ngx_uint_t type;
ngx_uint_t hash;
ngx_str_t header;
+#if (NGX_HAVE_UNIX_DOMAIN)
+ ngx_uint_t unixsock; /* unsigned unixsock:1; */
+#endif
} ngx_http_realip_loc_conf_t;
typedef struct {
- ngx_connection_t *connection;
- struct sockaddr *sockaddr;
- socklen_t socklen;
- ngx_str_t addr_text;
+ ngx_connection_t *connection;
+ struct sockaddr *sockaddr;
+ socklen_t socklen;
+ ngx_str_t addr_text;
} ngx_http_realip_ctx_t;
static ngx_int_t ngx_http_realip_handler(ngx_http_request_t *r);
+static ngx_int_t ngx_http_realip_set_addr(ngx_http_request_t *r, u_char *ip,
+ size_t len);
static void ngx_http_realip_cleanup(void *data);
static char *ngx_http_realip_from(ngx_conf_t *cf, ngx_command_t *cmd,
void *conf);
{
u_char *ip, *p;
size_t len;
- ngx_int_t rc;
ngx_uint_t i, hash;
- ngx_addr_t addr;
ngx_list_part_t *part;
ngx_table_elt_t *header;
struct sockaddr_in *sin;
ngx_connection_t *c;
- ngx_pool_cleanup_t *cln;
ngx_http_realip_ctx_t *ctx;
ngx_http_realip_from_t *from;
ngx_http_realip_loc_conf_t *rlcf;
return NGX_DECLINED;
}
- cln = ngx_pool_cleanup_add(r->pool, sizeof(ngx_http_realip_ctx_t));
- if (cln == NULL) {
- return NGX_HTTP_INTERNAL_SERVER_ERROR;
- }
-
rlcf = ngx_http_get_module_loc_conf(r, ngx_http_realip_module);
if (rlcf->from == NULL) {
/* AF_INET only */
- if (r->connection->sockaddr->sa_family != AF_INET) {
- return NGX_DECLINED;
- }
+ if (c->sockaddr->sa_family == AF_INET) {
+ sin = (struct sockaddr_in *) c->sockaddr;
- sin = (struct sockaddr_in *) c->sockaddr;
+ from = rlcf->from->elts;
+ for (i = 0; i < rlcf->from->nelts; i++) {
- from = rlcf->from->elts;
- for (i = 0; i < rlcf->from->nelts; i++) {
+ ngx_log_debug3(NGX_LOG_DEBUG_HTTP, c->log, 0,
+ "realip: %08XD %08XD %08XD",
+ sin->sin_addr.s_addr, from[i].mask, from[i].addr);
- ngx_log_debug3(NGX_LOG_DEBUG_HTTP, c->log, 0,
- "realip: %08XD %08XD %08XD",
- sin->sin_addr.s_addr, from[i].mask, from[i].addr);
+ if ((sin->sin_addr.s_addr & from[i].mask) == from[i].addr) {
+ return ngx_http_realip_set_addr(r, ip, len);
+ }
+ }
+ }
- if ((sin->sin_addr.s_addr & from[i].mask) == from[i].addr) {
+#if (NGX_HAVE_UNIX_DOMAIN)
- ctx = cln->data;
+ if (c->sockaddr->sa_family == AF_UNIX && rlcf->unixsock) {
+ return ngx_http_realip_set_addr(r, ip, len);
+ }
- ngx_http_set_ctx(r, ctx, ngx_http_realip_module);
+#endif
- rc = ngx_parse_addr(c->pool, &addr, ip, len);
+ return NGX_DECLINED;
+}
- switch (rc) {
- case NGX_DECLINED:
- return NGX_DECLINED;
- case NGX_ERROR:
- return NGX_HTTP_INTERNAL_SERVER_ERROR;
- default: /* NGX_OK */
- break;
- }
- p = ngx_pnalloc(c->pool, len);
- if (p == NULL) {
- return NGX_HTTP_INTERNAL_SERVER_ERROR;
- }
+static ngx_int_t
+ngx_http_realip_set_addr(ngx_http_request_t *r, u_char *ip, size_t len)
+{
+ u_char *p;
+ ngx_int_t rc;
+ ngx_addr_t addr;
+ ngx_connection_t *c;
+ ngx_pool_cleanup_t *cln;
+ ngx_http_realip_ctx_t *ctx;
- ngx_memcpy(p, ip, len);
+ cln = ngx_pool_cleanup_add(r->pool, sizeof(ngx_http_realip_ctx_t));
+ if (cln == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
- cln->handler = ngx_http_realip_cleanup;
+ ctx = cln->data;
+ ngx_http_set_ctx(r, ctx, ngx_http_realip_module);
- ctx->connection = c;
- ctx->sockaddr = c->sockaddr;
- ctx->socklen = c->socklen;
- ctx->addr_text = c->addr_text;
+ c = r->connection;
- c->sockaddr = addr.sockaddr;
- c->socklen = addr.socklen;
- c->addr_text.len = len;
- c->addr_text.data = p;
+ rc = ngx_parse_addr(c->pool, &addr, ip, len);
- return NGX_DECLINED;
- }
+ switch (rc) {
+ case NGX_DECLINED:
+ return NGX_DECLINED;
+ case NGX_ERROR:
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ default: /* NGX_OK */
+ break;
}
+ p = ngx_pnalloc(c->pool, len);
+ if (p == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ ngx_memcpy(p, ip, len);
+
+ cln->handler = ngx_http_realip_cleanup;
+
+ ctx->connection = c;
+ ctx->sockaddr = c->sockaddr;
+ ctx->socklen = c->socklen;
+ ctx->addr_text = c->addr_text;
+
+ c->sockaddr = addr.sockaddr;
+ c->socklen = addr.socklen;
+ c->addr_text.len = len;
+ c->addr_text.data = p;
+
return NGX_DECLINED;
}
ngx_cidr_t cidr;
ngx_http_realip_from_t *from;
+ value = cf->args->elts;
+
+#if (NGX_HAVE_UNIX_DOMAIN)
+
+ if (ngx_strcmp(value[1].data, "unix:") == 0) {
+ rlcf->unixsock = 1;
+ return NGX_CONF_OK;
+ }
+
+#endif
+
if (rlcf->from == NULL) {
rlcf->from = ngx_array_create(cf->pool, 2,
sizeof(ngx_http_realip_from_t));
return NGX_CONF_ERROR;
}
- value = cf->args->elts;
-
rc = ngx_ptocidr(&value[1], &cidr);
if (rc == NGX_ERROR) {
* conf->from = NULL;
* conf->hash = 0;
* conf->header = { 0, NULL };
+ * conf->unixsock = 0;
*/
conf->type = NGX_CONF_UNSET_UINT;
if (conf->from == NULL) {
conf->from = prev->from;
+#if (NGX_HAVE_UNIX_DOMAIN)
+ conf->unixsock = prev->unixsock;
+#endif
}
ngx_conf_merge_uint_value(conf->type, prev->type, NGX_HTTP_REALIP_XREALIP);
projects / nginx.git / commitdiff