move into init_process

Author: liudongmiao

src/ngx_http_modsecurity_common.h

@@ -118,7 +118,6 @@ typedef struct {
     const char                *rules;
     const char                *rules_set_file;
     const char                *rules_remote_key, *rules_remote_server;
-    ngx_flag_t                 rules_loaded;
 
     ngx_flag_t                 enable;
 #if defined(MODSECURITY_SANITY_CHECKS) && (MODSECURITY_SANITY_CHECKS)

src/ngx_http_modsecurity_module.c

@@ -251,41 +251,6 @@ ngx_http_modsecurity_cleanup(void *data)
 #endif
 }
 
-static int lazy_loading_rules(ngx_http_request_t *r) {
-    int rules;
-    const char *error;
-    ngx_http_modsecurity_conf_t *mcf = ngx_http_get_module_loc_conf(r, ngx_http_modsecurity_module);
-#define show_loaded_rules(message)                                                                     \
-    if (rules >= 0) {                                                                                  \
-        ngx_log_error(NGX_LOG_NOTICE, r->connection->log, 0,                                           \
-                      "lazy-load %d rules from %s", rules, message);                                   \
-    } else {                                                                                           \
-        goto clean;                                                                                    \
-    }
-
-    if (mcf->rules_loaded != NGX_CONF_UNSET) {
-        return NGX_OK;
-    }
-    if (mcf->rules != NGX_CONF_UNSET_PTR) {
-        rules = msc_rules_add(mcf->rules_set, mcf->rules, &error);
-        show_loaded_rules(mcf->rules);
-    }
-    if (mcf->rules_set_file != NGX_CONF_UNSET_PTR) {
-        rules = msc_rules_add_file(mcf->rules_set, mcf->rules_set_file, &error);
-        show_loaded_rules(mcf->rules_set_file);
-    }
-    if (mcf->rules_remote_key != NGX_CONF_UNSET_PTR
-        && mcf->rules_remote_server != NGX_CONF_UNSET_PTR) {
-        rules = msc_rules_add_remote(mcf->rules_set,
-                                     mcf->rules_remote_key, mcf->rules_remote_server, &error);
-        show_loaded_rules(mcf->rules_remote_server);
-    }
-    mcf->rules_loaded = - NGX_CONF_UNSET;
-    return NGX_OK;
-clean:
-    ngx_log_error(NGX_ERROR_ERR, r->connection->log, 0, "cannot load rules: %s", error);
-    return NGX_ERROR;
-}
 
 ngx_inline ngx_http_modsecurity_ctx_t *
 ngx_http_modsecurity_create_ctx(ngx_http_request_t *r)
@@ -308,10 +273,6 @@ ngx_http_modsecurity_create_ctx(ngx_http_request_t *r)
 
     dd("creating transaction with the following rules: '%p' -- ms: '%p'", mcf->rules_set, mmcf->modsec);
 
-    if (lazy_loading_rules(r) != NGX_OK) {
-        return NGX_CONF_ERROR;
-    }
-
     if (mcf->transaction_id) {
         if (ngx_http_complex_value(r, mcf->transaction_id, &s) != NGX_OK) {
             return NGX_CONF_ERROR;
@@ -562,14 +523,59 @@ static ngx_http_module_t ngx_http_modsecurity_ctx = {
 };
 
 
+static int lazy_loading_rules(ngx_http_modsecurity_conf_t *mcf, ngx_log_t *log) {
+    int rules;
+    const char *error;
+#define show_loaded_rules(message)                                                                     \
+    if (rules >= 0) {                                                                                  \
+        ngx_log_error(NGX_LOG_NOTICE, log, 0,                                                          \
+                      "lazy-load %d rules from %s", rules, message);                                   \
+    } else {                                                                                           \
+        goto clean;                                                                                    \
+    }
+
+    if (mcf->rules != NGX_CONF_UNSET_PTR) {
+        rules = msc_rules_add(mcf->rules_set, mcf->rules, &error);
+        show_loaded_rules(mcf->rules);
+    }
+    if (mcf->rules_set_file != NGX_CONF_UNSET_PTR) {
+        rules = msc_rules_add_file(mcf->rules_set, mcf->rules_set_file, &error);
+        show_loaded_rules(mcf->rules_set_file);
+    }
+    if (mcf->rules_remote_key != NGX_CONF_UNSET_PTR
+        && mcf->rules_remote_server != NGX_CONF_UNSET_PTR) {
+        rules = msc_rules_add_remote(mcf->rules_set,
+                                     mcf->rules_remote_key, mcf->rules_remote_server, &error);
+        show_loaded_rules(mcf->rules_remote_server);
+    }
+    return NGX_OK;
+clean:
+    ngx_log_error(NGX_ERROR_ERR, log, 0, "cannot load rules: %s", error);
+    return NGX_ERROR;
+}
+
+
+static ngx_int_t ngx_http_modsecurity_init_process(ngx_cycle_t *cycle) {
+    ngx_pool_cleanup_t *cleanup;
+    for (cleanup = cycle->pool->cleanup; cleanup; cleanup = cleanup->next) {
+        if (cleanup->handler == ngx_http_modsecurity_cleanup_rules) {
+            if (lazy_loading_rules(cleanup->data, cycle->log) != NGX_OK) {
+                return NGX_ERROR;
+            }
+        }
+    }
+    return NGX_OK;
+}
+
+
 ngx_module_t ngx_http_modsecurity_module = {
     NGX_MODULE_V1,
     &ngx_http_modsecurity_ctx,             /* module context */
     ngx_http_modsecurity_commands,         /* module directives */
     NGX_HTTP_MODULE,                       /* module type */
     NULL,                                  /* init master */
     NULL,                                  /* init module */
-    NULL,                                  /* init process */
+    ngx_http_modsecurity_init_process,     /* init process */
     NULL,                                  /* init thread */
     NULL,                                  /* exit thread */
     NULL,                                  /* exit process */
@@ -753,7 +759,6 @@ ngx_http_modsecurity_create_conf(ngx_conf_t *cf)
     conf->rules_set_file = NGX_CONF_UNSET_PTR;
     conf->rules_remote_key = NGX_CONF_UNSET_PTR;
     conf->rules_remote_server = NGX_CONF_UNSET_PTR;
-    conf->rules_loaded = NGX_CONF_UNSET;
     conf->pool = cf->pool;
     conf->transaction_id = NGX_CONF_UNSET_PTR;
 #if defined(MODSECURITY_SANITY_CHECKS) && (MODSECURITY_SANITY_CHECKS)