Fijxu
/
nginx-quic
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge of r4948, r4949, r4964, r4973, r5011: variables. 

*) Allow the complex value to be defined as an empty string.
   This makes conversion from strings to complex values possible
   without the loss of functionality.

*) The "auth_basic" directive gained support of variables.

*) Fixed variable syntax checking in "set", "geo", "limit_conn_zone",
   and "perl_set" directives.

*) Added checks that disallow adding a variable with an empty name.
   Added variable name syntax checks to "geo" and "map" directives.

*) Variables $pipe, $request_length, $time_iso8601, and $time_local.
   Log module counterparts are preserved for efficiency.
   Based on patch by Kiril Kalchev.
This commit is contained in:
Maxim Dounin 2013-02-10 03:08:42 +00:00
parent 756bbd758d
commit 13351e7337
12 changed files with 185 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
src/http/modules/ngx_http_auth_basic_module.c
View File

@ -20,8 +20,8 @@ typedef struct {
typedef struct {
ngx_str_t realm;
ngx_http_complex_value_t user_file;
ngx_http_complex_value_t *realm;
ngx_http_complex_value_t user_file;
} ngx_http_auth_basic_loc_conf_t;
@ -35,22 +35,19 @@ static void *ngx_http_auth_basic_create_loc_conf(ngx_conf_t *cf);
static char *ngx_http_auth_basic_merge_loc_conf(ngx_conf_t *cf,
void *parent, void *child);
static ngx_int_t ngx_http_auth_basic_init(ngx_conf_t *cf);
static char *ngx_http_auth_basic(ngx_conf_t *cf, void *post, void *data);
static char *ngx_http_auth_basic_user_file(ngx_conf_t *cf, ngx_command_t *cmd,
void *conf);
static ngx_conf_post_handler_pt ngx_http_auth_basic_p = ngx_http_auth_basic;
static ngx_command_t ngx_http_auth_basic_commands[] = {
{ ngx_string("auth_basic"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LMT_CONF
|NGX_CONF_TAKE1,
ngx_conf_set_str_slot,
ngx_http_set_complex_value_slot,
NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_auth_basic_loc_conf_t, realm),
&ngx_http_auth_basic_p },
NULL },
{ ngx_string("auth_basic_user_file"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LMT_CONF
@ -103,7 +100,7 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r)
ngx_fd_t fd;
ngx_int_t rc;
ngx_err_t err;
ngx_str_t pwd, user_file;
ngx_str_t pwd, realm, user_file;
ngx_uint_t i, level, login, left, passwd;
ngx_file_t file;
ngx_http_auth_basic_ctx_t *ctx;
@ -117,7 +114,15 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r)
alcf = ngx_http_get_module_loc_conf(r, ngx_http_auth_basic_module);
if (alcf->realm.len == 0 || alcf->user_file.value.len == 0) {
if (alcf->realm == NULL || alcf->user_file.value.data == NULL) {
return NGX_DECLINED;
}
if (ngx_http_complex_value(r, alcf->realm, &realm) != NGX_OK) {
return NGX_ERROR;
}
if (realm.len == 3 && ngx_strncmp(realm.data, "off", 3) == 0) {
return NGX_DECLINED;
}
@ -125,7 +130,7 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r)
if (ctx) {
return ngx_http_auth_basic_crypt_handler(r, ctx, &ctx->passwd,
&alcf->realm);
&realm);
}
rc = ngx_http_auth_basic_user(r);
@ -135,7 +140,7 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r)
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"no user/password was provided for basic authentication");
return ngx_http_auth_basic_set_realm(r, &alcf->realm);
return ngx_http_auth_basic_set_realm(r, &realm);
}
if (rc == NGX_ERROR) {
@ -233,7 +238,7 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r)
pwd.data = &buf[passwd];
return ngx_http_auth_basic_crypt_handler(r, NULL, &pwd,
&alcf->realm);
&realm);
}
break;
@ -271,14 +276,14 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r)
ngx_cpystrn(pwd.data, &buf[passwd], pwd.len + 1);
return ngx_http_auth_basic_crypt_handler(r, NULL, &pwd, &alcf->realm);
return ngx_http_auth_basic_crypt_handler(r, NULL, &pwd, &realm);
}
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"user \"%V\" was not found in \"%V\"",
&r->headers_in.user, &user_file);
return ngx_http_auth_basic_set_realm(r, &alcf->realm);
return ngx_http_auth_basic_set_realm(r, &realm);
}
@ -344,14 +349,29 @@ ngx_http_auth_basic_crypt_handler(ngx_http_request_t *r,
static ngx_int_t
ngx_http_auth_basic_set_realm(ngx_http_request_t *r, ngx_str_t *realm)
{
size_t len;
u_char *basic, *p;
r->headers_out.www_authenticate = ngx_list_push(&r->headers_out.headers);
if (r->headers_out.www_authenticate == NULL) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
len = sizeof("Basic realm=\"\"") - 1 + realm->len;
basic = ngx_pnalloc(r->pool, len);
if (basic == NULL) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
p = ngx_cpymem(basic, "Basic realm=\"", sizeof("Basic realm=\"") - 1);
p = ngx_cpymem(p, realm->data, realm->len);
*p = '"';
r->headers_out.www_authenticate->hash = 1;
ngx_str_set(&r->headers_out.www_authenticate->key, "WWW-Authenticate");
r->headers_out.www_authenticate->value = *realm;
r->headers_out.www_authenticate->value.data = basic;
r->headers_out.www_authenticate->value.len = len;
return NGX_HTTP_UNAUTHORIZED;
}
@ -386,11 +406,11 @@ ngx_http_auth_basic_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
ngx_http_auth_basic_loc_conf_t *prev = parent;
ngx_http_auth_basic_loc_conf_t *conf = child;
if (conf->realm.data == NULL) {
if (conf->realm == NULL) {
conf->realm = prev->realm;
}
if (conf->user_file.value.len == 0) {
if (conf->user_file.value.data == NULL) {
conf->user_file = prev->user_file;
}
@ -417,37 +437,6 @@ ngx_http_auth_basic_init(ngx_conf_t *cf)
}
static char *
ngx_http_auth_basic(ngx_conf_t *cf, void *post, void *data)
{
ngx_str_t *realm = data;
size_t len;
u_char *basic, *p;
if (ngx_strcmp(realm->data, "off") == 0) {
ngx_str_set(realm, "");
return NGX_CONF_OK;
}
len = sizeof("Basic realm=\"") - 1 + realm->len + 1;
basic = ngx_pnalloc(cf->pool, len);
if (basic == NULL) {
return NGX_CONF_ERROR;
}
p = ngx_cpymem(basic, "Basic realm=\"", sizeof("Basic realm=\"") - 1);
p = ngx_cpymem(p, realm->data, realm->len);
*p = '"';
realm->len = len;
realm->data = basic;
return NGX_CONF_OK;
}
static char *
ngx_http_auth_basic_user_file(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
@ -456,7 +445,7 @@ ngx_http_auth_basic_user_file(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
ngx_str_t *value;
ngx_http_compile_complex_value_t ccv;
if (alcf->user_file.value.len) {
if (alcf->user_file.value.data) {
return "is duplicate";
}

2
src/http/modules/ngx_http_fastcgi_module.c
View File

@ -3014,7 +3014,7 @@ ngx_http_fastcgi_cache_key(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
value = cf->args->elts;
if (flcf->cache_key.value.len) {
if (flcf->cache_key.value.data) {
return "is duplicate";
}

14
src/http/modules/ngx_http_geo_module.c
View File

@ -322,6 +322,13 @@ ngx_http_geo_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
name = value[1];
if (name.data[0] != '$') {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"invalid variable name \"%V\"", &name);
return NGX_CONF_ERROR;
}
name.len--;
name.data++;
@ -333,6 +340,13 @@ ngx_http_geo_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
name = value[2];
if (name.data[0] != '$') {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"invalid variable name \"%V\"", &name);
return NGX_CONF_ERROR;
}
name.len--;
name.data++;

7
src/http/modules/ngx_http_map_module.c
View File

@ -209,6 +209,13 @@ ngx_http_map_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
name = value[2];
if (name.data[0] != '$') {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"invalid variable name \"%V\"", &name);
return NGX_CONF_ERROR;
}
name.len--;
name.data++;

4
src/http/modules/ngx_http_proxy_module.c
View File

@ -836,7 +836,7 @@ ngx_http_proxy_create_key(ngx_http_request_t *r)
return NGX_ERROR;
}
if (plcf->cache_key.value.len) {
if (plcf->cache_key.value.data) {
if (ngx_http_complex_value(r, &plcf->cache_key, key) != NGX_OK) {
return NGX_ERROR;
@ -3918,7 +3918,7 @@ ngx_http_proxy_cache_key(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
value = cf->args->elts;
if (plcf->cache_key.value.len) {
if (plcf->cache_key.value.data) {
return "is duplicate";
}

2
src/http/modules/ngx_http_scgi_module.c
View File

@ -1765,7 +1765,7 @@ ngx_http_scgi_cache_key(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
value = cf->args->elts;
if (scf->cache_key.value.len) {
if (scf->cache_key.value.data) {
return "is duplicate";
}

2
src/http/modules/ngx_http_split_clients_module.c
View File

@ -139,7 +139,7 @@ ngx_conf_split_clients_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
name = value[2];
if (name.len < 2 || name.data[0] != '$') {
if (name.data[0] != '$') {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"invalid variable name \"%V\"", &name);
return NGX_CONF_ERROR;

4
src/http/modules/ngx_http_sub_filter_module.c
View File

@ -627,7 +627,7 @@ ngx_http_sub_filter(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
ngx_str_t *value;
ngx_http_compile_complex_value_t ccv;
if (slcf->match.len) {
if (slcf->match.data) {
return "is duplicate";
}
@ -687,7 +687,7 @@ ngx_http_sub_merge_conf(ngx_conf_t *cf, void *parent, void *child)
ngx_conf_merge_value(conf->once, prev->once, 1);
ngx_conf_merge_str_value(conf->match, prev->match, "");
if (conf->value.value.len == 0) {
if (conf->value.value.data == NULL) {
conf->value = prev->value;
}

2
src/http/modules/ngx_http_uwsgi_module.c
View File

@ -1807,7 +1807,7 @@ ngx_http_uwsgi_cache_key(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
value = cf->args->elts;
if (uwcf->cache_key.value.len) {
if (uwcf->cache_key.value.data) {
return "is duplicate";
}

2
src/http/ngx_http_core_module.c
View File

@ -4544,7 +4544,7 @@ ngx_http_core_error_page(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
ngx_str_null(&args);
if (cv.lengths == NULL && uri.data[0] == '/') {
if (cv.lengths == NULL && uri.len && uri.data[0] == '/') {
p = (u_char *) ngx_strchr(uri.data, '?');
if (p) {

10
src/http/ngx_http_script.c
View File

@ -114,11 +114,6 @@ ngx_http_compile_complex_value(ngx_http_compile_complex_value_t *ccv)
v = ccv->value;
if (v->len == 0) {
ngx_conf_log_error(NGX_LOG_EMERG, ccv->cf, 0, "empty parameter");
return NGX_ERROR;
}
nv = 0;
nc = 0;
@ -133,8 +128,9 @@ ngx_http_compile_complex_value(ngx_http_compile_complex_value_t *ccv)
}
}
if (v->data[0] != '$' && (ccv->conf_prefix || ccv->root_prefix)) {
if ((v->len == 0 || v->data[0] != '$')
&& (ccv->conf_prefix || ccv->root_prefix))
{
if (ngx_conf_full_name(ccv->cf->cycle, v, ccv->conf_prefix) != NGX_OK) {
return NGX_ERROR;
}

114
src/http/ngx_http_variables.c
View File

@ -73,12 +73,16 @@ static ngx_int_t ngx_http_variable_bytes_sent(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_variable_body_bytes_sent(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_variable_pipe(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_variable_request_completion(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_variable_request_body(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_variable_request_body_file(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_variable_request_length(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_variable_request_time(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_variable_status(ngx_http_request_t *r,
@ -112,6 +116,10 @@ static ngx_int_t ngx_http_variable_pid(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_variable_msec(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_variable_time_iso8601(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_variable_time_local(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
/*
* TODO:
@ -229,6 +237,9 @@ static ngx_http_variable_t ngx_http_core_variables[] = {
{ ngx_string("body_bytes_sent"), NULL, ngx_http_variable_body_bytes_sent,
0, 0, 0 },
{ ngx_string("pipe"), NULL, ngx_http_variable_pipe,
0, 0, 0 },
{ ngx_string("request_completion"), NULL,
ngx_http_variable_request_completion,
0, 0, 0 },
@ -241,6 +252,9 @@ static ngx_http_variable_t ngx_http_core_variables[] = {
ngx_http_variable_request_body_file,
0, 0, 0 },
{ ngx_string("request_length"), NULL, ngx_http_variable_request_length,
0, NGX_HTTP_VAR_NOCACHEABLE, 0 },
{ ngx_string("request_time"), NULL, ngx_http_variable_request_time,
0, NGX_HTTP_VAR_NOCACHEABLE, 0 },
@ -295,6 +309,12 @@ static ngx_http_variable_t ngx_http_core_variables[] = {
{ ngx_string("msec"), NULL, ngx_http_variable_msec,
0, NGX_HTTP_VAR_NOCACHEABLE, 0 },
{ ngx_string("time_iso8601"), NULL, ngx_http_variable_time_iso8601,
0, NGX_HTTP_VAR_NOCACHEABLE, 0 },
{ ngx_string("time_local"), NULL, ngx_http_variable_time_local,
0, NGX_HTTP_VAR_NOCACHEABLE, 0 },
#if (NGX_HAVE_TCP_INFO)
{ ngx_string("tcpinfo_rtt"), NULL, ngx_http_variable_tcpinfo,
0, NGX_HTTP_VAR_NOCACHEABLE, 0 },
@ -328,6 +348,12 @@ ngx_http_add_variable(ngx_conf_t *cf, ngx_str_t *name, ngx_uint_t flags)
ngx_http_variable_t *v;
ngx_http_core_main_conf_t *cmcf;
if (name->len == 0) {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"invalid variable name \"$\"");
return NULL;
}
cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);
key = cmcf->variables_keys->keys.elts;
@ -391,6 +417,12 @@ ngx_http_get_variable_index(ngx_conf_t *cf, ngx_str_t *name)
ngx_http_variable_t *v;
ngx_http_core_main_conf_t *cmcf;
if (name->len == 0) {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"invalid variable name \"$\"");
return NGX_ERROR;
}
cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);
v = cmcf->variables.elts;
@ -1508,6 +1540,20 @@ ngx_http_variable_body_bytes_sent(ngx_http_request_t *r,
}
static ngx_int_t
ngx_http_variable_pipe(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data)
{
v->data = (u_char *) (r->pipeline ? "p" : ".");
v->len = 1;
v->valid = 1;
v->no_cacheable = 0;
v->not_found = 0;
return NGX_OK;
}
static ngx_int_t
ngx_http_variable_status(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data)
@ -1842,6 +1888,27 @@ ngx_http_variable_request_body_file(ngx_http_request_t *r,
}
static ngx_int_t
ngx_http_variable_request_length(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data)
{
u_char *p;
p = ngx_pnalloc(r->pool, NGX_OFF_T_LEN);
if (p == NULL) {
return NGX_ERROR;
}
v->len = ngx_sprintf(p, "%O", r->request_length) - p;
v->valid = 1;
v->no_cacheable = 0;
v->not_found = 0;
v->data = p;
return NGX_OK;
}
static ngx_int_t
ngx_http_variable_request_time(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data)
@ -1986,6 +2053,53 @@ ngx_http_variable_msec(ngx_http_request_t *r,
}
static ngx_int_t
ngx_http_variable_time_iso8601(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data)
{
u_char *p;
p = ngx_pnalloc(r->pool, ngx_cached_http_log_iso8601.len);
if (p == NULL) {
return NGX_ERROR;
}
ngx_memcpy(p, ngx_cached_http_log_iso8601.data,
ngx_cached_http_log_iso8601.len);
v->len = ngx_cached_http_log_iso8601.len;
v->valid = 1;
v->no_cacheable = 0;
v->not_found = 0;
v->data = p;
return NGX_OK;
}
static ngx_int_t
ngx_http_variable_time_local(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data)
{
u_char *p;
p = ngx_pnalloc(r->pool, ngx_cached_http_log_time.len);
if (p == NULL) {
return NGX_ERROR;
}
ngx_memcpy(p, ngx_cached_http_log_time.data, ngx_cached_http_log_time.len);
v->len = ngx_cached_http_log_time.len;
v->valid = 1;
v->no_cacheable = 0;
v->not_found = 0;
v->data = p;
return NGX_OK;
}
void *
ngx_http_map_find(ngx_http_request_t *r, ngx_http_map_t *map, ngx_str_t *match)
{