bud_error_t bud_config_load_backend(bud_config_t* config,
JSON_Object* obj,
bud_config_backend_t* backend,
bud_hashmap_t* map,
unsigned int* ext_count) {
bud_error_t err;
JSON_Value* val;
const char* external;
int r;
bud_config_load_addr(obj, (bud_config_addr_t*) backend);
backend->config = config;
backend->xforward = -1;
val = json_object_get_value(obj, "proxyline");
if (json_value_get_type(val) == JSONString) {
const char* pline;
pline = json_value_get_string(val);
if (strcmp(pline, "haproxy") == 0)
backend->proxyline = kBudProxylineHAProxy;
else if (strcmp(pline, "json") == 0)
backend->proxyline = kBudProxylineJSON;
else
return bud_error_dstr(kBudErrProxyline, pline);
} else {
backend->proxyline = val != NULL && json_value_get_boolean(val) ?
kBudProxylineHAProxy :
kBudProxylineNone;
}
val = json_object_get_value(obj, "x-forward");
if (val != NULL)
backend->xforward = json_value_get_boolean(val);
/* Set defaults here to use them in sni.c */
bud_config_set_backend_defaults(backend);
r = bud_config_str_to_addr(backend->host, backend->port, &backend->addr);
if (r != 0)
return bud_error_num(kBudErrPton, r);
external = json_object_get_string(obj, "external");
if (external == NULL)
return bud_ok();
/* Insert backend into a hashmap */
err = bud_hashmap_insert(map, external, strlen(external), backend);
if (!bud_is_ok(err))
return err;
(*ext_count)++;
return bud_ok();
}
void bud_config_set_defaults(bud_config_t* config) {
int i;
DEFAULT(config->worker_count, -1, 1);
DEFAULT(config->restart_timeout, -1, 250);
DEFAULT(config->log.level, NULL, "info");
DEFAULT(config->log.facility, NULL, "user");
DEFAULT(config->log.stdio, -1, 1);
DEFAULT(config->log.syslog, -1, 0);
DEFAULT(config->availability.death_timeout, -1, 1000);
DEFAULT(config->availability.revive_interval, -1, 2500);
DEFAULT(config->availability.retry_interval, -1, 250);
DEFAULT(config->availability.max_retries, -1, 5);
DEFAULT(config->frontend.port, 0, 1443);
DEFAULT(config->frontend.host, NULL, "0.0.0.0");
DEFAULT(config->frontend.security, NULL, "ssl23");
DEFAULT(config->frontend.ecdh, NULL, "prime256v1");
DEFAULT(config->frontend.keepalive, -1, kBudDefaultKeepalive);
DEFAULT(config->frontend.server_preference, -1, 1);
DEFAULT(config->frontend.ssl3, -1, 0);
DEFAULT(config->frontend.max_send_fragment, -1, 1400);
DEFAULT(config->frontend.allow_half_open, -1, 0);
DEFAULT(config->frontend.cert_file, NULL, "keys/cert.pem");
DEFAULT(config->frontend.key_file, NULL, "keys/key.pem");
DEFAULT(config->frontend.reneg_window, 0, 600);
DEFAULT(config->frontend.reneg_limit, 0, 3);
DEFAULT(config->balance, NULL, "roundrobin");
for (i = 0; i < config->backend_count; i++)
bud_config_set_backend_defaults(&config->backend[i]);
DEFAULT(config->sni.port, 0, 9000);
DEFAULT(config->sni.host, NULL, "127.0.0.1");
DEFAULT(config->sni.url, NULL, "/bud/sni/%s");
DEFAULT(config->stapling.port, 0, 9000);
DEFAULT(config->stapling.host, NULL, "127.0.0.1");
DEFAULT(config->stapling.url, NULL, "/bud/stapling/%s");
}
bud_error_t bud_config_load_backend(bud_config_t* config,
JSON_Object* obj,
bud_config_backend_t* backend) {
JSON_Value* val;
bud_config_load_addr(obj, (bud_config_addr_t*) backend);
backend->config = config;
backend->proxyline = -1;
backend->xforward = -1;
val = json_object_get_value(obj, "proxyline");
if (val != NULL)
backend->proxyline = json_value_get_boolean(val);
val = json_object_get_value(obj, "x-forward");
if (val != NULL)
backend->xforward = json_value_get_boolean(val);
/* Set defaults here to use them in sni.c */
bud_config_set_backend_defaults(backend);
return bud_ok();
}
void bud_config_set_defaults(bud_config_t* config) {
int i;
DEFAULT(config->worker_count, -1, 1);
DEFAULT(config->restart_timeout, -1, 250);
DEFAULT(config->master_ipc, -1, 0);
DEFAULT(config->log.level, NULL, "info");
DEFAULT(config->log.facility, NULL, "user");
DEFAULT(config->log.stdio, -1, 1);
DEFAULT(config->log.syslog, -1, 0);
DEFAULT(config->availability.death_timeout, -1, 1000);
DEFAULT(config->availability.revive_interval, -1, 2500);
DEFAULT(config->availability.retry_interval, -1, 250);
DEFAULT(config->availability.max_retries, -1, 5);
DEFAULT(config->balance, NULL, "roundrobin");
bud_config_set_frontend_defaults(&config->frontend);
for (i = 0; i < config->context_count + 1; i++) {
bud_context_t* ctx;
int j;
ctx = &config->contexts[i];
if (ctx->cert_files == NULL)
DEFAULT(ctx->cert_file, NULL, "keys/cert.pem");
if (ctx->key_files == NULL)
DEFAULT(ctx->key_file, NULL, "keys/key.pem");
DEFAULT(ctx->ciphers,
NULL,
"ECDHE-ECDSA-AES256-GCM-SHA384:"
"ECDHE-RSA-AES256-GCM-SHA384:"
"DHE-RSA-AES256-GCM-SHA384:"
"ECDHE-ECDSA-AES256-GCM-SHA256:"
"ECDHE-RSA-AES256-GCM-SHA256:"
"DHE-RSA-AES256-GCM-SHA256:"
"ECDHE-ECDSA-AES256-SHA256:"
"ECDHE-RSA-AES256-SHA256:"
"DHE-RSA-AES256-SHA256:"
"ECDHE-ECDSA-AES128-GCM-SHA256:"
"ECDHE-RSA-AES128-GCM-SHA256:"
"ECDHE-ECDSA-AES128-SHA256:"
"ECDHE-RSA-AES128-SHA256:"
"DHE-RSA-AES128-GCM-SHA256:"
"DHE-RSA-AES128-SHA256:"
"ECDHE-ECDSA-AES256-SHA:"
"ECDHE-RSA-AES256-SHA:"
"ECDHE-ECDSA-AES128-SHA:"
"ECDHE-RSA-AES128-SHA:"
"DHE-RSA-AES128-SHA:"
"AES256-GCM-SHA384:"
"AES128-GCM-SHA256:"
"AES256-SHA256:"
"AES128-SHA256:"
"AES128-SHA:"
"DES-CBC3-SHA");
DEFAULT(ctx->ticket_timeout, -1, 3600);
DEFAULT(ctx->ticket_rotate, -1, 3600);
for (j = 0; j < ctx->backend.count; j++)
bud_config_set_backend_defaults(&ctx->backend.list[j]);
}
DEFAULT(config->sni.port, 0, 9000);
DEFAULT(config->sni.host, NULL, "127.0.0.1");
DEFAULT(config->sni.url, NULL, "/bud/sni/%s");
DEFAULT(config->stapling.port, 0, 9000);
DEFAULT(config->stapling.host, NULL, "127.0.0.1");
DEFAULT(config->stapling.url, NULL, "/bud/stapling/%s");
}
