aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/cowboy_clear.erl25
-rw-r--r--src/cowboy_http.erl32
-rw-r--r--src/cowboy_http2.erl43
-rw-r--r--src/cowboy_req.erl1
-rw-r--r--src/cowboy_tls.erl17
5 files changed, 75 insertions, 43 deletions
diff --git a/src/cowboy_clear.erl b/src/cowboy_clear.erl
index 522ede3..7bb1a35 100644
--- a/src/cowboy_clear.erl
+++ b/src/cowboy_clear.erl
@@ -16,22 +16,29 @@
-behavior(ranch_protocol).
-export([start_link/4]).
--export([connection_process/5]).
+-export([connection_process/4]).
-spec start_link(ranch:ref(), inet:socket(), module(), cowboy:opts()) -> {ok, pid()}.
-start_link(Ref, Socket, Transport, Opts) ->
+start_link(Ref, _Socket, Transport, Opts) ->
Pid = proc_lib:spawn_link(?MODULE, connection_process,
- [self(), Ref, Socket, Transport, Opts]),
+ [self(), Ref, Transport, Opts]),
{ok, Pid}.
--spec connection_process(pid(), ranch:ref(), inet:socket(), module(), cowboy:opts()) -> ok.
-connection_process(Parent, Ref, Socket, Transport, Opts) ->
- ok = ranch:accept_ack(Ref),
- init(Parent, Ref, Socket, Transport, Opts, cowboy_http).
+-spec connection_process(pid(), ranch:ref(), module(), cowboy:opts()) -> ok.
+connection_process(Parent, Ref, Transport, Opts) ->
+ ProxyInfo = case maps:get(proxy_header, Opts, false) of
+ true ->
+ {ok, ProxyInfo0} = ranch:recv_proxy_header(Ref, 1000),
+ ProxyInfo0;
+ false ->
+ undefined
+ end,
+ {ok, Socket} = ranch:handshake(Ref),
+ init(Parent, Ref, Socket, Transport, ProxyInfo, Opts, cowboy_http).
-init(Parent, Ref, Socket, Transport, Opts, Protocol) ->
+init(Parent, Ref, Socket, Transport, ProxyInfo, Opts, Protocol) ->
_ = case maps:get(connection_type, Opts, supervisor) of
worker -> ok;
supervisor -> process_flag(trap_exit, true)
end,
- Protocol:init(Parent, Ref, Socket, Transport, Opts).
+ Protocol:init(Parent, Ref, Socket, Transport, ProxyInfo, Opts).
diff --git a/src/cowboy_http.erl b/src/cowboy_http.erl
index b1c8dbe..a6da5c6 100644
--- a/src/cowboy_http.erl
+++ b/src/cowboy_http.erl
@@ -18,7 +18,7 @@
-compile({nowarn_deprecated_function, [{erlang, get_stacktrace, 0}]}).
-endif.
--export([init/5]).
+-export([init/6]).
-export([system_continue/3]).
-export([system_terminate/4]).
@@ -98,6 +98,7 @@
ref :: ranch:ref(),
socket :: inet:socket(),
transport :: module(),
+ proxy_header :: undefined | ranch_proxy_header:proxy_info(),
opts = #{} :: map(),
%% Remote address and port for the connection.
@@ -137,8 +138,9 @@
-include_lib("cowlib/include/cow_inline.hrl").
-include_lib("cowlib/include/cow_parse.hrl").
--spec init(pid(), ranch:ref(), inet:socket(), module(), cowboy:opts()) -> ok.
-init(Parent, Ref, Socket, Transport, Opts) ->
+-spec init(pid(), ranch:ref(), inet:socket(), module(),
+ ranch_proxy_header:proxy_info(), cowboy:opts()) -> ok.
+init(Parent, Ref, Socket, Transport, ProxyHeader, Opts) ->
Peer0 = Transport:peername(Socket),
Sock0 = Transport:sockname(Socket),
Cert1 = case Transport:name() of
@@ -157,7 +159,7 @@ init(Parent, Ref, Socket, Transport, Opts) ->
LastStreamID = maps:get(max_keepalive, Opts, 100),
before_loop(set_timeout(#state{
parent=Parent, ref=Ref, socket=Socket,
- transport=Transport, opts=Opts,
+ transport=Transport, proxy_header=ProxyHeader, opts=Opts,
peer=Peer, sock=Sock, cert=Cert,
last_streamid=LastStreamID}), <<>>);
{{error, Reason}, _, _} ->
@@ -655,7 +657,7 @@ default_port(_) -> 80.
%% End of request parsing.
request(Buffer, State0=#state{ref=Ref, transport=Transport, peer=Peer, sock=Sock, cert=Cert,
- in_streamid=StreamID, in_state=
+ proxy_header=ProxyHeader, in_streamid=StreamID, in_state=
PS=#ps_header{method=Method, path=Path, qs=Qs, version=Version}},
Headers0, Host, Port) ->
Scheme = case Transport:secure() of
@@ -691,7 +693,7 @@ request(Buffer, State0=#state{ref=Ref, transport=Transport, peer=Peer, sock=Sock
_ ->
{Headers0, false, 0, undefined, undefined}
end,
- Req = #{
+ Req0 = #{
ref => Ref,
pid => self(),
streamid => StreamID,
@@ -711,6 +713,11 @@ request(Buffer, State0=#state{ref=Ref, transport=Transport, peer=Peer, sock=Sock
has_body => HasBody,
body_length => BodyLength
},
+ %% We add the PROXY header information if any.
+ Req = case ProxyHeader of
+ undefined -> Req0;
+ _ -> Req0#{proxy_header => ProxyHeader}
+ end,
case is_http2_upgrade(Headers, Version) of
false ->
State = case HasBody of
@@ -754,12 +761,12 @@ is_http2_upgrade(_, _) ->
%% Prior knowledge upgrade, without an HTTP/1.1 request.
http2_upgrade(State=#state{parent=Parent, ref=Ref, socket=Socket, transport=Transport,
- opts=Opts, peer=Peer, sock=Sock, cert=Cert}, Buffer) ->
+ proxy_header=ProxyHeader, opts=Opts, peer=Peer, sock=Sock, cert=Cert}, Buffer) ->
case Transport:secure() of
false ->
_ = cancel_timeout(State),
- cowboy_http2:init(Parent, Ref, Socket, Transport, Opts,
- Peer, Sock, Cert, Buffer);
+ cowboy_http2:init(Parent, Ref, Socket, Transport,
+ ProxyHeader, Opts, Peer, Sock, Cert, Buffer);
true ->
error_terminate(400, State, {connection_error, protocol_error,
'Clients that support HTTP/2 over TLS MUST use ALPN. (RFC7540 3.4)'})
@@ -767,7 +774,8 @@ http2_upgrade(State=#state{parent=Parent, ref=Ref, socket=Socket, transport=Tran
%% Upgrade via an HTTP/1.1 request.
http2_upgrade(State=#state{parent=Parent, ref=Ref, socket=Socket, transport=Transport,
- opts=Opts, peer=Peer, sock=Sock, cert=Cert}, Buffer, HTTP2Settings, Req) ->
+ proxy_header=ProxyHeader, opts=Opts, peer=Peer, sock=Sock, cert=Cert},
+ Buffer, HTTP2Settings, Req) ->
%% @todo
%% However if the client sent a body, we need to read the body in full
%% and if we can't do that, return a 413 response. Some options are in order.
@@ -775,8 +783,8 @@ http2_upgrade(State=#state{parent=Parent, ref=Ref, socket=Socket, transport=Tran
try cow_http_hd:parse_http2_settings(HTTP2Settings) of
Settings ->
_ = cancel_timeout(State),
- cowboy_http2:init(Parent, Ref, Socket, Transport, Opts,
- Peer, Sock, Cert, Buffer, Settings, Req)
+ cowboy_http2:init(Parent, Ref, Socket, Transport,
+ ProxyHeader, Opts, Peer, Sock, Cert, Buffer, Settings, Req)
catch _:_ ->
error_terminate(400, State, {connection_error, protocol_error,
'The HTTP2-Settings header must contain a base64 SETTINGS payload. (RFC7540 3.2, RFC7540 3.2.1)'})
diff --git a/src/cowboy_http2.erl b/src/cowboy_http2.erl
index f64592c..6ec7583 100644
--- a/src/cowboy_http2.erl
+++ b/src/cowboy_http2.erl
@@ -18,9 +18,9 @@
-compile({nowarn_deprecated_function, [{erlang, get_stacktrace, 0}]}).
-endif.
--export([init/5]).
--export([init/9]).
--export([init/11]).
+-export([init/6]).
+-export([init/10]).
+-export([init/12]).
-export([system_continue/3]).
-export([system_terminate/4]).
@@ -52,6 +52,7 @@
ref :: ranch:ref(),
socket = undefined :: inet:socket(),
transport :: module(),
+ proxy_header :: undefined | ranch_proxy_header:proxy_info(),
opts = #{} :: opts(),
%% Remote address and port for the connection.
@@ -76,8 +77,9 @@
children = cowboy_children:init() :: cowboy_children:children()
}).
--spec init(pid(), ranch:ref(), inet:socket(), module(), cowboy:opts()) -> ok.
-init(Parent, Ref, Socket, Transport, Opts) ->
+-spec init(pid(), ranch:ref(), inet:socket(), module(),
+ ranch_proxy_header:proxy_info(), cowboy:opts()) -> ok.
+init(Parent, Ref, Socket, Transport, ProxyHeader, Opts) ->
Peer0 = Transport:peername(Socket),
Sock0 = Transport:sockname(Socket),
Cert1 = case Transport:name() of
@@ -93,7 +95,7 @@ init(Parent, Ref, Socket, Transport, Opts) ->
end,
case {Peer0, Sock0, Cert1} of
{{ok, Peer}, {ok, Sock}, {ok, Cert}} ->
- init(Parent, Ref, Socket, Transport, Opts, Peer, Sock, Cert, <<>>);
+ init(Parent, Ref, Socket, Transport, ProxyHeader, Opts, Peer, Sock, Cert, <<>>);
{{error, Reason}, _, _} ->
terminate(undefined, {socket_error, Reason,
'A socket error occurred when retrieving the peer name.'});
@@ -105,13 +107,15 @@ init(Parent, Ref, Socket, Transport, Opts) ->
'A socket error occurred when retrieving the client TLS certificate.'})
end.
--spec init(pid(), ranch:ref(), inet:socket(), module(), cowboy:opts(),
+-spec init(pid(), ranch:ref(), inet:socket(), module(),
+ ranch_proxy_header:proxy_info(), cowboy:opts(),
{inet:ip_address(), inet:port_number()}, {inet:ip_address(), inet:port_number()},
binary() | undefined, binary()) -> ok.
-init(Parent, Ref, Socket, Transport, Opts, Peer, Sock, Cert, Buffer) ->
+init(Parent, Ref, Socket, Transport, ProxyHeader, Opts, Peer, Sock, Cert, Buffer) ->
{ok, Preface, HTTP2Machine} = cow_http2_machine:init(server, Opts),
State = #state{parent=Parent, ref=Ref, socket=Socket,
- transport=Transport, opts=Opts, peer=Peer, sock=Sock, cert=Cert,
+ transport=Transport, proxy_header=ProxyHeader,
+ opts=Opts, peer=Peer, sock=Sock, cert=Cert,
http2_init=sequence, http2_machine=HTTP2Machine},
Transport:send(Socket, Preface),
case Buffer of
@@ -120,16 +124,18 @@ init(Parent, Ref, Socket, Transport, Opts, Peer, Sock, Cert, Buffer) ->
end.
%% @todo Add an argument for the request body.
--spec init(pid(), ranch:ref(), inet:socket(), module(), cowboy:opts(),
+-spec init(pid(), ranch:ref(), inet:socket(), module(),
+ ranch_proxy_header:proxy_info(), cowboy:opts(),
{inet:ip_address(), inet:port_number()}, {inet:ip_address(), inet:port_number()},
binary() | undefined, binary(), map() | undefined, cowboy_req:req()) -> ok.
-init(Parent, Ref, Socket, Transport, Opts, Peer, Sock, Cert, Buffer,
+init(Parent, Ref, Socket, Transport, ProxyHeader, Opts, Peer, Sock, Cert, Buffer,
_Settings, Req=#{method := Method}) ->
{ok, Preface, HTTP2Machine0} = cow_http2_machine:init(server, Opts),
{ok, StreamID, HTTP2Machine}
= cow_http2_machine:init_upgrade_stream(Method, HTTP2Machine0),
State0 = #state{parent=Parent, ref=Ref, socket=Socket,
- transport=Transport, opts=Opts, peer=Peer, sock=Sock, cert=Cert,
+ transport=Transport, proxy_header=ProxyHeader,
+ opts=Opts, peer=Peer, sock=Sock, cert=Cert,
http2_init=upgrade, http2_machine=HTTP2Machine},
State1 = headers_frame(State0#state{
http2_machine=HTTP2Machine}, StreamID, Req),
@@ -285,7 +291,7 @@ headers_frame(State, StreamID, IsFin, Headers,
PseudoHeaders=#{method := <<"TRACE">>}, _) ->
early_error(State, StreamID, IsFin, Headers, PseudoHeaders, 501,
'The TRACE method is currently not implemented. (RFC7231 4.3.8)');
-headers_frame(State=#state{ref=Ref, peer=Peer, sock=Sock, cert=Cert},
+headers_frame(State=#state{ref=Ref, peer=Peer, sock=Sock, cert=Cert, proxy_header=ProxyHeader},
StreamID, IsFin, Headers, PseudoHeaders=#{method := Method, scheme := Scheme,
authority := Authority, path := PathWithQs}, BodyLen) ->
try cow_http_hd:parse_host(Authority) of
@@ -314,12 +320,15 @@ headers_frame(State=#state{ref=Ref, peer=Peer, sock=Sock, cert=Cert},
has_body => IsFin =:= nofin,
body_length => BodyLen
},
+ %% We add the PROXY header information if any.
+ Req1 = case ProxyHeader of
+ undefined -> Req0;
+ _ -> Req0#{proxy_header => ProxyHeader}
+ end,
%% We add the protocol information for extended CONNECTs.
Req = case PseudoHeaders of
- #{protocol := Protocol} ->
- Req0#{protocol => Protocol};
- _ ->
- Req0
+ #{protocol := Protocol} -> Req1#{protocol => Protocol};
+ _ -> Req1
end,
headers_frame(State, StreamID, Req)
catch _:_ ->
diff --git a/src/cowboy_req.erl b/src/cowboy_req.erl
index ee40304..2857c75 100644
--- a/src/cowboy_req.erl
+++ b/src/cowboy_req.erl
@@ -126,6 +126,7 @@
% pid := pid(),
% streamid := cowboy_stream:streamid(),
% peer := {inet:ip_address(), inet:port_number()},
+% proxy_header => ...
%
% method := binary(), %% case sensitive
% version := cowboy:http_version() | atom(),
diff --git a/src/cowboy_tls.erl b/src/cowboy_tls.erl
index 316fc32..864a613 100644
--- a/src/cowboy_tls.erl
+++ b/src/cowboy_tls.erl
@@ -26,17 +26,24 @@ start_link(Ref, Socket, Transport, Opts) ->
-spec connection_process(pid(), ranch:ref(), ssl:sslsocket(), module(), cowboy:opts()) -> ok.
connection_process(Parent, Ref, Socket, Transport, Opts) ->
- ok = ranch:accept_ack(Ref),
+ ProxyInfo = case maps:get(proxy_header, Opts, false) of
+ true ->
+ {ok, ProxyInfo0} = ranch:recv_proxy_header(Ref, 1000),
+ ProxyInfo0;
+ false ->
+ undefined
+ end,
+ {ok, Socket} = ranch:handshake(Ref),
case ssl:negotiated_protocol(Socket) of
{ok, <<"h2">>} ->
- init(Parent, Ref, Socket, Transport, Opts, cowboy_http2);
+ init(Parent, Ref, Socket, Transport, ProxyInfo, Opts, cowboy_http2);
_ -> %% http/1.1 or no protocol negotiated.
- init(Parent, Ref, Socket, Transport, Opts, cowboy_http)
+ init(Parent, Ref, Socket, Transport, ProxyInfo, Opts, cowboy_http)
end.
-init(Parent, Ref, Socket, Transport, Opts, Protocol) ->
+init(Parent, Ref, Socket, Transport, ProxyInfo, Opts, Protocol) ->
_ = case maps:get(connection_type, Opts, supervisor) of
worker -> ok;
supervisor -> process_flag(trap_exit, true)
end,
- Protocol:init(Parent, Ref, Socket, Transport, Opts).
+ Protocol:init(Parent, Ref, Socket, Transport, ProxyInfo, Opts).
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-18 20:36:28 +0000