- against svn r2504

[packages/lighttpd.git] / lighttpd-mod_evasive-status_code.patch

--- lighttpd-1.4.19/src/mod_evasive.c   2008-09-19 17:50:24.307245276 +0300
+++ lighttpd-1.4.22/src/mod_evasive.c   2009-05-12 02:21:58.524447939 +0300
@@ -28,11 +28,15 @@
 typedef struct {
        unsigned short max_conns;
        unsigned short silent;
+       unsigned short http_status_code;
+       unsigned int retry_after;
 } plugin_config;
 
 typedef struct {
        PLUGIN_DATA;
 
+       buffer *evasive_rftmp;
+
        plugin_config **config_storage;
 
        plugin_config conf;
@@ -46,6 +50,10 @@
 
        p = calloc(1, sizeof(*p));
 
+       p->evasive_rftmp = buffer_init();
+       
+       buffer_prepare_copy(p->evasive_rftmp, 255);
+
        return p;
 }
 
@@ -56,6 +64,8 @@
 
        if (!p) return HANDLER_GO_ON;
 
+       buffer_free(p->evasive_rftmp);
+
        if (p->config_storage) {
                size_t i;
                for (i = 0; i < srv->config_context->used; i++) {
@@ -73,8 +83,10 @@
        size_t i = 0;
 
        config_values_t cv[] = {
-               { "evasive.max-conns-per-ip",    NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION },   /* 1 */
-               { "evasive.silent",              NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 2 */
+               { "evasive.max-conns-per-ip",    NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION },   /* 0 */
+               { "evasive.silent",              NULL, T_CONFIG_BOOLEAN, T_CONFIG_SCOPE_CONNECTION }, /* 1 */
+               { "evasive.http-status-code",    NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION },   /* 2 */
+               { "evasive.retry-after",         NULL, T_CONFIG_SHORT, T_CONFIG_SCOPE_CONNECTION },   /* 3 */
                { NULL,                          NULL, T_CONFIG_UNSET, T_CONFIG_SCOPE_UNSET }
        };
 
@@ -84,10 +96,14 @@
                plugin_config *s;
 
                s = calloc(1, sizeof(plugin_config));
-               s->max_conns       = 0;
-               s->silent          = 0;
+               s->max_conns        = 0;
+               s->silent           = 0;
+               s->http_status_code = 503;
+               s->retry_after      = 0;
 
                cv[0].destination = &(s->max_conns);
+               cv[2].destination = &(s->http_status_code);
+               cv[3].destination = &(s->retry_after);
 
                p->config_storage[i] = s;
 
@@ -107,6 +123,8 @@
 
        PATCH(max_conns);
        PATCH(silent);
+       PATCH(http_status_code);
+       PATCH(retry_after);
 
        /* skip the first, the global context */
        for (i = 1; i < srv->config_context->used; i++) {
@@ -124,6 +142,10 @@
                                PATCH(max_conns);
                        } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("evasive.silent"))) {
                                PATCH(silent);
+                       } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("evasive.http-status-code"))) {
+                               PATCH(http_status_code);
+                       } else if (buffer_is_equal_string(du->key, CONST_STR_LEN("evasive.retry-after"))) {
+                               PATCH(retry_after);
                        }
                }
        }
@@ -192,8 +214,10 @@
                                inet_ntop_cache_get_ip(srv, &(con->dst_addr)),
                                "turned away. Too many connections.");
 
-                       con->http_status = 403;
                        con->mode = DIRECT;
+                       con->http_status = p->conf.http_status_code;
+                       buffer_copy_long(p->evasive_rftmp, p->conf.retry_after);
+                       response_header_overwrite(srv, con, CONST_STR_LEN("Retry-After"), CONST_BUF_LEN(p->evasive_rftmp));
                        return HANDLER_FINISHED;
                }
        }