Skip to content

Commit 049456b

Browse files
felegyfelegy
committed
Added support for HTTP Date format
RFC7231 - 7.1.1.1 https://tools.ietf.org/html/rfc7231#section-7.1.1.1
1 parent f85dc35 commit 049456b

File tree

1 file changed

+68
-36
lines changed

1 file changed

+68
-36
lines changed

ngx_http_hmac_secure_link_module.c

+68-36
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,15 @@
99

1010
#define NGX_DEFAULT_HASH_FUNCTION "sha256"
1111

12+
static const char * wdays[7] = {
13+
"Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat",
14+
};
15+
16+
static const char * months[12] = {
17+
"Jan", "Feb", "Mar", "Apr", "May", "Jun",
18+
"Jul", "Aug", "Sep", "Oct", "Nov", "Dec",
19+
};
20+
1221
typedef struct {
1322
ngx_http_complex_value_t *hmac_variable;
1423
ngx_http_complex_value_t *hmac_message;
@@ -170,44 +179,67 @@ ngx_http_secure_link_variable(ngx_http_request_t *r,
170179
(ngx_tm_mday_t *) &mday, (ngx_tm_hour_t *) &hour,
171180
(ngx_tm_min_t *) &min, (ngx_tm_sec_t *) &sec,
172181
&gmtoff_sign, &gmtoff_hour, &gmtoff_min) < 9) {
173-
goto not_found;
182+
/* Parse timestamp in HTTP Date format RFC7231 - 7.1.1.1
183+
https://tools.ietf.org/html/rfc7231#section-7.1.1.1 */
184+
if (sscanf((char *)p, "%*[a-zA-Z,] %d %3s %d %d:%d:%d",
185+
(ngx_tm_mday_t *) &mday, (char M[4]) &M,
186+
(ngx_tm_year_t *) &year,(ngx_tm_hour_t *) &hour,
187+
(ngx_tm_min_t *) &min, (ngx_tm_sec_t *) &sec) < 5) {
188+
goto not_found;
189+
}
190+
/* Parse month from string of months */
191+
ngx_tm_mon_t month;
192+
bool valid_month = false;
193+
for (int i = 0; i < 12; i++) {
194+
if (strncmp (M, months[i], 3) == 0) {
195+
month = i;
196+
valid_month = true;
197+
break;
198+
}
199+
}
200+
if(!valid_month) {
201+
goto not_found;
202+
}
203+
year -= 1900;
204+
timestamp = timegm (& g);
174205
}
175-
176-
/* Put February last because it has leap day */
177-
month -= 2;
178-
if (month <= 0) {
179-
month += 12;
180-
year -= 1;
206+
else {
207+
/* Put February last because it has leap day */
208+
month -= 2;
209+
if (month <= 0) {
210+
month += 12;
211+
year -= 1;
212+
}
213+
214+
/* Gauss' formula for Gregorian days since March 1, 1 BC */
215+
/* Taken from ngx_http_parse_time.c */
216+
timestamp = (time_t) (
217+
/* days in years including leap years since March 1, 1 BC */
218+
365 * year + year / 4 - year / 100 + year / 400
219+
/* days before the month */
220+
+ 367 * month / 12 - 30
221+
/* days before the day */
222+
+ mday - 1
223+
/*
224+
* 719527 days were between March 1, 1 BC and March 1, 1970,
225+
* 31 and 28 days were in January and February 1970
226+
*/
227+
- 719527 + 31 + 28) * 86400 + hour * 3600 + min * 60 + sec;
228+
229+
/* Determine the time offset with respect to GMT */
230+
gmtoff = 3600 * gmtoff_hour + 60 * gmtoff_min;
231+
232+
if (gmtoff_sign == '+') {
233+
timestamp -= gmtoff;
234+
}
235+
236+
if (gmtoff_sign == '-') {
237+
timestamp += gmtoff;
238+
}
239+
240+
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
241+
"secure link timestamp: \"%T\"", timestamp);
181242
}
182-
183-
/* Gauss' formula for Gregorian days since March 1, 1 BC */
184-
/* Taken from ngx_http_parse_time.c */
185-
timestamp = (time_t) (
186-
/* days in years including leap years since March 1, 1 BC */
187-
365 * year + year / 4 - year / 100 + year / 400
188-
/* days before the month */
189-
+ 367 * month / 12 - 30
190-
/* days before the day */
191-
+ mday - 1
192-
/*
193-
* 719527 days were between March 1, 1 BC and March 1, 1970,
194-
* 31 and 28 days were in January and February 1970
195-
*/
196-
- 719527 + 31 + 28) * 86400 + hour * 3600 + min * 60 + sec;
197-
198-
/* Determine the time offset with respect to GMT */
199-
gmtoff = 3600 * gmtoff_hour + 60 * gmtoff_min;
200-
201-
if (gmtoff_sign == '+') {
202-
timestamp -= gmtoff;
203-
}
204-
205-
if (gmtoff_sign == '-') {
206-
timestamp += gmtoff;
207-
}
208-
209-
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
210-
"secure link timestamp: \"%T\"", timestamp);
211243
}
212244

213245
if (timestamp <= 0) {

0 commit comments

Comments
 (0)