Added localhost bypass option #23

ngates87 · 2021-03-04T20:40:21Z

Added option to allow localhost traffic through unchallenged.
cleaned up formatting

- fromatting

erikdubbelboer · 2021-03-05T16:39:37Z

ngx_http_auth_digest_module.c

+	char* localhost = "localhost";
+	int localhostLen = strlen(localhost);
+	char* loopback = "127.0.0.1";
+	int loopbackLen = strlen(loopback);


These don't change so you can make them static.

erikdubbelboer · 2021-03-05T16:43:21Z

ngx_http_auth_digest_module.c

+	const int isLocalHost = ngx_http_auth_digest_is_loopback(&(r->headers_in.server)) == 0;
+
+	if (isLocalHost) {
+		const int isLocalHostBypass = ngx_strcmp(alcf->allow_localhost.data, "on") == 0;
+		if (isLocalHostBypass) {
+			return NGX_DECLINED;
+		}
+	}


The isLocalHostBypass check is much faster and will most of the time fail since the default is off.

Can we convert alcf->allow_localhost to an int (different variable) in ngx_http_auth_digest_merge_loc_conf so we just have to compare 1 int instead of a string each request?

Its better to do this test first before we do the more expensive isLocalHost test.

Nate Gates added 4 commits March 1, 2021 13:08

tidy up code, attempt to add flag for localhost bypass

b4a278f

got setting working, format clean up.

a2f909f

- var rename

0bb37cd

- fromatting

updated documentation.

0f54f35

erikdubbelboer requested changes Mar 5, 2021

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Added localhost bypass option #23

Added localhost bypass option #23

ngates87 commented Mar 4, 2021

erikdubbelboer Mar 5, 2021

erikdubbelboer Mar 5, 2021

Added localhost bypass option #23

Are you sure you want to change the base?

Added localhost bypass option #23

Conversation

ngates87 commented Mar 4, 2021

erikdubbelboer Mar 5, 2021

Choose a reason for hiding this comment

erikdubbelboer Mar 5, 2021

Choose a reason for hiding this comment