目录
- 5. 源码分析
- 5.1 模块的初始化代码
- 5.2 请求入口点函数分析
- 5.2.1 ngx_http_proxy_connect_post_read_handler
- 5.2.2 ngx_http_proxy_connect_handler
- 5.3 域名解析回调
- 5.4 向上游服务器发起连接
- 5.4.1 ngx_http_proxy_connect_process_connect
- 5.4.2 ngx_http_proxy_connect_write_upstream
- 5.5 连接建立后向客户端发送CONNECT请求的响应
- 5.6 数据隧道透传
- 5.6.1 上下游连接的读写回调函数
- 5.6.1 ngx_http_proxy_connect_tunnel
- 5.7 关闭会话
- 6. 总结
对于模块的配置指令和内置变量的相关信息可以查看上半部分:深入理解ngx_http_proxy_connect_module模块(上)
5. 源码分析
废话不多说,直接进入源码环节。
5.1 模块的初始化代码
static ngx_http_module_t ngx_http_proxy_connect_module_ctx = {ngx_http_proxy_connect_add_variables, /* preconfiguration */ngx_http_proxy_connect_init, /* postconfiguration */NULL, /* create main configuration */NULL, /* init main configuration */NULL, /* create server configuration */NULL, /* merge server configuration */ngx_http_proxy_connect_create_loc_conf, /* create location configuration */ngx_http_proxy_connect_merge_loc_conf /* merge location configuration */
};
本模块设置了preconfiguration回调,用来在nginx框架中添加第4节列出的变量;本模块又设置了postconfiguration回调,用来设置回调钩子函数。ngx_http_proxy_connect_init代码如下:
static ngx_int_t
ngx_http_proxy_connect_init(ngx_conf_t *cf)
{ngx_http_core_main_conf_t *cmcf;ngx_http_handler_pt *h;cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);h = ngx_array_push(&cmcf->phases[NGX_HTTP_POST_READ_PHASE].handlers);if (h == NULL) {return NGX_ERROR;}*h = ngx_http_proxy_connect_post_read_handler;return NGX_OK;
}
ngx_http_proxy_connect_init代码非常简单,就是在NGX_HTTP_POST_READ_PHASE阶段设置一个回调函数ngx_http_proxy_connect_post_read_handler, NGX_HTTP_POST_READ_PHASE阶段是nginx 异步http处理框架收到客户端的http请求包后的第一个处理阶段。
然后再看一下proxy_connect配置指令的代码,如下:
static char *
ngx_http_proxy_connect(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{ngx_http_core_loc_conf_t *clcf;ngx_http_proxy_connect_loc_conf_t *pclcf;clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);clcf->handler = ngx_http_proxy_connect_handler;pclcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_proxy_connect_module);pclcf->accept_connect = 1;return NGX_CONF_OK;
}
也是非常简单,就是设置一个NGX_HTTP_CONTENT_PHASE阶段的回调函数,以便在这个阶段来接管connect请求的处理逻辑。
5.2 请求入口点函数分析
5.2.1 ngx_http_proxy_connect_post_read_handler
ngx_http_proxy_connect_post_read_handler函数在NGX_HTTP_POST_READ_PHASE阶段被回调,如果发现当前的是CONNECT请求,则判断是否开启了proxy_connect,如果没有开启,则返回NGX_HTTP_NOT_ALLOWED,反之,则对当前的请求设置一个ngx_http_proxy_connect_ctx_t上下文,源码如下:
static ngx_int_t
ngx_http_proxy_connect_post_read_handler(ngx_http_request_t *r)
{ngx_http_proxy_connect_ctx_t *ctx;ngx_http_proxy_connect_loc_conf_t *pclcf;if (r->method == NGX_HTTP_CONNECT) {pclcf = ngx_http_get_module_loc_conf(r, ngx_http_proxy_connect_module);if (!pclcf->accept_connect) {ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,"proxy_connect: client sent connect method");return NGX_HTTP_NOT_ALLOWED;}/* init ctx */ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_proxy_connect_ctx_t));if (ctx == NULL) {return NGX_ERROR;}ctx->buf.pos = (u_char *) NGX_HTTP_PROXY_CONNECT_ESTABLISTHED;ctx->buf.last = ctx->buf.pos +sizeof(NGX_HTTP_PROXY_CONNECT_ESTABLISTHED) - 1;ctx->buf.memory = 1;ctx->connect_timeout = pclcf->connect_timeout;ctx->send_timeout = pclcf->send_timeout;ctx->data_timeout = pclcf->data_timeout;ngx_http_set_ctx(r, ctx, ngx_http_proxy_connect_module);}/* 返回NGX_DECLINED表示如果本阶段有其他的模块,就继续执行这些模块的回调函数。return NGX_DECLINED;
}
5.2.2 ngx_http_proxy_connect_handler
nginx在经过以上ngx_http_proxy_connect_post_read_handler处理后,正常情况下都会会进入到NGX_HTTP_CONTENT_PHASE阶段,在这时就会回调ngx_http_proxy_connect_handler进行处理,源码如下:
static ngx_int_t
ngx_http_proxy_connect_handler(ngx_http_request_t *r)
{ngx_url_t url;ngx_int_t rc;ngx_resolver_ctx_t *rctx, temp;ngx_http_core_loc_conf_t *clcf;ngx_http_proxy_connect_ctx_t *ctx;ngx_http_proxy_connect_upstream_t *u;ngx_http_proxy_connect_loc_conf_t *plcf;plcf = ngx_http_get_module_loc_conf(r, ngx_http_proxy_connect_module);/* 如果不是CONNECT请求或者配置中没有开启proxy_connect, 则本模块直接放弃处理 */if (r->method != NGX_HTTP_CONNECT || !plcf->accept_connect) {return NGX_DECLINED;}/* 判断客户端请求的端口是否在允许的范围内,如果不在范围内,则本模块直接放弃处理 */rc = ngx_http_proxy_connect_allow_handler(r, plcf);if (rc != NGX_OK) {return rc;}/* 获取在ngx_http_proxy_connect_post_read_handler设置的上下文信息 */ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_connect_module);;if (ngx_http_proxy_connect_upstream_create(r, ctx) != NGX_OK) {return NGX_HTTP_INTERNAL_SERVER_ERROR;}u = ctx->u;u->conf = plcf;ngx_memzero(&url, sizeof(ngx_url_t));/* 如果在配置文件中设置了proxy_connect_address,则根据设置的值作为连接上游服务器的地址 */if (plcf->address) {if (ngx_http_complex_value(r, plcf->address, &url.url) != NGX_OK) {return NGX_HTTP_INTERNAL_SERVER_ERROR;}if (url.url.len == 0 || url.url.data == NULL) {url.url.len = r->connect_host.len;url.url.data = r->connect_host.data;}} else {/* 没有设置proxy_connect_address,则用CONNECT请求头中的url地址中的host部分作为上游服务器的地址 */url.url.len = r->connect_host.len;url.url.data = r->connect_host.data;}/* 设置待连接上游服务器的端口 */url.default_port = r->connect_port_n;url.no_resolve = 1;ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,"proxy_connect: connect handler: parse url: %V" , &url.url);if (ngx_parse_url(r->pool, &url) != NGX_OK) {if (url.err) {ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,"proxy_connect: %s in connect host \"%V\"",url.err, &url.url);return NGX_HTTP_FORBIDDEN;}return NGX_HTTP_INTERNAL_SERVER_ERROR;}/* 将当前请求的read和write的i/o事件处理回调函数进行设置,因为当前暂时还不需要处理读写操作,只是用来进行连接是否中断的检测 */r->read_event_handler = ngx_http_proxy_connect_rd_check_broken_connection;r->write_event_handler = ngx_http_proxy_connect_wr_check_broken_connection;/* NOTE:* We use only one address in u->resolved,* and u->resolved.host is "<address:port>" format.* u->resolved用来存放最终向上游服务器连接的ip+端口的地址。*/u->resolved = ngx_pcalloc(r->pool, sizeof(ngx_http_upstream_resolved_t));if (u->resolved == NULL) {return NGX_HTTP_INTERNAL_SERVER_ERROR;}/* rc = NGX_DECLINED */if (url.addrs) {/* 如果url.addrs中已经有目标地址,则用第一个地址来设置u->resolved */ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,"proxy_connect: upstream address given directly");u->resolved->sockaddr = url.addrs[0].sockaddr;u->resolved->socklen = url.addrs[0].socklen;
#if defined(nginx_version) && nginx_version >= 1011007u->resolved->name = url.addrs[0].name;
#endifu->resolved->naddrs = 1;}u->resolved->host = url.host;u->resolved->port = (in_port_t) (url.no_port ? r->connect_port_n : url.port);u->resolved->no_port = url.no_port;if (u->resolved->sockaddr) {/* 目标地址已经设置好了,接下去就不需要进行域名解析直接进行连接了 */rc = ngx_http_proxy_connect_sock_ntop(r, u);if (rc != NGX_OK) {return rc;}/* 当前的ngx_http_request_t的引用计数+1 */r->main->count++;/* 向上游服务器发起TCP连接请求 */ngx_http_proxy_connect_process_connect(r, u);return NGX_DONE;}/* 因为将连接的上游服务器是域名形式提供的,因此需要先通过域名解析后方可以发起连接 */ngx_str_t *host = &url.host;clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);temp.name = *host;/* 设置请求上游服务器的开始时间 */u->start_time = ngx_current_msec;u->state.resolve_time = (ngx_msec_t) -1