Nginx-ru mailing list archive (nginx-ru@sysoev.ru)
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH] Add supoprt variables to `auth_basic_user_file'
From: Kirill A. Korinskiy <catap@xxxxxxxx>
---
src/http/modules/ngx_http_auth_basic_module.c | 111 +++++++++++++++++++++++--
1 files changed, 103 insertions(+), 8 deletions(-)
diff --git a/src/http/modules/ngx_http_auth_basic_module.c
b/src/http/modules/ngx_http_auth_basic_module.c
index
1c23339903b6220cbbbcc2dc495987715b6b1641..d12248a22240e4e0de82f9a67bdcfe6230a02a98
100644
--- a/src/http/modules/ngx_http_auth_basic_module.c
+++ b/src/http/modules/ngx_http_auth_basic_module.c
@@ -18,8 +18,10 @@ typedef struct {
typedef struct {
- ngx_str_t realm;
- ngx_str_t user_file;
+ ngx_str_t realm;
+ ngx_str_t user_file;
+ ngx_array_t *user_file_lengths;
+ ngx_array_t *user_file_values;
} ngx_http_auth_basic_loc_conf_t;
@@ -34,6 +36,9 @@ static char *ngx_http_auth_basic_merge_loc_conf(ngx_conf_t
*cf,
void *parent, void *child);
static ngx_int_t ngx_http_auth_basic_init(ngx_conf_t *cf);
static char *ngx_http_auth_basic(ngx_conf_t *cf, void *post, void *data);
+static char *ngx_http_auth_basic_set_user_file_slot(ngx_conf_t *cf,
+ ngx_command_t *cmd,
+ void *conf);
static ngx_conf_post_handler_pt ngx_http_auth_basic_p = ngx_http_auth_basic;
@@ -51,7 +56,7 @@ static ngx_command_t ngx_http_auth_basic_commands[] = {
{ ngx_string("auth_basic_user_file"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LMT_CONF
|NGX_CONF_TAKE1,
- ngx_conf_set_str_slot,
+ ngx_http_auth_basic_set_user_file_slot,
NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_auth_basic_loc_conf_t, user_file),
NULL },
@@ -99,9 +104,13 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r)
ngx_fd_t fd;
ngx_int_t rc;
ngx_str_t pwd;
+ ngx_str_t user_file;
ngx_uint_t i, login, left, passwd;
ngx_file_t file;
+ ngx_http_script_code_pt code;
+ ngx_http_script_engine_t e;
ngx_http_auth_basic_ctx_t *ctx;
+ ngx_http_script_len_code_pt lcode;
ngx_http_auth_basic_loc_conf_t *alcf;
u_char buf[NGX_HTTP_AUTH_BUF_SIZE];
enum {
@@ -112,7 +121,43 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r)
alcf = ngx_http_get_module_loc_conf(r, ngx_http_auth_basic_module);
- if (alcf->realm.len == 0 || alcf->user_file.len == 0) {
+ if (alcf->realm.len == 0) {
+ return NGX_DECLINED;
+ }
+
+ if (alcf->user_file_lengths == NULL &&
+ alcf->user_file_values == NULL) {
+ user_file = alcf->user_file;
+ } else {
+ ngx_memzero(&e, sizeof(ngx_http_script_engine_t));
+ e.ip = alcf->user_file_lengths->elts;
+ e.request = r;
+ e.flushed = 1;
+
+ user_file.len = 1; /* 1 byte for terminating '\0' */
+
+ while (*(uintptr_t *) e.ip) {
+ lcode = *(ngx_http_script_len_code_pt *) e.ip;
+ user_file.len += lcode(&e);
+ }
+
+ user_file.data = ngx_pcalloc(r->pool, user_file.len);
+ if (user_file.data == NULL) {
+ return NGX_ERROR;
+ }
+
+ e.pos = user_file.data;
+ e.ip = alcf->user_file_values->elts;
+
+ while (*(uintptr_t *) e.ip) {
+ code = *(ngx_http_script_code_pt *) e.ip;
+ code((ngx_http_script_engine_t *) &e);
+ }
+
+ user_file.len = e.pos - user_file.data;
+ }
+
+ if (user_file.len == 0) {
return NGX_DECLINED;
}
@@ -137,18 +182,18 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r)
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
- fd = ngx_open_file(alcf->user_file.data, NGX_FILE_RDONLY, NGX_FILE_OPEN,
0);
+ fd = ngx_open_file(user_file.data, NGX_FILE_RDONLY, NGX_FILE_OPEN, 0);
if (fd == NGX_INVALID_FILE) {
ngx_log_error(NGX_LOG_CRIT, r->connection->log, ngx_errno,
- ngx_open_file_n " \"%s\" failed", alcf->user_file.data);
+ ngx_open_file_n " \"%s\" failed", user_file.data);
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
ngx_memzero(&file, sizeof(ngx_file_t));
file.fd = fd;
- file.name = alcf->user_file;
+ file.name = user_file;
file.log = r->connection->log;
state = sw_login;
@@ -255,7 +300,7 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r)
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"user \"%V\" was not found in \"%V\"",
- &r->headers_in.user, &alcf->user_file);
+ &r->headers_in.user, &user_file);
return ngx_http_auth_basic_set_realm(r, &alcf->realm);
}
@@ -433,3 +478,53 @@ ngx_http_auth_basic(ngx_conf_t *cf, void *post, void *data)
return NGX_CONF_OK;
}
+
+
+static char *
+ngx_http_auth_basic_set_user_file_slot(ngx_conf_t *cf, ngx_command_t *cmd,
void *conf)
+{
+ ngx_str_t *value;
+ ngx_uint_t n;
+ ngx_http_core_loc_conf_t *clcf;
+ ngx_http_script_compile_t sc;
+ ngx_http_auth_basic_loc_conf_t *alcf = conf;
+
+ clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
+
+ if (alcf->user_file.data) {
+ return "is duplicate";
+ }
+
+ value = cf->args->elts;
+
+ if (value[1].len == 0) {
+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+ "region \"%V\" in \"%V\" directive is invalid",
+ &value[1], &value[0]);
+ return NGX_CONF_ERROR;
+ }
+
+ alcf->user_file = value[1];
+
+ n = ngx_http_script_variables_count(&alcf->user_file);
+
+ if (n == 0) {
+ return NGX_CONF_OK;
+ }
+
+ ngx_memzero(&sc, sizeof(ngx_http_script_compile_t));
+
+ sc.cf = cf;
+ sc.source = &alcf->user_file;
+ sc.lengths = &alcf->user_file_lengths;
+ sc.values = &alcf->user_file_values;
+ sc.variables = n;
+ sc.complete_lengths = 1;
+ sc.complete_values = 1;
+
+ if (ngx_http_script_compile(&sc) != NGX_OK) {
+ return NGX_CONF_ERROR;
+ }
+
+ return NGX_CONF_OK;
+}
--
1.5.6.5
|