nginx: src/stream/ngx_stream_access

annotate src/stream/ngx_stream_access_module.c @ 6699:9cf2dce316e5

Fixed log levels of configuration parsing errors. All the errors that prevent loading configuration must be printed on the "emerg" log level. Previously, nginx might silently fail to load configuration in some cases as the default log level is "error".

author	Valentin Bartenev <vbart@nginx.com>
date	Tue, 20 Sep 2016 15:07:16 +0300
parents	3908156a51fa
children	72188d1bcab5

rev	line source
6175 8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	1
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	2 /*
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	3 * Copyright (C) Igor Sysoev
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	4 * Copyright (C) Nginx, Inc.
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	5 */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	6
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	7
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	8 #include <ngx_config.h>
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	9 #include <ngx_core.h>
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	10 #include <ngx_stream.h>
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	11
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	12
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	13 typedef struct {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	14 in_addr_t mask;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	15 in_addr_t addr;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	16 ngx_uint_t deny; /* unsigned deny:1; */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	17 } ngx_stream_access_rule_t;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	18
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	19 #if (NGX_HAVE_INET6)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	20
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	21 typedef struct {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	22 struct in6_addr addr;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	23 struct in6_addr mask;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	24 ngx_uint_t deny; /* unsigned deny:1; */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	25 } ngx_stream_access_rule6_t;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	26
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	27 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	28
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	29 #if (NGX_HAVE_UNIX_DOMAIN)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	30
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	31 typedef struct {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	32 ngx_uint_t deny; /* unsigned deny:1; */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	33 } ngx_stream_access_rule_un_t;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	34
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	35 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	36
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	37 typedef struct {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	38 ngx_array_t rules; / array of ngx_stream_access_rule_t */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	39 #if (NGX_HAVE_INET6)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	40 ngx_array_t rules6; / array of ngx_stream_access_rule6_t */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	41 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	42 #if (NGX_HAVE_UNIX_DOMAIN)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	43 ngx_array_t rules_un; / array of ngx_stream_access_rule_un_t */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	44 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	45 } ngx_stream_access_srv_conf_t;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	46
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	47
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	48 static ngx_int_t ngx_stream_access_handler(ngx_stream_session_t *s);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	49 static ngx_int_t ngx_stream_access_inet(ngx_stream_session_t *s,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	50 ngx_stream_access_srv_conf_t *ascf, in_addr_t addr);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	51 #if (NGX_HAVE_INET6)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	52 static ngx_int_t ngx_stream_access_inet6(ngx_stream_session_t *s,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	53 ngx_stream_access_srv_conf_t ascf, u_char p);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	54 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	55 #if (NGX_HAVE_UNIX_DOMAIN)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	56 static ngx_int_t ngx_stream_access_unix(ngx_stream_session_t *s,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	57 ngx_stream_access_srv_conf_t *ascf);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	58 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	59 static ngx_int_t ngx_stream_access_found(ngx_stream_session_t *s,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	60 ngx_uint_t deny);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	61 static char ngx_stream_access_rule(ngx_conf_t cf, ngx_command_t *cmd,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	62 void *conf);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	63 static void ngx_stream_access_create_srv_conf(ngx_conf_t cf);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	64 static char ngx_stream_access_merge_srv_conf(ngx_conf_t cf,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	65 void parent, void child);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	66 static ngx_int_t ngx_stream_access_init(ngx_conf_t *cf);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	67
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	68
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	69 static ngx_command_t ngx_stream_access_commands[] = {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	70
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	71 { ngx_string("allow"),
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	72 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	73 ngx_stream_access_rule,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	74 NGX_STREAM_SRV_CONF_OFFSET,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	75 0,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	76 NULL },
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	77
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	78 { ngx_string("deny"),
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	79 NGX_STREAM_MAIN_CONF\|NGX_STREAM_SRV_CONF\|NGX_CONF_TAKE1,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	80 ngx_stream_access_rule,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	81 NGX_STREAM_SRV_CONF_OFFSET,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	82 0,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	83 NULL },
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	84
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	85 ngx_null_command
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	86 };
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	87
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	88
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	89
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	90 static ngx_stream_module_t ngx_stream_access_module_ctx = {
6606 2f41d383c9c7 Stream: added preconfiguration step. Vladimir Homutov <vl@nginx.com> parents: 6175 diff changeset	91 NULL, /* preconfiguration */
6175 8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	92 ngx_stream_access_init, /* postconfiguration */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	93
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	94 NULL, /* create main configuration */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	95 NULL, /* init main configuration */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	96
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	97 ngx_stream_access_create_srv_conf, /* create server configuration */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	98 ngx_stream_access_merge_srv_conf /* merge server configuration */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	99 };
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	100
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	101
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	102 ngx_module_t ngx_stream_access_module = {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	103 NGX_MODULE_V1,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	104 &ngx_stream_access_module_ctx, /* module context */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	105 ngx_stream_access_commands, /* module directives */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	106 NGX_STREAM_MODULE, /* module type */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	107 NULL, /* init master */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	108 NULL, /* init module */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	109 NULL, /* init process */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	110 NULL, /* init thread */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	111 NULL, /* exit thread */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	112 NULL, /* exit process */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	113 NULL, /* exit master */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	114 NGX_MODULE_V1_PADDING
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	115 };
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	116
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	117
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	118 static ngx_int_t
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	119 ngx_stream_access_handler(ngx_stream_session_t *s)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	120 {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	121 struct sockaddr_in *sin;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	122 ngx_stream_access_srv_conf_t *ascf;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	123 #if (NGX_HAVE_INET6)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	124 u_char *p;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	125 in_addr_t addr;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	126 struct sockaddr_in6 *sin6;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	127 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	128
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	129 ascf = ngx_stream_get_module_srv_conf(s, ngx_stream_access_module);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	130
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	131 switch (s->connection->sockaddr->sa_family) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	132
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	133 case AF_INET:
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	134 if (ascf->rules) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	135 sin = (struct sockaddr_in *) s->connection->sockaddr;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	136 return ngx_stream_access_inet(s, ascf, sin->sin_addr.s_addr);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	137 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	138 break;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	139
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	140 #if (NGX_HAVE_INET6)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	141
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	142 case AF_INET6:
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	143 sin6 = (struct sockaddr_in6 *) s->connection->sockaddr;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	144 p = sin6->sin6_addr.s6_addr;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	145
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	146 if (ascf->rules && IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	147 addr = p[12] << 24;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	148 addr += p[13] << 16;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	149 addr += p[14] << 8;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	150 addr += p[15];
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	151 return ngx_stream_access_inet(s, ascf, htonl(addr));
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	152 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	153
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	154 if (ascf->rules6) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	155 return ngx_stream_access_inet6(s, ascf, p);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	156 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	157
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	158 break;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	159
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	160 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	161
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	162 #if (NGX_HAVE_UNIX_DOMAIN)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	163
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	164 case AF_UNIX:
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	165 if (ascf->rules_un) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	166 return ngx_stream_access_unix(s, ascf);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	167 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	168
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	169 break;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	170
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	171 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	172 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	173
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	174 return NGX_DECLINED;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	175 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	176
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	177
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	178 static ngx_int_t
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	179 ngx_stream_access_inet(ngx_stream_session_t *s,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	180 ngx_stream_access_srv_conf_t *ascf, in_addr_t addr)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	181 {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	182 ngx_uint_t i;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	183 ngx_stream_access_rule_t *rule;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	184
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	185 rule = ascf->rules->elts;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	186 for (i = 0; i < ascf->rules->nelts; i++) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	187
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	188 ngx_log_debug3(NGX_LOG_DEBUG_STREAM, s->connection->log, 0,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	189 "access: %08XD %08XD %08XD",
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	190 addr, rule[i].mask, rule[i].addr);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	191
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	192 if ((addr & rule[i].mask) == rule[i].addr) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	193 return ngx_stream_access_found(s, rule[i].deny);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	194 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	195 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	196
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	197 return NGX_DECLINED;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	198 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	199
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	200
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	201 #if (NGX_HAVE_INET6)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	202
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	203 static ngx_int_t
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	204 ngx_stream_access_inet6(ngx_stream_session_t *s,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	205 ngx_stream_access_srv_conf_t ascf, u_char p)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	206 {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	207 ngx_uint_t n;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	208 ngx_uint_t i;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	209 ngx_stream_access_rule6_t *rule6;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	210
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	211 rule6 = ascf->rules6->elts;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	212 for (i = 0; i < ascf->rules6->nelts; i++) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	213
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	214 #if (NGX_DEBUG)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	215 {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	216 size_t cl, ml, al;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	217 u_char ct[NGX_INET6_ADDRSTRLEN];
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	218 u_char mt[NGX_INET6_ADDRSTRLEN];
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	219 u_char at[NGX_INET6_ADDRSTRLEN];
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	220
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	221 cl = ngx_inet6_ntop(p, ct, NGX_INET6_ADDRSTRLEN);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	222 ml = ngx_inet6_ntop(rule6[i].mask.s6_addr, mt, NGX_INET6_ADDRSTRLEN);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	223 al = ngx_inet6_ntop(rule6[i].addr.s6_addr, at, NGX_INET6_ADDRSTRLEN);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	224
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	225 ngx_log_debug6(NGX_LOG_DEBUG_STREAM, s->connection->log, 0,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	226 "access: %s %s %*s", cl, ct, ml, mt, al, at);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	227 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	228 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	229
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	230 for (n = 0; n < 16; n++) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	231 if ((p[n] & rule6[i].mask.s6_addr[n]) != rule6[i].addr.s6_addr[n]) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	232 goto next;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	233 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	234 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	235
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	236 return ngx_stream_access_found(s, rule6[i].deny);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	237
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	238 next:
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	239 continue;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	240 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	241
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	242 return NGX_DECLINED;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	243 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	244
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	245 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	246
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	247
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	248 #if (NGX_HAVE_UNIX_DOMAIN)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	249
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	250 static ngx_int_t
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	251 ngx_stream_access_unix(ngx_stream_session_t *s,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	252 ngx_stream_access_srv_conf_t *ascf)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	253 {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	254 ngx_uint_t i;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	255 ngx_stream_access_rule_un_t *rule_un;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	256
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	257 rule_un = ascf->rules_un->elts;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	258 for (i = 0; i < ascf->rules_un->nelts; i++) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	259
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	260 /* TODO: check path */
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	261 if (1) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	262 return ngx_stream_access_found(s, rule_un[i].deny);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	263 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	264 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	265
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	266 return NGX_DECLINED;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	267 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	268
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	269 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	270
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	271
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	272 static ngx_int_t
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	273 ngx_stream_access_found(ngx_stream_session_t *s, ngx_uint_t deny)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	274 {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	275 if (deny) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	276 ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	277 "access forbidden by rule");
6693 3908156a51fa Stream: phases. Roman Arutyunyan <arut@nginx.com> parents: 6606 diff changeset	278 return NGX_STREAM_FORBIDDEN;
6175 8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	279 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	280
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	281 return NGX_OK;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	282 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	283
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	284
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	285 static char *
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	286 ngx_stream_access_rule(ngx_conf_t cf, ngx_command_t cmd, void *conf)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	287 {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	288 ngx_stream_access_srv_conf_t *ascf = conf;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	289
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	290 ngx_int_t rc;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	291 ngx_uint_t all;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	292 ngx_str_t *value;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	293 ngx_cidr_t cidr;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	294 ngx_stream_access_rule_t *rule;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	295 #if (NGX_HAVE_INET6)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	296 ngx_stream_access_rule6_t *rule6;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	297 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	298 #if (NGX_HAVE_UNIX_DOMAIN)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	299 ngx_stream_access_rule_un_t *rule_un;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	300 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	301
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	302 ngx_memzero(&cidr, sizeof(ngx_cidr_t));
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	303
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	304 value = cf->args->elts;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	305
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	306 all = (value[1].len == 3 && ngx_strcmp(value[1].data, "all") == 0);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	307
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	308 if (!all) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	309
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	310 #if (NGX_HAVE_UNIX_DOMAIN)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	311
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	312 if (value[1].len == 5 && ngx_strcmp(value[1].data, "unix:") == 0) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	313 cidr.family = AF_UNIX;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	314 rc = NGX_OK;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	315
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	316 } else {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	317 rc = ngx_ptocidr(&value[1], &cidr);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	318 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	319
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	320 #else
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	321 rc = ngx_ptocidr(&value[1], &cidr);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	322 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	323
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	324 if (rc == NGX_ERROR) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	325 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	326 "invalid parameter \"%V\"", &value[1]);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	327 return NGX_CONF_ERROR;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	328 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	329
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	330 if (rc == NGX_DONE) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	331 ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	332 "low address bits of %V are meaningless", &value[1]);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	333 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	334 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	335
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	336 if (cidr.family == AF_INET \|\| all) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	337
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	338 if (ascf->rules == NULL) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	339 ascf->rules = ngx_array_create(cf->pool, 4,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	340 sizeof(ngx_stream_access_rule_t));
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	341 if (ascf->rules == NULL) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	342 return NGX_CONF_ERROR;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	343 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	344 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	345
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	346 rule = ngx_array_push(ascf->rules);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	347 if (rule == NULL) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	348 return NGX_CONF_ERROR;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	349 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	350
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	351 rule->mask = cidr.u.in.mask;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	352 rule->addr = cidr.u.in.addr;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	353 rule->deny = (value[0].data[0] == 'd') ? 1 : 0;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	354 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	355
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	356 #if (NGX_HAVE_INET6)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	357 if (cidr.family == AF_INET6 \|\| all) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	358
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	359 if (ascf->rules6 == NULL) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	360 ascf->rules6 = ngx_array_create(cf->pool, 4,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	361 sizeof(ngx_stream_access_rule6_t));
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	362 if (ascf->rules6 == NULL) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	363 return NGX_CONF_ERROR;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	364 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	365 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	366
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	367 rule6 = ngx_array_push(ascf->rules6);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	368 if (rule6 == NULL) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	369 return NGX_CONF_ERROR;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	370 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	371
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	372 rule6->mask = cidr.u.in6.mask;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	373 rule6->addr = cidr.u.in6.addr;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	374 rule6->deny = (value[0].data[0] == 'd') ? 1 : 0;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	375 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	376 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	377
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	378 #if (NGX_HAVE_UNIX_DOMAIN)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	379 if (cidr.family == AF_UNIX \|\| all) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	380
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	381 if (ascf->rules_un == NULL) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	382 ascf->rules_un = ngx_array_create(cf->pool, 1,
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	383 sizeof(ngx_stream_access_rule_un_t));
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	384 if (ascf->rules_un == NULL) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	385 return NGX_CONF_ERROR;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	386 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	387 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	388
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	389 rule_un = ngx_array_push(ascf->rules_un);
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	390 if (rule_un == NULL) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	391 return NGX_CONF_ERROR;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	392 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	393
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	394 rule_un->deny = (value[0].data[0] == 'd') ? 1 : 0;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	395 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	396 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	397
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	398 return NGX_CONF_OK;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	399 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	400
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	401
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	402 static void *
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	403 ngx_stream_access_create_srv_conf(ngx_conf_t *cf)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	404 {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	405 ngx_stream_access_srv_conf_t *conf;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	406
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	407 conf = ngx_pcalloc(cf->pool, sizeof(ngx_stream_access_srv_conf_t));
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	408 if (conf == NULL) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	409 return NULL;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	410 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	411
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	412 return conf;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	413 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	414
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	415
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	416 static char *
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	417 ngx_stream_access_merge_srv_conf(ngx_conf_t cf, void parent, void *child)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	418 {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	419 ngx_stream_access_srv_conf_t *prev = parent;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	420 ngx_stream_access_srv_conf_t *conf = child;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	421
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	422 if (conf->rules == NULL
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	423 #if (NGX_HAVE_INET6)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	424 && conf->rules6 == NULL
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	425 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	426 #if (NGX_HAVE_UNIX_DOMAIN)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	427 && conf->rules_un == NULL
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	428 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	429 ) {
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	430 conf->rules = prev->rules;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	431 #if (NGX_HAVE_INET6)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	432 conf->rules6 = prev->rules6;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	433 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	434 #if (NGX_HAVE_UNIX_DOMAIN)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	435 conf->rules_un = prev->rules_un;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	436 #endif
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	437 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	438
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	439 return NGX_CONF_OK;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	440 }
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	441
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	442
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	443 static ngx_int_t
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	444 ngx_stream_access_init(ngx_conf_t *cf)
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	445 {
6693 3908156a51fa Stream: phases. Roman Arutyunyan <arut@nginx.com> parents: 6606 diff changeset	446 ngx_stream_handler_pt *h;
6175 8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	447 ngx_stream_core_main_conf_t *cmcf;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	448
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	449 cmcf = ngx_stream_conf_get_module_main_conf(cf, ngx_stream_core_module);
6693 3908156a51fa Stream: phases. Roman Arutyunyan <arut@nginx.com> parents: 6606 diff changeset	450
3908156a51fa Stream: phases. Roman Arutyunyan <arut@nginx.com> parents: 6606 diff changeset	451 h = ngx_array_push(&cmcf->phases[NGX_STREAM_ACCESS_PHASE].handlers);
3908156a51fa Stream: phases. Roman Arutyunyan <arut@nginx.com> parents: 6606 diff changeset	452 if (h == NULL) {
3908156a51fa Stream: phases. Roman Arutyunyan <arut@nginx.com> parents: 6606 diff changeset	453 return NGX_ERROR;
3908156a51fa Stream: phases. Roman Arutyunyan <arut@nginx.com> parents: 6606 diff changeset	454 }
3908156a51fa Stream: phases. Roman Arutyunyan <arut@nginx.com> parents: 6606 diff changeset	455
3908156a51fa Stream: phases. Roman Arutyunyan <arut@nginx.com> parents: 6606 diff changeset	456 *h = ngx_stream_access_handler;
6175 8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	457
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	458 return NGX_OK;
8807a2369b1a Stream: access module. Vladimir Homutov <vl@nginx.com> parents: diff changeset	459 }

Mercurial > hg > nginx

annotate src/stream/ngx_stream_access_module.c @ 6699:9cf2dce316e5