[mod_extforward] HAProxy PROXY env PP2_UNIQUE_ID
propagate PP2_TYPE_UNIQUE_ID into request env as PP2_UNIQUE_IDpersonal/stbuehler/tests-path
parent
24d103c5c5
commit
77ea7d8a56
|
@ -1300,6 +1300,7 @@ The following types have already been registered for the <type> field :
|
|||
#define PP2_TYPE_AUTHORITY 0x02
|
||||
#define PP2_TYPE_CRC32C 0x03
|
||||
#define PP2_TYPE_NOOP 0x04
|
||||
#define PP2_TYPE_UNIQUE_ID 0x05
|
||||
#define PP2_TYPE_SSL 0x20
|
||||
#define PP2_SUBTYPE_SSL_VERSION 0x21
|
||||
#define PP2_SUBTYPE_SSL_CN 0x22
|
||||
|
@ -1595,11 +1596,17 @@ static int mod_extforward_hap_PROXY_v2 (connection * const con,
|
|||
|
||||
/* (optional) Type-Length-Value (TLV vectors) follow addresses */
|
||||
|
||||
if (3 + len > sz) return 0;
|
||||
|
||||
handler_ctx * const hctx =
|
||||
con->plugin_ctx[mod_extforward_plugin_data_singleton->id];
|
||||
tlv = (struct pp2_tlv *)((char *)hdr + 16);
|
||||
for (sz -= len, len -= 3; sz >= 3; sz -= 3 + len) {
|
||||
tlv = (struct pp2_tlv *)((char *)tlv + 3 + len);
|
||||
len = ((uint32_t)tlv->length_hi << 8) | tlv->length_lo;
|
||||
if (3 + len > sz) break; /*(invalid TLV)*/
|
||||
const char *k;
|
||||
uint32_t klen;
|
||||
switch (tlv->type) {
|
||||
#if 0 /*(not implemented here)*/
|
||||
case PP2_TYPE_ALPN:
|
||||
|
@ -1607,9 +1614,8 @@ static int mod_extforward_hap_PROXY_v2 (connection * const con,
|
|||
case PP2_TYPE_CRC32C:
|
||||
#endif
|
||||
case PP2_TYPE_SSL: {
|
||||
if (len < 5) continue;
|
||||
static const uint32_t zero = 0;
|
||||
handler_ctx *hctx =
|
||||
con->plugin_ctx[mod_extforward_plugin_data_singleton->id];
|
||||
struct pp2_tlv_ssl *tlv_ssl =
|
||||
(struct pp2_tlv_ssl *)(void *)((char *)tlv+3);
|
||||
struct pp2_tlv *subtlv = tlv;
|
||||
|
@ -1620,53 +1626,56 @@ static int mod_extforward_hap_PROXY_v2 (connection * const con,
|
|||
&& 0 == memcmp(&tlv_ssl->verify, &zero, 4)) { /* misaligned */
|
||||
hctx->ssl_client_verify = 1;
|
||||
}
|
||||
if (len < 5 + 3) continue;
|
||||
if (NULL == hctx->env) hctx->env = array_init(8);
|
||||
for (uint32_t subsz = len-5, n = 5; subsz >= 3; subsz -= 3 + n) {
|
||||
subtlv = (struct pp2_tlv *)((char *)subtlv + 3 + n);
|
||||
n = ((uint32_t)subtlv->length_hi << 8) | subtlv->length_lo;
|
||||
if (3 + n > subsz) break; /*(invalid TLV)*/
|
||||
if (NULL == hctx->env) hctx->env = array_init(8);
|
||||
switch (subtlv->type) {
|
||||
case PP2_SUBTYPE_SSL_VERSION:
|
||||
array_set_key_value(hctx->env,
|
||||
CONST_STR_LEN("SSL_PROTOCOL"),
|
||||
(char *)subtlv+3, n);
|
||||
k = "SSL_PROTOCOL";
|
||||
klen = sizeof("SSL_PROTOCOL")-1;
|
||||
break;
|
||||
case PP2_SUBTYPE_SSL_CN:
|
||||
/* (tlv_ssl->client & PP2_CLIENT_CERT_CONN)
|
||||
* or
|
||||
* (tlv_ssl->client & PP2_CLIENT_CERT_SESS) */
|
||||
array_set_key_value(hctx->env,
|
||||
CONST_STR_LEN("SSL_CLIENT_S_DN_CN"),
|
||||
(char *)subtlv+3, n);
|
||||
k = "SSL_CLIENT_S_DN_CN";
|
||||
klen = sizeof("SSL_CLIENT_S_DN_CN")-1;
|
||||
break;
|
||||
case PP2_SUBTYPE_SSL_CIPHER:
|
||||
array_set_key_value(hctx->env,
|
||||
CONST_STR_LEN("SSL_CIPHER"),
|
||||
(char *)subtlv+3, n);
|
||||
k = "SSL_CIPHER";
|
||||
klen = sizeof("SSL_CIPHER")-1;
|
||||
break;
|
||||
case PP2_SUBTYPE_SSL_SIG_ALG:
|
||||
array_set_key_value(hctx->env,
|
||||
CONST_STR_LEN("SSL_SERVER_A_SIG"),
|
||||
(char *)subtlv+3, n);
|
||||
k = "SSL_SERVER_A_SIG";
|
||||
klen = sizeof("SSL_SERVER_A_SIG")-1;
|
||||
break;
|
||||
case PP2_SUBTYPE_SSL_KEY_ALG:
|
||||
array_set_key_value(hctx->env,
|
||||
CONST_STR_LEN("SSL_SERVER_A_KEY"),
|
||||
(char *)subtlv+3, n);
|
||||
k = "SSL_SERVER_A_KEY";
|
||||
klen = sizeof("SSL_SERVER_A_KEY")-1;
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
continue;
|
||||
}
|
||||
array_set_key_value(hctx->env, k, klen, (char *)subtlv+3, n);
|
||||
}
|
||||
break;
|
||||
continue;
|
||||
}
|
||||
case PP2_TYPE_UNIQUE_ID:
|
||||
k = "PP2_UNIQUE_ID";
|
||||
klen = sizeof("PP2_UNIQUE_ID")-1;
|
||||
break;
|
||||
#if 0 /*(not implemented here)*/
|
||||
case PP2_TYPE_NETNS:
|
||||
#endif
|
||||
/*case PP2_TYPE_NOOP:*//* no-op */
|
||||
default:
|
||||
break;
|
||||
continue;
|
||||
}
|
||||
if (NULL == hctx->env) hctx->env = array_init(8);
|
||||
array_set_key_value(hctx->env, k, klen, (char *)tlv+3, len);
|
||||
}
|
||||
|
||||
return 0;
|
||||
|
|
Loading…
Reference in New Issue