mirror of
https://github.com/nginx/nginx.git
synced 2024-12-17 06:57:47 +08:00
187b7d9558
*) The changes in the ngx_http_charset_module: the "default_charset"
directive was canceled; the "charset" directive sets the response
charset; the "source_charset" directive sets the source charset only.
*) Bugfix: the backend "WWW-Authenticate" header line did not
transferred while the 401 response code redirecting.
*) Bugfix: the ngx_http_proxy_module and ngx_http_fastcgi_module may
close a connection before anything was transferred to a client; the
bug had appeared in 0.1.38.
*) Workaround: the Linux glibc crypt_r() initialization bug.
*) Bugfix: the ngx_http_ssi_module did not support the relative URI in
the "include virtual" command.
*) Bugfix: if the backend response had the "Location" header line and
nginx should not rewrite this line, then the 500 code response body
was transferred; the bug had appeared in 0.1.29.
*) Bugfix: some directives of the ngx_http_proxy_module and
ngx_http_fastcgi_module were not inherited from the server to the
location level; the bug had appeared in 0.1.29.
*) Bugfix: the ngx_http_ssl_module did not support the certificate
chain.
*) Bugfix: the ngx_http_autoindex_module did not show correctly the
long file names; the bug had appeared in 0.1.38.
*) Bugfixes in IMAP/POP3 proxy in interaction with a backend at the
login state.
109 lines
2.0 KiB
C
109 lines
2.0 KiB
C
|
|
/*
|
|
* Copyright (C) Igor Sysoev
|
|
*/
|
|
|
|
|
|
#include <ngx_config.h>
|
|
#include <ngx_core.h>
|
|
|
|
|
|
/*
|
|
* Solaris has thread-safe crypt()
|
|
* Linux has crypt_r(); "struct crypt_data" is more than 128K
|
|
* FreeBSD needs the mutex to protect crypt()
|
|
*
|
|
* TODO:
|
|
* ngx_crypt_init() to init mutex
|
|
*/
|
|
|
|
|
|
#if (NGX_CRYPT)
|
|
|
|
#if (NGX_HAVE_GNU_CRYPT_R)
|
|
|
|
ngx_int_t
|
|
ngx_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted)
|
|
{
|
|
char *value;
|
|
size_t len;
|
|
ngx_err_t err;
|
|
struct crypt_data cd;
|
|
|
|
ngx_set_errno(0);
|
|
|
|
cd.initialized = 0;
|
|
/* work around the glibc bug */
|
|
cd.current_salt[0] = ~salt[0];
|
|
|
|
value = crypt_r((char *) key, (char *) salt, &cd);
|
|
|
|
err = ngx_errno;
|
|
|
|
if (err == 0) {
|
|
len = ngx_strlen(value);
|
|
|
|
*encrypted = ngx_palloc(pool, len);
|
|
if (*encrypted) {
|
|
ngx_memcpy(*encrypted, value, len + 1);
|
|
return NGX_OK;
|
|
}
|
|
}
|
|
|
|
ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt_r() failed");
|
|
|
|
return NGX_ERROR;
|
|
}
|
|
|
|
#else
|
|
|
|
ngx_int_t
|
|
ngx_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted)
|
|
{
|
|
char *value;
|
|
size_t len;
|
|
ngx_err_t err;
|
|
|
|
#if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
|
|
|
|
/* crypt() is a time consuming funtion, so we only try to lock */
|
|
|
|
if (ngx_mutex_trylock(ngx_crypt_mutex) != NGX_OK) {
|
|
return NGX_AGAIN;
|
|
}
|
|
|
|
#endif
|
|
|
|
ngx_set_errno(0);
|
|
|
|
value = crypt((char *) key, (char *) salt);
|
|
|
|
if (value) {
|
|
len = ngx_strlen(value);
|
|
|
|
*encrypted = ngx_palloc(pool, len);
|
|
if (*encrypted) {
|
|
ngx_memcpy(*encrypted, value, len + 1);
|
|
}
|
|
|
|
#if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
|
|
ngx_mutex_unlock(ngx_crypt_mutex);
|
|
#endif
|
|
return NGX_OK;
|
|
}
|
|
|
|
err = ngx_errno;
|
|
|
|
#if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
|
|
ngx_mutex_unlock(ngx_crypt_mutex);
|
|
#endif
|
|
|
|
ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt() failed");
|
|
|
|
return NGX_ERROR;
|
|
}
|
|
|
|
#endif
|
|
|
|
#endif /* NGX_CRYPT */
|