Opened 6 years ago
Closed 6 years ago
#1951 closed enhancement (wontfix)
support stream tls termination protocol detection
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | nginx-module | Version: | 1.17.x |
| Keywords: | Cc: | ||
| uname -a: | |||
| nginx -V: | nginx/1.16.1 | ||
Description
In haproxy I could use if HTTP after tls termination , but in nginx after stream tls termination, there is no Embedded Variables to show if it's http protocol.
haproxy:
defaults mode tcp frontend tls-in bind *:443 tfo ssl crt /etc/ssl/private/aa.aa.pem tcp-request content accept if HTTP // how nginx could route request just like below ?? use_backend httpback if HTTP default_backend customback
nginx:
stream { upstream customback{ server 127.0.0.1:8888; } upstream httpback{ server 127.0.0.1:9999; } server { listen 443 ssl; //how to figure if it's http req. proxy_pass httpback; ssl_certificate /etc/cert/fullchain.cer; ssl_certificate_key /etc/cert/aa.aa.key; } } Change History (3)
comment:1 by , 6 years ago
comment:3 by , 6 years ago
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
Given that this is something that can be done using njs, and it is unclear if there is a strong demand for this feature to consider implementing this natively, closing this for now.
Note: See TracTickets for help on using tickets.
Hi xqdoo00o,
You may try stream js module (http://nginx.org/en/docs/stream/ngx_stream_js_module.html).
nginx.conf:
js_include stream.js; js_set $upstream upstream; server { ... js_preread preread; proxy_pass $upstream; }stream.js:
var is_http = 0; function preread(s) { s.on('upload', function (data, flags) { var n = data.indexOf('\r\n'); if (n != -1 && data.substr(0, n - 1).endsWith("HTTP/1.")) { is_http = 1; } if (data.length || flags.last) { s.done(); } }); } function upstream(s) { return is_http ? "httpback" : "customback"; }