details: https://hg.nginx.org/nginx/rev/17d6a537fb1b
branches:
changeset: 8099:17d6a537fb1b
user: Roman Arutyunyan <arut@nginx.com>
date: Wed Nov 02 13:46:16 2022 +0400
description:
Increased maximum read PROXY protocol header size.

Maximum size for reading the PROXY protocol header is increased to 4096 to
accommodate a bigger number of TLVs, which are supported since cca4c8a715de.

Maximum size for writing the PROXY protocol header is not changed since only
version 1 is currently supported.

diffstat:

src/core/ngx_proxy_protocol.c | 2 +-
src/core/ngx_proxy_protocol.h | 3 ++-
src/mail/ngx_mail_proxy_module.c | 4 ++--
src/stream/ngx_stream_proxy_module.c | 10 ++++++----
4 files changed, 11 insertions(+), 8 deletions(-)

diffs (86 lines):

diff -r a2924855f453 -r 17d6a537fb1b src/core/ngx_proxy_protocol.c
--- a/src/core/ngx_proxy_protocol.c Thu Nov 03 15:52:55 2022 +0400
+++ b/src/core/ngx_proxy_protocol.c Wed Nov 02 13:46:16 2022 +0400
@@ -281,7 +281,7 @@ ngx_proxy_protocol_write(ngx_connection_
{
ngx_uint_t port, lport;

- if (last - buf < NGX_PROXY_PROTOCOL_MAX_HEADER) {
+ if (last - buf < NGX_PROXY_PROTOCOL_V1_MAX_HEADER) {
return NULL;
}

diff -r a2924855f453 -r 17d6a537fb1b src/core/ngx_proxy_protocol.h
--- a/src/core/ngx_proxy_protocol.h Thu Nov 03 15:52:55 2022 +0400
+++ b/src/core/ngx_proxy_protocol.h Wed Nov 02 13:46:16 2022 +0400
@@ -13,7 +13,8 @@
#include <ngx_core.h>


-#define NGX_PROXY_PROTOCOL_MAX_HEADER 107
+#define NGX_PROXY_PROTOCOL_V1_MAX_HEADER 107
+#define NGX_PROXY_PROTOCOL_MAX_HEADER 4096


struct ngx_proxy_protocol_s {
diff -r a2924855f453 -r 17d6a537fb1b src/mail/ngx_mail_proxy_module.c
--- a/src/mail/ngx_mail_proxy_module.c Thu Nov 03 15:52:55 2022 +0400
+++ b/src/mail/ngx_mail_proxy_module.c Wed Nov 02 13:46:16 2022 +0400
@@ -890,7 +890,7 @@ ngx_mail_proxy_send_proxy_protocol(ngx_m
u_char *p;
ssize_t n, size;
ngx_connection_t *c;
- u_char buf[NGX_PROXY_PROTOCOL_MAX_HEADER];
+ u_char buf[NGX_PROXY_PROTOCOL_V1_MAX_HEADER];

s->connection->log->action = "sending PROXY protocol header to upstream";

@@ -898,7 +898,7 @@ ngx_mail_proxy_send_proxy_protocol(ngx_m
"mail proxy send PROXY protocol header");

p = ngx_proxy_protocol_write(s->connection, buf,
- buf + NGX_PROXY_PROTOCOL_MAX_HEADER);
+ buf + NGX_PROXY_PROTOCOL_V1_MAX_HEADER);
if (p == NULL) {
ngx_mail_proxy_internal_server_error(s);
return NGX_ERROR;
diff -r a2924855f453 -r 17d6a537fb1b src/stream/ngx_stream_proxy_module.c
--- a/src/stream/ngx_stream_proxy_module.c Thu Nov 03 15:52:55 2022 +0400
+++ b/src/stream/ngx_stream_proxy_module.c Wed Nov 02 13:46:16 2022 +0400
@@ -894,7 +894,7 @@ ngx_stream_proxy_init_upstream(ngx_strea
return;
}

- p = ngx_pnalloc(c->pool, NGX_PROXY_PROTOCOL_MAX_HEADER);
+ p = ngx_pnalloc(c->pool, NGX_PROXY_PROTOCOL_V1_MAX_HEADER);
if (p == NULL) {
ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR);
return;
@@ -902,7 +902,8 @@ ngx_stream_proxy_init_upstream(ngx_strea

cl->buf->pos = p;

- p = ngx_proxy_protocol_write(c, p, p + NGX_PROXY_PROTOCOL_MAX_HEADER);
+ p = ngx_proxy_protocol_write(c, p,
+ p + NGX_PROXY_PROTOCOL_V1_MAX_HEADER);
if (p == NULL) {
ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR);
return;
@@ -946,14 +947,15 @@ ngx_stream_proxy_send_proxy_protocol(ngx
ngx_connection_t *c, *pc;
ngx_stream_upstream_t *u;
ngx_stream_proxy_srv_conf_t *pscf;
- u_char buf[NGX_PROXY_PROTOCOL_MAX_HEADER];
+ u_char buf[NGX_PROXY_PROTOCOL_V1_MAX_HEADER];

c = s->connection;

ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0,
"stream proxy send PROXY protocol header");

- p = ngx_proxy_protocol_write(c, buf, buf + NGX_PROXY_PROTOCOL_MAX_HEADER);
+ p = ngx_proxy_protocol_write(c, buf,
+ buf + NGX_PROXY_PROTOCOL_V1_MAX_HEADER);
if (p == NULL) {
ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
_______________________________________________
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-leave@nginx.org