Mercurial > hg > nginx

annotate src/mail/ngx_mail_realip_module.c @ 9292:7654ad1366ef default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
release-1.27.1 tag
author Maxim Dounin <mdounin@mdounin.ru>
date Tue, 04 Jun 2024 16:55:54 +0300
parents ef4bdbbce57e
children
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
1
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
2 /*
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
3 * Copyright (C) Igor Sysoev
4412
d620f497c50f Copyright updated.
Maxim Konovalov <maxim@nginx.com>
parents: 3305
diff changeset
4 * Copyright (C) Nginx, Inc.
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
5 */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
6
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
7
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
8 #include <ngx_config.h>
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
9 #include <ngx_core.h>
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
10 #include <ngx_mail.h>
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
11
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
12
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
13 typedef struct {
4624
df93068953c0 realip: chains of trusted proxies and IPv6 support.
Ruslan Ermilov <ru@nginx.com>
parents: 4562
diff changeset
14 ngx_array_t *from; /* array of ngx_cidr_t */
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
15 } ngx_mail_realip_srv_conf_t;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
16
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
17
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
18 static ngx_int_t ngx_mail_realip_set_addr(ngx_mail_session_t *s,
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
19 ngx_addr_t *addr);
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
20 static char *ngx_mail_realip_from(ngx_conf_t *cf, ngx_command_t *cmd,
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
21 void *conf);
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
22 static void *ngx_mail_realip_create_srv_conf(ngx_conf_t *cf);
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
23 static char *ngx_mail_realip_merge_srv_conf(ngx_conf_t *cf, void *parent,
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
24 void *child);
6294
cebe43bace93 Realip: the $realip_remote_addr variable.
Ruslan Ermilov <ru@nginx.com>
parents: 5605
diff changeset
25
cebe43bace93 Realip: the $realip_remote_addr variable.
Ruslan Ermilov <ru@nginx.com>
parents: 5605
diff changeset
26
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
27 static ngx_command_t ngx_mail_realip_commands[] = {
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
28
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
29 { ngx_string("set_real_ip_from"),
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
30 NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
31 ngx_mail_realip_from,
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
32 NGX_MAIL_SRV_CONF_OFFSET,
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
33 0,
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
34 NULL },
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
35
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
36 ngx_null_command
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
37 };
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
38
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
39
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
40 static ngx_mail_module_t ngx_mail_realip_module_ctx = {
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
41 NULL, /* protocol */
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
42
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
43 NULL, /* create main configuration */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
44 NULL, /* init main configuration */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
45
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
46 ngx_mail_realip_create_srv_conf, /* create server configuration */
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
47 ngx_mail_realip_merge_srv_conf /* merge server configuration */
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
48 };
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
49
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
50
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
51 ngx_module_t ngx_mail_realip_module = {
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
52 NGX_MODULE_V1,
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
53 &ngx_mail_realip_module_ctx, /* module context */
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
54 ngx_mail_realip_commands, /* module directives */
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
55 NGX_MAIL_MODULE, /* module type */
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
56 NULL, /* init master */
681
7e24168b0853 nginx-0.4.0-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents: 667
diff changeset
57 NULL, /* init module */
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
58 NULL, /* init process */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
59 NULL, /* init thread */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
60 NULL, /* exit thread */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
61 NULL, /* exit process */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
62 NULL, /* exit master */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
63 NGX_MODULE_V1_PADDING
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
64 };
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
65
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
66
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
67 ngx_int_t
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
68 ngx_mail_realip_handler(ngx_mail_session_t *s)
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
69 {
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
70 ngx_addr_t addr;
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
71 ngx_connection_t *c;
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
72 ngx_mail_realip_srv_conf_t *rscf;
6562
b13d3a6f0512 Added the $realip_remote_port variable.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6474
diff changeset
73
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
74 rscf = ngx_mail_get_module_srv_conf(s, ngx_mail_realip_module);
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
75
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
76 if (rscf->from == NULL) {
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
77 return NGX_OK;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
78 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
79
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
80 c = s->connection;
5605
3a72b1805c52 Added server-side support for PROXY protocol v1 (ticket #355).
Roman Arutyunyan <arut@nginx.com>
parents: 5263
diff changeset
81
7590
06b01840bd42 Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents: 7077
diff changeset
82 if (c->proxy_protocol == NULL) {
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
83 return NGX_OK;
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
84 }
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
85
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
86 if (ngx_cidr_match(c->sockaddr, rscf->from) != NGX_OK) {
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
87 return NGX_OK;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
88 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
89
7590
06b01840bd42 Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents: 7077
diff changeset
90 if (ngx_parse_addr(c->pool, &addr, c->proxy_protocol->src_addr.data,
06b01840bd42 Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents: 7077
diff changeset
91 c->proxy_protocol->src_addr.len)
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
92 != NGX_OK)
4624
df93068953c0 realip: chains of trusted proxies and IPv6 support.
Ruslan Ermilov <ru@nginx.com>
parents: 4562
diff changeset
93 {
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
94 return NGX_OK;
3274
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
95 }
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
96
7590
06b01840bd42 Core: moved PROXY protocol fields out of ngx_connection_t.
Roman Arutyunyan <arut@nginx.com>
parents: 7077
diff changeset
97 ngx_inet_set_port(addr.sockaddr, c->proxy_protocol->src_port);
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
98
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
99 return ngx_mail_realip_set_addr(s, &addr);
3274
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
100 }
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
101
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
102
3274
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
103 static ngx_int_t
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
104 ngx_mail_realip_set_addr(ngx_mail_session_t *s, ngx_addr_t *addr)
3274
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
105 {
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
106 size_t len;
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
107 u_char *p;
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
108 u_char text[NGX_SOCKADDR_STRLEN];
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
109 ngx_connection_t *c;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
110
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
111 c = s->connection;
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
112
5263
05ba5bce31e0 Core: extended ngx_sock_ntop() with socklen parameter.
Vladimir Homutov <vl@nginx.com>
parents: 5084
diff changeset
113 len = ngx_sock_ntop(addr->sockaddr, addr->socklen, text,
05ba5bce31e0 Core: extended ngx_sock_ntop() with socklen parameter.
Vladimir Homutov <vl@nginx.com>
parents: 5084
diff changeset
114 NGX_SOCKADDR_STRLEN, 0);
4624
df93068953c0 realip: chains of trusted proxies and IPv6 support.
Ruslan Ermilov <ru@nginx.com>
parents: 4562
diff changeset
115 if (len == 0) {
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
116 return NGX_ERROR;
3274
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
117 }
1114
3f354952e91d fix broken values, debug logging, and style fix
Igor Sysoev <igor@sysoev.ru>
parents: 986
diff changeset
118
3274
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
119 p = ngx_pnalloc(c->pool, len);
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
120 if (p == NULL) {
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
121 return NGX_ERROR;
3274
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
122 }
1118
cec2866f29bd a client address must be allocated from a connection pool
Igor Sysoev <igor@sysoev.ru>
parents: 1114
diff changeset
123
4624
df93068953c0 realip: chains of trusted proxies and IPv6 support.
Ruslan Ermilov <ru@nginx.com>
parents: 4562
diff changeset
124 ngx_memcpy(p, text, len);
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
125
4624
df93068953c0 realip: chains of trusted proxies and IPv6 support.
Ruslan Ermilov <ru@nginx.com>
parents: 4562
diff changeset
126 c->sockaddr = addr->sockaddr;
df93068953c0 realip: chains of trusted proxies and IPv6 support.
Ruslan Ermilov <ru@nginx.com>
parents: 4562
diff changeset
127 c->socklen = addr->socklen;
3274
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
128 c->addr_text.len = len;
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
129 c->addr_text.data = p;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
130
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
131 return NGX_OK;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
132 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
133
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
134
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
135 static char *
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
136 ngx_mail_realip_from(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
2176
29d26406e1bd restore connection address on request closure,
Igor Sysoev <igor@sysoev.ru>
parents: 2049
diff changeset
137 {
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
138 ngx_mail_realip_srv_conf_t *rscf = conf;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
139
6997
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
140 ngx_int_t rc;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
141 ngx_str_t *value;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
142 ngx_url_t u;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
143 ngx_cidr_t c, *cidr;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
144 ngx_uint_t i;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
145 struct sockaddr_in *sin;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
146 #if (NGX_HAVE_INET6)
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
147 struct sockaddr_in6 *sin6;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
148 #endif
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
149
3274
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
150 value = cf->args->elts;
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
151
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
152 if (rscf->from == NULL) {
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
153 rscf->from = ngx_array_create(cf->pool, 2,
4624
df93068953c0 realip: chains of trusted proxies and IPv6 support.
Ruslan Ermilov <ru@nginx.com>
parents: 4562
diff changeset
154 sizeof(ngx_cidr_t));
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
155 if (rscf->from == NULL) {
4624
df93068953c0 realip: chains of trusted proxies and IPv6 support.
Ruslan Ermilov <ru@nginx.com>
parents: 4562
diff changeset
156 return NGX_CONF_ERROR;
df93068953c0 realip: chains of trusted proxies and IPv6 support.
Ruslan Ermilov <ru@nginx.com>
parents: 4562
diff changeset
157 }
df93068953c0 realip: chains of trusted proxies and IPv6 support.
Ruslan Ermilov <ru@nginx.com>
parents: 4562
diff changeset
158 }
df93068953c0 realip: chains of trusted proxies and IPv6 support.
Ruslan Ermilov <ru@nginx.com>
parents: 4562
diff changeset
159
3274
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
160 #if (NGX_HAVE_UNIX_DOMAIN)
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
161
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
162 if (ngx_strcmp(value[1].data, "unix:") == 0) {
6997
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
163 cidr = ngx_array_push(rscf->from);
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
164 if (cidr == NULL) {
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
165 return NGX_CONF_ERROR;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
166 }
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
167
6474
Ruslan Ermilov <ru@nginx.com>
parents: 6294
diff changeset
168 cidr->family = AF_UNIX;
Ruslan Ermilov <ru@nginx.com>
parents: 6294
diff changeset
169 return NGX_CONF_OK;
3274
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
170 }
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
171
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
172 #endif
95b0b0d7843f set_real_ip_from unix:
Igor Sysoev <igor@sysoev.ru>
parents: 3273
diff changeset
173
6997
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
174 rc = ngx_ptocidr(&value[1], &c);
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
175
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
176 if (rc != NGX_ERROR) {
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
177 if (rc == NGX_DONE) {
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
178 ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
179 "low address bits of %V are meaningless",
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
180 &value[1]);
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
181 }
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
182
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
183 cidr = ngx_array_push(rscf->from);
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
184 if (cidr == NULL) {
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
185 return NGX_CONF_ERROR;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
186 }
1380
b590a528fd41 ignore meaningless bits in CIDR and warn about them
Igor Sysoev <igor@sysoev.ru>
parents: 1118
diff changeset
187
6997
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
188 *cidr = c;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
189
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
190 return NGX_CONF_OK;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
191 }
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
192
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
193 ngx_memzero(&u, sizeof(ngx_url_t));
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
194 u.host = value[1];
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
195
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
196 if (ngx_inet_resolve_host(cf->pool, &u) != NGX_OK) {
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
197 if (u.err) {
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
198 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
199 "%s in set_real_ip_from \"%V\"",
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
200 u.err, &u.host);
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
201 }
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
202
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
203 return NGX_CONF_ERROR;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
204 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
205
6997
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
206 cidr = ngx_array_push_n(rscf->from, u.naddrs);
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
207 if (cidr == NULL) {
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
208 return NGX_CONF_ERROR;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
209 }
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
210
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
211 ngx_memzero(cidr, u.naddrs * sizeof(ngx_cidr_t));
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
212
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
213 for (i = 0; i < u.naddrs; i++) {
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
214 cidr[i].family = u.addrs[i].sockaddr->sa_family;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
215
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
216 switch (cidr[i].family) {
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
217
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
218 #if (NGX_HAVE_INET6)
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
219 case AF_INET6:
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
220 sin6 = (struct sockaddr_in6 *) u.addrs[i].sockaddr;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
221 cidr[i].u.in6.addr = sin6->sin6_addr;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
222 ngx_memset(cidr[i].u.in6.mask.s6_addr, 0xff, 16);
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
223 break;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
224 #endif
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
225
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
226 default: /* AF_INET */
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
227 sin = (struct sockaddr_in *) u.addrs[i].sockaddr;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
228 cidr[i].u.in.addr = sin->sin_addr.s_addr;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
229 cidr[i].u.in.mask = 0xffffffff;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
230 break;
df1a62c83b1b Realip: allow hostnames in set_real_ip_from (ticket #1180).
Ruslan Ermilov <ru@nginx.com>
parents: 6693
diff changeset
231 }
1380
b590a528fd41 ignore meaningless bits in CIDR and warn about them
Igor Sysoev <igor@sysoev.ru>
parents: 1118
diff changeset
232 }
b590a528fd41 ignore meaningless bits in CIDR and warn about them
Igor Sysoev <igor@sysoev.ru>
parents: 1118
diff changeset
233
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
234 return NGX_CONF_OK;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
235 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
236
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
237
6684
9cac11efb205 Stream: realip module.
Dmitry Volyntsev <xeioex@nginx.com>
parents: 6671
diff changeset
238 static void *
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
239 ngx_mail_realip_create_srv_conf(ngx_conf_t *cf)
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
240 {
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
241 ngx_mail_realip_srv_conf_t *conf;
2257
74d270c8821e real_ip_header supports any header
Igor Sysoev <igor@sysoev.ru>
parents: 2202
diff changeset
242
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
243 conf = ngx_pcalloc(cf->pool, sizeof(ngx_mail_realip_srv_conf_t));
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
244 if (conf == NULL) {
2912
c7d57b539248 return NULL instead of NGX_CONF_ERROR on a create conf failure
Igor Sysoev <igor@sysoev.ru>
parents: 2537
diff changeset
245 return NULL;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
246 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
247
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
248 /*
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
249 * set by ngx_pcalloc():
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
250 *
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
251 * conf->from = NULL;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
252 */
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
253
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
254 return conf;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
255 }
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
256
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
257
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
258 static char *
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
259 ngx_mail_realip_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
260 {
7795
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
261 ngx_mail_realip_srv_conf_t *prev = parent;
ef4bdbbce57e Mail: realip module.
Maxim Dounin <mdounin@mdounin.ru>
parents: 7590
diff changeset
262 ngx_mail_realip_srv_conf_t *conf = child;
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
263
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
264 if (conf->from == NULL) {
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
265 conf->from = prev->from;
3305
8017f9bda3f6 fix "set_real_ip_from unix:" inheritance
Igor Sysoev <igor@sysoev.ru>
parents: 3291
diff changeset
266 }
8017f9bda3f6 fix "set_real_ip_from unix:" inheritance
Igor Sysoev <igor@sysoev.ru>
parents: 3291
diff changeset
267
573
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
268 return NGX_CONF_OK;
58475592100c nginx-0.3.8-RELEASE import
Igor Sysoev <igor@sysoev.ru>
parents:
diff changeset
269 }