Mercurial > hg > nginx

annotate src/http/modules/ngx_http_realip_module.c @ 3273:fe71be4a02f1

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
support IPv6 addresses in Real IP headers
author Igor Sysoev <igor@sysoev.ru>
date Mon, 02 Nov 2009 16:24:27 +0000
parents fb4f7605505f
children 95b0b0d7843f
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
1
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
2 /*
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
3 * Copyright (C) Igor Sysoev
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
4 */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
5
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
6
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
7 #include <ngx_config.h>
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
8 #include <ngx_core.h>
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
9 #include <ngx_http.h>
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
10
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
11
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
12 #define NGX_HTTP_REALIP_XREALIP 0
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
13 #define NGX_HTTP_REALIP_XFWD 1
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
14 #define NGX_HTTP_REALIP_HEADER 2
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
15
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
16
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
17 typedef struct {
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
18 in_addr_t mask;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
19 in_addr_t addr;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
20 } ngx_http_realip_from_t;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
21
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
22
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
23 typedef struct {
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
24 ngx_array_t *from; /* array of ngx_http_realip_from_t */
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
25 ngx_uint_t type;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
26 ngx_uint_t hash;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
27 ngx_str_t header;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
28 } ngx_http_realip_loc_conf_t;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
29
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
30
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
31 typedef struct {
3273
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
32 ngx_connection_t *connection;
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
33 struct sockaddr *sockaddr;
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
34 socklen_t socklen;
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
35 ngx_str_t addr_text;
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
36 } ngx_http_realip_ctx_t;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
37
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
38
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
39 static ngx_int_t ngx_http_realip_handler(ngx_http_request_t *r);
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
40 static void ngx_http_realip_cleanup(void *data);
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
41 static char *ngx_http_realip_from(ngx_conf_t *cf, ngx_command_t *cmd,
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
42 void *conf);
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
43 static char *ngx_http_realip(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
44 static void *ngx_http_realip_create_loc_conf(ngx_conf_t *cf);
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
45 static char *ngx_http_realip_merge_loc_conf(ngx_conf_t *cf,
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
46 void *parent, void *child);
681
7e24168b0853 nginx-0.4.0-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents: 667
diff changeset
47 static ngx_int_t ngx_http_realip_init(ngx_conf_t *cf);
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
48
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
49
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
50 static ngx_command_t ngx_http_realip_commands[] = {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
51
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
52 { ngx_string("set_real_ip_from"),
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
53 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
54 ngx_http_realip_from,
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
55 NGX_HTTP_LOC_CONF_OFFSET,
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
56 0,
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
57 NULL },
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
58
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
59 { ngx_string("real_ip_header"),
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
60 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
61 ngx_http_realip,
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
62 NGX_HTTP_LOC_CONF_OFFSET,
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
63 0,
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
64 NULL },
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
65
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
66 ngx_null_command
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
67 };
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
68
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
69
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
70
667
63a820b0bc6c nginx-0.3.55-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents: 663
diff changeset
71 static ngx_http_module_t ngx_http_realip_module_ctx = {
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
72 NULL, /* preconfiguration */
681
7e24168b0853 nginx-0.4.0-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents: 667
diff changeset
73 ngx_http_realip_init, /* postconfiguration */
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
74
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
75 NULL, /* create main configuration */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
76 NULL, /* init main configuration */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
77
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
78 NULL, /* create server configuration */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
79 NULL, /* merge server configuration */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
80
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
81 ngx_http_realip_create_loc_conf, /* create location configuration */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
82 ngx_http_realip_merge_loc_conf /* merge location configuration */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
83 };
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
84
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
85
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
86 ngx_module_t ngx_http_realip_module = {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
87 NGX_MODULE_V1,
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
88 &ngx_http_realip_module_ctx, /* module context */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
89 ngx_http_realip_commands, /* module directives */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
90 NGX_HTTP_MODULE, /* module type */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
91 NULL, /* init master */
681
7e24168b0853 nginx-0.4.0-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents: 667
diff changeset
92 NULL, /* init module */
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
93 NULL, /* init process */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
94 NULL, /* init thread */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
95 NULL, /* exit thread */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
96 NULL, /* exit process */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
97 NULL, /* exit master */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
98 NGX_MODULE_V1_PADDING
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
99 };
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
100
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
101
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
102 static ngx_int_t
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
103 ngx_http_realip_handler(ngx_http_request_t *r)
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
104 {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
105 u_char *ip, *p;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
106 size_t len;
3273
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
107 ngx_int_t rc;
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
108 ngx_uint_t i, hash;
3273
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
109 ngx_addr_t addr;
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
110 ngx_list_part_t *part;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
111 ngx_table_elt_t *header;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
112 struct sockaddr_in *sin;
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
113 ngx_connection_t *c;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
114 ngx_pool_cleanup_t *cln;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
115 ngx_http_realip_ctx_t *ctx;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
116 ngx_http_realip_from_t *from;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
117 ngx_http_realip_loc_conf_t *rlcf;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
118
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
119 ctx = ngx_http_get_module_ctx(r, ngx_http_realip_module);
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
120
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
121 if (ctx) {
986
68c85f283043 ngx_http_realip_module must return NGX_DECLINED
Igor Sysoev <igor@sysoev.ru>
parents: 681
diff changeset
122 return NGX_DECLINED;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
123 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
124
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
125 cln = ngx_pool_cleanup_add(r->pool, sizeof(ngx_http_realip_ctx_t));
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
126 if (cln == NULL) {
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
127 return NGX_HTTP_INTERNAL_SERVER_ERROR;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
128 }
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
129
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
130 rlcf = ngx_http_get_module_loc_conf(r, ngx_http_realip_module);
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
131
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
132 if (rlcf->from == NULL) {
986
68c85f283043 ngx_http_realip_module must return NGX_DECLINED
Igor Sysoev <igor@sysoev.ru>
parents: 681
diff changeset
133 return NGX_DECLINED;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
134 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
135
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
136 switch (rlcf->type) {
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
137
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
138 case NGX_HTTP_REALIP_XREALIP:
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
139
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
140 if (r->headers_in.x_real_ip == NULL) {
986
68c85f283043 ngx_http_realip_module must return NGX_DECLINED
Igor Sysoev <igor@sysoev.ru>
parents: 681
diff changeset
141 return NGX_DECLINED;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
142 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
143
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
144 len = r->headers_in.x_real_ip->value.len;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
145 ip = r->headers_in.x_real_ip->value.data;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
146
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
147 break;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
148
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
149 case NGX_HTTP_REALIP_XFWD:
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
150
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
151 if (r->headers_in.x_forwarded_for == NULL) {
986
68c85f283043 ngx_http_realip_module must return NGX_DECLINED
Igor Sysoev <igor@sysoev.ru>
parents: 681
diff changeset
152 return NGX_DECLINED;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
153 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
154
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
155 len = r->headers_in.x_forwarded_for->value.len;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
156 ip = r->headers_in.x_forwarded_for->value.data;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
157
1114
3f354952e91d fix broken values, debug logging, and style fix
Igor Sysoev <igor@sysoev.ru>
parents: 986
diff changeset
158 for (p = ip + len - 1; p > ip; p--) {
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
159 if (*p == ' ' || *p == ',') {
1114
3f354952e91d fix broken values, debug logging, and style fix
Igor Sysoev <igor@sysoev.ru>
parents: 986
diff changeset
160 p++;
3f354952e91d fix broken values, debug logging, and style fix
Igor Sysoev <igor@sysoev.ru>
parents: 986
diff changeset
161 len -= p - ip;
3f354952e91d fix broken values, debug logging, and style fix
Igor Sysoev <igor@sysoev.ru>
parents: 986
diff changeset
162 ip = p;
3f354952e91d fix broken values, debug logging, and style fix
Igor Sysoev <igor@sysoev.ru>
parents: 986
diff changeset
163 break;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
164 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
165 }
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
166
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
167 break;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
168
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
169 default: /* NGX_HTTP_REALIP_HEADER */
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
170
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
171 part = &r->headers_in.headers.part;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
172 header = part->elts;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
173
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
174 hash = rlcf->hash;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
175 len = rlcf->header.len;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
176 p = rlcf->header.data;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
177
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
178 for (i = 0; /* void */ ; i++) {
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
179
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
180 if (i >= part->nelts) {
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
181 if (part->next == NULL) {
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
182 break;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
183 }
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
184
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
185 part = part->next;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
186 header = part->elts;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
187 i = 0;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
188 }
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
189
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
190 if (hash == header[i].hash
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
191 && len == header[i].key.len
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
192 && ngx_strncmp(p, header[i].lowcase_key, len) == 0)
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
193 {
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
194 len = header[i].value.len;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
195 ip = header[i].value.data;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
196
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
197 goto found;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
198 }
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
199 }
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
200
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
201 return NGX_DECLINED;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
202 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
203
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
204 found:
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
205
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
206 c = r->connection;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
207
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
208 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, "realip: \"%s\"", ip);
1114
3f354952e91d fix broken values, debug logging, and style fix
Igor Sysoev <igor@sysoev.ru>
parents: 986
diff changeset
209
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
210 /* AF_INET only */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
211
2512
2e91aecb9e57 a prelimiary IPv6 support, HTTP listen
Igor Sysoev <igor@sysoev.ru>
parents: 2257
diff changeset
212 if (r->connection->sockaddr->sa_family != AF_INET) {
2e91aecb9e57 a prelimiary IPv6 support, HTTP listen
Igor Sysoev <igor@sysoev.ru>
parents: 2257
diff changeset
213 return NGX_DECLINED;
2e91aecb9e57 a prelimiary IPv6 support, HTTP listen
Igor Sysoev <igor@sysoev.ru>
parents: 2257
diff changeset
214 }
2e91aecb9e57 a prelimiary IPv6 support, HTTP listen
Igor Sysoev <igor@sysoev.ru>
parents: 2257
diff changeset
215
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
216 sin = (struct sockaddr_in *) c->sockaddr;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
217
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
218 from = rlcf->from->elts;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
219 for (i = 0; i < rlcf->from->nelts; i++) {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
220
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
221 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, c->log, 0,
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
222 "realip: %08XD %08XD %08XD",
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
223 sin->sin_addr.s_addr, from[i].mask, from[i].addr);
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
224
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
225 if ((sin->sin_addr.s_addr & from[i].mask) == from[i].addr) {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
226
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
227 ctx = cln->data;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
228
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
229 ngx_http_set_ctx(r, ctx, ngx_http_realip_module);
1114
3f354952e91d fix broken values, debug logging, and style fix
Igor Sysoev <igor@sysoev.ru>
parents: 986
diff changeset
230
3273
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
231 rc = ngx_parse_addr(c->pool, &addr, ip, len);
1114
3f354952e91d fix broken values, debug logging, and style fix
Igor Sysoev <igor@sysoev.ru>
parents: 986
diff changeset
232
3273
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
233 switch (rc) {
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
234 case NGX_DECLINED:
1114
3f354952e91d fix broken values, debug logging, and style fix
Igor Sysoev <igor@sysoev.ru>
parents: 986
diff changeset
235 return NGX_DECLINED;
3273
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
236 case NGX_ERROR:
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
237 return NGX_HTTP_INTERNAL_SERVER_ERROR;
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
238 default: /* NGX_OK */
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
239 break;
1114
3f354952e91d fix broken values, debug logging, and style fix
Igor Sysoev <igor@sysoev.ru>
parents: 986
diff changeset
240 }
3f354952e91d fix broken values, debug logging, and style fix
Igor Sysoev <igor@sysoev.ru>
parents: 986
diff changeset
241
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
242 p = ngx_pnalloc(c->pool, len);
1118
cec2866f29bd a client address must be allocated from a connection pool
Igor Sysoev <igor@sysoev.ru>
parents: 1114
diff changeset
243 if (p == NULL) {
cec2866f29bd a client address must be allocated from a connection pool
Igor Sysoev <igor@sysoev.ru>
parents: 1114
diff changeset
244 return NGX_HTTP_INTERNAL_SERVER_ERROR;
cec2866f29bd a client address must be allocated from a connection pool
Igor Sysoev <igor@sysoev.ru>
parents: 1114
diff changeset
245 }
cec2866f29bd a client address must be allocated from a connection pool
Igor Sysoev <igor@sysoev.ru>
parents: 1114
diff changeset
246
cec2866f29bd a client address must be allocated from a connection pool
Igor Sysoev <igor@sysoev.ru>
parents: 1114
diff changeset
247 ngx_memcpy(p, ip, len);
cec2866f29bd a client address must be allocated from a connection pool
Igor Sysoev <igor@sysoev.ru>
parents: 1114
diff changeset
248
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
249 cln->handler = ngx_http_realip_cleanup;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
250
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
251 ctx->connection = c;
3273
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
252 ctx->sockaddr = c->sockaddr;
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
253 ctx->socklen = c->socklen;
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
254 ctx->addr_text = c->addr_text;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
255
3273
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
256 c->sockaddr = addr.sockaddr;
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
257 c->socklen = addr.socklen;
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
258 c->addr_text.len = len;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
259 c->addr_text.data = p;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
260
986
68c85f283043 ngx_http_realip_module must return NGX_DECLINED
Igor Sysoev <igor@sysoev.ru>
parents: 681
diff changeset
261 return NGX_DECLINED;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
262 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
263 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
264
986
68c85f283043 ngx_http_realip_module must return NGX_DECLINED
Igor Sysoev <igor@sysoev.ru>
parents: 681
diff changeset
265 return NGX_DECLINED;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
266 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
267
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
268
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
269 static void
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
270 ngx_http_realip_cleanup(void *data)
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
271 {
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
272 ngx_http_realip_ctx_t *ctx = data;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
273
3273
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
274 ngx_connection_t *c;
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
275
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
276 c = ctx->connection;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
277
3273
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
278 c->sockaddr = ctx->sockaddr;
fe71be4a02f1 support IPv6 addresses in Real IP headers
Igor Sysoev <igor@sysoev.ru>
parents: 3267
diff changeset
279 c->socklen = ctx->socklen;
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
280 c->addr_text = ctx->addr_text;
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
281 }
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
282
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
283
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
284 static char *
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
285 ngx_http_realip_from(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
286 {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
287 ngx_http_realip_loc_conf_t *rlcf = conf;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
288
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
289 ngx_int_t rc;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
290 ngx_str_t *value;
2537
a472d954c534 prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents: 2512
diff changeset
291 ngx_cidr_t cidr;
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
292 ngx_http_realip_from_t *from;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
293
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
294 if (rlcf->from == NULL) {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
295 rlcf->from = ngx_array_create(cf->pool, 2,
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
296 sizeof(ngx_http_realip_from_t));
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
297 if (rlcf->from == NULL) {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
298 return NGX_CONF_ERROR;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
299 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
300 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
301
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
302 from = ngx_array_push(rlcf->from);
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
303 if (from == NULL) {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
304 return NGX_CONF_ERROR;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
305 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
306
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
307 value = cf->args->elts;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
308
2537
a472d954c534 prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents: 2512
diff changeset
309 rc = ngx_ptocidr(&value[1], &cidr);
1380
b590a528fd41 ignore meaningless bits in CIDR and warn about them
Igor Sysoev <igor@sysoev.ru>
parents: 1118
diff changeset
310
b590a528fd41 ignore meaningless bits in CIDR and warn about them
Igor Sysoev <igor@sysoev.ru>
parents: 1118
diff changeset
311 if (rc == NGX_ERROR) {
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
312 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid parameter \"%V\"",
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
313 &value[1]);
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
314 return NGX_CONF_ERROR;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
315 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
316
2537
a472d954c534 prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents: 2512
diff changeset
317 if (cidr.family != AF_INET) {
a472d954c534 prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents: 2512
diff changeset
318 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
a472d954c534 prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents: 2512
diff changeset
319 "\"realip_from\" supports IPv4 only");
a472d954c534 prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents: 2512
diff changeset
320 return NGX_CONF_ERROR;
a472d954c534 prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents: 2512
diff changeset
321 }
a472d954c534 prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents: 2512
diff changeset
322
1380
b590a528fd41 ignore meaningless bits in CIDR and warn about them
Igor Sysoev <igor@sysoev.ru>
parents: 1118
diff changeset
323 if (rc == NGX_DONE) {
b590a528fd41 ignore meaningless bits in CIDR and warn about them
Igor Sysoev <igor@sysoev.ru>
parents: 1118
diff changeset
324 ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
b590a528fd41 ignore meaningless bits in CIDR and warn about them
Igor Sysoev <igor@sysoev.ru>
parents: 1118
diff changeset
325 "low address bits of %V are meaningless", &value[1]);
b590a528fd41 ignore meaningless bits in CIDR and warn about them
Igor Sysoev <igor@sysoev.ru>
parents: 1118
diff changeset
326 }
b590a528fd41 ignore meaningless bits in CIDR and warn about them
Igor Sysoev <igor@sysoev.ru>
parents: 1118
diff changeset
327
2537
a472d954c534 prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents: 2512
diff changeset
328 from->mask = cidr.u.in.mask;
a472d954c534 prepare ngx_ptocidr() for IPv6
Igor Sysoev <igor@sysoev.ru>
parents: 2512
diff changeset
329 from->addr = cidr.u.in.addr;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
330
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
331 return NGX_CONF_OK;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
332 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
333
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
334
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
335 static char *
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
336 ngx_http_realip(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
337 {
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
338 ngx_http_realip_loc_conf_t *rlcf = conf;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
339
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
340 ngx_str_t *value;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
341
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
342 value = cf->args->elts;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
343
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
344 if (ngx_strcmp(value[1].data, "X-Real-IP") == 0) {
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
345 rlcf->type = NGX_HTTP_REALIP_XREALIP;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
346 return NGX_CONF_OK;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
347 }
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
348
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
349 if (ngx_strcmp(value[1].data, "X-Forwarded-For") == 0) {
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
350 rlcf->type = NGX_HTTP_REALIP_XFWD;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
351 return NGX_CONF_OK;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
352 }
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
353
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
354 rlcf->type = NGX_HTTP_REALIP_HEADER;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
355 rlcf->hash = ngx_hash_strlow(value[1].data, value[1].data, value[1].len);
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
356 rlcf->header = value[1];
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
357
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
358 return NGX_CONF_OK;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
359 }
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
360
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
361
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
362 static void *
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
363 ngx_http_realip_create_loc_conf(ngx_conf_t *cf)
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
364 {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
365 ngx_http_realip_loc_conf_t *conf;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
366
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
367 conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_realip_loc_conf_t));
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
368 if (conf == NULL) {
2912
c7d57b539248 return NULL instead of NGX_CONF_ERROR on a create conf failure
Igor Sysoev <igor@sysoev.ru>
parents: 2537
diff changeset
369 return NULL;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
370 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
371
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
372 /*
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
373 * set by ngx_pcalloc():
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
374 *
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
375 * conf->from = NULL;
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
376 * conf->hash = 0;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
377 * conf->header = { 0, NULL };
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
378 */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
379
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
380 conf->type = NGX_CONF_UNSET_UINT;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
381
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
382 return conf;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
383 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
384
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
385
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
386 static char *
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
387 ngx_http_realip_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
388 {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
389 ngx_http_realip_loc_conf_t *prev = parent;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
390 ngx_http_realip_loc_conf_t *conf = child;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
391
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
392 if (conf->from == NULL) {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
393 conf->from = prev->from;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
394 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
395
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
396 ngx_conf_merge_uint_value(conf->type, prev->type, NGX_HTTP_REALIP_XREALIP);
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
397
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
398 if (conf->header.len == 0) {
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
399 conf->hash = prev->hash;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
400 conf->header = prev->header;
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
401 }
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
402
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
403 return NGX_CONF_OK;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
404 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
405
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
406
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
407 static ngx_int_t
681
7e24168b0853 nginx-0.4.0-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents: 667
diff changeset
408 ngx_http_realip_init(ngx_conf_t *cf)
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
409 {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
410 ngx_http_handler_pt *h;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
411 ngx_http_core_main_conf_t *cmcf;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
412
681
7e24168b0853 nginx-0.4.0-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents: 667
diff changeset
413 cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
414
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
415 h = ngx_array_push(&cmcf->phases[NGX_HTTP_POST_READ_PHASE].handlers);
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
416 if (h == NULL) {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
417 return NGX_ERROR;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
418 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
419
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
420 *h = ngx_http_realip_handler;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
421
581
326634fb9d47 nginx-0.3.12-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents: 573
diff changeset
422 h = ngx_array_push(&cmcf->phases[NGX_HTTP_PREACCESS_PHASE].handlers);
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
423 if (h == NULL) {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
424 return NGX_ERROR;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
425 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
426
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
427 *h = ngx_http_realip_handler;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
428
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
429 return NGX_OK;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
430 }