Merge pull request #896 from nghttp2/nghttpx-add-tls-sni-log-var
nghttpx: Add $tls_sni access log variable
This commit is contained in:
commit
977779ae8d
|
@ -188,6 +188,7 @@ LOGVARS = [
|
||||||
"tls_protocol",
|
"tls_protocol",
|
||||||
"tls_session_id",
|
"tls_session_id",
|
||||||
"tls_session_reused",
|
"tls_session_reused",
|
||||||
|
"tls_sni",
|
||||||
"backend_host",
|
"backend_host",
|
||||||
"backend_port",
|
"backend_port",
|
||||||
]
|
]
|
||||||
|
|
|
@ -2452,6 +2452,7 @@ Logging:
|
||||||
* $tls_session_id: session ID for SSL/TLS connection.
|
* $tls_session_id: session ID for SSL/TLS connection.
|
||||||
* $tls_session_reused: "r" if SSL/TLS session was
|
* $tls_session_reused: "r" if SSL/TLS session was
|
||||||
reused. Otherwise, "."
|
reused. Otherwise, "."
|
||||||
|
* $tls_sni: SNI server name for SSL/TLS connection.
|
||||||
* $backend_host: backend host used to fulfill the
|
* $backend_host: backend host used to fulfill the
|
||||||
request. "-" if backend host is not available.
|
request. "-" if backend host is not available.
|
||||||
* $backend_port: backend port used to fulfill the
|
* $backend_port: backend port used to fulfill the
|
||||||
|
|
|
@ -1216,7 +1216,7 @@ void ClientHandler::write_accesslog(Downstream *downstream) {
|
||||||
upstream_accesslog(
|
upstream_accesslog(
|
||||||
config->logging.access.format,
|
config->logging.access.format,
|
||||||
LogSpec{
|
LogSpec{
|
||||||
downstream, ipaddr_, alpn_,
|
downstream, ipaddr_, alpn_, sni_,
|
||||||
nghttp2::tls::get_tls_session_info(&tls_info, conn_.tls.ssl),
|
nghttp2::tls::get_tls_session_info(&tls_info, conn_.tls.ssl),
|
||||||
std::chrono::high_resolution_clock::now(), // request_end_time
|
std::chrono::high_resolution_clock::now(), // request_end_time
|
||||||
port_, faddr_->port, config->pid,
|
port_, faddr_->port, config->pid,
|
||||||
|
|
|
@ -401,6 +401,11 @@ LogFragmentType log_var_lookup_token(const char *name, size_t namelen) {
|
||||||
break;
|
break;
|
||||||
case 7:
|
case 7:
|
||||||
switch (name[6]) {
|
switch (name[6]) {
|
||||||
|
case 'i':
|
||||||
|
if (util::strieq_l("tls_sn", name, 6)) {
|
||||||
|
return SHRPX_LOGF_TLS_SNI;
|
||||||
|
}
|
||||||
|
break;
|
||||||
case 't':
|
case 't':
|
||||||
if (util::strieq_l("reques", name, 6)) {
|
if (util::strieq_l("reques", name, 6)) {
|
||||||
return SHRPX_LOGF_REQUEST;
|
return SHRPX_LOGF_REQUEST;
|
||||||
|
|
|
@ -518,6 +518,13 @@ void upstream_accesslog(const std::vector<LogFragment> &lfv,
|
||||||
std::tie(p, last) =
|
std::tie(p, last) =
|
||||||
copy(lgsp.tls_info->session_reused ? 'r' : '.', p, last);
|
copy(lgsp.tls_info->session_reused ? 'r' : '.', p, last);
|
||||||
break;
|
break;
|
||||||
|
case SHRPX_LOGF_TLS_SNI:
|
||||||
|
if (lgsp.sni.empty()) {
|
||||||
|
std::tie(p, last) = copy('-', p, last);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
std::tie(p, last) = copy_escape(lgsp.sni, p, last);
|
||||||
|
break;
|
||||||
case SHRPX_LOGF_BACKEND_HOST:
|
case SHRPX_LOGF_BACKEND_HOST:
|
||||||
if (!downstream_addr) {
|
if (!downstream_addr) {
|
||||||
std::tie(p, last) = copy('-', p, last);
|
std::tie(p, last) = copy('-', p, last);
|
||||||
|
|
|
@ -137,6 +137,7 @@ enum LogFragmentType {
|
||||||
SHRPX_LOGF_SSL_SESSION_ID = SHRPX_LOGF_TLS_SESSION_ID,
|
SHRPX_LOGF_SSL_SESSION_ID = SHRPX_LOGF_TLS_SESSION_ID,
|
||||||
SHRPX_LOGF_TLS_SESSION_REUSED,
|
SHRPX_LOGF_TLS_SESSION_REUSED,
|
||||||
SHRPX_LOGF_SSL_SESSION_REUSED = SHRPX_LOGF_TLS_SESSION_REUSED,
|
SHRPX_LOGF_SSL_SESSION_REUSED = SHRPX_LOGF_TLS_SESSION_REUSED,
|
||||||
|
SHRPX_LOGF_TLS_SNI,
|
||||||
SHRPX_LOGF_BACKEND_HOST,
|
SHRPX_LOGF_BACKEND_HOST,
|
||||||
SHRPX_LOGF_BACKEND_PORT,
|
SHRPX_LOGF_BACKEND_PORT,
|
||||||
};
|
};
|
||||||
|
@ -152,6 +153,7 @@ struct LogSpec {
|
||||||
Downstream *downstream;
|
Downstream *downstream;
|
||||||
StringRef remote_addr;
|
StringRef remote_addr;
|
||||||
StringRef alpn;
|
StringRef alpn;
|
||||||
|
StringRef sni;
|
||||||
const nghttp2::tls::TLSSessionInfo *tls_info;
|
const nghttp2::tls::TLSSessionInfo *tls_info;
|
||||||
std::chrono::high_resolution_clock::time_point request_end_time;
|
std::chrono::high_resolution_clock::time_point request_end_time;
|
||||||
StringRef remote_port;
|
StringRef remote_port;
|
||||||
|
|
Loading…
Reference in New Issue