|
| 1 | + |
| 2 | +/* |
| 3 | + * Copyright (C) Chenglong Zhang (kone) |
| 4 | + */ |
| 5 | + |
| 6 | + |
| 7 | +#ifndef DDEBUG |
| 8 | +#define DDEBUG 0 |
| 9 | +#endif |
| 10 | +#include "ddebug.h" |
| 11 | + |
| 12 | +#include "ngx_http_lua_balancer_ssl_session_fetchby.h" |
| 13 | +#include "ngx_http_lua_cache.h" |
| 14 | +#include "ngx_http_lua_util.h" |
| 15 | +#include "ngx_http_lua_directive.h" |
| 16 | +#include "ngx_http_lua_balancer.h" |
| 17 | + |
| 18 | + |
| 19 | +#if (NGX_HTTP_SSL) |
| 20 | +static ngx_int_t ngx_http_lua_balancer_ssl_sess_fetch_by_chunk(lua_State *L, |
| 21 | + ngx_http_request_t *r); |
| 22 | + |
| 23 | + |
| 24 | +ngx_int_t |
| 25 | +ngx_http_lua_balancer_ssl_sess_fetch_handler_file(ngx_http_request_t *r, |
| 26 | + ngx_http_lua_srv_conf_t *lscf, lua_State *L) |
| 27 | +{ |
| 28 | + ngx_int_t rc; |
| 29 | + |
| 30 | + rc = ngx_http_lua_cache_loadfile(r->connection->log, L, |
| 31 | + lscf->balancer.ssl_sess_fetch_src.data, |
| 32 | + lscf->balancer.ssl_sess_fetch_src_key); |
| 33 | + if (rc != NGX_OK) { |
| 34 | + return rc; |
| 35 | + } |
| 36 | + |
| 37 | + /* make sure we have a valid code chunk */ |
| 38 | + ngx_http_lua_assert(lua_isfunction(L, -1)); |
| 39 | + |
| 40 | + return ngx_http_lua_balancer_ssl_sess_fetch_by_chunk(L, r); |
| 41 | +} |
| 42 | + |
| 43 | + |
| 44 | +ngx_int_t |
| 45 | +ngx_http_lua_balancer_ssl_sess_fetch_handler_inline(ngx_http_request_t *r, |
| 46 | + ngx_http_lua_srv_conf_t *lscf, lua_State *L) |
| 47 | +{ |
| 48 | + ngx_int_t rc; |
| 49 | + |
| 50 | + rc = ngx_http_lua_cache_loadbuffer(r->connection->log, L, |
| 51 | + lscf->balancer.ssl_sess_fetch_src.data, |
| 52 | + lscf->balancer.ssl_sess_fetch_src.len, |
| 53 | + lscf->balancer.ssl_sess_fetch_src_key, |
| 54 | + "=balancer_ssl_session_fetch_by_lua"); |
| 55 | + if (rc != NGX_OK) { |
| 56 | + return rc; |
| 57 | + } |
| 58 | + |
| 59 | + /* make sure we have a valid code chunk */ |
| 60 | + ngx_http_lua_assert(lua_isfunction(L, -1)); |
| 61 | + |
| 62 | + return ngx_http_lua_balancer_ssl_sess_fetch_by_chunk(L, r); |
| 63 | +} |
| 64 | + |
| 65 | + |
| 66 | +ngx_int_t |
| 67 | +ngx_http_lua_balancer_ssl_sess_fetch(ngx_peer_connection_t *pc, void *data) |
| 68 | +{ |
| 69 | + lua_State *L; |
| 70 | + ngx_int_t rc; |
| 71 | + ngx_http_request_t *r; |
| 72 | + ngx_http_lua_ctx_t *ctx; |
| 73 | + ngx_http_lua_srv_conf_t *lscf; |
| 74 | + ngx_http_lua_balancer_peer_data_t *bp = data; |
| 75 | + |
| 76 | + ngx_log_debug0(NGX_LOG_DEBUG_HTTP, pc->log, 0, |
| 77 | + "balancer ssl session fetch"); |
| 78 | + |
| 79 | + lscf = bp->conf; |
| 80 | + |
| 81 | + r = bp->request; |
| 82 | + |
| 83 | + ngx_http_lua_assert(lscf->balancer.ssl_sess_fetch_handler && r); |
| 84 | + |
| 85 | + ctx = ngx_http_get_module_ctx(r, ngx_http_lua_module); |
| 86 | + |
| 87 | + if (ctx == NULL) { |
| 88 | + ctx = ngx_http_lua_create_ctx(r); |
| 89 | + if (ctx == NULL) { |
| 90 | + return NGX_ERROR; |
| 91 | + } |
| 92 | + |
| 93 | + L = ngx_http_lua_get_lua_vm(r, ctx); |
| 94 | + |
| 95 | + } else { |
| 96 | + L = ngx_http_lua_get_lua_vm(r, ctx); |
| 97 | + |
| 98 | + dd("reset ctx"); |
| 99 | + ngx_http_lua_reset_ctx(r, L, ctx); |
| 100 | + } |
| 101 | + |
| 102 | + ctx->context = NGX_HTTP_LUA_CONTEXT_BALANCER_SSL_SESS_FETCH; |
| 103 | + |
| 104 | + rc = lscf->balancer.ssl_sess_fetch_handler(r, lscf, L); |
| 105 | + |
| 106 | + if (rc == NGX_ERROR) { |
| 107 | + return NGX_ERROR; |
| 108 | + } |
| 109 | + |
| 110 | + if (ctx->exited && ctx->exit_code != NGX_OK) { |
| 111 | + rc = ctx->exit_code; |
| 112 | + if (rc == NGX_ERROR |
| 113 | + || rc == NGX_BUSY |
| 114 | + || rc == NGX_DECLINED |
| 115 | +#ifdef HAVE_BALANCER_STATUS_CODE_PATCH |
| 116 | + || rc >= NGX_HTTP_SPECIAL_RESPONSE |
| 117 | +#endif |
| 118 | + ) { |
| 119 | + return rc; |
| 120 | + } |
| 121 | + |
| 122 | + if (rc > NGX_OK) { |
| 123 | + return NGX_ERROR; |
| 124 | + } |
| 125 | + } |
| 126 | + |
| 127 | + return NGX_OK; |
| 128 | +} |
| 129 | + |
| 130 | + |
| 131 | +char * |
| 132 | +ngx_http_lua_balancer_ssl_sess_fetch_by_lua_block(ngx_conf_t *cf, |
| 133 | + ngx_command_t *cmd, void *conf) |
| 134 | +{ |
| 135 | + char *rv; |
| 136 | + ngx_conf_t save; |
| 137 | + |
| 138 | + save = *cf; |
| 139 | + cf->handler = ngx_http_lua_balancer_ssl_sess_fetch_by_lua; |
| 140 | + cf->handler_conf = conf; |
| 141 | + |
| 142 | + rv = ngx_http_lua_conf_lua_block_parse(cf, cmd); |
| 143 | + |
| 144 | + *cf = save; |
| 145 | + |
| 146 | + return rv; |
| 147 | +} |
| 148 | + |
| 149 | + |
| 150 | +char * |
| 151 | +ngx_http_lua_balancer_ssl_sess_fetch_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, |
| 152 | + void *conf) |
| 153 | +{ |
| 154 | + u_char *p; |
| 155 | + u_char *name; |
| 156 | + ngx_str_t *value; |
| 157 | + ngx_http_lua_srv_conf_t *lscf = conf; |
| 158 | + |
| 159 | + dd("enter"); |
| 160 | + |
| 161 | + /* must specify a content handler */ |
| 162 | + if (cmd->post == NULL) { |
| 163 | + return NGX_CONF_ERROR; |
| 164 | + } |
| 165 | + |
| 166 | + if(lscf->balancer.ssl_sess_fetch_handler) { |
| 167 | + return "is duplicate"; |
| 168 | + } |
| 169 | + |
| 170 | + value = cf->args->elts; |
| 171 | + |
| 172 | + lscf->balancer.ssl_sess_fetch_handler = |
| 173 | + (ngx_http_lua_srv_conf_handler_pt) cmd->post; |
| 174 | + |
| 175 | + if (cmd->post == ngx_http_lua_balancer_ssl_sess_fetch_handler_file) { |
| 176 | + /* Lua code in an external file */ |
| 177 | + |
| 178 | + name = ngx_http_lua_rebase_path(cf->pool, value[1].data, |
| 179 | + value[1].len); |
| 180 | + if (name == NULL) { |
| 181 | + return NGX_CONF_ERROR; |
| 182 | + } |
| 183 | + |
| 184 | + lscf->balancer.ssl_sess_fetch_src.data = name; |
| 185 | + lscf->balancer.ssl_sess_fetch_src.len = ngx_strlen(name); |
| 186 | + |
| 187 | + p = ngx_palloc(cf->pool, NGX_HTTP_LUA_FILE_KEY_LEN + 1); |
| 188 | + if (p == NULL) { |
| 189 | + return NGX_CONF_ERROR; |
| 190 | + } |
| 191 | + |
| 192 | + lscf->balancer.ssl_sess_fetch_src_key = p; |
| 193 | + |
| 194 | + p = ngx_copy(p, NGX_HTTP_LUA_FILE_TAG, NGX_HTTP_LUA_FILE_TAG_LEN); |
| 195 | + p = ngx_http_lua_digest_hex(p, value[1].data, value[1].len); |
| 196 | + *p = '\0'; |
| 197 | + |
| 198 | + } else { |
| 199 | + /* inlined Lua code */ |
| 200 | + |
| 201 | + lscf->balancer.ssl_sess_fetch_src = value[1]; |
| 202 | + |
| 203 | + p = ngx_palloc(cf->pool, NGX_HTTP_LUA_INLINE_KEY_LEN + 1); |
| 204 | + if (p == NULL) { |
| 205 | + return NGX_CONF_ERROR; |
| 206 | + } |
| 207 | + |
| 208 | + lscf->balancer.ssl_sess_fetch_src_key = p; |
| 209 | + |
| 210 | + p = ngx_copy(p, NGX_HTTP_LUA_INLINE_TAG, NGX_HTTP_LUA_INLINE_TAG_LEN); |
| 211 | + p = ngx_http_lua_digest_hex(p, value[1].data, value[1].len); |
| 212 | + *p = '\0'; |
| 213 | + } |
| 214 | + |
| 215 | + return NGX_CONF_OK; |
| 216 | +} |
| 217 | + |
| 218 | + |
| 219 | +static ngx_int_t |
| 220 | +ngx_http_lua_balancer_ssl_sess_fetch_by_chunk(lua_State *L, |
| 221 | + ngx_http_request_t *r) |
| 222 | +{ |
| 223 | + u_char *err_msg; |
| 224 | + size_t len; |
| 225 | + ngx_int_t rc; |
| 226 | + |
| 227 | + /* init nginx context in Lua VM */ |
| 228 | + ngx_http_lua_set_req(L, r); |
| 229 | + ngx_http_lua_create_new_globals_table(L, 0 /* narr */, 1 /* nrec */); |
| 230 | + |
| 231 | + /* {{{ make new env inheriting main thread's globals table */ |
| 232 | + lua_createtable(L, 0, 1 /* nrec */); /* the metatable for the new env */ |
| 233 | + ngx_http_lua_get_globals_table(L); |
| 234 | + lua_setfield(L, -2, "__index"); |
| 235 | + lua_setmetatable(L, -2); /* setmetatable({}, {__index = _G}) */ |
| 236 | + /* }}} */ |
| 237 | + |
| 238 | + lua_setfenv(L, -2); /* set new running env for the code closure */ |
| 239 | + |
| 240 | + lua_pushcfunction(L, ngx_http_lua_traceback); |
| 241 | + lua_insert(L, 1); /* put it under chunk and args */ |
| 242 | + |
| 243 | + /* protected call user code */ |
| 244 | + rc = lua_pcall(L, 0, 1, 1); |
| 245 | + |
| 246 | + lua_remove(L, 1); /* remove traceback function */ |
| 247 | + |
| 248 | + dd("rc == %d", (int) rc); |
| 249 | + |
| 250 | + if (rc != 0) { |
| 251 | + /* error occurred when running loaded code */ |
| 252 | + err_msg = (u_char *) lua_tolstring(L, -1, &len); |
| 253 | + |
| 254 | + if (err_msg == NULL) { |
| 255 | + err_msg = (u_char *) "unknown reason"; |
| 256 | + len = sizeof("unknown reason") - 1; |
| 257 | + } |
| 258 | + |
| 259 | + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, |
| 260 | + "failed to run balancer_ssl_session_fetch_by_lua*: %*s", |
| 261 | + len, err_msg); |
| 262 | + |
| 263 | + lua_settop(L, 0); /* clear remaining elems on stack */ |
| 264 | + |
| 265 | + return NGX_ERROR; |
| 266 | + } |
| 267 | + |
| 268 | + lua_settop(L, 0); /* clear remaining elems on stack */ |
| 269 | + return rc; |
| 270 | +} |
| 271 | + |
| 272 | +#endif /* NGX_HTTP_SSL */ |
0 commit comments