forked from iqiyi/dpvs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
nginx-1.14.0-nat64-toa.patch
164 lines (152 loc) · 5.44 KB
/
nginx-1.14.0-nat64-toa.patch
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
diff -Nrup nginx-1.14.0/src/core/ngx_connection.h nginx-1.14.0_toa/src/core/ngx_connection.h
--- nginx-1.14.0/src/core/ngx_connection.h 2018-04-17 15:22:36.000000000 +0000
+++ nginx-1.14.0_toa/src/core/ngx_connection.h 2018-11-22 07:02:37.632988544 +0000
@@ -144,6 +144,8 @@ struct ngx_connection_s {
socklen_t socklen;
ngx_str_t addr_text;
+ struct toa_nat64_peer *toaddr;
+
ngx_str_t proxy_protocol_addr;
in_port_t proxy_protocol_port;
diff -Nrup nginx-1.14.0/src/core/ngx_inet.h nginx-1.14.0_toa/src/core/ngx_inet.h
--- nginx-1.14.0/src/core/ngx_inet.h 2018-04-17 15:22:36.000000000 +0000
+++ nginx-1.14.0_toa/src/core/ngx_inet.h 2018-11-22 06:13:19.869544046 +0000
@@ -126,5 +126,19 @@ ngx_int_t ngx_cmp_sockaddr(struct sockad
in_port_t ngx_inet_get_port(struct sockaddr *sa);
void ngx_inet_set_port(struct sockaddr *sa, in_port_t port);
+/* toa socket options, now only for nat64 */
+enum {
+ TOA_BASE_CTL = 4096,
+ /* set */
+ TOA_SO_SET_MAX = TOA_BASE_CTL,
+ /* get */
+ TOA_SO_GET_LOOKUP = TOA_BASE_CTL,
+ TOA_SO_GET_MAX = TOA_SO_GET_LOOKUP,
+};
+
+struct toa_nat64_peer {
+ struct in6_addr saddr;
+ uint16_t sport;
+};
#endif /* _NGX_INET_H_INCLUDED_ */
diff -Nrup nginx-1.14.0/src/event/ngx_event_accept.c nginx-1.14.0_toa/src/event/ngx_event_accept.c
--- nginx-1.14.0/src/event/ngx_event_accept.c 2018-04-17 15:22:36.000000000 +0000
+++ nginx-1.14.0_toa/src/event/ngx_event_accept.c 2018-11-22 07:02:11.253981252 +0000
@@ -22,7 +22,7 @@ static void ngx_debug_accepted_connectio
void
ngx_event_accept(ngx_event_t *ev)
{
- socklen_t socklen;
+ socklen_t socklen, len;
ngx_err_t err;
ngx_log_t *log;
ngx_uint_t level;
@@ -35,6 +35,7 @@ ngx_event_accept(ngx_event_t *ev)
#if (NGX_HAVE_ACCEPT4)
static ngx_uint_t use_accept4 = 1;
#endif
+ struct toa_nat64_peer uaddr;
if (ev->timedout) {
if (ngx_enable_accept_events((ngx_cycle_t *) ngx_cycle) != NGX_OK) {
@@ -176,6 +177,21 @@ ngx_event_accept(ngx_event_t *ev)
ngx_memcpy(c->sockaddr, &sa, socklen);
+ /* get NAT64 remote addr/port */
+ len = sizeof(struct toa_nat64_peer);
+ if (getsockopt(s, IPPROTO_IP, TOA_SO_GET_LOOKUP, &uaddr, &len)
+ == NGX_OK) {
+ c->toaddr = ngx_palloc(c->pool, len);
+ if (c->toaddr == NULL) {
+ ngx_close_accepted_connection(c);
+ return;
+ }
+
+ ngx_memcpy(c->toaddr, &uaddr, len);
+ } else {
+ c->toaddr = NULL;
+ }
+
log = ngx_palloc(c->pool, sizeof(ngx_log_t));
if (log == NULL) {
ngx_close_accepted_connection(c);
diff -Nrup nginx-1.14.0/src/http/ngx_http_variables.c nginx-1.14.0_toa/src/http/ngx_http_variables.c
--- nginx-1.14.0/src/http/ngx_http_variables.c 2018-04-17 15:22:36.000000000 +0000
+++ nginx-1.14.0_toa/src/http/ngx_http_variables.c 2018-12-04 06:43:16.014591001 +0000
@@ -143,6 +143,10 @@ static ngx_int_t ngx_http_variable_time_
static ngx_int_t ngx_http_variable_time_local(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
+static ngx_int_t ngx_http_variable_toa_remote_addr(ngx_http_request_t *r,
+ ngx_http_variable_value_t *v, uintptr_t data);
+static ngx_int_t ngx_http_variable_toa_remote_port(ngx_http_request_t *r,
+ ngx_http_variable_value_t *v, uintptr_t data);
/*
* TODO:
* Apache CGI: AUTH_TYPE, PATH_INFO (null), PATH_TRANSLATED
@@ -379,6 +383,10 @@ static ngx_http_variable_t ngx_http_cor
{ ngx_string("arg_"), NULL, ngx_http_variable_argument,
0, NGX_HTTP_VAR_NOCACHEABLE|NGX_HTTP_VAR_PREFIX, 0 },
+ { ngx_string("toa_remote_addr"), NULL, ngx_http_variable_toa_remote_addr, 0, 0, 0 },
+
+ { ngx_string("toa_remote_port"), NULL, ngx_http_variable_toa_remote_port, 0, 0, 0 },
+
ngx_http_null_variable
};
@@ -1314,6 +1322,61 @@ ngx_http_variable_remote_port(ngx_http_r
return NGX_OK;
}
+static ngx_int_t
+ngx_http_variable_toa_remote_addr(ngx_http_request_t *r,
+ ngx_http_variable_value_t *v, uintptr_t data)
+{
+ v->len = 0;
+ v->valid = 1;
+ v->no_cacheable = 0;
+ v->not_found = 0;
+
+ if (r->connection->toaddr) {
+ v->data = ngx_pnalloc(r->pool, NGX_INET6_ADDRSTRLEN - 1);
+ if (v->data == NULL) {
+ return NGX_ERROR;
+ }
+
+ inet_ntop(AF_INET6, &(r->connection->toaddr->saddr), (char *)v->data, NGX_INET6_ADDRSTRLEN);
+ v->len = ngx_strlen(v->data);
+ } else {
+ v->data = ngx_pnalloc(r->pool, 1);
+ ngx_memcpy(v->data, "-", 1);
+ v->len = 1;
+ }
+
+ return NGX_OK;
+}
+
+static ngx_int_t
+ngx_http_variable_toa_remote_port(ngx_http_request_t *r,
+ ngx_http_variable_value_t *v, uintptr_t data)
+{
+ ngx_uint_t port;
+
+ v->len = 0;
+ v->valid = 1;
+ v->no_cacheable = 0;
+ v->not_found = 0;
+
+ v->data = ngx_pnalloc(r->pool, sizeof("65535") - 1);
+ if (v->data == NULL) {
+ return NGX_ERROR;
+ }
+
+ if (r->connection->toaddr) {
+ port = r->connection->toaddr->sport;
+ if (port > 0 && port < 65536) {
+ v->len = ngx_sprintf(v->data, "%ui", port) - v->data;
+ }
+ } else {
+ v->data = ngx_pnalloc(r->pool, 1);
+ ngx_memcpy(v->data, "-", 1);
+ v->len = 1;
+ }
+
+ return NGX_OK;
+}
static ngx_int_t
ngx_http_variable_proxy_protocol_addr(ngx_http_request_t *r,