[nginx] Stream: SSL-related variables.

Vladimir Homutov vl at nginx.com
Mon Jul 4 14:50:25 UTC 2016


details:   http://hg.nginx.org/nginx/rev/85e7bcb37d6b
branches:  
changeset: 6611:85e7bcb37d6b
user:      Vladimir Homutov <vl at nginx.com>
date:      Wed Jun 29 12:52:52 2016 +0300
description:
Stream: SSL-related variables.

diffstat:

 src/stream/ngx_stream_ssl_module.c |  115 ++++++++++++++++++++++++++++++++++++-
 1 files changed, 114 insertions(+), 1 deletions(-)

diffs (146 lines):

diff -r d5b5866c06c4 -r 85e7bcb37d6b src/stream/ngx_stream_ssl_module.c
--- a/src/stream/ngx_stream_ssl_module.c	Wed Jun 29 12:46:12 2016 +0300
+++ b/src/stream/ngx_stream_ssl_module.c	Wed Jun 29 12:52:52 2016 +0300
@@ -10,10 +10,20 @@
 #include <ngx_stream.h>
 
 
+typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c,
+    ngx_pool_t *pool, ngx_str_t *s);
+
+
 #define NGX_DEFAULT_CIPHERS     "HIGH:!aNULL:!MD5"
 #define NGX_DEFAULT_ECDH_CURVE  "auto"
 
 
+static ngx_int_t ngx_stream_ssl_static_variable(ngx_stream_session_t *s,
+    ngx_stream_variable_value_t *v, uintptr_t data);
+static ngx_int_t ngx_stream_ssl_variable(ngx_stream_session_t *s,
+    ngx_stream_variable_value_t *v, uintptr_t data);
+
+static ngx_int_t ngx_stream_ssl_add_variables(ngx_conf_t *cf);
 static void *ngx_stream_ssl_create_conf(ngx_conf_t *cf);
 static char *ngx_stream_ssl_merge_conf(ngx_conf_t *cf, void *parent,
     void *child);
@@ -132,7 +142,7 @@ static ngx_command_t  ngx_stream_ssl_com
 
 
 static ngx_stream_module_t  ngx_stream_ssl_module_ctx = {
-    NULL,                                  /* preconfiguration */
+    ngx_stream_ssl_add_variables,          /* preconfiguration */
     NULL,                                  /* postconfiguration */
 
     NULL,                                  /* create main configuration */
@@ -159,9 +169,112 @@ ngx_module_t  ngx_stream_ssl_module = {
 };
 
 
+static ngx_stream_variable_t  ngx_stream_ssl_vars[] = {
+
+    { ngx_string("ssl_protocol"), NULL, ngx_stream_ssl_static_variable,
+      (uintptr_t) ngx_ssl_get_protocol, NGX_STREAM_VAR_CHANGEABLE, 0 },
+
+    { ngx_string("ssl_cipher"), NULL, ngx_stream_ssl_static_variable,
+      (uintptr_t) ngx_ssl_get_cipher_name, NGX_STREAM_VAR_CHANGEABLE, 0 },
+
+    { ngx_string("ssl_session_id"), NULL, ngx_stream_ssl_variable,
+      (uintptr_t) ngx_ssl_get_session_id, NGX_STREAM_VAR_CHANGEABLE, 0 },
+
+    { ngx_string("ssl_session_reused"), NULL, ngx_stream_ssl_variable,
+      (uintptr_t) ngx_ssl_get_session_reused, NGX_STREAM_VAR_CHANGEABLE, 0 },
+
+    { ngx_string("ssl_server_name"), NULL, ngx_stream_ssl_variable,
+      (uintptr_t) ngx_ssl_get_server_name, NGX_STREAM_VAR_CHANGEABLE, 0 },
+
+    { ngx_null_string, NULL, NULL, 0, 0, 0 }
+};
+
+
 static ngx_str_t ngx_stream_ssl_sess_id_ctx = ngx_string("STREAM");
 
 
+static ngx_int_t
+ngx_stream_ssl_static_variable(ngx_stream_session_t *s,
+    ngx_stream_variable_value_t *v, uintptr_t data)
+{
+    ngx_ssl_variable_handler_pt  handler = (ngx_ssl_variable_handler_pt) data;
+
+    size_t     len;
+    ngx_str_t  str;
+
+    if (s->connection->ssl) {
+
+        (void) handler(s->connection, NULL, &str);
+
+        v->data = str.data;
+
+        for (len = 0; v->data[len]; len++) { /* void */ }
+
+        v->len = len;
+        v->valid = 1;
+        v->no_cacheable = 0;
+        v->not_found = 0;
+
+        return NGX_OK;
+    }
+
+    v->not_found = 1;
+
+    return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_stream_ssl_variable(ngx_stream_session_t *s,
+    ngx_stream_variable_value_t *v, uintptr_t data)
+{
+    ngx_ssl_variable_handler_pt  handler = (ngx_ssl_variable_handler_pt) data;
+
+    ngx_str_t  str;
+
+    if (s->connection->ssl) {
+
+        if (handler(s->connection, s->connection->pool, &str) != NGX_OK) {
+            return NGX_ERROR;
+        }
+
+        v->len = str.len;
+        v->data = str.data;
+
+        if (v->len) {
+            v->valid = 1;
+            v->no_cacheable = 0;
+            v->not_found = 0;
+
+            return NGX_OK;
+        }
+    }
+
+    v->not_found = 1;
+
+    return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_stream_ssl_add_variables(ngx_conf_t *cf)
+{
+    ngx_stream_variable_t  *var, *v;
+
+    for (v = ngx_stream_ssl_vars; v->name.len; v++) {
+        var = ngx_stream_add_variable(cf, &v->name, v->flags);
+        if (var == NULL) {
+            return NGX_ERROR;
+        }
+
+        var->get_handler = v->get_handler;
+        var->data = v->data;
+    }
+
+    return NGX_OK;
+}
+
+
 static void *
 ngx_stream_ssl_create_conf(ngx_conf_t *cf)
 {



More information about the nginx-devel mailing list