summaryrefslogtreecommitdiffhomepage
path: root/src/nxt_conf_validation.c
diff options
context:
space:
mode:
authorZhidao HONG <z.hong@f5.com>2021-04-29 22:04:34 +0800
committerZhidao HONG <z.hong@f5.com>2021-04-29 22:04:34 +0800
commit53279af5d44dce2b679399d6a36eb46292928175 (patch)
tree973ba2979096f6969d11a8646151034e8a4372fd /src/nxt_conf_validation.c
parent113afb09ea7ddeebf2376cf6df3af212705e6128 (diff)
downloadunit-53279af5d44dce2b679399d6a36eb46292928175.tar.gz
unit-53279af5d44dce2b679399d6a36eb46292928175.tar.bz2
Static: support for openat2() features.
Support for chrooting, rejecting symlinks, and rejecting crossing mounting points on a per-request basis during static file serving.
Diffstat (limited to 'src/nxt_conf_validation.c')
-rw-r--r--src/nxt_conf_validation.c32
1 files changed, 32 insertions, 0 deletions
diff --git a/src/nxt_conf_validation.c b/src/nxt_conf_validation.c
index 8c5d1ec7..ac1a81d8 100644
--- a/src/nxt_conf_validation.c
+++ b/src/nxt_conf_validation.c
@@ -75,6 +75,8 @@ static nxt_int_t nxt_conf_vldt_error(nxt_conf_validation_t *vldt,
const char *fmt, ...);
static nxt_int_t nxt_conf_vldt_var(nxt_conf_validation_t *vldt,
const char *option, nxt_str_t *value);
+nxt_inline nxt_int_t nxt_conf_vldt_unsupported(nxt_conf_validation_t *vldt,
+ nxt_conf_value_t *value, void *data);
static nxt_int_t nxt_conf_vldt_mtypes(nxt_conf_validation_t *vldt,
nxt_conf_value_t *value, void *data);
@@ -458,6 +460,27 @@ static nxt_conf_vldt_object_t nxt_conf_vldt_share_action_members[] = {
.name = nxt_string("fallback"),
.type = NXT_CONF_VLDT_OBJECT,
.validator = nxt_conf_vldt_action,
+ }, {
+ .name = nxt_string("chroot"),
+ .type = NXT_CONF_VLDT_STRING,
+#if !(NXT_HAVE_OPENAT2)
+ .validator = nxt_conf_vldt_unsupported,
+ .u.string = "chroot",
+#endif
+ }, {
+ .name = nxt_string("follow_symlinks"),
+ .type = NXT_CONF_VLDT_BOOLEAN,
+#if !(NXT_HAVE_OPENAT2)
+ .validator = nxt_conf_vldt_unsupported,
+ .u.string = "follow_symlinks",
+#endif
+ }, {
+ .name = nxt_string("traverse_mounts"),
+ .type = NXT_CONF_VLDT_BOOLEAN,
+#if !(NXT_HAVE_OPENAT2)
+ .validator = nxt_conf_vldt_unsupported,
+ .u.string = "traverse_mounts",
+#endif
},
NXT_CONF_VLDT_END
@@ -1032,6 +1055,15 @@ nxt_conf_vldt_error(nxt_conf_validation_t *vldt, const char *fmt, ...)
}
+nxt_inline nxt_int_t
+nxt_conf_vldt_unsupported(nxt_conf_validation_t *vldt, nxt_conf_value_t *value,
+ void *data)
+{
+ return nxt_conf_vldt_error(vldt, "Unit is built without the \"%s\" "
+ "option support.", data);
+}
+
+
static nxt_int_t
nxt_conf_vldt_var(nxt_conf_validation_t *vldt, const char *option,
nxt_str_t *value)
generated by cgit (git 2.34.1) at 2024-11-16 20:56:28 +0000