nginx: src/http/modules/ngx_http_auth_request

annotate src/http/modules/ngx_http_auth_request_module.c @ 7653:8409f9df6219

SSL: client certificate validation with OCSP (ticket #1534). OCSP validation for client certificates is enabled by the "ssl_ocsp" directive. OCSP responder can be optionally specified by "ssl_ocsp_responder". When session is reused, peer chain is not available for validation. If the verified chain contains certificates from the peer chain not available at the server, validation will fail.

author	Roman Arutyunyan <arut@nginx.com>
date	Fri, 22 May 2020 17:30:12 +0300
parents	f01ab2dbcfdc
children	d26db4f82d7d

rev	line source
5329 00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	1
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	2 /*
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	3 * Copyright (C) Maxim Dounin
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	4 * Copyright (C) Nginx, Inc.
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	5 */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	6
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	7
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	8 #include <ngx_config.h>
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	9 #include <ngx_core.h>
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	10 #include <ngx_http.h>
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	11
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	12
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	13 typedef struct {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	14 ngx_str_t uri;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	15 ngx_array_t *vars;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	16 } ngx_http_auth_request_conf_t;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	17
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	18
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	19 typedef struct {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	20 ngx_uint_t done;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	21 ngx_uint_t status;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	22 ngx_http_request_t *subrequest;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	23 } ngx_http_auth_request_ctx_t;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	24
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	25
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	26 typedef struct {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	27 ngx_int_t index;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	28 ngx_http_complex_value_t value;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	29 ngx_http_set_variable_pt set_handler;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	30 } ngx_http_auth_request_variable_t;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	31
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	32
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	33 static ngx_int_t ngx_http_auth_request_handler(ngx_http_request_t *r);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	34 static ngx_int_t ngx_http_auth_request_done(ngx_http_request_t *r,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	35 void *data, ngx_int_t rc);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	36 static ngx_int_t ngx_http_auth_request_set_variables(ngx_http_request_t *r,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	37 ngx_http_auth_request_conf_t arcf, ngx_http_auth_request_ctx_t ctx);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	38 static ngx_int_t ngx_http_auth_request_variable(ngx_http_request_t *r,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	39 ngx_http_variable_value_t *v, uintptr_t data);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	40 static void ngx_http_auth_request_create_conf(ngx_conf_t cf);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	41 static char ngx_http_auth_request_merge_conf(ngx_conf_t cf,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	42 void parent, void child);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	43 static ngx_int_t ngx_http_auth_request_init(ngx_conf_t *cf);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	44 static char ngx_http_auth_request(ngx_conf_t cf, ngx_command_t *cmd,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	45 void *conf);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	46 static char ngx_http_auth_request_set(ngx_conf_t cf, ngx_command_t *cmd,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	47 void *conf);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	48
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	49
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	50 static ngx_command_t ngx_http_auth_request_commands[] = {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	51
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	52 { ngx_string("auth_request"),
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	53 NGX_HTTP_MAIN_CONF\|NGX_HTTP_SRV_CONF\|NGX_HTTP_LOC_CONF\|NGX_CONF_TAKE1,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	54 ngx_http_auth_request,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	55 NGX_HTTP_LOC_CONF_OFFSET,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	56 0,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	57 NULL },
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	58
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	59 { ngx_string("auth_request_set"),
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	60 NGX_HTTP_MAIN_CONF\|NGX_HTTP_SRV_CONF\|NGX_HTTP_LOC_CONF\|NGX_CONF_TAKE2,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	61 ngx_http_auth_request_set,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	62 NGX_HTTP_LOC_CONF_OFFSET,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	63 0,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	64 NULL },
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	65
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	66 ngx_null_command
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	67 };
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	68
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	69
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	70 static ngx_http_module_t ngx_http_auth_request_module_ctx = {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	71 NULL, /* preconfiguration */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	72 ngx_http_auth_request_init, /* postconfiguration */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	73
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	74 NULL, /* create main configuration */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	75 NULL, /* init main configuration */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	76
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	77 NULL, /* create server configuration */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	78 NULL, /* merge server configuration */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	79
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	80 ngx_http_auth_request_create_conf, /* create location configuration */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	81 ngx_http_auth_request_merge_conf /* merge location configuration */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	82 };
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	83
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	84
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	85 ngx_module_t ngx_http_auth_request_module = {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	86 NGX_MODULE_V1,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	87 &ngx_http_auth_request_module_ctx, /* module context */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	88 ngx_http_auth_request_commands, /* module directives */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	89 NGX_HTTP_MODULE, /* module type */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	90 NULL, /* init master */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	91 NULL, /* init module */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	92 NULL, /* init process */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	93 NULL, /* init thread */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	94 NULL, /* exit thread */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	95 NULL, /* exit process */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	96 NULL, /* exit master */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	97 NGX_MODULE_V1_PADDING
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	98 };
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	99
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	100
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	101 static ngx_int_t
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	102 ngx_http_auth_request_handler(ngx_http_request_t *r)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	103 {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	104 ngx_table_elt_t h, ho;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	105 ngx_http_request_t *sr;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	106 ngx_http_post_subrequest_t *ps;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	107 ngx_http_auth_request_ctx_t *ctx;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	108 ngx_http_auth_request_conf_t *arcf;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	109
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	110 arcf = ngx_http_get_module_loc_conf(r, ngx_http_auth_request_module);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	111
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	112 if (arcf->uri.len == 0) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	113 return NGX_DECLINED;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	114 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	115
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	116 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	117 "auth request handler");
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	118
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	119 ctx = ngx_http_get_module_ctx(r, ngx_http_auth_request_module);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	120
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	121 if (ctx != NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	122 if (!ctx->done) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	123 return NGX_AGAIN;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	124 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	125
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	126 /*
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	127 * as soon as we are done - explicitly set variables to make
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	128 * sure they will be available after internal redirects
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	129 */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	130
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	131 if (ngx_http_auth_request_set_variables(r, arcf, ctx) != NGX_OK) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	132 return NGX_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	133 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	134
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	135 /* return appropriate status */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	136
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	137 if (ctx->status == NGX_HTTP_FORBIDDEN) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	138 return ctx->status;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	139 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	140
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	141 if (ctx->status == NGX_HTTP_UNAUTHORIZED) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	142 sr = ctx->subrequest;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	143
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	144 h = sr->headers_out.www_authenticate;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	145
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	146 if (!h && sr->upstream) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	147 h = sr->upstream->headers_in.www_authenticate;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	148 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	149
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	150 if (h) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	151 ho = ngx_list_push(&r->headers_out.headers);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	152 if (ho == NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	153 return NGX_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	154 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	155
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	156 ho = h;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	157
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	158 r->headers_out.www_authenticate = ho;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	159 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	160
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	161 return ctx->status;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	162 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	163
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	164 if (ctx->status >= NGX_HTTP_OK
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	165 && ctx->status < NGX_HTTP_SPECIAL_RESPONSE)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	166 {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	167 return NGX_OK;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	168 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	169
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	170 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
6480 f01ab2dbcfdc Fixed logging. Sergey Kandaurov <pluknet@nginx.com> parents: 5329 diff changeset	171 "auth request unexpected status: %ui", ctx->status);
5329 00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	172
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	173 return NGX_HTTP_INTERNAL_SERVER_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	174 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	175
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	176 ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_auth_request_ctx_t));
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	177 if (ctx == NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	178 return NGX_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	179 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	180
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	181 ps = ngx_palloc(r->pool, sizeof(ngx_http_post_subrequest_t));
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	182 if (ps == NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	183 return NGX_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	184 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	185
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	186 ps->handler = ngx_http_auth_request_done;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	187 ps->data = ctx;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	188
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	189 if (ngx_http_subrequest(r, &arcf->uri, NULL, &sr, ps,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	190 NGX_HTTP_SUBREQUEST_WAITED)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	191 != NGX_OK)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	192 {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	193 return NGX_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	194 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	195
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	196 /*
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	197 * allocate fake request body to avoid attempts to read it and to make
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	198 * sure real body file (if already read) won't be closed by upstream
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	199 */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	200
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	201 sr->request_body = ngx_pcalloc(r->pool, sizeof(ngx_http_request_body_t));
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	202 if (sr->request_body == NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	203 return NGX_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	204 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	205
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	206 sr->header_only = 1;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	207
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	208 ctx->subrequest = sr;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	209
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	210 ngx_http_set_ctx(r, ctx, ngx_http_auth_request_module);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	211
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	212 return NGX_AGAIN;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	213 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	214
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	215
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	216 static ngx_int_t
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	217 ngx_http_auth_request_done(ngx_http_request_t r, void data, ngx_int_t rc)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	218 {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	219 ngx_http_auth_request_ctx_t *ctx = data;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	220
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	221 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
6480 f01ab2dbcfdc Fixed logging. Sergey Kandaurov <pluknet@nginx.com> parents: 5329 diff changeset	222 "auth request done s:%ui", r->headers_out.status);
5329 00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	223
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	224 ctx->done = 1;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	225 ctx->status = r->headers_out.status;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	226
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	227 return rc;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	228 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	229
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	230
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	231 static ngx_int_t
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	232 ngx_http_auth_request_set_variables(ngx_http_request_t *r,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	233 ngx_http_auth_request_conf_t arcf, ngx_http_auth_request_ctx_t ctx)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	234 {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	235 ngx_str_t val;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	236 ngx_http_variable_t *v;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	237 ngx_http_variable_value_t *vv;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	238 ngx_http_auth_request_variable_t av, last;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	239 ngx_http_core_main_conf_t *cmcf;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	240
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	241 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	242 "auth request set variables");
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	243
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	244 if (arcf->vars == NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	245 return NGX_OK;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	246 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	247
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	248 cmcf = ngx_http_get_module_main_conf(r, ngx_http_core_module);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	249 v = cmcf->variables.elts;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	250
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	251 av = arcf->vars->elts;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	252 last = av + arcf->vars->nelts;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	253
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	254 while (av < last) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	255 /*
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	256 * explicitly set new value to make sure it will be available after
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	257 * internal redirects
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	258 */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	259
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	260 vv = &r->variables[av->index];
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	261
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	262 if (ngx_http_complex_value(ctx->subrequest, &av->value, &val)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	263 != NGX_OK)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	264 {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	265 return NGX_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	266 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	267
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	268 vv->valid = 1;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	269 vv->not_found = 0;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	270 vv->data = val.data;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	271 vv->len = val.len;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	272
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	273 if (av->set_handler) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	274 /*
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	275 * set_handler only available in cmcf->variables_keys, so we store
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	276 * it explicitly
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	277 */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	278
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	279 av->set_handler(r, vv, v[av->index].data);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	280 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	281
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	282 av++;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	283 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	284
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	285 return NGX_OK;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	286 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	287
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	288
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	289 static ngx_int_t
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	290 ngx_http_auth_request_variable(ngx_http_request_t *r,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	291 ngx_http_variable_value_t *v, uintptr_t data)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	292 {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	293 ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	294 "auth request variable");
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	295
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	296 v->not_found = 1;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	297
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	298 return NGX_OK;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	299 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	300
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	301
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	302 static void *
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	303 ngx_http_auth_request_create_conf(ngx_conf_t *cf)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	304 {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	305 ngx_http_auth_request_conf_t *conf;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	306
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	307 conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_auth_request_conf_t));
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	308 if (conf == NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	309 return NULL;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	310 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	311
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	312 /*
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	313 * set by ngx_pcalloc():
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	314 *
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	315 * conf->uri = { 0, NULL };
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	316 */
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	317
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	318 conf->vars = NGX_CONF_UNSET_PTR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	319
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	320 return conf;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	321 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	322
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	323
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	324 static char *
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	325 ngx_http_auth_request_merge_conf(ngx_conf_t cf, void parent, void *child)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	326 {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	327 ngx_http_auth_request_conf_t *prev = parent;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	328 ngx_http_auth_request_conf_t *conf = child;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	329
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	330 ngx_conf_merge_str_value(conf->uri, prev->uri, "");
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	331 ngx_conf_merge_ptr_value(conf->vars, prev->vars, NULL);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	332
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	333 return NGX_CONF_OK;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	334 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	335
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	336
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	337 static ngx_int_t
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	338 ngx_http_auth_request_init(ngx_conf_t *cf)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	339 {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	340 ngx_http_handler_pt *h;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	341 ngx_http_core_main_conf_t *cmcf;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	342
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	343 cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	344
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	345 h = ngx_array_push(&cmcf->phases[NGX_HTTP_ACCESS_PHASE].handlers);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	346 if (h == NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	347 return NGX_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	348 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	349
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	350 *h = ngx_http_auth_request_handler;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	351
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	352 return NGX_OK;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	353 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	354
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	355
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	356 static char *
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	357 ngx_http_auth_request(ngx_conf_t cf, ngx_command_t cmd, void *conf)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	358 {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	359 ngx_http_auth_request_conf_t *arcf = conf;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	360
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	361 ngx_str_t *value;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	362
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	363 if (arcf->uri.data != NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	364 return "is duplicate";
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	365 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	366
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	367 value = cf->args->elts;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	368
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	369 if (ngx_strcmp(value[1].data, "off") == 0) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	370 arcf->uri.len = 0;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	371 arcf->uri.data = (u_char *) "";
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	372
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	373 return NGX_CONF_OK;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	374 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	375
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	376 arcf->uri = value[1];
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	377
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	378 return NGX_CONF_OK;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	379 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	380
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	381
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	382 static char *
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	383 ngx_http_auth_request_set(ngx_conf_t cf, ngx_command_t cmd, void *conf)
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	384 {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	385 ngx_http_auth_request_conf_t *arcf = conf;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	386
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	387 ngx_str_t *value;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	388 ngx_http_variable_t *v;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	389 ngx_http_auth_request_variable_t *av;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	390 ngx_http_compile_complex_value_t ccv;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	391
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	392 value = cf->args->elts;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	393
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	394 if (value[1].data[0] != '$') {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	395 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	396 "invalid variable name \"%V\"", &value[1]);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	397 return NGX_CONF_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	398 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	399
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	400 value[1].len--;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	401 value[1].data++;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	402
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	403 if (arcf->vars == NGX_CONF_UNSET_PTR) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	404 arcf->vars = ngx_array_create(cf->pool, 1,
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	405 sizeof(ngx_http_auth_request_variable_t));
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	406 if (arcf->vars == NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	407 return NGX_CONF_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	408 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	409 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	410
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	411 av = ngx_array_push(arcf->vars);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	412 if (av == NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	413 return NGX_CONF_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	414 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	415
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	416 v = ngx_http_add_variable(cf, &value[1], NGX_HTTP_VAR_CHANGEABLE);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	417 if (v == NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	418 return NGX_CONF_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	419 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	420
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	421 av->index = ngx_http_get_variable_index(cf, &value[1]);
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	422 if (av->index == NGX_ERROR) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	423 return NGX_CONF_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	424 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	425
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	426 if (v->get_handler == NULL) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	427 v->get_handler = ngx_http_auth_request_variable;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	428 v->data = (uintptr_t) av;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	429 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	430
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	431 av->set_handler = v->set_handler;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	432
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	433 ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	434
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	435 ccv.cf = cf;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	436 ccv.value = &value[2];
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	437 ccv.complex_value = &av->value;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	438
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	439 if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	440 return NGX_CONF_ERROR;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	441 }
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	442
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	443 return NGX_CONF_OK;
00bdc9f08a16 Auth request module import. Maxim Dounin <mdounin@mdounin.ru> parents: diff changeset	444 }

Mercurial > hg > nginx

annotate src/http/modules/ngx_http_auth_request_module.c @ 7653:8409f9df6219