lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

[mod_extforward] HAProxy PROXY env PP2_UNIQUE_ID 

propagate PP2_TYPE_UNIQUE_ID into request env as PP2_UNIQUE_ID
master
Glenn Strauss 3 months ago
parent
24d103c5c5
commit
77ea7d8a56
1 changed files with 30 additions and 21 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 51
      src/mod_extforward.c

51
src/mod_extforward.c
View File

@ -1300,6 +1300,7 @@ The following types have already been registered for the <type> field :
#define PP2_TYPE_AUTHORITY 0x02
#define PP2_TYPE_CRC32C 0x03
#define PP2_TYPE_NOOP 0x04
#define PP2_TYPE_UNIQUE_ID 0x05
#define PP2_TYPE_SSL 0x20
#define PP2_SUBTYPE_SSL_VERSION 0x21
#define PP2_SUBTYPE_SSL_CN 0x22
@ -1595,11 +1596,17 @@ static int mod_extforward_hap_PROXY_v2 (connection * const con,
/* (optional) Type-Length-Value (TLV vectors) follow addresses */
if (3 + len > sz) return 0;
handler_ctx * const hctx =
con->plugin_ctx[mod_extforward_plugin_data_singleton->id];
tlv = (struct pp2_tlv *)((char *)hdr + 16);
for (sz -= len, len -= 3; sz >= 3; sz -= 3 + len) {
tlv = (struct pp2_tlv *)((char *)tlv + 3 + len);
len = ((uint32_t)tlv->length_hi << 8) | tlv->length_lo;
if (3 + len > sz) break; /*(invalid TLV)*/
const char *k;
uint32_t klen;
switch (tlv->type) {
#if 0 /*(not implemented here)*/
case PP2_TYPE_ALPN:
@ -1607,9 +1614,8 @@ static int mod_extforward_hap_PROXY_v2 (connection * const con,
case PP2_TYPE_CRC32C:
#endif
case PP2_TYPE_SSL: {
if (len < 5) continue;
static const uint32_t zero = 0;
handler_ctx *hctx =
con->plugin_ctx[mod_extforward_plugin_data_singleton->id];
struct pp2_tlv_ssl *tlv_ssl =
(struct pp2_tlv_ssl *)(void *)((char *)tlv+3);
struct pp2_tlv *subtlv = tlv;
@ -1620,53 +1626,56 @@ static int mod_extforward_hap_PROXY_v2 (connection * const con,
&& 0 == memcmp(&tlv_ssl->verify, &zero, 4)) { /* misaligned */
hctx->ssl_client_verify = 1;
}
if (len < 5 + 3) continue;
if (NULL == hctx->env) hctx->env = array_init(8);
for (uint32_t subsz = len-5, n = 5; subsz >= 3; subsz -= 3 + n) {
subtlv = (struct pp2_tlv *)((char *)subtlv + 3 + n);
n = ((uint32_t)subtlv->length_hi << 8) | subtlv->length_lo;
if (3 + n > subsz) break; /*(invalid TLV)*/
if (NULL == hctx->env) hctx->env = array_init(8);
switch (subtlv->type) {
case PP2_SUBTYPE_SSL_VERSION:
array_set_key_value(hctx->env,
CONST_STR_LEN("SSL_PROTOCOL"),
(char *)subtlv+3, n);
k = "SSL_PROTOCOL";
klen = sizeof("SSL_PROTOCOL")-1;
break;
case PP2_SUBTYPE_SSL_CN:
/* (tlv_ssl->client & PP2_CLIENT_CERT_CONN)
* or
* (tlv_ssl->client & PP2_CLIENT_CERT_SESS) */
array_set_key_value(hctx->env,
CONST_STR_LEN("SSL_CLIENT_S_DN_CN"),
(char *)subtlv+3, n);
k = "SSL_CLIENT_S_DN_CN";
klen = sizeof("SSL_CLIENT_S_DN_CN")-1;
break;
case PP2_SUBTYPE_SSL_CIPHER:
array_set_key_value(hctx->env,
CONST_STR_LEN("SSL_CIPHER"),
(char *)subtlv+3, n);
k = "SSL_CIPHER";
klen = sizeof("SSL_CIPHER")-1;
break;
case PP2_SUBTYPE_SSL_SIG_ALG:
array_set_key_value(hctx->env,
CONST_STR_LEN("SSL_SERVER_A_SIG"),
(char *)subtlv+3, n);
k = "SSL_SERVER_A_SIG";
klen = sizeof("SSL_SERVER_A_SIG")-1;
break;
case PP2_SUBTYPE_SSL_KEY_ALG:
array_set_key_value(hctx->env,
CONST_STR_LEN("SSL_SERVER_A_KEY"),
(char *)subtlv+3, n);
k = "SSL_SERVER_A_KEY";
klen = sizeof("SSL_SERVER_A_KEY")-1;
break;
default:
break;
continue;
}
array_set_key_value(hctx->env, k, klen, (char *)subtlv+3, n);
}
break;
continue;
}
case PP2_TYPE_UNIQUE_ID:
k = "PP2_UNIQUE_ID";
klen = sizeof("PP2_UNIQUE_ID")-1;
break;
#if 0 /*(not implemented here)*/
case PP2_TYPE_NETNS:
#endif
/*case PP2_TYPE_NOOP:*//* no-op */
default:
break;
continue;
}
if (NULL == hctx->env) hctx->env = array_init(8);
array_set_key_value(hctx->env, k, klen, (char *)tlv+3, len);
}
return 0;

Write Preview
Loading…
Cancel
Save