Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
N
nghttp2
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Libraries
nghttp2
Commits
c7071258
Commit
c7071258
authored
Feb 07, 2013
by
Tatsuhiro Tsujikawa
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
shrpx: Explicitly hold server SSL_CTX and client SSL_CTX
parent
b18af854
Changes
10
Hide whitespace changes
Inline
Side-by-side
Showing
10 changed files
with
48 additions
and
42 deletions
+48
-42
src/shrpx.cc
src/shrpx.cc
+6
-5
src/shrpx_client_handler.cc
src/shrpx_client_handler.cc
+1
-1
src/shrpx_client_handler.h
src/shrpx_client_handler.h
+2
-2
src/shrpx_listen_handler.cc
src/shrpx_listen_handler.cc
+10
-9
src/shrpx_listen_handler.h
src/shrpx_listen_handler.h
+9
-7
src/shrpx_ssl.cc
src/shrpx_ssl.cc
+6
-6
src/shrpx_ssl.h
src/shrpx_ssl.h
+3
-3
src/shrpx_thread_event_receiver.cc
src/shrpx_thread_event_receiver.cc
+4
-4
src/shrpx_worker.cc
src/shrpx_worker.cc
+5
-4
src/shrpx_worker.h
src/shrpx_worker.h
+2
-1
No files found.
src/shrpx.cc
View file @
c7071258
...
@@ -242,11 +242,12 @@ int event_loop()
...
@@ -242,11 +242,12 @@ int event_loop()
{
{
event_base
*
evbase
=
event_base_new
();
event_base
*
evbase
=
event_base_new
();
SSL_CTX
*
ssl_ctx
=
get_config
()
->
client_mode
?
SSL_CTX
*
sv_ssl_ctx
=
get_config
()
->
default_ssl_ctx
;
ssl
::
create_ssl_client_context
()
:
get_config
()
->
default_ssl_ctx
;
SSL_CTX
*
cl_ssl_ctx
=
get_config
()
->
client_mode
?
ssl
::
create_ssl_client_context
()
:
0
;
ListenHandler
*
listener_handler
=
new
ListenHandler
(
evbase
,
ssl_ctx
);
ListenHandler
*
listener_handler
=
new
ListenHandler
(
evbase
,
sv_ssl_ctx
,
cl_ssl_ctx
);
if
(
get_config
()
->
daemon
)
{
if
(
get_config
()
->
daemon
)
{
if
(
daemon
(
0
,
0
)
==
-
1
)
{
if
(
daemon
(
0
,
0
)
==
-
1
)
{
LOG
(
FATAL
)
<<
"Failed to daemonize: "
<<
strerror
(
errno
);
LOG
(
FATAL
)
<<
"Failed to daemonize: "
<<
strerror
(
errno
);
...
@@ -269,7 +270,7 @@ int event_loop()
...
@@ -269,7 +270,7 @@ int event_loop()
if
(
get_config
()
->
num_worker
>
1
)
{
if
(
get_config
()
->
num_worker
>
1
)
{
listener_handler
->
create_worker_thread
(
get_config
()
->
num_worker
);
listener_handler
->
create_worker_thread
(
get_config
()
->
num_worker
);
}
else
if
(
get_config
()
->
client_mode
)
{
}
else
if
(
cl_ssl_ctx
)
{
listener_handler
->
create_spdy_session
();
listener_handler
->
create_spdy_session
();
}
}
...
...
src/shrpx_client_handler.cc
View file @
c7071258
...
@@ -272,7 +272,7 @@ DownstreamConnection* ClientHandler::get_downstream_connection()
...
@@ -272,7 +272,7 @@ DownstreamConnection* ClientHandler::get_downstream_connection()
CLOG
(
INFO
,
this
)
<<
"Downstream connection pool is empty."
CLOG
(
INFO
,
this
)
<<
"Downstream connection pool is empty."
<<
" Create new one"
;
<<
" Create new one"
;
}
}
if
(
get_config
()
->
client_mode
)
{
if
(
spdy_
)
{
return
new
SpdyDownstreamConnection
(
this
);
return
new
SpdyDownstreamConnection
(
this
);
}
else
{
}
else
{
return
new
HttpDownstreamConnection
(
this
);
return
new
HttpDownstreamConnection
(
this
);
...
...
src/shrpx_client_handler.h
View file @
c7071258
...
@@ -71,8 +71,8 @@ private:
...
@@ -71,8 +71,8 @@ private:
std
::
string
ipaddr_
;
std
::
string
ipaddr_
;
bool
should_close_after_write_
;
bool
should_close_after_write_
;
std
::
set
<
DownstreamConnection
*>
dconn_pool_
;
std
::
set
<
DownstreamConnection
*>
dconn_pool_
;
// Shared SPDY session for each thread. NULL if
not client mode. N
ot
// Shared SPDY session for each thread. NULL if
backend is n
ot
// deleted by this object.
//
SPDY. Not
deleted by this object.
SpdySession
*
spdy_
;
SpdySession
*
spdy_
;
};
};
...
...
src/shrpx_listen_handler.cc
View file @
c7071258
...
@@ -40,9 +40,11 @@
...
@@ -40,9 +40,11 @@
namespace
shrpx
{
namespace
shrpx
{
ListenHandler
::
ListenHandler
(
event_base
*
evbase
,
SSL_CTX
*
ssl_ctx
)
ListenHandler
::
ListenHandler
(
event_base
*
evbase
,
SSL_CTX
*
sv_ssl_ctx
,
SSL_CTX
*
cl_ssl_ctx
)
:
evbase_
(
evbase
),
:
evbase_
(
evbase
),
ssl_ctx_
(
ssl_ctx
),
sv_ssl_ctx_
(
sv_ssl_ctx
),
cl_ssl_ctx_
(
cl_ssl_ctx
),
worker_round_robin_cnt_
(
0
),
worker_round_robin_cnt_
(
0
),
workers_
(
0
),
workers_
(
0
),
num_worker_
(
0
),
num_worker_
(
0
),
...
@@ -68,7 +70,8 @@ void ListenHandler::create_worker_thread(size_t num)
...
@@ -68,7 +70,8 @@ void ListenHandler::create_worker_thread(size_t num)
LLOG
(
ERROR
,
this
)
<<
"socketpair() failed: "
<<
strerror
(
errno
);
LLOG
(
ERROR
,
this
)
<<
"socketpair() failed: "
<<
strerror
(
errno
);
continue
;
continue
;
}
}
info
->
ssl_ctx
=
ssl_ctx_
;
info
->
sv_ssl_ctx
=
sv_ssl_ctx_
;
info
->
cl_ssl_ctx
=
cl_ssl_ctx_
;
rv
=
pthread_create
(
&
thread
,
&
attr
,
start_threaded_worker
,
info
);
rv
=
pthread_create
(
&
thread
,
&
attr
,
start_threaded_worker
,
info
);
if
(
rv
!=
0
)
{
if
(
rv
!=
0
)
{
LLOG
(
ERROR
,
this
)
<<
"pthread_create() failed: "
<<
strerror
(
rv
);
LLOG
(
ERROR
,
this
)
<<
"pthread_create() failed: "
<<
strerror
(
rv
);
...
@@ -94,11 +97,9 @@ int ListenHandler::accept_connection(evutil_socket_t fd,
...
@@ -94,11 +97,9 @@ int ListenHandler::accept_connection(evutil_socket_t fd,
LLOG
(
INFO
,
this
)
<<
"Accepted connection. fd="
<<
fd
;
LLOG
(
INFO
,
this
)
<<
"Accepted connection. fd="
<<
fd
;
}
}
if
(
num_worker_
==
0
)
{
if
(
num_worker_
==
0
)
{
ClientHandler
*
client
=
ClientHandler
*
client
=
ssl
::
accept_connection
(
evbase_
,
sv_ssl_ctx_
,
ssl
::
accept_ssl_connection
(
evbase_
,
ssl_ctx_
,
fd
,
addr
,
addrlen
);
fd
,
addr
,
addrlen
);
if
(
get_config
()
->
client_mode
)
{
client
->
set_spdy_session
(
spdy_
);
client
->
set_spdy_session
(
spdy_
);
}
}
else
{
}
else
{
size_t
idx
=
worker_round_robin_cnt_
%
num_worker_
;
size_t
idx
=
worker_round_robin_cnt_
%
num_worker_
;
++
worker_round_robin_cnt_
;
++
worker_round_robin_cnt_
;
...
@@ -124,7 +125,7 @@ event_base* ListenHandler::get_evbase() const
...
@@ -124,7 +125,7 @@ event_base* ListenHandler::get_evbase() const
int
ListenHandler
::
create_spdy_session
()
int
ListenHandler
::
create_spdy_session
()
{
{
int
rv
;
int
rv
;
spdy_
=
new
SpdySession
(
evbase_
,
ssl_ctx_
);
spdy_
=
new
SpdySession
(
evbase_
,
cl_
ssl_ctx_
);
rv
=
spdy_
->
init_notification
();
rv
=
spdy_
->
init_notification
();
return
rv
;
return
rv
;
}
}
...
...
src/shrpx_listen_handler.h
View file @
c7071258
...
@@ -38,7 +38,8 @@ namespace shrpx {
...
@@ -38,7 +38,8 @@ namespace shrpx {
struct
WorkerInfo
{
struct
WorkerInfo
{
int
sv
[
2
];
int
sv
[
2
];
SSL_CTX
*
ssl_ctx
;
SSL_CTX
*
sv_ssl_ctx
;
SSL_CTX
*
cl_ssl_ctx
;
bufferevent
*
bev
;
bufferevent
*
bev
;
};
};
...
@@ -46,7 +47,7 @@ class SpdySession;
...
@@ -46,7 +47,7 @@ class SpdySession;
class
ListenHandler
{
class
ListenHandler
{
public:
public:
ListenHandler
(
event_base
*
evbase
,
SSL_CTX
*
ssl_ctx
);
ListenHandler
(
event_base
*
evbase
,
SSL_CTX
*
s
v_ssl_ctx
,
SSL_CTX
*
cl_s
sl_ctx
);
~
ListenHandler
();
~
ListenHandler
();
int
accept_connection
(
evutil_socket_t
fd
,
sockaddr
*
addr
,
int
addrlen
);
int
accept_connection
(
evutil_socket_t
fd
,
sockaddr
*
addr
,
int
addrlen
);
void
create_worker_thread
(
size_t
num
);
void
create_worker_thread
(
size_t
num
);
...
@@ -54,14 +55,15 @@ public:
...
@@ -54,14 +55,15 @@ public:
int
create_spdy_session
();
int
create_spdy_session
();
private:
private:
event_base
*
evbase_
;
event_base
*
evbase_
;
// In client-mode, this is for backend SPDY connection. Otherwise,
// The frontend server SSL_CTX
// for frontend.
SSL_CTX
*
sv_ssl_ctx_
;
SSL_CTX
*
ssl_ctx_
;
// The backend server SSL_CTX
SSL_CTX
*
cl_ssl_ctx_
;
unsigned
int
worker_round_robin_cnt_
;
unsigned
int
worker_round_robin_cnt_
;
WorkerInfo
*
workers_
;
WorkerInfo
*
workers_
;
size_t
num_worker_
;
size_t
num_worker_
;
// Shared
SPDY session. NULL if not client mode or
// Shared
backend SPDY session. NULL if multi-threaded. In
// multi-threaded
. In multi-threaded
case, see shrpx_worker.cc.
// multi-threaded case, see shrpx_worker.cc.
SpdySession
*
spdy_
;
SpdySession
*
spdy_
;
};
};
...
...
src/shrpx_ssl.cc
View file @
c7071258
...
@@ -245,9 +245,9 @@ SSL_CTX* create_ssl_client_context()
...
@@ -245,9 +245,9 @@ SSL_CTX* create_ssl_client_context()
return
ssl_ctx
;
return
ssl_ctx
;
}
}
ClientHandler
*
accept_
ssl_
connection
(
event_base
*
evbase
,
SSL_CTX
*
ssl_ctx
,
ClientHandler
*
accept_connection
(
event_base
*
evbase
,
SSL_CTX
*
ssl_ctx
,
evutil_socket_t
fd
,
evutil_socket_t
fd
,
sockaddr
*
addr
,
int
addrlen
)
sockaddr
*
addr
,
int
addrlen
)
{
{
char
host
[
NI_MAXHOST
];
char
host
[
NI_MAXHOST
];
int
rv
;
int
rv
;
...
@@ -266,9 +266,7 @@ ClientHandler* accept_ssl_connection(event_base *evbase, SSL_CTX *ssl_ctx,
...
@@ -266,9 +266,7 @@ ClientHandler* accept_ssl_connection(event_base *evbase, SSL_CTX *ssl_ctx,
}
}
SSL
*
ssl
=
0
;
SSL
*
ssl
=
0
;
bufferevent
*
bev
;
bufferevent
*
bev
;
if
(
get_config
()
->
client_mode
)
{
if
(
ssl_ctx
)
{
bev
=
bufferevent_socket_new
(
evbase
,
fd
,
BEV_OPT_DEFER_CALLBACKS
);
}
else
{
ssl
=
SSL_new
(
ssl_ctx
);
ssl
=
SSL_new
(
ssl_ctx
);
if
(
!
ssl
)
{
if
(
!
ssl
)
{
LOG
(
ERROR
)
<<
"SSL_new() failed: "
LOG
(
ERROR
)
<<
"SSL_new() failed: "
...
@@ -278,6 +276,8 @@ ClientHandler* accept_ssl_connection(event_base *evbase, SSL_CTX *ssl_ctx,
...
@@ -278,6 +276,8 @@ ClientHandler* accept_ssl_connection(event_base *evbase, SSL_CTX *ssl_ctx,
bev
=
bufferevent_openssl_socket_new
bev
=
bufferevent_openssl_socket_new
(
evbase
,
fd
,
ssl
,
(
evbase
,
fd
,
ssl
,
BUFFEREVENT_SSL_ACCEPTING
,
BEV_OPT_DEFER_CALLBACKS
);
BUFFEREVENT_SSL_ACCEPTING
,
BEV_OPT_DEFER_CALLBACKS
);
}
else
{
bev
=
bufferevent_socket_new
(
evbase
,
fd
,
BEV_OPT_DEFER_CALLBACKS
);
}
}
ClientHandler
*
client_handler
=
new
ClientHandler
(
bev
,
fd
,
ssl
,
host
);
ClientHandler
*
client_handler
=
new
ClientHandler
(
bev
,
fd
,
ssl
,
host
);
return
client_handler
;
return
client_handler
;
...
...
src/shrpx_ssl.h
View file @
c7071258
...
@@ -45,9 +45,9 @@ SSL_CTX* create_ssl_context(const char *private_key_file,
...
@@ -45,9 +45,9 @@ SSL_CTX* create_ssl_context(const char *private_key_file,
SSL_CTX
*
create_ssl_client_context
();
SSL_CTX
*
create_ssl_client_context
();
ClientHandler
*
accept_
ssl_
connection
(
event_base
*
evbase
,
SSL_CTX
*
ssl_ctx
,
ClientHandler
*
accept_connection
(
event_base
*
evbase
,
SSL_CTX
*
ssl_ctx
,
evutil_socket_t
fd
,
evutil_socket_t
fd
,
sockaddr
*
addr
,
int
addrlen
);
sockaddr
*
addr
,
int
addrlen
);
bool
numeric_host
(
const
char
*
hostname
);
bool
numeric_host
(
const
char
*
hostname
);
...
...
src/shrpx_thread_event_receiver.cc
View file @
c7071258
...
@@ -58,10 +58,10 @@ void ThreadEventReceiver::on_read(bufferevent *bev)
...
@@ -58,10 +58,10 @@ void ThreadEventReceiver::on_read(bufferevent *bev)
}
}
event_base
*
evbase
=
bufferevent_get_base
(
bev
);
event_base
*
evbase
=
bufferevent_get_base
(
bev
);
ClientHandler
*
client_handler
;
ClientHandler
*
client_handler
;
client_handler
=
ssl
::
accept_
ssl_
connection
(
evbase
,
ssl_ctx_
,
client_handler
=
ssl
::
accept_connection
(
evbase
,
ssl_ctx_
,
wev
.
client_fd
,
wev
.
client_fd
,
&
wev
.
client_addr
.
sa
,
&
wev
.
client_addr
.
sa
,
wev
.
client_addrlen
);
wev
.
client_addrlen
);
if
(
client_handler
)
{
if
(
client_handler
)
{
client_handler
->
set_spdy_session
(
spdy_
);
client_handler
->
set_spdy_session
(
spdy_
);
if
(
LOG_ENABLED
(
INFO
))
{
if
(
LOG_ENABLED
(
INFO
))
{
...
...
src/shrpx_worker.cc
View file @
c7071258
...
@@ -39,7 +39,8 @@ namespace shrpx {
...
@@ -39,7 +39,8 @@ namespace shrpx {
Worker
::
Worker
(
WorkerInfo
*
info
)
Worker
::
Worker
(
WorkerInfo
*
info
)
:
fd_
(
info
->
sv
[
1
]),
:
fd_
(
info
->
sv
[
1
]),
ssl_ctx_
(
info
->
ssl_ctx
)
sv_ssl_ctx_
(
info
->
sv_ssl_ctx
),
cl_ssl_ctx_
(
info
->
cl_ssl_ctx
)
{}
{}
Worker
::~
Worker
()
Worker
::~
Worker
()
...
@@ -74,13 +75,13 @@ void Worker::run()
...
@@ -74,13 +75,13 @@ void Worker::run()
bufferevent
*
bev
=
bufferevent_socket_new
(
evbase
,
fd_
,
bufferevent
*
bev
=
bufferevent_socket_new
(
evbase
,
fd_
,
BEV_OPT_DEFER_CALLBACKS
);
BEV_OPT_DEFER_CALLBACKS
);
SpdySession
*
spdy
=
0
;
SpdySession
*
spdy
=
0
;
if
(
get_config
()
->
client_mode
)
{
if
(
cl_ssl_ctx_
)
{
spdy
=
new
SpdySession
(
evbase
,
ssl_ctx_
);
spdy
=
new
SpdySession
(
evbase
,
cl_
ssl_ctx_
);
if
(
spdy
->
init_notification
()
==
-
1
)
{
if
(
spdy
->
init_notification
()
==
-
1
)
{
DIE
();
DIE
();
}
}
}
}
ThreadEventReceiver
*
receiver
=
new
ThreadEventReceiver
(
ssl_ctx_
,
spdy
);
ThreadEventReceiver
*
receiver
=
new
ThreadEventReceiver
(
s
v_s
sl_ctx_
,
spdy
);
bufferevent_enable
(
bev
,
EV_READ
);
bufferevent_enable
(
bev
,
EV_READ
);
bufferevent_setcb
(
bev
,
readcb
,
0
,
eventcb
,
receiver
);
bufferevent_setcb
(
bev
,
readcb
,
0
,
eventcb
,
receiver
);
...
...
src/shrpx_worker.h
View file @
c7071258
...
@@ -42,7 +42,8 @@ public:
...
@@ -42,7 +42,8 @@ public:
private:
private:
// Channel to the main thread
// Channel to the main thread
int
fd_
;
int
fd_
;
SSL_CTX
*
ssl_ctx_
;
SSL_CTX
*
sv_ssl_ctx_
;
SSL_CTX
*
cl_ssl_ctx_
;
};
};
void
*
start_threaded_worker
(
void
*
arg
);
void
*
start_threaded_worker
(
void
*
arg
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment