mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2025-06-07 09:42:39 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Auth basic: check if file of auth_basic_user_file can be open.

Browse Source 
Fixed #557 by check if the file can be open, this fix only check if file
path that do not contain nginx variable.
This commit is contained in:
Hayden Zhou 2025-05-21 15:56:47 +08:00
parent f3542500b6
commit 82736dbad9
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/http/modules/ngx_http_auth_basic_module.c
View File

@ -404,6 +404,7 @@ ngx_http_auth_basic_user_file(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
ngx_str_t *value;
ngx_http_compile_complex_value_t ccv;
ngx_file_info_t fi;
if (alcf->user_file != NGX_CONF_UNSET_PTR) {
return "is duplicate";
@ -428,5 +429,13 @@ ngx_http_auth_basic_user_file(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
return NGX_CONF_ERROR;
}
if (alcf->user_file->lengths == NULL &&
ngx_file_info(alcf->user_file->value.data, &fi)
== NGX_FILE_ERROR) {
ngx_conf_log_error(NGX_LOG_WARN, cf, ngx_errno,
ngx_file_info_n " \"%s\" failed",
alcf->user_file->value.data);
}
return NGX_CONF_OK;
}