Mercurial > hg > nginx-vendor-0-6

comparison src/http/modules/ngx_http_userid_filter.c @ 0:f0b350454894 NGINX_0_1_0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
nginx 0.1.0 *) The first public version.
author Igor Sysoev <http://sysoev.ru>
date Mon, 04 Oct 2004 00:00:00 +0400
parents
children cc9f381affaa
comparison
equal deleted inserted replaced
-1:000000000000 0:f0b350454894
1
2 /*
3 * Copyright (C) Igor Sysoev
4 */
5
6
7 #include <ngx_config.h>
8 #include <ngx_core.h>
9 #include <ngx_http.h>
10
11
12 #define NGX_HTTP_USERID_OFF 0
13 #define NGX_HTTP_USERID_LOG 1
14 #define NGX_HTTP_USERID_V1 2
15 #define NGX_HTTP_USERID_ON 3
16
17 /* 31 Dec 2037 23:55:55 GMT */
18 #define NGX_HTTP_USERID_MAX_EXPIRES 2145916555
19
20
21 typedef struct {
22 ngx_flag_t enable;
23
24 ngx_int_t service;
25
26 ngx_str_t name;
27 ngx_str_t domain;
28 ngx_str_t path;
29 time_t expires;
30
31 ngx_int_t p3p;
32 ngx_str_t p3p_string;
33 } ngx_http_userid_conf_t;
34
35
36 typedef struct {
37 uint32_t uid_got[4];
38 uint32_t uid_set[4];
39 } ngx_http_userid_ctx_t;
40
41
42 static ngx_int_t ngx_http_userid_get_uid(ngx_http_request_t *r,
43 ngx_http_userid_ctx_t *ctx,
44 ngx_http_userid_conf_t *conf);
45 static ngx_int_t ngx_http_userid_set_uid(ngx_http_request_t *r,
46 ngx_http_userid_ctx_t *ctx,
47 ngx_http_userid_conf_t *conf);
48
49 static u_char *ngx_http_userid_log_uid_got(ngx_http_request_t *r, u_char *buf,
50 uintptr_t data);
51 static u_char *ngx_http_userid_log_uid_set(ngx_http_request_t *r, u_char *buf,
52 uintptr_t data);
53
54 static ngx_int_t ngx_http_userid_init(ngx_cycle_t *cycle);
55 static ngx_int_t ngx_http_userid_pre_conf(ngx_conf_t *cf);
56 static void *ngx_http_userid_create_conf(ngx_conf_t *cf);
57 static char *ngx_http_userid_merge_conf(ngx_conf_t *cf, void *parent,
58 void *child);
59 char *ngx_conf_check_domain(ngx_conf_t *cf, void *post, void *data);
60 char *ngx_http_userid_expires(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
61
62
63 static uint32_t sequencer_v1 = 1;
64 static uint32_t sequencer_v2 = 0x03030302;
65
66
67 static u_char expires[] = "; expires=Thu, 31-Dec-37 23:55:55 GMT";
68
69
70 static ngx_http_output_header_filter_pt ngx_http_next_header_filter;
71
72
73 static ngx_conf_enum_t ngx_http_userid_state[] = {
74 { ngx_string("off"), NGX_HTTP_USERID_OFF },
75 { ngx_string("log"), NGX_HTTP_USERID_LOG },
76 { ngx_string("v1"), NGX_HTTP_USERID_V1 },
77 { ngx_string("on"), NGX_HTTP_USERID_ON },
78 { ngx_null_string, 0 }
79 };
80
81
82 static ngx_conf_post_handler_pt ngx_conf_check_domain_p =
83 ngx_conf_check_domain;
84
85
86 static ngx_command_t ngx_http_userid_commands[] = {
87
88 { ngx_string("userid"),
89 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
90 ngx_conf_set_enum_slot,
91 NGX_HTTP_LOC_CONF_OFFSET,
92 offsetof(ngx_http_userid_conf_t, enable),
93 ngx_http_userid_state },
94
95 { ngx_string("userid_service"),
96 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
97 ngx_conf_set_num_slot,
98 NGX_HTTP_LOC_CONF_OFFSET,
99 offsetof(ngx_http_userid_conf_t, service),
100 NULL },
101
102 { ngx_string("userid_name"),
103 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
104 ngx_conf_set_str_slot,
105 NGX_HTTP_LOC_CONF_OFFSET,
106 offsetof(ngx_http_userid_conf_t, name),
107 NULL },
108
109 { ngx_string("userid_domain"),
110 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
111 ngx_conf_set_str_slot,
112 NGX_HTTP_LOC_CONF_OFFSET,
113 offsetof(ngx_http_userid_conf_t, domain),
114 &ngx_conf_check_domain_p },
115
116 { ngx_string("userid_path"),
117 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
118 ngx_conf_set_str_slot,
119 NGX_HTTP_LOC_CONF_OFFSET,
120 offsetof(ngx_http_userid_conf_t, path),
121 NULL },
122
123 { ngx_string("userid_expires"),
124 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
125 ngx_http_userid_expires,
126 NGX_HTTP_LOC_CONF_OFFSET,
127 0,
128 NULL },
129
130 ngx_null_command
131 };
132
133
134 ngx_http_module_t ngx_http_userid_filter_module_ctx = {
135 ngx_http_userid_pre_conf, /* pre conf */
136
137 NULL, /* create main configuration */
138 NULL, /* init main configuration */
139
140 NULL, /* create server configuration */
141 NULL, /* merge server configuration */
142
143 ngx_http_userid_create_conf, /* create location configration */
144 ngx_http_userid_merge_conf /* merge location configration */
145 };
146
147
148 ngx_module_t ngx_http_userid_filter_module = {
149 NGX_MODULE,
150 &ngx_http_userid_filter_module_ctx, /* module context */
151 ngx_http_userid_commands, /* module directives */
152 NGX_HTTP_MODULE, /* module type */
153 ngx_http_userid_init, /* init module */
154 NULL /* init process */
155 };
156
157
158 static ngx_http_log_op_name_t ngx_http_userid_log_fmt_ops[] = {
159 { ngx_string("uid_got"), 0, ngx_http_userid_log_uid_got },
160 { ngx_string("uid_set"), 0, ngx_http_userid_log_uid_set },
161 { ngx_null_string, 0, NULL }
162 };
163
164
165 static ngx_int_t ngx_http_userid_filter(ngx_http_request_t *r)
166 {
167 ngx_int_t rc;
168 ngx_http_userid_ctx_t *ctx;
169 ngx_http_userid_conf_t *conf;
170
171 conf = ngx_http_get_module_loc_conf(r, ngx_http_userid_filter_module);
172
173 if (conf->enable == NGX_HTTP_USERID_OFF) {
174 return ngx_http_next_header_filter(r);
175 }
176
177 ngx_http_create_ctx(r, ctx, ngx_http_userid_filter_module,
178 sizeof(ngx_http_userid_ctx_t), NGX_ERROR);
179
180 rc = ngx_http_userid_get_uid(r, ctx, conf);
181
182 if (rc != NGX_OK) {
183 return rc;
184 }
185
186 if (conf->enable == NGX_HTTP_USERID_LOG || ctx->uid_got[3] != 0) {
187 return ngx_http_next_header_filter(r);
188 }
189
190 rc = ngx_http_userid_set_uid(r, ctx, conf);
191
192 if (rc != NGX_OK) {
193 return rc;
194 }
195
196 return ngx_http_next_header_filter(r);
197 }
198
199
200 static ngx_int_t ngx_http_userid_get_uid(ngx_http_request_t *r,
201 ngx_http_userid_ctx_t *ctx,
202 ngx_http_userid_conf_t *conf)
203 {
204 u_char *start, *last, *end;
205 ngx_uint_t i;
206 ngx_str_t src, dst;
207 ngx_table_elt_t **cookies;
208
209 cookies = r->headers_in.cookies.elts;
210
211 for (i = 0; i < r->headers_in.cookies.nelts; i++) {
212 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
213 "cookie: \"%s\"", cookies[i]->value.data);
214
215 end = cookies[i]->value.data + cookies[i]->value.len;
216
217 for (start = cookies[i]->value.data; start < end; /* void */) {
218
219 if (conf->name.len >= cookies[i]->value.len
220 || ngx_strncmp(start, conf->name.data, conf->name.len) != 0)
221 {
222 start += conf->name.len;
223 while (start < end && *start++ != ';') { /* void */ }
224
225 for (/* void */; start < end && *start == ' '; start++) { /**/ }
226
227 continue;
228 }
229
230 for (start += conf->name.len; start < end && *start == ' '; start++)
231 {
232 /* void */
233 }
234
235 if (*start != '=') {
236 break;
237 }
238
239 for (start++; start < end && *start == ' '; start++) { /* void */ }
240
241 for (last = start; last < end && *last != ';'; last++) { /**/ }
242
243 if (last - start < 22) {
244 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
245 "client sent too short userid cookie \"%s\"",
246 cookies[i]->value.data);
247 break;
248 }
249
250 /*
251 * we have to limit encoded string to 22 characters
252 * because there are already the millions cookies with a garbage
253 * instead of the correct base64 trail "=="
254 */
255
256 src.len = 22;
257 src.data = start;
258 dst.data = (u_char *) ctx->uid_got;
259
260 if (ngx_decode_base64(&src, &dst) == NGX_ERROR) {
261 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
262 "client sent invalid userid cookie \"%s\"",
263 cookies[i]->value.data);
264 break;
265 }
266
267 ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
268 "uid: %08X%08X%08X%08X",
269 ctx->uid_got[0], ctx->uid_got[1],
270 ctx->uid_got[2], ctx->uid_got[3]);
271
272 return NGX_OK;
273 }
274 }
275
276 return NGX_OK;
277 }
278
279
280 static ngx_int_t ngx_http_userid_set_uid(ngx_http_request_t *r,
281 ngx_http_userid_ctx_t *ctx,
282 ngx_http_userid_conf_t *conf)
283
284 {
285 u_char *cookie, *p;
286 size_t len;
287 socklen_t slen;
288 struct sockaddr_in addr_in;
289 ngx_str_t src, dst;
290 ngx_table_elt_t *set_cookie;
291
292 /* TODO: mutex for sequencers */
293
294 if (conf->enable == NGX_HTTP_USERID_V1) {
295 if (conf->service == NGX_CONF_UNSET) {
296 ctx->uid_set[0] = 0;
297 } else {
298 ctx->uid_set[0] = htonl(conf->service);
299 }
300
301 ctx->uid_set[1] = ngx_time();
302 ctx->uid_set[2] = ngx_pid;
303 ctx->uid_set[3] = sequencer_v1;
304 sequencer_v1 += 0x100;
305
306 } else {
307 if (conf->service == NGX_CONF_UNSET) {
308 if (r->in_addr == 0) {
309 slen = sizeof(struct sockaddr_in);
310 if (getsockname(r->connection->fd,
311 (struct sockaddr *) &addr_in, &slen) == -1)
312 {
313 ngx_log_error(NGX_LOG_CRIT, r->connection->log,
314 ngx_socket_errno,
315 "getsockname() failed");
316 }
317
318 r->in_addr = addr_in.sin_addr.s_addr;
319 }
320
321 ctx->uid_set[0] = htonl(r->in_addr);
322
323 } else {
324 ctx->uid_set[0] = htonl(conf->service);
325 }
326
327 ctx->uid_set[1] = htonl(ngx_time());
328 ctx->uid_set[2] = htonl(ngx_pid);
329 ctx->uid_set[3] = htonl(sequencer_v2);
330 sequencer_v2 += 0x100;
331 if (sequencer_v2 < 0x03030302) {
332 sequencer_v2 = 0x03030302;
333 }
334 }
335
336 len = conf->name.len + 1 + ngx_base64_encoded_length(16) + 1;
337
338 if (conf->expires) {
339 len += sizeof(expires) - 1 + 2;
340 }
341
342 if (conf->domain.len > 1) {
343 len += sizeof("; domain=") - 1 + conf->domain.len;
344 }
345
346 if (conf->path.len) {
347 len += sizeof("; path=") - 1 + conf->path.len;
348 }
349
350 if (!(cookie = ngx_palloc(r->pool, len))) {
351 return NGX_ERROR;
352 }
353
354 p = ngx_cpymem(cookie, conf->name.data, conf->name.len);
355 *p++ = '=';
356
357 src.len = 16;
358 src.data = (u_char *) ctx->uid_set;
359 dst.data = p;
360
361 ngx_encode_base64(&src, &dst);
362
363 p += dst.len;
364
365 if (conf->expires == NGX_HTTP_USERID_MAX_EXPIRES) {
366 p = ngx_cpymem(p, expires, sizeof(expires) - 1);
367
368 } else if (conf->expires) {
369 p = ngx_cpymem(p, expires, sizeof("; expires=") - 1);
370 p += ngx_http_cookie_time(p, ngx_time() + conf->expires);
371 }
372
373 if (conf->domain.len > 1) {
374 p = ngx_cpymem(p, "; domain=", sizeof("; domain=") - 1);
375 p = ngx_cpymem(p, conf->domain.data, conf->domain.len);
376 }
377
378 if (conf->path.len) {
379 p = ngx_cpymem(p, "; path=", sizeof("; path=") - 1);
380 p = ngx_cpymem(p, conf->path.data, conf->path.len);
381 }
382
383 *p = '\0';
384
385 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
386 "uid cookie: \"%s\"", cookie);
387
388 if (!(set_cookie = ngx_list_push(&r->headers_out.headers))) {
389 return NGX_ERROR;
390 }
391
392 set_cookie->key.len = sizeof("Set-Cookie") - 1;
393 set_cookie->key.data = (u_char *) "Set-Cookie";
394 set_cookie->value.len = p - cookie;
395 set_cookie->value.data = cookie;
396
397 return NGX_OK;
398 }
399
400
401 static u_char *ngx_http_userid_log_uid_got(ngx_http_request_t *r, u_char *buf,
402 uintptr_t data)
403 {
404 ngx_http_userid_ctx_t *ctx;
405 ngx_http_userid_conf_t *conf;
406
407 ctx = ngx_http_get_module_ctx(r, ngx_http_userid_filter_module);
408
409 if (ctx == NULL || ctx->uid_got[3] == 0) {
410 if (buf == NULL) {
411 return (u_char *) 1;
412 }
413
414 *buf = '-';
415 return buf + 1;
416 }
417
418 conf = ngx_http_get_module_loc_conf(r, ngx_http_userid_filter_module);
419
420 if (buf == NULL) {
421 return (u_char *) (conf->name.len + 1 + 32);
422 }
423
424 buf = ngx_cpymem(buf, conf->name.data, conf->name.len);
425
426 *buf++ = '=';
427
428 return buf + ngx_snprintf((char *) buf, 33, "%08X%08X%08X%08X",
429 ctx->uid_got[0], ctx->uid_got[1],
430 ctx->uid_got[2], ctx->uid_got[3]);
431 }
432
433
434 static u_char *ngx_http_userid_log_uid_set(ngx_http_request_t *r, u_char *buf,
435 uintptr_t data)
436 {
437 ngx_http_userid_ctx_t *ctx;
438 ngx_http_userid_conf_t *conf;
439
440 ctx = ngx_http_get_module_ctx(r, ngx_http_userid_filter_module);
441
442 if (ctx == NULL || ctx->uid_set[3] == 0) {
443 if (buf == NULL) {
444 return (u_char *) 1;
445 }
446
447 *buf = '-';
448 return buf + 1;
449 }
450
451 conf = ngx_http_get_module_loc_conf(r, ngx_http_userid_filter_module);
452
453 if (buf == NULL) {
454 return (u_char *) (conf->name.len + 1 + 32);
455 }
456
457 buf = ngx_cpymem(buf, conf->name.data, conf->name.len);
458
459 *buf++ = '=';
460
461 return buf + ngx_snprintf((char *) buf, 33, "%08X%08X%08X%08X",
462 ctx->uid_set[0], ctx->uid_set[1],
463 ctx->uid_set[2], ctx->uid_set[3]);
464 }
465
466
467 static ngx_int_t ngx_http_userid_init(ngx_cycle_t *cycle)
468 {
469 ngx_http_next_header_filter = ngx_http_top_header_filter;
470 ngx_http_top_header_filter = ngx_http_userid_filter;
471
472 return NGX_OK;
473 }
474
475
476 static ngx_int_t ngx_http_userid_pre_conf(ngx_conf_t *cf)
477 {
478 ngx_http_log_op_name_t *op;
479
480 for (op = ngx_http_userid_log_fmt_ops; op->name.len; op++) { /* void */ }
481 op->op = NULL;
482
483 op = ngx_http_log_fmt_ops;
484
485 for (op = ngx_http_log_fmt_ops; op->op; op++) {
486 if (op->name.len == 0) {
487 op = (ngx_http_log_op_name_t *) op->op;
488 }
489 }
490
491 op->op = (ngx_http_log_op_pt) ngx_http_userid_log_fmt_ops;
492
493 return NGX_OK;
494 }
495
496
497 static void *ngx_http_userid_create_conf(ngx_conf_t *cf)
498 {
499 ngx_http_userid_conf_t *conf;
500
501 if (!(conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_userid_conf_t)))) {
502 return NGX_CONF_ERROR;
503 }
504
505 /* set by ngx_pcalloc():
506
507 conf->name.len = 0;
508 conf->name.date = NULL;
509 conf->domain.len = 0;
510 conf->domain.date = NULL;
511 conf->path.len = 0;
512 conf->path.date = NULL;
513
514 */
515
516 conf->enable = NGX_CONF_UNSET;
517 conf->service = NGX_CONF_UNSET;
518 conf->expires = NGX_CONF_UNSET;
519
520 return conf;
521 }
522
523
524 static char *ngx_http_userid_merge_conf(ngx_conf_t *cf, void *parent,
525 void *child)
526 {
527 ngx_http_userid_conf_t *prev = parent;
528 ngx_http_userid_conf_t *conf = child;
529
530 ngx_conf_merge_value(conf->enable, prev->enable, NGX_HTTP_USERID_OFF);
531
532 ngx_conf_merge_str_value(conf->name, prev->name, "uid");
533 ngx_conf_merge_str_value(conf->domain, prev->domain, ".");
534 ngx_conf_merge_str_value(conf->path, prev->path, "/");
535
536 ngx_conf_merge_value(conf->service, prev->service, NGX_CONF_UNSET);
537 ngx_conf_merge_sec_value(conf->expires, prev->expires, 0);
538
539 return NGX_CONF_OK;
540 }
541
542
543 char *ngx_conf_check_domain(ngx_conf_t *cf, void *post, void *data)
544 {
545 ngx_str_t *domain = data;
546
547 if (domain->len == 4 && ngx_strcmp(domain->data, "none") == 0) {
548 domain->len = 1;
549 domain->data = (u_char *) ".";
550 }
551
552 return NGX_CONF_OK;
553 }
554
555
556 char *ngx_http_userid_expires(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
557 {
558 ngx_http_userid_conf_t *ucf = conf;
559
560 ngx_str_t *value;
561
562 if (ucf->expires != NGX_CONF_UNSET) {
563 return "is duplicate";
564 }
565
566 value = cf->args->elts;
567
568 if (ngx_strcmp(value[1].data, "max") == 0) {
569 ucf->expires = NGX_HTTP_USERID_MAX_EXPIRES;
570 return NGX_CONF_OK;
571 }
572
573 if (ngx_strcmp(value[1].data, "off") == 0) {
574 ucf->expires = 0;
575 return NGX_CONF_OK;
576 }
577
578 ucf->expires = ngx_parse_time(&value[1], 1);
579 if (ucf->expires == NGX_ERROR) {
580 return "invalid value";
581 }
582
583 if (ucf->expires == NGX_PARSE_LARGE_TIME) {
584 return "value must be less than 68 years";
585 }
586
587 return NGX_CONF_OK;
588 }