Skip to content

Commit

Permalink
add balancer_ssl_session_fetchby and balancer_ssl_session_storeby
Browse files Browse the repository at this point in the history
  • Loading branch information
dongbeiouba committed Apr 28, 2018
1 parent 612931c commit ebe1006
Show file tree
Hide file tree
Showing 11 changed files with 735 additions and 41 deletions.
4 changes: 4 additions & 0 deletions config
Original file line number Diff line number Diff line change
Expand Up @@ -361,6 +361,8 @@ HTTP_LUA_SRCS=" \
$ngx_addon_dir/src/ngx_http_lua_ssl_session_fetchby.c \
$ngx_addon_dir/src/ngx_http_lua_ssl.c \
$ngx_addon_dir/src/ngx_http_lua_log_ringbuf.c \
$ngx_addon_dir/src/ngx_http_lua_balancer_ssl_session_fetchby.c \
$ngx_addon_dir/src/ngx_http_lua_balancer_ssl_session_storeby.c \
"

HTTP_LUA_DEPS=" \
Expand Down Expand Up @@ -422,6 +424,8 @@ HTTP_LUA_DEPS=" \
$ngx_addon_dir/src/ngx_http_lua_ssl_session_fetchby.h \
$ngx_addon_dir/src/ngx_http_lua_ssl.h \
$ngx_addon_dir/src/ngx_http_lua_log_ringbuf.h \
$ngx_addon_dir/src/ngx_http_lua_balancer_ssl_session_fetchby.h \
$ngx_addon_dir/src/ngx_http_lua_balancer_ssl_session_storeby.h \
"

CFLAGS="$CFLAGS -DNDK_SET_VAR"
Expand Down
38 changes: 11 additions & 27 deletions src/ngx_http_lua_balancer.c
Original file line number Diff line number Diff line change
Expand Up @@ -14,30 +14,8 @@
#include "ngx_http_lua_balancer.h"
#include "ngx_http_lua_util.h"
#include "ngx_http_lua_directive.h"


struct ngx_http_lua_balancer_peer_data_s {
/* the round robin data must be first */
ngx_http_upstream_rr_peer_data_t rrp;

ngx_http_lua_srv_conf_t *conf;
ngx_http_request_t *request;

ngx_uint_t more_tries;
ngx_uint_t total_tries;

struct sockaddr *sockaddr;
socklen_t socklen;

ngx_str_t *host;
in_port_t port;

int last_peer_state;

#if !(HAVE_NGX_UPSTREAM_TIMEOUT_FIELDS)
unsigned cloned_upstream_conf; /* :1 */
#endif
};
#include "ngx_http_lua_balancer_ssl_session_storeby.h"
#include "ngx_http_lua_balancer_ssl_session_fetchby.h"


#if (NGX_HTTP_SSL)
Expand Down Expand Up @@ -438,8 +416,11 @@ ngx_http_lua_balancer_set_session(ngx_peer_connection_t *pc, void *data)
ngx_http_lua_balancer_peer_data_t *bp = data;

if (bp->sockaddr && bp->socklen) {
/* TODO */
return NGX_OK;
if (bp->conf->balancer.ssl_sess_fetch_handler) {
return ngx_http_lua_balancer_ssl_sess_fetch(pc, data);
} else {
return NGX_OK;
}
}

return ngx_http_upstream_set_round_robin_peer_session(pc, &bp->rrp);
Expand All @@ -452,7 +433,10 @@ ngx_http_lua_balancer_save_session(ngx_peer_connection_t *pc, void *data)
ngx_http_lua_balancer_peer_data_t *bp = data;

if (bp->sockaddr && bp->socklen) {
/* TODO */
if (bp->conf->balancer.ssl_sess_store_handler) {
ngx_http_lua_balancer_ssl_sess_store(pc, data);
}

return;
}

Expand Down
22 changes: 22 additions & 0 deletions src/ngx_http_lua_balancer.h
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,28 @@

#include "ngx_http_lua_common.h"

struct ngx_http_lua_balancer_peer_data_s {
/* the round robin data must be first */
ngx_http_upstream_rr_peer_data_t rrp;

ngx_http_lua_srv_conf_t *conf;
ngx_http_request_t *request;

ngx_uint_t more_tries;
ngx_uint_t total_tries;

struct sockaddr *sockaddr;
socklen_t socklen;

ngx_str_t *host;
in_port_t port;

int last_peer_state;

#if !(HAVE_NGX_UPSTREAM_TIMEOUT_FIELDS)
unsigned cloned_upstream_conf; /* :1 */
#endif
};

ngx_int_t ngx_http_lua_balancer_handler_inline(ngx_http_request_t *r,
ngx_http_lua_srv_conf_t *lscf, lua_State *L);
Expand Down
268 changes: 268 additions & 0 deletions src/ngx_http_lua_balancer_ssl_session_fetchby.c
Original file line number Diff line number Diff line change
@@ -0,0 +1,268 @@

/*
* Copyright (C) Chenglong Zhang (kone)
*/


#ifndef DDEBUG
#define DDEBUG 0
#endif
#include "ddebug.h"

#include "ngx_http_lua_balancer_ssl_session_fetchby.h"
#include "ngx_http_lua_cache.h"
#include "ngx_http_lua_util.h"
#include "ngx_http_lua_directive.h"
#include "ngx_http_lua_balancer.h"


#if (NGX_HTTP_SSL)
static ngx_int_t ngx_http_lua_balancer_ssl_sess_fetch_by_chunk(lua_State *L,
ngx_http_request_t *r);


ngx_int_t
ngx_http_lua_balancer_ssl_sess_fetch_handler_file(ngx_http_request_t *r,
ngx_http_lua_srv_conf_t *lscf, lua_State *L)
{
ngx_int_t rc;

rc = ngx_http_lua_cache_loadfile(r->connection->log, L,
lscf->balancer.ssl_sess_fetch_src.data,
lscf->balancer.ssl_sess_fetch_src_key);
if (rc != NGX_OK) {
return rc;
}

/* make sure we have a valid code chunk */
ngx_http_lua_assert(lua_isfunction(L, -1));

return ngx_http_lua_balancer_ssl_sess_fetch_by_chunk(L, r);
}


ngx_int_t
ngx_http_lua_balancer_ssl_sess_fetch_handler_inline(ngx_http_request_t *r,
ngx_http_lua_srv_conf_t *lscf, lua_State *L)
{
ngx_int_t rc;

rc = ngx_http_lua_cache_loadbuffer(r->connection->log, L,
lscf->balancer.ssl_sess_fetch_src.data,
lscf->balancer.ssl_sess_fetch_src.len,
lscf->balancer.ssl_sess_fetch_src_key,
"=balancer_ssl_session_fetch_by_lua");
if (rc != NGX_OK) {
return rc;
}

/* make sure we have a valid code chunk */
ngx_http_lua_assert(lua_isfunction(L, -1));

return ngx_http_lua_balancer_ssl_sess_fetch_by_chunk(L, r);
}


ngx_int_t
ngx_http_lua_balancer_ssl_sess_fetch(ngx_peer_connection_t *pc, void *data)
{
lua_State *L;
ngx_int_t rc;
ngx_http_request_t *r;
ngx_http_lua_ctx_t *ctx;
ngx_http_lua_srv_conf_t *lscf;
ngx_http_lua_balancer_peer_data_t *bp = data;

ngx_log_debug0(NGX_LOG_DEBUG_HTTP, pc->log, 0, "balancer ssl session fetch");

lscf = bp->conf;

r = bp->request;

ngx_http_lua_assert(lscf->balancer.ssl_sess_fetch_handler && r);

ctx = ngx_http_get_module_ctx(r, ngx_http_lua_module);

if (ctx == NULL) {
ctx = ngx_http_lua_create_ctx(r);
if (ctx == NULL) {
return NGX_ERROR;
}

L = ngx_http_lua_get_lua_vm(r, ctx);

} else {
L = ngx_http_lua_get_lua_vm(r, ctx);

dd("reset ctx");
ngx_http_lua_reset_ctx(r, L, ctx);
}

ctx->context = NGX_HTTP_LUA_CONTEXT_BALANCER_SSL_SESS_FETCH;

rc = lscf->balancer.ssl_sess_fetch_handler(r, lscf, L);

if (rc == NGX_ERROR) {
return NGX_ERROR;
}

if (ctx->exited && ctx->exit_code != NGX_OK) {
rc = ctx->exit_code;
if (rc == NGX_ERROR
|| rc == NGX_BUSY
|| rc == NGX_DECLINED
#ifdef HAVE_BALANCER_STATUS_CODE_PATCH
|| rc >= NGX_HTTP_SPECIAL_RESPONSE
#endif
) {
return rc;
}

if (rc > NGX_OK) {
return NGX_ERROR;
}
}

return NGX_OK;
}


char *
ngx_http_lua_balancer_ssl_sess_fetch_by_lua_block(ngx_conf_t *cf, ngx_command_t *cmd,
void *conf)
{
char *rv;
ngx_conf_t save;

save = *cf;
cf->handler = ngx_http_lua_balancer_ssl_sess_fetch_by_lua;
cf->handler_conf = conf;

rv = ngx_http_lua_conf_lua_block_parse(cf, cmd);

*cf = save;

return rv;
}


char *
ngx_http_lua_balancer_ssl_sess_fetch_by_lua(ngx_conf_t *cf, ngx_command_t *cmd,
void *conf)
{
u_char *p;
u_char *name;
ngx_str_t *value;
ngx_http_lua_srv_conf_t *lscf = conf;

dd("enter");

/* must specify a content handler */
if (cmd->post == NULL) {
return NGX_CONF_ERROR;
}

if(lscf->balancer.ssl_sess_fetch_handler) {
return "is duplicate";
}

value = cf->args->elts;

lscf->balancer.ssl_sess_fetch_handler = (ngx_http_lua_srv_conf_handler_pt) cmd->post;

if (cmd->post == ngx_http_lua_balancer_ssl_sess_fetch_handler_file) {
/* Lua code in an external file */

name = ngx_http_lua_rebase_path(cf->pool, value[1].data,
value[1].len);
if (name == NULL) {
return NGX_CONF_ERROR;
}

lscf->balancer.ssl_sess_fetch_src.data = name;
lscf->balancer.ssl_sess_fetch_src.len = ngx_strlen(name);

p = ngx_palloc(cf->pool, NGX_HTTP_LUA_FILE_KEY_LEN + 1);
if (p == NULL) {
return NGX_CONF_ERROR;
}

lscf->balancer.ssl_sess_fetch_src_key = p;

p = ngx_copy(p, NGX_HTTP_LUA_FILE_TAG, NGX_HTTP_LUA_FILE_TAG_LEN);
p = ngx_http_lua_digest_hex(p, value[1].data, value[1].len);
*p = '\0';

} else {
/* inlined Lua code */

lscf->balancer.ssl_sess_fetch_src = value[1];

p = ngx_palloc(cf->pool, NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
if (p == NULL) {
return NGX_CONF_ERROR;
}

lscf->balancer.ssl_sess_fetch_src_key = p;

p = ngx_copy(p, NGX_HTTP_LUA_INLINE_TAG, NGX_HTTP_LUA_INLINE_TAG_LEN);
p = ngx_http_lua_digest_hex(p, value[1].data, value[1].len);
*p = '\0';
}

return NGX_CONF_OK;
}


static ngx_int_t
ngx_http_lua_balancer_ssl_sess_fetch_by_chunk(lua_State *L, ngx_http_request_t *r)
{
u_char *err_msg;
size_t len;
ngx_int_t rc;

/* init nginx context in Lua VM */
ngx_http_lua_set_req(L, r);
ngx_http_lua_create_new_globals_table(L, 0 /* narr */, 1 /* nrec */);

/* {{{ make new env inheriting main thread's globals table */
lua_createtable(L, 0, 1 /* nrec */); /* the metatable for the new env */
ngx_http_lua_get_globals_table(L);
lua_setfield(L, -2, "__index");
lua_setmetatable(L, -2); /* setmetatable({}, {__index = _G}) */
/* }}} */

lua_setfenv(L, -2); /* set new running env for the code closure */

lua_pushcfunction(L, ngx_http_lua_traceback);
lua_insert(L, 1); /* put it under chunk and args */

/* protected call user code */
rc = lua_pcall(L, 0, 1, 1);

lua_remove(L, 1); /* remove traceback function */

dd("rc == %d", (int) rc);

if (rc != 0) {
/* error occurred when running loaded code */
err_msg = (u_char *) lua_tolstring(L, -1, &len);

if (err_msg == NULL) {
err_msg = (u_char *) "unknown reason";
len = sizeof("unknown reason") - 1;
}

ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"failed to run balancer_ssl_session_fetch_by_lua*: %*s", len, err_msg);

lua_settop(L, 0); /* clear remaining elems on stack */

return NGX_ERROR;
}

lua_settop(L, 0); /* clear remaining elems on stack */
return rc;
}

#endif /* NGX_HTTP_SSL */
Loading

0 comments on commit ebe1006

Please sign in to comment.