Added nginx_upload_module-2.0.10

brightbox · Sep 3, 2009 · 227da86 · 227da86
1 parent 7543fd1
commit 227da86
Show file tree

Hide file tree

Showing 8 changed files with 2,786 additions and 1 deletion.
diff --git a/debian/nginx_upload_module-2.0.10/Changelog b/debian/nginx_upload_module-2.0.10/Changelog
@@ -0,0 +1,74 @@
+
+Version 2.0.10
+ * Change: compatibility with nginx API 0.8.11
+ * Fixed bug: Prevent module from registering store path if no upload location
+ was configured
+ * Fixed bug: upload corrupted in case of short body + keepalive. Thanks to Dmitry
+ Dedukhin.
+ * Change: Return error 415 instead of 400 if request content type is not
+ multipart/form-data
+
+Version 2.0.9
+ * Change: compatibility with nginx's API 0.7.52 and greater
+ * Fixed bug: module directives couldn't have appeared in limit_except block
+ * Added feature: directive upload_limit_rate and ability to limit upload rate
+ * Change: Malformed body issues are now logged to error log instead of debug log
+
+Version 2.0.8
+ * Change: support for named locations
+ * Fixed bug: crash on missing Content-Type request header
+ * Fixed bug: compilation problem on amd 64
+
+Version 2.0.7
+ * Change: file size and output body size restrictions
+ * Added feature: directive upload_pass_args enables forwarding
+   of request arguments to a backend. Thanks to Todd Fisher.
+
+Version 2.0.6
+ * Fixed bug: zero variables in aggregate field name caused allocation
+   of random amount of memory. Thanks to Dmitry Dedukhin.
+ * Fixed bug: Prevent generation of a field in case of empty field name
+
+Version 2.0.5
+ * Fixed bug: prevent leaking of file descriptors on a timeout (unconfirmed problem).
+ * Fixed bug: variables in field values in upload_set_form_field and
+   upload_aggregate_form_field directives were not working if field name
+   contained 0 variables. 
+ * Added feature: directive upload_cleanup now specifies statuses,
+   which initiate removal of uploaded files. Used for cleanup after
+   failure of a backend.
+ * Added feature: aggregate variable upload_file_crc32 allows to calculate
+   CRC32 if file on the fly.
+ * Fixed bug: Indicator of necessity to calculate SHA1 sum was not inheritable
+   from server configuration.
+
+Version 2.0.4
+ * Fixed bug: location configuration of upload_set_form_field and upload_pass_form_field
+   was not inheritable from server configuration.
+ * Added feature: directive upload_aggregate_form_field to pass aggragate properties
+   of a file like file size, MD5 and SHA1 sums to backend.
+ * Fixed bug: missing CRLF at the end of resulting body.
+ * Change: optimized out some unnecessary memory allocations and zeroing.
+
+Version 2.0.3
+ * upload_store directive was not able to receive more than one argument.
+   As a result no hashed dirs for file uploads were possible.
+ * upload_store_access directive did not work at all. Permissions were
+   defaulted to user:rw. Thanks to Brian Moran.
+ * In case of any errors at the last chunk of request body only 500 Internal Server Error
+   was generated intead of 400 Bad Request and 503 Service Unavailable.
+ * Fixed copyrights for temporary file name generation code
+ * Fixed compilation issue on 0.6.32. Thanks to Tomas Pollak.
+ * Added directive upload_pass_form_field to specify fields
+   to pass to backend. Fixes security hole found by Brian Moran.
+
+Version 2.0.2
+ * Fixed crash in logging filename while aborting upload
+ * Added feasible debug logging
+ * Added support for variables to generate form fields
+   in resulting request body
+ * Added missing logging of errno after write failures
+ * Simplified upload abortion logic; simply discarding
+   already added fields
+ * Now returning explicit error code after script failures
+   to be able to generate Internal server error
diff --git a/debian/nginx_upload_module-2.0.10/LICENCE b/debian/nginx_upload_module-2.0.10/LICENCE
@@ -0,0 +1,24 @@
+* Copyright (c) 2006, 2008, Valery Kholodkov
+* All rights reserved.
+*
+* Redistribution and use in source and binary forms, with or without
+* modification, are permitted provided that the following conditions are met:
+*     * Redistributions of source code must retain the above copyright
+*       notice, this list of conditions and the following disclaimer.
+*     * Redistributions in binary form must reproduce the above copyright
+*       notice, this list of conditions and the following disclaimer in the
+*       documentation and/or other materials provided with the distribution.
+*     * Neither the name of the Valery Kholodkov nor the
+*       names of its contributors may be used to endorse or promote products
+*       derived from this software without specific prior written permission.
+*
+* THIS SOFTWARE IS PROVIDED BY VALERY KHOLODKOV ''AS IS'' AND ANY
+* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+* DISCLAIMED. IN NO EVENT SHALL VALERY KHOLODKOV BE LIABLE FOR ANY
+* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
+* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/debian/nginx_upload_module-2.0.10/config b/debian/nginx_upload_module-2.0.10/config
@@ -0,0 +1,5 @@
+USE_MD5=YES
+USE_SHA1=YES
+ngx_addon_name=ngx_http_upload_module
+HTTP_MODULES="$HTTP_MODULES ngx_http_upload_module"
+NGX_ADDON_SRCS="$NGX_ADDON_SRCS $ngx_addon_dir/ngx_http_upload_module.c"
diff --git a/debian/nginx_upload_module-2.0.10/example.php b/debian/nginx_upload_module-2.0.10/example.php
@@ -0,0 +1,47 @@
+<?php
+$header_prefix = 'file';
+$slots = 6;
+?>
+<html>
+<head>
+<title>Test upload</title>
+</head>
+<body>
+<?
+if ($_POST){
+    echo "<h2>Uploaded files:</h2>";
+    echo "<table border=\"2\" cellpadding=\"2\">";
+
+    echo "<tr><td>Name</td><td>Location</td><td>Content type</td><td>MD5</td><td>Size</tr>";
+
+	for ($i=1;$i<=$slots;$i++){
+		$key = $header_prefix.$i;
+		if (array_key_exists($key."_name", $_POST) && array_key_exists($key."_path",$_POST)) {
+			$tmp_name = $_POST[$key."_path"];
+			$name = $_POST[$key."_name"];
+			$content_type = $_POST[$key."_content_type"];
+			$md5 = $_POST[$key."_md5"];
+			$size = $_POST[$key."_size"];
+
+            echo "<tr><td>$name</td><td>$tmp_name</td><td>$content_type</td><td>$md5</td><td>$size</td>";
+		}
+	}
+
+    echo "</table>";
+
+}else{?>
+<h2>Select files to upload</h2>
+<form name="upload" method="POST" enctype="multipart/form-data" action="/upload">
+<input type="file" name="file1"><br>
+<input type="file" name="file2"><br>
+<input type="file" name="file3"><br>
+<input type="file" name="file4"><br>
+<input type="file" name="file5"><br>
+<input type="file" name="file6"><br>
+<input type="submit" name="submit" value="Upload">
+<input type="hidden" name="test" value="value">
+</form>
+<?}
+?>
+</body>
+</html>
diff --git a/debian/nginx_upload_module-2.0.10/nginx.conf b/debian/nginx_upload_module-2.0.10/nginx.conf
@@ -0,0 +1,49 @@
+
+worker_processes  20;
+
+error_log  logs/error.log notice;
+
+working_directory /usr/local/nginx;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+    include       mime.types;
+    default_type  application/octet-stream;
+
+    server {
+        listen       80;
+        client_max_body_size 100m;
+
+        # Upload form should be submitted to this location
+        location /upload {
+            # Pass altered request body to this location
+            upload_pass   @test;
+
+            # Store files to this directory
+            # The directory is hashed, subdirectories 0 1 2 3 4 5 6 7 8 9 should exist
+            upload_store /tmp 1;
+
+            # Allow uploaded files to be read only by user
+            upload_store_access user:r;
+
+            # Set specified fields in request body
+            upload_set_form_field "${upload_field_name}_name" $upload_file_name;
+            upload_set_form_field "${upload_field_name}_content_type" $upload_content_type;
+            upload_set_form_field "${upload_field_name}_path" $upload_tmp_path;
+
+            # Inform backend about hash and size of a file
+            upload_aggregate_form_field "${upload_field_name}_md5" $upload_file_md5;
+            upload_aggregate_form_field "${upload_field_name}_size" $upload_file_size;
+
+            upload_pass_form_field "^submit$|^description$";
+        }
+
+        # Pass altered request body to a backend
+        location @test {
+            proxy_pass   http://localhost:8080;
+        }
+    }
+}