nginx-vendor-current: src/http/modules/ngx_http_access

annotate src/http/modules/ngx_http_access_module.c @ 670:ad45b044f1e5 NGINX_1_1_19

nginx 1.1.19 *) Security: specially crafted mp4 file might allow to overwrite memory locations in a worker process if the ngx_http_mp4_module was used, potentially resulting in arbitrary code execution (CVE-2012-2089). Thanks to Matthew Daley. *) Bugfix: nginx/Windows might be terminated abnormally. Thanks to Vincent Lee. *) Bugfix: nginx hogged CPU if all servers in an upstream were marked as "backup". *) Bugfix: the "allow" and "deny" directives might be inherited incorrectly if they were used with IPv6 addresses. *) Bugfix: the "modern_browser" and "ancient_browser" directives might be inherited incorrectly. *) Bugfix: timeouts might be handled incorrectly on Solaris/SPARC. *) Bugfix: in the ngx_http_mp4_module.

author	Igor Sysoev <http://sysoev.ru>
date	Thu, 12 Apr 2012 00:00:00 +0400
parents	d0f7a625f27c
children

rev	line source
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	1
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	2 /*
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	3 * Copyright (C) Igor Sysoev
660 d0f7a625f27c nginx 1.1.14 Igor Sysoev <http://sysoev.ru> parents: 626 diff changeset	4 * Copyright (C) Nginx, Inc.
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	5 */
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	6
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	7
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	8 #include <ngx_config.h>
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	9 #include <ngx_core.h>
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	10 #include <ngx_http.h>
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	11
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	12
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	13 typedef struct {
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	14 in_addr_t mask;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	15 in_addr_t addr;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	16 ngx_uint_t deny; /* unsigned deny:1; */
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	17 } ngx_http_access_rule_t;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	18
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	19 #if (NGX_HAVE_INET6)
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	20
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	21 typedef struct {
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	22 struct in6_addr addr;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	23 struct in6_addr mask;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	24 ngx_uint_t deny; /* unsigned deny:1; */
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	25 } ngx_http_access_rule6_t;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	26
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	27 #endif
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	28
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	29 typedef struct {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	30 ngx_array_t rules; / array of ngx_http_access_rule_t */
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	31 #if (NGX_HAVE_INET6)
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	32 ngx_array_t rules6; / array of ngx_http_access_rule6_t */
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	33 #endif
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	34 } ngx_http_access_loc_conf_t;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	35
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	36
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	37 static ngx_int_t ngx_http_access_handler(ngx_http_request_t *r);
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	38 static ngx_int_t ngx_http_access_inet(ngx_http_request_t *r,
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	39 ngx_http_access_loc_conf_t *alcf, in_addr_t addr);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	40 #if (NGX_HAVE_INET6)
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	41 static ngx_int_t ngx_http_access_inet6(ngx_http_request_t *r,
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	42 ngx_http_access_loc_conf_t alcf, u_char p);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	43 #endif
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	44 static ngx_int_t ngx_http_access_found(ngx_http_request_t *r, ngx_uint_t deny);
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	45 static char ngx_http_access_rule(ngx_conf_t cf, ngx_command_t *cmd,
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	46 void *conf);
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	47 static void ngx_http_access_create_loc_conf(ngx_conf_t cf);
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	48 static char ngx_http_access_merge_loc_conf(ngx_conf_t cf,
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	49 void parent, void child);
230 38e7b94d63ac nginx 0.4.0 Igor Sysoev <http://sysoev.ru> parents: 216 diff changeset	50 static ngx_int_t ngx_http_access_init(ngx_conf_t *cf);
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	51
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	52
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	53 static ngx_command_t ngx_http_access_commands[] = {
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	54
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	55 { ngx_string("allow"),
180 4cd3e70c4d60 nginx 0.3.37 Igor Sysoev <http://sysoev.ru> parents: 122 diff changeset	56 NGX_HTTP_MAIN_CONF\|NGX_HTTP_SRV_CONF\|NGX_HTTP_LOC_CONF\|NGX_HTTP_LMT_CONF
4cd3e70c4d60 nginx 0.3.37 Igor Sysoev <http://sysoev.ru> parents: 122 diff changeset	57 \|NGX_CONF_TAKE1,
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	58 ngx_http_access_rule,
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	59 NGX_HTTP_LOC_CONF_OFFSET,
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	60 0,
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	61 NULL },
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	62
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	63 { ngx_string("deny"),
180 4cd3e70c4d60 nginx 0.3.37 Igor Sysoev <http://sysoev.ru> parents: 122 diff changeset	64 NGX_HTTP_MAIN_CONF\|NGX_HTTP_SRV_CONF\|NGX_HTTP_LOC_CONF\|NGX_HTTP_LMT_CONF
4cd3e70c4d60 nginx 0.3.37 Igor Sysoev <http://sysoev.ru> parents: 122 diff changeset	65 \|NGX_CONF_TAKE1,
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	66 ngx_http_access_rule,
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	67 NGX_HTTP_LOC_CONF_OFFSET,
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	68 0,
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	69 NULL },
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	70
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	71 ngx_null_command
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	72 };
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	73
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	74
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	75
216 fa32d59d9a15 nginx 0.3.55 Igor Sysoev <http://sysoev.ru> parents: 212 diff changeset	76 static ngx_http_module_t ngx_http_access_module_ctx = {
58 b55cbf18157e nginx 0.1.29 Igor Sysoev <http://sysoev.ru> parents: 50 diff changeset	77 NULL, /* preconfiguration */
230 38e7b94d63ac nginx 0.4.0 Igor Sysoev <http://sysoev.ru> parents: 216 diff changeset	78 ngx_http_access_init, /* postconfiguration */
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	79
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	80 NULL, /* create main configuration */
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	81 NULL, /* init main configuration */
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	82
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	83 NULL, /* create server configuration */
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	84 NULL, /* merge server configuration */
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	85
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	86 ngx_http_access_create_loc_conf, /* create location configuration */
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	87 ngx_http_access_merge_loc_conf /* merge location configuration */
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	88 };
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	89
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	90
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	91 ngx_module_t ngx_http_access_module = {
58 b55cbf18157e nginx 0.1.29 Igor Sysoev <http://sysoev.ru> parents: 50 diff changeset	92 NGX_MODULE_V1,
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	93 &ngx_http_access_module_ctx, /* module context */
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	94 ngx_http_access_commands, /* module directives */
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	95 NGX_HTTP_MODULE, /* module type */
90 71c46860eb55 nginx 0.1.45 Igor Sysoev <http://sysoev.ru> parents: 58 diff changeset	96 NULL, /* init master */
230 38e7b94d63ac nginx 0.4.0 Igor Sysoev <http://sysoev.ru> parents: 216 diff changeset	97 NULL, /* init module */
90 71c46860eb55 nginx 0.1.45 Igor Sysoev <http://sysoev.ru> parents: 58 diff changeset	98 NULL, /* init process */
71c46860eb55 nginx 0.1.45 Igor Sysoev <http://sysoev.ru> parents: 58 diff changeset	99 NULL, /* init thread */
71c46860eb55 nginx 0.1.45 Igor Sysoev <http://sysoev.ru> parents: 58 diff changeset	100 NULL, /* exit thread */
71c46860eb55 nginx 0.1.45 Igor Sysoev <http://sysoev.ru> parents: 58 diff changeset	101 NULL, /* exit process */
71c46860eb55 nginx 0.1.45 Igor Sysoev <http://sysoev.ru> parents: 58 diff changeset	102 NULL, /* exit master */
71c46860eb55 nginx 0.1.45 Igor Sysoev <http://sysoev.ru> parents: 58 diff changeset	103 NGX_MODULE_V1_PADDING
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	104 };
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	105
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	106
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	107 static ngx_int_t
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	108 ngx_http_access_handler(ngx_http_request_t *r)
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	109 {
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	110 struct sockaddr_in *sin;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	111 ngx_http_access_loc_conf_t *alcf;
626 a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	112 #if (NGX_HAVE_INET6)
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	113 u_char *p;
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	114 in_addr_t addr;
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	115 struct sockaddr_in6 *sin6;
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	116 #endif
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	117
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	118 alcf = ngx_http_get_module_loc_conf(r, ngx_http_access_module);
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	119
626 a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	120 switch (r->connection->sockaddr->sa_family) {
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	121
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	122 case AF_INET:
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	123 if (alcf->rules) {
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	124 sin = (struct sockaddr_in *) r->connection->sockaddr;
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	125 return ngx_http_access_inet(r, alcf, sin->sin_addr.s_addr);
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	126 }
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	127 break;
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	128
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	129 #if (NGX_HAVE_INET6)
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	130
626 a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	131 case AF_INET6:
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	132 sin6 = (struct sockaddr_in6 *) r->connection->sockaddr;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	133 p = sin6->sin6_addr.s6_addr;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	134
626 a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	135 if (alcf->rules && IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	136 addr = p[12] << 24;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	137 addr += p[13] << 16;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	138 addr += p[14] << 8;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	139 addr += p[15];
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	140 return ngx_http_access_inet(r, alcf, htonl(addr));
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	141 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	142
626 a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	143 if (alcf->rules6) {
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	144 return ngx_http_access_inet6(r, alcf, p);
a7a5fa2e395b nginx 1.0.3 Igor Sysoev <http://sysoev.ru> parents: 586 diff changeset	145 }
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	146
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	147 #endif
448 76a79816b771 nginx 0.7.36 Igor Sysoev <http://sysoev.ru> parents: 400 diff changeset	148 }
76a79816b771 nginx 0.7.36 Igor Sysoev <http://sysoev.ru> parents: 400 diff changeset	149
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	150 return NGX_DECLINED;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	151 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	152
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	153
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	154 static ngx_int_t
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	155 ngx_http_access_inet(ngx_http_request_t r, ngx_http_access_loc_conf_t alcf,
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	156 in_addr_t addr)
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	157 {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	158 ngx_uint_t i;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	159 ngx_http_access_rule_t *rule;
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	160
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	161 rule = alcf->rules->elts;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	162 for (i = 0; i < alcf->rules->nelts; i++) {
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	163
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	164 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
122 d25a1d6034f1 nginx 0.3.8 Igor Sysoev <http://sysoev.ru> parents: 90 diff changeset	165 "access: %08XD %08XD %08XD",
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	166 addr, rule[i].mask, rule[i].addr);
212 56688ed172c8 nginx 0.3.53 Igor Sysoev <http://sysoev.ru> parents: 180 diff changeset	167
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	168 if ((addr & rule[i].mask) == rule[i].addr) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	169 return ngx_http_access_found(r, rule[i].deny);
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	170 }
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	171 }
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	172
358 9121a0a91f47 nginx 0.6.23 Igor Sysoev <http://sysoev.ru> parents: 326 diff changeset	173 return NGX_DECLINED;
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	174 }
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	175
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	176
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	177 #if (NGX_HAVE_INET6)
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	178
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	179 static ngx_int_t
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	180 ngx_http_access_inet6(ngx_http_request_t r, ngx_http_access_loc_conf_t alcf,
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	181 u_char *p)
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	182 {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	183 ngx_uint_t n;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	184 ngx_uint_t i;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	185 ngx_http_access_rule6_t *rule6;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	186
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	187 rule6 = alcf->rules6->elts;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	188 for (i = 0; i < alcf->rules6->nelts; i++) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	189
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	190 #if (NGX_DEBUG)
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	191 {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	192 size_t cl, ml, al;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	193 u_char ct[NGX_INET6_ADDRSTRLEN];
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	194 u_char mt[NGX_INET6_ADDRSTRLEN];
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	195 u_char at[NGX_INET6_ADDRSTRLEN];
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	196
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	197 cl = ngx_inet6_ntop(p, ct, NGX_INET6_ADDRSTRLEN);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	198 ml = ngx_inet6_ntop(rule6[i].mask.s6_addr, mt, NGX_INET6_ADDRSTRLEN);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	199 al = ngx_inet6_ntop(rule6[i].addr.s6_addr, at, NGX_INET6_ADDRSTRLEN);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	200
586 53f5f04a64b8 nginx 0.8.45 Igor Sysoev <http://sysoev.ru> parents: 540 diff changeset	201 ngx_log_debug6(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	202 "access: %s %s %*s", cl, ct, ml, mt, al, at);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	203 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	204 #endif
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	205
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	206 for (n = 0; n < 16; n++) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	207 if ((p[n] & rule6[i].mask.s6_addr[n]) != rule6[i].addr.s6_addr[n]) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	208 goto next;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	209 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	210 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	211
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	212 return ngx_http_access_found(r, rule6[i].deny);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	213
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	214 next:
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	215 continue;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	216 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	217
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	218 return NGX_DECLINED;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	219 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	220
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	221 #endif
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	222
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	223
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	224 static ngx_int_t
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	225 ngx_http_access_found(ngx_http_request_t *r, ngx_uint_t deny)
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	226 {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	227 ngx_http_core_loc_conf_t *clcf;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	228
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	229 if (deny) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	230 clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	231
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	232 if (clcf->satisfy == NGX_HTTP_SATISFY_ALL) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	233 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	234 "access forbidden by rule");
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	235 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	236
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	237 return NGX_HTTP_FORBIDDEN;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	238 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	239
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	240 return NGX_OK;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	241 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	242
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	243
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	244 static char *
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	245 ngx_http_access_rule(ngx_conf_t cf, ngx_command_t cmd, void *conf)
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	246 {
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	247 ngx_http_access_loc_conf_t *alcf = conf;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	248
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	249 ngx_int_t rc;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	250 ngx_uint_t all;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	251 ngx_str_t *value;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	252 ngx_cidr_t cidr;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	253 ngx_http_access_rule_t *rule;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	254 #if (NGX_HAVE_INET6)
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	255 ngx_http_access_rule6_t *rule6;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	256 #endif
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	257
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	258 ngx_memzero(&cidr, sizeof(ngx_cidr_t));
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	259
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	260 value = cf->args->elts;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	261
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	262 all = (value[1].len == 3 && ngx_strcmp(value[1].data, "all") == 0);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	263
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	264 if (!all) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	265
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	266 rc = ngx_ptocidr(&value[1], &cidr);
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	267
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	268 if (rc == NGX_ERROR) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	269 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	270 "invalid parameter \"%V\"", &value[1]);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	271 return NGX_CONF_ERROR;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	272 }
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	273
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	274 if (rc == NGX_DONE) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	275 ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	276 "low address bits of %V are meaningless", &value[1]);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	277 }
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	278 }
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	279
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	280 switch (cidr.family) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	281
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	282 #if (NGX_HAVE_INET6)
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	283 case AF_INET6:
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	284 case 0: /* all */
326 9fc4ab6673f9 nginx 0.6.7 Igor Sysoev <http://sysoev.ru> parents: 230 diff changeset	285
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	286 if (alcf->rules6 == NULL) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	287 alcf->rules6 = ngx_array_create(cf->pool, 4,
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	288 sizeof(ngx_http_access_rule6_t));
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	289 if (alcf->rules6 == NULL) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	290 return NGX_CONF_ERROR;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	291 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	292 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	293
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	294 rule6 = ngx_array_push(alcf->rules6);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	295 if (rule6 == NULL) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	296 return NGX_CONF_ERROR;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	297 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	298
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	299 rule6->mask = cidr.u.in6.mask;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	300 rule6->addr = cidr.u.in6.addr;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	301 rule6->deny = (value[0].data[0] == 'd') ? 1 : 0;
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	302
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	303 if (!all) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	304 break;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	305 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	306
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	307 /* "all" passes through */
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	308 #endif
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	309
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	310 default: /* AF_INET */
454 a8424ffa495c nginx 0.7.39 Igor Sysoev <http://sysoev.ru> parents: 448 diff changeset	311
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	312 if (alcf->rules == NULL) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	313 alcf->rules = ngx_array_create(cf->pool, 4,
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	314 sizeof(ngx_http_access_rule_t));
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	315 if (alcf->rules == NULL) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	316 return NGX_CONF_ERROR;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	317 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	318 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	319
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	320 rule = ngx_array_push(alcf->rules);
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	321 if (rule == NULL) {
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	322 return NGX_CONF_ERROR;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	323 }
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	324
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	325 rule->mask = cidr.u.in.mask;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	326 rule->addr = cidr.u.in.addr;
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	327 rule->deny = (value[0].data[0] == 'd') ? 1 : 0;
326 9fc4ab6673f9 nginx 0.6.7 Igor Sysoev <http://sysoev.ru> parents: 230 diff changeset	328 }
9fc4ab6673f9 nginx 0.6.7 Igor Sysoev <http://sysoev.ru> parents: 230 diff changeset	329
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	330 return NGX_CONF_OK;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	331 }
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	332
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	333
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	334 static void *
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	335 ngx_http_access_create_loc_conf(ngx_conf_t *cf)
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	336 {
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	337 ngx_http_access_loc_conf_t *conf;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	338
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	339 conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_access_loc_conf_t));
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	340 if (conf == NULL) {
496 f39b9e29530d nginx 0.8.0 Igor Sysoev <http://sysoev.ru> parents: 454 diff changeset	341 return NULL;
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	342 }
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	343
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	344 return conf;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	345 }
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	346
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	347
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	348 static char *
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	349 ngx_http_access_merge_loc_conf(ngx_conf_t cf, void parent, void *child)
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	350 {
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	351 ngx_http_access_loc_conf_t *prev = parent;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	352 ngx_http_access_loc_conf_t *conf = child;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	353
670 ad45b044f1e5 nginx 1.1.19 Igor Sysoev <http://sysoev.ru> parents: 660 diff changeset	354 #if (NGX_HAVE_INET6)
ad45b044f1e5 nginx 1.1.19 Igor Sysoev <http://sysoev.ru> parents: 660 diff changeset	355
ad45b044f1e5 nginx 1.1.19 Igor Sysoev <http://sysoev.ru> parents: 660 diff changeset	356 if (conf->rules == NULL && conf->rules6 == NULL) {
ad45b044f1e5 nginx 1.1.19 Igor Sysoev <http://sysoev.ru> parents: 660 diff changeset	357 conf->rules = prev->rules;
ad45b044f1e5 nginx 1.1.19 Igor Sysoev <http://sysoev.ru> parents: 660 diff changeset	358 conf->rules6 = prev->rules6;
ad45b044f1e5 nginx 1.1.19 Igor Sysoev <http://sysoev.ru> parents: 660 diff changeset	359 }
ad45b044f1e5 nginx 1.1.19 Igor Sysoev <http://sysoev.ru> parents: 660 diff changeset	360
ad45b044f1e5 nginx 1.1.19 Igor Sysoev <http://sysoev.ru> parents: 660 diff changeset	361 #else
ad45b044f1e5 nginx 1.1.19 Igor Sysoev <http://sysoev.ru> parents: 660 diff changeset	362
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	363 if (conf->rules == NULL) {
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	364 conf->rules = prev->rules;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	365 }
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	366
540 c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	367 #endif
c04fa65fe604 nginx 0.8.22 Igor Sysoev <http://sysoev.ru> parents: 496 diff changeset	368
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	369 return NGX_CONF_OK;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	370 }
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	371
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	372
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	373 static ngx_int_t
230 38e7b94d63ac nginx 0.4.0 Igor Sysoev <http://sysoev.ru> parents: 216 diff changeset	374 ngx_http_access_init(ngx_conf_t *cf)
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	375 {
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	376 ngx_http_handler_pt *h;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	377 ngx_http_core_main_conf_t *cmcf;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	378
230 38e7b94d63ac nginx 0.4.0 Igor Sysoev <http://sysoev.ru> parents: 216 diff changeset	379 cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);
50 72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	380
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	381 h = ngx_array_push(&cmcf->phases[NGX_HTTP_ACCESS_PHASE].handlers);
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	382 if (h == NULL) {
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	383 return NGX_ERROR;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	384 }
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	385
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	386 *h = ngx_http_access_handler;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	387
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	388 return NGX_OK;
72eb30262aac nginx 0.1.25 Igor Sysoev <http://sysoev.ru> parents: diff changeset	389 }

Mercurial > hg > nginx-vendor-current

annotate src/http/modules/ngx_http_access_module.c @ 670:ad45b044f1e5 NGINX_1_1_19