Mercurial > hg > nginx
annotate src/http/modules/ngx_http_secure_link_module.c @ 9306:e46e1ea89ccd
Upstream: $upstream_cache_age variable.
The variable reflects response age, including the time spent in the
cache and the upstream response age as obtained from the "Age" header.
If the response wasn't cached, the variable reflects the "Age" header
of the upstream response.
If the intended use case is to cache responses as per HTTP/1.1 caching
model, the $upstream_cache_age variable can be used to provide the "Age"
header with the "add_header" directive, such as:
add_header Age $upstream_cache_age;
This now removes the "Age" header if it was present.
Further, the "expires" directives now removes the "Age" header if it
was present in the response, as the "expires" directive assumes zero
age when it adds "Expires" and "Cache-Control" headers.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Thu, 18 Jul 2024 19:39:45 +0300 |
parents | bdd4d89370a7 |
children |
rev | line source |
---|---|
2260 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4412 | 4 * Copyright (C) Nginx, Inc. |
2260 | 5 */ |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 #include <ngx_http.h> | |
11 #include <ngx_md5.h> | |
12 | |
13 | |
14 typedef struct { | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
15 ngx_http_complex_value_t *variable; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
16 ngx_http_complex_value_t *md5; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
17 ngx_str_t secret; |
2260 | 18 } ngx_http_secure_link_conf_t; |
19 | |
20 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
21 typedef struct { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
22 ngx_str_t expires; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
23 } ngx_http_secure_link_ctx_t; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
24 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
25 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
26 static ngx_int_t ngx_http_secure_link_old_variable(ngx_http_request_t *r, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
27 ngx_http_secure_link_conf_t *conf, ngx_http_variable_value_t *v, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
28 uintptr_t data); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
29 static ngx_int_t ngx_http_secure_link_expires_variable(ngx_http_request_t *r, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
30 ngx_http_variable_value_t *v, uintptr_t data); |
2260 | 31 static void *ngx_http_secure_link_create_conf(ngx_conf_t *cf); |
32 static char *ngx_http_secure_link_merge_conf(ngx_conf_t *cf, void *parent, | |
33 void *child); | |
34 static ngx_int_t ngx_http_secure_link_add_variables(ngx_conf_t *cf); | |
35 | |
36 | |
37 static ngx_command_t ngx_http_secure_link_commands[] = { | |
38 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
39 { ngx_string("secure_link"), |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
40 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, |
3761 | 41 ngx_http_set_complex_value_slot, |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
42 NGX_HTTP_LOC_CONF_OFFSET, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
43 offsetof(ngx_http_secure_link_conf_t, variable), |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
44 NULL }, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
45 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
46 { ngx_string("secure_link_md5"), |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
47 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, |
3761 | 48 ngx_http_set_complex_value_slot, |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
49 NGX_HTTP_LOC_CONF_OFFSET, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
50 offsetof(ngx_http_secure_link_conf_t, md5), |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
51 NULL }, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
52 |
2260 | 53 { ngx_string("secure_link_secret"), |
54 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
55 ngx_conf_set_str_slot, | |
56 NGX_HTTP_LOC_CONF_OFFSET, | |
57 offsetof(ngx_http_secure_link_conf_t, secret), | |
58 NULL }, | |
59 | |
60 ngx_null_command | |
61 }; | |
62 | |
63 | |
64 static ngx_http_module_t ngx_http_secure_link_module_ctx = { | |
65 ngx_http_secure_link_add_variables, /* preconfiguration */ | |
66 NULL, /* postconfiguration */ | |
67 | |
68 NULL, /* create main configuration */ | |
69 NULL, /* init main configuration */ | |
70 | |
71 NULL, /* create server configuration */ | |
72 NULL, /* merge server configuration */ | |
73 | |
74 ngx_http_secure_link_create_conf, /* create location configuration */ | |
75 ngx_http_secure_link_merge_conf /* merge location configuration */ | |
76 }; | |
77 | |
78 | |
79 ngx_module_t ngx_http_secure_link_module = { | |
80 NGX_MODULE_V1, | |
81 &ngx_http_secure_link_module_ctx, /* module context */ | |
82 ngx_http_secure_link_commands, /* module directives */ | |
83 NGX_HTTP_MODULE, /* module type */ | |
84 NULL, /* init master */ | |
85 NULL, /* init module */ | |
86 NULL, /* init process */ | |
87 NULL, /* init thread */ | |
88 NULL, /* exit thread */ | |
89 NULL, /* exit process */ | |
90 NULL, /* exit master */ | |
91 NGX_MODULE_V1_PADDING | |
92 }; | |
93 | |
94 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
95 static ngx_str_t ngx_http_secure_link_name = ngx_string("secure_link"); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
96 static ngx_str_t ngx_http_secure_link_expires_name = |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
97 ngx_string("secure_link_expires"); |
2260 | 98 |
99 | |
100 static ngx_int_t | |
101 ngx_http_secure_link_variable(ngx_http_request_t *r, | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
102 ngx_http_variable_value_t *v, uintptr_t data) |
2260 | 103 { |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
104 u_char *p, *last; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
105 ngx_str_t val, hash; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
106 time_t expires; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
107 ngx_md5_t md5; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
108 ngx_http_secure_link_ctx_t *ctx; |
2260 | 109 ngx_http_secure_link_conf_t *conf; |
7094
c7d4017c8876
Secure link: fixed stack buffer overflow.
Roman Arutyunyan <arut@nginx.com>
parents:
5017
diff
changeset
|
110 u_char hash_buf[18], md5_buf[16]; |
2260 | 111 |
112 conf = ngx_http_get_module_loc_conf(r, ngx_http_secure_link_module); | |
113 | |
5017
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
114 if (conf->secret.data) { |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
115 return ngx_http_secure_link_old_variable(r, conf, v, data); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
116 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
117 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
118 if (conf->variable == NULL || conf->md5 == NULL) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
119 goto not_found; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
120 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
121 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
122 if (ngx_http_complex_value(r, conf->variable, &val) != NGX_OK) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
123 return NGX_ERROR; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
124 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
125 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
126 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
127 "secure link: \"%V\"", &val); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
128 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
129 last = val.data + val.len; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
130 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
131 p = ngx_strlchr(val.data, last, ','); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
132 expires = 0; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
133 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
134 if (p) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
135 val.len = p++ - val.data; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
136 |
3760
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
137 expires = ngx_atotm(p, last - p); |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
138 if (expires <= 0) { |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
139 goto not_found; |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
140 } |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
141 |
3760
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
142 ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_secure_link_ctx_t)); |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
143 if (ctx == NULL) { |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
144 return NGX_ERROR; |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
145 } |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
146 |
3760
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
147 ngx_http_set_ctx(r, ctx, ngx_http_secure_link_module); |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
148 |
3760
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
149 ctx->expires.len = last - p; |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
150 ctx->expires.data = p; |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
151 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
152 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
153 if (val.len > 24) { |
2260 | 154 goto not_found; |
155 } | |
156 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
157 hash.data = hash_buf; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
158 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
159 if (ngx_decode_base64url(&hash, &val) != NGX_OK) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
160 goto not_found; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
161 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
162 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
163 if (hash.len != 16) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
164 goto not_found; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
165 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
166 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
167 if (ngx_http_complex_value(r, conf->md5, &val) != NGX_OK) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
168 return NGX_ERROR; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
169 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
170 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
171 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
172 "secure link md5: \"%V\"", &val); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
173 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
174 ngx_md5_init(&md5); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
175 ngx_md5_update(&md5, val.data, val.len); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
176 ngx_md5_final(md5_buf, &md5); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
177 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
178 if (ngx_memcmp(hash_buf, md5_buf, 16) != 0) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
179 goto not_found; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
180 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
181 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
182 v->data = (u_char *) ((expires && expires < ngx_time()) ? "0" : "1"); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
183 v->len = 1; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
184 v->valid = 1; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
185 v->no_cacheable = 0; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
186 v->not_found = 0; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
187 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
188 return NGX_OK; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
189 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
190 not_found: |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
191 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
192 v->not_found = 1; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
193 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
194 return NGX_OK; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
195 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
196 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
197 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
198 static ngx_int_t |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
199 ngx_http_secure_link_old_variable(ngx_http_request_t *r, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
200 ngx_http_secure_link_conf_t *conf, ngx_http_variable_value_t *v, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
201 uintptr_t data) |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
202 { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
203 u_char *p, *start, *end, *last; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
204 size_t len; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
205 ngx_int_t n; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
206 ngx_uint_t i; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
207 ngx_md5_t md5; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
208 u_char hash[16]; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
209 |
2260 | 210 p = &r->unparsed_uri.data[1]; |
211 last = r->unparsed_uri.data + r->unparsed_uri.len; | |
212 | |
213 while (p < last) { | |
214 if (*p++ == '/') { | |
215 start = p; | |
216 goto md5_start; | |
217 } | |
218 } | |
219 | |
220 goto not_found; | |
221 | |
222 md5_start: | |
223 | |
224 while (p < last) { | |
225 if (*p++ == '/') { | |
226 end = p - 1; | |
227 goto url_start; | |
228 } | |
229 } | |
230 | |
231 goto not_found; | |
232 | |
233 url_start: | |
234 | |
235 len = last - p; | |
236 | |
2279 | 237 if (end - start != 32 || len == 0) { |
2260 | 238 goto not_found; |
239 } | |
240 | |
241 ngx_md5_init(&md5); | |
242 ngx_md5_update(&md5, p, len); | |
243 ngx_md5_update(&md5, conf->secret.data, conf->secret.len); | |
244 ngx_md5_final(hash, &md5); | |
245 | |
246 for (i = 0; i < 16; i++) { | |
247 n = ngx_hextoi(&start[2 * i], 2); | |
248 if (n == NGX_ERROR || n != hash[i]) { | |
249 goto not_found; | |
250 } | |
251 } | |
252 | |
253 v->len = len; | |
254 v->valid = 1; | |
255 v->no_cacheable = 0; | |
256 v->not_found = 0; | |
257 v->data = p; | |
258 | |
259 return NGX_OK; | |
260 | |
261 not_found: | |
262 | |
263 v->not_found = 1; | |
264 | |
265 return NGX_OK; | |
266 } | |
267 | |
268 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
269 static ngx_int_t |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
270 ngx_http_secure_link_expires_variable(ngx_http_request_t *r, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
271 ngx_http_variable_value_t *v, uintptr_t data) |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
272 { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
273 ngx_http_secure_link_ctx_t *ctx; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
274 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
275 ctx = ngx_http_get_module_ctx(r, ngx_http_secure_link_module); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
276 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
277 if (ctx) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
278 v->len = ctx->expires.len; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
279 v->valid = 1; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
280 v->no_cacheable = 0; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
281 v->not_found = 0; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
282 v->data = ctx->expires.data; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
283 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
284 } else { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
285 v->not_found = 1; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
286 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
287 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
288 return NGX_OK; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
289 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
290 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
291 |
2260 | 292 static void * |
293 ngx_http_secure_link_create_conf(ngx_conf_t *cf) | |
294 { | |
295 ngx_http_secure_link_conf_t *conf; | |
296 | |
297 conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_secure_link_conf_t)); | |
298 if (conf == NULL) { | |
2912
c7d57b539248
return NULL instead of NGX_CONF_ERROR on a create conf failure
Igor Sysoev <igor@sysoev.ru>
parents:
2279
diff
changeset
|
299 return NULL; |
2260 | 300 } |
301 | |
302 /* | |
303 * set by ngx_pcalloc(): | |
304 * | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
305 * conf->secret = { 0, NULL }; |
2260 | 306 */ |
307 | |
7831
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7094
diff
changeset
|
308 conf->variable = NGX_CONF_UNSET_PTR; |
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7094
diff
changeset
|
309 conf->md5 = NGX_CONF_UNSET_PTR; |
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7094
diff
changeset
|
310 |
2260 | 311 return conf; |
312 } | |
313 | |
314 | |
315 static char * | |
316 ngx_http_secure_link_merge_conf(ngx_conf_t *cf, void *parent, void *child) | |
317 { | |
318 ngx_http_secure_link_conf_t *prev = parent; | |
319 ngx_http_secure_link_conf_t *conf = child; | |
320 | |
5017
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
321 if (conf->secret.data) { |
7831
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7094
diff
changeset
|
322 ngx_conf_init_ptr_value(conf->variable, NULL); |
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7094
diff
changeset
|
323 ngx_conf_init_ptr_value(conf->md5, NULL); |
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7094
diff
changeset
|
324 |
5017
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
325 if (conf->variable || conf->md5) { |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
326 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
327 "\"secure_link_secret\" cannot be mixed with " |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
328 "\"secure_link\" and \"secure_link_md5\""); |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
329 return NGX_CONF_ERROR; |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
330 } |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
331 |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
332 return NGX_CONF_OK; |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
333 } |
2260 | 334 |
7831
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7094
diff
changeset
|
335 ngx_conf_merge_ptr_value(conf->variable, prev->variable, NULL); |
bdd4d89370a7
Changed complex value slots to use NGX_CONF_UNSET_PTR.
Maxim Dounin <mdounin@mdounin.ru>
parents:
7094
diff
changeset
|
336 ngx_conf_merge_ptr_value(conf->md5, prev->md5, NULL); |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
337 |
5017
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
338 if (conf->variable == NULL && conf->md5 == NULL) { |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
339 conf->secret = prev->secret; |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
340 } |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
341 |
2260 | 342 return NGX_CONF_OK; |
343 } | |
344 | |
345 | |
346 static ngx_int_t | |
347 ngx_http_secure_link_add_variables(ngx_conf_t *cf) | |
348 { | |
349 ngx_http_variable_t *var; | |
350 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
351 var = ngx_http_add_variable(cf, &ngx_http_secure_link_name, 0); |
2260 | 352 if (var == NULL) { |
353 return NGX_ERROR; | |
354 } | |
355 | |
356 var->get_handler = ngx_http_secure_link_variable; | |
357 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
358 var = ngx_http_add_variable(cf, &ngx_http_secure_link_expires_name, 0); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
359 if (var == NULL) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
360 return NGX_ERROR; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
361 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
362 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
363 var->get_handler = ngx_http_secure_link_expires_variable; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
364 |
2260 | 365 return NGX_OK; |
366 } |