nginx: src/http/ngx_http_core_module.c comparison

comparison src/http/ngx_http_core_module.c @ 6683:b802b7e1d9bc

Core: introduced ngx_cidr_match() function.

author	Dmitry Volyntsev <xeioex@nginx.com>
date	Wed, 07 Sep 2016 13:56:53 +0300
parents	19db5a6bc34e
children	cebf5fed00bf

comparison

equal deleted inserted replaced

-:db422604ceb0
+:b802b7e1d9bc
 static ngx_int_t
 ngx_http_get_forwarded_addr_internal(ngx_http_request_t *r, ngx_addr_t *addr,
 u_char *xff, size_t xfflen, ngx_array_t *proxies, int recursive)
 {
-u_char           *p;
+u_char      *p;
-in_addr_t         inaddr;
+ngx_int_t    rc;
-ngx_int_t         rc;
+ngx_addr_t   paddr;
-ngx_addr_t        paddr;
-ngx_cidr_t       *cidr;
+if (ngx_cidr_match(addr->sockaddr, proxies) != NGX_OK) {
-ngx_uint_t        family, i;
+return NGX_DECLINED;
-#if (NGX_HAVE_INET6)
+}
-ngx_uint_t        n;
-struct in6_addr  *inaddr6;
+for (p = xff + xfflen - 1; p > xff; p--, xfflen--) {
-#endif
+if (*p != ' ' && *p != ',') {
-#if (NGX_SUPPRESS_WARN)
-inaddr = 0;
-#if (NGX_HAVE_INET6)
-inaddr6 = NULL;
-#endif
-#endif
-family = addr->sockaddr->sa_family;
-if (family == AF_INET) {
-inaddr = ((struct sockaddr_in *) addr->sockaddr)->sin_addr.s_addr;
-}
-#if (NGX_HAVE_INET6)
-else if (family == AF_INET6) {
-inaddr6 = &((struct sockaddr_in6 *) addr->sockaddr)->sin6_addr;
-if (IN6_IS_ADDR_V4MAPPED(inaddr6)) {
-family = AF_INET;
-p = inaddr6->s6_addr;
-inaddr = p[12] << 24;
-inaddr += p[13] << 16;
-inaddr += p[14] << 8;
-inaddr += p[15];
-inaddr = htonl(inaddr);
-}
-}
-#endif
-for (cidr = proxies->elts, i = 0; i < proxies->nelts; i++) {
-if (cidr[i].family != family) {
-goto next;
-}
-switch (family) {
-#if (NGX_HAVE_INET6)
-case AF_INET6:
-for (n = 0; n < 16; n++) {
-if ((inaddr6->s6_addr[n] & cidr[i].u.in6.mask.s6_addr[n])
-!= cidr[i].u.in6.addr.s6_addr[n])
-{
-goto next;
-}
-}
 break;
-#endif
+}
+}
-#if (NGX_HAVE_UNIX_DOMAIN)
-case AF_UNIX:
+for ( /* void */ ; p > xff; p--) {
+if (*p == ' ' || *p == ',') {
+p++;
 break;
-#endif
+}
+}
-default: /* AF_INET */
-if ((inaddr & cidr[i].u.in.mask) != cidr[i].u.in.addr) {
+if (ngx_parse_addr_port(r->pool, &paddr, p, xfflen - (p - xff)) != NGX_OK) {
-goto next;
+return NGX_DECLINED;
 }
-break;
-}
+*addr = paddr;
-for (p = xff + xfflen - 1; p > xff; p--, xfflen--) {
+if (recursive && p > xff) {
-if (*p != ' ' && *p != ',') {
+rc = ngx_http_get_forwarded_addr_internal(r, addr, xff, p - 1 - xff,
-break;
+proxies, 1);
-}
-}
+if (rc == NGX_DECLINED) {
+return NGX_DONE;
-for ( /* void */ ; p > xff; p--) {
+}
-if (*p == ' ' || *p == ',') {
-p++;
+/* rc == NGX_OK || rc == NGX_DONE  */
-break;
+return rc;
 }
-}
+return NGX_OK;
-if (ngx_parse_addr_port(r->pool, &paddr, p, xfflen - (p - xff))
-!= NGX_OK)
-{
-return NGX_DECLINED;
-}
-*addr = paddr;
-if (recursive && p > xff) {
-rc = ngx_http_get_forwarded_addr_internal(r, addr, xff, p - 1 - xff,
-proxies, 1);
-if (rc == NGX_DECLINED) {
-return NGX_DONE;
-}
-/* rc == NGX_OK || rc == NGX_DONE  */
-return rc;
-}
-return NGX_OK;
-next:
-continue;
-}
-return NGX_DECLINED;
 }
 static char *
 ngx_http_core_server(ngx_conf_t *cf, ngx_command_t *cmd, void *dummy)

Mercurial > hg > nginx

comparison src/http/ngx_http_core_module.c @ 6683:b802b7e1d9bc