Merge pull request #896 from nghttp2/nghttpx-add-tls-sni-log-var

nghttpx: Add $tls_sni access log variable
This commit is contained in:
Tatsuhiro Tsujikawa 2017-04-19 21:21:01 +09:00 committed by GitHub
commit 977779ae8d
6 changed files with 17 additions and 1 deletions

View File

@ -188,6 +188,7 @@ LOGVARS = [
"tls_protocol",
"tls_session_id",
"tls_session_reused",
"tls_sni",
"backend_host",
"backend_port",
]

View File

@ -2452,6 +2452,7 @@ Logging:
* $tls_session_id: session ID for SSL/TLS connection.
* $tls_session_reused: "r" if SSL/TLS session was
reused. Otherwise, "."
* $tls_sni: SNI server name for SSL/TLS connection.
* $backend_host: backend host used to fulfill the
request. "-" if backend host is not available.
* $backend_port: backend port used to fulfill the

View File

@ -1216,7 +1216,7 @@ void ClientHandler::write_accesslog(Downstream *downstream) {
upstream_accesslog(
config->logging.access.format,
LogSpec{
downstream, ipaddr_, alpn_,
downstream, ipaddr_, alpn_, sni_,
nghttp2::tls::get_tls_session_info(&tls_info, conn_.tls.ssl),
std::chrono::high_resolution_clock::now(), // request_end_time
port_, faddr_->port, config->pid,

View File

@ -401,6 +401,11 @@ LogFragmentType log_var_lookup_token(const char *name, size_t namelen) {
break;
case 7:
switch (name[6]) {
case 'i':
if (util::strieq_l("tls_sn", name, 6)) {
return SHRPX_LOGF_TLS_SNI;
}
break;
case 't':
if (util::strieq_l("reques", name, 6)) {
return SHRPX_LOGF_REQUEST;

View File

@ -518,6 +518,13 @@ void upstream_accesslog(const std::vector<LogFragment> &lfv,
std::tie(p, last) =
copy(lgsp.tls_info->session_reused ? 'r' : '.', p, last);
break;
case SHRPX_LOGF_TLS_SNI:
if (lgsp.sni.empty()) {
std::tie(p, last) = copy('-', p, last);
break;
}
std::tie(p, last) = copy_escape(lgsp.sni, p, last);
break;
case SHRPX_LOGF_BACKEND_HOST:
if (!downstream_addr) {
std::tie(p, last) = copy('-', p, last);

View File

@ -137,6 +137,7 @@ enum LogFragmentType {
SHRPX_LOGF_SSL_SESSION_ID = SHRPX_LOGF_TLS_SESSION_ID,
SHRPX_LOGF_TLS_SESSION_REUSED,
SHRPX_LOGF_SSL_SESSION_REUSED = SHRPX_LOGF_TLS_SESSION_REUSED,
SHRPX_LOGF_TLS_SNI,
SHRPX_LOGF_BACKEND_HOST,
SHRPX_LOGF_BACKEND_PORT,
};
@ -152,6 +153,7 @@ struct LogSpec {
Downstream *downstream;
StringRef remote_addr;
StringRef alpn;
StringRef sni;
const nghttp2::tls::TLSSessionInfo *tls_info;
std::chrono::high_resolution_clock::time_point request_end_time;
StringRef remote_port;