mirror of https://github.com/omar-polo/gmid.git
simplify the proxying code
it doesn't make any sense to keep the proxying info per-location: proxying only one per-vhost. It can't work differently, it doesn't make sense anyway.
This commit is contained in:
parent
bd5f79542c
commit
7bdcc91ec7
9
gmid.c
9
gmid.c
|
@ -302,11 +302,6 @@ free_config(void)
|
|||
free((char*)l->block_fmt);
|
||||
free((char*)l->dir);
|
||||
|
||||
free(l->proxy_host);
|
||||
|
||||
tls_unload_file(l->proxy_cert, l->proxy_cert_len);
|
||||
tls_unload_file(l->proxy_key, l->proxy_key_len);
|
||||
|
||||
if (l->dirfd != -1)
|
||||
close(l->dirfd);
|
||||
|
||||
|
@ -343,6 +338,10 @@ free_config(void)
|
|||
free((char*)h->cgi);
|
||||
free((char*)h->entrypoint);
|
||||
|
||||
free(h->proxy.host);
|
||||
tls_unload_file(h->proxy.cert, h->proxy.certlen);
|
||||
tls_unload_file(h->proxy.key, h->proxy.keylen);
|
||||
|
||||
TAILQ_REMOVE(&hosts, h, vhosts);
|
||||
free(h);
|
||||
}
|
||||
|
|
19
gmid.h
19
gmid.h
|
@ -97,6 +97,15 @@ struct fcgi {
|
|||
};
|
||||
extern struct fcgi fcgi[FCGI_MAX];
|
||||
|
||||
struct proxy {
|
||||
char *host;
|
||||
const char *port;
|
||||
uint8_t *cert;
|
||||
size_t certlen;
|
||||
uint8_t *key;
|
||||
size_t keylen;
|
||||
};
|
||||
|
||||
TAILQ_HEAD(lochead, location);
|
||||
struct location {
|
||||
const char *match;
|
||||
|
@ -111,13 +120,6 @@ struct location {
|
|||
int disable_log;
|
||||
int fcgi;
|
||||
|
||||
char *proxy_host;
|
||||
const char *proxy_port;
|
||||
uint8_t *proxy_cert;
|
||||
size_t proxy_cert_len;
|
||||
uint8_t *proxy_key;
|
||||
size_t proxy_key_len;
|
||||
|
||||
const char *dir;
|
||||
int dirfd;
|
||||
|
||||
|
@ -158,6 +160,7 @@ struct vhost {
|
|||
struct envhead env;
|
||||
struct envhead params;
|
||||
struct aliashead aliases;
|
||||
struct proxy proxy;
|
||||
};
|
||||
|
||||
struct etm { /* extension to mime */
|
||||
|
@ -242,7 +245,6 @@ struct client {
|
|||
struct sockaddr_storage addr;
|
||||
struct vhost *host; /* host they're talking to */
|
||||
size_t loc; /* location matched */
|
||||
struct location *l;
|
||||
|
||||
SPLAY_ENTRY(client) entry;
|
||||
};
|
||||
|
@ -347,7 +349,6 @@ const char *vhost_default_mime(struct vhost*, const char*);
|
|||
const char *vhost_index(struct vhost*, const char*);
|
||||
int vhost_auto_index(struct vhost*, const char*);
|
||||
int vhost_block_return(struct vhost*, const char*, int*, const char**);
|
||||
struct location *vhost_reverse_proxy(struct vhost *, const char *);
|
||||
int vhost_fastcgi(struct vhost*, const char*);
|
||||
int vhost_dirfd(struct vhost*, const char*, size_t*);
|
||||
int vhost_strip(struct vhost*, const char*);
|
||||
|
|
91
parse.y
91
parse.y
|
@ -278,9 +278,57 @@ servopt : ALIAS string {
|
|||
| PARAM string '=' string {
|
||||
add_param($2, $4, 0);
|
||||
}
|
||||
| proxy
|
||||
| locopt
|
||||
;
|
||||
|
||||
proxy : PROXY proxy_opt
|
||||
| PROXY '{' optnl proxy_opts '}'
|
||||
;
|
||||
|
||||
proxy_opts : /* empty */
|
||||
| proxy_opts proxy_opt optnl
|
||||
;
|
||||
|
||||
proxy_opt : CERT string {
|
||||
struct proxy *p = &host->proxy;
|
||||
|
||||
only_once(p->cert, "proxy cert");
|
||||
ensure_absolute_path($2);
|
||||
p->cert = tls_load_file($2, &p->certlen, NULL);
|
||||
if (p->cert == NULL)
|
||||
yyerror("can't load cert %s", $2);
|
||||
}
|
||||
| KEY string {
|
||||
struct proxy *p = &host->proxy;
|
||||
|
||||
only_once(p->key, "proxy key");
|
||||
ensure_absolute_path($2);
|
||||
p->key = tls_load_file($2, &p->keylen, NULL);
|
||||
if (p->key == NULL)
|
||||
yyerror("can't load key %s", $2);
|
||||
}
|
||||
| RELAY_TO string {
|
||||
char *at;
|
||||
const char *errstr;
|
||||
struct proxy *p = &host->proxy;
|
||||
|
||||
only_once(p->host, "proxy relay-to");
|
||||
p->host = $2;
|
||||
|
||||
if ((at = strchr($2, ':')) != NULL) {
|
||||
*at++ = '\0';
|
||||
p->port = at;
|
||||
} else
|
||||
p->port = "1965";
|
||||
|
||||
strtonum(p->port, 1, UINT16_MAX, &errstr);
|
||||
if (errstr != NULL)
|
||||
yyerror("proxy port is %s: %s", errstr,
|
||||
p->port);
|
||||
}
|
||||
;
|
||||
|
||||
locations : /* empty */
|
||||
| locations location optnl
|
||||
;
|
||||
|
@ -330,7 +378,6 @@ locopt : AUTO INDEX bool { loc->auto_index = $3 ? 1 : -1; }
|
|||
loc->lang = $2;
|
||||
}
|
||||
| LOG bool { loc->disable_log = !$2; }
|
||||
| proxy
|
||||
| REQUIRE CLIENT CA string {
|
||||
only_once(loc->reqca, "require client ca");
|
||||
ensure_absolute_path($4);
|
||||
|
@ -345,48 +392,6 @@ locopt : AUTO INDEX bool { loc->auto_index = $3 ? 1 : -1; }
|
|||
| STRIP NUM { loc->strip = check_strip_no($2); }
|
||||
;
|
||||
|
||||
proxy : PROXY proxy_opt
|
||||
| PROXY '{' optnl proxy_opts '}'
|
||||
;
|
||||
|
||||
proxy_opts : /* empty */
|
||||
| proxy_opts proxy_opt optnl
|
||||
;
|
||||
|
||||
proxy_opt : CERT string {
|
||||
only_once(loc->proxy_cert, "proxy cert");
|
||||
ensure_absolute_path($2);
|
||||
loc->proxy_cert = tls_load_file($2, &loc->proxy_cert_len, NULL);
|
||||
if (loc->proxy_cert == NULL)
|
||||
yyerror("can't load cert %s", $2);
|
||||
}
|
||||
| KEY string {
|
||||
only_once(loc->proxy_key, "proxy key");
|
||||
ensure_absolute_path($2);
|
||||
loc->proxy_key = tls_load_file($2, &loc->proxy_key_len, NULL);
|
||||
if (loc->proxy_key == NULL)
|
||||
yyerror("can't load key %s", $2);
|
||||
}
|
||||
| RELAY_TO string {
|
||||
char *at;
|
||||
const char *errstr;
|
||||
|
||||
only_once(loc->proxy_host, "proxy relay-to");
|
||||
loc->proxy_host = $2;
|
||||
|
||||
if ((at = strchr($2, ':')) != NULL) {
|
||||
*at++ = '\0';
|
||||
loc->proxy_port = at;
|
||||
} else
|
||||
loc->proxy_port = "1965";
|
||||
|
||||
strtonum(loc->proxy_port, 1, UINT16_MAX, &errstr);
|
||||
if (errstr != NULL)
|
||||
yyerror("proxy port is %s: %s", errstr,
|
||||
loc->proxy_port);
|
||||
}
|
||||
;
|
||||
|
||||
fastcgi : SPAWN string {
|
||||
only_oncei(loc->fcgi, "fastcgi");
|
||||
loc->fcgi = fastcgi_conf(NULL, NULL, $2);
|
||||
|
|
9
proxy.c
9
proxy.c
|
@ -284,6 +284,7 @@ proxy_handshake(int fd, short event, void *d)
|
|||
int
|
||||
proxy_init(struct client *c)
|
||||
{
|
||||
struct proxy *p = &c->host->proxy;
|
||||
struct tls_config *conf = NULL;
|
||||
|
||||
c->type = REQUEST_PROXY;
|
||||
|
@ -294,16 +295,14 @@ proxy_init(struct client *c)
|
|||
/* TODO: tls_config_set_protocols here */
|
||||
tls_config_insecure_noverifycert(conf);
|
||||
|
||||
if (c->l->proxy_cert != NULL) {
|
||||
if (p->cert != NULL) {
|
||||
int r;
|
||||
|
||||
r = tls_config_set_cert_mem(conf, c->l->proxy_cert,
|
||||
c->l->proxy_cert_len);
|
||||
r = tls_config_set_cert_mem(conf, p->cert, p->certlen);
|
||||
if (r == -1)
|
||||
goto err;
|
||||
|
||||
r = tls_config_set_key_mem(conf, c->l->proxy_key,
|
||||
c->l->proxy_key_len);
|
||||
r = tls_config_set_key_mem(conf, p->key, p->keylen);
|
||||
if (r == -1)
|
||||
goto err;
|
||||
}
|
||||
|
|
38
server.c
38
server.c
|
@ -207,27 +207,6 @@ vhost_block_return(struct vhost *v, const char *path, int *code, const char **fm
|
|||
return loc->block_code != 0;
|
||||
}
|
||||
|
||||
struct location *
|
||||
vhost_reverse_proxy(struct vhost *v, const char *path)
|
||||
{
|
||||
struct location *loc;
|
||||
|
||||
if (v == NULL || path == NULL)
|
||||
return NULL;
|
||||
|
||||
loc = TAILQ_FIRST(&v->locations);
|
||||
while ((loc = TAILQ_NEXT(loc, locations)) != NULL) {
|
||||
if (loc->proxy_host != NULL)
|
||||
if (matches(loc->match, path))
|
||||
return loc;
|
||||
}
|
||||
|
||||
loc = TAILQ_FIRST(&v->locations);
|
||||
if (loc->proxy_host != NULL)
|
||||
return loc;
|
||||
return NULL;
|
||||
}
|
||||
|
||||
int
|
||||
vhost_fastcgi(struct vhost *v, const char *path)
|
||||
{
|
||||
|
@ -630,21 +609,20 @@ apply_block_return(struct client *c)
|
|||
static int
|
||||
apply_reverse_proxy(struct client *c)
|
||||
{
|
||||
struct location *loc;
|
||||
struct connreq r;
|
||||
struct proxy *p;
|
||||
struct connreq r;
|
||||
|
||||
if ((loc = vhost_reverse_proxy(c->host, c->iri.path)) == NULL)
|
||||
p = &c->host->proxy;
|
||||
if (p->host == NULL)
|
||||
return 0;
|
||||
|
||||
c->l = loc;
|
||||
|
||||
log_debug(c, "opening proxy connection for %s:%s",
|
||||
loc->proxy_host, loc->proxy_port);
|
||||
p->host, p->port);
|
||||
|
||||
strlcpy(r.host, loc->proxy_host, sizeof(r.host));
|
||||
strlcpy(r.port, loc->proxy_port, sizeof(r.port));
|
||||
strlcpy(r.host, p->host, sizeof(r.host));
|
||||
strlcpy(r.port, p->port, sizeof(r.port));
|
||||
|
||||
strlcpy(c->domain, loc->proxy_host, sizeof(c->domain));
|
||||
strlcpy(c->domain, p->host, sizeof(c->domain));
|
||||
|
||||
imsg_compose(&exibuf, IMSG_CONN_REQ, c->id, 0, -1, &r, sizeof(r));
|
||||
imsg_flush(&exibuf);
|
||||
|
|
Loading…
Reference in New Issue