One Level Up Top Level

src/http/modules/ngx_http_tunnel_module.c - nginx

Global variables defined

Data types defined

Functions defined

Source code


  2. /*
  3. * Copyright (C) Roman Arutyunyan
  4. * Copyright (C) Nginx, Inc.
  5. */


  8. #include <ngx_config.h>
  9. #include <ngx_core.h>
  10. #include <ngx_http.h>


  13. typedef struct {
  14.     ngx_http_upstream_conf_t       upstream;

  16.     ngx_array_t                   *tunnel_lengths;
  17.     ngx_array_t                   *tunnel_values;
  18. } ngx_http_tunnel_loc_conf_t;


  21. static ngx_int_t ngx_http_tunnel_eval(ngx_http_request_t *r,
  22.     ngx_http_tunnel_loc_conf_t *tlcf);
  23. static ngx_int_t ngx_http_tunnel_create_request(ngx_http_request_t *r);
  24. static ngx_int_t ngx_http_tunnel_reinit_request(ngx_http_request_t *r);
  25. static ngx_int_t ngx_http_tunnel_process_header(ngx_http_request_t *r);
  26. static void ngx_http_tunnel_abort_request(ngx_http_request_t *r);
  27. static void ngx_http_tunnel_finalize_request(ngx_http_request_t *r,
  28.     ngx_int_t rc);

  30. static void *ngx_http_tunnel_create_loc_conf(ngx_conf_t *cf);
  31. static char *ngx_http_tunnel_merge_loc_conf(ngx_conf_t *cf,
  32.     void *parent, void *child);

  34. static char *ngx_http_tunnel_pass(ngx_conf_t *cf, ngx_command_t *cmd,
  35.     void *conf);

  37. static char *ngx_http_tunnel_lowat_check(ngx_conf_t *cf, void *post, void *data);


  40. static ngx_conf_post_t  ngx_http_tunnel_lowat_post =
  41.     { ngx_http_tunnel_lowat_check };


  44. static ngx_conf_bitmask_t  ngx_http_tunnel_next_upstream_masks[] = {
  45.     { ngx_string("error"), NGX_HTTP_UPSTREAM_FT_ERROR },
  46.     { ngx_string("timeout"), NGX_HTTP_UPSTREAM_FT_TIMEOUT },
  47.     { ngx_string("off"), NGX_HTTP_UPSTREAM_FT_OFF },
  48.     { ngx_null_string, 0 }
  49. };


  52. static ngx_command_t  ngx_http_tunnel_commands[] = {

  54.     { ngx_string("tunnel_pass"),
  55.       NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF|NGX_CONF_NOARGS
  56.       |NGX_CONF_TAKE1,
  57.       ngx_http_tunnel_pass,
  58.       NGX_HTTP_LOC_CONF_OFFSET,
  59.       0,
  60.       NULL },

  62.     { ngx_string("tunnel_bind"),
  63.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE12,
  64.       ngx_http_upstream_bind_set_slot,
  65.       NGX_HTTP_LOC_CONF_OFFSET,
  66.       offsetof(ngx_http_tunnel_loc_conf_t, upstream.local),
  67.       NULL },

  69.     { ngx_string("tunnel_socket_keepalive"),
  70.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
  71.       ngx_conf_set_flag_slot,
  72.       NGX_HTTP_LOC_CONF_OFFSET,
  73.       offsetof(ngx_http_tunnel_loc_conf_t, upstream.socket_keepalive),
  74.       NULL },

  76.     { ngx_string("tunnel_connect_timeout"),
  77.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
  78.       ngx_conf_set_msec_slot,
  79.       NGX_HTTP_LOC_CONF_OFFSET,
  80.       offsetof(ngx_http_tunnel_loc_conf_t, upstream.connect_timeout),
  81.       NULL },

  83.     { ngx_string("tunnel_send_timeout"),
  84.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
  85.       ngx_conf_set_msec_slot,
  86.       NGX_HTTP_LOC_CONF_OFFSET,
  87.       offsetof(ngx_http_tunnel_loc_conf_t, upstream.send_timeout),
  88.       NULL },

  90.     { ngx_string("tunnel_send_lowat"),
  91.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
  92.       ngx_conf_set_size_slot,
  93.       NGX_HTTP_LOC_CONF_OFFSET,
  94.       offsetof(ngx_http_tunnel_loc_conf_t, upstream.send_lowat),
  95.       &ngx_http_tunnel_lowat_post },

  97.     { ngx_string("tunnel_buffer_size"),
  98.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
  99.       ngx_conf_set_size_slot,
  100.       NGX_HTTP_LOC_CONF_OFFSET,
  101.       offsetof(ngx_http_tunnel_loc_conf_t, upstream.buffer_size),
  102.       NULL },

  104.     { ngx_string("tunnel_read_timeout"),
  105.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
  106.       ngx_conf_set_msec_slot,
  107.       NGX_HTTP_LOC_CONF_OFFSET,
  108.       offsetof(ngx_http_tunnel_loc_conf_t, upstream.read_timeout),
  109.       NULL },

  111.     { ngx_string("tunnel_next_upstream"),
  112.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
  113.       ngx_conf_set_bitmask_slot,
  114.       NGX_HTTP_LOC_CONF_OFFSET,
  115.       offsetof(ngx_http_tunnel_loc_conf_t, upstream.next_upstream),
  116.       &ngx_http_tunnel_next_upstream_masks },

  118.     { ngx_string("tunnel_next_upstream_tries"),
  119.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
  120.       ngx_conf_set_num_slot,
  121.       NGX_HTTP_LOC_CONF_OFFSET,
  122.       offsetof(ngx_http_tunnel_loc_conf_t, upstream.next_upstream_tries),
  123.       NULL },

  125.     { ngx_string("tunnel_next_upstream_timeout"),
  126.       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
  127.       ngx_conf_set_msec_slot,
  128.       NGX_HTTP_LOC_CONF_OFFSET,
  129.       offsetof(ngx_http_tunnel_loc_conf_t, upstream.next_upstream_timeout),
  130.       NULL },

  132.       ngx_null_command
  133. };


  136. static ngx_http_module_t  ngx_http_tunnel_module_ctx = {
  137.     NULL,                                  /* preconfiguration */
  138.     NULL,                                  /* postconfiguration */

  140.     NULL,                                  /* create main configuration */
  141.     NULL,                                  /* init main configuration */

  143.     NULL,                                  /* create server configuration */
  144.     NULL,                                  /* merge server configuration */

  146.     ngx_http_tunnel_create_loc_conf,       /* create location configuration */
  147.     ngx_http_tunnel_merge_loc_conf         /* merge location configuration */
  148. };


  151. ngx_module_t  ngx_http_tunnel_module = {
  152.     NGX_MODULE_V1,
  153.     &ngx_http_tunnel_module_ctx,           /* module context */
  154.     ngx_http_tunnel_commands,              /* module directives */
  155.     NGX_HTTP_MODULE,                       /* module type */
  156.     NULL,                                  /* init master */
  157.     NULL,                                  /* init module */
  158.     NULL,                                  /* init process */
  159.     NULL,                                  /* init thread */
  160.     NULL,                                  /* exit thread */
  161.     NULL,                                  /* exit process */
  162.     NULL,                                  /* exit master */
  163.     NGX_MODULE_V1_PADDING
  164. };


  167. static ngx_int_t
  168. ngx_http_tunnel_handler(ngx_http_request_t *r)
  169. {
  170.     ngx_int_t                    rc;
  171.     ngx_http_upstream_t         *u;
  172.     ngx_http_tunnel_loc_conf_t  *tlcf;

  174.     if (r->method != NGX_HTTP_CONNECT) {
  175.         return NGX_HTTP_NOT_ALLOWED;
  176.     }

  178.     if (ngx_http_upstream_create(r) != NGX_OK) {
  179.         return NGX_HTTP_INTERNAL_SERVER_ERROR;
  180.     }

  182.     tlcf = ngx_http_get_module_loc_conf(r, ngx_http_tunnel_module);

  184.     if (tlcf->tunnel_lengths) {
  185.         if (ngx_http_tunnel_eval(r, tlcf) != NGX_OK) {
  186.             return NGX_HTTP_INTERNAL_SERVER_ERROR;
  187.         }
  188.     }

  190.     u = r->upstream;

  192.     u->conf = &tlcf->upstream;

  194.     u->create_request = ngx_http_tunnel_create_request;
  195.     u->reinit_request = ngx_http_tunnel_reinit_request;
  196.     u->process_header = ngx_http_tunnel_process_header;
  197.     u->abort_request = ngx_http_tunnel_abort_request;
  198.     u->finalize_request = ngx_http_tunnel_finalize_request;

  200.     rc = ngx_http_read_client_request_body(r, ngx_http_upstream_init);

  202.     if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
  203.         return rc;
  204.     }

  206.     return NGX_DONE;
  207. }


  210. static ngx_int_t
  211. ngx_http_tunnel_eval(ngx_http_request_t *r, ngx_http_tunnel_loc_conf_t *tlcf)
  212. {
  213.     ngx_url_t             url;
  214.     ngx_http_upstream_t  *u;

  216.     ngx_memzero(&url, sizeof(ngx_url_t));

  218.     if (ngx_http_script_run(r, &url.url, tlcf->tunnel_lengths->elts, 0,
  219.                             tlcf->tunnel_values->elts)
  220.         == NULL)
  221.     {
  222.         return NGX_ERROR;
  223.     }

  225.     url.no_resolve = 1;

  227.     if (ngx_parse_url(r->pool, &url) != NGX_OK) {
  228.         if (url.err) {
  229.             ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
  230.                           "%s in upstream \"%V\"", url.err, &url.url);
  231.         }

  233.         return NGX_ERROR;
  234.     }

  236.     u = r->upstream;

  238.     u->resolved = ngx_pcalloc(r->pool, sizeof(ngx_http_upstream_resolved_t));
  239.     if (u->resolved == NULL) {
  240.         return NGX_ERROR;
  241.     }

  243.     if (url.addrs) {
  244.         u->resolved->sockaddr = url.addrs[0].sockaddr;
  245.         u->resolved->socklen = url.addrs[0].socklen;
  246.         u->resolved->name = url.addrs[0].name;
  247.         u->resolved->naddrs = 1;
  248.     }

  250.     u->resolved->host = url.host;
  251.     u->resolved->port = url.port;

  253.     return NGX_OK;
  254. }


  257. static ngx_int_t
  258. ngx_http_tunnel_create_request(ngx_http_request_t *r)
  259. {
  260.     /* u->request_bufs = NULL */

  262.     return NGX_OK;
  263. }


  266. static ngx_int_t
  267. ngx_http_tunnel_reinit_request(ngx_http_request_t *r)
  268. {
  269.     return NGX_OK;
  270. }


  273. static ngx_int_t
  274. ngx_http_tunnel_process_header(ngx_http_request_t *r)
  275. {
  276.     ngx_http_upstream_t  *u;

  278.     u = r->upstream;

  280.     u->headers_in.status_n = NGX_HTTP_OK;
  281.     ngx_str_set(&u->headers_in.status_line, "200 OK");

  283.     ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
  284.                    "http tunnel status %ui \"%V\"",
  285.                    u->headers_in.status_n, &u->headers_in.status_line);

  287.     r->keepalive = 0;
  288.     u->keepalive = 0;
  289.     u->upgrade = 1;

  291.     return NGX_OK;
  292. }


  295. static void
  296. ngx_http_tunnel_abort_request(ngx_http_request_t *r)
  297. {
  298.     ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
  299.                    "abort http tunnel request");

  301.     return;
  302. }


  305. static void
  306. ngx_http_tunnel_finalize_request(ngx_http_request_t *r, ngx_int_t rc)
  307. {
  308.     ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
  309.                    "finalize http tunnel request");

  311.     return;
  312. }


  315. static void *
  316. ngx_http_tunnel_create_loc_conf(ngx_conf_t *cf)
  317. {
  318.     ngx_http_tunnel_loc_conf_t  *conf;

  320.     conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_tunnel_loc_conf_t));
  321.     if (conf == NULL) {
  322.         return NULL;
  323.     }

  325.     /*
  326.      * set by ngx_pcalloc():
  327.      *
  328.      *     conf->upstream.next_upstream = 0;
  329.      */

  331.     conf->upstream.next_upstream_tries = NGX_CONF_UNSET_UINT;

  333.     conf->upstream.local = NGX_CONF_UNSET_PTR;
  334.     conf->upstream.socket_keepalive = NGX_CONF_UNSET;

  336.     conf->upstream.connect_timeout = NGX_CONF_UNSET_MSEC;
  337.     conf->upstream.send_timeout = NGX_CONF_UNSET_MSEC;
  338.     conf->upstream.read_timeout = NGX_CONF_UNSET_MSEC;
  339.     conf->upstream.next_upstream_timeout = NGX_CONF_UNSET_MSEC;

  341.     conf->upstream.send_lowat = NGX_CONF_UNSET_SIZE;
  342.     conf->upstream.buffer_size = NGX_CONF_UNSET_SIZE;

  344.     conf->upstream.ignore_input = 1;

  346.     ngx_str_set(&conf->upstream.module, "tunnel");

  348.     return conf;
  349. }


  352. static char *
  353. ngx_http_tunnel_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
  354. {
  355.     ngx_http_tunnel_loc_conf_t *prev = parent;
  356.     ngx_http_tunnel_loc_conf_t *conf = child;

  358.     ngx_http_core_loc_conf_t  *clcf;

  360.     ngx_conf_merge_uint_value(conf->upstream.next_upstream_tries,
  361.                               prev->upstream.next_upstream_tries, 0);

  363.     ngx_conf_merge_ptr_value(conf->upstream.local,
  364.                               prev->upstream.local, NULL);

  366.     ngx_conf_merge_value(conf->upstream.socket_keepalive,
  367.                               prev->upstream.socket_keepalive, 0);

  369.     ngx_conf_merge_msec_value(conf->upstream.connect_timeout,
  370.                               prev->upstream.connect_timeout, 60000);

  372.     ngx_conf_merge_msec_value(conf->upstream.send_timeout,
  373.                               prev->upstream.send_timeout, 60000);

  375.     ngx_conf_merge_msec_value(conf->upstream.read_timeout,
  376.                               prev->upstream.read_timeout, 60000);

  378.     ngx_conf_merge_msec_value(conf->upstream.next_upstream_timeout,
  379.                               prev->upstream.next_upstream_timeout, 0);

  381.     ngx_conf_merge_size_value(conf->upstream.send_lowat,
  382.                               prev->upstream.send_lowat, 0);

  384.     ngx_conf_merge_size_value(conf->upstream.buffer_size,
  385.                               prev->upstream.buffer_size,
  386.                               (size_t) ngx_pagesize);

  388.     ngx_conf_merge_bitmask_value(conf->upstream.next_upstream,
  389.                               prev->upstream.next_upstream,
  390.                               (NGX_CONF_BITMASK_SET
  391.                                |NGX_HTTP_UPSTREAM_FT_ERROR
  392.                                |NGX_HTTP_UPSTREAM_FT_TIMEOUT));

  394.     if (conf->upstream.next_upstream & NGX_HTTP_UPSTREAM_FT_OFF) {
  395.         conf->upstream.next_upstream = NGX_CONF_BITMASK_SET
  396.                                        |NGX_HTTP_UPSTREAM_FT_OFF;
  397.     }

  399.     clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);

  401.     if (clcf->noname
  402.         && conf->upstream.upstream == NULL && conf->tunnel_lengths == NULL)
  403.     {
  404.         conf->upstream.upstream = prev->upstream.upstream;

  406.         conf->tunnel_lengths = prev->tunnel_lengths;
  407.         conf->tunnel_values = prev->tunnel_values;
  408.     }

  410.     if (clcf->lmt_excpt && clcf->handler == NULL
  411.         && (conf->upstream.upstream || conf->tunnel_lengths))
  412.     {
  413.         clcf->handler = ngx_http_tunnel_handler;
  414.     }


  417.     return NGX_CONF_OK;
  418. }


  421. static char *
  422. ngx_http_tunnel_pass(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
  423. {
  424.     ngx_http_tunnel_loc_conf_t *tlcf = conf;

  426.     ngx_url_t                   u;
  427.     ngx_str_t                  *value, url;
  428.     ngx_uint_t                  n;
  429.     ngx_http_core_srv_conf_t   *cscf;
  430.     ngx_http_core_loc_conf_t   *clcf;
  431.     ngx_http_script_compile_t   sc;

  433.     if (tlcf->upstream.upstream || tlcf->tunnel_lengths) {
  434.         return "is duplicate";
  435.     }

  437.     clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);

  439.     clcf->handler = ngx_http_tunnel_handler;

  441.     cscf = ngx_http_conf_get_module_srv_conf(cf, ngx_http_core_module);

  443.     cscf->allow_connect = 1;

  445.     value = cf->args->elts;

  447.     if (cf->args->nelts == 1) {
  448.         ngx_str_set(&url, "$host:$request_port");

  450.     } else {
  451.         url = value[1];
  452.     }

  454.     n = ngx_http_script_variables_count(&url);

  456.     if (n) {

  458.         ngx_memzero(&sc, sizeof(ngx_http_script_compile_t));

  460.         sc.cf = cf;
  461.         sc.source = &url;
  462.         sc.lengths = &tlcf->tunnel_lengths;
  463.         sc.values = &tlcf->tunnel_values;
  464.         sc.variables = n;
  465.         sc.complete_lengths = 1;
  466.         sc.complete_values = 1;

  468.         if (ngx_http_script_compile(&sc) != NGX_OK) {
  469.             return NGX_CONF_ERROR;
  470.         }

  472.         return NGX_CONF_OK;
  473.     }

  475.     ngx_memzero(&u, sizeof(ngx_url_t));

  477.     u.url = url;
  478.     u.no_resolve = 1;

  480.     tlcf->upstream.upstream = ngx_http_upstream_add(cf, &u, 0);
  481.     if (tlcf->upstream.upstream == NULL) {
  482.         return NGX_CONF_ERROR;
  483.     }

  485.     return NGX_CONF_OK;
  486. }


  489. static char *
  490. ngx_http_tunnel_lowat_check(ngx_conf_t *cf, void *post, void *data)
  491. {
  492. #if (NGX_FREEBSD)
  493.     ssize_t *np = data;

  495.     if ((u_long) *np >= ngx_freebsd_net_inet_tcp_sendspace) {
  496.         ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
  497.                            "\"tunnel_send_lowat\" must be less than %d "
  498.                            "(sysctl net.inet.tcp.sendspace)",
  499.                            ngx_freebsd_net_inet_tcp_sendspace);

  501.         return NGX_CONF_ERROR;
  502.     }

  504. #elif !(NGX_HAVE_SO_SNDLOWAT)
  505.     ssize_t *np = data;

  507.     ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
  508.                        "\"tunnel_send_lowat\" is not supported, ignored");

  510.     *np = 0;

  512. #endif

  514.     return NGX_CONF_OK;
  515. }

One Level Up Top Level