[PATCH] Stream pass: disabled passing from or to udp

Roman Arutyunyan arut at nginx.com
Fri Apr 26 11:15:42 UTC 2024


# HG changeset patch
# User Roman Arutyunyan <arut at nginx.com>
# Date 1714057362 -14400
#      Thu Apr 25 19:02:42 2024 +0400
# Branch stable-1.26
# Node ID a60cd9c99efcc1204e6d395104beb39883308c93
# Parent  cdf74ac25b47ec928b53aa82ccc1c3d288a2f81c
Stream pass: disabled passing from or to udp.

Passing from udp was not possible for the most part due to preread buffer
restriction.  Passing to udp could occasionally work, but the connection would
still be bound to the orignial listen rbtree, which prevented it from being
deleted on connection closure.

Also, passing to a QUIC listen socket is disabled by this change as well.

diff --git a/src/stream/ngx_stream_pass_module.c b/src/stream/ngx_stream_pass_module.c
--- a/src/stream/ngx_stream_pass_module.c
+++ b/src/stream/ngx_stream_pass_module.c
@@ -83,6 +83,11 @@ ngx_stream_pass_handler(ngx_stream_sessi
 
     c->log->action = "passing connection to port";
 
+    if (c->type == SOCK_DGRAM) {
+        ngx_log_error(NGX_LOG_ERR, c->log, 0, "cannot pass udp connection");
+        goto failed;
+    }
+
     if (c->buffer && c->buffer->pos != c->buffer->last) {
         ngx_log_error(NGX_LOG_ERR, c->log, 0,
                       "cannot pass connection with preread data");
@@ -217,6 +222,10 @@ ngx_stream_pass_cleanup(void *data)
 static ngx_int_t
 ngx_stream_pass_match(ngx_listening_t *ls, ngx_addr_t *addr)
 {
+    if (ls->type == SOCK_DGRAM) {
+        return NGX_DECLINED;
+    }
+
     if (!ls->wildcard) {
         return ngx_cmp_sockaddr(ls->sockaddr, ls->socklen,
                                 addr->sockaddr, addr->socklen, 1);


More information about the nginx-devel mailing list