Skip to content

Commit 99662f8

Browse files
rcosnitarcosnita
committed
Variables are not supported for configuring the module.
Closes #22.
1 parent a42c371 commit 99662f8

File tree

1 file changed

+38
-4
lines changed

1 file changed

+38
-4
lines changed

src/ngx_http_encrypted_session_module.c

Lines changed: 38 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -150,6 +150,26 @@ ngx_module_t ngx_http_encrypted_session_module = {
150150
NGX_MODULE_V1_PADDING
151151
};
152152

153+
static ngx_str_t ngx_http_get_variable_by_name(ngx_http_request_t *r,
154+
unsigned char *name, ngx_http_encrypted_session_conf_t *conf)
155+
{
156+
ngx_http_variable_value_t *v;
157+
ngx_str_t name_str;
158+
name_str.data = name;
159+
name_str.len = strlen((const char *)name);
160+
161+
ngx_uint_t key = ngx_hash_strlow(name, name, name_str.len);
162+
v = ngx_http_get_variable(r, &name_str, key);
163+
164+
if (v->not_found) {
165+
return name_str;
166+
}
167+
168+
ngx_str_t var_value;
169+
var_value.len = v->len;
170+
var_value.data = v->data;
171+
return var_value;
172+
}
153173

154174
static ngx_int_t
155175
ngx_http_set_encode_encrypted_session(ngx_http_request_t *r,
@@ -176,9 +196,11 @@ ngx_http_set_encode_encrypted_session(ngx_http_request_t *r,
176196
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
177197
"encrypted_session: expires=%T", conf->expires);
178198

199+
ngx_str_t iv = ngx_http_get_variable_by_name(r, conf->iv, conf);
200+
ngx_str_t key = ngx_http_get_variable_by_name(r, conf->key, conf);
201+
179202
rc = ngx_http_encrypted_session_aes_mac_encrypt(emcf, r->pool,
180-
r->connection->log, conf->iv, ngx_http_encrypted_session_iv_length,
181-
conf->key, ngx_http_encrypted_session_key_length,
203+
r->connection->log, iv.data, iv.len, key.data, key.len,
182204
v->data, v->len, (ngx_uint_t) conf->expires, &dst, &len);
183205

184206
if (rc != NGX_OK) {
@@ -218,9 +240,11 @@ ngx_http_set_decode_encrypted_session(ngx_http_request_t *r,
218240
return NGX_ERROR;
219241
}
220242

243+
ngx_str_t iv = ngx_http_get_variable_by_name(r, conf->iv, conf);
244+
ngx_str_t key = ngx_http_get_variable_by_name(r, conf->key, conf);
245+
221246
rc = ngx_http_encrypted_session_aes_mac_decrypt(emcf, r->pool,
222-
r->connection->log, conf->iv, ngx_http_encrypted_session_iv_length,
223-
conf->key, ngx_http_encrypted_session_key_length,
247+
r->connection->log, iv.data, iv.len, key.data, key.len,
224248
v->data, v->len, &dst, &len);
225249

226250
if (rc != NGX_OK) {
@@ -248,6 +272,11 @@ ngx_http_encrypted_session_key(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
248272

249273
value = cf->args->elts;
250274

275+
if (value[1].len > 1 && value[1].data[0] == '$') {
276+
llcf->key = &(value[1].data[1]);
277+
return NGX_CONF_OK;
278+
}
279+
251280
if (value[1].len != ngx_http_encrypted_session_key_length) {
252281
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
253282
"encrypted_session_key: the key must be of %d "
@@ -276,6 +305,11 @@ ngx_http_encrypted_session_iv(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
276305

277306
value = cf->args->elts;
278307

308+
if (value[1].len > 1 && value[1].data[0] == '$') {
309+
llcf->iv = &(value[1].data[1]);
310+
return NGX_CONF_OK;
311+
}
312+
279313
if (value[1].len > ngx_http_encrypted_session_iv_length) {
280314
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
281315
"encrypted_session_iv: the init vector must NOT "

0 commit comments

Comments
 (0)