nginx/src/http/modules/ngx_http_secure_link_module.c

   1
   2 /*
   3  * Copyright (C) Igor Sysoev
   4  */
   5
   6
   7 #include <ngx_config.h>
   8 #include <ngx_core.h>
   9 #include <ngx_http.h>
  10 #include <ngx_md5.h>
  11
  12
  13 typedef struct {
  14     ngx_str_t  secret;
  15 } ngx_http_secure_link_conf_t;
  16
  17
  18 static void *ngx_http_secure_link_create_conf(ngx_conf_t *cf);
  19 static char *ngx_http_secure_link_merge_conf(ngx_conf_t *cf, void *parent,
  20     void *child);
  21 static ngx_int_t ngx_http_secure_link_add_variables(ngx_conf_t *cf);
  22
  23
  24 static ngx_command_t  ngx_http_secure_link_commands[] = {
  25
  26     { ngx_string("secure_link_secret"),
  27       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
  28       ngx_conf_set_str_slot,
  29       NGX_HTTP_LOC_CONF_OFFSET,
  30       offsetof(ngx_http_secure_link_conf_t, secret),
  31       NULL },
  32
  33       ngx_null_command
  34 };
  35
  36
  37 static ngx_http_module_t  ngx_http_secure_link_module_ctx = {
  38     ngx_http_secure_link_add_variables,    /* preconfiguration */
  39     NULL,                                  /* postconfiguration */
  40
  41     NULL,                                  /* create main configuration */
  42     NULL,                                  /* init main configuration */
  43
  44     NULL,                                  /* create server configuration */
  45     NULL,                                  /* merge server configuration */
  46
  47     ngx_http_secure_link_create_conf,      /* create location configuration */
  48     ngx_http_secure_link_merge_conf        /* merge location configuration */
  49 };
  50
  51
  52 ngx_module_t  ngx_http_secure_link_module = {
  53     NGX_MODULE_V1,
  54     &ngx_http_secure_link_module_ctx,      /* module context */
  55     ngx_http_secure_link_commands,         /* module directives */
  56     NGX_HTTP_MODULE,                       /* module type */
  57     NULL,                                  /* init master */
  58     NULL,                                  /* init module */
  59     NULL,                                  /* init process */
  60     NULL,                                  /* init thread */
  61     NULL,                                  /* exit thread */
  62     NULL,                                  /* exit process */
  63     NULL,                                  /* exit master */
  64     NGX_MODULE_V1_PADDING
  65 };
  66
  67
  68 static ngx_str_t  ngx_http_secure_link = ngx_string("secure_link");
  69
  70
  71 static ngx_int_t
  72 ngx_http_secure_link_variable(ngx_http_request_t *r,
  73      ngx_http_variable_value_t *v, uintptr_t data)
  74 {
  75     u_char                        *p, *start, *end, *last;
  76     size_t                         len;
  77     ngx_int_t                      n;
  78     ngx_uint_t                     i;
  79     ngx_md5_t                      md5;
  80     ngx_http_secure_link_conf_t  *conf;
  81     u_char                         hash[16];
  82
  83     conf = ngx_http_get_module_loc_conf(r, ngx_http_secure_link_module);
  84
  85     if (conf->secret.len == 0) {
  86         goto not_found;
  87     }
  88
  89     p = &r->unparsed_uri.data[1];
  90     last = r->unparsed_uri.data + r->unparsed_uri.len;
  91
  92     while (p < last) {
  93         if (*p++ == '/') {
  94             start = p;
  95             goto md5_start;
  96         }
  97     }
  98
  99     goto not_found;
 100
 101 md5_start:
 102
 103     while (p < last) {
 104         if (*p++ == '/') {
 105             end = p - 1;
 106             goto url_start;
 107         }
 108     }
 109
 110     goto not_found;
 111
 112 url_start:
 113
 114     len = last - p;
 115
 116     if (end - start != 32 || len == 0) {
 117         goto not_found;
 118     }
 119
 120     ngx_md5_init(&md5);
 121     ngx_md5_update(&md5, p, len);
 122     ngx_md5_update(&md5, conf->secret.data, conf->secret.len);
 123     ngx_md5_final(hash, &md5);
 124
 125     for (i = 0; i < 16; i++) {
 126         n = ngx_hextoi(&start[2 * i], 2);
 127         if (n == NGX_ERROR || n != hash[i]) {
 128             goto not_found;
 129         }
 130     }
 131
 132     v->len = len;
 133     v->valid = 1;
 134     v->no_cacheable = 0;
 135     v->not_found = 0;
 136     v->data = p;
 137
 138     return NGX_OK;
 139
 140 not_found:
 141
 142     v->not_found = 1;
 143
 144     return NGX_OK;
 145 }
 146
 147
 148 static void *
 149 ngx_http_secure_link_create_conf(ngx_conf_t *cf)
 150 {
 151     ngx_http_secure_link_conf_t  *conf;
 152
 153     conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_secure_link_conf_t));
 154     if (conf == NULL) {
 155         return NGX_CONF_ERROR;
 156     }
 157
 158     /*
 159      * set by ngx_pcalloc():
 160      *
 161      *     conf->secret = { 0, NULL }
 162      */
 163
 164     return conf;
 165 }
 166
 167
 168 static char *
 169 ngx_http_secure_link_merge_conf(ngx_conf_t *cf, void *parent, void *child)
 170 {
 171     ngx_http_secure_link_conf_t *prev = parent;
 172     ngx_http_secure_link_conf_t *conf = child;
 173
 174     ngx_conf_merge_str_value(conf->secret, prev->secret, "");
 175
 176     return NGX_CONF_OK;
 177 }
 178
 179
 180 static ngx_int_t
 181 ngx_http_secure_link_add_variables(ngx_conf_t *cf)
 182 {
 183     ngx_http_variable_t  *var;
 184
 185     var = ngx_http_add_variable(cf, &ngx_http_secure_link, NGX_HTTP_VAR_NOHASH);
 186     if (var == NULL) {
 187         return NGX_ERROR;
 188     }
 189
 190     var->get_handler = ngx_http_secure_link_variable;
 191
 192     return NGX_OK;
 193 }