Mercurial > hg > nginx
annotate src/http/modules/ngx_http_secure_link_module.c @ 6298:8f6d753c1953
Adjusted file->sys_offset after the write() syscall.
This fixes suboptimal behavior caused by surplus lseek() for sequential writes
on systems without pwrite(). A consecutive read after write might result in an
error on systems without pread() and pwrite().
Fortunately, at the moment there are no widely used systems without these
syscalls.
author | Valentin Bartenev <vbart@nginx.com> |
---|---|
date | Tue, 17 Nov 2015 19:01:41 +0300 |
parents | d89442dab4d1 |
children | c7d4017c8876 |
rev | line source |
---|---|
2260 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4412 | 4 * Copyright (C) Nginx, Inc. |
2260 | 5 */ |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 #include <ngx_http.h> | |
11 #include <ngx_md5.h> | |
12 | |
13 | |
14 typedef struct { | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
15 ngx_http_complex_value_t *variable; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
16 ngx_http_complex_value_t *md5; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
17 ngx_str_t secret; |
2260 | 18 } ngx_http_secure_link_conf_t; |
19 | |
20 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
21 typedef struct { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
22 ngx_str_t expires; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
23 } ngx_http_secure_link_ctx_t; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
24 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
25 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
26 static ngx_int_t ngx_http_secure_link_old_variable(ngx_http_request_t *r, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
27 ngx_http_secure_link_conf_t *conf, ngx_http_variable_value_t *v, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
28 uintptr_t data); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
29 static ngx_int_t ngx_http_secure_link_expires_variable(ngx_http_request_t *r, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
30 ngx_http_variable_value_t *v, uintptr_t data); |
2260 | 31 static void *ngx_http_secure_link_create_conf(ngx_conf_t *cf); |
32 static char *ngx_http_secure_link_merge_conf(ngx_conf_t *cf, void *parent, | |
33 void *child); | |
34 static ngx_int_t ngx_http_secure_link_add_variables(ngx_conf_t *cf); | |
35 | |
36 | |
37 static ngx_command_t ngx_http_secure_link_commands[] = { | |
38 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
39 { ngx_string("secure_link"), |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
40 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, |
3761 | 41 ngx_http_set_complex_value_slot, |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
42 NGX_HTTP_LOC_CONF_OFFSET, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
43 offsetof(ngx_http_secure_link_conf_t, variable), |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
44 NULL }, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
45 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
46 { ngx_string("secure_link_md5"), |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
47 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, |
3761 | 48 ngx_http_set_complex_value_slot, |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
49 NGX_HTTP_LOC_CONF_OFFSET, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
50 offsetof(ngx_http_secure_link_conf_t, md5), |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
51 NULL }, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
52 |
2260 | 53 { ngx_string("secure_link_secret"), |
54 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, | |
55 ngx_conf_set_str_slot, | |
56 NGX_HTTP_LOC_CONF_OFFSET, | |
57 offsetof(ngx_http_secure_link_conf_t, secret), | |
58 NULL }, | |
59 | |
60 ngx_null_command | |
61 }; | |
62 | |
63 | |
64 static ngx_http_module_t ngx_http_secure_link_module_ctx = { | |
65 ngx_http_secure_link_add_variables, /* preconfiguration */ | |
66 NULL, /* postconfiguration */ | |
67 | |
68 NULL, /* create main configuration */ | |
69 NULL, /* init main configuration */ | |
70 | |
71 NULL, /* create server configuration */ | |
72 NULL, /* merge server configuration */ | |
73 | |
74 ngx_http_secure_link_create_conf, /* create location configuration */ | |
75 ngx_http_secure_link_merge_conf /* merge location configuration */ | |
76 }; | |
77 | |
78 | |
79 ngx_module_t ngx_http_secure_link_module = { | |
80 NGX_MODULE_V1, | |
81 &ngx_http_secure_link_module_ctx, /* module context */ | |
82 ngx_http_secure_link_commands, /* module directives */ | |
83 NGX_HTTP_MODULE, /* module type */ | |
84 NULL, /* init master */ | |
85 NULL, /* init module */ | |
86 NULL, /* init process */ | |
87 NULL, /* init thread */ | |
88 NULL, /* exit thread */ | |
89 NULL, /* exit process */ | |
90 NULL, /* exit master */ | |
91 NGX_MODULE_V1_PADDING | |
92 }; | |
93 | |
94 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
95 static ngx_str_t ngx_http_secure_link_name = ngx_string("secure_link"); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
96 static ngx_str_t ngx_http_secure_link_expires_name = |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
97 ngx_string("secure_link_expires"); |
2260 | 98 |
99 | |
100 static ngx_int_t | |
101 ngx_http_secure_link_variable(ngx_http_request_t *r, | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
102 ngx_http_variable_value_t *v, uintptr_t data) |
2260 | 103 { |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
104 u_char *p, *last; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
105 ngx_str_t val, hash; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
106 time_t expires; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
107 ngx_md5_t md5; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
108 ngx_http_secure_link_ctx_t *ctx; |
2260 | 109 ngx_http_secure_link_conf_t *conf; |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
110 u_char hash_buf[16], md5_buf[16]; |
2260 | 111 |
112 conf = ngx_http_get_module_loc_conf(r, ngx_http_secure_link_module); | |
113 | |
5017
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
114 if (conf->secret.data) { |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
115 return ngx_http_secure_link_old_variable(r, conf, v, data); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
116 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
117 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
118 if (conf->variable == NULL || conf->md5 == NULL) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
119 goto not_found; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
120 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
121 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
122 if (ngx_http_complex_value(r, conf->variable, &val) != NGX_OK) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
123 return NGX_ERROR; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
124 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
125 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
126 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
127 "secure link: \"%V\"", &val); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
128 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
129 last = val.data + val.len; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
130 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
131 p = ngx_strlchr(val.data, last, ','); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
132 expires = 0; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
133 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
134 if (p) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
135 val.len = p++ - val.data; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
136 |
3760
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
137 expires = ngx_atotm(p, last - p); |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
138 if (expires <= 0) { |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
139 goto not_found; |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
140 } |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
141 |
3760
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
142 ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_secure_link_ctx_t)); |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
143 if (ctx == NULL) { |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
144 return NGX_ERROR; |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
145 } |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
146 |
3760
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
147 ngx_http_set_ctx(r, ctx, ngx_http_secure_link_module); |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
148 |
3760
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
149 ctx->expires.len = last - p; |
38f74d11e5bd
discard "secure_link_expires on|off"
Igor Sysoev <igor@sysoev.ru>
parents:
3756
diff
changeset
|
150 ctx->expires.data = p; |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
151 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
152 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
153 if (val.len > 24) { |
2260 | 154 goto not_found; |
155 } | |
156 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
157 hash.len = 16; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
158 hash.data = hash_buf; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
159 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
160 if (ngx_decode_base64url(&hash, &val) != NGX_OK) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
161 goto not_found; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
162 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
163 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
164 if (hash.len != 16) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
165 goto not_found; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
166 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
167 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
168 if (ngx_http_complex_value(r, conf->md5, &val) != NGX_OK) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
169 return NGX_ERROR; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
170 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
171 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
172 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
173 "secure link md5: \"%V\"", &val); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
174 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
175 ngx_md5_init(&md5); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
176 ngx_md5_update(&md5, val.data, val.len); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
177 ngx_md5_final(md5_buf, &md5); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
178 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
179 if (ngx_memcmp(hash_buf, md5_buf, 16) != 0) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
180 goto not_found; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
181 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
182 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
183 v->data = (u_char *) ((expires && expires < ngx_time()) ? "0" : "1"); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
184 v->len = 1; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
185 v->valid = 1; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
186 v->no_cacheable = 0; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
187 v->not_found = 0; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
188 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
189 return NGX_OK; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
190 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
191 not_found: |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
192 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
193 v->not_found = 1; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
194 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
195 return NGX_OK; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
196 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
197 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
198 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
199 static ngx_int_t |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
200 ngx_http_secure_link_old_variable(ngx_http_request_t *r, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
201 ngx_http_secure_link_conf_t *conf, ngx_http_variable_value_t *v, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
202 uintptr_t data) |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
203 { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
204 u_char *p, *start, *end, *last; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
205 size_t len; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
206 ngx_int_t n; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
207 ngx_uint_t i; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
208 ngx_md5_t md5; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
209 u_char hash[16]; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
210 |
2260 | 211 p = &r->unparsed_uri.data[1]; |
212 last = r->unparsed_uri.data + r->unparsed_uri.len; | |
213 | |
214 while (p < last) { | |
215 if (*p++ == '/') { | |
216 start = p; | |
217 goto md5_start; | |
218 } | |
219 } | |
220 | |
221 goto not_found; | |
222 | |
223 md5_start: | |
224 | |
225 while (p < last) { | |
226 if (*p++ == '/') { | |
227 end = p - 1; | |
228 goto url_start; | |
229 } | |
230 } | |
231 | |
232 goto not_found; | |
233 | |
234 url_start: | |
235 | |
236 len = last - p; | |
237 | |
2279 | 238 if (end - start != 32 || len == 0) { |
2260 | 239 goto not_found; |
240 } | |
241 | |
242 ngx_md5_init(&md5); | |
243 ngx_md5_update(&md5, p, len); | |
244 ngx_md5_update(&md5, conf->secret.data, conf->secret.len); | |
245 ngx_md5_final(hash, &md5); | |
246 | |
247 for (i = 0; i < 16; i++) { | |
248 n = ngx_hextoi(&start[2 * i], 2); | |
249 if (n == NGX_ERROR || n != hash[i]) { | |
250 goto not_found; | |
251 } | |
252 } | |
253 | |
254 v->len = len; | |
255 v->valid = 1; | |
256 v->no_cacheable = 0; | |
257 v->not_found = 0; | |
258 v->data = p; | |
259 | |
260 return NGX_OK; | |
261 | |
262 not_found: | |
263 | |
264 v->not_found = 1; | |
265 | |
266 return NGX_OK; | |
267 } | |
268 | |
269 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
270 static ngx_int_t |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
271 ngx_http_secure_link_expires_variable(ngx_http_request_t *r, |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
272 ngx_http_variable_value_t *v, uintptr_t data) |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
273 { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
274 ngx_http_secure_link_ctx_t *ctx; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
275 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
276 ctx = ngx_http_get_module_ctx(r, ngx_http_secure_link_module); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
277 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
278 if (ctx) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
279 v->len = ctx->expires.len; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
280 v->valid = 1; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
281 v->no_cacheable = 0; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
282 v->not_found = 0; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
283 v->data = ctx->expires.data; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
284 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
285 } else { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
286 v->not_found = 1; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
287 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
288 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
289 return NGX_OK; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
290 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
291 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
292 |
2260 | 293 static void * |
294 ngx_http_secure_link_create_conf(ngx_conf_t *cf) | |
295 { | |
296 ngx_http_secure_link_conf_t *conf; | |
297 | |
298 conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_secure_link_conf_t)); | |
299 if (conf == NULL) { | |
2912
c7d57b539248
return NULL instead of NGX_CONF_ERROR on a create conf failure
Igor Sysoev <igor@sysoev.ru>
parents:
2279
diff
changeset
|
300 return NULL; |
2260 | 301 } |
302 | |
303 /* | |
304 * set by ngx_pcalloc(): | |
305 * | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
306 * conf->variable = NULL; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
307 * conf->md5 = NULL; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
308 * conf->secret = { 0, NULL }; |
2260 | 309 */ |
310 | |
311 return conf; | |
312 } | |
313 | |
314 | |
315 static char * | |
316 ngx_http_secure_link_merge_conf(ngx_conf_t *cf, void *parent, void *child) | |
317 { | |
318 ngx_http_secure_link_conf_t *prev = parent; | |
319 ngx_http_secure_link_conf_t *conf = child; | |
320 | |
5017
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
321 if (conf->secret.data) { |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
322 if (conf->variable || conf->md5) { |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
323 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
324 "\"secure_link_secret\" cannot be mixed with " |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
325 "\"secure_link\" and \"secure_link_md5\""); |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
326 return NGX_CONF_ERROR; |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
327 } |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
328 |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
329 return NGX_CONF_OK; |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
330 } |
2260 | 331 |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
332 if (conf->variable == NULL) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
333 conf->variable = prev->variable; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
334 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
335 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
336 if (conf->md5 == NULL) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
337 conf->md5 = prev->md5; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
338 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
339 |
5017
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
340 if (conf->variable == NULL && conf->md5 == NULL) { |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
341 conf->secret = prev->secret; |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
342 } |
d89442dab4d1
Secure_link: fixed configuration inheritance.
Ruslan Ermilov <ru@nginx.com>
parents:
4412
diff
changeset
|
343 |
2260 | 344 return NGX_CONF_OK; |
345 } | |
346 | |
347 | |
348 static ngx_int_t | |
349 ngx_http_secure_link_add_variables(ngx_conf_t *cf) | |
350 { | |
351 ngx_http_variable_t *var; | |
352 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
353 var = ngx_http_add_variable(cf, &ngx_http_secure_link_name, 0); |
2260 | 354 if (var == NULL) { |
355 return NGX_ERROR; | |
356 } | |
357 | |
358 var->get_handler = ngx_http_secure_link_variable; | |
359 | |
3756
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
360 var = ngx_http_add_variable(cf, &ngx_http_secure_link_expires_name, 0); |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
361 if (var == NULL) { |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
362 return NGX_ERROR; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
363 } |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
364 |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
365 var->get_handler = ngx_http_secure_link_expires_variable; |
7224d008faaf
new ngx_http_secure_link_module with secure_link, secure_link_md5, and
Igor Sysoev <igor@sysoev.ru>
parents:
2912
diff
changeset
|
366 |
2260 | 367 return NGX_OK; |
368 } |