nginx-0.0.7-2004-07-16-21:11:43 import
diff --git a/src/http/modules/ngx_http_ssl_filter.c b/src/http/modules/ngx_http_ssl_module.c
similarity index 85%
rename from src/http/modules/ngx_http_ssl_filter.c
rename to src/http/modules/ngx_http_ssl_module.c
index 1d370be..3a8b863 100644
--- a/src/http/modules/ngx_http_ssl_filter.c
+++ b/src/http/modules/ngx_http_ssl_module.c
@@ -11,10 +11,9 @@
static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf);
static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf,
void *parent, void *child);
-static ngx_int_t ngx_http_ssl_init_process(ngx_cycle_t *cycle);
-static ngx_command_t ngx_http_charset_filter_commands[] = {
+static ngx_command_t ngx_http_ssl_commands[] = {
{ ngx_string("ssl"),
NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
@@ -41,7 +40,7 @@
};
-static ngx_http_module_t ngx_http_ssl_filter_module_ctx = {
+static ngx_http_module_t ngx_http_ssl_module_ctx = {
NULL, /* pre conf */
NULL, /* create main configuration */
@@ -55,13 +54,13 @@
};
-ngx_module_t ngx_http_ssl_filter_module = {
+ngx_module_t ngx_http_ssl_module = {
NGX_MODULE,
- &ngx_http_ssl_filter_module_ctx, /* module context */
- ngx_http_charset_filter_commands, /* module directives */
+ &ngx_http_ssl_module_ctx, /* module context */
+ ngx_http_ssl_commands, /* module directives */
NGX_HTTP_MODULE, /* module type */
NULL, /* init module */
- ngx_http_ssl_init_process /* init process */
+ NULL /* init process */
};
@@ -102,13 +101,13 @@
conf->ssl_ctx = SSL_CTX_new(SSLv23_server_method());
if (conf->ssl_ctx == NULL) {
- ngx_ssl_error(NGX_LOG_EMERG, cf->log, "SSL_CTX_new() failed");
+ ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, "SSL_CTX_new() failed");
return NGX_CONF_ERROR;
}
if (SSL_CTX_use_certificate_file(conf->ssl_ctx, conf->certificate.data,
SSL_FILETYPE_PEM) == 0) {
- ngx_ssl_error(NGX_LOG_EMERG, cf->log,
+ ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0,
"SSL_CTX_use_certificate_file(\"%s\") failed",
conf->certificate.data);
return NGX_CONF_ERROR;
@@ -116,7 +115,7 @@
if (SSL_CTX_use_PrivateKey_file(conf->ssl_ctx, conf->certificate_key.data,
SSL_FILETYPE_PEM) == 0) {
- ngx_ssl_error(NGX_LOG_EMERG, cf->log,
+ ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0,
"SSL_CTX_use_PrivateKey_file(\"%s\") failed",
conf->certificate_key.data);
return NGX_CONF_ERROR;
@@ -126,6 +125,8 @@
}
+#if 0
+
static ngx_int_t ngx_http_ssl_init_process(ngx_cycle_t *cycle)
{
ngx_uint_t i;
@@ -138,7 +139,7 @@
cscfp = cmcf->servers.elts;
for (i = 0; i < cmcf->servers.nelts; i++) {
- sscf = cscfp[i]->ctx->srv_conf[ngx_http_ssl_filter_module.ctx_index];
+ sscf = cscfp[i]->ctx->srv_conf[ngx_http_ssl_module.ctx_index];
if (sscf->enable) {
cscfp[i]->recv = ngx_ssl_recv;
@@ -148,3 +149,5 @@
return NGX_OK;
}
+
+#endif
diff --git a/src/http/modules/ngx_http_ssl_filter.h b/src/http/modules/ngx_http_ssl_module.h
similarity index 75%
rename from src/http/modules/ngx_http_ssl_filter.h
rename to src/http/modules/ngx_http_ssl_module.h
index a42ee91..2bb1fe1 100644
--- a/src/http/modules/ngx_http_ssl_filter.h
+++ b/src/http/modules/ngx_http_ssl_module.h
@@ -1,5 +1,5 @@
-#ifndef _NGX_HTTP_SSL_FILTER_H_INCLUDED_
-#define _NGX_HTTP_SSL_FILTER_H_INCLUDED_
+#ifndef _NGX_HTTP_SSL_H_INCLUDED_
+#define _NGX_HTTP_SSL_H_INCLUDED_
#include <ngx_config.h>
@@ -24,7 +24,7 @@
void ngx_http_ssl_close_connection(SSL *ssl, ngx_log_t *log);
-extern ngx_module_t ngx_http_ssl_filter_module;
+extern ngx_module_t ngx_http_ssl_module;
-#endif /* _NGX_HTTP_SSL_FILTER_H_INCLUDED_ */
+#endif /* _NGX_HTTP_SSL_H_INCLUDED_ */
diff --git a/src/http/modules/proxy/ngx_http_proxy_handler.h b/src/http/modules/proxy/ngx_http_proxy_handler.h
index c89e971..fa86982 100644
--- a/src/http/modules/proxy/ngx_http_proxy_handler.h
+++ b/src/http/modules/proxy/ngx_http_proxy_handler.h
@@ -203,7 +203,7 @@
} ngx_http_proxy_log_ctx_t;
-#define NGX_HTTP_PROXY_PARSE_NO_HEADER 20
+#define NGX_HTTP_PROXY_PARSE_NO_HEADER 30
#define NGX_HTTP_PROXY_FT_ERROR 0x02
diff --git a/src/http/ngx_http.h b/src/http/ngx_http.h
index 44edd15..145082f 100644
--- a/src/http/ngx_http.h
+++ b/src/http/ngx_http.h
@@ -21,8 +21,8 @@
#include <ngx_http_log_handler.h>
#include <ngx_http_core_module.h>
-#if (NGX_OPENSSL)
-#include <ngx_http_ssl_filter.h>
+#if (NGX_HTTP_SSL)
+#include <ngx_http_ssl_module.h>
#endif
diff --git a/src/http/ngx_http_config.h b/src/http/ngx_http_config.h
index 647566a..d2fb8a9 100644
--- a/src/http/ngx_http_config.h
+++ b/src/http/ngx_http_config.h
@@ -45,8 +45,11 @@
#define ngx_http_conf_get_module_main_conf(cf, module) \
((ngx_http_conf_ctx_t *) cf->ctx)->main_conf[module.ctx_index]
-#define ngx_http_conf_get_module_srv_conf(cf, module) \
- ngx_http_conf_get_module_srv_conf_could_not_be_implemented()
+/*
+ * ngx_http_conf_get_module_srv_conf() and ngx_http_conf_get_module_loc_conf()
+ * could not be correctly implemented because at the merge phase cf->ctx
+ * points to http{}'s ctx
+ */
#define ngx_http_cycle_get_module_main_conf(cycle, module) \
((ngx_http_conf_ctx_t *) \
diff --git a/src/http/ngx_http_core_module.c b/src/http/ngx_http_core_module.c
index dc6e873..911a5aa 100644
--- a/src/http/ngx_http_core_module.c
+++ b/src/http/ngx_http_core_module.c
@@ -18,7 +18,6 @@
static char *ngx_http_core_merge_loc_conf(ngx_conf_t *cf,
void *parent, void *child);
-static ngx_int_t ngx_http_core_init_process(ngx_cycle_t *cycle);
static char *ngx_server_block(ngx_conf_t *cf, ngx_command_t *cmd, void *dummy);
static int ngx_cmp_locations(const void *first, const void *second);
static char *ngx_location_block(ngx_conf_t *cf, ngx_command_t *cmd,
@@ -304,7 +303,7 @@
ngx_http_core_commands, /* module directives */
NGX_HTTP_MODULE, /* module type */
NULL, /* init module */
- ngx_http_core_init_process /* init process */
+ NULL /* init process */
};
@@ -822,6 +821,8 @@
#endif
+#if 0
+
static ngx_int_t ngx_http_core_init_process(ngx_cycle_t *cycle)
{
ngx_uint_t i;
@@ -853,6 +854,8 @@
return NGX_OK;
}
+#endif
+
static char *ngx_server_block(ngx_conf_t *cf, ngx_command_t *cmd, void *dummy)
{
diff --git a/src/http/ngx_http_core_module.h b/src/http/ngx_http_core_module.h
index 98e020b..b71979b 100644
--- a/src/http/ngx_http_core_module.h
+++ b/src/http/ngx_http_core_module.h
@@ -47,9 +47,6 @@
typedef struct {
- ngx_recv_pt recv;
- ngx_send_chain_pt send_chain;
-
/*
* array of ngx_http_core_loc_conf_t, used in the translation handler
* and in the merge phase
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index 302b924..e1463ba 100644
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -6,6 +6,9 @@
static void ngx_http_init_request(ngx_event_t *ev);
+#if (NGX_HTTP_SSL)
+static void ngx_http_check_ssl_handshake(ngx_event_t *rev);
+#endif
static void ngx_http_process_request_line(ngx_event_t *rev);
static void ngx_http_process_request_headers(ngx_event_t *rev);
static ssize_t ngx_http_read_request_header(ngx_http_request_t *r);
@@ -40,6 +43,7 @@
"client %s sent HTTP/1.1 request without \"Host\" header, URL: %s",
"client %s sent invalid \"Content-Length\" header, URL: %s",
"client %s sent POST method without \"Content-Length\" header, URL: %s",
+ "client %s sent plain HTTP request to HTTPS port, URL: %s",
"client %s sent invalid \"Host\" header \"%s\", URL: %s"
};
@@ -232,16 +236,24 @@
r->srv_conf = cscf->ctx->srv_conf;
r->loc_conf = cscf->ctx->loc_conf;
+ rev->event_handler = ngx_http_process_request_line;
+
+ r->recv = ngx_recv;
+ r->send_chain = ngx_send_chain;
+
#if (NGX_HTTP_SSL)
- sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_filter_module);
+ sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module);
if (sscf->enable) {
- if (ngx_ssl_create_session(sscf->ssl_ctx, c) == NGX_ERROR) {
+ if (ngx_ssl_create_session(sscf->ssl_ctx, c, NGX_SSL_BUFFER)
+ == NGX_ERROR)
+ {
ngx_http_close_connection(c);
return;
}
r->filter_need_in_memory = 1;
+ rev->event_handler = ngx_http_check_ssl_handshake;
}
#endif
@@ -321,10 +333,58 @@
r->http_state = NGX_HTTP_READING_REQUEST_STATE;
+ rev->event_handler(rev);
+}
+
+
+#if (NGX_HTTP_SSL)
+
+static void ngx_http_check_ssl_handshake(ngx_event_t *rev)
+{
+ int n;
+ u_char buf[1];
+ ngx_connection_t *c;
+ ngx_http_request_t *r;
+
+ c = rev->data;
+ r = c->data;
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, rev->log, 0,
+ "http check ssl handshake");
+
+ if (rev->timedout) {
+ ngx_http_client_error(r, 0, NGX_HTTP_REQUEST_TIME_OUT);
+ return;
+ }
+
+ n = recv(c->fd, buf, 1, MSG_PEEK);
+
+ if (n == -1 && ngx_socket_errno == NGX_EAGAIN) {
+ return;
+ }
+
+ if (n == 1) {
+ if (buf[0] == 0x80 /* SSLv2 */ || buf[0] == 0x16 /* SSLv3/TLSv1 */) {
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, rev->log, 0,
+ "https ssl handshake: 0x%X", buf[0]);
+
+ r->recv = ngx_ssl_recv;
+ r->send_chain = ngx_ssl_send_chain;
+
+ } else {
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, rev->log, 0,
+ "plain http");
+
+ r->plain_http = 1;
+ }
+ }
+
rev->event_handler = ngx_http_process_request_line;
ngx_http_process_request_line(rev);
}
+#endif
+
static void ngx_http_process_request_line(ngx_event_t *rev)
{
@@ -832,13 +892,12 @@
return NGX_AGAIN;
}
- cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
-
- n = cscf->recv(r->connection, r->header_in->last,
- r->header_in->end - r->header_in->last);
+ n = r->recv(r->connection, r->header_in->last,
+ r->header_in->end - r->header_in->last);
if (n == NGX_AGAIN) {
if (!r->header_timeout_set) {
+ cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
ngx_add_timer(rev, cscf->client_header_timeout);
r->header_timeout_set = 1;
}
@@ -939,6 +998,10 @@
return NGX_HTTP_PARSE_POST_WO_CL_HEADER;
}
+ if (r->plain_http) {
+ return NGX_HTTP_PARSE_HTTP_TO_HTTPS;
+ }
+
if (r->headers_in.connection) {
if (r->headers_in.connection->value.len == 5
&& ngx_strcasecmp(r->headers_in.connection->value.data, "close")
@@ -1873,7 +1936,9 @@
r->connection->log->handler = NULL;
if (ctx->url) {
- if (client_error == NGX_HTTP_PARSE_INVALID_HOST) {
+ switch (client_error) {
+
+ case NGX_HTTP_PARSE_INVALID_HOST:
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
client_header_errors[client_error - NGX_HTTP_CLIENT_ERROR],
ctx->client, r->headers_in.host->value.data, ctx->url);
@@ -1888,7 +1953,14 @@
return;
}
- } else {
+ break;
+
+ case NGX_HTTP_PARSE_HTTP_TO_HTTPS:
+ error = NGX_HTTP_TO_HTTPS;
+
+ /* fall through */
+
+ default:
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
client_header_errors[client_error - NGX_HTTP_CLIENT_ERROR],
ctx->client, ctx->url);
diff --git a/src/http/ngx_http_request.h b/src/http/ngx_http_request.h
index 7abd57f..a80e0a5 100644
--- a/src/http/ngx_http_request.h
+++ b/src/http/ngx_http_request.h
@@ -31,7 +31,8 @@
#define NGX_HTTP_PARSE_NO_HOST_HEADER 16
#define NGX_HTTP_PARSE_INVALID_CL_HEADER 17
#define NGX_HTTP_PARSE_POST_WO_CL_HEADER 18
-#define NGX_HTTP_PARSE_INVALID_HOST 19
+#define NGX_HTTP_PARSE_HTTP_TO_HTTPS 19
+#define NGX_HTTP_PARSE_INVALID_HOST 20
#define NGX_HTTP_OK 200
@@ -217,6 +218,9 @@
ngx_connection_t *connection;
+ ngx_recv_pt recv;
+ ngx_send_chain_pt send_chain;
+
void **ctx;
void **main_conf;
void **srv_conf;
@@ -292,6 +296,7 @@
/* can we use sendfile ? */
unsigned sendfile:1;
+ unsigned plain_http:1;
unsigned chunked:1;
unsigned header_only:1;
unsigned keepalive:1;
diff --git a/src/http/ngx_http_write_filter.c b/src/http/ngx_http_write_filter.c
index 5d45f37..8b1447a 100644
--- a/src/http/ngx_http_write_filter.c
+++ b/src/http/ngx_http_write_filter.c
@@ -7,6 +7,9 @@
typedef struct {
ngx_chain_t *out;
+
+ /* unsigned flush:1; */
+ ngx_uint_t flush;
} ngx_http_write_filter_ctx_t;
@@ -42,7 +45,6 @@
int last;
off_t size, flush, sent;
ngx_chain_t *cl, *ln, **ll, *chain;
- ngx_http_core_srv_conf_t *cscf;
ngx_http_core_loc_conf_t *clcf;
ngx_http_write_filter_ctx_t *ctx;
@@ -114,7 +116,7 @@
return NGX_AGAIN;
}
- if (size == 0) {
+ if (size == 0 && !ctx->flush) {
if (!last) {
ngx_log_error(NGX_LOG_ALERT, r->connection->log, 0,
"the http output chain is empty");
@@ -124,11 +126,8 @@
sent = r->connection->sent;
- cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
-
- chain = cscf->send_chain(r->connection, ctx->out,
- clcf->limit_rate ? clcf->limit_rate:
- OFF_T_MAX_VALUE);
+ chain = r->send_chain(r->connection, ctx->out,
+ clcf->limit_rate ? clcf->limit_rate: OFF_T_MAX_VALUE);
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http write filter %X", chain);
@@ -144,6 +143,12 @@
return NGX_ERROR;
}
+ if (chain == NGX_CHAIN_AGAIN) {
+ ctx->out = NULL;
+ ctx->flush = 1;
+ return NGX_AGAIN;
+ }
+
ctx->out = chain;
if (chain == NULL) {
