Opened 5 years ago
Closed 5 years ago
#1951 closed enhancement (wontfix)
support stream tls termination protocol detection
| Reported by: | Owned by: | ||
|---|---|---|---|
| Priority: | major | Milestone: | |
| Component: | nginx-module | Version: | 1.17.x |
| Keywords: | Cc: | ||
| uname -a: | |||
| nginx -V: | nginx/1.16.1 | ||
Description
In haproxy I could use if HTTP after tls termination , but in nginx after stream tls termination, there is no Embedded Variables to show if it's http protocol.
haproxy:
defaults
mode tcp
frontend tls-in
bind *:443 tfo ssl crt /etc/ssl/private/aa.aa.pem
tcp-request content accept if HTTP
// how nginx could route request just like below ??
use_backend httpback if HTTP
default_backend customback
nginx:
stream {
upstream customback{
server 127.0.0.1:8888;
}
upstream httpback{
server 127.0.0.1:9999;
}
server {
listen 443 ssl;
//how to figure if it's http req.
proxy_pass httpback;
ssl_certificate /etc/cert/fullchain.cer;
ssl_certificate_key /etc/cert/aa.aa.key;
}
}
Change History (3)
comment:1 by , 5 years ago
comment:3 by , 5 years ago
| Resolution: | → wontfix |
|---|---|
| Status: | new → closed |
Given that this is something that can be done using njs, and it is unclear if there is a strong demand for this feature to consider implementing this natively, closing this for now.
Note:
See TracTickets
for help on using tickets.
Hi xqdoo00o,
You may try stream js module (http://nginx.org/en/docs/stream/ngx_stream_js_module.html).
nginx.conf:
js_include stream.js; js_set $upstream upstream; server { ... js_preread preread; proxy_pass $upstream; }stream.js:
var is_http = 0; function preread(s) { s.on('upload', function (data, flags) { var n = data.indexOf('\r\n'); if (n != -1 && data.substr(0, n - 1).endsWith("HTTP/1.")) { is_http = 1; } if (data.length || flags.last) { s.done(); } }); } function upstream(s) { return is_http ? "httpback" : "customback"; }