diff options
Diffstat (limited to '')
-rw-r--r-- | src/nxt_h1proto.c | 20 | ||||
-rw-r--r-- | src/nxt_http.h | 2 |
2 files changed, 22 insertions, 0 deletions
diff --git a/src/nxt_h1proto.c b/src/nxt_h1proto.c index 040e8b3f..3e5044b7 100644 --- a/src/nxt_h1proto.c +++ b/src/nxt_h1proto.c @@ -514,6 +514,14 @@ nxt_h1p_conn_request_header_parse(nxt_task_t *task, void *obj, void *data) ret = nxt_h1p_header_process(h1p, r); if (nxt_fast_path(ret == NXT_OK)) { + +#if (NXT_TLS) + if (c->u.tls == NULL && r->conf->socket_conf->tls != NULL) { + status = NXT_HTTP_TO_HTTPS; + goto error; + } +#endif + r->state->ready_handler(task, r, NULL); return; } @@ -870,6 +878,15 @@ static const nxt_str_t nxt_http_client_error[] = { }; +#define NXT_HTTP_LAST_NGINX_ERROR \ + (NXT_HTTP_TO_HTTPS + nxt_nitems(nxt_http_nginx_error) - 1) + +static const nxt_str_t nxt_http_nginx_error[] = { + nxt_string("HTTP/1.1 400 " + "The plain HTTP request was sent to HTTPS port\r\n"), +}; + + #define NXT_HTTP_LAST_SERVER_ERROR \ (NXT_HTTP_INTERNAL_SERVER_ERROR + nxt_nitems(nxt_http_server_error) - 1) @@ -926,6 +943,9 @@ nxt_h1p_request_header_send(nxt_task_t *task, nxt_http_request_t *r) } else if (n >= NXT_HTTP_BAD_REQUEST && n <= NXT_HTTP_LAST_CLIENT_ERROR) { status = &nxt_http_client_error[n - NXT_HTTP_BAD_REQUEST]; + } else if (n >= NXT_HTTP_TO_HTTPS && n <= NXT_HTTP_LAST_NGINX_ERROR) { + status = &nxt_http_nginx_error[n - NXT_HTTP_TO_HTTPS]; + } else if (n >= NXT_HTTP_INTERNAL_SERVER_ERROR && n <= NXT_HTTP_LAST_SERVER_ERROR) { diff --git a/src/nxt_http.h b/src/nxt_http.h index e9cf99f3..1c7ed8bb 100644 --- a/src/nxt_http.h +++ b/src/nxt_http.h @@ -26,6 +26,8 @@ typedef enum { NXT_HTTP_URI_TOO_LONG = 414, NXT_HTTP_REQUEST_HEADER_FIELDS_TOO_LARGE = 431, + NXT_HTTP_TO_HTTPS = 497, + NXT_HTTP_INTERNAL_SERVER_ERROR = 500, NXT_HTTP_NOT_IMPLEMENTED = 501, NXT_HTTP_BAD_GATEWAY = 502, |