1 /* Licensed to the Apache Software Foundation (ASF) under one or more
2 * contributor license agreements. See the NOTICE file distributed with
3 * this work for additional information regarding copyright ownership.
4 * The ASF licenses this file to You under the Apache License, Version 2.0
5 * (the "License"); you may not use this file except in compliance with
6 * the License. You may obtain a copy of the License at
8 * http://www.apache.org/licenses/LICENSE-2.0
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
19 * Set environment variables based on matching request headers or
20 * attributes against regex strings
22 * Paul Sutton <paul@ukweb.com> 27 Oct 1996
23 * Based on mod_browser by Alexei Kosut <akosut@organic.com>
27 * Used to set environment variables based on the incoming request headers,
28 * or some selected other attributes of the request (e.g., the remote host
33 * SetEnvIf name regex var ...
35 * where name is either a HTTP request header name, or one of the
36 * special values (see below). 'name' may be a regex when it is used
37 * to specify an HTTP request header name. The 'value' of the header
38 & (or the value of the special value from below) are compared against
39 * the regex argument. If this is a simple string, a simple sub-string
40 * match is performed. Otherwise, a request expression match is
41 * done. If the value matches the string or regular expression, the
42 * environment variables listed as var ... are set. Each var can
43 * be in one of three formats: var, which sets the named variable
44 * (the value value "1"); var=value, which sets the variable to
45 * the given value; or !var, which unsets the variable is it has
46 * been previously set.
48 * Normally the strings are compared with regard to case. To ignore
49 * case, use the directive SetEnvIfNoCase instead.
51 * Special values for 'name' are:
53 * server_addr IP address of interface on which request arrived
54 * (analogous to SERVER_ADDR set in ap_add_common_vars())
55 * remote_host Remote host name (if available)
56 * remote_addr Remote IP address
57 * request_method Request method (GET, POST, etc)
58 * request_uri Requested URI
62 * To set the environment variable LOCALHOST if the client is the local
65 * SetEnvIf remote_addr 127.0.0.1 LOCALHOST
67 * To set LOCAL if the client is the local host, or within our company's
68 * domain (192.168.10):
70 * SetEnvIf remote_addr 192.168.10. LOCAL
71 * SetEnvIf remote_addr 127.0.0.1 LOCALHOST
73 * This could be written as:
75 * SetEnvIf remote_addr (127.0.0.1|192.168.10.) LOCAL
77 * To set HAVE_TS if the client request contains any header beginning
78 * with "TS" with a value beginning with a lower case alphabet:
80 * SetEnvIf ^TS* ^[a-z].* HAVE_TS
84 #include "apr_strings.h"
85 #include "apr_strmatch.h"
87 #define APR_WANT_STRFUNC
90 #include "ap_config.h"
92 #include "http_config.h"
93 #include "http_core.h"
95 #include "http_protocol.h"
102 SPECIAL_REQUEST_METHOD,
103 SPECIAL_REQUEST_PROTOCOL,
107 char *name; /* header name */
108 ap_regex_t *pnamereg; /* compiled header name regex */
109 char *regex; /* regex to match against */
110 ap_regex_t *preg; /* compiled regex */
111 const apr_strmatch_pattern *pattern; /* non-regex pattern to match */
112 ap_expr_info_t *expr; /* parsed expression */
113 apr_table_t *features; /* env vars to set (or unset) */
114 enum special special_type; /* is it a "special" header ? */
115 int icase; /* ignoring case? */
119 apr_array_header_t *conditionals;
122 module AP_MODULE_DECLARE_DATA setenvif_module;
125 * These routines, the create- and merge-config functions, are called
126 * for both the server-wide and the per-directory contexts. This is
127 * because the different definitions are used at different times; the
128 * server-wide ones are used in the post-read-request phase, and the
129 * per-directory ones are used during the header-parse phase (after
130 * the URI has been mapped to a file and we have anything from the
131 * .htaccess file and <Directory> and <Files> containers).
133 static void *create_setenvif_config(apr_pool_t *p)
135 sei_cfg_rec *new = (sei_cfg_rec *) apr_palloc(p, sizeof(sei_cfg_rec));
137 new->conditionals = apr_array_make(p, 20, sizeof(sei_entry));
141 static void *create_setenvif_config_svr(apr_pool_t *p, server_rec *dummy)
143 return create_setenvif_config(p);
146 static void *create_setenvif_config_dir(apr_pool_t *p, char *dummy)
148 return create_setenvif_config(p);
151 static void *merge_setenvif_config(apr_pool_t *p, void *basev, void *overridesv)
153 sei_cfg_rec *a = apr_pcalloc(p, sizeof(sei_cfg_rec));
154 sei_cfg_rec *base = basev, *overrides = overridesv;
156 a->conditionals = apr_array_append(p, base->conditionals,
157 overrides->conditionals);
162 * any non-NULL magic constant will do... used to indicate if AP_REG_ICASE should
165 #define ICASE_MAGIC ((void *)(&setenvif_module))
166 #define SEI_MAGIC_HEIRLOOM "setenvif-phase-flag"
168 static int is_header_regex(apr_pool_t *p, const char* name)
170 /* If a Header name contains characters other than:
171 * -,_,[A-Z\, [a-z] and [0-9].
172 * assume the header name is a regular expression.
174 ap_regex_t *preg = ap_pregcomp(p, "^[-A-Za-z0-9_]*$",
175 (AP_REG_EXTENDED | AP_REG_NOSUB ));
176 ap_assert(preg != NULL);
178 if (ap_regexec(preg, name, 0, NULL, 0)) {
185 /* If the input string does not take advantage of regular
186 * expression metacharacters, return a pointer to an equivalent
187 * string that can be searched using apr_strmatch(). (The
188 * returned string will often be the input string. But if
189 * the input string contains escaped characters, the returned
190 * string will be a copy with the escapes removed.)
192 static const char *non_regex_pattern(apr_pool_t *p, const char *s)
195 int escapes_found = 0;
235 if (!escapes_found) {
239 char *unescaped = (char *)apr_palloc(p, src - s + 1);
240 char *dst = unescaped;
246 } while ((*dst++ = *src++));
251 static const char *add_envvars(cmd_parms *cmd, const char *args, sei_entry *new)
258 feature = ap_getword_conf(cmd->pool, &args);
264 var = ap_getword(cmd->pool, &feature, '=');
266 apr_table_setn(new->features, var, feature);
268 else if (*var == '!') {
269 apr_table_setn(new->features, var + 1, "!");
272 apr_table_setn(new->features, var, "1");
277 return apr_pstrcat(cmd->pool, "Missing envariable expression for ",
278 cmd->cmd->name, NULL);
284 static const char *add_setenvif_core(cmd_parms *cmd, void *mconfig,
285 char *fname, const char *args)
288 const char *simple_pattern;
296 * Determine from our context into which record to put the entry.
297 * cmd->path == NULL means we're in server-wide context; otherwise,
298 * we're dealing with a per-directory setting.
300 sconf = (cmd->path != NULL)
301 ? (sei_cfg_rec *) mconfig
302 : (sei_cfg_rec *) ap_get_module_config(cmd->server->module_config,
304 entries = (sei_entry *) sconf->conditionals->elts;
306 regex = ap_getword_conf(cmd->pool, &args);
308 return apr_pstrcat(cmd->pool, "Missing regular expression for ",
309 cmd->cmd->name, NULL);
313 * If we've already got a sei_entry with the same name we want to
314 * just copy the name pointer... so that later on we can compare
315 * two header names just by comparing the pointers.
317 for (i = 0; i < sconf->conditionals->nelts; ++i) {
319 if (!strcasecmp(new->name, fname)) {
325 /* if the last entry has an identical headername and regex then
328 i = sconf->conditionals->nelts - 1;
329 icase = cmd->info == ICASE_MAGIC;
331 || entries[i].name != fname
332 || entries[i].icase != icase
333 || strcmp(entries[i].regex, regex)) {
335 /* no match, create a new entry */
336 new = apr_array_push(sconf->conditionals);
340 if ((simple_pattern = non_regex_pattern(cmd->pool, regex))) {
341 new->pattern = apr_strmatch_precompile(cmd->pool,
342 simple_pattern, !icase);
343 if (new->pattern == NULL) {
344 return apr_pstrcat(cmd->pool, cmd->cmd->name,
345 " pattern could not be compiled.", NULL);
350 new->preg = ap_pregcomp(cmd->pool, regex,
351 (AP_REG_EXTENDED | (icase ? AP_REG_ICASE : 0)));
352 if (new->preg == NULL) {
353 return apr_pstrcat(cmd->pool, cmd->cmd->name,
354 " regex could not be compiled.", NULL);
358 new->features = apr_table_make(cmd->pool, 2);
360 if (!strcasecmp(fname, "remote_addr")) {
361 new->special_type = SPECIAL_REMOTE_ADDR;
363 else if (!strcasecmp(fname, "remote_host")) {
364 new->special_type = SPECIAL_REMOTE_HOST;
366 else if (!strcasecmp(fname, "request_uri")) {
367 new->special_type = SPECIAL_REQUEST_URI;
369 else if (!strcasecmp(fname, "request_method")) {
370 new->special_type = SPECIAL_REQUEST_METHOD;
372 else if (!strcasecmp(fname, "request_protocol")) {
373 new->special_type = SPECIAL_REQUEST_PROTOCOL;
375 else if (!strcasecmp(fname, "server_addr")) {
376 new->special_type = SPECIAL_SERVER_ADDR;
379 new->special_type = SPECIAL_NOT;
380 /* Handle fname as a regular expression.
381 * If fname a simple header string, identify as such
382 * (new->pnamereg = NULL) to avoid the overhead of searching
383 * through headers_in for a regex match.
385 if (is_header_regex(cmd->temp_pool, fname)) {
386 new->pnamereg = ap_pregcomp(cmd->pool, fname,
387 (AP_REG_EXTENDED | AP_REG_NOSUB
388 | (icase ? AP_REG_ICASE : 0)));
389 if (new->pnamereg == NULL)
390 return apr_pstrcat(cmd->pool, cmd->cmd->name,
391 "Header name regex could not be "
395 new->pnamereg = NULL;
403 return add_envvars(cmd, args, new);
406 static const char *add_setenvif(cmd_parms *cmd, void *mconfig,
411 /* get header name */
412 fname = ap_getword_conf(cmd->pool, &args);
414 return apr_pstrcat(cmd->pool, "Missing header-field name for ",
415 cmd->cmd->name, NULL);
417 return add_setenvif_core(cmd, mconfig, fname, args);
420 static const char *add_setenvifexpr(cmd_parms *cmd, void *mconfig,
429 * Determine from our context into which record to put the entry.
430 * cmd->path == NULL means we're in server-wide context; otherwise,
431 * we're dealing with a per-directory setting.
433 sconf = (cmd->path != NULL)
434 ? (sei_cfg_rec *) mconfig
435 : (sei_cfg_rec *) ap_get_module_config(cmd->server->module_config,
438 expr = ap_getword_conf(cmd->pool, &args);
440 return apr_pstrcat(cmd->pool, "Missing expression for ",
441 cmd->cmd->name, NULL);
444 new = apr_array_push(sconf->conditionals);
445 new->features = apr_table_make(cmd->pool, 2);
450 new->expr = ap_expr_parse_cmd(cmd, expr, 0, &err, NULL);
452 return apr_psprintf(cmd->pool, "Could not parse expression \"%s\": %s",
455 return add_envvars(cmd, args, new);
459 * This routine handles the BrowserMatch* directives. It simply turns around
460 * and feeds them, with the appropriate embellishments, to the general-purpose
463 static const char *add_browser(cmd_parms *cmd, void *mconfig, const char *args)
465 return add_setenvif_core(cmd, mconfig, "User-Agent", args);
468 static const command_rec setenvif_module_cmds[] =
470 AP_INIT_RAW_ARGS("SetEnvIf", add_setenvif, NULL, OR_FILEINFO,
471 "A header-name, regex and a list of variables."),
472 AP_INIT_RAW_ARGS("SetEnvIfNoCase", add_setenvif, ICASE_MAGIC, OR_FILEINFO,
473 "a header-name, regex and a list of variables."),
474 AP_INIT_RAW_ARGS("SetEnvIfExpr", add_setenvifexpr, NULL, OR_FILEINFO,
475 "an expression and a list of variables."),
476 AP_INIT_RAW_ARGS("BrowserMatch", add_browser, NULL, OR_FILEINFO,
477 "A browser regex and a list of variables."),
478 AP_INIT_RAW_ARGS("BrowserMatchNoCase", add_browser, ICASE_MAGIC,
480 "A browser regex and a list of variables."),
485 * This routine gets called at two different points in request processing:
486 * once before the URI has been translated (during the post-read-request
487 * phase) and once after (during the header-parse phase). We use different
488 * config records for the two different calls to reduce overhead (by not
489 * re-doing the server-wide settings during directory processing), and
490 * signal which call it is by having the earlier one pass a flag to the
493 static int match_headers(request_rec *r)
497 const apr_table_entry_t *elts;
498 const char *val, *err;
499 apr_size_t val_len = 0;
502 ap_regmatch_t regm[AP_MAX_REG_MATCH];
504 if (!ap_get_module_config(r->request_config, &setenvif_module)) {
505 ap_set_module_config(r->request_config, &setenvif_module,
507 sconf = (sei_cfg_rec *) ap_get_module_config(r->server->module_config,
511 sconf = (sei_cfg_rec *) ap_get_module_config(r->per_dir_config,
514 entries = (sei_entry *) sconf->conditionals->elts;
517 for (i = 0; i < sconf->conditionals->nelts; ++i) {
518 sei_entry *b = &entries[i];
521 /* Optimize the case where a bunch of directives in a row use the
522 * same header. Remember we don't need to strcmp the two header
523 * names because we made sure the pointers were equal during
526 if (b->name != last_name) {
528 switch (b->special_type) {
529 case SPECIAL_REMOTE_ADDR:
532 case SPECIAL_SERVER_ADDR:
533 val = r->connection->local_ip;
535 case SPECIAL_REMOTE_HOST:
536 val = ap_get_remote_host(r->connection, r->per_dir_config,
539 case SPECIAL_REQUEST_URI:
542 case SPECIAL_REQUEST_METHOD:
545 case SPECIAL_REQUEST_PROTOCOL:
550 /* Matching headers_in against a regex. Iterate through
551 * the headers_in until we find a match or run out of
554 const apr_array_header_t
555 *arr = apr_table_elts(r->headers_in);
557 elts = (const apr_table_entry_t *) arr->elts;
559 for (j = 0; j < arr->nelts; ++j) {
560 if (!ap_regexec(b->pnamereg, elts[j].key, 0, NULL, 0)) {
566 /* Not matching against a regex */
567 val = apr_table_get(r->headers_in, b->name);
569 val = apr_table_get(r->subprocess_env, b->name);
573 val_len = val ? strlen(val) : 0;
579 * A NULL value indicates that the header field or special entity
580 * wasn't present or is undefined. Represent that as an empty string
581 * so that REs like "^$" will work and allow envariable setting
582 * based on missing or empty field. This is also necessary to make
583 * ap_pregsub work after evaluating an ap_expr_t which does set the
584 * regexp backref data.
591 if ((b->pattern && apr_strmatch(b->pattern, val, val_len)) ||
592 (b->preg && !ap_regexec(b->preg, val, AP_MAX_REG_MATCH, regm, 0)) ||
593 (b->expr && ap_expr_exec_re(r, b->expr, AP_MAX_REG_MATCH, regm, &val, &err) > 0))
595 const apr_array_header_t *arr = apr_table_elts(b->features);
596 elts = (const apr_table_entry_t *) arr->elts;
598 for (j = 0; j < arr->nelts; ++j) {
599 if (*(elts[j].val) == '!') {
600 apr_table_unset(r->subprocess_env, elts[j].key);
604 char *replaced = ap_pregsub(r->pool, elts[j].val, val,
605 AP_MAX_REG_MATCH, regm);
607 apr_table_setn(r->subprocess_env, elts[j].key,
611 ap_log_rerror(APLOG_MARK, APLOG_CRIT, 0, r, APLOGNO(01505)
612 "Regular expression replacement "
613 "failed for '%s', value too long?",
615 return HTTP_INTERNAL_SERVER_ERROR;
619 apr_table_setn(r->subprocess_env, elts[j].key,
623 ap_log_rerror(APLOG_MARK, APLOG_TRACE2, 0, r, "Setting %s",
632 static void register_hooks(apr_pool_t *p)
634 ap_hook_header_parser(match_headers, NULL, NULL, APR_HOOK_MIDDLE);
635 ap_hook_post_read_request(match_headers, NULL, NULL, APR_HOOK_MIDDLE);
638 AP_DECLARE_MODULE(setenvif) =
640 STANDARD20_MODULE_STUFF,
641 create_setenvif_config_dir, /* dir config creater */
642 merge_setenvif_config, /* dir merger --- default is to override */
643 create_setenvif_config_svr, /* server config */
644 merge_setenvif_config, /* merge server configs */
645 setenvif_module_cmds, /* command apr_table_t */
646 register_hooks /* register hooks */