static void ngx_stream_proxy_connect_handler(ngx_event_t *ev) { ngx_connection_t *c; ngx_stream_session_t *s; c = ev->data; s = c->data; if (ev->timedout) { ngx_log_error(NGX_LOG_ERR, c->log, NGX_ETIMEDOUT, "upstream timed out"); ngx_stream_proxy_next_upstream(s); return; } ngx_del_timer(c->write); ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0, "stream proxy connect upstream"); if (ngx_stream_proxy_test_connect(c) != NGX_OK) { ngx_stream_proxy_next_upstream(s); return; } ngx_stream_proxy_init_upstream(s); }
static void ngx_stream_proxy_connect(ngx_stream_session_t *s) { ngx_int_t rc; ngx_connection_t *c, *pc; ngx_stream_upstream_t *u; ngx_stream_proxy_srv_conf_t *pscf; c = s->connection; c->log->action = "connecting to upstream"; u = s->upstream; rc = ngx_event_connect_peer(&u->peer); ngx_log_debug1(NGX_LOG_DEBUG_STREAM, c->log, 0, "proxy connect: %i", rc); pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); if (rc == NGX_ERROR) { ngx_stream_proxy_finalize(s, NGX_ERROR); return; } if (rc == NGX_BUSY) { ngx_log_error(NGX_LOG_ERR, c->log, 0, "no live upstreams"); ngx_stream_proxy_finalize(s, NGX_DECLINED); return; } if (rc == NGX_DECLINED) { ngx_stream_proxy_next_upstream(s); return; } /* rc == NGX_OK || rc == NGX_AGAIN || rc == NGX_DONE */ pc = u->peer.connection; pc->data = s; pc->log = c->log; pc->pool = c->pool; pc->read->log = c->log; pc->write->log = c->log; if (rc != NGX_AGAIN) { ngx_stream_proxy_init_upstream(s); return; } pc->read->handler = ngx_stream_proxy_connect_handler; pc->write->handler = ngx_stream_proxy_connect_handler; ngx_add_timer(pc->write, pscf->connect_timeout); }
static void ngx_stream_proxy_ssl_handshake(ngx_connection_t *pc) { long rc; ngx_stream_session_t *s; ngx_stream_upstream_t *u; ngx_stream_proxy_srv_conf_t *pscf; s = pc->data; pscf = ngx_stream_get_module_srv_conf(s, ngx_stream_proxy_module); if (pc->ssl->handshaked) { if (pscf->ssl_verify) { rc = SSL_get_verify_result(pc->ssl->connection); if (rc != X509_V_OK) { ngx_log_error(NGX_LOG_ERR, pc->log, 0, "upstream SSL certificate verify error: (%l:%s)", rc, X509_verify_cert_error_string(rc)); goto failed; } u = s->upstream; if (ngx_ssl_check_host(pc, &u->ssl_name) != NGX_OK) { ngx_log_error(NGX_LOG_ERR, pc->log, 0, "upstream SSL certificate does not match \"%V\"", &u->ssl_name); goto failed; } } if (pscf->ssl_session_reuse) { u = s->upstream; u->peer.save_session(&u->peer, u->peer.data); } if (pc->write->timer_set) { ngx_del_timer(pc->write); } ngx_stream_proxy_init_upstream(s); return; } failed: ngx_stream_proxy_next_upstream(s); }