[nginx] Userid: userid_flags fixup.

Maxim Dounin mdounin at mdounin.ru
Tue Sep 29 13:18:09 UTC 2020 

details:   https://hg.nginx.org/nginx/rev/c0cacad62cc8
branches:  
changeset: 7719:c0cacad62cc8
user:      Maxim Dounin <mdounin at mdounin.ru>
date:      Tue Sep 29 15:52:18 2020 +0300
description:
Userid: userid_flags fixup.

In 7717:e3e8b8234f05, the 1st bit was incorrectly used.  It shouldn't
be used for bitmask values, as it is used by NGX_CONF_BITMASK_SET.

Additionally, special value "off" added to make it possible to clear
inherited userid_flags value.

diffstat:

 src/http/modules/ngx_http_userid_filter_module.c |  16 +++++++++-------
 1 files changed, 9 insertions(+), 7 deletions(-)

diffs (40 lines):

diff -r 8fe7ebe5adc4 -r c0cacad62cc8 src/http/modules/ngx_http_userid_filter_module.c
--- a/src/http/modules/ngx_http_userid_filter_module.c	Mon Sep 28 17:41:22 2020 +0300
+++ b/src/http/modules/ngx_http_userid_filter_module.c	Tue Sep 29 15:52:18 2020 +0300
@@ -15,12 +15,13 @@
 #define NGX_HTTP_USERID_V1    2
 #define NGX_HTTP_USERID_ON    3
 
-#define NGX_HTTP_USERID_COOKIE_SECURE           0x0001
-#define NGX_HTTP_USERID_COOKIE_HTTPONLY         0x0002
-#define NGX_HTTP_USERID_COOKIE_SAMESITE         0x0004
-#define NGX_HTTP_USERID_COOKIE_SAMESITE_STRICT  0x0008
-#define NGX_HTTP_USERID_COOKIE_SAMESITE_LAX     0x0010
-#define NGX_HTTP_USERID_COOKIE_SAMESITE_NONE    0x0020
+#define NGX_HTTP_USERID_COOKIE_OFF              0x0002
+#define NGX_HTTP_USERID_COOKIE_SECURE           0x0004
+#define NGX_HTTP_USERID_COOKIE_HTTPONLY         0x0008
+#define NGX_HTTP_USERID_COOKIE_SAMESITE         0x0010
+#define NGX_HTTP_USERID_COOKIE_SAMESITE_STRICT  0x0020
+#define NGX_HTTP_USERID_COOKIE_SAMESITE_LAX     0x0040
+#define NGX_HTTP_USERID_COOKIE_SAMESITE_NONE    0x0080
 
 /* 31 Dec 2037 23:55:55 GMT */
 #define NGX_HTTP_USERID_MAX_EXPIRES  2145916555
@@ -97,6 +98,7 @@ static ngx_conf_enum_t  ngx_http_userid_
 
 
 static ngx_conf_bitmask_t  ngx_http_userid_flags[] = {
+    { ngx_string("off"), NGX_HTTP_USERID_COOKIE_OFF },
     { ngx_string("secure"), NGX_HTTP_USERID_COOKIE_SECURE },
     { ngx_string("httponly"), NGX_HTTP_USERID_COOKIE_HTTPONLY },
     { ngx_string("samesite=strict"),
@@ -752,7 +754,7 @@ ngx_http_userid_merge_conf(ngx_conf_t *c
                               NGX_HTTP_USERID_OFF);
 
     ngx_conf_merge_bitmask_value(conf->flags, prev->flags,
-                                 NGX_CONF_BITMASK_SET);
+                            (NGX_CONF_BITMASK_SET|NGX_HTTP_USERID_COOKIE_OFF));
 
     ngx_conf_merge_str_value(conf->name, prev->name, "uid");
     ngx_conf_merge_str_value(conf->domain, prev->domain, "");

More information about the nginx-devel mailing list