Ubuntu
nginx package

Merge lp:ubuntu/raring-security/nginx into lp:ubuntu/raring/nginx

Raring (13.04)
raring-security
Merge into raring

Proposed by Roger Mbiama Assogo on 2013-06-04

Status:

Needs review

Proposed branch:

lp:ubuntu/raring-security/nginx

Merge into:

lp:ubuntu/raring/nginx

Diff against target:

6045 lines (+5938/-7)

11 files modified

.pc/applied-patches (+2/-0)
.pc/cve-2013-2070.patch/src/http/modules/ngx_http_proxy_module.c (+4038/-0)
.pc/cve-2013-4547.patch/src/http/ngx_http_parse.c (+1820/-0)
debian/changelog (+24/-0)
debian/patches/cve-2013-2070.patch (+18/-0)
debian/patches/cve-2013-4547.patch (+21/-0)
debian/patches/series (+2/-0)
debian/patches/ubuntu-branding.patch (+5/-5)
src/core/nginx.h (+2/-2)
src/http/modules/ngx_http_proxy_module.c (+4/-0)
src/http/ngx_http_parse.c (+2/-0)

To merge this branch:

bzr merge lp:ubuntu/raring-security/nginx

Medium

Fix Released

Link a bug report

Reviewer	Review Type	Date Requested	Status
Roger Mbiama Assogo (community)			Approve on 2013-06-09
Review via email: mp+167366@code.launchpad.net

Description of the change

RUN: /usr/share/launchpad-buildd/slavebin/slave-prep ['slave-prep']
Forking launchpad-buildd slave process...
Kernel version: 2.6.24-32-xen #1 SMP Mon Dec 3 16:12:25 UTC 2012 x86_64
Buildd toolchain package versions: launchpad-buildd_113~0.IS.08.04 python-lpbuildd_113~0.IS.08.04 bzr-builder_0.7.2+bzr156-0ubuntu1~1.IS.8.04 bzr_2.4.0-0ubuntu2~11.IS.8.04.
Syncing the system clock with the buildd NTP service...
4 Jun 18:14:27 ntpdate[3371]: adjust time server 10.211.37.1 offset -0.007500 sec
RUN: /usr/share/launchpad-buildd/slavebin/unpack-chroot ['unpack-chroot', 'ef036a27999f1dea8a9dab6a276149f1191b4e80', '/home/angosso/filecache-default/2289665fb8ebd9e0fbd52b19dcd1b8c2285c8d1c']
Uncompressing the tarball...
Unpacking chroot for build ef036a27999f1dea8a9dab6a276149f1191b4e80
RUN: /usr/share/launchpad-buildd/slavebin/mount-chroot ['mount-chroot', 'ef036a27999f1dea8a9dab6a276149f1191b4e80']
Mounting chroot for build ef036a27999f1dea8a9dab6a276149f1191b4e80
RUN: /usr/share/launchpad-buildd/slavebin/override-sources-list ['override-sources-list', 'ef036a27999f1dea8a9dab6a276149f1191b4e80', 'deb http://ftpmaster.internal/ubuntu raring main universe', 'deb http://svn.angosso.net/ubuntu raring-security main universe']
Overriding sources.list in build-ef036a27999f1dea8a9dab6a276149f1191b4e80
RUN: /usr/share/launchpad-buildd/slavebin/update-debian-chroot ['update-debian-chroot', 'ef036a27999f1dea8a9dab6a276149f1191b4e80', 'i386']
Updating debian chroot for build ef036a27999f1dea8a9dab6a276149f1191b4e80
Get:1 http://svn.angosso.net raring Release.gpg [933 B]
Get:2 http://svn.angosso.net raring-security Release.gpg [933 B]
Get:3 http://svn.angosso.net raring Release [40.8 kB]
Get:4 http://svn.angosso.net raring-security Release [40.8 kB]
Get:5 http://svn.angosso.net raring/main i386 Packages [1168 kB]
Get:6 http://svn.angosso.net raring/universe i386 Packages [5405 kB]
Get:7 http://svn.angosso.net raring/main Translation-en [673 kB]
Get:8 http://svn.angosso.net raring/universe Translation-en [3736 kB]
Get:9 http://svn.angosso.net raring-security/main i386 Packages [45.5 kB]
Get:10 http://svn.angosso.net raring-security/universe i386 Packages [14.8 kB]
Get:11 http://svn.angosso.net raring-security/main Translation-en [22.0 kB]
Get:12 http://svn.angosso.net raring-security/universe Translation-en [9185 B]
Fetched 11.2 MB in 6s (1719 kB/s)
Reading package lists...
Reading package lists...
Building dependency tree...
Reading state information...
The following packages will be upgraded:
  libgnutls26 libudev1 linux-libc-dev
3 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Need to get 1401 kB of archives.
After this operation, 9216 B disk space will be freed.
WARNING: The following packages cannot be authenticated!
  libudev1 libgnutls26 linux-libc-dev
Authentication warning overridden.
Get:1 http://svn.angosso.net .internal/ubuntu/ raring/main libudev1 i386 198-0ubuntu11 [37.4 kB]
Get:2 http://svn.angosso.net /ubuntu/ raring-security/main libgnutls26 i386 2.12.23-1ubuntu1.1 [449 kB]
Get:3 http://svn.angosso.net /ubuntu/ raring-security/main linux-libc-dev i386 3.8.0-23.34 [914 kB]
debconf: delaying package configuration, since apt-utils is not installed
Fetched 1401 kB in 0s (11.3 MB/s)
(Reading database ... 12143 files and directories currently installed.)
Preparing to replace libudev1:i386 198-0ubuntu10 (using .../libudev1_198-0ubuntu11_i386.deb) ...
Unpacking replacement libudev1:i386 ...
Preparing to replace libgnutls26:i386 2.12.23-1ubuntu1 (using .../libgnutls26_2.12.23-1ubuntu1.1_i386.deb) ...
Unpacking replacement libgnutls26:i386 ...
Preparing to replace linux-libc-dev:i386 3.8.0-19.29 (using .../linux-libc-dev_3.8.0-23.34_i386.deb) ...
Unpacking replacement linux-libc-dev:i386 ...
Setting up libudev1:i386 (198-0ubuntu11) ...
Setting up libgnutls26:i386 (2.12.23-1ubuntu1.1) ...
Setting up linux-libc-dev:i386 (3.8.0-23.34) ...
Processing triggers for libc-bin ...
ldconfig deferred processing now taking place
RUN: /usr/share/launchpad-buildd/slavebin/buildrecipe ['buildrecipe', 'ef036a27999f1dea8a9dab6a276149f1191b4e80', 'Roger Mbiama Assogo', '<email address hidden>', 'raring', 'raring', 'universe', 'PPA']
Bazaar versions:
Bazaar (bzr) 2.4.0
  Python interpreter: /usr/bin/python 2.5.2
  Python standard library: /usr/lib/python2.5
  Platform: Linux-2.6.24-32-xen-x86_64-with-debian-lenny-sid
  bzrlib: /usr/lib/python2.5/site-packages/bzrlib
  Bazaar configuration: /home/buildd/.bazaar
  Bazaar log file: /home/buildd/.bzr.log

bzr comes with ABSOLUTELY NO WARRANTY. bzr is free software, and
you may use, modify and redistribute it under the terms of the GNU
General Public License version 2 or later.

Bazaar is part of the GNU Project to produce a free operating system.

bash_completion 2.4.0
Generate a shell function for bash command line completion.

builder 0.7.2dev
The bzr-builder plugin allows you to construct a branch from a 'recipe'.

changelog_merge 2.4.0
Merge hook for GNU-format ChangeLog files

launchpad 2.4.0
Launchpad.net integration plugin for Bazaar.

netrc_credential_store 2.4.0
Use ~/.netrc as a credential store for authentication.conf.

news_merge 2.4.0
Merge hook for bzr's NEWS file.

weave_fmt 2.4.0
Weave formats.

Building recipe:
# bzr-builder format 0.3 deb-version {debupstream}-0~{revno}
lp:~mbiama/mailman/trunk

RUN ['bzr', '-Derror', 'dailydeb', '--safe', '--no-build', '/home/buildd/build-ef036a27999f1dea8a9dab6a276149f1191b4e80/chroot-autobuild/home/buildd/work/recipe', '/home/buildd/build-ef036a27999f1dea8a9dab6a276149f1191b4e80/chroot-autobuild/home/buildd/work/tree', '--manifest', '/home/buildd/build-ef036a27999f1dea8a9dab6a276149f1191b4e80/chroot-autobuild/home/buildd/work/tree/manifest', '--distribution', 'raring', '--allow-fallback-to-native', '--append-version', '~raring1']
You have not informed bzr of your Launchpad ID, and you must do this to
write to Launchpad or access private data. See "bzr help launchpad-login".
bzr: ERROR: bzrlib.errors.NotBranchError: Not a branch: "http://bazaar.launchpad.net/~mbiama/mailman/trunk/".

Traceback (most recent call last):
  File "/usr/lib/python2.5/site-packages/bzrlib/commands.py", line 946, in exception_to_return_code
    return the_callable(*args, **kwargs)
  File "/usr/lib/python2.5/site-packages/bzrlib/commands.py", line 1150, in run_bzr
    ret = run(*run_argv)
  File "/usr/lib/python2.5/site-packages/bzrlib/commands.py", line 699, in run_argv_aliases
    return self.run(**all_cmd_args)
  File "/usr/lib/python2.5/site-packages/bzrlib/commands.py", line 721, in run
    return self._operation.run_simple(*args, **kwargs)
  File "/usr/lib/python2.5/site-packages/bzrlib/cleanup.py", line 135, in run_simple
    self.cleanups, self.func, *args, **kwargs)
  File "/usr/lib/python2.5/site-packages/bzrlib/cleanup.py", line 165, in _do_with_cleanups
    result = func(*args, **kwargs)
  File "/usr/lib/python2.5/site-packages/bzrlib/plugins/builder/cmds.py", line 620, in run
    possible_transports=possible_transports)
  File "/usr/lib/python2.5/site-packages/bzrlib/plugins/builder/cmds.py", line 463, in _get_prepared_branch_from_location
    changed = resolve_revisions(base_branch, if_changed_from=old_recipe)
  File "/usr/lib/python2.5/site-packages/bzrlib/plugins/builder/recipe.py", line 653, in resolve_revisions
    if_changed_from=if_changed_from_revisions)
  File "/usr/lib/python2.5/site-packages/bzrlib/plugins/builder/recipe.py", line 598, in _resolve_revisions_recurse
    new_branch.branch = _mod_branch.Branch.open(new_branch.url)
  File "/usr/lib/python2.5/site-packages/bzrlib/branch.py", line 184, in open
    possible_transports=possible_transports)
  File "/usr/lib/python2.5/site-packages/bzrlib/bzrdir.py", line 828, in open
    return BzrDir.open_from_transport(t, _unsupported=_unsupported)
  File "/usr/lib/python2.5/site-packages/bzrlib/bzrdir.py", line 858, in open_from_transport
    redirected)
  File "/usr/lib/python2.5/site-packages/bzrlib/lazy_import.py", line 129, in __call__
    return obj(*args, **kwargs)
  File "/usr/lib/python2.5/site-packages/bzrlib/transport/__init__.py", line 1690, in do_catching_redirections
    return action(transport)
  File "/usr/lib/python2.5/site-packages/bzrlib/bzrdir.py", line 845, in find_format
    transport, _server_formats=_server_formats)
  File "/usr/lib/python2.5/site-packages/bzrlib/controldir.py", line 753, in find_format
    raise errors.NotBranchError(path=transport.base)
NotBranchError: Not a branch: "http://bazaar.launchpad.net/~mbiama/mailman/trunk/".
(0.076004000000000002, 0.016000999999999998, 0, 0, 0, 0, 5464, 9, 0, 3720, 8, 0, 0, 0, 140, 42)
RUN: /usr/share/launchpad-buildd/slavebin/scan-for-processes ['/usr/share/launchpad-buildd/slavebin/scan-for-processes', 'ef036a27999f1dea8a9dab6a276149f1191b4e80']
Scanning for processes to kill in build /home/buildd/build-ef036a27999f1dea8a9dab6a276149f1191b4e80/chroot-autobuild...
RUN: /usr/share/launchpad-buildd/slavebin/umount-chroot ['umount-chroot', 'ef036a27999f1dea8a9dab6a276149f1191b4e80']
Unmounting chroot for build ef036a27999f1dea8a9dab6a276149f1191b4e80...
RUN: /usr/share/launchpad-buildd/slavebin/remove-build ['remove-build', 'ef036a27999f1dea8a9dab6a276149f1191b4e80']
Removing build ef036a27999f1dea8a9dab6a276149f1191b4e80

Revision history for this message

Roger Mbiama Assogo (mbiama) on 2013-06-09:

review: Approve

lp:ubuntu/raring-security/nginx updated on 2013-11-22

64. By Thomas Ward on 2013-11-21: * SECURITY UPDATE: ACL bypass via space character (LP: #1253691)
  - debian/patches/cve-2013-4547.patch: modify src/http/ngx_http_parse.c
    to account for a space character, fixing an issue which could result in
    security restrictions being bypassed
  - CVE-2013-4547

Unmerged revisions

64. By Thomas Ward on 2013-11-21: * SECURITY UPDATE: ACL bypass via space character (LP: #1253691)
  - debian/patches/cve-2013-4547.patch: modify src/http/ngx_http_parse.c
    to account for a space character, fixing an issue which could result in
    security restrictions being bypassed
  - CVE-2013-4547
63. By Thomas Ward on 2013-05-24: * Security update (closes LP: #1182586):
* Patch to fix a buffer overflow vulnerability (CVE-2013-2070)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches

to all changes:

Ubuntu branches

 === modified file '.pc/applied-patches'
 --- .pc/applied-patches	2013-04-09 10:23:26 +0000
 +++ .pc/applied-patches	2014-01-15 15:02:58 +0000
@@ -1,2 +1,4 @@
  perl-use-dpkg-buildflags.patch
  ubuntu-branding.patch
++cve-2013-2070.patch
++cve-2013-4547.patch
 === added directory '.pc/cve-2013-2070.patch'
 === added directory '.pc/cve-2013-2070.patch/src'
 === added directory '.pc/cve-2013-2070.patch/src/http'
 === added directory '.pc/cve-2013-2070.patch/src/http/modules'
 === added file '.pc/cve-2013-2070.patch/src/http/modules/ngx_http_proxy_module.c'
 --- .pc/cve-2013-2070.patch/src/http/modules/ngx_http_proxy_module.c	1970-01-01 00:00:00 +0000
 +++ .pc/cve-2013-2070.patch/src/http/modules/ngx_http_proxy_module.c	2014-01-15 15:02:58 +0000
@@ -0,0 +1,4038 @@
++
++/*
++ * Copyright (C) Igor Sysoev
++ * Copyright (C) Nginx, Inc.
++ */
++
++
++#include <ngx_config.h>
++#include <ngx_core.h>
++#include <ngx_http.h>
++
++
++typedef struct ngx_http_proxy_rewrite_s  ngx_http_proxy_rewrite_t;
++
++typedef ngx_int_t (*ngx_http_proxy_rewrite_pt)(ngx_http_request_t *r,
++    ngx_table_elt_t *h, size_t prefix, size_t len,
++    ngx_http_proxy_rewrite_t *pr);
++
++struct ngx_http_proxy_rewrite_s {
++    ngx_http_proxy_rewrite_pt      handler;
++
++    union {
++        ngx_http_complex_value_t   complex;
++#if (NGX_PCRE)
++        ngx_http_regex_t          *regex;
++#endif
++    } pattern;
++
++    ngx_http_complex_value_t       replacement;
++};
++
++
++typedef struct {
++    ngx_str_t                      key_start;
++    ngx_str_t                      schema;
++    ngx_str_t                      host_header;
++    ngx_str_t                      port;
++    ngx_str_t                      uri;
++} ngx_http_proxy_vars_t;
++
++
++typedef struct {
++    ngx_http_upstream_conf_t       upstream;
++
++    ngx_array_t                   *flushes;
++    ngx_array_t                   *body_set_len;
++    ngx_array_t                   *body_set;
++    ngx_array_t                   *headers_set_len;
++    ngx_array_t                   *headers_set;
++    ngx_hash_t                     headers_set_hash;
++
++    ngx_array_t                   *headers_source;
++
++    ngx_array_t                   *proxy_lengths;
++    ngx_array_t                   *proxy_values;
++
++    ngx_array_t                   *redirects;
++    ngx_array_t                   *cookie_domains;
++    ngx_array_t                   *cookie_paths;
++
++    ngx_str_t                      body_source;
++
++    ngx_str_t                      method;
++    ngx_str_t                      location;
++    ngx_str_t                      url;
++
++#if (NGX_HTTP_CACHE)
++    ngx_http_complex_value_t       cache_key;
++#endif
++
++    ngx_http_proxy_vars_t          vars;
++
++    ngx_flag_t                     redirect;
++
++    ngx_uint_t                     http_version;
++
++    ngx_uint_t                     headers_hash_max_size;
++    ngx_uint_t                     headers_hash_bucket_size;
++} ngx_http_proxy_loc_conf_t;
++
++
++typedef struct {
++    ngx_http_status_t              status;
++    ngx_http_proxy_vars_t          vars;
++    size_t                         internal_body_length;
++
++    ngx_uint_t                     state;
++    off_t                          size;
++    off_t                          length;
++
++    ngx_uint_t                     head;  /* unsigned  head:1 */
++} ngx_http_proxy_ctx_t;
++
++
++static ngx_int_t ngx_http_proxy_eval(ngx_http_request_t *r,
++    ngx_http_proxy_ctx_t *ctx, ngx_http_proxy_loc_conf_t *plcf);
++#if (NGX_HTTP_CACHE)
++static ngx_int_t ngx_http_proxy_create_key(ngx_http_request_t *r);
++#endif
++static ngx_int_t ngx_http_proxy_create_request(ngx_http_request_t *r);
++static ngx_int_t ngx_http_proxy_reinit_request(ngx_http_request_t *r);
++static ngx_int_t ngx_http_proxy_process_status_line(ngx_http_request_t *r);
++static ngx_int_t ngx_http_proxy_process_header(ngx_http_request_t *r);
++static ngx_int_t ngx_http_proxy_input_filter_init(void *data);
++static ngx_int_t ngx_http_proxy_copy_filter(ngx_event_pipe_t *p,
++    ngx_buf_t *buf);
++static ngx_int_t ngx_http_proxy_chunked_filter(ngx_event_pipe_t *p,
++    ngx_buf_t *buf);
++static ngx_int_t ngx_http_proxy_non_buffered_copy_filter(void *data,
++    ssize_t bytes);
++static ngx_int_t ngx_http_proxy_non_buffered_chunked_filter(void *data,
++    ssize_t bytes);
++static void ngx_http_proxy_abort_request(ngx_http_request_t *r);
++static void ngx_http_proxy_finalize_request(ngx_http_request_t *r,
++    ngx_int_t rc);
++
++static ngx_int_t ngx_http_proxy_host_variable(ngx_http_request_t *r,
++    ngx_http_variable_value_t *v, uintptr_t data);
++static ngx_int_t ngx_http_proxy_port_variable(ngx_http_request_t *r,
++    ngx_http_variable_value_t *v, uintptr_t data);
++static ngx_int_t
++    ngx_http_proxy_add_x_forwarded_for_variable(ngx_http_request_t *r,
++    ngx_http_variable_value_t *v, uintptr_t data);
++static ngx_int_t
++    ngx_http_proxy_internal_body_length_variable(ngx_http_request_t *r,
++    ngx_http_variable_value_t *v, uintptr_t data);
++static ngx_int_t ngx_http_proxy_rewrite_redirect(ngx_http_request_t *r,
++    ngx_table_elt_t *h, size_t prefix);
++static ngx_int_t ngx_http_proxy_rewrite_cookie(ngx_http_request_t *r,
++    ngx_table_elt_t *h);
++static ngx_int_t ngx_http_proxy_rewrite_cookie_value(ngx_http_request_t *r,
++    ngx_table_elt_t *h, u_char *value, ngx_array_t *rewrites);
++static ngx_int_t ngx_http_proxy_rewrite(ngx_http_request_t *r,
++    ngx_table_elt_t *h, size_t prefix, size_t len, ngx_str_t *replacement);
++
++static ngx_int_t ngx_http_proxy_add_variables(ngx_conf_t *cf);
++static void *ngx_http_proxy_create_loc_conf(ngx_conf_t *cf);
++static char *ngx_http_proxy_merge_loc_conf(ngx_conf_t *cf,
++    void *parent, void *child);
++static ngx_int_t ngx_http_proxy_merge_headers(ngx_conf_t *cf,
++    ngx_http_proxy_loc_conf_t *conf, ngx_http_proxy_loc_conf_t *prev);
++
++static char *ngx_http_proxy_pass(ngx_conf_t *cf, ngx_command_t *cmd,
++    void *conf);
++static char *ngx_http_proxy_redirect(ngx_conf_t *cf, ngx_command_t *cmd,
++    void *conf);
++static char *ngx_http_proxy_cookie_domain(ngx_conf_t *cf, ngx_command_t *cmd,
++    void *conf);
++static char *ngx_http_proxy_cookie_path(ngx_conf_t *cf, ngx_command_t *cmd,
++    void *conf);
++static char *ngx_http_proxy_store(ngx_conf_t *cf, ngx_command_t *cmd,
++    void *conf);
++#if (NGX_HTTP_CACHE)
++static char *ngx_http_proxy_cache(ngx_conf_t *cf, ngx_command_t *cmd,
++    void *conf);
++static char *ngx_http_proxy_cache_key(ngx_conf_t *cf, ngx_command_t *cmd,
++    void *conf);
++#endif
++
++static char *ngx_http_proxy_lowat_check(ngx_conf_t *cf, void *post, void *data);
++
++static ngx_int_t ngx_http_proxy_rewrite_regex(ngx_conf_t *cf,
++    ngx_http_proxy_rewrite_t *pr, ngx_str_t *regex, ngx_uint_t caseless);
++
++#if (NGX_HTTP_SSL)
++static ngx_int_t ngx_http_proxy_set_ssl(ngx_conf_t *cf,
++    ngx_http_proxy_loc_conf_t *plcf);
++#endif
++static void ngx_http_proxy_set_vars(ngx_url_t *u, ngx_http_proxy_vars_t *v);
++
++
++static ngx_conf_post_t  ngx_http_proxy_lowat_post =
++    { ngx_http_proxy_lowat_check };
++
++
++static ngx_conf_bitmask_t  ngx_http_proxy_next_upstream_masks[] = {
++    { ngx_string("error"), NGX_HTTP_UPSTREAM_FT_ERROR },
++    { ngx_string("timeout"), NGX_HTTP_UPSTREAM_FT_TIMEOUT },
++    { ngx_string("invalid_header"), NGX_HTTP_UPSTREAM_FT_INVALID_HEADER },
++    { ngx_string("http_500"), NGX_HTTP_UPSTREAM_FT_HTTP_500 },
++    { ngx_string("http_502"), NGX_HTTP_UPSTREAM_FT_HTTP_502 },
++    { ngx_string("http_503"), NGX_HTTP_UPSTREAM_FT_HTTP_503 },
++    { ngx_string("http_504"), NGX_HTTP_UPSTREAM_FT_HTTP_504 },
++    { ngx_string("http_404"), NGX_HTTP_UPSTREAM_FT_HTTP_404 },
++    { ngx_string("updating"), NGX_HTTP_UPSTREAM_FT_UPDATING },
++    { ngx_string("off"), NGX_HTTP_UPSTREAM_FT_OFF },
++    { ngx_null_string, 0 }
++};
++
++
++static ngx_conf_enum_t  ngx_http_proxy_http_version[] = {
++    { ngx_string("1.0"), NGX_HTTP_VERSION_10 },
++    { ngx_string("1.1"), NGX_HTTP_VERSION_11 },
++    { ngx_null_string, 0 }
++};
++
++
++ngx_module_t  ngx_http_proxy_module;
++
++
++static ngx_command_t  ngx_http_proxy_commands[] = {
++
++    { ngx_string("proxy_pass"),
++      NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF|NGX_HTTP_LMT_CONF|NGX_CONF_TAKE1,
++      ngx_http_proxy_pass,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      0,
++      NULL },
++
++    { ngx_string("proxy_redirect"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE12,
++      ngx_http_proxy_redirect,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      0,
++      NULL },
++
++    { ngx_string("proxy_cookie_domain"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE12,
++      ngx_http_proxy_cookie_domain,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      0,
++      NULL },
++
++    { ngx_string("proxy_cookie_path"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE12,
++      ngx_http_proxy_cookie_path,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      0,
++      NULL },
++
++    { ngx_string("proxy_store"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_http_proxy_store,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      0,
++      NULL },
++
++    { ngx_string("proxy_store_access"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE123,
++      ngx_conf_set_access_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.store_access),
++      NULL },
++
++    { ngx_string("proxy_buffering"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
++      ngx_conf_set_flag_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.buffering),
++      NULL },
++
++    { ngx_string("proxy_ignore_client_abort"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
++      ngx_conf_set_flag_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.ignore_client_abort),
++      NULL },
++
++    { ngx_string("proxy_bind"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_http_upstream_bind_set_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.local),
++      NULL },
++
++    { ngx_string("proxy_connect_timeout"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_msec_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.connect_timeout),
++      NULL },
++
++    { ngx_string("proxy_send_timeout"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_msec_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.send_timeout),
++      NULL },
++
++    { ngx_string("proxy_send_lowat"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_size_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.send_lowat),
++      &ngx_http_proxy_lowat_post },
++
++    { ngx_string("proxy_intercept_errors"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
++      ngx_conf_set_flag_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.intercept_errors),
++      NULL },
++
++    { ngx_string("proxy_set_header"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE2,
++      ngx_conf_set_keyval_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, headers_source),
++      NULL },
++
++    { ngx_string("proxy_headers_hash_max_size"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_num_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, headers_hash_max_size),
++      NULL },
++
++    { ngx_string("proxy_headers_hash_bucket_size"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_num_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, headers_hash_bucket_size),
++      NULL },
++
++    { ngx_string("proxy_set_body"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_str_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, body_source),
++      NULL },
++
++    { ngx_string("proxy_method"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_str_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, method),
++      NULL },
++
++    { ngx_string("proxy_pass_request_headers"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
++      ngx_conf_set_flag_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.pass_request_headers),
++      NULL },
++
++    { ngx_string("proxy_pass_request_body"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
++      ngx_conf_set_flag_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.pass_request_body),
++      NULL },
++
++    { ngx_string("proxy_buffer_size"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_size_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.buffer_size),
++      NULL },
++
++    { ngx_string("proxy_read_timeout"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_msec_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.read_timeout),
++      NULL },
++
++    { ngx_string("proxy_buffers"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE2,
++      ngx_conf_set_bufs_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.bufs),
++      NULL },
++
++    { ngx_string("proxy_busy_buffers_size"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_size_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.busy_buffers_size_conf),
++      NULL },
++
++#if (NGX_HTTP_CACHE)
++
++    { ngx_string("proxy_cache"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_http_proxy_cache,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      0,
++      NULL },
++
++    { ngx_string("proxy_cache_key"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_http_proxy_cache_key,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      0,
++      NULL },
++
++    { ngx_string("proxy_cache_path"),
++      NGX_HTTP_MAIN_CONF|NGX_CONF_2MORE,
++      ngx_http_file_cache_set_slot,
++      0,
++      0,
++      &ngx_http_proxy_module },
++
++    { ngx_string("proxy_cache_bypass"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
++      ngx_http_set_predicate_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.cache_bypass),
++      NULL },
++
++    { ngx_string("proxy_no_cache"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
++      ngx_http_set_predicate_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.no_cache),
++      NULL },
++
++    { ngx_string("proxy_cache_valid"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
++      ngx_http_file_cache_valid_set_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.cache_valid),
++      NULL },
++
++    { ngx_string("proxy_cache_min_uses"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_num_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.cache_min_uses),
++      NULL },
++
++    { ngx_string("proxy_cache_use_stale"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
++      ngx_conf_set_bitmask_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.cache_use_stale),
++      &ngx_http_proxy_next_upstream_masks },
++
++    { ngx_string("proxy_cache_methods"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
++      ngx_conf_set_bitmask_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.cache_methods),
++      &ngx_http_upstream_cache_method_mask },
++
++    { ngx_string("proxy_cache_lock"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
++      ngx_conf_set_flag_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.cache_lock),
++      NULL },
++
++    { ngx_string("proxy_cache_lock_timeout"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_msec_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.cache_lock_timeout),
++      NULL },
++
++#endif
++
++    { ngx_string("proxy_temp_path"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1234,
++      ngx_conf_set_path_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.temp_path),
++      NULL },
++
++    { ngx_string("proxy_max_temp_file_size"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_size_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.max_temp_file_size_conf),
++      NULL },
++
++    { ngx_string("proxy_temp_file_write_size"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_size_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.temp_file_write_size_conf),
++      NULL },
++
++    { ngx_string("proxy_next_upstream"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
++      ngx_conf_set_bitmask_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.next_upstream),
++      &ngx_http_proxy_next_upstream_masks },
++
++    { ngx_string("proxy_pass_header"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_str_array_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.pass_headers),
++      NULL },
++
++    { ngx_string("proxy_hide_header"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_str_array_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.hide_headers),
++      NULL },
++
++    { ngx_string("proxy_ignore_headers"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
++      ngx_conf_set_bitmask_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.ignore_headers),
++      &ngx_http_upstream_ignore_headers_masks },
++
++    { ngx_string("proxy_http_version"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
++      ngx_conf_set_enum_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, http_version),
++      &ngx_http_proxy_http_version },
++
++#if (NGX_HTTP_SSL)
++
++    { ngx_string("proxy_ssl_session_reuse"),
++      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
++      ngx_conf_set_flag_slot,
++      NGX_HTTP_LOC_CONF_OFFSET,
++      offsetof(ngx_http_proxy_loc_conf_t, upstream.ssl_session_reuse),
++      NULL },
++
++#endif
++
++      ngx_null_command
++};
++
++
++static ngx_http_module_t  ngx_http_proxy_module_ctx = {
++    ngx_http_proxy_add_variables,          /* preconfiguration */
++    NULL,                                  /* postconfiguration */
++
++    NULL,                                  /* create main configuration */
++    NULL,                                  /* init main configuration */
++
++    NULL,                                  /* create server configuration */
++    NULL,                                  /* merge server configuration */
++
++    ngx_http_proxy_create_loc_conf,        /* create location configuration */
++    ngx_http_proxy_merge_loc_conf          /* merge location configuration */
++};
++
++
++ngx_module_t  ngx_http_proxy_module = {
++    NGX_MODULE_V1,
++    &ngx_http_proxy_module_ctx,            /* module context */
++    ngx_http_proxy_commands,               /* module directives */
++    NGX_HTTP_MODULE,                       /* module type */
++    NULL,                                  /* init master */
++    NULL,                                  /* init module */
++    NULL,                                  /* init process */
++    NULL,                                  /* init thread */
++    NULL,                                  /* exit thread */
++    NULL,                                  /* exit process */
++    NULL,                                  /* exit master */
++    NGX_MODULE_V1_PADDING
++};
++
++
++static char  ngx_http_proxy_version[] = " HTTP/1.0" CRLF;
++static char  ngx_http_proxy_version_11[] = " HTTP/1.1" CRLF;
++
++
++static ngx_keyval_t  ngx_http_proxy_headers[] = {
++    { ngx_string("Host"), ngx_string("$proxy_host") },
++    { ngx_string("Connection"), ngx_string("close") },
++    { ngx_string("Keep-Alive"), ngx_string("") },
++    { ngx_string("Expect"), ngx_string("") },
++    { ngx_string("Upgrade"), ngx_string("") },
++    { ngx_null_string, ngx_null_string }
++};
++
++
++static ngx_str_t  ngx_http_proxy_hide_headers[] = {
++    ngx_string("Date"),
++    ngx_string("Server"),
++    ngx_string("X-Pad"),
++    ngx_string("X-Accel-Expires"),
++    ngx_string("X-Accel-Redirect"),
++    ngx_string("X-Accel-Limit-Rate"),
++    ngx_string("X-Accel-Buffering"),
++    ngx_string("X-Accel-Charset"),
++    ngx_null_string
++};
++
++
++#if (NGX_HTTP_CACHE)
++
++static ngx_keyval_t  ngx_http_proxy_cache_headers[] = {
++    { ngx_string("Host"), ngx_string("$proxy_host") },
++    { ngx_string("Connection"), ngx_string("close") },
++    { ngx_string("Keep-Alive"), ngx_string("") },
++    { ngx_string("Expect"), ngx_string("") },
++    { ngx_string("Upgrade"), ngx_string("") },
++    { ngx_string("If-Modified-Since"), ngx_string("") },
++    { ngx_string("If-Unmodified-Since"), ngx_string("") },
++    { ngx_string("If-None-Match"), ngx_string("") },
++    { ngx_string("If-Match"), ngx_string("") },
++    { ngx_string("Range"), ngx_string("") },
++    { ngx_string("If-Range"), ngx_string("") },
++    { ngx_null_string, ngx_null_string }
++};
++
++#endif
++
++
++static ngx_http_variable_t  ngx_http_proxy_vars[] = {
++
++    { ngx_string("proxy_host"), NULL, ngx_http_proxy_host_variable, 0,
++      NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE|NGX_HTTP_VAR_NOHASH, 0 },
++
++    { ngx_string("proxy_port"), NULL, ngx_http_proxy_port_variable, 0,
++      NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE|NGX_HTTP_VAR_NOHASH, 0 },
++
++    { ngx_string("proxy_add_x_forwarded_for"), NULL,
++      ngx_http_proxy_add_x_forwarded_for_variable, 0, NGX_HTTP_VAR_NOHASH, 0 },
++
++#if 0
++    { ngx_string("proxy_add_via"), NULL, NULL, 0, NGX_HTTP_VAR_NOHASH, 0 },
++#endif
++
++    { ngx_string("proxy_internal_body_length"), NULL,
++      ngx_http_proxy_internal_body_length_variable, 0, NGX_HTTP_VAR_NOHASH, 0 },
++
++    { ngx_null_string, NULL, NULL, 0, 0, 0 }
++};
++
++
++static ngx_path_init_t  ngx_http_proxy_temp_path = {
++    ngx_string(NGX_HTTP_PROXY_TEMP_PATH), { 1, 2, 0 }
++};
++
++
++static ngx_int_t
++ngx_http_proxy_handler(ngx_http_request_t *r)
++{
++    ngx_int_t                   rc;
++    ngx_http_upstream_t        *u;
++    ngx_http_proxy_ctx_t       *ctx;
++    ngx_http_proxy_loc_conf_t  *plcf;
++
++    if (ngx_http_upstream_create(r) != NGX_OK) {
++        return NGX_HTTP_INTERNAL_SERVER_ERROR;
++    }
++
++    ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_proxy_ctx_t));
++    if (ctx == NULL) {
++        return NGX_ERROR;
++    }
++
++    ngx_http_set_ctx(r, ctx, ngx_http_proxy_module);
++
++    plcf = ngx_http_get_module_loc_conf(r, ngx_http_proxy_module);
++
++    u = r->upstream;
++
++    if (plcf->proxy_lengths == NULL) {
++        ctx->vars = plcf->vars;
++        u->schema = plcf->vars.schema;
++#if (NGX_HTTP_SSL)
++        u->ssl = (plcf->upstream.ssl != NULL);
++#endif
++
++    } else {
++        if (ngx_http_proxy_eval(r, ctx, plcf) != NGX_OK) {
++            return NGX_HTTP_INTERNAL_SERVER_ERROR;
++        }
++    }
++
++    u->output.tag = (ngx_buf_tag_t) &ngx_http_proxy_module;
++
++    u->conf = &plcf->upstream;
++
++#if (NGX_HTTP_CACHE)
++    u->create_key = ngx_http_proxy_create_key;
++#endif
++    u->create_request = ngx_http_proxy_create_request;
++    u->reinit_request = ngx_http_proxy_reinit_request;
++    u->process_header = ngx_http_proxy_process_status_line;
++    u->abort_request = ngx_http_proxy_abort_request;
++    u->finalize_request = ngx_http_proxy_finalize_request;
++    r->state = 0;
++
++    if (plcf->redirects) {
++        u->rewrite_redirect = ngx_http_proxy_rewrite_redirect;
++    }
++
++    if (plcf->cookie_domains || plcf->cookie_paths) {
++        u->rewrite_cookie = ngx_http_proxy_rewrite_cookie;
++    }
++
++    u->buffering = plcf->upstream.buffering;
++
++    u->pipe = ngx_pcalloc(r->pool, sizeof(ngx_event_pipe_t));
++    if (u->pipe == NULL) {
++        return NGX_HTTP_INTERNAL_SERVER_ERROR;
++    }
++
++    u->pipe->input_filter = ngx_http_proxy_copy_filter;
++    u->pipe->input_ctx = r;
++
++    u->input_filter_init = ngx_http_proxy_input_filter_init;
++    u->input_filter = ngx_http_proxy_non_buffered_copy_filter;
++    u->input_filter_ctx = r;
++
++    u->accel = 1;
++
++    rc = ngx_http_read_client_request_body(r, ngx_http_upstream_init);
++
++    if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
++        return rc;
++    }
++
++    return NGX_DONE;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_eval(ngx_http_request_t *r, ngx_http_proxy_ctx_t *ctx,
++    ngx_http_proxy_loc_conf_t *plcf)
++{
++    u_char               *p;
++    size_t                add;
++    u_short               port;
++    ngx_str_t             proxy;
++    ngx_url_t             url;
++    ngx_http_upstream_t  *u;
++
++    if (ngx_http_script_run(r, &proxy, plcf->proxy_lengths->elts, 0,
++                            plcf->proxy_values->elts)
++        == NULL)
++    {
++        return NGX_ERROR;
++    }
++
++    if (proxy.len > 7
++        && ngx_strncasecmp(proxy.data, (u_char *) "http://", 7) == 0)
++    {
++        add = 7;
++        port = 80;
++
++#if (NGX_HTTP_SSL)
++
++    } else if (proxy.len > 8
++               && ngx_strncasecmp(proxy.data, (u_char *) "https://", 8) == 0)
++    {
++        add = 8;
++        port = 443;
++        r->upstream->ssl = 1;
++
++#endif
++
++    } else {
++        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
++                      "invalid URL prefix in \"%V\"", &proxy);
++        return NGX_ERROR;
++    }
++
++    u = r->upstream;
++
++    u->schema.len = add;
++    u->schema.data = proxy.data;
++
++    ngx_memzero(&url, sizeof(ngx_url_t));
++
++    url.url.len = proxy.len - add;
++    url.url.data = proxy.data + add;
++    url.default_port = port;
++    url.uri_part = 1;
++    url.no_resolve = 1;
++
++    if (ngx_parse_url(r->pool, &url) != NGX_OK) {
++        if (url.err) {
++            ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
++                          "%s in upstream \"%V\"", url.err, &url.url);
++        }
++
++        return NGX_ERROR;
++    }
++
++    if (url.uri.len) {
++        if (url.uri.data[0] == '?') {
++            p = ngx_pnalloc(r->pool, url.uri.len + 1);
++            if (p == NULL) {
++                return NGX_ERROR;
++            }
++
++            *p++ = '/';
++            ngx_memcpy(p, url.uri.data, url.uri.len);
++
++            url.uri.len++;
++            url.uri.data = p - 1;
++        }
++    }
++
++    ctx->vars.key_start = u->schema;
++
++    ngx_http_proxy_set_vars(&url, &ctx->vars);
++
++    u->resolved = ngx_pcalloc(r->pool, sizeof(ngx_http_upstream_resolved_t));
++    if (u->resolved == NULL) {
++        return NGX_ERROR;
++    }
++
++    if (url.addrs && url.addrs[0].sockaddr) {
++        u->resolved->sockaddr = url.addrs[0].sockaddr;
++        u->resolved->socklen = url.addrs[0].socklen;
++        u->resolved->naddrs = 1;
++        u->resolved->host = url.addrs[0].name;
++
++    } else {
++        u->resolved->host = url.host;
++        u->resolved->port = (in_port_t) (url.no_port ? port : url.port);
++        u->resolved->no_port = url.no_port;
++    }
++
++    return NGX_OK;
++}
++
++
++#if (NGX_HTTP_CACHE)
++
++static ngx_int_t
++ngx_http_proxy_create_key(ngx_http_request_t *r)
++{
++    size_t                      len, loc_len;
++    u_char                     *p;
++    uintptr_t                   escape;
++    ngx_str_t                  *key;
++    ngx_http_upstream_t        *u;
++    ngx_http_proxy_ctx_t       *ctx;
++    ngx_http_proxy_loc_conf_t  *plcf;
++
++    u = r->upstream;
++
++    plcf = ngx_http_get_module_loc_conf(r, ngx_http_proxy_module);
++
++    ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module);
++
++    key = ngx_array_push(&r->cache->keys);
++    if (key == NULL) {
++        return NGX_ERROR;
++    }
++
++    if (plcf->cache_key.value.len) {
++
++        if (ngx_http_complex_value(r, &plcf->cache_key, key) != NGX_OK) {
++            return NGX_ERROR;
++        }
++
++        return NGX_OK;
++    }
++
++    *key = ctx->vars.key_start;
++
++    key = ngx_array_push(&r->cache->keys);
++    if (key == NULL) {
++        return NGX_ERROR;
++    }
++
++    if (plcf->proxy_lengths && ctx->vars.uri.len) {
++
++        *key = ctx->vars.uri;
++        u->uri = ctx->vars.uri;
++
++        return NGX_OK;
++
++    } else if (ctx->vars.uri.len == 0 && r->valid_unparsed_uri && r == r->main)
++    {
++        *key = r->unparsed_uri;
++        u->uri = r->unparsed_uri;
++
++        return NGX_OK;
++    }
++
++    loc_len = (r->valid_location && ctx->vars.uri.len) ? plcf->location.len : 0;
++
++    if (r->quoted_uri || r->internal) {
++        escape = 2 * ngx_escape_uri(NULL, r->uri.data + loc_len,
++                                    r->uri.len - loc_len, NGX_ESCAPE_URI);
++    } else {
++        escape = 0;
++    }
++
++    len = ctx->vars.uri.len + r->uri.len - loc_len + escape
++          + sizeof("?") - 1 + r->args.len;
++
++    p = ngx_pnalloc(r->pool, len);
++    if (p == NULL) {
++        return NGX_ERROR;
++    }
++
++    key->data = p;
++
++    if (r->valid_location) {
++        p = ngx_copy(p, ctx->vars.uri.data, ctx->vars.uri.len);
++    }
++
++    if (escape) {
++        ngx_escape_uri(p, r->uri.data + loc_len,
++                       r->uri.len - loc_len, NGX_ESCAPE_URI);
++        p += r->uri.len - loc_len + escape;
++
++    } else {
++        p = ngx_copy(p, r->uri.data + loc_len, r->uri.len - loc_len);
++    }
++
++    if (r->args.len > 0) {
++        *p++ = '?';
++        p = ngx_copy(p, r->args.data, r->args.len);
++    }
++
++    key->len = p - key->data;
++    u->uri = *key;
++
++    return NGX_OK;
++}
++
++#endif
++
++
++static ngx_int_t
++ngx_http_proxy_create_request(ngx_http_request_t *r)
++{
++    size_t                        len, uri_len, loc_len, body_len;
++    uintptr_t                     escape;
++    ngx_buf_t                    *b;
++    ngx_str_t                     method;
++    ngx_uint_t                    i, unparsed_uri;
++    ngx_chain_t                  *cl, *body;
++    ngx_list_part_t              *part;
++    ngx_table_elt_t              *header;
++    ngx_http_upstream_t          *u;
++    ngx_http_proxy_ctx_t         *ctx;
++    ngx_http_script_code_pt       code;
++    ngx_http_script_engine_t      e, le;
++    ngx_http_proxy_loc_conf_t    *plcf;
++    ngx_http_script_len_code_pt   lcode;
++
++    u = r->upstream;
++
++    plcf = ngx_http_get_module_loc_conf(r, ngx_http_proxy_module);
++
++    if (u->method.len) {
++        /* HEAD was changed to GET to cache response */
++        method = u->method;
++        method.len++;
++
++    } else if (plcf->method.len) {
++        method = plcf->method;
++
++    } else {
++        method = r->method_name;
++        method.len++;
++    }
++
++    ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module);
++
++    if (method.len == 5
++        && ngx_strncasecmp(method.data, (u_char *) "HEAD ", 5) == 0)
++    {
++        ctx->head = 1;
++    }
++
++    len = method.len + sizeof(ngx_http_proxy_version) - 1 + sizeof(CRLF) - 1;
++
++    escape = 0;
++    loc_len = 0;
++    unparsed_uri = 0;
++
++    if (plcf->proxy_lengths && ctx->vars.uri.len) {
++        uri_len = ctx->vars.uri.len;
++
++    } else if (ctx->vars.uri.len == 0 && r->valid_unparsed_uri && r == r->main)
++    {
++        unparsed_uri = 1;
++        uri_len = r->unparsed_uri.len;
++
++    } else {
++        loc_len = (r->valid_location && ctx->vars.uri.len) ?
++                      plcf->location.len : 0;
++
++        if (r->quoted_uri || r->space_in_uri || r->internal) {
++            escape = 2 * ngx_escape_uri(NULL, r->uri.data + loc_len,
++                                        r->uri.len - loc_len, NGX_ESCAPE_URI);
++        }
++
++        uri_len = ctx->vars.uri.len + r->uri.len - loc_len + escape
++                  + sizeof("?") - 1 + r->args.len;
++    }
++
++    if (uri_len == 0) {
++        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
++                      "zero length URI to proxy");
++        return NGX_ERROR;
++    }
++
++    len += uri_len;
++
++    ngx_http_script_flush_no_cacheable_variables(r, plcf->flushes);
++
++    if (plcf->body_set_len) {
++        le.ip = plcf->body_set_len->elts;
++        le.request = r;
++        le.flushed = 1;
++        body_len = 0;
++
++        while (*(uintptr_t *) le.ip) {
++            lcode = *(ngx_http_script_len_code_pt *) le.ip;
++            body_len += lcode(&le);
++        }
++
++        ctx->internal_body_length = body_len;
++        len += body_len;
++    }
++
++    le.ip = plcf->headers_set_len->elts;
++    le.request = r;
++    le.flushed = 1;
++
++    while (*(uintptr_t *) le.ip) {
++        while (*(uintptr_t *) le.ip) {
++            lcode = *(ngx_http_script_len_code_pt *) le.ip;
++            len += lcode(&le);
++        }
++        le.ip += sizeof(uintptr_t);
++    }
++
++
++    if (plcf->upstream.pass_request_headers) {
++        part = &r->headers_in.headers.part;
++        header = part->elts;
++
++        for (i = 0; /* void */; i++) {
++
++            if (i >= part->nelts) {
++                if (part->next == NULL) {
++                    break;
++                }
++
++                part = part->next;
++                header = part->elts;
++                i = 0;
++            }
++
++            if (ngx_hash_find(&plcf->headers_set_hash, header[i].hash,
++                              header[i].lowcase_key, header[i].key.len))
++            {
++                continue;
++            }
++
++            len += header[i].key.len + sizeof(": ") - 1
++                + header[i].value.len + sizeof(CRLF) - 1;
++        }
++    }
++
++
++    b = ngx_create_temp_buf(r->pool, len);
++    if (b == NULL) {
++        return NGX_ERROR;
++    }
++
++    cl = ngx_alloc_chain_link(r->pool);
++    if (cl == NULL) {
++        return NGX_ERROR;
++    }
++
++    cl->buf = b;
++
++
++    /* the request line */
++
++    b->last = ngx_copy(b->last, method.data, method.len);
++
++    u->uri.data = b->last;
++
++    if (plcf->proxy_lengths && ctx->vars.uri.len) {
++        b->last = ngx_copy(b->last, ctx->vars.uri.data, ctx->vars.uri.len);
++
++    } else if (unparsed_uri) {
++        b->last = ngx_copy(b->last, r->unparsed_uri.data, r->unparsed_uri.len);
++
++    } else {
++        if (r->valid_location) {
++            b->last = ngx_copy(b->last, ctx->vars.uri.data, ctx->vars.uri.len);
++        }
++
++        if (escape) {
++            ngx_escape_uri(b->last, r->uri.data + loc_len,
++                           r->uri.len - loc_len, NGX_ESCAPE_URI);
++            b->last += r->uri.len - loc_len + escape;
++
++        } else {
++            b->last = ngx_copy(b->last, r->uri.data + loc_len,
++                               r->uri.len - loc_len);
++        }
++
++        if (r->args.len > 0) {
++            *b->last++ = '?';
++            b->last = ngx_copy(b->last, r->args.data, r->args.len);
++        }
++    }
++
++    u->uri.len = b->last - u->uri.data;
++
++    if (plcf->http_version == NGX_HTTP_VERSION_11) {
++        b->last = ngx_cpymem(b->last, ngx_http_proxy_version_11,
++                             sizeof(ngx_http_proxy_version_11) - 1);
++
++    } else {
++        b->last = ngx_cpymem(b->last, ngx_http_proxy_version,
++                             sizeof(ngx_http_proxy_version) - 1);
++    }
++
++    ngx_memzero(&e, sizeof(ngx_http_script_engine_t));
++
++    e.ip = plcf->headers_set->elts;
++    e.pos = b->last;
++    e.request = r;
++    e.flushed = 1;
++
++    le.ip = plcf->headers_set_len->elts;
++
++    while (*(uintptr_t *) le.ip) {
++        lcode = *(ngx_http_script_len_code_pt *) le.ip;
++
++        /* skip the header line name length */
++        (void) lcode(&le);
++
++        if (*(ngx_http_script_len_code_pt *) le.ip) {
++
++            for (len = 0; *(uintptr_t *) le.ip; len += lcode(&le)) {
++                lcode = *(ngx_http_script_len_code_pt *) le.ip;
++            }
++
++            e.skip = (len == sizeof(CRLF) - 1) ? 1 : 0;
++
++        } else {
++            e.skip = 0;
++        }
++
++        le.ip += sizeof(uintptr_t);
++
++        while (*(uintptr_t *) e.ip) {
++            code = *(ngx_http_script_code_pt *) e.ip;
++            code((ngx_http_script_engine_t *) &e);
++        }
++        e.ip += sizeof(uintptr_t);
++    }
++
++    b->last = e.pos;
++
++
++    if (plcf->upstream.pass_request_headers) {
++        part = &r->headers_in.headers.part;
++        header = part->elts;
++
++        for (i = 0; /* void */; i++) {
++
++            if (i >= part->nelts) {
++                if (part->next == NULL) {
++                    break;
++                }
++
++                part = part->next;
++                header = part->elts;
++                i = 0;
++            }
++
++            if (ngx_hash_find(&plcf->headers_set_hash, header[i].hash,
++                              header[i].lowcase_key, header[i].key.len))
++            {
++                continue;
++            }
++
++            b->last = ngx_copy(b->last, header[i].key.data, header[i].key.len);
++
++            *b->last++ = ':'; *b->last++ = ' ';
++
++            b->last = ngx_copy(b->last, header[i].value.data,
++                               header[i].value.len);
++
++            *b->last++ = CR; *b->last++ = LF;
++
++            ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                           "http proxy header: \"%V: %V\"",
++                           &header[i].key, &header[i].value);
++        }
++    }
++
++
++    /* add "\r\n" at the header end */
++    *b->last++ = CR; *b->last++ = LF;
++
++    if (plcf->body_set) {
++        e.ip = plcf->body_set->elts;
++        e.pos = b->last;
++
++        while (*(uintptr_t *) e.ip) {
++            code = *(ngx_http_script_code_pt *) e.ip;
++            code((ngx_http_script_engine_t *) &e);
++        }
++
++        b->last = e.pos;
++    }
++
++    ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                   "http proxy header:\n\"%*s\"",
++                   (size_t) (b->last - b->pos), b->pos);
++
++    if (plcf->body_set == NULL && plcf->upstream.pass_request_body) {
++
++        body = u->request_bufs;
++        u->request_bufs = cl;
++
++        while (body) {
++            b = ngx_alloc_buf(r->pool);
++            if (b == NULL) {
++                return NGX_ERROR;
++            }
++
++            ngx_memcpy(b, body->buf, sizeof(ngx_buf_t));
++
++            cl->next = ngx_alloc_chain_link(r->pool);
++            if (cl->next == NULL) {
++                return NGX_ERROR;
++            }
++
++            cl = cl->next;
++            cl->buf = b;
++
++            body = body->next;
++        }
++
++    } else {
++        u->request_bufs = cl;
++    }
++
++    b->flush = 1;
++    cl->next = NULL;
++
++    return NGX_OK;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_reinit_request(ngx_http_request_t *r)
++{
++    ngx_http_proxy_ctx_t  *ctx;
++
++    ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module);
++
++    if (ctx == NULL) {
++        return NGX_OK;
++    }
++
++    ctx->status.code = 0;
++    ctx->status.count = 0;
++    ctx->status.start = NULL;
++    ctx->status.end = NULL;
++    ctx->state = 0;
++
++    r->upstream->process_header = ngx_http_proxy_process_status_line;
++    r->upstream->pipe->input_filter = ngx_http_proxy_copy_filter;
++    r->upstream->input_filter = ngx_http_proxy_non_buffered_copy_filter;
++    r->state = 0;
++
++    return NGX_OK;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_process_status_line(ngx_http_request_t *r)
++{
++    size_t                 len;
++    ngx_int_t              rc;
++    ngx_http_upstream_t   *u;
++    ngx_http_proxy_ctx_t  *ctx;
++
++    ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module);
++
++    if (ctx == NULL) {
++        return NGX_ERROR;
++    }
++
++    u = r->upstream;
++
++    rc = ngx_http_parse_status_line(r, &u->buffer, &ctx->status);
++
++    if (rc == NGX_AGAIN) {
++        return rc;
++    }
++
++    if (rc == NGX_ERROR) {
++
++#if (NGX_HTTP_CACHE)
++
++        if (r->cache) {
++            r->http_version = NGX_HTTP_VERSION_9;
++            return NGX_OK;
++        }
++
++#endif
++
++        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
++                      "upstream sent no valid HTTP/1.0 header");
++
++#if 0
++        if (u->accel) {
++            return NGX_HTTP_UPSTREAM_INVALID_HEADER;
++        }
++#endif
++
++        r->http_version = NGX_HTTP_VERSION_9;
++        u->state->status = NGX_HTTP_OK;
++        u->headers_in.connection_close = 1;
++
++        return NGX_OK;
++    }
++
++    if (u->state) {
++        u->state->status = ctx->status.code;
++    }
++
++    u->headers_in.status_n = ctx->status.code;
++
++    len = ctx->status.end - ctx->status.start;
++    u->headers_in.status_line.len = len;
++
++    u->headers_in.status_line.data = ngx_pnalloc(r->pool, len);
++    if (u->headers_in.status_line.data == NULL) {
++        return NGX_ERROR;
++    }
++
++    ngx_memcpy(u->headers_in.status_line.data, ctx->status.start, len);
++
++    ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                   "http proxy status %ui \"%V\"",
++                   u->headers_in.status_n, &u->headers_in.status_line);
++
++    if (ctx->status.http_version < NGX_HTTP_VERSION_11) {
++        u->headers_in.connection_close = 1;
++    }
++
++    u->process_header = ngx_http_proxy_process_header;
++
++    return ngx_http_proxy_process_header(r);
++}
++
++
++static ngx_int_t
++ngx_http_proxy_process_header(ngx_http_request_t *r)
++{
++    ngx_int_t                       rc;
++    ngx_table_elt_t                *h;
++    ngx_http_upstream_t            *u;
++    ngx_http_proxy_ctx_t           *ctx;
++    ngx_http_upstream_header_t     *hh;
++    ngx_http_upstream_main_conf_t  *umcf;
++
++    umcf = ngx_http_get_module_main_conf(r, ngx_http_upstream_module);
++
++    for ( ;; ) {
++
++        rc = ngx_http_parse_header_line(r, &r->upstream->buffer, 1);
++
++        if (rc == NGX_OK) {
++
++            /* a header line has been parsed successfully */
++
++            h = ngx_list_push(&r->upstream->headers_in.headers);
++            if (h == NULL) {
++                return NGX_ERROR;
++            }
++
++            h->hash = r->header_hash;
++
++            h->key.len = r->header_name_end - r->header_name_start;
++            h->value.len = r->header_end - r->header_start;
++
++            h->key.data = ngx_pnalloc(r->pool,
++                               h->key.len + 1 + h->value.len + 1 + h->key.len);
++            if (h->key.data == NULL) {
++                return NGX_ERROR;
++            }
++
++            h->value.data = h->key.data + h->key.len + 1;
++            h->lowcase_key = h->key.data + h->key.len + 1 + h->value.len + 1;
++
++            ngx_memcpy(h->key.data, r->header_name_start, h->key.len);
++            h->key.data[h->key.len] = '\0';
++            ngx_memcpy(h->value.data, r->header_start, h->value.len);
++            h->value.data[h->value.len] = '\0';
++
++            if (h->key.len == r->lowcase_index) {
++                ngx_memcpy(h->lowcase_key, r->lowcase_header, h->key.len);
++
++            } else {
++                ngx_strlow(h->lowcase_key, h->key.data, h->key.len);
++            }
++
++            hh = ngx_hash_find(&umcf->headers_in_hash, h->hash,
++                               h->lowcase_key, h->key.len);
++
++            if (hh && hh->handler(r, h, hh->offset) != NGX_OK) {
++                return NGX_ERROR;
++            }
++
++            ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                           "http proxy header: \"%V: %V\"",
++                           &h->key, &h->value);
++
++            continue;
++        }
++
++        if (rc == NGX_HTTP_PARSE_HEADER_DONE) {
++
++            /* a whole header has been parsed successfully */
++
++            ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                           "http proxy header done");
++
++            /*
++             * if no "Server" and "Date" in header line,
++             * then add the special empty headers
++             */
++
++            if (r->upstream->headers_in.server == NULL) {
++                h = ngx_list_push(&r->upstream->headers_in.headers);
++                if (h == NULL) {
++                    return NGX_ERROR;
++                }
++
++                h->hash = ngx_hash(ngx_hash(ngx_hash(ngx_hash(
++                                    ngx_hash('s', 'e'), 'r'), 'v'), 'e'), 'r');
++
++                ngx_str_set(&h->key, "Server");
++                ngx_str_null(&h->value);
++                h->lowcase_key = (u_char *) "server";
++            }
++
++            if (r->upstream->headers_in.date == NULL) {
++                h = ngx_list_push(&r->upstream->headers_in.headers);
++                if (h == NULL) {
++                    return NGX_ERROR;
++                }
++
++                h->hash = ngx_hash(ngx_hash(ngx_hash('d', 'a'), 't'), 'e');
++
++                ngx_str_set(&h->key, "Date");
++                ngx_str_null(&h->value);
++                h->lowcase_key = (u_char *) "date";
++            }
++
++            /* clear content length if response is chunked */
++
++            u = r->upstream;
++
++            if (u->headers_in.chunked) {
++                u->headers_in.content_length_n = -1;
++            }
++
++            /*
++             * set u->keepalive if response has no body; this allows to keep
++             * connections alive in case of r->header_only or X-Accel-Redirect
++             */
++
++            ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module);
++
++            if (u->headers_in.status_n == NGX_HTTP_NO_CONTENT
++                || u->headers_in.status_n == NGX_HTTP_NOT_MODIFIED
++                || ctx->head
++                || (!u->headers_in.chunked
++                    && u->headers_in.content_length_n == 0))
++            {
++                u->keepalive = !u->headers_in.connection_close;
++            }
++
++            return NGX_OK;
++        }
++
++        if (rc == NGX_AGAIN) {
++            return NGX_AGAIN;
++        }
++
++        /* there was error while a header line parsing */
++
++        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
++                      "upstream sent invalid header");
++
++        return NGX_HTTP_UPSTREAM_INVALID_HEADER;
++    }
++}
++
++
++static ngx_int_t
++ngx_http_proxy_input_filter_init(void *data)
++{
++    ngx_http_request_t    *r = data;
++    ngx_http_upstream_t   *u;
++    ngx_http_proxy_ctx_t  *ctx;
++
++    u = r->upstream;
++    ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module);
++
++    if (ctx == NULL) {
++        return NGX_ERROR;
++    }
++
++    ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                   "http proxy filter init s:%d h:%d c:%d l:%O",
++                   u->headers_in.status_n, ctx->head, u->headers_in.chunked,
++                   u->headers_in.content_length_n);
++
++    /* as per RFC2616, 4.4 Message Length */
++
++    if (u->headers_in.status_n == NGX_HTTP_NO_CONTENT
++        || u->headers_in.status_n == NGX_HTTP_NOT_MODIFIED
++        || ctx->head)
++    {
++        /* 1xx, 204, and 304 and replies to HEAD requests */
++        /* no 1xx since we don't send Expect and Upgrade */
++
++        u->pipe->length = 0;
++        u->length = 0;
++        u->keepalive = !u->headers_in.connection_close;
++
++    } else if (u->headers_in.chunked) {
++        /* chunked */
++
++        u->pipe->input_filter = ngx_http_proxy_chunked_filter;
++        u->pipe->length = 3; /* "0" LF LF */
++
++        u->input_filter = ngx_http_proxy_non_buffered_chunked_filter;
++        u->length = -1;
++
++    } else if (u->headers_in.content_length_n == 0) {
++        /* empty body: special case as filter won't be called */
++
++        u->pipe->length = 0;
++        u->length = 0;
++        u->keepalive = !u->headers_in.connection_close;
++
++    } else {
++        /* content length or connection close */
++
++        u->pipe->length = u->headers_in.content_length_n;
++        u->length = u->headers_in.content_length_n;
++    }
++
++    return NGX_OK;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_copy_filter(ngx_event_pipe_t *p, ngx_buf_t *buf)
++{
++    ngx_buf_t           *b;
++    ngx_chain_t         *cl;
++    ngx_http_request_t  *r;
++
++    if (buf->pos == buf->last) {
++        return NGX_OK;
++    }
++
++    if (p->free) {
++        cl = p->free;
++        b = cl->buf;
++        p->free = cl->next;
++        ngx_free_chain(p->pool, cl);
++
++    } else {
++        b = ngx_alloc_buf(p->pool);
++        if (b == NULL) {
++            return NGX_ERROR;
++        }
++    }
++
++    ngx_memcpy(b, buf, sizeof(ngx_buf_t));
++    b->shadow = buf;
++    b->tag = p->tag;
++    b->last_shadow = 1;
++    b->recycled = 1;
++    buf->shadow = b;
++
++    cl = ngx_alloc_chain_link(p->pool);
++    if (cl == NULL) {
++        return NGX_ERROR;
++    }
++
++    cl->buf = b;
++    cl->next = NULL;
++
++    ngx_log_debug1(NGX_LOG_DEBUG_EVENT, p->log, 0, "input buf #%d", b->num);
++
++    if (p->in) {
++        *p->last_in = cl;
++    } else {
++        p->in = cl;
++    }
++    p->last_in = &cl->next;
++
++    if (p->length == -1) {
++        return NGX_OK;
++    }
++
++    p->length -= b->last - b->pos;
++
++    if (p->length == 0) {
++        r = p->input_ctx;
++        p->upstream_done = 1;
++        r->upstream->keepalive = !r->upstream->headers_in.connection_close;
++
++    } else if (p->length < 0) {
++        r = p->input_ctx;
++        p->upstream_done = 1;
++
++        ngx_log_error(NGX_LOG_WARN, r->connection->log, 0,
++                      "upstream sent too much data");
++    }
++
++    return NGX_OK;
++}
++
++
++static ngx_inline ngx_int_t
++ngx_http_proxy_parse_chunked(ngx_http_request_t *r, ngx_buf_t *buf)
++{
++    u_char                *pos, ch, c;
++    ngx_int_t              rc;
++    ngx_http_proxy_ctx_t  *ctx;
++    enum {
++        sw_chunk_start = 0,
++        sw_chunk_size,
++        sw_chunk_extension,
++        sw_chunk_extension_almost_done,
++        sw_chunk_data,
++        sw_after_data,
++        sw_after_data_almost_done,
++        sw_last_chunk_extension,
++        sw_last_chunk_extension_almost_done,
++        sw_trailer,
++        sw_trailer_almost_done,
++        sw_trailer_header,
++        sw_trailer_header_almost_done
++    } state;
++
++    ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module);
++
++    if (ctx == NULL) {
++        return NGX_ERROR;
++    }
++
++    state = ctx->state;
++
++    if (state == sw_chunk_data && ctx->size == 0) {
++        state = sw_after_data;
++    }
++
++    rc = NGX_AGAIN;
++
++    for (pos = buf->pos; pos < buf->last; pos++) {
++
++        ch = *pos;
++
++        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                       "http proxy chunked byte: %02Xd s:%d", ch, state);
++
++        switch (state) {
++
++        case sw_chunk_start:
++            if (ch >= '0' && ch <= '9') {
++                state = sw_chunk_size;
++                ctx->size = ch - '0';
++                break;
++            }
++
++            c = (u_char) (ch | 0x20);
++
++            if (c >= 'a' && c <= 'f') {
++                state = sw_chunk_size;
++                ctx->size = c - 'a' + 10;
++                break;
++            }
++
++            goto invalid;
++
++        case sw_chunk_size:
++            if (ch >= '0' && ch <= '9') {
++                ctx->size = ctx->size * 16 + (ch - '0');
++                break;
++            }
++
++            c = (u_char) (ch | 0x20);
++
++            if (c >= 'a' && c <= 'f') {
++                ctx->size = ctx->size * 16 + (c - 'a' + 10);
++                break;
++            }
++
++            if (ctx->size == 0) {
++
++                switch (ch) {
++                case CR:
++                    state = sw_last_chunk_extension_almost_done;
++                    break;
++                case LF:
++                    state = sw_trailer;
++                    break;
++                case ';':
++                case ' ':
++                case '\t':
++                    state = sw_last_chunk_extension;
++                    break;
++                default:
++                    goto invalid;
++                }
++
++                break;
++            }
++
++            switch (ch) {
++            case CR:
++                state = sw_chunk_extension_almost_done;
++                break;
++            case LF:
++                state = sw_chunk_data;
++                break;
++            case ';':
++            case ' ':
++            case '\t':
++                state = sw_chunk_extension;
++                break;
++            default:
++                goto invalid;
++            }
++
++            break;
++
++        case sw_chunk_extension:
++            switch (ch) {
++            case CR:
++                state = sw_chunk_extension_almost_done;
++                break;
++            case LF:
++                state = sw_chunk_data;
++            }
++            break;
++
++        case sw_chunk_extension_almost_done:
++            if (ch == LF) {
++                state = sw_chunk_data;
++                break;
++            }
++            goto invalid;
++
++        case sw_chunk_data:
++            rc = NGX_OK;
++            goto data;
++
++        case sw_after_data:
++            switch (ch) {
++            case CR:
++                state = sw_after_data_almost_done;
++                break;
++            case LF:
++                state = sw_chunk_start;
++            }
++            break;
++
++        case sw_after_data_almost_done:
++            if (ch == LF) {
++                state = sw_chunk_start;
++                break;
++            }
++            goto invalid;
++
++        case sw_last_chunk_extension:
++            switch (ch) {
++            case CR:
++                state = sw_last_chunk_extension_almost_done;
++                break;
++            case LF:
++                state = sw_trailer;
++            }
++            break;
++
++        case sw_last_chunk_extension_almost_done:
++            if (ch == LF) {
++                state = sw_trailer;
++                break;
++            }
++            goto invalid;
++
++        case sw_trailer:
++            switch (ch) {
++            case CR:
++                state = sw_trailer_almost_done;
++                break;
++            case LF:
++                goto done;
++            default:
++                state = sw_trailer_header;
++            }
++            break;
++
++        case sw_trailer_almost_done:
++            if (ch == LF) {
++                goto done;
++            }
++            goto invalid;
++
++        case sw_trailer_header:
++            switch (ch) {
++            case CR:
++                state = sw_trailer_header_almost_done;
++                break;
++            case LF:
++                state = sw_trailer;
++            }
++            break;
++
++        case sw_trailer_header_almost_done:
++            if (ch == LF) {
++                state = sw_trailer;
++                break;
++            }
++            goto invalid;
++
++        }
++    }
++
++data:
++
++    ctx->state = state;
++    buf->pos = pos;
++
++    switch (state) {
++
++    case sw_chunk_start:
++        ctx->length = 3 /* "0" LF LF */;
++        break;
++    case sw_chunk_size:
++        ctx->length = 2 /* LF LF */
++                      + (ctx->size ? ctx->size + 4 /* LF "0" LF LF */ : 0);
++        break;
++    case sw_chunk_extension:
++    case sw_chunk_extension_almost_done:
++        ctx->length = 1 /* LF */ + ctx->size + 4 /* LF "0" LF LF */;
++        break;
++    case sw_chunk_data:
++        ctx->length = ctx->size + 4 /* LF "0" LF LF */;
++        break;
++    case sw_after_data:
++    case sw_after_data_almost_done:
++        ctx->length = 4 /* LF "0" LF LF */;
++        break;
++    case sw_last_chunk_extension:
++    case sw_last_chunk_extension_almost_done:
++        ctx->length = 2 /* LF LF */;
++        break;
++    case sw_trailer:
++    case sw_trailer_almost_done:
++        ctx->length = 1 /* LF */;
++        break;
++    case sw_trailer_header:
++    case sw_trailer_header_almost_done:
++        ctx->length = 2 /* LF LF */;
++        break;
++
++    }
++
++    return rc;
++
++done:
++
++    return NGX_DONE;
++
++invalid:
++
++    return NGX_ERROR;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_chunked_filter(ngx_event_pipe_t *p, ngx_buf_t *buf)
++{
++    ngx_int_t              rc;
++    ngx_buf_t             *b, **prev;
++    ngx_chain_t           *cl;
++    ngx_http_request_t    *r;
++    ngx_http_proxy_ctx_t  *ctx;
++
++    if (buf->pos == buf->last) {
++        return NGX_OK;
++    }
++
++    r = p->input_ctx;
++    ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module);
++
++    if (ctx == NULL) {
++        return NGX_ERROR;
++    }
++
++    b = NULL;
++    prev = &buf->shadow;
++
++    for ( ;; ) {
++
++        rc = ngx_http_proxy_parse_chunked(r, buf);
++
++        if (rc == NGX_OK) {
++
++            /* a chunk has been parsed successfully */
++
++            if (p->free) {
++                cl = p->free;
++                b = cl->buf;
++                p->free = cl->next;
++                ngx_free_chain(p->pool, cl);
++
++            } else {
++                b = ngx_alloc_buf(p->pool);
++                if (b == NULL) {
++                    return NGX_ERROR;
++                }
++            }
++
++            ngx_memzero(b, sizeof(ngx_buf_t));
++
++            b->pos = buf->pos;
++            b->start = buf->start;
++            b->end = buf->end;
++            b->tag = p->tag;
++            b->temporary = 1;
++            b->recycled = 1;
++
++            *prev = b;
++            prev = &b->shadow;
++
++            cl = ngx_alloc_chain_link(p->pool);
++            if (cl == NULL) {
++                return NGX_ERROR;
++            }
++
++            cl->buf = b;
++            cl->next = NULL;
++
++            if (p->in) {
++                *p->last_in = cl;
++            } else {
++                p->in = cl;
++            }
++            p->last_in = &cl->next;
++
++            /* STUB */ b->num = buf->num;
++
++            ngx_log_debug2(NGX_LOG_DEBUG_EVENT, p->log, 0,
++                           "input buf #%d %p", b->num, b->pos);
++
++            if (buf->last - buf->pos >= ctx->size) {
++
++                buf->pos += ctx->size;
++                b->last = buf->pos;
++                ctx->size = 0;
++
++                continue;
++            }
++
++            ctx->size -= buf->last - buf->pos;
++            buf->pos = buf->last;
++            b->last = buf->last;
++
++            continue;
++        }
++
++        if (rc == NGX_DONE) {
++
++            /* a whole response has been parsed successfully */
++
++            p->upstream_done = 1;
++            r->upstream->keepalive = !r->upstream->headers_in.connection_close;
++
++            break;
++        }
++
++        if (rc == NGX_AGAIN) {
++
++            /* set p->length, minimal amount of data we want to see */
++
++            p->length = ctx->length;
++
++            break;
++        }
++
++        /* invalid response */
++
++        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
++                      "upstream sent invalid chunked response");
++
++        return NGX_ERROR;
++    }
++
++    ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                   "http proxy chunked state %d, length %d",
++                   ctx->state, p->length);
++
++    if (b) {
++        b->shadow = buf;
++        b->last_shadow = 1;
++
++        ngx_log_debug2(NGX_LOG_DEBUG_EVENT, p->log, 0,
++                       "input buf %p %z", b->pos, b->last - b->pos);
++
++        return NGX_OK;
++    }
++
++    /* there is no data record in the buf, add it to free chain */
++
++    if (ngx_event_pipe_add_free_buf(p, buf) != NGX_OK) {
++        return NGX_ERROR;
++    }
++
++    return NGX_OK;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_non_buffered_copy_filter(void *data, ssize_t bytes)
++{
++    ngx_http_request_t   *r = data;
++
++    ngx_buf_t            *b;
++    ngx_chain_t          *cl, **ll;
++    ngx_http_upstream_t  *u;
++
++    u = r->upstream;
++
++    for (cl = u->out_bufs, ll = &u->out_bufs; cl; cl = cl->next) {
++        ll = &cl->next;
++    }
++
++    cl = ngx_chain_get_free_buf(r->pool, &u->free_bufs);
++    if (cl == NULL) {
++        return NGX_ERROR;
++    }
++
++    *ll = cl;
++
++    cl->buf->flush = 1;
++    cl->buf->memory = 1;
++
++    b = &u->buffer;
++
++    cl->buf->pos = b->last;
++    b->last += bytes;
++    cl->buf->last = b->last;
++    cl->buf->tag = u->output.tag;
++
++    if (u->length == -1) {
++        return NGX_OK;
++    }
++
++    u->length -= bytes;
++
++    if (u->length == 0) {
++        u->keepalive = !u->headers_in.connection_close;
++    }
++
++    return NGX_OK;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_non_buffered_chunked_filter(void *data, ssize_t bytes)
++{
++    ngx_http_request_t   *r = data;
++
++    ngx_int_t              rc;
++    ngx_buf_t             *b, *buf;
++    ngx_chain_t           *cl, **ll;
++    ngx_http_upstream_t   *u;
++    ngx_http_proxy_ctx_t  *ctx;
++
++    ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module);
++
++    if (ctx == NULL) {
++        return NGX_ERROR;
++    }
++
++    u = r->upstream;
++    buf = &u->buffer;
++
++    buf->pos = buf->last;
++    buf->last += bytes;
++
++    for (cl = u->out_bufs, ll = &u->out_bufs; cl; cl = cl->next) {
++        ll = &cl->next;
++    }
++
++    for ( ;; ) {
++
++        rc = ngx_http_proxy_parse_chunked(r, buf);
++
++        if (rc == NGX_OK) {
++
++            /* a chunk has been parsed successfully */
++
++            cl = ngx_chain_get_free_buf(r->pool, &u->free_bufs);
++            if (cl == NULL) {
++                return NGX_ERROR;
++            }
++
++            *ll = cl;
++            ll = &cl->next;
++
++            b = cl->buf;
++
++            b->flush = 1;
++            b->memory = 1;
++
++            b->pos = buf->pos;
++            b->tag = u->output.tag;
++
++            if (buf->last - buf->pos >= ctx->size) {
++                buf->pos += ctx->size;
++                b->last = buf->pos;
++                ctx->size = 0;
++
++            } else {
++                ctx->size -= buf->last - buf->pos;
++                buf->pos = buf->last;
++                b->last = buf->last;
++            }
++
++            ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                           "http proxy out buf %p %z",
++                           b->pos, b->last - b->pos);
++
++            continue;
++        }
++
++        if (rc == NGX_DONE) {
++
++            /* a whole response has been parsed successfully */
++
++            u->keepalive = !u->headers_in.connection_close;
++            u->length = 0;
++
++            break;
++        }
++
++        if (rc == NGX_AGAIN) {
++            break;
++        }
++
++        /* invalid response */
++
++        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
++                      "upstream sent invalid chunked response");
++
++        return NGX_ERROR;
++    }
++
++    /* provide continuous buffer for subrequests in memory */
++
++    if (r->subrequest_in_memory) {
++
++        cl = u->out_bufs;
++
++        if (cl) {
++            buf->pos = cl->buf->pos;
++        }
++
++        buf->last = buf->pos;
++
++        for (cl = u->out_bufs; cl; cl = cl->next) {
++            ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                           "http proxy in memory %p-%p %uz",
++                           cl->buf->pos, cl->buf->last, ngx_buf_size(cl->buf));
++
++            if (buf->last == cl->buf->pos) {
++                buf->last = cl->buf->last;
++                continue;
++            }
++
++            buf->last = ngx_movemem(buf->last, cl->buf->pos,
++                                    cl->buf->last - cl->buf->pos);
++
++            cl->buf->pos = buf->last - (cl->buf->last - cl->buf->pos);
++            cl->buf->last = buf->last;
++        }
++    }
++
++    return NGX_OK;
++}
++
++
++static void
++ngx_http_proxy_abort_request(ngx_http_request_t *r)
++{
++    ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                   "abort http proxy request");
++
++    return;
++}
++
++
++static void
++ngx_http_proxy_finalize_request(ngx_http_request_t *r, ngx_int_t rc)
++{
++    ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                   "finalize http proxy request");
++
++    return;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_host_variable(ngx_http_request_t *r,
++    ngx_http_variable_value_t *v, uintptr_t data)
++{
++    ngx_http_proxy_ctx_t  *ctx;
++
++    ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module);
++
++    if (ctx == NULL) {
++        v->not_found = 1;
++        return NGX_OK;
++    }
++
++    v->len = ctx->vars.host_header.len;
++    v->valid = 1;
++    v->no_cacheable = 0;
++    v->not_found = 0;
++    v->data = ctx->vars.host_header.data;
++
++    return NGX_OK;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_port_variable(ngx_http_request_t *r,
++    ngx_http_variable_value_t *v, uintptr_t data)
++{
++    ngx_http_proxy_ctx_t  *ctx;
++
++    ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module);
++
++    if (ctx == NULL) {
++        v->not_found = 1;
++        return NGX_OK;
++    }
++
++    v->len = ctx->vars.port.len;
++    v->valid = 1;
++    v->no_cacheable = 0;
++    v->not_found = 0;
++    v->data = ctx->vars.port.data;
++
++    return NGX_OK;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_add_x_forwarded_for_variable(ngx_http_request_t *r,
++    ngx_http_variable_value_t *v, uintptr_t data)
++{
++    u_char  *p;
++
++    v->valid = 1;
++    v->no_cacheable = 0;
++    v->not_found = 0;
++
++    if (r->headers_in.x_forwarded_for == NULL) {
++        v->len = r->connection->addr_text.len;
++        v->data = r->connection->addr_text.data;
++        return NGX_OK;
++    }
++
++    v->len = r->headers_in.x_forwarded_for->value.len
++             + sizeof(", ") - 1 + r->connection->addr_text.len;
++
++    p = ngx_pnalloc(r->pool, v->len);
++    if (p == NULL) {
++        return NGX_ERROR;
++    }
++
++    v->data = p;
++
++    p = ngx_copy(p, r->headers_in.x_forwarded_for->value.data,
++                 r->headers_in.x_forwarded_for->value.len);
++
++    *p++ = ','; *p++ = ' ';
++
++    ngx_memcpy(p, r->connection->addr_text.data, r->connection->addr_text.len);
++
++    return NGX_OK;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_internal_body_length_variable(ngx_http_request_t *r,
++    ngx_http_variable_value_t *v, uintptr_t data)
++{
++    ngx_http_proxy_ctx_t  *ctx;
++
++    ctx = ngx_http_get_module_ctx(r, ngx_http_proxy_module);
++
++    if (ctx == NULL) {
++        v->not_found = 1;
++        return NGX_OK;
++    }
++
++    v->valid = 1;
++    v->no_cacheable = 0;
++    v->not_found = 0;
++
++    v->data = ngx_pnalloc(r->connection->pool, NGX_SIZE_T_LEN);
++
++    if (v->data == NULL) {
++        return NGX_ERROR;
++    }
++
++    v->len = ngx_sprintf(v->data, "%uz", ctx->internal_body_length) - v->data;
++
++    return NGX_OK;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_rewrite_redirect(ngx_http_request_t *r, ngx_table_elt_t *h,
++    size_t prefix)
++{
++    size_t                      len;
++    ngx_int_t                   rc;
++    ngx_uint_t                  i;
++    ngx_http_proxy_rewrite_t   *pr;
++    ngx_http_proxy_loc_conf_t  *plcf;
++
++    plcf = ngx_http_get_module_loc_conf(r, ngx_http_proxy_module);
++
++    pr = plcf->redirects->elts;
++
++    if (pr == NULL) {
++        return NGX_DECLINED;
++    }
++
++    len = h->value.len - prefix;
++
++    for (i = 0; i < plcf->redirects->nelts; i++) {
++        rc = pr[i].handler(r, h, prefix, len, &pr[i]);
++
++        if (rc != NGX_DECLINED) {
++            return rc;
++        }
++    }
++
++    return NGX_DECLINED;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_rewrite_cookie(ngx_http_request_t *r, ngx_table_elt_t *h)
++{
++    size_t                      prefix;
++    u_char                     *p;
++    ngx_int_t                   rc, rv;
++    ngx_http_proxy_loc_conf_t  *plcf;
++
++    p = (u_char *) ngx_strchr(h->value.data, ';');
++    if (p == NULL) {
++        return NGX_DECLINED;
++    }
++
++    prefix = p + 1 - h->value.data;
++
++    rv = NGX_DECLINED;
++
++    plcf = ngx_http_get_module_loc_conf(r, ngx_http_proxy_module);
++
++    if (plcf->cookie_domains) {
++        p = ngx_strcasestrn(h->value.data + prefix, "domain=", 7 - 1);
++
++        if (p) {
++            rc = ngx_http_proxy_rewrite_cookie_value(r, h, p + 7,
++                                                     plcf->cookie_domains);
++            if (rc == NGX_ERROR) {
++                return NGX_ERROR;
++            }
++
++            if (rc != NGX_DECLINED) {
++                rv = rc;
++            }
++        }
++    }
++
++    if (plcf->cookie_paths) {
++        p = ngx_strcasestrn(h->value.data + prefix, "path=", 5 - 1);
++
++        if (p) {
++            rc = ngx_http_proxy_rewrite_cookie_value(r, h, p + 5,
++                                                     plcf->cookie_paths);
++            if (rc == NGX_ERROR) {
++                return NGX_ERROR;
++            }
++
++            if (rc != NGX_DECLINED) {
++                rv = rc;
++            }
++        }
++    }
++
++    return rv;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_rewrite_cookie_value(ngx_http_request_t *r, ngx_table_elt_t *h,
++    u_char *value, ngx_array_t *rewrites)
++{
++    size_t                     len, prefix;
++    u_char                    *p;
++    ngx_int_t                  rc;
++    ngx_uint_t                 i;
++    ngx_http_proxy_rewrite_t  *pr;
++
++    prefix = value - h->value.data;
++
++    p = (u_char *) ngx_strchr(value, ';');
++
++    len = p ? (size_t) (p - value) : (h->value.len - prefix);
++
++    pr = rewrites->elts;
++
++    for (i = 0; i < rewrites->nelts; i++) {
++        rc = pr[i].handler(r, h, prefix, len, &pr[i]);
++
++        if (rc != NGX_DECLINED) {
++            return rc;
++        }
++    }
++
++    return NGX_DECLINED;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_rewrite_complex_handler(ngx_http_request_t *r,
++    ngx_table_elt_t *h, size_t prefix, size_t len, ngx_http_proxy_rewrite_t *pr)
++{
++    ngx_str_t  pattern, replacement;
++
++    if (ngx_http_complex_value(r, &pr->pattern.complex, &pattern) != NGX_OK) {
++        return NGX_ERROR;
++    }
++
++    if (pattern.len > len
++        || ngx_rstrncmp(h->value.data + prefix, pattern.data,
++                        pattern.len) != 0)
++    {
++        return NGX_DECLINED;
++    }
++
++    if (ngx_http_complex_value(r, &pr->replacement, &replacement) != NGX_OK) {
++        return NGX_ERROR;
++    }
++
++    return ngx_http_proxy_rewrite(r, h, prefix, pattern.len, &replacement);
++}
++
++
++#if (NGX_PCRE)
++
++static ngx_int_t
++ngx_http_proxy_rewrite_regex_handler(ngx_http_request_t *r, ngx_table_elt_t *h,
++    size_t prefix, size_t len, ngx_http_proxy_rewrite_t *pr)
++{
++    ngx_str_t  pattern, replacement;
++
++    pattern.len = len;
++    pattern.data = h->value.data + prefix;
++
++    if (ngx_http_regex_exec(r, pr->pattern.regex, &pattern) != NGX_OK) {
++        return NGX_DECLINED;
++    }
++
++    if (ngx_http_complex_value(r, &pr->replacement, &replacement) != NGX_OK) {
++        return NGX_ERROR;
++    }
++
++    if (prefix == 0 && h->value.len == len) {
++        h->value = replacement;
++        return NGX_OK;
++    }
++
++    return ngx_http_proxy_rewrite(r, h, prefix, len, &replacement);
++}
++
++#endif
++
++
++static ngx_int_t
++ngx_http_proxy_rewrite_domain_handler(ngx_http_request_t *r,
++    ngx_table_elt_t *h, size_t prefix, size_t len, ngx_http_proxy_rewrite_t *pr)
++{
++    u_char     *p;
++    ngx_str_t   pattern, replacement;
++
++    if (ngx_http_complex_value(r, &pr->pattern.complex, &pattern) != NGX_OK) {
++        return NGX_ERROR;
++    }
++
++    p = h->value.data + prefix;
++
++    if (p[0] == '.') {
++        p++;
++        prefix++;
++        len--;
++    }
++
++    if (pattern.len != len || ngx_rstrncasecmp(pattern.data, p, len) != 0) {
++        return NGX_DECLINED;
++    }
++
++    if (ngx_http_complex_value(r, &pr->replacement, &replacement) != NGX_OK) {
++        return NGX_ERROR;
++    }
++
++    return ngx_http_proxy_rewrite(r, h, prefix, len, &replacement);
++}
++
++
++static ngx_int_t
++ngx_http_proxy_rewrite(ngx_http_request_t *r, ngx_table_elt_t *h, size_t prefix,
++    size_t len, ngx_str_t *replacement)
++{
++    u_char  *p, *data;
++    size_t   new_len;
++
++    new_len = replacement->len + h->value.len - len;
++
++    if (replacement->len > len) {
++
++        data = ngx_pnalloc(r->pool, new_len);
++        if (data == NULL) {
++            return NGX_ERROR;
++        }
++
++        p = ngx_copy(data, h->value.data, prefix);
++        p = ngx_copy(p, replacement->data, replacement->len);
++
++        ngx_memcpy(p, h->value.data + prefix + len,
++                   h->value.len - len - prefix);
++
++        h->value.data = data;
++
++    } else {
++        p = ngx_copy(h->value.data + prefix, replacement->data,
++                     replacement->len);
++
++        ngx_memmove(p, h->value.data + prefix + len,
++                    h->value.len - len - prefix);
++    }
++
++    h->value.len = new_len;
++
++    return NGX_OK;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_add_variables(ngx_conf_t *cf)
++{
++    ngx_http_variable_t  *var, *v;
++
++    for (v = ngx_http_proxy_vars; v->name.len; v++) {
++        var = ngx_http_add_variable(cf, &v->name, v->flags);
++        if (var == NULL) {
++            return NGX_ERROR;
++        }
++
++        var->get_handler = v->get_handler;
++        var->data = v->data;
++    }
++
++    return NGX_OK;
++}
++
++
++static void *
++ngx_http_proxy_create_loc_conf(ngx_conf_t *cf)
++{
++    ngx_http_proxy_loc_conf_t  *conf;
++
++    conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_proxy_loc_conf_t));
++    if (conf == NULL) {
++        return NULL;
++    }
++
++    /*
++     * set by ngx_pcalloc():
++     *
++     *     conf->upstream.bufs.num = 0;
++     *     conf->upstream.ignore_headers = 0;
++     *     conf->upstream.next_upstream = 0;
++     *     conf->upstream.cache_use_stale = 0;
++     *     conf->upstream.cache_methods = 0;
++     *     conf->upstream.temp_path = NULL;
++     *     conf->upstream.hide_headers_hash = { NULL, 0 };
++     *     conf->upstream.uri = { 0, NULL };
++     *     conf->upstream.location = NULL;
++     *     conf->upstream.store_lengths = NULL;
++     *     conf->upstream.store_values = NULL;
++     *
++     *     conf->method = NULL;
++     *     conf->headers_source = NULL;
++     *     conf->headers_set_len = NULL;
++     *     conf->headers_set = NULL;
++     *     conf->headers_set_hash = NULL;
++     *     conf->body_set_len = NULL;
++     *     conf->body_set = NULL;
++     *     conf->body_source = { 0, NULL };
++     *     conf->redirects = NULL;
++     */
++
++    conf->upstream.store = NGX_CONF_UNSET;
++    conf->upstream.store_access = NGX_CONF_UNSET_UINT;
++    conf->upstream.buffering = NGX_CONF_UNSET;
++    conf->upstream.ignore_client_abort = NGX_CONF_UNSET;
++
++    conf->upstream.connect_timeout = NGX_CONF_UNSET_MSEC;
++    conf->upstream.send_timeout = NGX_CONF_UNSET_MSEC;
++    conf->upstream.read_timeout = NGX_CONF_UNSET_MSEC;
++
++    conf->upstream.send_lowat = NGX_CONF_UNSET_SIZE;
++    conf->upstream.buffer_size = NGX_CONF_UNSET_SIZE;
++
++    conf->upstream.busy_buffers_size_conf = NGX_CONF_UNSET_SIZE;
++    conf->upstream.max_temp_file_size_conf = NGX_CONF_UNSET_SIZE;
++    conf->upstream.temp_file_write_size_conf = NGX_CONF_UNSET_SIZE;
++
++    conf->upstream.pass_request_headers = NGX_CONF_UNSET;
++    conf->upstream.pass_request_body = NGX_CONF_UNSET;
++
++#if (NGX_HTTP_CACHE)
++    conf->upstream.cache = NGX_CONF_UNSET_PTR;
++    conf->upstream.cache_min_uses = NGX_CONF_UNSET_UINT;
++    conf->upstream.cache_bypass = NGX_CONF_UNSET_PTR;
++    conf->upstream.no_cache = NGX_CONF_UNSET_PTR;
++    conf->upstream.cache_valid = NGX_CONF_UNSET_PTR;
++    conf->upstream.cache_lock = NGX_CONF_UNSET;
++    conf->upstream.cache_lock_timeout = NGX_CONF_UNSET_MSEC;
++#endif
++
++    conf->upstream.hide_headers = NGX_CONF_UNSET_PTR;
++    conf->upstream.pass_headers = NGX_CONF_UNSET_PTR;
++
++    conf->upstream.intercept_errors = NGX_CONF_UNSET;
++#if (NGX_HTTP_SSL)
++    conf->upstream.ssl_session_reuse = NGX_CONF_UNSET;
++#endif
++
++    /* "proxy_cyclic_temp_file" is disabled */
++    conf->upstream.cyclic_temp_file = 0;
++
++    conf->redirect = NGX_CONF_UNSET;
++    conf->upstream.change_buffering = 1;
++
++    conf->cookie_domains = NGX_CONF_UNSET_PTR;
++    conf->cookie_paths = NGX_CONF_UNSET_PTR;
++
++    conf->http_version = NGX_CONF_UNSET_UINT;
++
++    conf->headers_hash_max_size = NGX_CONF_UNSET_UINT;
++    conf->headers_hash_bucket_size = NGX_CONF_UNSET_UINT;
++
++    ngx_str_set(&conf->upstream.module, "proxy");
++
++    return conf;
++}
++
++
++static char *
++ngx_http_proxy_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
++{
++    ngx_http_proxy_loc_conf_t *prev = parent;
++    ngx_http_proxy_loc_conf_t *conf = child;
++
++    u_char                     *p;
++    size_t                      size;
++    ngx_hash_init_t             hash;
++    ngx_http_core_loc_conf_t   *clcf;
++    ngx_http_proxy_rewrite_t   *pr;
++    ngx_http_script_compile_t   sc;
++
++    if (conf->upstream.store != 0) {
++        ngx_conf_merge_value(conf->upstream.store,
++                              prev->upstream.store, 0);
++
++        if (conf->upstream.store_lengths == NULL) {
++            conf->upstream.store_lengths = prev->upstream.store_lengths;
++            conf->upstream.store_values = prev->upstream.store_values;
++        }
++    }
++
++    ngx_conf_merge_uint_value(conf->upstream.store_access,
++                              prev->upstream.store_access, 0600);
++
++    ngx_conf_merge_value(conf->upstream.buffering,
++                              prev->upstream.buffering, 1);
++
++    ngx_conf_merge_value(conf->upstream.ignore_client_abort,
++                              prev->upstream.ignore_client_abort, 0);
++
++    ngx_conf_merge_msec_value(conf->upstream.connect_timeout,
++                              prev->upstream.connect_timeout, 60000);
++
++    ngx_conf_merge_msec_value(conf->upstream.send_timeout,
++                              prev->upstream.send_timeout, 60000);
++
++    ngx_conf_merge_msec_value(conf->upstream.read_timeout,
++                              prev->upstream.read_timeout, 60000);
++
++    ngx_conf_merge_size_value(conf->upstream.send_lowat,
++                              prev->upstream.send_lowat, 0);
++
++    ngx_conf_merge_size_value(conf->upstream.buffer_size,
++                              prev->upstream.buffer_size,
++                              (size_t) ngx_pagesize);
++
++    ngx_conf_merge_bufs_value(conf->upstream.bufs, prev->upstream.bufs,
++                              8, ngx_pagesize);
++
++    if (conf->upstream.bufs.num < 2) {
++        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++                           "there must be at least 2 \"proxy_buffers\"");
++        return NGX_CONF_ERROR;
++    }
++
++
++    size = conf->upstream.buffer_size;
++    if (size < conf->upstream.bufs.size) {
++        size = conf->upstream.bufs.size;
++    }
++
++
++    ngx_conf_merge_size_value(conf->upstream.busy_buffers_size_conf,
++                              prev->upstream.busy_buffers_size_conf,
++                              NGX_CONF_UNSET_SIZE);
++
++    if (conf->upstream.busy_buffers_size_conf == NGX_CONF_UNSET_SIZE) {
++        conf->upstream.busy_buffers_size = 2 * size;
++    } else {
++        conf->upstream.busy_buffers_size =
++                                         conf->upstream.busy_buffers_size_conf;
++    }
++
++    if (conf->upstream.busy_buffers_size < size) {
++        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++             "\"proxy_busy_buffers_size\" must be equal to or greater than "
++             "the maximum of the value of \"proxy_buffer_size\" and "
++             "one of the \"proxy_buffers\"");
++
++        return NGX_CONF_ERROR;
++    }
++
++    if (conf->upstream.busy_buffers_size
++        > (conf->upstream.bufs.num - 1) * conf->upstream.bufs.size)
++    {
++        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++             "\"proxy_busy_buffers_size\" must be less than "
++             "the size of all \"proxy_buffers\" minus one buffer");
++
++        return NGX_CONF_ERROR;
++    }
++
++
++    ngx_conf_merge_size_value(conf->upstream.temp_file_write_size_conf,
++                              prev->upstream.temp_file_write_size_conf,
++                              NGX_CONF_UNSET_SIZE);
++
++    if (conf->upstream.temp_file_write_size_conf == NGX_CONF_UNSET_SIZE) {
++        conf->upstream.temp_file_write_size = 2 * size;
++    } else {
++        conf->upstream.temp_file_write_size =
++                                      conf->upstream.temp_file_write_size_conf;
++    }
++
++    if (conf->upstream.temp_file_write_size < size) {
++        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++             "\"proxy_temp_file_write_size\" must be equal to or greater "
++             "than the maximum of the value of \"proxy_buffer_size\" and "
++             "one of the \"proxy_buffers\"");
++
++        return NGX_CONF_ERROR;
++    }
++
++    ngx_conf_merge_size_value(conf->upstream.max_temp_file_size_conf,
++                              prev->upstream.max_temp_file_size_conf,
++                              NGX_CONF_UNSET_SIZE);
++
++    if (conf->upstream.max_temp_file_size_conf == NGX_CONF_UNSET_SIZE) {
++        conf->upstream.max_temp_file_size = 1024 * 1024 * 1024;
++    } else {
++        conf->upstream.max_temp_file_size =
++                                        conf->upstream.max_temp_file_size_conf;
++    }
++
++    if (conf->upstream.max_temp_file_size != 0
++        && conf->upstream.max_temp_file_size < size)
++    {
++        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++             "\"proxy_max_temp_file_size\" must be equal to zero to disable "
++             "temporary files usage or must be equal to or greater than "
++             "the maximum of the value of \"proxy_buffer_size\" and "
++             "one of the \"proxy_buffers\"");
++
++        return NGX_CONF_ERROR;
++    }
++
++
++    ngx_conf_merge_bitmask_value(conf->upstream.ignore_headers,
++                              prev->upstream.ignore_headers,
++                              NGX_CONF_BITMASK_SET);
++
++
++    ngx_conf_merge_bitmask_value(conf->upstream.next_upstream,
++                              prev->upstream.next_upstream,
++                              (NGX_CONF_BITMASK_SET
++                               |NGX_HTTP_UPSTREAM_FT_ERROR
++                               |NGX_HTTP_UPSTREAM_FT_TIMEOUT));
++
++    if (conf->upstream.next_upstream & NGX_HTTP_UPSTREAM_FT_OFF) {
++        conf->upstream.next_upstream = NGX_CONF_BITMASK_SET
++                                       |NGX_HTTP_UPSTREAM_FT_OFF;
++    }
++
++    if (ngx_conf_merge_path_value(cf, &conf->upstream.temp_path,
++                              prev->upstream.temp_path,
++                              &ngx_http_proxy_temp_path)
++        != NGX_OK)
++    {
++        return NGX_CONF_ERROR;
++    }
++
++
++#if (NGX_HTTP_CACHE)
++
++    ngx_conf_merge_ptr_value(conf->upstream.cache,
++                              prev->upstream.cache, NULL);
++
++    if (conf->upstream.cache && conf->upstream.cache->data == NULL) {
++        ngx_shm_zone_t  *shm_zone;
++
++        shm_zone = conf->upstream.cache;
++
++        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++                           "\"proxy_cache\" zone \"%V\" is unknown",
++                           &shm_zone->shm.name);
++
++        return NGX_CONF_ERROR;
++    }
++
++    ngx_conf_merge_uint_value(conf->upstream.cache_min_uses,
++                              prev->upstream.cache_min_uses, 1);
++
++    ngx_conf_merge_bitmask_value(conf->upstream.cache_use_stale,
++                              prev->upstream.cache_use_stale,
++                              (NGX_CONF_BITMASK_SET
++                               |NGX_HTTP_UPSTREAM_FT_OFF));
++
++    if (conf->upstream.cache_use_stale & NGX_HTTP_UPSTREAM_FT_OFF) {
++        conf->upstream.cache_use_stale = NGX_CONF_BITMASK_SET
++                                         |NGX_HTTP_UPSTREAM_FT_OFF;
++    }
++
++    if (conf->upstream.cache_use_stale & NGX_HTTP_UPSTREAM_FT_ERROR) {
++        conf->upstream.cache_use_stale |= NGX_HTTP_UPSTREAM_FT_NOLIVE;
++    }
++
++    if (conf->upstream.cache_methods == 0) {
++        conf->upstream.cache_methods = prev->upstream.cache_methods;
++    }
++
++    conf->upstream.cache_methods |= NGX_HTTP_GET|NGX_HTTP_HEAD;
++
++    ngx_conf_merge_ptr_value(conf->upstream.cache_bypass,
++                             prev->upstream.cache_bypass, NULL);
++
++    ngx_conf_merge_ptr_value(conf->upstream.no_cache,
++                             prev->upstream.no_cache, NULL);
++
++    if (conf->upstream.no_cache && conf->upstream.cache_bypass == NULL) {
++        ngx_log_error(NGX_LOG_WARN, cf->log, 0,
++             "\"proxy_no_cache\" functionality has been changed in 0.8.46, "
++             "now it should be used together with \"proxy_cache_bypass\"");
++    }
++
++    ngx_conf_merge_ptr_value(conf->upstream.cache_valid,
++                             prev->upstream.cache_valid, NULL);
++
++    if (conf->cache_key.value.data == NULL) {
++        conf->cache_key = prev->cache_key;
++    }
++
++    ngx_conf_merge_value(conf->upstream.cache_lock,
++                              prev->upstream.cache_lock, 0);
++
++    ngx_conf_merge_msec_value(conf->upstream.cache_lock_timeout,
++                              prev->upstream.cache_lock_timeout, 5000);
++
++#endif
++
++    if (conf->method.len == 0) {
++        conf->method = prev->method;
++
++    } else {
++        conf->method.data[conf->method.len] = ' ';
++        conf->method.len++;
++    }
++
++    ngx_conf_merge_value(conf->upstream.pass_request_headers,
++                              prev->upstream.pass_request_headers, 1);
++    ngx_conf_merge_value(conf->upstream.pass_request_body,
++                              prev->upstream.pass_request_body, 1);
++
++    ngx_conf_merge_value(conf->upstream.intercept_errors,
++                              prev->upstream.intercept_errors, 0);
++
++#if (NGX_HTTP_SSL)
++    ngx_conf_merge_value(conf->upstream.ssl_session_reuse,
++                              prev->upstream.ssl_session_reuse, 1);
++#endif
++
++    ngx_conf_merge_value(conf->redirect, prev->redirect, 1);
++
++    if (conf->redirect) {
++
++        if (conf->redirects == NULL) {
++            conf->redirects = prev->redirects;
++        }
++
++        if (conf->redirects == NULL && conf->url.data) {
++
++            conf->redirects = ngx_array_create(cf->pool, 1,
++                                             sizeof(ngx_http_proxy_rewrite_t));
++            if (conf->redirects == NULL) {
++                return NGX_CONF_ERROR;
++            }
++
++            pr = ngx_array_push(conf->redirects);
++            if (pr == NULL) {
++                return NGX_CONF_ERROR;
++            }
++
++            ngx_memzero(&pr->pattern.complex,
++                        sizeof(ngx_http_complex_value_t));
++
++            ngx_memzero(&pr->replacement, sizeof(ngx_http_complex_value_t));
++
++            pr->handler = ngx_http_proxy_rewrite_complex_handler;
++
++            if (conf->vars.uri.len) {
++                pr->pattern.complex.value = conf->url;
++                pr->replacement.value = conf->location;
++
++            } else {
++                pr->pattern.complex.value.len = conf->url.len
++                                                + sizeof("/") - 1;
++
++                p = ngx_pnalloc(cf->pool, pr->pattern.complex.value.len);
++                if (p == NULL) {
++                    return NGX_CONF_ERROR;
++                }
++
++                pr->pattern.complex.value.data = p;
++
++                p = ngx_cpymem(p, conf->url.data, conf->url.len);
++                *p = '/';
++
++                ngx_str_set(&pr->replacement.value, "/");
++            }
++        }
++    }
++
++    ngx_conf_merge_ptr_value(conf->cookie_domains, prev->cookie_domains, NULL);
++
++    ngx_conf_merge_ptr_value(conf->cookie_paths, prev->cookie_paths, NULL);
++
++#if (NGX_HTTP_SSL)
++    if (conf->upstream.ssl == NULL) {
++        conf->upstream.ssl = prev->upstream.ssl;
++    }
++#endif
++
++    ngx_conf_merge_uint_value(conf->http_version, prev->http_version,
++                              NGX_HTTP_VERSION_10);
++
++    ngx_conf_merge_uint_value(conf->headers_hash_max_size,
++                              prev->headers_hash_max_size, 512);
++
++    ngx_conf_merge_uint_value(conf->headers_hash_bucket_size,
++                              prev->headers_hash_bucket_size, 64);
++
++    conf->headers_hash_bucket_size = ngx_align(conf->headers_hash_bucket_size,
++                                               ngx_cacheline_size);
++
++    hash.max_size = conf->headers_hash_max_size;
++    hash.bucket_size = conf->headers_hash_bucket_size;
++    hash.name = "proxy_headers_hash";
++
++    if (ngx_http_upstream_hide_headers_hash(cf, &conf->upstream,
++            &prev->upstream, ngx_http_proxy_hide_headers, &hash)
++        != NGX_OK)
++    {
++        return NGX_CONF_ERROR;
++    }
++
++    if (conf->upstream.upstream == NULL) {
++        conf->upstream.upstream = prev->upstream.upstream;
++        conf->vars = prev->vars;
++    }
++
++    if (conf->proxy_lengths == NULL) {
++        conf->proxy_lengths = prev->proxy_lengths;
++        conf->proxy_values = prev->proxy_values;
++    }
++
++    if (conf->upstream.upstream || conf->proxy_lengths) {
++        clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
++        if (clcf->handler == NULL && clcf->lmt_excpt) {
++            clcf->handler = ngx_http_proxy_handler;
++            conf->location = prev->location;
++        }
++    }
++
++    if (conf->body_source.data == NULL) {
++        conf->body_source = prev->body_source;
++        conf->body_set_len = prev->body_set_len;
++        conf->body_set = prev->body_set;
++    }
++
++    if (conf->body_source.data && conf->body_set_len == NULL) {
++
++        ngx_memzero(&sc, sizeof(ngx_http_script_compile_t));
++
++        sc.cf = cf;
++        sc.source = &conf->body_source;
++        sc.flushes = &conf->flushes;
++        sc.lengths = &conf->body_set_len;
++        sc.values = &conf->body_set;
++        sc.complete_lengths = 1;
++        sc.complete_values = 1;
++
++        if (ngx_http_script_compile(&sc) != NGX_OK) {
++            return NGX_CONF_ERROR;
++        }
++    }
++
++    if (ngx_http_proxy_merge_headers(cf, conf, prev) != NGX_OK) {
++        return NGX_CONF_ERROR;
++    }
++
++    return NGX_CONF_OK;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_merge_headers(ngx_conf_t *cf, ngx_http_proxy_loc_conf_t *conf,
++    ngx_http_proxy_loc_conf_t *prev)
++{
++    u_char                       *p;
++    size_t                        size;
++    uintptr_t                    *code;
++    ngx_uint_t                    i;
++    ngx_array_t                   headers_names, headers_merged;
++    ngx_keyval_t                 *src, *s, *h;
++    ngx_hash_key_t               *hk;
++    ngx_hash_init_t               hash;
++    ngx_http_script_compile_t     sc;
++    ngx_http_script_copy_code_t  *copy;
++
++    if (conf->headers_source == NULL) {
++        conf->flushes = prev->flushes;
++        conf->headers_set_len = prev->headers_set_len;
++        conf->headers_set = prev->headers_set;
++        conf->headers_set_hash = prev->headers_set_hash;
++        conf->headers_source = prev->headers_source;
++    }
++
++    if (conf->headers_set_hash.buckets
++        && ((conf->body_source.data == NULL)
++            == (prev->body_source.data == NULL))
++#if (NGX_HTTP_CACHE)
++        && ((conf->upstream.cache == NULL) == (prev->upstream.cache == NULL))
++#endif
++       )
++    {
++        return NGX_OK;
++    }
++
++
++    if (ngx_array_init(&headers_names, cf->temp_pool, 4, sizeof(ngx_hash_key_t))
++        != NGX_OK)
++    {
++        return NGX_ERROR;
++    }
++
++    if (ngx_array_init(&headers_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t))
++        != NGX_OK)
++    {
++        return NGX_ERROR;
++    }
++
++    if (conf->headers_source == NULL) {
++        conf->headers_source = ngx_array_create(cf->pool, 4,
++                                                sizeof(ngx_keyval_t));
++        if (conf->headers_source == NULL) {
++            return NGX_ERROR;
++        }
++    }
++
++    conf->headers_set_len = ngx_array_create(cf->pool, 64, 1);
++    if (conf->headers_set_len == NULL) {
++        return NGX_ERROR;
++    }
++
++    conf->headers_set = ngx_array_create(cf->pool, 512, 1);
++    if (conf->headers_set == NULL) {
++        return NGX_ERROR;
++    }
++
++
++#if (NGX_HTTP_CACHE)
++
++    h = conf->upstream.cache ? ngx_http_proxy_cache_headers:
++                               ngx_http_proxy_headers;
++#else
++
++    h = ngx_http_proxy_headers;
++
++#endif
++
++    src = conf->headers_source->elts;
++    for (i = 0; i < conf->headers_source->nelts; i++) {
++
++        s = ngx_array_push(&headers_merged);
++        if (s == NULL) {
++            return NGX_ERROR;
++        }
++
++        *s = src[i];
++    }
++
++    while (h->key.len) {
++
++        src = headers_merged.elts;
++        for (i = 0; i < headers_merged.nelts; i++) {
++            if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) {
++                goto next;
++            }
++        }
++
++        s = ngx_array_push(&headers_merged);
++        if (s == NULL) {
++            return NGX_ERROR;
++        }
++
++        *s = *h;
++
++    next:
++
++        h++;
++    }
++
++    if (conf->body_source.data) {
++        s = ngx_array_push(&headers_merged);
++        if (s == NULL) {
++            return NGX_ERROR;
++        }
++
++        ngx_str_set(&s->key, "Content-Length");
++        ngx_str_set(&s->value, "$proxy_internal_body_length");
++    }
++
++
++    src = headers_merged.elts;
++    for (i = 0; i < headers_merged.nelts; i++) {
++
++        hk = ngx_array_push(&headers_names);
++        if (hk == NULL) {
++            return NGX_ERROR;
++        }
++
++        hk->key = src[i].key;
++        hk->key_hash = ngx_hash_key_lc(src[i].key.data, src[i].key.len);
++        hk->value = (void *) 1;
++
++        if (src[i].value.len == 0) {
++            continue;
++        }
++
++        if (ngx_http_script_variables_count(&src[i].value) == 0) {
++            copy = ngx_array_push_n(conf->headers_set_len,
++                                    sizeof(ngx_http_script_copy_code_t));
++            if (copy == NULL) {
++                return NGX_ERROR;
++            }
++
++            copy->code = (ngx_http_script_code_pt)
++                                                 ngx_http_script_copy_len_code;
++            copy->len = src[i].key.len + sizeof(": ") - 1
++                        + src[i].value.len + sizeof(CRLF) - 1;
++
++
++            size = (sizeof(ngx_http_script_copy_code_t)
++                       + src[i].key.len + sizeof(": ") - 1
++                       + src[i].value.len + sizeof(CRLF) - 1
++                       + sizeof(uintptr_t) - 1)
++                    & ~(sizeof(uintptr_t) - 1);
++
++            copy = ngx_array_push_n(conf->headers_set, size);
++            if (copy == NULL) {
++                return NGX_ERROR;
++            }
++
++            copy->code = ngx_http_script_copy_code;
++            copy->len = src[i].key.len + sizeof(": ") - 1
++                        + src[i].value.len + sizeof(CRLF) - 1;
++
++            p = (u_char *) copy + sizeof(ngx_http_script_copy_code_t);
++
++            p = ngx_cpymem(p, src[i].key.data, src[i].key.len);
++            *p++ = ':'; *p++ = ' ';
++            p = ngx_cpymem(p, src[i].value.data, src[i].value.len);
++            *p++ = CR; *p = LF;
++
++        } else {
++            copy = ngx_array_push_n(conf->headers_set_len,
++                                    sizeof(ngx_http_script_copy_code_t));
++            if (copy == NULL) {
++                return NGX_ERROR;
++            }
++
++            copy->code = (ngx_http_script_code_pt)
++                                                 ngx_http_script_copy_len_code;
++            copy->len = src[i].key.len + sizeof(": ") - 1;
++
++
++            size = (sizeof(ngx_http_script_copy_code_t)
++                    + src[i].key.len + sizeof(": ") - 1 + sizeof(uintptr_t) - 1)
++                    & ~(sizeof(uintptr_t) - 1);
++
++            copy = ngx_array_push_n(conf->headers_set, size);
++            if (copy == NULL) {
++                return NGX_ERROR;
++            }
++
++            copy->code = ngx_http_script_copy_code;
++            copy->len = src[i].key.len + sizeof(": ") - 1;
++
++            p = (u_char *) copy + sizeof(ngx_http_script_copy_code_t);
++            p = ngx_cpymem(p, src[i].key.data, src[i].key.len);
++            *p++ = ':'; *p = ' ';
++
++
++            ngx_memzero(&sc, sizeof(ngx_http_script_compile_t));
++
++            sc.cf = cf;
++            sc.source = &src[i].value;
++            sc.flushes = &conf->flushes;
++            sc.lengths = &conf->headers_set_len;
++            sc.values = &conf->headers_set;
++
++            if (ngx_http_script_compile(&sc) != NGX_OK) {
++                return NGX_ERROR;
++            }
++
++
++            copy = ngx_array_push_n(conf->headers_set_len,
++                                    sizeof(ngx_http_script_copy_code_t));
++            if (copy == NULL) {
++                return NGX_ERROR;
++            }
++
++            copy->code = (ngx_http_script_code_pt)
++                                                 ngx_http_script_copy_len_code;
++            copy->len = sizeof(CRLF) - 1;
++
++
++            size = (sizeof(ngx_http_script_copy_code_t)
++                    + sizeof(CRLF) - 1 + sizeof(uintptr_t) - 1)
++                    & ~(sizeof(uintptr_t) - 1);
++
++            copy = ngx_array_push_n(conf->headers_set, size);
++            if (copy == NULL) {
++                return NGX_ERROR;
++            }
++
++            copy->code = ngx_http_script_copy_code;
++            copy->len = sizeof(CRLF) - 1;
++
++            p = (u_char *) copy + sizeof(ngx_http_script_copy_code_t);
++            *p++ = CR; *p = LF;
++        }
++
++        code = ngx_array_push_n(conf->headers_set_len, sizeof(uintptr_t));
++        if (code == NULL) {
++            return NGX_ERROR;
++        }
++
++        *code = (uintptr_t) NULL;
++
++        code = ngx_array_push_n(conf->headers_set, sizeof(uintptr_t));
++        if (code == NULL) {
++            return NGX_ERROR;
++        }
++
++        *code = (uintptr_t) NULL;
++    }
++
++    code = ngx_array_push_n(conf->headers_set_len, sizeof(uintptr_t));
++    if (code == NULL) {
++        return NGX_ERROR;
++    }
++
++    *code = (uintptr_t) NULL;
++
++
++    hash.hash = &conf->headers_set_hash;
++    hash.key = ngx_hash_key_lc;
++    hash.max_size = conf->headers_hash_max_size;
++    hash.bucket_size = conf->headers_hash_bucket_size;
++    hash.name = "proxy_headers_hash";
++    hash.pool = cf->pool;
++    hash.temp_pool = NULL;
++
++    return ngx_hash_init(&hash, headers_names.elts, headers_names.nelts);
++}
++
++
++static char *
++ngx_http_proxy_pass(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
++{
++    ngx_http_proxy_loc_conf_t *plcf = conf;
++
++    size_t                      add;
++    u_short                     port;
++    ngx_str_t                  *value, *url;
++    ngx_url_t                   u;
++    ngx_uint_t                  n;
++    ngx_http_core_loc_conf_t   *clcf;
++    ngx_http_script_compile_t   sc;
++
++    if (plcf->upstream.upstream || plcf->proxy_lengths) {
++        return "is duplicate";
++    }
++
++    clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
++
++    clcf->handler = ngx_http_proxy_handler;
++
++    if (clcf->name.data[clcf->name.len - 1] == '/') {
++        clcf->auto_redirect = 1;
++    }
++
++    value = cf->args->elts;
++
++    url = &value[1];
++
++    n = ngx_http_script_variables_count(url);
++
++    if (n) {
++
++        ngx_memzero(&sc, sizeof(ngx_http_script_compile_t));
++
++        sc.cf = cf;
++        sc.source = url;
++        sc.lengths = &plcf->proxy_lengths;
++        sc.values = &plcf->proxy_values;
++        sc.variables = n;
++        sc.complete_lengths = 1;
++        sc.complete_values = 1;
++
++        if (ngx_http_script_compile(&sc) != NGX_OK) {
++            return NGX_CONF_ERROR;
++        }
++
++#if (NGX_HTTP_SSL)
++        if (ngx_http_proxy_set_ssl(cf, plcf) != NGX_OK) {
++            return NGX_CONF_ERROR;
++        }
++#endif
++
++        return NGX_CONF_OK;
++    }
++
++    if (ngx_strncasecmp(url->data, (u_char *) "http://", 7) == 0) {
++        add = 7;
++        port = 80;
++
++    } else if (ngx_strncasecmp(url->data, (u_char *) "https://", 8) == 0) {
++
++#if (NGX_HTTP_SSL)
++        if (ngx_http_proxy_set_ssl(cf, plcf) != NGX_OK) {
++            return NGX_CONF_ERROR;
++        }
++
++        add = 8;
++        port = 443;
++#else
++        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++                           "https protocol requires SSL support");
++        return NGX_CONF_ERROR;
++#endif
++
++    } else {
++        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid URL prefix");
++        return NGX_CONF_ERROR;
++    }
++
++    ngx_memzero(&u, sizeof(ngx_url_t));
++
++    u.url.len = url->len - add;
++    u.url.data = url->data + add;
++    u.default_port = port;
++    u.uri_part = 1;
++    u.no_resolve = 1;
++
++    plcf->upstream.upstream = ngx_http_upstream_add(cf, &u, 0);
++    if (plcf->upstream.upstream == NULL) {
++        return NGX_CONF_ERROR;
++    }
++
++    plcf->vars.schema.len = add;
++    plcf->vars.schema.data = url->data;
++    plcf->vars.key_start = plcf->vars.schema;
++
++    ngx_http_proxy_set_vars(&u, &plcf->vars);
++
++    plcf->location = clcf->name;
++
++    if (clcf->named
++#if (NGX_PCRE)
++        || clcf->regex
++#endif
++        || clcf->noname)
++    {
++        if (plcf->vars.uri.len) {
++            ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++                               "\"proxy_pass\" cannot have URI part in "
++                               "location given by regular expression, "
++                               "or inside named location, "
++                               "or inside \"if\" statement, "
++                               "or inside \"limit_except\" block");
++            return NGX_CONF_ERROR;
++        }
++
++        plcf->location.len = 0;
++    }
++
++    plcf->url = *url;
++
++    return NGX_CONF_OK;
++}
++
++
++static char *
++ngx_http_proxy_redirect(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
++{
++    ngx_http_proxy_loc_conf_t *plcf = conf;
++
++    u_char                            *p;
++    ngx_str_t                         *value;
++    ngx_http_proxy_rewrite_t          *pr;
++    ngx_http_compile_complex_value_t   ccv;
++
++    if (plcf->redirect == 0) {
++        return NGX_CONF_OK;
++    }
++
++    plcf->redirect = 1;
++
++    value = cf->args->elts;
++
++    if (cf->args->nelts == 2) {
++        if (ngx_strcmp(value[1].data, "off") == 0) {
++            plcf->redirect = 0;
++            plcf->redirects = NULL;
++            return NGX_CONF_OK;
++        }
++
++        if (ngx_strcmp(value[1].data, "false") == 0) {
++            ngx_conf_log_error(NGX_LOG_ERR, cf, 0,
++                           "invalid parameter \"false\", use \"off\" instead");
++            plcf->redirect = 0;
++            plcf->redirects = NULL;
++            return NGX_CONF_OK;
++        }
++
++        if (ngx_strcmp(value[1].data, "default") != 0) {
++            ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++                               "invalid parameter \"%V\"", &value[1]);
++            return NGX_CONF_ERROR;
++        }
++    }
++
++    if (plcf->redirects == NULL) {
++        plcf->redirects = ngx_array_create(cf->pool, 1,
++                                           sizeof(ngx_http_proxy_rewrite_t));
++        if (plcf->redirects == NULL) {
++            return NGX_CONF_ERROR;
++        }
++    }
++
++    pr = ngx_array_push(plcf->redirects);
++    if (pr == NULL) {
++        return NGX_CONF_ERROR;
++    }
++
++    if (ngx_strcmp(value[1].data, "default") == 0) {
++        if (plcf->proxy_lengths) {
++            ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++                               "\"proxy_redirect default\" cannot be used "
++                               "with \"proxy_pass\" directive with variables");
++            return NGX_CONF_ERROR;
++        }
++
++        if (plcf->url.data == NULL) {
++            ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++                               "\"proxy_redirect default\" should be placed "
++                               "after the \"proxy_pass\" directive");
++            return NGX_CONF_ERROR;
++        }
++
++        pr->handler = ngx_http_proxy_rewrite_complex_handler;
++
++        ngx_memzero(&pr->pattern.complex, sizeof(ngx_http_complex_value_t));
++
++        ngx_memzero(&pr->replacement, sizeof(ngx_http_complex_value_t));
++
++        if (plcf->vars.uri.len) {
++            pr->pattern.complex.value = plcf->url;
++            pr->replacement.value = plcf->location;
++
++        } else {
++            pr->pattern.complex.value.len = plcf->url.len + sizeof("/") - 1;
++
++            p = ngx_pnalloc(cf->pool, pr->pattern.complex.value.len);
++            if (p == NULL) {
++                return NGX_CONF_ERROR;
++            }
++
++            pr->pattern.complex.value.data = p;
++
++            p = ngx_cpymem(p, plcf->url.data, plcf->url.len);
++            *p = '/';
++
++            ngx_str_set(&pr->replacement.value, "/");
++        }
++
++        return NGX_CONF_OK;
++    }
++
++
++    if (value[1].data[0] == '~') {
++        value[1].len--;
++        value[1].data++;
++
++        if (value[1].data[0] == '*') {
++            value[1].len--;
++            value[1].data++;
++
++            if (ngx_http_proxy_rewrite_regex(cf, pr, &value[1], 1) != NGX_OK) {
++                return NGX_CONF_ERROR;
++            }
++
++        } else {
++            if (ngx_http_proxy_rewrite_regex(cf, pr, &value[1], 0) != NGX_OK) {
++                return NGX_CONF_ERROR;
++            }
++        }
++
++    } else {
++
++        ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
++
++        ccv.cf = cf;
++        ccv.value = &value[1];
++        ccv.complex_value = &pr->pattern.complex;
++
++        if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
++            return NGX_CONF_ERROR;
++        }
++
++        pr->handler = ngx_http_proxy_rewrite_complex_handler;
++    }
++
++
++    ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
++
++    ccv.cf = cf;
++    ccv.value = &value[2];
++    ccv.complex_value = &pr->replacement;
++
++    if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
++        return NGX_CONF_ERROR;
++    }
++
++    return NGX_CONF_OK;
++}
++
++
++static char *
++ngx_http_proxy_cookie_domain(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
++{
++    ngx_http_proxy_loc_conf_t *plcf = conf;
++
++    ngx_str_t                         *value;
++    ngx_http_proxy_rewrite_t          *pr;
++    ngx_http_compile_complex_value_t   ccv;
++
++    if (plcf->cookie_domains == NULL) {
++        return NGX_CONF_OK;
++    }
++
++    value = cf->args->elts;
++
++    if (cf->args->nelts == 2) {
++
++        if (ngx_strcmp(value[1].data, "off") == 0) {
++            plcf->cookie_domains = NULL;
++            return NGX_CONF_OK;
++        }
++
++        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++                           "invalid parameter \"%V\"", &value[1]);
++        return NGX_CONF_ERROR;
++    }
++
++    if (plcf->cookie_domains == NGX_CONF_UNSET_PTR) {
++        plcf->cookie_domains = ngx_array_create(cf->pool, 1,
++                                     sizeof(ngx_http_proxy_rewrite_t));
++        if (plcf->cookie_domains == NULL) {
++            return NGX_CONF_ERROR;
++        }
++    }
++
++    pr = ngx_array_push(plcf->cookie_domains);
++    if (pr == NULL) {
++        return NGX_CONF_ERROR;
++    }
++
++    if (value[1].data[0] == '~') {
++        value[1].len--;
++        value[1].data++;
++
++        if (ngx_http_proxy_rewrite_regex(cf, pr, &value[1], 1) != NGX_OK) {
++            return NGX_CONF_ERROR;
++        }
++
++    } else {
++
++        if (value[1].data[0] == '.') {
++            value[1].len--;
++            value[1].data++;
++        }
++
++        ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
++
++        ccv.cf = cf;
++        ccv.value = &value[1];
++        ccv.complex_value = &pr->pattern.complex;
++
++        if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
++            return NGX_CONF_ERROR;
++        }
++
++        pr->handler = ngx_http_proxy_rewrite_domain_handler;
++
++        if (value[2].data[0] == '.') {
++            value[2].len--;
++            value[2].data++;
++        }
++    }
++
++    ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
++
++    ccv.cf = cf;
++    ccv.value = &value[2];
++    ccv.complex_value = &pr->replacement;
++
++    if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
++        return NGX_CONF_ERROR;
++    }
++
++    return NGX_CONF_OK;
++}
++
++
++static char *
++ngx_http_proxy_cookie_path(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
++{
++    ngx_http_proxy_loc_conf_t *plcf = conf;
++
++    ngx_str_t                         *value;
++    ngx_http_proxy_rewrite_t          *pr;
++    ngx_http_compile_complex_value_t   ccv;
++
++    if (plcf->cookie_paths == NULL) {
++        return NGX_CONF_OK;
++    }
++
++    value = cf->args->elts;
++
++    if (cf->args->nelts == 2) {
++
++        if (ngx_strcmp(value[1].data, "off") == 0) {
++            plcf->cookie_paths = NULL;
++            return NGX_CONF_OK;
++        }
++
++        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++                           "invalid parameter \"%V\"", &value[1]);
++        return NGX_CONF_ERROR;
++    }
++
++    if (plcf->cookie_paths == NGX_CONF_UNSET_PTR) {
++        plcf->cookie_paths = ngx_array_create(cf->pool, 1,
++                                     sizeof(ngx_http_proxy_rewrite_t));
++        if (plcf->cookie_paths == NULL) {
++            return NGX_CONF_ERROR;
++        }
++    }
++
++    pr = ngx_array_push(plcf->cookie_paths);
++    if (pr == NULL) {
++        return NGX_CONF_ERROR;
++    }
++
++    if (value[1].data[0] == '~') {
++        value[1].len--;
++        value[1].data++;
++
++        if (value[1].data[0] == '*') {
++            value[1].len--;
++            value[1].data++;
++
++            if (ngx_http_proxy_rewrite_regex(cf, pr, &value[1], 1) != NGX_OK) {
++                return NGX_CONF_ERROR;
++            }
++
++        } else {
++            if (ngx_http_proxy_rewrite_regex(cf, pr, &value[1], 0) != NGX_OK) {
++                return NGX_CONF_ERROR;
++            }
++        }
++
++    } else {
++
++        ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
++
++        ccv.cf = cf;
++        ccv.value = &value[1];
++        ccv.complex_value = &pr->pattern.complex;
++
++        if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
++            return NGX_CONF_ERROR;
++        }
++
++        pr->handler = ngx_http_proxy_rewrite_complex_handler;
++    }
++
++    ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
++
++    ccv.cf = cf;
++    ccv.value = &value[2];
++    ccv.complex_value = &pr->replacement;
++
++    if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
++        return NGX_CONF_ERROR;
++    }
++
++    return NGX_CONF_OK;
++}
++
++
++static ngx_int_t
++ngx_http_proxy_rewrite_regex(ngx_conf_t *cf, ngx_http_proxy_rewrite_t *pr,
++    ngx_str_t *regex, ngx_uint_t caseless)
++{
++#if (NGX_PCRE)
++    u_char               errstr[NGX_MAX_CONF_ERRSTR];
++    ngx_regex_compile_t  rc;
++
++    ngx_memzero(&rc, sizeof(ngx_regex_compile_t));
++
++    rc.pattern = *regex;
++    rc.err.len = NGX_MAX_CONF_ERRSTR;
++    rc.err.data = errstr;
++
++    if (caseless) {
++        rc.options = NGX_REGEX_CASELESS;
++    }
++
++    pr->pattern.regex = ngx_http_regex_compile(cf, &rc);
++    if (pr->pattern.regex == NULL) {
++        return NGX_ERROR;
++    }
++
++    pr->handler = ngx_http_proxy_rewrite_regex_handler;
++
++    return NGX_OK;
++
++#else
++
++    ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++                       "using regex \"%V\" requires PCRE library", regex);
++    return NGX_ERROR;
++
++#endif
++}
++
++
++static char *
++ngx_http_proxy_store(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
++{
++    ngx_http_proxy_loc_conf_t *plcf = conf;
++
++    ngx_str_t                  *value;
++    ngx_http_script_compile_t   sc;
++
++    if (plcf->upstream.store != NGX_CONF_UNSET
++        || plcf->upstream.store_lengths)
++    {
++        return "is duplicate";
++    }
++
++    value = cf->args->elts;
++
++    if (ngx_strcmp(value[1].data, "off") == 0) {
++        plcf->upstream.store = 0;
++        return NGX_CONF_OK;
++    }
++
++#if (NGX_HTTP_CACHE)
++
++    if (plcf->upstream.cache != NGX_CONF_UNSET_PTR
++        && plcf->upstream.cache != NULL)
++    {
++        return "is incompatible with \"proxy_cache\"";
++    }
++
++#endif
++
++    if (ngx_strcmp(value[1].data, "on") == 0) {
++        plcf->upstream.store = 1;
++        return NGX_CONF_OK;
++    }
++
++    /* include the terminating '\0' into script */
++    value[1].len++;
++
++    ngx_memzero(&sc, sizeof(ngx_http_script_compile_t));
++
++    sc.cf = cf;
++    sc.source = &value[1];
++    sc.lengths = &plcf->upstream.store_lengths;
++    sc.values = &plcf->upstream.store_values;
++    sc.variables = ngx_http_script_variables_count(&value[1]);
++    sc.complete_lengths = 1;
++    sc.complete_values = 1;
++
++    if (ngx_http_script_compile(&sc) != NGX_OK) {
++        return NGX_CONF_ERROR;
++    }
++
++    return NGX_CONF_OK;
++}
++
++
++#if (NGX_HTTP_CACHE)
++
++static char *
++ngx_http_proxy_cache(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
++{
++    ngx_http_proxy_loc_conf_t *plcf = conf;
++
++    ngx_str_t  *value;
++
++    value = cf->args->elts;
++
++    if (plcf->upstream.cache != NGX_CONF_UNSET_PTR) {
++        return "is duplicate";
++    }
++
++    if (ngx_strcmp(value[1].data, "off") == 0) {
++        plcf->upstream.cache = NULL;
++        return NGX_CONF_OK;
++    }
++
++    if (plcf->upstream.store > 0 || plcf->upstream.store_lengths) {
++        return "is incompatible with \"proxy_store\"";
++    }
++
++    plcf->upstream.cache = ngx_shared_memory_add(cf, &value[1], 0,
++                                                 &ngx_http_proxy_module);
++    if (plcf->upstream.cache == NULL) {
++        return NGX_CONF_ERROR;
++    }
++
++    return NGX_CONF_OK;
++}
++
++
++static char *
++ngx_http_proxy_cache_key(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
++{
++    ngx_http_proxy_loc_conf_t *plcf = conf;
++
++    ngx_str_t                         *value;
++    ngx_http_compile_complex_value_t   ccv;
++
++    value = cf->args->elts;
++
++    if (plcf->cache_key.value.len) {
++        return "is duplicate";
++    }
++
++    ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
++
++    ccv.cf = cf;
++    ccv.value = &value[1];
++    ccv.complex_value = &plcf->cache_key;
++
++    if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
++        return NGX_CONF_ERROR;
++    }
++
++    return NGX_CONF_OK;
++}
++
++#endif
++
++
++static char *
++ngx_http_proxy_lowat_check(ngx_conf_t *cf, void *post, void *data)
++{
++#if (NGX_FREEBSD)
++    ssize_t *np = data;
++
++    if ((u_long) *np >= ngx_freebsd_net_inet_tcp_sendspace) {
++        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
++                           "\"proxy_send_lowat\" must be less than %d "
++                           "(sysctl net.inet.tcp.sendspace)",
++                           ngx_freebsd_net_inet_tcp_sendspace);
++
++        return NGX_CONF_ERROR;
++    }
++
++#elif !(NGX_HAVE_SO_SNDLOWAT)
++    ssize_t *np = data;
++
++    ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
++                       "\"proxy_send_lowat\" is not supported, ignored");
++
++    *np = 0;
++
++#endif
++
++    return NGX_CONF_OK;
++}
++
++
++#if (NGX_HTTP_SSL)
++
++static ngx_int_t
++ngx_http_proxy_set_ssl(ngx_conf_t *cf, ngx_http_proxy_loc_conf_t *plcf)
++{
++    ngx_pool_cleanup_t  *cln;
++
++    plcf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t));
++    if (plcf->upstream.ssl == NULL) {
++        return NGX_ERROR;
++    }
++
++    plcf->upstream.ssl->log = cf->log;
++
++    if (ngx_ssl_create(plcf->upstream.ssl,
++                       NGX_SSL_SSLv2|NGX_SSL_SSLv3|NGX_SSL_TLSv1
++                                    |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2,
++                       NULL)
++        != NGX_OK)
++    {
++        return NGX_ERROR;
++    }
++
++    cln = ngx_pool_cleanup_add(cf->pool, 0);
++    if (cln == NULL) {
++        return NGX_ERROR;
++    }
++
++    cln->handler = ngx_ssl_cleanup_ctx;
++    cln->data = plcf->upstream.ssl;
++
++    return NGX_OK;
++}
++
++#endif
++
++
++static void
++ngx_http_proxy_set_vars(ngx_url_t *u, ngx_http_proxy_vars_t *v)
++{
++    if (u->family != AF_UNIX) {
++
++        if (u->no_port || u->port == u->default_port) {
++
++            v->host_header = u->host;
++
++            if (u->default_port == 80) {
++                ngx_str_set(&v->port, "80");
++
++            } else {
++                ngx_str_set(&v->port, "443");
++            }
++
++        } else {
++            v->host_header.len = u->host.len + 1 + u->port_text.len;
++            v->host_header.data = u->host.data;
++            v->port = u->port_text;
++        }
++
++        v->key_start.len += v->host_header.len;
++
++    } else {
++        ngx_str_set(&v->host_header, "localhost");
++        ngx_str_null(&v->port);
++        v->key_start.len += sizeof("unix:") - 1 + u->host.len + 1;
++    }
++
++    v->uri = u->uri;
++}
 === added directory '.pc/cve-2013-4547.patch'
 === added directory '.pc/cve-2013-4547.patch/src'
 === added directory '.pc/cve-2013-4547.patch/src/http'
 === added file '.pc/cve-2013-4547.patch/src/http/ngx_http_parse.c'
 --- .pc/cve-2013-4547.patch/src/http/ngx_http_parse.c	1970-01-01 00:00:00 +0000
 +++ .pc/cve-2013-4547.patch/src/http/ngx_http_parse.c	2014-01-15 15:02:58 +0000
@@ -0,0 +1,1820 @@
++
++/*
++ * Copyright (C) Igor Sysoev
++ * Copyright (C) Nginx, Inc.
++ */
++
++
++#include <ngx_config.h>
++#include <ngx_core.h>
++#include <ngx_http.h>
++
++
++static uint32_t  usual[] = {
++    0xffffdbfe, /* 1111 1111 1111 1111  1101 1011 1111 1110 */
++
++                /* ?>=< ;:98 7654 3210  /.-, +*)( '&%$ #"!  */
++    0x7fff37d6, /* 0111 1111 1111 1111  0011 0111 1101 0110 */
++
++                /* _^]\ [ZYX WVUT SRQP  ONML KJIH GFED CBA@ */
++#if (NGX_WIN32)
++    0xefffffff, /* 1110 1111 1111 1111  1111 1111 1111 1111 */
++#else
++    0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
++#endif
++
++                /*  ~}| {zyx wvut srqp  onml kjih gfed cba` */
++    0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
++
++    0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
++    0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
++    0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
++    0xffffffff  /* 1111 1111 1111 1111  1111 1111 1111 1111 */
++};
++
++
++#if (NGX_HAVE_LITTLE_ENDIAN && NGX_HAVE_NONALIGNED)
++
++#define ngx_str3_cmp(m, c0, c1, c2, c3)                                       \
++    *(uint32_t *) m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0)
++
++#define ngx_str3Ocmp(m, c0, c1, c2, c3)                                       \
++    *(uint32_t *) m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0)
++
++#define ngx_str4cmp(m, c0, c1, c2, c3)                                        \
++    *(uint32_t *) m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0)
++
++#define ngx_str5cmp(m, c0, c1, c2, c3, c4)                                    \
++    *(uint32_t *) m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0)             \
++        && m[4] == c4
++
++#define ngx_str6cmp(m, c0, c1, c2, c3, c4, c5)                                \
++    *(uint32_t *) m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0)             \
++        && (((uint32_t *) m)[1] & 0xffff) == ((c5 << 8) | c4)
++
++#define ngx_str7_cmp(m, c0, c1, c2, c3, c4, c5, c6, c7)                       \
++    *(uint32_t *) m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0)             \
++        && ((uint32_t *) m)[1] == ((c7 << 24) | (c6 << 16) | (c5 << 8) | c4)
++
++#define ngx_str8cmp(m, c0, c1, c2, c3, c4, c5, c6, c7)                        \
++    *(uint32_t *) m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0)             \
++        && ((uint32_t *) m)[1] == ((c7 << 24) | (c6 << 16) | (c5 << 8) | c4)
++
++#define ngx_str9cmp(m, c0, c1, c2, c3, c4, c5, c6, c7, c8)                    \
++    *(uint32_t *) m == ((c3 << 24) | (c2 << 16) | (c1 << 8) | c0)             \
++        && ((uint32_t *) m)[1] == ((c7 << 24) | (c6 << 16) | (c5 << 8) | c4)  \
++        && m[8] == c8
++
++#else /* !(NGX_HAVE_LITTLE_ENDIAN && NGX_HAVE_NONALIGNED) */
++
++#define ngx_str3_cmp(m, c0, c1, c2, c3)                                       \
++    m[0] == c0 && m[1] == c1 && m[2] == c2
++
++#define ngx_str3Ocmp(m, c0, c1, c2, c3)                                       \
++    m[0] == c0 && m[2] == c2 && m[3] == c3
++
++#define ngx_str4cmp(m, c0, c1, c2, c3)                                        \
++    m[0] == c0 && m[1] == c1 && m[2] == c2 && m[3] == c3
++
++#define ngx_str5cmp(m, c0, c1, c2, c3, c4)                                    \
++    m[0] == c0 && m[1] == c1 && m[2] == c2 && m[3] == c3 && m[4] == c4
++
++#define ngx_str6cmp(m, c0, c1, c2, c3, c4, c5)                                \
++    m[0] == c0 && m[1] == c1 && m[2] == c2 && m[3] == c3                      \
++        && m[4] == c4 && m[5] == c5
++
++#define ngx_str7_cmp(m, c0, c1, c2, c3, c4, c5, c6, c7)                       \
++    m[0] == c0 && m[1] == c1 && m[2] == c2 && m[3] == c3                      \
++        && m[4] == c4 && m[5] == c5 && m[6] == c6
++
++#define ngx_str8cmp(m, c0, c1, c2, c3, c4, c5, c6, c7)                        \
++    m[0] == c0 && m[1] == c1 && m[2] == c2 && m[3] == c3                      \
++        && m[4] == c4 && m[5] == c5 && m[6] == c6 && m[7] == c7
++
++#define ngx_str9cmp(m, c0, c1, c2, c3, c4, c5, c6, c7, c8)                    \
++    m[0] == c0 && m[1] == c1 && m[2] == c2 && m[3] == c3                      \
++        && m[4] == c4 && m[5] == c5 && m[6] == c6 && m[7] == c7 && m[8] == c8
++
++#endif
++
++
++/* gcc, icc, msvc and others compile these switches as an jump table */
++
++ngx_int_t
++ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
++{
++    u_char  c, ch, *p, *m;
++    enum {
++        sw_start = 0,
++        sw_method,
++        sw_spaces_before_uri,
++        sw_schema,
++        sw_schema_slash,
++        sw_schema_slash_slash,
++        sw_host_start,
++        sw_host,
++        sw_host_end,
++        sw_host_ip_literal,
++        sw_port,
++        sw_host_http_09,
++        sw_after_slash_in_uri,
++        sw_check_uri,
++        sw_check_uri_http_09,
++        sw_uri,
++        sw_http_09,
++        sw_http_H,
++        sw_http_HT,
++        sw_http_HTT,
++        sw_http_HTTP,
++        sw_first_major_digit,
++        sw_major_digit,
++        sw_first_minor_digit,
++        sw_minor_digit,
++        sw_spaces_after_digit,
++        sw_almost_done
++    } state;
++
++    state = r->state;
++
++    for (p = b->pos; p < b->last; p++) {
++        ch = *p;
++
++        switch (state) {
++
++        /* HTTP methods: GET, HEAD, POST */
++        case sw_start:
++            r->request_start = p;
++
++            if (ch == CR || ch == LF) {
++                break;
++            }
++
++            if ((ch < 'A' || ch > 'Z') && ch != '_') {
++                return NGX_HTTP_PARSE_INVALID_METHOD;
++            }
++
++            state = sw_method;
++            break;
++
++        case sw_method:
++            if (ch == ' ') {
++                r->method_end = p - 1;
++                m = r->request_start;
++
++                switch (p - m) {
++
++                case 3:
++                    if (ngx_str3_cmp(m, 'G', 'E', 'T', ' ')) {
++                        r->method = NGX_HTTP_GET;
++                        break;
++                    }
++
++                    if (ngx_str3_cmp(m, 'P', 'U', 'T', ' ')) {
++                        r->method = NGX_HTTP_PUT;
++                        break;
++                    }
++
++                    break;
++
++                case 4:
++                    if (m[1] == 'O') {
++
++                        if (ngx_str3Ocmp(m, 'P', 'O', 'S', 'T')) {
++                            r->method = NGX_HTTP_POST;
++                            break;
++                        }
++
++                        if (ngx_str3Ocmp(m, 'C', 'O', 'P', 'Y')) {
++                            r->method = NGX_HTTP_COPY;
++                            break;
++                        }
++
++                        if (ngx_str3Ocmp(m, 'M', 'O', 'V', 'E')) {
++                            r->method = NGX_HTTP_MOVE;
++                            break;
++                        }
++
++                        if (ngx_str3Ocmp(m, 'L', 'O', 'C', 'K')) {
++                            r->method = NGX_HTTP_LOCK;
++                            break;
++                        }
++
++                    } else {
++
++                        if (ngx_str4cmp(m, 'H', 'E', 'A', 'D')) {
++                            r->method = NGX_HTTP_HEAD;
++                            break;
++                        }
++                    }
++
++                    break;
++
++                case 5:
++                    if (ngx_str5cmp(m, 'M', 'K', 'C', 'O', 'L')) {
++                        r->method = NGX_HTTP_MKCOL;
++                    }
++
++                    if (ngx_str5cmp(m, 'P', 'A', 'T', 'C', 'H')) {
++                        r->method = NGX_HTTP_PATCH;
++                    }
++
++                    if (ngx_str5cmp(m, 'T', 'R', 'A', 'C', 'E')) {
++                        r->method = NGX_HTTP_TRACE;
++                    }
++
++                    break;
++
++                case 6:
++                    if (ngx_str6cmp(m, 'D', 'E', 'L', 'E', 'T', 'E')) {
++                        r->method = NGX_HTTP_DELETE;
++                        break;
++                    }
++
++                    if (ngx_str6cmp(m, 'U', 'N', 'L', 'O', 'C', 'K')) {
++                        r->method = NGX_HTTP_UNLOCK;
++                        break;
++                    }
++
++                    break;
++
++                case 7:
++                    if (ngx_str7_cmp(m, 'O', 'P', 'T', 'I', 'O', 'N', 'S', ' '))
++                    {
++                        r->method = NGX_HTTP_OPTIONS;
++                    }
++
++                    break;
++
++                case 8:
++                    if (ngx_str8cmp(m, 'P', 'R', 'O', 'P', 'F', 'I', 'N', 'D'))
++                    {
++                        r->method = NGX_HTTP_PROPFIND;
++                    }
++
++                    break;
++
++                case 9:
++                    if (ngx_str9cmp(m,
++                            'P', 'R', 'O', 'P', 'P', 'A', 'T', 'C', 'H'))
++                    {
++                        r->method = NGX_HTTP_PROPPATCH;
++                    }
++
++                    break;
++                }
++
++                state = sw_spaces_before_uri;
++                break;
++            }
++
++            if ((ch < 'A' || ch > 'Z') && ch != '_') {
++                return NGX_HTTP_PARSE_INVALID_METHOD;
++            }
++
++            break;
++
++        /* space* before URI */
++        case sw_spaces_before_uri:
++
++            if (ch == '/') {
++                r->uri_start = p;
++                state = sw_after_slash_in_uri;
++                break;
++            }
++
++            c = (u_char) (ch | 0x20);
++            if (c >= 'a' && c <= 'z') {
++                r->schema_start = p;
++                state = sw_schema;
++                break;
++            }
++
++            switch (ch) {
++            case ' ':
++                break;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        case sw_schema:
++
++            c = (u_char) (ch | 0x20);
++            if (c >= 'a' && c <= 'z') {
++                break;
++            }
++
++            switch (ch) {
++            case ':':
++                r->schema_end = p;
++                state = sw_schema_slash;
++                break;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        case sw_schema_slash:
++            switch (ch) {
++            case '/':
++                state = sw_schema_slash_slash;
++                break;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        case sw_schema_slash_slash:
++            switch (ch) {
++            case '/':
++                state = sw_host_start;
++                break;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        case sw_host_start:
++
++            r->host_start = p;
++
++            if (ch == '[') {
++                state = sw_host_ip_literal;
++                break;
++            }
++
++            state = sw_host;
++
++            /* fall through */
++
++        case sw_host:
++
++            c = (u_char) (ch | 0x20);
++            if (c >= 'a' && c <= 'z') {
++                break;
++            }
++
++            if ((ch >= '0' && ch <= '9') || ch == '.' || ch == '-') {
++                break;
++            }
++
++            /* fall through */
++
++        case sw_host_end:
++
++            r->host_end = p;
++
++            switch (ch) {
++            case ':':
++                state = sw_port;
++                break;
++            case '/':
++                r->uri_start = p;
++                state = sw_after_slash_in_uri;
++                break;
++            case ' ':
++                /*
++                 * use single "/" from request line to preserve pointers,
++                 * if request line will be copied to large client buffer
++                 */
++                r->uri_start = r->schema_end + 1;
++                r->uri_end = r->schema_end + 2;
++                state = sw_host_http_09;
++                break;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        case sw_host_ip_literal:
++
++            if (ch >= '0' && ch <= '9') {
++                break;
++            }
++
++            c = (u_char) (ch | 0x20);
++            if (c >= 'a' && c <= 'z') {
++                break;
++            }
++
++            switch (ch) {
++            case ':':
++                break;
++            case ']':
++                state = sw_host_end;
++                break;
++            case '-':
++            case '.':
++            case '_':
++            case '~':
++                /* unreserved */
++                break;
++            case '!':
++            case '$':
++            case '&':
++            case '\'':
++            case '(':
++            case ')':
++            case '*':
++            case '+':
++            case ',':
++            case ';':
++            case '=':
++                /* sub-delims */
++                break;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        case sw_port:
++            if (ch >= '0' && ch <= '9') {
++                break;
++            }
++
++            switch (ch) {
++            case '/':
++                r->port_end = p;
++                r->uri_start = p;
++                state = sw_after_slash_in_uri;
++                break;
++            case ' ':
++                r->port_end = p;
++                /*
++                 * use single "/" from request line to preserve pointers,
++                 * if request line will be copied to large client buffer
++                 */
++                r->uri_start = r->schema_end + 1;
++                r->uri_end = r->schema_end + 2;
++                state = sw_host_http_09;
++                break;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        /* space+ after "http://host[:port] " */
++        case sw_host_http_09:
++            switch (ch) {
++            case ' ':
++                break;
++            case CR:
++                r->http_minor = 9;
++                state = sw_almost_done;
++                break;
++            case LF:
++                r->http_minor = 9;
++                goto done;
++            case 'H':
++                r->http_protocol.data = p;
++                state = sw_http_H;
++                break;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++
++        /* check "/.", "//", "%", and "\" (Win32) in URI */
++        case sw_after_slash_in_uri:
++
++            if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
++                state = sw_check_uri;
++                break;
++            }
++
++            switch (ch) {
++            case ' ':
++                r->uri_end = p;
++                state = sw_check_uri_http_09;
++                break;
++            case CR:
++                r->uri_end = p;
++                r->http_minor = 9;
++                state = sw_almost_done;
++                break;
++            case LF:
++                r->uri_end = p;
++                r->http_minor = 9;
++                goto done;
++            case '.':
++                r->complex_uri = 1;
++                state = sw_uri;
++                break;
++            case '%':
++                r->quoted_uri = 1;
++                state = sw_uri;
++                break;
++            case '/':
++                r->complex_uri = 1;
++                state = sw_uri;
++                break;
++#if (NGX_WIN32)
++            case '\\':
++                r->complex_uri = 1;
++                state = sw_uri;
++                break;
++#endif
++            case '?':
++                r->args_start = p + 1;
++                state = sw_uri;
++                break;
++            case '#':
++                r->complex_uri = 1;
++                state = sw_uri;
++                break;
++            case '+':
++                r->plus_in_uri = 1;
++                break;
++            case '\0':
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            default:
++                state = sw_check_uri;
++                break;
++            }
++            break;
++
++        /* check "/", "%" and "\" (Win32) in URI */
++        case sw_check_uri:
++
++            if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
++                break;
++            }
++
++            switch (ch) {
++            case '/':
++#if (NGX_WIN32)
++                if (r->uri_ext == p) {
++                    r->complex_uri = 1;
++                    state = sw_uri;
++                    break;
++                }
++#endif
++                r->uri_ext = NULL;
++                state = sw_after_slash_in_uri;
++                break;
++            case '.':
++                r->uri_ext = p + 1;
++                break;
++            case ' ':
++                r->uri_end = p;
++                state = sw_check_uri_http_09;
++                break;
++            case CR:
++                r->uri_end = p;
++                r->http_minor = 9;
++                state = sw_almost_done;
++                break;
++            case LF:
++                r->uri_end = p;
++                r->http_minor = 9;
++                goto done;
++#if (NGX_WIN32)
++            case '\\':
++                r->complex_uri = 1;
++                state = sw_after_slash_in_uri;
++                break;
++#endif
++            case '%':
++                r->quoted_uri = 1;
++                state = sw_uri;
++                break;
++            case '?':
++                r->args_start = p + 1;
++                state = sw_uri;
++                break;
++            case '#':
++                r->complex_uri = 1;
++                state = sw_uri;
++                break;
++            case '+':
++                r->plus_in_uri = 1;
++                break;
++            case '\0':
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        /* space+ after URI */
++        case sw_check_uri_http_09:
++            switch (ch) {
++            case ' ':
++                break;
++            case CR:
++                r->http_minor = 9;
++                state = sw_almost_done;
++                break;
++            case LF:
++                r->http_minor = 9;
++                goto done;
++            case 'H':
++                r->http_protocol.data = p;
++                state = sw_http_H;
++                break;
++            default:
++                r->space_in_uri = 1;
++                state = sw_check_uri;
++                break;
++            }
++            break;
++
++
++        /* URI */
++        case sw_uri:
++
++            if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
++                break;
++            }
++
++            switch (ch) {
++            case ' ':
++                r->uri_end = p;
++                state = sw_http_09;
++                break;
++            case CR:
++                r->uri_end = p;
++                r->http_minor = 9;
++                state = sw_almost_done;
++                break;
++            case LF:
++                r->uri_end = p;
++                r->http_minor = 9;
++                goto done;
++            case '#':
++                r->complex_uri = 1;
++                break;
++            case '\0':
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        /* space+ after URI */
++        case sw_http_09:
++            switch (ch) {
++            case ' ':
++                break;
++            case CR:
++                r->http_minor = 9;
++                state = sw_almost_done;
++                break;
++            case LF:
++                r->http_minor = 9;
++                goto done;
++            case 'H':
++                r->http_protocol.data = p;
++                state = sw_http_H;
++                break;
++            default:
++                r->space_in_uri = 1;
++                state = sw_uri;
++                break;
++            }
++            break;
++
++        case sw_http_H:
++            switch (ch) {
++            case 'T':
++                state = sw_http_HT;
++                break;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        case sw_http_HT:
++            switch (ch) {
++            case 'T':
++                state = sw_http_HTT;
++                break;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        case sw_http_HTT:
++            switch (ch) {
++            case 'P':
++                state = sw_http_HTTP;
++                break;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        case sw_http_HTTP:
++            switch (ch) {
++            case '/':
++                state = sw_first_major_digit;
++                break;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        /* first digit of major HTTP version */
++        case sw_first_major_digit:
++            if (ch < '1' || ch > '9') {
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++
++            r->http_major = ch - '0';
++            state = sw_major_digit;
++            break;
++
++        /* major HTTP version or dot */
++        case sw_major_digit:
++            if (ch == '.') {
++                state = sw_first_minor_digit;
++                break;
++            }
++
++            if (ch < '0' || ch > '9') {
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++
++            r->http_major = r->http_major * 10 + ch - '0';
++            break;
++
++        /* first digit of minor HTTP version */
++        case sw_first_minor_digit:
++            if (ch < '0' || ch > '9') {
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++
++            r->http_minor = ch - '0';
++            state = sw_minor_digit;
++            break;
++
++        /* minor HTTP version or end of request line */
++        case sw_minor_digit:
++            if (ch == CR) {
++                state = sw_almost_done;
++                break;
++            }
++
++            if (ch == LF) {
++                goto done;
++            }
++
++            if (ch == ' ') {
++                state = sw_spaces_after_digit;
++                break;
++            }
++
++            if (ch < '0' || ch > '9') {
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++
++            r->http_minor = r->http_minor * 10 + ch - '0';
++            break;
++
++        case sw_spaces_after_digit:
++            switch (ch) {
++            case ' ':
++                break;
++            case CR:
++                state = sw_almost_done;
++                break;
++            case LF:
++                goto done;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++            break;
++
++        /* end of request line */
++        case sw_almost_done:
++            r->request_end = p - 1;
++            switch (ch) {
++            case LF:
++                goto done;
++            default:
++                return NGX_HTTP_PARSE_INVALID_REQUEST;
++            }
++        }
++    }
++
++    b->pos = p;
++    r->state = state;
++
++    return NGX_AGAIN;
++
++done:
++
++    b->pos = p + 1;
++
++    if (r->request_end == NULL) {
++        r->request_end = p;
++    }
++
++    r->http_version = r->http_major * 1000 + r->http_minor;
++    r->state = sw_start;
++
++    if (r->http_version == 9 && r->method != NGX_HTTP_GET) {
++        return NGX_HTTP_PARSE_INVALID_09_METHOD;
++    }
++
++    return NGX_OK;
++}
++
++
++ngx_int_t
++ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
++    ngx_uint_t allow_underscores)
++{
++    u_char      c, ch, *p;
++    ngx_uint_t  hash, i;
++    enum {
++        sw_start = 0,
++        sw_name,
++        sw_space_before_value,
++        sw_value,
++        sw_space_after_value,
++        sw_ignore_line,
++        sw_almost_done,
++        sw_header_almost_done
++    } state;
++
++    /* the last '\0' is not needed because string is zero terminated */
++
++    static u_char  lowcase[] =
++        "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
++        "\0\0\0\0\0\0\0\0\0\0\0\0\0-\0\0" "0123456789\0\0\0\0\0\0"
++        "\0abcdefghijklmnopqrstuvwxyz\0\0\0\0\0"
++        "\0abcdefghijklmnopqrstuvwxyz\0\0\0\0\0"
++        "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
++        "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
++        "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
++        "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0";
++
++    state = r->state;
++    hash = r->header_hash;
++    i = r->lowcase_index;
++
++    for (p = b->pos; p < b->last; p++) {
++        ch = *p;
++
++        switch (state) {
++
++        /* first char */
++        case sw_start:
++            r->header_name_start = p;
++            r->invalid_header = 0;
++
++            switch (ch) {
++            case CR:
++                r->header_end = p;
++                state = sw_header_almost_done;
++                break;
++            case LF:
++                r->header_end = p;
++                goto header_done;
++            default:
++                state = sw_name;
++
++                c = lowcase[ch];
++
++                if (c) {
++                    hash = ngx_hash(0, c);
++                    r->lowcase_header[0] = c;
++                    i = 1;
++                    break;
++                }
++
++                if (ch == '\0') {
++                    return NGX_HTTP_PARSE_INVALID_HEADER;
++                }
++
++                r->invalid_header = 1;
++
++                break;
++
++            }
++            break;
++
++        /* header name */
++        case sw_name:
++            c = lowcase[ch];
++
++            if (c) {
++                hash = ngx_hash(hash, c);
++                r->lowcase_header[i++] = c;
++                i &= (NGX_HTTP_LC_HEADER_LEN - 1);
++                break;
++            }
++
++            if (ch == '_') {
++                if (allow_underscores) {
++                    hash = ngx_hash(hash, ch);
++                    r->lowcase_header[i++] = ch;
++                    i &= (NGX_HTTP_LC_HEADER_LEN - 1);
++
++                } else {
++                    r->invalid_header = 1;
++                }
++
++                break;
++            }
++
++            if (ch == ':') {
++                r->header_name_end = p;
++                state = sw_space_before_value;
++                break;
++            }
++
++            if (ch == CR) {
++                r->header_name_end = p;
++                r->header_start = p;
++                r->header_end = p;
++                state = sw_almost_done;
++                break;
++            }
++
++            if (ch == LF) {
++                r->header_name_end = p;
++                r->header_start = p;
++                r->header_end = p;
++                goto done;

Ubuntunginx package