nginx-0.1.43
L0rda
l0rda at l0rda.biz
Tue Aug 30 15:54:11 MSD 2005
Igor Sysoev wrote:
> On Tue, 30 Aug 2005, Igor Sysoev wrote:
>
>>> Игорь, а как на счет записи в лог имени пользователя, который
>>> авторизуется на апаче?
>>
>>
>> Это я забыл сделать :) К следующей версии будет.
>
>
> Вот патч, который выставляет переменную $remote_user независимо от того,
> используется аутентификация в nginx или нет.
>
>
> Игорь Сысоев
> http://sysoev.ru
>
>------------------------------------------------------------------------
>
>--- src/http/modules/ngx_http_auth_basic_module.c Sat Apr 30 13:50:11 2005
>+++ src/http/modules/ngx_http_auth_basic_module.c Tue Aug 30 15:47:09 2005
>@@ -90,8 +90,9 @@
> off_t offset;
> ssize_t n;
> ngx_fd_t fd;
>- ngx_str_t auth, encoded, pwd;
>- ngx_uint_t i, login, len, left, passwd;
>+ ngx_int_t rc;
>+ ngx_str_t pwd;
>+ ngx_uint_t i, login, left, passwd;
> ngx_file_t file;
> ngx_http_auth_basic_ctx_t *ctx;
> ngx_http_auth_basic_loc_conf_t *alcf;
>@@ -115,57 +116,16 @@
> &alcf->realm);
> }
>
>- if (r->headers_in.authorization == NULL) {
>- return ngx_http_auth_basic_set_realm(r, &alcf->realm);
>- }
>-
>- encoded = r->headers_in.authorization->value;
>+ rc = ngx_http_auth_basic_user(r);
>
>- if (encoded.len < sizeof("Basic ") - 1
>- || ngx_strncasecmp(encoded.data, "Basic ", sizeof("Basic ") - 1) != 0)
>- {
>+ if (rc == NGX_DECLINED) {
> return ngx_http_auth_basic_set_realm(r, &alcf->realm);
> }
>
>- encoded.len -= sizeof("Basic ") - 1;
>- encoded.data += sizeof("Basic ") - 1;
>-
>- while (encoded.len && encoded.data[0] == ' ') {
>- encoded.len--;
>- encoded.data++;
>- }
>-
>- if (encoded.len == 0) {
>- return ngx_http_auth_basic_set_realm(r, &alcf->realm);
>- }
>-
>- auth.len = ngx_base64_decoded_length(encoded.len);
>- auth.data = ngx_palloc(r->pool, auth.len + 1);
>- if (auth.data == NULL) {
>+ if (rc == NGX_ERROR) {
> return NGX_HTTP_INTERNAL_SERVER_ERROR;
> }
>
>- if (ngx_decode_base64(&auth, &encoded) != NGX_OK) {
>- return ngx_http_auth_basic_set_realm(r, &alcf->realm);
>- }
>-
>- auth.data[auth.len] = '\0';
>-
>- for (len = 0; len < auth.len; len++) {
>- if (auth.data[len] == ':') {
>- break;
>- }
>- }
>-
>- if (len == auth.len) {
>- return ngx_http_auth_basic_set_realm(r, &alcf->realm);
>- }
>-
>- r->headers_in.user.len = len;
>- r->headers_in.user.data = auth.data;
>- r->headers_in.passwd.len = auth.len - len - 1;
>- r->headers_in.passwd.data = &auth.data[len + 1];
>-
> fd = ngx_open_file(alcf->user_file.data, NGX_FILE_RDONLY, NGX_FILE_OPEN);
>
> if (fd == NGX_INVALID_FILE) {
>@@ -208,12 +168,12 @@
> break;
> }
>
>- if (buf[i] != auth.data[login]) {
>+ if (buf[i] != r->headers_in.user.data[login]) {
> state = sw_skip;
> break;
> }
>
>- if (login == len) {
>+ if (login == r->headers_in.user.len) {
> state = sw_passwd;
> passwd = i + 1;
> }
>--- src/http/ngx_http_core_module.c Tue Aug 23 18:51:33 2005
>+++ src/http/ngx_http_core_module.c Tue Aug 30 15:40:20 2005
>@@ -931,6 +931,76 @@
>
>
> ngx_int_t
>+ngx_http_auth_basic_user(ngx_http_request_t *r)
>+{
>+ ngx_str_t auth, encoded;
>+ ngx_uint_t len;
>+
>+ if (r->headers_in.user.len == 0 && r->headers_in.user.data != NULL) {
>+ return NGX_DECLINED;
>+ }
>+
>+ if (r->headers_in.authorization == NULL) {
>+ r->headers_in.user.data = (u_char *) "";
>+ return NGX_DECLINED;
>+ }
>+
>+ encoded = r->headers_in.authorization->value;
>+
>+ if (encoded.len < sizeof("Basic ") - 1
>+ || ngx_strncasecmp(encoded.data, "Basic ", sizeof("Basic ") - 1) != 0)
>+ {
>+ r->headers_in.user.data = (u_char *) "";
>+ return NGX_DECLINED;
>+ }
>+
>+ encoded.len -= sizeof("Basic ") - 1;
>+ encoded.data += sizeof("Basic ") - 1;
>+
>+ while (encoded.len && encoded.data[0] == ' ') {
>+ encoded.len--;
>+ encoded.data++;
>+ }
>+
>+ if (encoded.len == 0) {
>+ r->headers_in.user.data = (u_char *) "";
>+ return NGX_DECLINED;
>+ }
>+
>+ auth.len = ngx_base64_decoded_length(encoded.len);
>+ auth.data = ngx_palloc(r->pool, auth.len + 1);
>+ if (auth.data == NULL) {
>+ return NGX_ERROR;
>+ }
>+
>+ if (ngx_decode_base64(&auth, &encoded) != NGX_OK) {
>+ r->headers_in.user.data = (u_char *) "";
>+ return NGX_DECLINED;
>+ }
>+
>+ auth.data[auth.len] = '\0';
>+
>+ for (len = 0; len < auth.len; len++) {
>+ if (auth.data[len] == ':') {
>+ break;
>+ }
>+ }
>+
>+ if (len == auth.len) {
>+ r->headers_in.user.data = (u_char *) "";
>+ return NGX_DECLINED;
>+ }
>+
>+ r->headers_in.user.len = len;
>+ r->headers_in.user.data = auth.data;
>+ r->headers_in.passwd.len = auth.len - len - 1;
>+ r->headers_in.passwd.data = &auth.data[len + 1];
>+
>+ return NGX_OK;
>+}
>+
>+
>+ngx_int_t
> ngx_http_subrequest(ngx_http_request_t *r,
> ngx_str_t *uri, ngx_str_t *args)
> {
>--- src/http/ngx_http_core_module.h Fri Jul 8 13:49:04 2005
>+++ src/http/ngx_http_core_module.h Tue Aug 30 15:30:10 2005
>@@ -252,6 +252,7 @@
>
> ngx_int_t ngx_http_set_content_type(ngx_http_request_t *r);
> ngx_int_t ngx_http_set_exten(ngx_http_request_t *r);
>+ngx_int_t ngx_http_auth_basic_user(ngx_http_request_t *r);
>
> ngx_int_t ngx_http_subrequest(ngx_http_request_t *r,
> ngx_str_t *uri, ngx_str_t *args);
>--- src/http/ngx_http_variables.c Tue Aug 30 15:18:56 2005
>+++ src/http/ngx_http_variables.c Tue Aug 30 15:46:53 2005
>@@ -32,6 +32,8 @@
> ngx_http_variable_document_root(ngx_http_request_t *r, uintptr_t data);
> static ngx_http_variable_value_t *
> ngx_http_variable_request_filename(ngx_http_request_t *r, uintptr_t data);
>+static ngx_http_variable_value_t *
>+ ngx_http_variable_remote_user(ngx_http_request_t *r, uintptr_t data);
>
>
> /*
>@@ -108,8 +110,7 @@
> { ngx_string("request_method"), ngx_http_variable_request,
> offsetof(ngx_http_request_t, method_name), 0, 0 },
>
>- { ngx_string("remote_user"), ngx_http_variable_request,
>- offsetof(ngx_http_request_t, headers_in.user), 0, 0 },
>+ { ngx_string("remote_user"), ngx_http_variable_remote_user, 0, 0, 0 },
>
> { ngx_null_string, NULL, 0, 0, 0 }
> };
>@@ -652,6 +653,34 @@
> ngx_memcpy(p, r->uri.data + clcf->name.len,
> r->uri.len + 1 - clcf->name.len);
> }
>+
>+ return vv;
>+}
>+
>+
>+static ngx_http_variable_value_t *
>+ngx_http_variable_remote_user(ngx_http_request_t *r, uintptr_t data)
>+{
>+ ngx_int_t rc;
>+ ngx_http_variable_value_t *vv;
>+
>+ rc = ngx_http_auth_basic_user(r);
>+
>+ if (rc == NGX_DECLINED) {
>+ return NGX_HTTP_VAR_NOT_FOUND;
>+ }
>+
>+ if (rc == NGX_ERROR) {
>+ return NULL;
>+ }
>+
>+ vv = ngx_palloc(r->pool, sizeof(ngx_http_variable_value_t));
>+ if (vv == NULL) {
>+ return NULL;
>+ }
>+
>+ vv->value = 0;
>+ vv->text = r->headers_in.user;
>
> return vv;
> }
>
>
Спасибо, сейчас попробуем.
--
Best regards, Kirill,
http://www.Fedora-Hosting.com
More information about the nginx-ru
mailing list