mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-10 11:38:36 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

set_real_ip_from unix:

Browse Source
This commit is contained in:
Igor Sysoev 2009-11-02 16:46:07 +00:00
parent a9aaa4a78d
commit 7e4f193bb0
1 changed files with 95 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

73
src/http/modules/ngx_http_realip_module.c
View File

@ -25,6 +25,9 @@ typedef struct {
ngx_uint_t type; ngx_uint_t type;
ngx_uint_t hash; ngx_uint_t hash;
ngx_str_t header; ngx_str_t header;
#if (NGX_HAVE_UNIX_DOMAIN)
ngx_uint_t unixsock; /* unsigned unixsock:1; */
#endif
} ngx_http_realip_loc_conf_t; } ngx_http_realip_loc_conf_t;
@ -37,6 +40,8 @@ typedef struct {
static ngx_int_t ngx_http_realip_handler(ngx_http_request_t *r); static ngx_int_t ngx_http_realip_handler(ngx_http_request_t *r);
static ngx_int_t ngx_http_realip_set_addr(ngx_http_request_t *r, u_char *ip,
size_t len);
static void ngx_http_realip_cleanup(void *data); static void ngx_http_realip_cleanup(void *data);
static char *ngx_http_realip_from(ngx_conf_t *cf, ngx_command_t *cmd, static char *ngx_http_realip_from(ngx_conf_t *cf, ngx_command_t *cmd,
void *conf); void *conf);
@ -104,14 +109,11 @@ ngx_http_realip_handler(ngx_http_request_t *r)
{ {
u_char *ip, *p; u_char *ip, *p;
size_t len; size_t len;
ngx_int_t rc;
ngx_uint_t i, hash; ngx_uint_t i, hash;
ngx_addr_t addr;
ngx_list_part_t *part; ngx_list_part_t *part;
ngx_table_elt_t *header; ngx_table_elt_t *header;
struct sockaddr_in *sin; struct sockaddr_in *sin;
ngx_connection_t *c; ngx_connection_t *c;
ngx_pool_cleanup_t *cln;
ngx_http_realip_ctx_t *ctx; ngx_http_realip_ctx_t *ctx;
ngx_http_realip_from_t *from; ngx_http_realip_from_t *from;
ngx_http_realip_loc_conf_t *rlcf; ngx_http_realip_loc_conf_t *rlcf;
@ -122,11 +124,6 @@ ngx_http_realip_handler(ngx_http_request_t *r)
return NGX_DECLINED; return NGX_DECLINED;
} }
cln = ngx_pool_cleanup_add(r->pool, sizeof(ngx_http_realip_ctx_t));
if (cln == NULL) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
rlcf = ngx_http_get_module_loc_conf(r, ngx_http_realip_module); rlcf = ngx_http_get_module_loc_conf(r, ngx_http_realip_module);
if (rlcf->from == NULL) { if (rlcf->from == NULL) {
@ -209,10 +206,7 @@ found:
/* AF_INET only */ /* AF_INET only */
if (r->connection->sockaddr->sa_family != AF_INET) { if (c->sockaddr->sa_family == AF_INET) {
return NGX_DECLINED;
}
sin = (struct sockaddr_in *) c->sockaddr; sin = (struct sockaddr_in *) c->sockaddr;
from = rlcf->from->elts; from = rlcf->from->elts;
@ -223,11 +217,43 @@ found:
sin->sin_addr.s_addr, from[i].mask, from[i].addr); sin->sin_addr.s_addr, from[i].mask, from[i].addr);
if ((sin->sin_addr.s_addr & from[i].mask) == from[i].addr) { if ((sin->sin_addr.s_addr & from[i].mask) == from[i].addr) {
return ngx_http_realip_set_addr(r, ip, len);
}
}
}
#if (NGX_HAVE_UNIX_DOMAIN)
if (c->sockaddr->sa_family == AF_UNIX && rlcf->unixsock) {
return ngx_http_realip_set_addr(r, ip, len);
}
#endif
return NGX_DECLINED;
}
static ngx_int_t
ngx_http_realip_set_addr(ngx_http_request_t *r, u_char *ip, size_t len)
{
u_char *p;
ngx_int_t rc;
ngx_addr_t addr;
ngx_connection_t *c;
ngx_pool_cleanup_t *cln;
ngx_http_realip_ctx_t *ctx;
cln = ngx_pool_cleanup_add(r->pool, sizeof(ngx_http_realip_ctx_t));
if (cln == NULL) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
ctx = cln->data; ctx = cln->data;
ngx_http_set_ctx(r, ctx, ngx_http_realip_module); ngx_http_set_ctx(r, ctx, ngx_http_realip_module);
c = r->connection;
rc = ngx_parse_addr(c->pool, &addr, ip, len); rc = ngx_parse_addr(c->pool, &addr, ip, len);
switch (rc) { switch (rc) {
@ -260,10 +286,6 @@ found:
return NGX_DECLINED; return NGX_DECLINED;
} }
}
return NGX_DECLINED;
}
static void static void
@ -291,6 +313,17 @@ ngx_http_realip_from(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
ngx_cidr_t cidr; ngx_cidr_t cidr;
ngx_http_realip_from_t *from; ngx_http_realip_from_t *from;
value = cf->args->elts;
#if (NGX_HAVE_UNIX_DOMAIN)
if (ngx_strcmp(value[1].data, "unix:") == 0) {
rlcf->unixsock = 1;
return NGX_CONF_OK;
}
#endif
if (rlcf->from == NULL) { if (rlcf->from == NULL) {
rlcf->from = ngx_array_create(cf->pool, 2, rlcf->from = ngx_array_create(cf->pool, 2,
sizeof(ngx_http_realip_from_t)); sizeof(ngx_http_realip_from_t));
@ -304,8 +337,6 @@ ngx_http_realip_from(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
return NGX_CONF_ERROR; return NGX_CONF_ERROR;
} }
value = cf->args->elts;
rc = ngx_ptocidr(&value[1], &cidr); rc = ngx_ptocidr(&value[1], &cidr);
if (rc == NGX_ERROR) { if (rc == NGX_ERROR) {
@ -375,6 +406,7 @@ ngx_http_realip_create_loc_conf(ngx_conf_t *cf)
* conf->from = NULL; * conf->from = NULL;
* conf->hash = 0; * conf->hash = 0;
* conf->header = { 0, NULL }; * conf->header = { 0, NULL };
* conf->unixsock = 0;
*/ */
conf->type = NGX_CONF_UNSET_UINT; conf->type = NGX_CONF_UNSET_UINT;
@ -391,6 +423,9 @@ ngx_http_realip_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
if (conf->from == NULL) { if (conf->from == NULL) {
conf->from = prev->from; conf->from = prev->from;
#if (NGX_HAVE_UNIX_DOMAIN)
conf->unixsock = prev->unixsock;
#endif
} }
ngx_conf_merge_uint_value(conf->type, prev->type, NGX_HTTP_REALIP_XREALIP); ngx_conf_merge_uint_value(conf->type, prev->type, NGX_HTTP_REALIP_XREALIP);