Mercurial > hg > nginx-vendor-0-7
comparison src/http/modules/ngx_http_auth_basic_module.c @ 452:fc5ebf0e5f98 NGINX_0_7_38
nginx 0.7.38
*) Feature: authentication failures logging.
*) Bugfix: name/password in auth_basic_user_file were ignored after odd
number of empty lines.
Thanks to Alexander Zagrebin.
*) Bugfix: a segmentation fault occurred in a master process, if long
path was used in unix domain socket; the bug had appeared in 0.7.36.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Mon, 23 Feb 2009 00:00:00 +0300 |
parents | 984bb0b1399b |
children | bb941a2996a6 |
comparison
equal
deleted
inserted
replaced
451:56fe58e64760 | 452:fc5ebf0e5f98 |
---|---|
124 } | 124 } |
125 | 125 |
126 rc = ngx_http_auth_basic_user(r); | 126 rc = ngx_http_auth_basic_user(r); |
127 | 127 |
128 if (rc == NGX_DECLINED) { | 128 if (rc == NGX_DECLINED) { |
129 | |
130 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
131 "no user/password was provided for basic authentication"); | |
132 | |
129 return ngx_http_auth_basic_set_realm(r, &alcf->realm); | 133 return ngx_http_auth_basic_set_realm(r, &alcf->realm); |
130 } | 134 } |
131 | 135 |
132 if (rc == NGX_ERROR) { | 136 if (rc == NGX_ERROR) { |
133 return NGX_HTTP_INTERNAL_SERVER_ERROR; | 137 return NGX_HTTP_INTERNAL_SERVER_ERROR; |
170 | 174 |
171 for (i = left; i < left + n; i++) { | 175 for (i = left; i < left + n; i++) { |
172 switch (state) { | 176 switch (state) { |
173 | 177 |
174 case sw_login: | 178 case sw_login: |
175 if (login == 0 && buf[i] == '#') { | 179 if (login == 0) { |
176 state = sw_skip; | 180 |
177 break; | 181 if (buf[i] == '#' || buf[i] == CR) { |
182 state = sw_skip; | |
183 break; | |
184 } | |
185 | |
186 if (buf[i] == LF) { | |
187 break; | |
188 } | |
178 } | 189 } |
179 | 190 |
180 if (buf[i] != r->headers_in.user.data[login]) { | 191 if (buf[i] != r->headers_in.user.data[login]) { |
181 state = sw_skip; | 192 state = sw_skip; |
182 break; | 193 break; |
240 ngx_cpystrn(pwd.data, &buf[passwd], pwd.len + 1); | 251 ngx_cpystrn(pwd.data, &buf[passwd], pwd.len + 1); |
241 | 252 |
242 return ngx_http_auth_basic_crypt_handler(r, NULL, &pwd, &alcf->realm); | 253 return ngx_http_auth_basic_crypt_handler(r, NULL, &pwd, &alcf->realm); |
243 } | 254 } |
244 | 255 |
256 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
257 "user \"%V\" was not found in \"%V\"", | |
258 &r->headers_in.user, &alcf->user_file); | |
259 | |
245 return ngx_http_auth_basic_set_realm(r, &alcf->realm); | 260 return ngx_http_auth_basic_set_realm(r, &alcf->realm); |
246 } | 261 } |
247 | 262 |
248 | 263 |
249 static ngx_int_t | 264 static ngx_int_t |
255 | 270 |
256 rc = ngx_crypt(r->pool, r->headers_in.passwd.data, passwd->data, | 271 rc = ngx_crypt(r->pool, r->headers_in.passwd.data, passwd->data, |
257 &encrypted); | 272 &encrypted); |
258 | 273 |
259 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | 274 ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, |
260 "rc: %d user: \"%V\" salt: \"%s\"", | 275 "rc: %d user: \"%V\" salt: \"%s\"", |
261 rc, &r->headers_in.user, passwd->data); | 276 rc, &r->headers_in.user, passwd->data); |
262 | 277 |
263 if (rc == NGX_OK) { | 278 if (rc == NGX_OK) { |
264 if (ngx_strcmp(encrypted, passwd->data) == 0) { | 279 if (ngx_strcmp(encrypted, passwd->data) == 0) { |
265 return NGX_OK; | 280 return NGX_OK; |
266 } | 281 } |
267 | 282 |
268 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, | 283 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, |
269 "encrypted: \"%s\"", encrypted); | 284 "encrypted: \"%s\"", encrypted); |
285 | |
286 ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, | |
287 "user \"%V\": password mismatch", | |
288 &r->headers_in.user); | |
270 | 289 |
271 return ngx_http_auth_basic_set_realm(r, realm); | 290 return ngx_http_auth_basic_set_realm(r, realm); |
272 } | 291 } |
273 | 292 |
274 if (rc == NGX_ERROR) { | 293 if (rc == NGX_ERROR) { |