mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-01-19 01:42:58 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

nginx-0.3.57-RELEASE import

Browse Source 
*) Feature: the $ssl_client_serial variable.

    *) Bugfix: in the "!-e" operator of the "if" directive.
       Thanks to Andrian Budanstov.

    *) Bugfix: while a client certificate verification nginx did not send
       to a client the required certificates information.

    *) Bugfix: the $document_root variable did not support the variables in
       the "root" directive.
This commit is contained in:
Igor Sysoev 2006-08-09 19:59:45 +00:00
parent 8d1728faba
commit c55a104fcb
10 changed files with 287 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
docs/xml/nginx/changes.xml
View File

@ -9,6 +9,52 @@
<title lang="en">nginx changelog</title>
<changes ver="0.3.57" date="09.08.2006">
<change type="feature">
<para lang="ru">
ÐÅÒÅÍÅÎÎÁÑ $ssl_client_serial.
</para>
<para lang="en">
the $ssl_client_serial variable.
</para>
</change>
<change type="bugfix">
<para lang="ru">
× ÏÐÅÒÁÔÏÒÅ "!-e" × ÄÉÒÅËÔÉ×Å if.<br/>
óÐÁÓÉÂÏ áÎÄÒÉÁÎÕ âÕÄÁÎÃÏ×Õ.
</para>
<para lang="en">
in the "!-e" operator of the "if" directive.<br/>
Thanks to Andrian Budanstov.
</para>
</change>
<change type="bugfix">
<para lang="ru">
ÐÒÉ ÐÒÏ×ÅÒËÅ ËÌÉÅÎÔÓËÏÇÏ ÓÅÒÔÉÆÉËÁÔÁ nginx ÎÅ ÐÅÒÅÄÁ×ÁÌ ËÌÉÅÎÔÕ
ÉÎÆÏÒÍÁÃÉÀ Ï ÔÒÅÂÕÅÍÙÈ ÓÅÒÔÉÆÉËÁÔÁÈ.
</para>
<para lang="en">
while a client certificate verification nginx did not send to a client
the required certificates information.
</para>
</change>
<change type="bugfix">
<para lang="ru">
ÐÅÒÅÍÅÎÎÁÑ $document_root ÎÅ ÐÏÄÄÅÒÖÉ×ÁÌÁ ÐÅÒÅÍÅÎÎÙÅ × ÄÉÒÅËÔÉ×Å root.
</para>
<para lang="en">
the $document_root variable did not support the variables in the "root"
directive.
</para>
</change>
</changes>
<changes ver="0.3.56" date="04.08.2006">
<change type="feature">

2
src/core/nginx.h
View File

@ -8,7 +8,7 @@
#define _NGINX_H_INCLUDED_
#define NGINX_VER "nginx/0.3.56"
#define NGINX_VER "nginx/0.3.57"
#define NGINX_VAR "NGINX"
#define NGX_OLDPID_EXT ".oldbin"

149
src/event/ngx_event_openssl.c
View File

@ -14,6 +14,7 @@ typedef struct {
} ngx_openssl_conf_t;
static int ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store);
static void ngx_ssl_handshake_handler(ngx_event_t *ev);
static ngx_int_t ngx_ssl_handle_recv(ngx_connection_t *c, int n);
static void ngx_ssl_write_handler(ngx_event_t *wev);
@ -83,6 +84,9 @@ static long ngx_ssl_protocols[] = {
};
int ngx_connection_index;
ngx_int_t
ngx_ssl_init(ngx_log_t *log)
{
@ -93,6 +97,13 @@ ngx_ssl_init(ngx_log_t *log)
ENGINE_load_builtin_engines();
#endif
ngx_connection_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
if (ngx_connection_index == -1) {
ngx_ssl_error(NGX_LOG_ALERT, log, 0, "SSL_get_ex_new_index() failed");
return NGX_ERROR;
}
return NGX_OK;
}
@ -177,8 +188,19 @@ ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert,
ngx_int_t
ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert)
ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert,
ngx_int_t depth)
{
STACK_OF(X509_NAME) *list;
SSL_CTX_set_verify(ssl->ctx, SSL_VERIFY_PEER, ngx_http_ssl_verify_callback);
SSL_CTX_set_verify_depth(ssl->ctx, depth);
if (cert->len == 0) {
return NGX_OK;
}
if (ngx_conf_full_name(cf->cycle, cert) == NGX_ERROR) {
return NGX_ERROR;
}
@ -192,21 +214,77 @@ ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert)
return NGX_ERROR;
}
list = SSL_load_client_CA_file((char *) cert->data);
if (list == NULL) {
ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
"SSL_load_client_CA_file(\"%s\") failed", cert->data);
return NGX_ERROR;
}
/*
* before 0.9.7h and 0.9.8 SSL_load_client_CA_file()
* always leaved an error in the error queue
*/
ERR_clear_error();
SSL_CTX_set_client_CA_list(ssl->ctx, list);
return NGX_OK;
}
static int
ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store)
{
char *subject, *issuer;
int err, depth;
X509 *cert;
X509_NAME *name;
ngx_connection_t *c;
ngx_ssl_conn_t *ssl_conn;
ssl_conn = X509_STORE_CTX_get_ex_data(x509_store,
SSL_get_ex_data_X509_STORE_CTX_idx());
c = ngx_ssl_get_connection(ssl_conn);
cert = X509_STORE_CTX_get_current_cert(x509_store);
err = X509_STORE_CTX_get_error(x509_store);
depth = X509_STORE_CTX_get_error_depth(x509_store);
name = X509_get_subject_name(cert);
subject = name ? X509_NAME_oneline(name, NULL, 0) : "(none)";
name = X509_get_issuer_name(cert);
issuer = name ? X509_NAME_oneline(name, NULL, 0) : "(none)";
ngx_log_debug5(NGX_LOG_DEBUG_HTTP, c->log, 0,
"verify:%d, error:%d, depth:%d, "
"subject:\"%s\",issuer: \"%s\"",
ok, err, depth, subject, issuer);
return 1;
}
ngx_int_t
ngx_ssl_generate_rsa512_key(ngx_ssl_t *ssl)
{
RSA *key;
if (SSL_CTX_need_tmp_RSA(ssl->ctx) == 0) {
return NGX_OK;
}
ssl->rsa512_key = RSA_generate_key(512, RSA_F4, NULL, NULL);
key = RSA_generate_key(512, RSA_F4, NULL, NULL);
if (key) {
SSL_CTX_set_tmp_rsa(ssl->ctx, key);
RSA_free(key);
if (ssl->rsa512_key) {
SSL_CTX_set_tmp_rsa(ssl->ctx, ssl->rsa512_key);
return NGX_OK;
}
@ -254,6 +332,11 @@ ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c, ngx_uint_t flags)
SSL_set_accept_state(sc->connection);
}
if (SSL_set_ex_data(sc->connection, ngx_connection_index, c) == 0) {
ngx_ssl_error(NGX_LOG_ALERT, c->log, 0, "SSL_set_ex_data() failed");
return NGX_ERROR;
}
c->ssl = sc;
return NGX_OK;
@ -1022,25 +1105,23 @@ ngx_ssl_cleanup_ctx(void *data)
{
ngx_ssl_t *ssl = data;
if (ssl->rsa512_key) {
RSA_free(ssl->rsa512_key);
}
SSL_CTX_free(ssl->ctx);
}
u_char *
ngx_ssl_get_protocol(ngx_connection_t *c)
ngx_int_t
ngx_ssl_get_protocol(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
{
return (u_char *) SSL_get_version(c->ssl->connection);
s->data = (u_char *) SSL_get_version(c->ssl->connection);
return NGX_OK;
}
u_char *
ngx_ssl_get_cipher_name(ngx_connection_t *c)
ngx_int_t
ngx_ssl_get_cipher_name(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
{
return (u_char *) SSL_get_cipher_name(c->ssl->connection);
s->data = (u_char *) SSL_get_cipher_name(c->ssl->connection);
return NGX_OK;
}
@ -1055,13 +1136,11 @@ ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
s->len = 0;
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
return NGX_OK;
}
name = X509_get_subject_name(cert);
if (name == NULL) {
return NGX_ERROR;
}
@ -1096,13 +1175,11 @@ ngx_ssl_get_issuer_dn(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
s->len = 0;
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
return NGX_OK;
}
name = X509_get_issuer_name(cert);
if (name == NULL) {
return NGX_ERROR;
}
@ -1126,6 +1203,42 @@ ngx_ssl_get_issuer_dn(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
}
ngx_int_t
ngx_ssl_get_serial_number(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
{
size_t len;
X509 *cert;
BIO *bio;
s->len = 0;
cert = SSL_get_peer_certificate(c->ssl->connection);
if (cert == NULL) {
return NGX_OK;
}
bio = BIO_new(BIO_s_mem());
if (bio == NULL) {
return NGX_ERROR;
}
i2a_ASN1_INTEGER(bio, X509_get_serialNumber(cert));
len = BIO_pending(bio);
s->len = len;
s->data = ngx_palloc(pool, len);
if (s->data == NULL) {
BIO_free(bio);
return NGX_ERROR;
}
BIO_read(bio, s->data, len);
BIO_free(bio);
return NGX_OK;
}
static void *
ngx_openssl_create_conf(ngx_cycle_t *cycle)
{

28
src/event/ngx_event_openssl.h
View File

@ -22,15 +22,18 @@
#define NGX_SSL_NAME "OpenSSL"
#define ngx_ssl_session_t SSL_SESSION
#define ngx_ssl_conn_t SSL
typedef struct {
SSL_CTX *ctx;
RSA *rsa512_key;
ngx_log_t *log;
} ngx_ssl_t;
typedef struct {
SSL *connection;
ngx_ssl_conn_t *connection;
ngx_int_t last;
ngx_buf_t *buf;
@ -47,9 +50,6 @@ typedef struct {
} ngx_ssl_connection_t;
#define ngx_ssl_session_t SSL_SESSION
#define NGX_SSL_SSLv2 2
#define NGX_SSL_SSLv3 4
#define NGX_SSL_TLSv1 8
@ -61,15 +61,12 @@ typedef struct {
#define NGX_SSL_BUFSIZE 16384
#define NGX_SSL_VERIFY SSL_VERIFY_PEER
ngx_int_t ngx_ssl_init(ngx_log_t *log);
ngx_int_t ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols);
ngx_int_t ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl,
ngx_str_t *cert, ngx_str_t *key);
ngx_int_t ngx_ssl_client_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl,
ngx_str_t *cert);
ngx_str_t *cert, ngx_int_t depth);
ngx_int_t ngx_ssl_generate_rsa512_key(ngx_ssl_t *ssl);
ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c,
ngx_uint_t flags);
@ -77,14 +74,20 @@ ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c,
ngx_int_t ngx_ssl_set_session(ngx_connection_t *c, ngx_ssl_session_t *session);
#define ngx_ssl_get_session(c) SSL_get1_session(c->ssl->connection)
#define ngx_ssl_free_session SSL_SESSION_free
#define ngx_ssl_get_connection(sc) SSL_get_ex_data(sc, ngx_connection_index)
u_char *ngx_ssl_get_protocol(ngx_connection_t *c);
u_char *ngx_ssl_get_cipher_name(ngx_connection_t *c);
ngx_int_t ngx_ssl_get_protocol(ngx_connection_t *c, ngx_pool_t *pool,
ngx_str_t *s);
ngx_int_t ngx_ssl_get_cipher_name(ngx_connection_t *c, ngx_pool_t *pool,
ngx_str_t *s);
ngx_int_t ngx_ssl_get_subject_dn(ngx_connection_t *c, ngx_pool_t *pool,
ngx_str_t *s);
ngx_int_t ngx_ssl_get_issuer_dn(ngx_connection_t *c, ngx_pool_t *pool,
ngx_str_t *s);
ngx_int_t ngx_ssl_get_serial_number(ngx_connection_t *c, ngx_pool_t *pool,
ngx_str_t *s);
@ -100,4 +103,7 @@ void ngx_cdecl ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
void ngx_ssl_cleanup_ctx(void *data);
extern int ngx_connection_index;
#endif /* _NGX_EVENT_OPENSSL_H_INCLUDED_ */

95
src/http/modules/ngx_http_ssl_module.c
View File

@ -9,7 +9,8 @@
#include <ngx_http.h>
typedef u_char *(*ngx_ssl_variable_handler_pt)(ngx_connection_t *);
typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c,
ngx_pool_t *pool, ngx_str_t *s);
#define NGX_DEFLAUT_CERTIFICATE "cert.pem"
@ -17,13 +18,10 @@ typedef u_char *(*ngx_ssl_variable_handler_pt)(ngx_connection_t *);
#define NGX_DEFLAUT_CIPHERS "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP"
static int ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store);
static ngx_int_t ngx_http_ssl_static_variable(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_ssl_variable(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_ssl_client_s_dn(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_ssl_client_i_dn(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_ssl_add_variables(ngx_conf_t *cf);
static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf);
@ -161,17 +159,20 @@ ngx_module_t ngx_http_ssl_module = {
static ngx_http_variable_t ngx_http_ssl_vars[] = {
{ ngx_string("ssl_protocol"), NULL, ngx_http_ssl_variable,
{ ngx_string("ssl_protocol"), NULL, ngx_http_ssl_static_variable,
(uintptr_t) ngx_ssl_get_protocol, NGX_HTTP_VAR_CHANGABLE, 0 },
{ ngx_string("ssl_cipher"), NULL, ngx_http_ssl_variable,
{ ngx_string("ssl_cipher"), NULL, ngx_http_ssl_static_variable,
(uintptr_t) ngx_ssl_get_cipher_name, NGX_HTTP_VAR_CHANGABLE, 0 },
{ ngx_string("ssl_client_s_dn"), NULL, ngx_http_ssl_client_s_dn,
0, NGX_HTTP_VAR_CHANGABLE, 0 },
{ ngx_string("ssl_client_s_dn"), NULL, ngx_http_ssl_variable,
(uintptr_t) ngx_ssl_get_subject_dn, NGX_HTTP_VAR_CHANGABLE, 0 },
{ ngx_string("ssl_client_i_dn"), NULL, ngx_http_ssl_client_i_dn,
0, NGX_HTTP_VAR_CHANGABLE, 0 },
{ ngx_string("ssl_client_i_dn"), NULL, ngx_http_ssl_variable,
(uintptr_t) ngx_ssl_get_issuer_dn, NGX_HTTP_VAR_CHANGABLE, 0 },
{ ngx_string("ssl_client_serial"), NULL, ngx_http_ssl_variable,
(uintptr_t) ngx_ssl_get_serial_number, NGX_HTTP_VAR_CHANGABLE, 0 },
{ ngx_null_string, NULL, NULL, 0, 0, 0 }
};
@ -181,25 +182,23 @@ static u_char ngx_http_session_id_ctx[] = "HTTP";
static ngx_int_t
ngx_http_ssl_variable(ngx_http_request_t *r,
ngx_http_ssl_static_variable(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data)
{
ngx_ssl_variable_handler_pt handler = (ngx_ssl_variable_handler_pt) data;
ngx_ssl_variable_handler_pt handler = (ngx_ssl_variable_handler_pt) data;
size_t len;
u_char *name;
size_t len;
if (r->connection->ssl) {
name = handler(r->connection);
(void) handler(r->connection, NULL, (ngx_str_t *) v);
for (len = 0; name[len]; len++) { /* void */ }
for (len = 0; v->data[len]; len++) { /* void */ }
v->len = len;
v->valid = 1;
v->no_cachable = 0;
v->not_found = 0;
v->data = name;
return NGX_OK;
}
@ -211,39 +210,13 @@ ngx_http_ssl_variable(ngx_http_request_t *r,
static ngx_int_t
ngx_http_ssl_client_s_dn(ngx_http_request_t *r, ngx_http_variable_value_t *v,
ngx_http_ssl_variable(ngx_http_request_t *r, ngx_http_variable_value_t *v,
uintptr_t data)
{
ngx_ssl_variable_handler_pt handler = (ngx_ssl_variable_handler_pt) data;
if (r->connection->ssl) {
if (ngx_ssl_get_subject_dn(r->connection, r->pool, (ngx_str_t *) v)
!= NGX_OK)
{
return NGX_ERROR;
}
if (v->len) {
v->valid = 1;
v->no_cachable = 0;
v->not_found = 0;
return NGX_OK;
}
}
v->not_found = 1;
return NGX_OK;
}
static ngx_int_t
ngx_http_ssl_client_i_dn(ngx_http_request_t *r, ngx_http_variable_value_t *v,
uintptr_t data)
{
if (r->connection->ssl) {
if (ngx_ssl_get_issuer_dn(r->connection, r->pool, (ngx_str_t *) v)
!= NGX_OK)
{
if (handler(r->connection, r->pool, (ngx_str_t *) v) != NGX_OK) {
return NGX_ERROR;
}
@ -385,18 +358,11 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
}
if (conf->verify) {
SSL_CTX_set_verify(conf->ssl.ctx, NGX_SSL_VERIFY,
ngx_http_ssl_verify_callback);
SSL_CTX_set_verify_depth(conf->ssl.ctx, conf->verify_depth);
if (conf->client_certificate.len) {
if (ngx_ssl_client_certificate(cf, &conf->ssl,
&conf->client_certificate)
!= NGX_OK)
{
return NGX_CONF_ERROR;
}
if (ngx_ssl_client_certificate(cf, &conf->ssl,
&conf->client_certificate, conf->verify_depth)
!= NGX_OK)
{
return NGX_CONF_ERROR;
}
}
@ -424,13 +390,6 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
}
static int
ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store)
{
return 1;
}
#if !defined (SSL_OP_CIPHER_SERVER_PREFERENCE)
static char *

2
src/http/ngx_http_core_module.c
View File

@ -1072,7 +1072,7 @@ ngx_http_map_uri_to_path(ngx_http_request_t *r, ngx_str_t *path,
} else {
if (ngx_http_script_run(r, path, clcf->root_lengths->elts, reserved,
clcf->root_values->elts)
clcf->root_values->elts)
== NULL)
{
return NULL;

2
src/http/ngx_http_request.c
View File

@ -1344,7 +1344,7 @@ ngx_http_process_request_header(ngx_http_request_t *r)
if (rc != X509_V_OK) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client SSL certificate verify error: (%l:%s) ",
"client SSL certificate verify error: (%l:%s)",
rc, X509_verify_cert_error_string(rc));
ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR);
return NGX_ERROR;

3
src/http/ngx_http_script.c
View File

@ -960,13 +960,16 @@ ngx_http_script_file_code(ngx_http_script_engine_t *e)
}
switch (code->op) {
case ngx_http_script_file_plain:
case ngx_http_script_file_dir:
case ngx_http_script_file_exists:
case ngx_http_script_file_exec:
goto false;
case ngx_http_script_file_not_plain:
case ngx_http_script_file_not_dir:
case ngx_http_script_file_not_exists:
case ngx_http_script_file_not_exec:
goto true;
}

42
src/http/ngx_http_upstream.c
View File

@ -769,7 +769,8 @@ ngx_http_upstream_reinit(ngx_http_request_t *r, ngx_http_upstream_t *u)
static void
ngx_http_upstream_send_request(ngx_http_request_t *r, ngx_http_upstream_t *u)
{
int rc;
int rc, err;
socklen_t len;
ngx_connection_t *c;
c = u->peer.connection;
@ -777,19 +778,42 @@ ngx_http_upstream_send_request(ngx_http_request_t *r, ngx_http_upstream_t *u)
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http upstream send request");
if (!u->request_sent) {
#if (NGX_HAVE_KQUEUE)
if ((ngx_event_flags & NGX_USE_KQUEUE_EVENT)
&& !u->request_sent
&& c->write->pending_eof)
{
(void) ngx_connection_error(c, c->write->kq_errno,
if (ngx_event_flags & NGX_USE_KQUEUE_EVENT) {
if (c->write->pending_eof) {
(void) ngx_connection_error(c, c->write->kq_errno,
"kevent() reported that connect() failed");
ngx_http_upstream_next(r, u, NGX_HTTP_UPSTREAM_FT_ERROR);
return;
}
ngx_http_upstream_next(r, u, NGX_HTTP_UPSTREAM_FT_ERROR);
return;
}
} else
#endif
{
err = 0;
len = sizeof(int);
/*
* BSDs and Linux return 0 and set a pending error in err
* Solaris returns -1 and sets errno
*/
if (getsockopt(c->fd, SOL_SOCKET, SO_ERROR, (void *) &err, &len)
== -1)
{
err = ngx_errno;
}
if (err) {
(void) ngx_connection_error(c, err, "connect() failed");
ngx_http_upstream_next(r, u, NGX_HTTP_UPSTREAM_FT_ERROR);
return;
}
}
}
c->log->action = "sending request to upstream";

33
src/http/ngx_http_variables.c
View File

@ -137,7 +137,7 @@ static ngx_http_variable_t ngx_http_core_variables[] = {
offsetof(ngx_http_request_t, request_line), 0, 0 },
{ ngx_string("document_root"), NULL,
ngx_http_variable_document_root, 0, 0, 0 },
ngx_http_variable_document_root, 0, NGX_HTTP_VAR_NOCACHABLE, 0 },
{ ngx_string("query_string"), NULL, ngx_http_variable_request,
offsetof(ngx_http_request_t, args),
@ -775,15 +775,36 @@ static ngx_int_t
ngx_http_variable_document_root(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data)
{
ngx_str_t path;
ngx_http_core_loc_conf_t *clcf;
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
v->len = clcf->root.len;
v->valid = 1;
v->no_cachable = 0;
v->not_found = 0;
v->data = clcf->root.data;
if (clcf->root_lengths == NULL) {
v->len = clcf->root.len;
v->valid = 1;
v->no_cachable = 0;
v->not_found = 0;
v->data = clcf->root.data;
} else {
if (ngx_http_script_run(r, &path, clcf->root_lengths->elts, 0,
clcf->root_values->elts)
== NULL)
{
return NGX_ERROR;
}
if (ngx_conf_full_name((ngx_cycle_t *) ngx_cycle, &path) == NGX_ERROR) {
return NGX_ERROR;
}
v->len = path.len;
v->valid = 1;
v->no_cachable = 0;
v->not_found = 0;
v->data = path.data;
}
return NGX_OK;
}