Inc. */ #include #include #include static ngx_int_t ngx_stream_core_preconfiguration(ngx_conf_t *cf); static void *ngx_stream_core_create_main_conf(ngx_conf_t *cf); static char *ngx_stream_core_init_main_conf(ngx_conf_t *cf, void *conf); static void *ngx_stream_core_create_srv_conf(ngx_conf_t *cf); static char *ngx_stream_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child); static char *ngx_stream_core_error_log(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); static char *ngx_stream_core_server(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); static char *ngx_stream_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); static char *ngx_stream_core_resolver(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); static ngx_command_t ngx_stream_core_commands[] = { { ngx_string("variables_hash_max_size"), NGX_STREAM_MAIN_CONF|NGX_CONF_TAKE1, ngx_conf_set_num_slot, NGX_STREAM_MAIN_CONF_OFFSET, offsetof(ngx_stream_core_main_conf_t, variables_hash_max_size), NULL }, { ngx_string("variables_hash_bucket_size"), NGX_STREAM_MAIN_CONF|NGX_CONF_TAKE1, ngx_conf_set_num_slot, NGX_STREAM_MAIN_CONF_OFFSET, offsetof(ngx_stream_core_main_conf_t, variables_hash_bucket_size), NULL }, { ngx_string("server"), NGX_STREAM_MAIN_CONF|NGX_CONF_BLOCK|NGX_CONF_NOARGS, ngx_stream_core_server, 0, 0, NULL }, { ngx_string("listen"), NGX_STREAM_SRV_CONF|NGX_CONF_1MORE, ngx_stream_core_listen, NGX_STREAM_SRV_CONF_OFFSET, 0, NULL }, { ngx_string("error_log"), NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_1MORE, ngx_stream_core_error_log, NGX_STREAM_SRV_CONF_OFFSET, 0, NULL }, { ngx_string("resolver"), NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_1MORE, ngx_stream_core_resolver, NGX_STREAM_SRV_CONF_OFFSET, 0, NULL }, { ngx_string("resolver_timeout"), NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_msec_slot, NGX_STREAM_SRV_CONF_OFFSET, offsetof(ngx_stream_core_srv_conf_t, resolver_timeout), NULL }, { ngx_string("proxy_protocol_timeout"), NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_msec_slot, NGX_STREAM_SRV_CONF_OFFSET, offsetof(ngx_stream_core_srv_conf_t, proxy_protocol_timeout), NULL }, { ngx_string("tcp_nodelay"), NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_FLAG, ngx_conf_set_flag_slot, NGX_STREAM_SRV_CONF_OFFSET, offsetof(ngx_stream_core_srv_conf_t, tcp_nodelay), NULL }, { ngx_string("preread_buffer_size"), NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_size_slot, NGX_STREAM_SRV_CONF_OFFSET, offsetof(ngx_stream_core_srv_conf_t, preread_buffer_size), NULL }, { ngx_string("preread_timeout"), NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_msec_slot, NGX_STREAM_SRV_CONF_OFFSET, offsetof(ngx_stream_core_srv_conf_t, preread_timeout), NULL }, ngx_null_command }; static ngx_stream_module_t ngx_stream_core_module_ctx = { ngx_stream_core_preconfiguration, /* preconfiguration */ NULL, /* postconfiguration */ ngx_stream_core_create_main_conf, /* create main configuration */ ngx_stream_core_init_main_conf, /* init main configuration */ ngx_stream_core_create_srv_conf, /* create server configuration */ ngx_stream_core_merge_srv_conf /* merge server configuration */ }; ngx_module_t ngx_stream_core_module = { NGX_MODULE_V1, &ngx_stream_core_module_ctx, /* module context */ ngx_stream_core_commands, /* module directives */ NGX_STREAM_MODULE, /* module type */ NULL, /* init master */ NULL, /* init module */ NULL, /* init process */ NULL, /* init thread */ NULL, /* exit thread */ NULL, /* exit process */ NULL, /* exit master */ NGX_MODULE_V1_PADDING }; void ngx_stream_core_run_phases(ngx_stream_session_t *s) { ngx_int_t rc; ngx_stream_phase_handler_t *ph; ngx_stream_core_main_conf_t *cmcf; cmcf = ngx_stream_get_module_main_conf(s, ngx_stream_core_module); ph = cmcf->phase_engine.handlers; while (ph[s->phase_handler].checker) { rc = ph[s->phase_handler].checker(s, &ph[s->phase_handler]); if (rc == NGX_OK) { return; } } } ngx_int_t ngx_stream_core_generic_phase(ngx_stream_session_t *s, ngx_stream_phase_handler_t *ph) { ngx_int_t rc; /* * generic phase checker, * used by all phases, except for preread and content */ ngx_log_debug1(NGX_LOG_DEBUG_STREAM, s->connection->log, 0, "generic phase: %ui", s->phase_handler); rc = ph->handler(s); if (rc == NGX_OK) { s->phase_handler = ph->next; return NGX_AGAIN; } if (rc == NGX_DECLINED) { s->phase_handler++; return NGX_AGAIN; } if (rc == NGX_AGAIN || rc == NGX_DONE) { return NGX_OK; } if (rc == NGX_ERROR) { rc = NGX_STREAM_INTERNAL_SERVER_ERROR; } ngx_stream_finalize_session(s, rc); return NGX_OK; } ngx_int_t ngx_stream_core_preread_phase(ngx_stream_session_t *s, ngx_stream_phase_handler_t *ph) { size_t size; ssize_t n; ngx_int_t rc; ngx_connection_t *c; ngx_stream_core_srv_conf_t *cscf; c = s->connection; c->log->action = "prereading client data"; cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); if (c->read->timedout) { rc = NGX_STREAM_OK; } else if (c->read->timer_set) { rc = NGX_AGAIN; } else { rc = ph->handler(s); } while (rc == NGX_AGAIN) { if (c->buffer == NULL) { c->buffer = ngx_create_temp_buf(c->pool, cscf->preread_buffer_size); if (c->buffer == NULL) { rc = NGX_ERROR; break; } } size = c->buffer->end - c->buffer->last; if (size == 0) { ngx_log_error(NGX_LOG_ERR, c->log, 0, "preread buffer full"); rc = NGX_STREAM_BAD_REQUEST; break; } if (c->read->eof) { rc = NGX_STREAM_OK; break; } if (!c->read->ready) { if (ngx_handle_read_event(c->read, 0) != NGX_OK) { rc = NGX_ERROR; break; } if (!c->read->timer_set) { ngx_add_timer(c->read, cscf->preread_timeout); } c->read->handler = ngx_stream_session_handler; return NGX_OK; } n = c->recv(c, c->buffer->last, size); if (n == NGX_ERROR) { rc = NGX_STREAM_OK; break; } if (n > 0) { c->buffer->last += n; } rc = ph->handler(s); } if (c->read->timer_set) { ngx_del_timer(c->read); } if (rc == NGX_OK) { s->phase_handler = ph->next; return NGX_AGAIN; } if (rc == NGX_DECLINED) { s->phase_handler++; return NGX_AGAIN; } if (rc == NGX_DONE) { return NGX_OK; } if (rc == NGX_ERROR) { rc = NGX_STREAM_INTERNAL_SERVER_ERROR; } ngx_stream_finalize_session(s, rc); return NGX_OK; } ngx_int_t ngx_stream_core_content_phase(ngx_stream_session_t *s, ngx_stream_phase_handler_t *ph) { int tcp_nodelay; ngx_connection_t *c; ngx_stream_core_srv_conf_t *cscf; c = s->connection; c->log->action = NULL; cscf = ngx_stream_get_module_srv_conf(s, ngx_stream_core_module); if (c->type == SOCK_STREAM && cscf->tcp_nodelay && c->tcp_nodelay == NGX_TCP_NODELAY_UNSET) { ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, "tcp_nodelay"); tcp_nodelay = 1; if (setsockopt(c->fd, IPPROTO_TCP, TCP_NODELAY, (const void *) &tcp_nodelay, sizeof(int)) == -1) { ngx_connection_error(c, ngx_socket_errno, "setsockopt(TCP_NODELAY) failed"); ngx_stream_finalize_session(s, NGX_STREAM_INTERNAL_SERVER_ERROR); return NGX_OK; } c->tcp_nodelay = NGX_TCP_NODELAY_SET; } cscf->handler(s); return NGX_OK; } static ngx_int_t ngx_stream_core_preconfiguration(ngx_conf_t *cf) { return ngx_stream_variables_add_core_vars(cf); } static void * ngx_stream_core_create_main_conf(ngx_conf_t *cf) { ngx_stream_core_main_conf_t *cmcf; cmcf = ngx_pcalloc(cf->pool, sizeof(ngx_stream_core_main_conf_t)); if (cmcf == NULL) { return NULL; } if (ngx_array_init(&cmcf->servers, cf->pool, 4, sizeof(ngx_stream_core_srv_conf_t *)) != NGX_OK) { return NULL; } if (ngx_array_init(&cmcf->listen, cf->pool, 4, sizeof(ngx_stream_listen_t)) != NGX_OK) { return NULL; } cmcf->variables_hash_max_size = NGX_CONF_UNSET_UINT; cmcf->variables_hash_bucket_size = NGX_CONF_UNSET_UINT; return cmcf; } static char * ngx_stream_core_init_main_conf(ngx_conf_t *cf, void *conf) { ngx_stream_core_main_conf_t *cmcf = conf; ngx_conf_init_uint_value(cmcf->variables_hash_max_size, 1024); ngx_conf_init_uint_value(cmcf->variables_hash_bucket_size, 64); cmcf->variables_hash_bucket_size = ngx_align(cmcf->variables_hash_bucket_size, ngx_cacheline_size); if (cmcf->ncaptures) { cmcf->ncaptures = (cmcf->ncaptures + 1) * 3; } return NGX_CONF_OK; } static void * ngx_stream_core_create_srv_conf(ngx_conf_t *cf) { ngx_stream_core_srv_conf_t *cscf; cscf = ngx_pcalloc(cf->pool, sizeof(ngx_stream_core_srv_conf_t)); if (cscf == NULL) { return NULL; } /* * set by ngx_pcalloc(): * * cscf->handler = NULL; * cscf->error_log = NULL; */ cscf->file_name = cf->conf_file->file.name.data; cscf->line = cf->conf_file->line; cscf->resolver_timeout = NGX_CONF_UNSET_MSEC; cscf->proxy_protocol_timeout = NGX_CONF_UNSET_MSEC; cscf->tcp_nodelay = NGX_CONF_UNSET; cscf->preread_buffer_size = NGX_CONF_UNSET_SIZE; cscf->preread_timeout = NGX_CONF_UNSET_MSEC; return cscf; } static char * ngx_stream_core_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) { ngx_stream_core_srv_conf_t *prev = parent; ngx_stream_core_srv_conf_t *conf = child; ngx_conf_merge_msec_value(conf->resolver_timeout, prev->resolver_timeout, 30000); if (conf->resolver == NULL) { if (prev->resolver == NULL) { /* * create dummy resolver in stream {} context * to inherit it in all servers */ prev->resolver = ngx_resolver_create(cf, NULL, 0); if (prev->resolver == NULL) { return NGX_CONF_ERROR; } } conf->resolver = prev->resolver; } if (conf->handler == NULL) { ngx_log_error(NGX_LOG_EMERG, cf->log, 0, "no handler for server in %s:%ui", conf->file_name, conf->line); return NGX_CONF_ERROR; } if (conf->error_log == NULL) { if (prev->error_log) { conf->error_log = prev->error_log; } else { conf->error_log = &cf->cycle->new_log; } } ngx_conf_merge_msec_value(conf->proxy_protocol_timeout, prev->proxy_protocol_timeout, 30000); ngx_conf_merge_value(conf->tcp_nodelay, prev->tcp_nodelay, 1); ngx_conf_merge_size_value(conf->preread_buffer_size, prev->preread_buffer_size, 16384); ngx_conf_merge_msec_value(conf->preread_timeout, prev->preread_timeout, 30000); return NGX_CONF_OK; } static char * ngx_stream_core_error_log(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { ngx_stream_core_srv_conf_t *cscf = conf; return ngx_log_set_log(cf, &cscf->error_log); } static char * ngx_stream_core_server(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { char *rv; void *mconf; ngx_uint_t m; ngx_conf_t pcf; ngx_stream_module_t *module; ngx_stream_conf_ctx_t *ctx, *stream_ctx; ngx_stream_core_srv_conf_t *cscf, **cscfp; ngx_stream_core_main_conf_t *cmcf; ctx = ngx_pcalloc(cf->pool, sizeof(ngx_stream_conf_ctx_t)); if (ctx == NULL) { return NGX_CONF_ERROR; } stream_ctx = cf->ctx; ctx->main_conf = stream_ctx->main_conf; /* the server{}'s srv_conf */ ctx->srv_conf = ngx_pcalloc(cf->pool, sizeof(void *) * ngx_stream_max_module); if (ctx->srv_conf == NULL) { return NGX_CONF_ERROR; } for (m = 0; cf->cycle->modules[m]; m++) { if (cf->cycle->modules[m]->type != NGX_STREAM_MODULE) { continue; } module = cf->cycle->modules[m]->ctx; if (module->create_srv_conf) { mconf = module->create_srv_conf(cf); if (mconf == NULL) { return NGX_CONF_ERROR; } ctx->srv_conf[cf->cycle->modules[m]->ctx_index] = mconf; } } /* the server configuration context */ cscf = ctx->srv_conf[ngx_stream_core_module.ctx_index]; cscf->ctx = ctx; cmcf = ctx->main_conf[ngx_stream_core_module.ctx_index]; cscfp = ngx_array_push(&cmcf->servers); if (cscfp == NULL) { return NGX_CONF_ERROR; } *cscfp = cscf; /* parse inside server{} */ pcf = *cf; cf->ctx = ctx; cf->cmd_type = NGX_STREAM_SRV_CONF; rv = ngx_conf_parse(cf, NULL); *cf = pcf; if (rv == NGX_CONF_OK && !cscf->listen) { ngx_log_error(NGX_LOG_EMERG, cf->log, 0, "no \"listen\" is defined for server in %s:%ui", cscf->file_name, cscf->line); return NGX_CONF_ERROR; } return rv; } static char * ngx_stream_core_listen(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { ngx_stream_core_srv_conf_t *cscf = conf; ngx_str_t *value; ngx_url_t u; ngx_uint_t i, backlog; ngx_stream_listen_t *ls, *als; ngx_stream_core_main_conf_t *cmcf; cscf->listen = 1; value = cf->args->elts; ngx_memzero(&u, sizeof(ngx_url_t)); u.url = value[1]; u.listen = 1; if (ngx_parse_url(cf->pool, &u) != NGX_OK) { if (u.err) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "%s in \"%V\" of the \"listen\" directive", u.err, &u.url); } return NGX_CONF_ERROR; } cmcf = ngx_stream_conf_get_module_main_conf(cf, ngx_stream_core_module); ls = ngx_array_push(&cmcf->listen); if (ls == NULL) { return NGX_CONF_ERROR; } ngx_memzero(ls, sizeof(ngx_stream_listen_t)); ngx_memcpy(&ls->sockaddr.sockaddr, &u.sockaddr, u.socklen); ls->socklen = u.socklen; ls->backlog = NGX_LISTEN_BACKLOG; ls->type = SOCK_STREAM; ls->wildcard = u.wildcard; ls->ctx = cf->ctx; #if (NGX_HAVE_INET6) ls->ipv6only = 1; #endif backlog = 0; for (i = 2; i < cf->args->nelts; i++) { #if !(NGX_WIN32) if (ngx_strcmp(value[i].data, "udp") == 0) { ls->type = SOCK_DGRAM; continue; } #endif if (ngx_strcmp(value[i].data, "bind") == 0) { ls->bind = 1; continue; } if (ngx_strncmp(value[i].data, "backlog=", 8) == 0) { ls->backlog = ngx_atoi(value[i].data + 8, value[i].len - 8); ls->bind = 1; if (ls->backlog == NGX_ERROR || ls->backlog == 0) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid backlog \"%V\"", &value[i]); return NGX_CONF_ERROR; } backlog = 1; continue; } if (ngx_strncmp(value[i].data, "ipv6only=o", 10) == 0) { #if (NGX_HAVE_INET6 && defined IPV6_V6ONLY) size_t len; u_char buf[NGX_SOCKADDR_STRLEN]; if (ls->sockaddr.sockaddr.sa_family == AF_INET6) { if (ngx_strcmp(&value[i].data[10], "n") == 0) { ls->ipv6only = 1; } else if (ngx_strcmp(&value[i].data[10], "ff") == 0) { ls->ipv6only = 0; } else { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid ipv6only flags \"%s\"", &value[i].data[9]); return NGX_CONF_ERROR; } ls->bind = 1; } else { len = ngx_sock_ntop(&ls->sockaddr.sockaddr, ls->socklen, buf, NGX_SOCKADDR_STRLEN, 1); ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "ipv6only is not supported " "on addr \"%*s\", ignored", len, buf); } continue; #else ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "bind ipv6only is not supported " "on this platform"); return NGX_CONF_ERROR; #endif } if (ngx_strcmp(value[i].data, "reuseport") == 0) { #if (NGX_HAVE_REUSEPORT) ls->reuseport = 1; ls->bind = 1; #else ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "reuseport is not supported " "on this platform, ignored"); #endif continue; } if (ngx_strcmp(value[i].data, "ssl") == 0) { #if (NGX_STREAM_SSL) ls->ssl = 1; continue; #else ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "the \"ssl\" parameter requires " "ngx_stream_ssl_module"); return NGX_CONF_ERROR; #endif } if (ngx_strncmp(value[i].data, "so_keepalive=", 13) == 0) { if (ngx_strcmp(&value[i].data[13], "on") == 0) { ls->so_keepalive = 1; } else if (ngx_strcmp(&value[i].data[13], "off") == 0) { ls->so_keepalive = 2; } else { #if (NGX_HAVE_KEEPALIVE_TUNABLE) u_char *p, *end; ngx_str_t s; end = value[i].data + value[i].len; s.data = value[i].data + 13; p = ngx_strlchr(s.data, end, ':'); if (p == NULL) { p = end; } if (p > s.data) { s.len = p - s.data; ls->tcp_keepidle = ngx_parse_time(&s, 1); if (ls->tcp_keepidle == (time_t) NGX_ERROR) { goto invalid_so_keepalive; } } s.data = (p < end) ? (p + 1) : end; p = ngx_strlchr(s.data, end, ':'); if (p == NULL) { p = end; } if (p > s.data) { s.len = p - s.data; ls->tcp_keepintvl = ngx_parse_time(&s, 1); if (ls->tcp_keepintvl == (time_t) NGX_ERROR) { goto invalid_so_keepalive; } } s.data = (p < end) ? (p + 1) : end; if (s.data < end) { s.len = end - s.data; ls->tcp_keepcnt = ngx_atoi(s.data, s.len); if (ls->tcp_keepcnt == NGX_ERROR) { goto invalid_so_keepalive; } } if (ls->tcp_keepidle == 0 && ls->tcp_keepintvl == 0 && ls->tcp_keepcnt == 0) { goto invalid_so_keepalive; } ls->so_keepalive = 1; #else ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "the \"so_keepalive\" parameter accepts " "only \"on\" or \"off\" on this platform"); return NGX_CONF_ERROR; #endif } ls->bind = 1; continue; #if (NGX_HAVE_KEEPALIVE_TUNABLE) invalid_so_keepalive: ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid so_keepalive value: \"%s\"", &value[i].data[13]); return NGX_CONF_ERROR; #endif } if (ngx_strcmp(value[i].data, "proxy_protocol") == 0) { ls->proxy_protocol = 1; continue; } ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "the invalid \"%V\" parameter", &value[i]); return NGX_CONF_ERROR; } if (ls->type == SOCK_DGRAM) { if (backlog) { return "\"backlog\" parameter is incompatible with \"udp\""; } #if (NGX_STREAM_SSL) if (ls->ssl) { return "\"ssl\" parameter is incompatible with \"udp\""; } #endif if (ls->so_keepalive) { return "\"so_keepalive\" parameter is incompatible with \"udp\""; } if (ls->proxy_protocol) { return "\"proxy_protocol\" parameter is incompatible with \"udp\""; } } als = cmcf->listen.elts; for (i = 0; i < cmcf->listen.nelts - 1; i++) { if (ls->type != als[i].type) { continue; } if (ngx_cmp_sockaddr(&als[i].sockaddr.sockaddr, als[i].socklen, &ls->sockaddr.sockaddr, ls->socklen, 1) != NGX_OK) { continue; } ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "duplicate \"%V\" address and port pair", &u.url); return NGX_CONF_ERROR; } return NGX_CONF_OK; } static char * ngx_stream_core_resolver(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { ngx_stream_core_srv_conf_t *cscf = conf; ngx_str_t *value; if (cscf->resolver) { return "is duplicate"; } value = cf->args->elts; cscf->resolver = ngx_resolver_create(cf, &value[1], cf->args->nelts - 1); if (cscf->resolver == NULL) { return NGX_CONF_ERROR; } return NGX_CONF_OK; }