[nginx] Log only the first line of user input on PROXY protocol v1 error.

Roman Arutyunyan arut at nginx.com
Tue Oct 11 13:09:59 UTC 2022


details:   https://hg.nginx.org/nginx/rev/017fd847f4f7
branches:  
changeset: 8071:017fd847f4f7
user:      Roman Arutyunyan <arut at nginx.com>
date:      Mon Oct 10 13:57:31 2022 +0400
description:
Log only the first line of user input on PROXY protocol v1 error.

Previously, all received user input was logged.  If a multi-line text was
received from client and logged, it could reduce log readability and also make
it harder to parse nginx log by scripts.  The change brings to PROXY protocol
the same behavior that exists for HTTP request line in
ngx_http_log_error_handler().

diffstat:

 src/core/ngx_proxy_protocol.c |  8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diffs (19 lines):

diff -r ba5cf8f73a2d -r 017fd847f4f7 src/core/ngx_proxy_protocol.c
--- a/src/core/ngx_proxy_protocol.c	Thu Sep 08 13:53:49 2022 +0400
+++ b/src/core/ngx_proxy_protocol.c	Mon Oct 10 13:57:31 2022 +0400
@@ -139,8 +139,14 @@ skip:
 
 invalid:
 
+    for (p = buf; p < last; p++) {
+        if (*p == CR || *p == LF) {
+            break;
+        }
+    }
+
     ngx_log_error(NGX_LOG_ERR, c->log, 0,
-                  "broken header: \"%*s\"", (size_t) (last - buf), buf);
+                  "broken header: \"%*s\"", (size_t) (p - buf), buf);
 
     return NULL;
 }



More information about the nginx-devel mailing list