Klaus Demo nginx / 05e87e1
Removed more remnants of the old pthread implementation. After e284f3ff6831, ngx_crypt() can no longer return NGX_AGAIN. Ruslan Ermilov 4 years ago
2 changed file(s) with 18 addition(s) and 68 deletion(s). Raw diff Collapse all Expand all
1414
1515
1616 typedef struct {
17 ngx_str_t passwd;
18 } ngx_http_auth_basic_ctx_t;
19
20
21 typedef struct {
2217 ngx_http_complex_value_t *realm;
2318 ngx_http_complex_value_t user_file;
2419 } ngx_http_auth_basic_loc_conf_t;
2621
2722 static ngx_int_t ngx_http_auth_basic_handler(ngx_http_request_t *r);
2823 static ngx_int_t ngx_http_auth_basic_crypt_handler(ngx_http_request_t *r,
29 ngx_http_auth_basic_ctx_t *ctx, ngx_str_t *passwd, ngx_str_t *realm);
24 ngx_str_t *passwd, ngx_str_t *realm);
3025 static ngx_int_t ngx_http_auth_basic_set_realm(ngx_http_request_t *r,
3126 ngx_str_t *realm);
3227 static void ngx_http_auth_basic_close(ngx_file_t *file);
10297 ngx_str_t pwd, realm, user_file;
10398 ngx_uint_t i, level, login, left, passwd;
10499 ngx_file_t file;
105 ngx_http_auth_basic_ctx_t *ctx;
106100 ngx_http_auth_basic_loc_conf_t *alcf;
107101 u_char buf[NGX_HTTP_AUTH_BUF_SIZE];
108102 enum {
125119 return NGX_DECLINED;
126120 }
127121
128 ctx = ngx_http_get_module_ctx(r, ngx_http_auth_basic_module);
129
130 if (ctx) {
131 return ngx_http_auth_basic_crypt_handler(r, ctx, &ctx->passwd,
132 &realm);
133 }
134
135122 rc = ngx_http_auth_basic_user(r);
136123
137124 if (rc == NGX_DECLINED) {
236223 pwd.len = i - passwd;
237224 pwd.data = &buf[passwd];
238225
239 return ngx_http_auth_basic_crypt_handler(r, NULL, &pwd,
240 &realm);
226 return ngx_http_auth_basic_crypt_handler(r, &pwd, &realm);
241227 }
242228
243229 break;
275261
276262 ngx_cpystrn(pwd.data, &buf[passwd], pwd.len + 1);
277263
278 return ngx_http_auth_basic_crypt_handler(r, NULL, &pwd, &realm);
264 return ngx_http_auth_basic_crypt_handler(r, &pwd, &realm);
279265 }
280266
281267 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
287273
288274
289275 static ngx_int_t
290 ngx_http_auth_basic_crypt_handler(ngx_http_request_t *r,
291 ngx_http_auth_basic_ctx_t *ctx, ngx_str_t *passwd, ngx_str_t *realm)
276 ngx_http_auth_basic_crypt_handler(ngx_http_request_t *r, ngx_str_t *passwd,
277 ngx_str_t *realm)
292278 {
293279 ngx_int_t rc;
294280 u_char *encrypted;
300286 "rc: %i user: \"%V\" salt: \"%s\"",
301287 rc, &r->headers_in.user, passwd->data);
302288
303 if (rc == NGX_OK) {
304 if (ngx_strcmp(encrypted, passwd->data) == 0) {
305 return NGX_OK;
306 }
307
308 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
309 "encrypted: \"%s\"", encrypted);
310
311 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
312 "user \"%V\": password mismatch",
313 &r->headers_in.user);
314
315 return ngx_http_auth_basic_set_realm(r, realm);
316 }
317
318 if (rc == NGX_ERROR) {
289 if (rc != NGX_OK) {
319290 return NGX_HTTP_INTERNAL_SERVER_ERROR;
320291 }
321292
322 /* rc == NGX_AGAIN */
323
324 if (ctx == NULL) {
325 ctx = ngx_palloc(r->pool, sizeof(ngx_http_auth_basic_ctx_t));
326 if (ctx == NULL) {
327 return NGX_HTTP_INTERNAL_SERVER_ERROR;
328 }
329
330 ngx_http_set_ctx(r, ctx, ngx_http_auth_basic_module);
331
332 ctx->passwd.len = passwd->len;
333 passwd->len++;
334
335 ctx->passwd.data = ngx_pstrdup(r->pool, passwd);
336 if (ctx->passwd.data == NULL) {
337 return NGX_HTTP_INTERNAL_SERVER_ERROR;
338 }
339
340 }
341
342 /* TODO: add mutex event */
343
344 return rc;
293 if (ngx_strcmp(encrypted, passwd->data) == 0) {
294 return NGX_OK;
295 }
296
297 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
298 "encrypted: \"%s\"", encrypted);
299
300 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
301 "user \"%V\": password mismatch",
302 &r->headers_in.user);
303
304 return ngx_http_auth_basic_set_realm(r, realm);
345305 }
346306
347307
66
77 #include <ngx_config.h>
88 #include <ngx_core.h>
9
10
11 /*
12 * Solaris has thread-safe crypt()
13 * Linux has crypt_r(); "struct crypt_data" is more than 128K
14 * FreeBSD needs the mutex to protect crypt()
15 *
16 * TODO:
17 * ngx_crypt_init() to init mutex
18 */
199
2010
2111 #if (NGX_CRYPT)