Mercurial > hg > nginx
view contrib/geo2nginx.pl @ 7269:7f955d3b9a0d
SSL: detect "listen ... ssl" without certificates (ticket #178).
In mail and stream modules, no certificate provided is a fatal condition,
much like with the "ssl" and "starttls" directives.
In http, "listen ... ssl" can be used in a non-default server without
certificates as long as there is a certificate in the default one, so
missing certificate is only fatal for default servers.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Tue, 24 Apr 2018 15:29:01 +0300 |
parents | c9ad0d9c7d59 |
children |
line wrap: on
line source
#!/usr/bin/perl -w # (c) Andrei Nigmatulin, 2005 # # this script provided "as is", without any warranties. use it at your own risk. # # special thanx to Andrew Sitnikov for perl port # # this script converts CSV geoip database (free download at http://www.maxmind.com/app/geoip_country) # to format, suitable for use with nginx_http_geo module (http://sysoev.ru/nginx) # # for example, line with ip range # # "62.16.68.0","62.16.127.255","1041253376","1041268735","RU","Russian Federation" # # will be converted to four subnetworks: # # 62.16.68.0/22 RU; # 62.16.72.0/21 RU; # 62.16.80.0/20 RU; # 62.16.96.0/19 RU; use warnings; use strict; while( <STDIN> ){ if (/"[^"]+","[^"]+","([^"]+)","([^"]+)","([^"]+)"/){ print_subnets($1, $2, $3); } } sub print_subnets { my ($a1, $a2, $c) = @_; my $l; while ($a1 <= $a2) { for ($l = 0; ($a1 & (1 << $l)) == 0 && ($a1 + ((1 << ($l + 1)) - 1)) <= $a2; $l++){}; print long2ip($a1) . "/" . (32 - $l) . " " . $c . ";\n"; $a1 += (1 << $l); } } sub long2ip { my $ip = shift; my $str = 0; $str = ($ip & 255); $ip >>= 8; $str = ($ip & 255).".$str"; $ip >>= 8; $str = ($ip & 255).".$str"; $ip >>= 8; $str = ($ip & 255).".$str"; }