nginx-vendor-current: src/http/modules/ngx_http_userid_filter

comparison src/http/modules/ngx_http_userid_filter_module.c @ 58:b55cbf18157e NGINX_0_1_29

nginx 0.1.29 *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; bug appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.

author	Igor Sysoev <http://sysoev.ru>
date	Thu, 12 May 2005 00:00:00 +0400
parents	0d75d65c642f
children	e916a291e9aa

comparison

equal deleted inserted replaced

-:5df375c55338
+:b55cbf18157e
 /* 31 Dec 2037 23:55:55 GMT */
 #define NGX_HTTP_USERID_MAX_EXPIRES  2145916555
 typedef struct {
-ngx_flag_t  enable;
+ngx_uint_t  enable;
 ngx_int_t   service;
 ngx_str_t   name;
 ngx_str_t   domain;
 { ngx_null_string, 0 }
 };
 static ngx_conf_post_handler_pt  ngx_http_userid_domain_p =
 ngx_http_userid_domain;
 static ngx_conf_post_handler_pt  ngx_http_userid_path_p = ngx_http_userid_path;
 static ngx_conf_post_handler_pt  ngx_http_userid_p3p_p = ngx_http_userid_p3p;
 ngx_null_command
 };
 ngx_http_module_t  ngx_http_userid_filter_module_ctx = {
-ngx_http_userid_add_log_formats,       /* pre conf */
+ngx_http_userid_add_log_formats,       /* preconfiguration */
+NULL,                                  /* postconfiguration */
 NULL,                                  /* create main configuration */
 NULL,                                  /* init main configuration */
 NULL,                                  /* create server configuration */
 ngx_http_userid_merge_conf             /* merge location configration */
 };
 ngx_module_t  ngx_http_userid_filter_module = {
-NGX_MODULE,
+NGX_MODULE_V1,
 &ngx_http_userid_filter_module_ctx,    /* module context */
 ngx_http_userid_commands,              /* module directives */
 NGX_HTTP_MODULE,                       /* module type */
 ngx_http_userid_init,                  /* init module */
 NULL                                   /* init process */
 {
 ngx_int_t                rc;
 ngx_http_userid_ctx_t   *ctx;
 ngx_http_userid_conf_t  *conf;
+if (r->main) {
+return ngx_http_next_header_filter(r);
+}
 conf = ngx_http_get_module_loc_conf(r, ngx_http_userid_filter_module);
 if (conf->enable == NGX_HTTP_USERID_OFF) {
 return ngx_http_next_header_filter(r);
 }
 static ngx_int_t
 ngx_http_userid_get_uid(ngx_http_request_t *r, ngx_http_userid_ctx_t *ctx,
 ngx_http_userid_conf_t *conf)
 {
-u_char            *start, *last, *end;
+ngx_int_t          n;
-ngx_uint_t         i;
 ngx_str_t          src, dst;
 ngx_table_elt_t  **cookies;
-cookies = r->headers_in.cookies.elts;
+n = ngx_http_parse_multi_header_lines(&r->headers_in.cookies, &conf->name,
+&src);
-for (i = 0; i < r->headers_in.cookies.nelts; i++) {
+if (n == NGX_DECLINED) {
-ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+return NGX_OK;
-"cookie: \"%V\"", &cookies[i]->value);
+}
-if (conf->name.len >= cookies[i]->value.len) {
+if (src.len < 22) {
-continue;
+cookies = r->headers_in.cookies.elts;
-}
+ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+"client sent too short userid cookie \"%V\"",
-start = cookies[i]->value.data;
+&cookies[n]->value);
-end = cookies[i]->value.data + cookies[i]->value.len;
+return NGX_OK;
+}
-while (start < end) {
+/*
-if (ngx_strncmp(start, conf->name.data, conf->name.len) != 0) {
+* we have to limit encoded string to 22 characters
+* because there are already the millions cookies with a garbage
-while (start < end && *start++ != ';') { /* void */ }
+* instead of the correct base64 trail "=="
-while (start < end && *start == ' ') { start++; }
+*/
-continue;
+src.len = 22;
-}
+dst.data = (u_char *) ctx->uid_got;
-start += conf->name.len;
+if (ngx_decode_base64(&dst, &src) == NGX_ERROR) {
-while (start < end && *start == ' ') { start++; }
+cookies = r->headers_in.cookies.elts;
+ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
-if (start == end || *start++ != '=') {
+"client sent invalid userid cookie \"%V\"",
-/* the invalid "Cookie" header */
+&cookies[n]->value);
-break;
+return NGX_OK;
 }
-while (start < end && *start == ' ') { start++; }
+ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+"uid: %08XD%08XD%08XD%08XD",
-last = start;
+ctx->uid_got[0], ctx->uid_got[1],
+ctx->uid_got[2], ctx->uid_got[3]);
-while (last < end && *last++ != ';') { /* void */ }
-if (last - start < 22) {
-ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
-"client sent too short userid cookie \"%V\"",
-&cookies[i]->value);
-break;
-}
-/*
-* we have to limit encoded string to 22 characters
-* because there are already the millions cookies with a garbage
-* instead of the correct base64 trail "=="
-*/
-src.len = 22;
-src.data = start;
-dst.data = (u_char *) ctx->uid_got;
-if (ngx_decode_base64(&dst, &src) == NGX_ERROR) {
-ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
-"client sent invalid userid cookie \"%V\"",
-&cookies[i]->value);
-break;
-}
-ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
-"uid: %08XD%08XD%08XD%08XD",
-ctx->uid_got[0], ctx->uid_got[1],
-ctx->uid_got[2], ctx->uid_got[3]);
-return NGX_OK;
-}
-}
 return NGX_OK;
 }
 set_cookie = ngx_list_push(&r->headers_out.headers);
 if (set_cookie == NULL) {
 return NGX_ERROR;
 }
+set_cookie->hash = 1;
 set_cookie->key.len = sizeof("Set-Cookie") - 1;
 set_cookie->key.data = (u_char *) "Set-Cookie";
 set_cookie->value.len = p - cookie;
 set_cookie->value.data = cookie;
 p3p = ngx_list_push(&r->headers_out.headers);
 if (p3p == NULL) {
 return NGX_ERROR;
 }
+p3p->hash = 1;
 p3p->key.len = sizeof("P3P") - 1;
 p3p->key.data = (u_char *) "P3P";
 p3p->value = conf->p3p;
 return NGX_OK;
 *     conf->path.date = NULL;
 *     conf->p3p.len = 0;
 *     conf->p3p.date = NULL;
 */
-conf->enable = NGX_CONF_UNSET;
+conf->enable = NGX_CONF_UNSET_UINT;
 conf->service = NGX_CONF_UNSET;
 conf->expires = NGX_CONF_UNSET;
 return conf;
 }
 ngx_http_userid_merge_conf(ngx_conf_t *cf, void *parent, void *child)
 {
 ngx_http_userid_conf_t *prev = parent;
 ngx_http_userid_conf_t *conf = child;
-ngx_conf_merge_value(conf->enable, prev->enable, NGX_HTTP_USERID_OFF);
+ngx_conf_merge_unsigned_value(conf->enable, prev->enable,
+NGX_HTTP_USERID_OFF);
 ngx_conf_merge_str_value(conf->name, prev->name, "uid");
 ngx_conf_merge_str_value(conf->domain, prev->domain, "");
 ngx_conf_merge_str_value(conf->path, prev->path, "; path=/");
 ngx_conf_merge_str_value(conf->p3p, prev->p3p, "");

Mercurial > hg > nginx-vendor-current

comparison src/http/modules/ngx_http_userid_filter_module.c @ 58:b55cbf18157e NGINX_0_1_29