Mercurial > hg > nginx
comparison src/imap/ngx_imap_auth_http_module.c @ 573:58475592100c release-0.3.8
nginx-0.3.8-RELEASE import
*) Security: nginx now checks URI got from a backend in
"X-Accel-Redirect" header line or in SSI file for the "/../" paths
and zeroes.
*) Change: nginx now does not treat the empty user name in the
"Authorization" header line as valid one.
*) Feature: the "ssl_session_timeout" directives of the
ngx_http_ssl_module and ngx_imap_ssl_module.
*) Feature: the "auth_http_header" directive of the
ngx_imap_auth_http_module.
*) Feature: the "add_header" directive.
*) Feature: the ngx_http_realip_module.
*) Feature: the new variables to use in the "log_format" directive:
$bytes_sent, $apache_bytes_sent, $status, $time_gmt, $uri,
$request_time, $request_length, $upstream_status,
$upstream_response_time, $gzip_ratio, $uid_got, $uid_set,
$connection, $pipe, and $msec. The parameters in the "%name" form
will be canceled soon.
*) Change: now the false variable values in the "if" directive are the
empty string "" and string starting with "0".
*) Bugfix: while using proxied or FastCGI-server nginx may leave
connections and temporary files with client requests in open state.
*) Bugfix: the worker processes did not flush the buffered logs on
graceful exit.
*) Bugfix: if the request URI was changes by the "rewrite" directive
and the request was proxied in location given by regular expression,
then the incorrect request was transferred to backend; the bug had
appeared in 0.2.6.
*) Bugfix: the "expires" directive did not remove the previous
"Expires" header.
*) Bugfix: nginx may stop to accept requests if the "rtsig" method and
several worker processes were used.
*) Bugfix: the "\"" and "\'" escape symbols were incorrectly handled in
SSI commands.
*) Bugfix: if the response was ended just after the SSI command and
gzipping was used, then the response did not transferred complete or
did not transferred at all.
author | Igor Sysoev <igor@sysoev.ru> |
---|---|
date | Wed, 09 Nov 2005 17:25:55 +0000 |
parents | 1af2fcb3be8a |
children | 4d9ea73a627a |
comparison
equal
deleted
inserted
replaced
572:ae8920455206 | 573:58475592100c |
---|---|
16 | 16 |
17 ngx_msec_t timeout; | 17 ngx_msec_t timeout; |
18 | 18 |
19 ngx_str_t host_header; | 19 ngx_str_t host_header; |
20 ngx_str_t uri; | 20 ngx_str_t uri; |
21 ngx_str_t header; | |
22 | |
23 ngx_array_t *headers; | |
21 } ngx_imap_auth_http_conf_t; | 24 } ngx_imap_auth_http_conf_t; |
22 | 25 |
23 | 26 |
24 typedef struct ngx_imap_auth_http_ctx_s ngx_imap_auth_http_ctx_t; | 27 typedef struct ngx_imap_auth_http_ctx_s ngx_imap_auth_http_ctx_t; |
25 | 28 |
68 | 71 |
69 static void *ngx_imap_auth_http_create_conf(ngx_conf_t *cf); | 72 static void *ngx_imap_auth_http_create_conf(ngx_conf_t *cf); |
70 static char *ngx_imap_auth_http_merge_conf(ngx_conf_t *cf, void *parent, | 73 static char *ngx_imap_auth_http_merge_conf(ngx_conf_t *cf, void *parent, |
71 void *child); | 74 void *child); |
72 static char *ngx_imap_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); | 75 static char *ngx_imap_auth_http(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); |
76 static char *ngx_imap_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, | |
77 void *conf); | |
73 | 78 |
74 | 79 |
75 static ngx_command_t ngx_imap_auth_http_commands[] = { | 80 static ngx_command_t ngx_imap_auth_http_commands[] = { |
76 | 81 |
77 { ngx_string("auth_http"), | 82 { ngx_string("auth_http"), |
84 { ngx_string("auth_http_timeout"), | 89 { ngx_string("auth_http_timeout"), |
85 NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, | 90 NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE1, |
86 ngx_conf_set_msec_slot, | 91 ngx_conf_set_msec_slot, |
87 NGX_IMAP_SRV_CONF_OFFSET, | 92 NGX_IMAP_SRV_CONF_OFFSET, |
88 offsetof(ngx_imap_auth_http_conf_t, timeout), | 93 offsetof(ngx_imap_auth_http_conf_t, timeout), |
94 NULL }, | |
95 | |
96 { ngx_string("auth_http_header"), | |
97 NGX_IMAP_MAIN_CONF|NGX_IMAP_SRV_CONF|NGX_CONF_TAKE2, | |
98 ngx_imap_auth_http_header, | |
99 NGX_IMAP_SRV_CONF_OFFSET, | |
100 0, | |
89 NULL }, | 101 NULL }, |
90 | 102 |
91 ngx_null_command | 103 ngx_null_command |
92 }; | 104 }; |
93 | 105 |
989 if (b == NULL) { | 1001 if (b == NULL) { |
990 return NULL; | 1002 return NULL; |
991 } | 1003 } |
992 | 1004 |
993 b->last = ngx_cpymem(b->last, "GET ", sizeof("GET ") - 1); | 1005 b->last = ngx_cpymem(b->last, "GET ", sizeof("GET ") - 1); |
994 b->last = ngx_cpymem(b->last, ahcf->uri.data, ahcf->uri.len); | 1006 b->last = ngx_copy(b->last, ahcf->uri.data, ahcf->uri.len); |
995 b->last = ngx_cpymem(b->last, " HTTP/1.0" CRLF, | 1007 b->last = ngx_cpymem(b->last, " HTTP/1.0" CRLF, |
996 sizeof(" HTTP/1.0" CRLF) - 1); | 1008 sizeof(" HTTP/1.0" CRLF) - 1); |
997 | 1009 |
998 b->last = ngx_cpymem(b->last, "Host: ", sizeof("Host: ") - 1); | 1010 b->last = ngx_cpymem(b->last, "Host: ", sizeof("Host: ") - 1); |
999 b->last = ngx_cpymem(b->last, ahcf->host_header.data, | 1011 b->last = ngx_copy(b->last, ahcf->host_header.data, |
1000 ahcf->host_header.len); | 1012 ahcf->host_header.len); |
1001 *b->last++ = CR; *b->last++ = LF; | 1013 *b->last++ = CR; *b->last++ = LF; |
1002 | 1014 |
1003 b->last = ngx_cpymem(b->last, "Auth-Method: plain" CRLF, | 1015 b->last = ngx_cpymem(b->last, "Auth-Method: plain" CRLF, |
1004 sizeof("Auth-Method: plain" CRLF) - 1); | 1016 sizeof("Auth-Method: plain" CRLF) - 1); |
1005 | 1017 |
1006 b->last = ngx_cpymem(b->last, "Auth-User: ", sizeof("Auth-User: ") - 1); | 1018 b->last = ngx_cpymem(b->last, "Auth-User: ", sizeof("Auth-User: ") - 1); |
1007 b->last = ngx_cpymem(b->last, s->login.data, s->login.len); | 1019 b->last = ngx_copy(b->last, s->login.data, s->login.len); |
1008 *b->last++ = CR; *b->last++ = LF; | 1020 *b->last++ = CR; *b->last++ = LF; |
1009 | 1021 |
1010 b->last = ngx_cpymem(b->last, "Auth-Pass: ", sizeof("Auth-Pass: ") - 1); | 1022 b->last = ngx_cpymem(b->last, "Auth-Pass: ", sizeof("Auth-Pass: ") - 1); |
1011 b->last = ngx_cpymem(b->last, s->passwd.data, s->passwd.len); | 1023 b->last = ngx_copy(b->last, s->passwd.data, s->passwd.len); |
1012 *b->last++ = CR; *b->last++ = LF; | 1024 *b->last++ = CR; *b->last++ = LF; |
1013 | 1025 |
1014 b->last = ngx_cpymem(b->last, "Auth-Protocol: ", | 1026 b->last = ngx_cpymem(b->last, "Auth-Protocol: ", |
1015 sizeof("Auth-Protocol: ") - 1); | 1027 sizeof("Auth-Protocol: ") - 1); |
1016 b->last = ngx_cpymem(b->last, ngx_imap_auth_http_protocol[s->protocol], | 1028 b->last = ngx_cpymem(b->last, ngx_imap_auth_http_protocol[s->protocol], |
1019 | 1031 |
1020 b->last = ngx_sprintf(b->last, "Auth-Login-Attempt: %ui" CRLF, | 1032 b->last = ngx_sprintf(b->last, "Auth-Login-Attempt: %ui" CRLF, |
1021 s->login_attempt); | 1033 s->login_attempt); |
1022 | 1034 |
1023 b->last = ngx_cpymem(b->last, "Client-IP: ", sizeof("Client-IP: ") - 1); | 1035 b->last = ngx_cpymem(b->last, "Client-IP: ", sizeof("Client-IP: ") - 1); |
1024 b->last = ngx_cpymem(b->last, s->connection->addr_text.data, | 1036 b->last = ngx_copy(b->last, s->connection->addr_text.data, |
1025 s->connection->addr_text.len); | 1037 s->connection->addr_text.len); |
1026 *b->last++ = CR; *b->last++ = LF; | 1038 *b->last++ = CR; *b->last++ = LF; |
1039 | |
1040 if (ahcf->header.len) { | |
1041 b->last = ngx_copy(b->last, ahcf->header.data, ahcf->header.len); | |
1042 } | |
1027 | 1043 |
1028 /* add "\r\n" at the header end */ | 1044 /* add "\r\n" at the header end */ |
1029 *b->last++ = CR; *b->last++ = LF; | 1045 *b->last++ = CR; *b->last++ = LF; |
1030 | 1046 |
1031 #if (NGX_DEBUG_IMAP_PASSWD) | 1047 #if (NGX_DEBUG_IMAP_PASSWD) |
1063 ngx_imap_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child) | 1079 ngx_imap_auth_http_merge_conf(ngx_conf_t *cf, void *parent, void *child) |
1064 { | 1080 { |
1065 ngx_imap_auth_http_conf_t *prev = parent; | 1081 ngx_imap_auth_http_conf_t *prev = parent; |
1066 ngx_imap_auth_http_conf_t *conf = child; | 1082 ngx_imap_auth_http_conf_t *conf = child; |
1067 | 1083 |
1084 u_char *p; | |
1085 size_t len; | |
1086 ngx_uint_t i; | |
1087 ngx_table_elt_t *header; | |
1088 | |
1068 if (conf->peers == NULL) { | 1089 if (conf->peers == NULL) { |
1069 conf->peers = prev->peers; | 1090 conf->peers = prev->peers; |
1070 conf->host_header = prev->host_header; | 1091 conf->host_header = prev->host_header; |
1071 conf->uri = prev->uri; | 1092 conf->uri = prev->uri; |
1072 } | 1093 } |
1073 | 1094 |
1074 ngx_conf_merge_msec_value(conf->timeout, prev->timeout, 60000); | 1095 ngx_conf_merge_msec_value(conf->timeout, prev->timeout, 60000); |
1096 | |
1097 if (conf->headers == NULL) { | |
1098 conf->headers = prev->headers; | |
1099 conf->header = prev->header; | |
1100 } | |
1101 | |
1102 if (conf->headers && conf->header.len == 0) { | |
1103 len = 0; | |
1104 header = conf->headers->elts; | |
1105 for (i = 0; i < conf->headers->nelts; i++) { | |
1106 len += header[i].key.len + 2 + header[i].value.len + 2; | |
1107 } | |
1108 | |
1109 p = ngx_palloc(cf->pool, len); | |
1110 if (p == NULL) { | |
1111 return NGX_CONF_ERROR; | |
1112 } | |
1113 | |
1114 conf->header.len = len; | |
1115 conf->header.data = p; | |
1116 | |
1117 for (i = 0; i < conf->headers->nelts; i++) { | |
1118 p = ngx_cpymem(p, header[i].key.data, header[i].key.len); | |
1119 *p++ = ':'; *p++ = ' '; | |
1120 p = ngx_cpymem(p, header[i].value.data, header[i].value.len); | |
1121 *p++ = CR; *p++ = LF; | |
1122 } | |
1123 } | |
1075 | 1124 |
1076 return NGX_CONF_OK; | 1125 return NGX_CONF_OK; |
1077 } | 1126 } |
1078 | 1127 |
1079 | 1128 |
1085 ngx_str_t *value, *url; | 1134 ngx_str_t *value, *url; |
1086 ngx_inet_upstream_t inet_upstream; | 1135 ngx_inet_upstream_t inet_upstream; |
1087 #if (NGX_HAVE_UNIX_DOMAIN) | 1136 #if (NGX_HAVE_UNIX_DOMAIN) |
1088 ngx_unix_domain_upstream_t unix_upstream; | 1137 ngx_unix_domain_upstream_t unix_upstream; |
1089 #endif | 1138 #endif |
1090 | 1139 |
1091 value = cf->args->elts; | 1140 value = cf->args->elts; |
1092 | 1141 |
1093 url = &value[1]; | 1142 url = &value[1]; |
1094 | 1143 |
1095 if (ngx_strncasecmp(url->data, "unix:", 5) == 0) { | 1144 if (ngx_strncasecmp(url->data, "unix:", 5) == 0) { |
1141 ahcf->uri.data = (u_char *) "/"; | 1190 ahcf->uri.data = (u_char *) "/"; |
1142 } | 1191 } |
1143 | 1192 |
1144 return NGX_CONF_OK; | 1193 return NGX_CONF_OK; |
1145 } | 1194 } |
1195 | |
1196 | |
1197 static char * | |
1198 ngx_imap_auth_http_header(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) | |
1199 { | |
1200 ngx_imap_auth_http_conf_t *ahcf = conf; | |
1201 | |
1202 ngx_str_t *value; | |
1203 ngx_table_elt_t *header; | |
1204 | |
1205 if (ahcf->headers == NULL) { | |
1206 ahcf->headers = ngx_array_create(cf->pool, 1, sizeof(ngx_table_elt_t)); | |
1207 if (ahcf->headers == NULL) { | |
1208 return NGX_CONF_ERROR; | |
1209 } | |
1210 } | |
1211 | |
1212 header = ngx_array_push(ahcf->headers); | |
1213 if (header == NULL) { | |
1214 return NGX_CONF_ERROR; | |
1215 } | |
1216 | |
1217 value = cf->args->elts; | |
1218 | |
1219 header->key = value[1]; | |
1220 header->value = value[2]; | |
1221 | |
1222 return NGX_CONF_OK; | |
1223 } |