rdelaage
/
gmid
mirror of https://github.com/omar-polo/gmid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

simplify the proxying code 

it doesn't make any sense to keep the proxying info per-location:
proxying only one per-vhost.  It can't work differently, it doesn't make
sense anyway.
This commit is contained in:
Omar Polo 2022-01-01 17:08:39 +00:00
parent bd5f79542c
commit 7bdcc91ec7
5 changed files with 74 additions and 92 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
gmid.c
View File

@ -302,11 +302,6 @@ free_config(void)
free((char*)l->block_fmt);
free((char*)l->dir);
free(l->proxy_host);
tls_unload_file(l->proxy_cert, l->proxy_cert_len);
tls_unload_file(l->proxy_key, l->proxy_key_len);
if (l->dirfd != -1)
close(l->dirfd);
@ -343,6 +338,10 @@ free_config(void)
free((char*)h->cgi);
free((char*)h->entrypoint);
free(h->proxy.host);
tls_unload_file(h->proxy.cert, h->proxy.certlen);
tls_unload_file(h->proxy.key, h->proxy.keylen);
TAILQ_REMOVE(&hosts, h, vhosts);
free(h);
}

19
gmid.h
View File

@ -97,6 +97,15 @@ struct fcgi {
};
extern struct fcgi fcgi[FCGI_MAX];
struct proxy {
char *host;
const char *port;
uint8_t *cert;
size_t certlen;
uint8_t *key;
size_t keylen;
};
TAILQ_HEAD(lochead, location);
struct location {
const char *match;
@ -111,13 +120,6 @@ struct location {
int disable_log;
int fcgi;
char *proxy_host;
const char *proxy_port;
uint8_t *proxy_cert;
size_t proxy_cert_len;
uint8_t *proxy_key;
size_t proxy_key_len;
const char *dir;
int dirfd;
@ -158,6 +160,7 @@ struct vhost {
struct envhead env;
struct envhead params;
struct aliashead aliases;
struct proxy proxy;
};
struct etm { /* extension to mime */
@ -242,7 +245,6 @@ struct client {
struct sockaddr_storage addr;
struct vhost *host; /* host they're talking to */
size_t loc; /* location matched */
struct location *l;
SPLAY_ENTRY(client) entry;
};
@ -347,7 +349,6 @@ const char *vhost_default_mime(struct vhost*, const char*);
const char *vhost_index(struct vhost*, const char*);
int vhost_auto_index(struct vhost*, const char*);
int vhost_block_return(struct vhost*, const char*, int*, const char**);
struct location *vhost_reverse_proxy(struct vhost *, const char *);
int vhost_fastcgi(struct vhost*, const char*);
int vhost_dirfd(struct vhost*, const char*, size_t*);
int vhost_strip(struct vhost*, const char*);

91
parse.y
View File

@ -278,9 +278,57 @@ servopt : ALIAS string {
| PARAM string '=' string {
add_param($2, $4, 0);
}
| proxy
| locopt
;
proxy : PROXY proxy_opt
| PROXY '{' optnl proxy_opts '}'
;
proxy_opts : /* empty */
| proxy_opts proxy_opt optnl
;
proxy_opt : CERT string {
struct proxy *p = &host->proxy;
only_once(p->cert, "proxy cert");
ensure_absolute_path($2);
p->cert = tls_load_file($2, &p->certlen, NULL);
if (p->cert == NULL)
yyerror("can't load cert %s", $2);
}
| KEY string {
struct proxy *p = &host->proxy;
only_once(p->key, "proxy key");
ensure_absolute_path($2);
p->key = tls_load_file($2, &p->keylen, NULL);
if (p->key == NULL)
yyerror("can't load key %s", $2);
}
| RELAY_TO string {
char *at;
const char *errstr;
struct proxy *p = &host->proxy;
only_once(p->host, "proxy relay-to");
p->host = $2;
if ((at = strchr($2, ':')) != NULL) {
*at++ = '\0';
p->port = at;
} else
p->port = "1965";
strtonum(p->port, 1, UINT16_MAX, &errstr);
if (errstr != NULL)
yyerror("proxy port is %s: %s", errstr,
p->port);
}
;
locations : /* empty */
| locations location optnl
;
@ -330,7 +378,6 @@ locopt : AUTO INDEX bool { loc->auto_index = $3 ? 1 : -1; }
loc->lang = $2;
}
| LOG bool { loc->disable_log = !$2; }
| proxy
| REQUIRE CLIENT CA string {
only_once(loc->reqca, "require client ca");
ensure_absolute_path($4);
@ -345,48 +392,6 @@ locopt : AUTO INDEX bool { loc->auto_index = $3 ? 1 : -1; }
| STRIP NUM { loc->strip = check_strip_no($2); }
;
proxy : PROXY proxy_opt
| PROXY '{' optnl proxy_opts '}'
;
proxy_opts : /* empty */
| proxy_opts proxy_opt optnl
;
proxy_opt : CERT string {
only_once(loc->proxy_cert, "proxy cert");
ensure_absolute_path($2);
loc->proxy_cert = tls_load_file($2, &loc->proxy_cert_len, NULL);
if (loc->proxy_cert == NULL)
yyerror("can't load cert %s", $2);
}
| KEY string {
only_once(loc->proxy_key, "proxy key");
ensure_absolute_path($2);
loc->proxy_key = tls_load_file($2, &loc->proxy_key_len, NULL);
if (loc->proxy_key == NULL)
yyerror("can't load key %s", $2);
}
| RELAY_TO string {
char *at;
const char *errstr;
only_once(loc->proxy_host, "proxy relay-to");
loc->proxy_host = $2;
if ((at = strchr($2, ':')) != NULL) {
*at++ = '\0';
loc->proxy_port = at;
} else
loc->proxy_port = "1965";
strtonum(loc->proxy_port, 1, UINT16_MAX, &errstr);
if (errstr != NULL)
yyerror("proxy port is %s: %s", errstr,
loc->proxy_port);
}
;
fastcgi : SPAWN string {
only_oncei(loc->fcgi, "fastcgi");
loc->fcgi = fastcgi_conf(NULL, NULL, $2);

9
proxy.c
View File

@ -284,6 +284,7 @@ proxy_handshake(int fd, short event, void *d)
int
proxy_init(struct client *c)
{
struct proxy *p = &c->host->proxy;
struct tls_config *conf = NULL;
c->type = REQUEST_PROXY;
@ -294,16 +295,14 @@ proxy_init(struct client *c)
/* TODO: tls_config_set_protocols here */
tls_config_insecure_noverifycert(conf);
if (c->l->proxy_cert != NULL) {
if (p->cert != NULL) {
int r;
r = tls_config_set_cert_mem(conf, c->l->proxy_cert,
c->l->proxy_cert_len);
r = tls_config_set_cert_mem(conf, p->cert, p->certlen);
if (r == -1)
goto err;
r = tls_config_set_key_mem(conf, c->l->proxy_key,
c->l->proxy_key_len);
r = tls_config_set_key_mem(conf, p->key, p->keylen);
if (r == -1)
goto err;
}

38
server.c
View File

@ -207,27 +207,6 @@ vhost_block_return(struct vhost *v, const char *path, int *code, const char **fm
return loc->block_code != 0;
}
struct location *
vhost_reverse_proxy(struct vhost *v, const char *path)
{
struct location *loc;
if (v == NULL || path == NULL)
return NULL;
loc = TAILQ_FIRST(&v->locations);
while ((loc = TAILQ_NEXT(loc, locations)) != NULL) {
if (loc->proxy_host != NULL)
if (matches(loc->match, path))
return loc;
}
loc = TAILQ_FIRST(&v->locations);
if (loc->proxy_host != NULL)
return loc;
return NULL;
}
int
vhost_fastcgi(struct vhost *v, const char *path)
{
@ -630,21 +609,20 @@ apply_block_return(struct client *c)
static int
apply_reverse_proxy(struct client *c)
{
struct location *loc;
struct connreq r;
struct proxy *p;
struct connreq r;
if ((loc = vhost_reverse_proxy(c->host, c->iri.path)) == NULL)
p = &c->host->proxy;
if (p->host == NULL)
return 0;
c->l = loc;
log_debug(c, "opening proxy connection for %s:%s",
loc->proxy_host, loc->proxy_port);
p->host, p->port);
strlcpy(r.host, loc->proxy_host, sizeof(r.host));
strlcpy(r.port, loc->proxy_port, sizeof(r.port));
strlcpy(r.host, p->host, sizeof(r.host));
strlcpy(r.port, p->port, sizeof(r.port));
strlcpy(c->domain, loc->proxy_host, sizeof(c->domain));
strlcpy(c->domain, p->host, sizeof(c->domain));
imsg_compose(&exibuf, IMSG_CONN_REQ, c->id, 0, -1, &r, sizeof(r));
imsg_flush(&exibuf);