search

FRiCKLE / ngx_cache_purge

nginx module which adds ability to purge content from FastCGI, proxy, SCGI and uWSGI caches.
http://labs.frickle.com/nginx_ngx_cache_purge/
Other
1.06k stars 310 forks source link

Not honoring server_tokens off #20

Open javiertury opened 10 years ago

javiertury commented 10 years ago

ngx_cache_purge doesn't honor server_tokens off. When a purge is successful it shows which version of nginx it's using

The purging page looks like this

Successful purge

Key : httpGETmypage.com
Path: /var/lib/nginx/tmp/fastcgi_cache/X/XX/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
nginx/1.6.0
nginx -V
nginx version: nginx/1.6.0
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body --http-proxy-temp-path=/var/lib/nginx/tmp/proxy --http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi --http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --http-scgi-temp-path=/var/lib/nginx/tmp/scgi --pid-path=/var/run/nginx.pid --lock-path=/var/lock/subsys/nginx --user=nginx --group=nginx --with-file-aio --with-ipv6 --with-http_ssl_module --with-http_spdy_module --with-http_realip_module --with-http_addition_module --with-http_xslt_module --with-http_image_filter_module --with-http_geoip_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module --with-http_perl_module --with-mail --with-mail_ssl_module --with-pcre --with-debug --add-module=/builddir/build/BUILD/nginx-1.6.0/modsecurity-2.8.0/nginx/modsecurity --add-module=/builddir/build/BUILD/nginx-1.6.0/ngx_cache_purge-2.1 --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m32 -march=i686 -mtune=atom -fasynchronous-unwind-tables' --with-ld-opt=-Wl,-E
PiotrSikora commented 9 years ago

Sorry for late reply, that's going to be fixed shortly.

Would you mind providing your name for CHANGES?

shmilee commented 7 years ago

I made a patch. It works. Ref: nginx-1.10.2/src/http/ngx_http_special_response.c

diff -Nur ngx_cache_purge-2.3.orig/ngx_cache_purge_module.c ngx_cache_purge-2.3/ngx_cache_purge_module.c
--- ngx_cache_purge-2.3.orig/ngx_cache_purge_module.c   2014-12-23 20:01:15.000000000 +0800
+++ ngx_cache_purge-2.3/ngx_cache_purge_module.c    2016-11-21 22:02:11.000000000 +0800
@@ -94,7 +94,8 @@
 ngx_int_t   ngx_http_cache_purge_access(ngx_array_t *a, ngx_array_t *a6,
     struct sockaddr *s);

-ngx_int_t   ngx_http_cache_purge_send_response(ngx_http_request_t *r);
+ngx_int_t   ngx_http_cache_purge_send_response(ngx_http_request_t *r,
+    ngx_http_core_loc_conf_t *clcf);
 # if (nginx_version >= 1007009)
 ngx_int_t   ngx_http_cache_purge_cache_get(ngx_http_request_t *r,
     ngx_http_upstream_t *u, ngx_http_file_cache_t **cache);
@@ -189,13 +190,20 @@
 "<center><h1>Successful purge</h1>" CRLF
 ;

-static char ngx_http_cache_purge_success_page_tail[] =
+static char ngx_http_cache_purge_success_page_full_tail[] =
 CRLF "</center>" CRLF
 "<hr><center>" NGINX_VER "</center>" CRLF
 "</body>" CRLF
 "</html>" CRLF
 ;

+static char ngx_http_cache_purge_success_page_tail[] =
+CRLF "</center>" CRLF
+"<hr><center>nginx</center>" CRLF
+"</body>" CRLF
+"</html>" CRLF
+;
+
 # if (NGX_HTTP_FASTCGI)
 extern ngx_module_t  ngx_http_fastcgi_module;

@@ -1249,18 +1257,29 @@
 }

 ngx_int_t
-ngx_http_cache_purge_send_response(ngx_http_request_t *r)
+ngx_http_cache_purge_send_response(ngx_http_request_t *r,
+    ngx_http_core_loc_conf_t *clcf)
 {
     ngx_chain_t   out;
     ngx_buf_t    *b;
     ngx_str_t    *key;
     ngx_int_t     rc;
+    char         *tail;
+    size_t        tail_len;
     size_t        len;

     key = r->cache->keys.elts;

+    if (clcf->server_tokens) {
+        tail = ngx_http_cache_purge_success_page_full_tail;
+        tail_len = sizeof(ngx_http_cache_purge_success_page_full_tail) - 1;
+    } else {
+        tail = ngx_http_cache_purge_success_page_tail;
+        tail_len = sizeof(ngx_http_cache_purge_success_page_tail) - 1;
+    }
+
     len = sizeof(ngx_http_cache_purge_success_page_top) - 1
-          + sizeof(ngx_http_cache_purge_success_page_tail) - 1
+          + tail_len
           + sizeof("<br>Key : ") - 1 + sizeof(CRLF "<br>Path: ") - 1
           + key[0].len + r->cache->file.name.len;

@@ -1292,8 +1311,7 @@
                          sizeof(CRLF "<br>Path: ") - 1);
     b->last = ngx_cpymem(b->last, r->cache->file.name.data,
                          r->cache->file.name.len);
-    b->last = ngx_cpymem(b->last, ngx_http_cache_purge_success_page_tail,
-                         sizeof(ngx_http_cache_purge_success_page_tail) - 1);
+    b->last = ngx_cpymem(b->last, tail, tail_len);
     b->last_buf = 1;

     rc = ngx_http_send_header(r);
@@ -1402,6 +1420,7 @@
 ngx_http_cache_purge_handler(ngx_http_request_t *r)
 {
     ngx_int_t  rc;
+    ngx_http_core_loc_conf_t  *clcf;

 #  if (NGX_HAVE_FILE_AIO)
     if (r->aio) {
@@ -1410,6 +1429,7 @@
 #  endif

     rc = ngx_http_file_cache_purge(r);
+    clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);

     ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
                    "http file cache purge: %i, \"%s\"",
@@ -1418,7 +1438,7 @@
     switch (rc) {
     case NGX_OK:
         r->write_event_handler = ngx_http_request_empty_handler;
-        ngx_http_finalize_request(r, ngx_http_cache_purge_send_response(r));
+        ngx_http_finalize_request(r, ngx_http_cache_purge_send_response(r, clcf));
         return;
     case NGX_DECLINED:
ngx_http_finalize_request(r, NGX_HTTP_NOT_FOUND);