mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-07-20 19:27:29 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

changes made in upstream

Browse Source
This commit is contained in:
Kanaga Vasantharaj (WIPRO LIMITED) 2025-07-03 15:42:03 +05:30
parent 4c3d90f078
commit afe5753fa5
2 changed files with 74 additions and 85 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
src/http/modules/ngx_http_ssl_module.c
View File

@ -40,17 +40,6 @@ static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf);
static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf,
void *parent, void *child); void *parent, void *child);
u_char *ngx_ssl_get_backend_protocol(ngx_connection_t *c);
u_char *ngx_ssl_get_backend_cipher(ngx_connection_t *c);
static ngx_int_t ngx_http_variable_backend_ssl_cipher(ngx_http_request_t *r,
ngx_http_variable_value_t *v,
uintptr_t data);
static ngx_int_t ngx_http_variable_backend_ssl_protocol(ngx_http_request_t *r,
ngx_http_variable_value_t *v,
uintptr_t data);
static ngx_int_t ngx_http_ssl_compile_certificates(ngx_conf_t *cf, static ngx_int_t ngx_http_ssl_compile_certificates(ngx_conf_t *cf,
ngx_http_ssl_srv_conf_t *conf); ngx_http_ssl_srv_conf_t *conf);
@ -344,61 +333,6 @@ ngx_module_t ngx_http_ssl_module = {
NGX_MODULE_V1_PADDING NGX_MODULE_V1_PADDING
}; };
static ngx_int_t
ngx_http_variable_backend_ssl_cipher(ngx_http_request_t *r,
ngx_http_variable_value_t *v,
uintptr_t data)
{
ngx_http_upstream_state_t *state;
if (r == NULL || r->upstream_states == NULL) {
v->not_found = 1;
return NGX_OK;
}
state = r->upstream_states->elts;
if (state[0].backend_ssl_cipher.data) {
v->len = state[0].backend_ssl_cipher.len;
v->valid = 1;
v->no_cacheable = 0;
v->not_found = 0;
v->data = state[0].backend_ssl_cipher.data;
} else {
v->not_found = 1;
}
return NGX_OK;
}
static ngx_int_t
ngx_http_variable_backend_ssl_protocol(ngx_http_request_t *r,
ngx_http_variable_value_t *v,
uintptr_t data)
{
ngx_http_upstream_state_t *state;
if (r == NULL || r->upstream_states == NULL || r->upstream_states->nelts == 0) {
v->not_found = 1;
return NGX_OK;
}
state = r->upstream_states->elts;
if (state[0].backend_ssl_protocol.data) {
v->data = state[0].backend_ssl_protocol.data;
v->len = state[0].backend_ssl_protocol.len;
v->valid = 1;
v->no_cacheable = 0;
v->not_found = 0;
} else {
v->not_found = 1;
}
return NGX_OK;
}
static ngx_http_variable_t ngx_http_ssl_vars[] = { static ngx_http_variable_t ngx_http_ssl_vars[] = {
{ ngx_string("ssl_protocol"), NULL, ngx_http_ssl_static_variable, { ngx_string("ssl_protocol"), NULL, ngx_http_ssl_static_variable,
@ -406,12 +340,6 @@ static ngx_http_variable_t ngx_http_ssl_vars[] = {
{ ngx_string("ssl_cipher"), NULL, ngx_http_ssl_static_variable, { ngx_string("ssl_cipher"), NULL, ngx_http_ssl_static_variable,
(uintptr_t) ngx_ssl_get_cipher_name, NGX_HTTP_VAR_CHANGEABLE, 0 }, (uintptr_t) ngx_ssl_get_cipher_name, NGX_HTTP_VAR_CHANGEABLE, 0 },
{ ngx_string("backend_ssl_protocol"), NULL,
ngx_http_variable_backend_ssl_protocol, 0, NGX_HTTP_VAR_NOCACHEABLE, 0 },
{ ngx_string("backend_ssl_cipher"), NULL,
ngx_http_variable_backend_ssl_cipher, 0, NGX_HTTP_VAR_NOCACHEABLE, 0 },
{ ngx_string("ssl_ciphers"), NULL, ngx_http_ssl_variable, { ngx_string("ssl_ciphers"), NULL, ngx_http_ssl_variable,
(uintptr_t) ngx_ssl_get_ciphers, NGX_HTTP_VAR_CHANGEABLE, 0 }, (uintptr_t) ngx_ssl_get_ciphers, NGX_HTTP_VAR_CHANGEABLE, 0 },

87
src/http/ngx_http_upstream.c
View File

@ -169,6 +169,10 @@ static ngx_int_t ngx_http_upstream_trailer_variable(ngx_http_request_t *r,
static ngx_int_t ngx_http_upstream_cookie_variable(ngx_http_request_t *r, static ngx_int_t ngx_http_upstream_cookie_variable(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data); ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_upstream_backend_ssl_cipher(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_upstream_backend_ssl_protocol(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static char *ngx_http_upstream(ngx_conf_t *cf, ngx_command_t *cmd, void *dummy); static char *ngx_http_upstream(ngx_conf_t *cf, ngx_command_t *cmd, void *dummy);
static char *ngx_http_upstream_server(ngx_conf_t *cf, ngx_command_t *cmd, static char *ngx_http_upstream_server(ngx_conf_t *cf, ngx_command_t *cmd,
void *conf); void *conf);
@ -408,6 +412,14 @@ static ngx_http_variable_t ngx_http_upstream_vars[] = {
{ ngx_string("upstream_status"), NULL, { ngx_string("upstream_status"), NULL,
ngx_http_upstream_status_variable, 0, ngx_http_upstream_status_variable, 0,
NGX_HTTP_VAR_NOCACHEABLE, 0 }, NGX_HTTP_VAR_NOCACHEABLE, 0 },
{ ngx_string("backend_ssl_protocol"), NULL,
ngx_http_upstream_backend_ssl_protocol, 0,
NGX_HTTP_VAR_NOCACHEABLE, 0 },
{ ngx_string("backend_ssl_cipher"), NULL,
ngx_http_upstream_backend_ssl_cipher, 0,
NGX_HTTP_VAR_NOCACHEABLE, 0 },
{ ngx_string("upstream_connect_time"), NULL, { ngx_string("upstream_connect_time"), NULL,
ngx_http_upstream_response_time_variable, 2, ngx_http_upstream_response_time_variable, 2,
@ -1824,22 +1836,20 @@ ngx_http_upstream_ssl_handshake_handler(ngx_connection_t *c)
if (r->upstream_states && r->upstream_states->nelts > 0) { if (r->upstream_states && r->upstream_states->nelts > 0) {
ngx_http_upstream_state_t *state = r->upstream_states->elts; ngx_http_upstream_state_t *state = r->upstream_states->elts;
state[0].backend_ssl_protocol.len = ngx_strlen(proto); state->backend_ssl_protocol.len = ngx_strlen(proto);
state[0].backend_ssl_protocol.data = ngx_pnalloc(r->pool, state[0].backend_ssl_protocol.len); state->backend_ssl_protocol.data = ngx_pnalloc(r->pool, state->backend_ssl_protocol.len);
if (state[0].backend_ssl_protocol.data) { if (state->backend_ssl_protocol.data) {
ngx_memcpy(state[0].backend_ssl_protocol.data, proto, state[0].backend_ssl_protocol.len); ngx_memcpy(state->backend_ssl_protocol.data, proto, state->backend_ssl_protocol.len);
} }
state[0].backend_ssl_cipher.len = ngx_strlen(cipher); state->backend_ssl_cipher.len = ngx_strlen(cipher);
state[0].backend_ssl_cipher.data = ngx_pnalloc(r->pool, state[0].backend_ssl_cipher.len); state->backend_ssl_cipher.data = ngx_pnalloc(r->pool, state->backend_ssl_cipher.len);
if (state[0].backend_ssl_cipher.data) { if (state->backend_ssl_cipher.data) {
ngx_memcpy(state[0].backend_ssl_cipher.data, cipher, state[0].backend_ssl_cipher.len); ngx_memcpy(state->backend_ssl_cipher.data, cipher, state->backend_ssl_cipher.len);
} }
} }
} ngx_http_upstream_ssl_handshake(r, u, c);
}
ngx_http_upstream_ssl_handshake(r, u, c);
ngx_http_run_posted_requests(c); ngx_http_run_posted_requests(c);
} }
@ -1893,6 +1903,57 @@ failed:
ngx_http_upstream_next(r, u, NGX_HTTP_UPSTREAM_FT_ERROR); ngx_http_upstream_next(r, u, NGX_HTTP_UPSTREAM_FT_ERROR);
} }
static ngx_int_t
ngx_http_upstream_backend_ssl_cipher(ngx_http_request_t *r,
ngx_http_variable_value_t *v,
uintptr_t data)
{
if (r == NULL || r->upstream_states == NULL || r->upstream_states->nelts == 0) {
v->not_found = 1;
return NGX_OK;
}
ngx_http_upstream_state_t *state = r->upstream_states->elts;
if (state->backend_ssl_cipher.data == NULL) {
v->not_found = 1;
return NGX_OK;
}
v->data = state->backend_ssl_cipher.data;
v->len = state->backend_ssl_cipher.len;
v->valid = 1;
v->no_cacheable = 0;
v->not_found = 0;
return NGX_OK;
}
static ngx_int_t
ngx_http_upstream_backend_ssl_protocol(ngx_http_request_t *r,
ngx_http_variable_value_t *v,
uintptr_t data)
{
if (r == NULL || r->upstream_states == NULL || r->upstream_states->nelts == 0) {
v->not_found = 1;
return NGX_OK;
}
ngx_http_upstream_state_t *state = r->upstream_states->elts;
if (state->backend_ssl_protocol.data == NULL) {
v->not_found = 1;
return NGX_OK;
}
v->data = state->backend_ssl_protocol.data;
v->len = state->backend_ssl_protocol.len;
v->valid = 1;
v->no_cacheable = 0;
v->not_found = 0;
return NGX_OK;
}
static void static void
ngx_http_upstream_ssl_save_session(ngx_connection_t *c) ngx_http_upstream_ssl_save_session(ngx_connection_t *c)