52
|
1
|
|
2 /*
|
|
3 * Copyright (C) Igor Sysoev
|
660
|
4 * Copyright (C) Nginx, Inc.
|
52
|
5 */
|
|
6
|
|
7
|
|
8 #include <ngx_config.h>
|
|
9 #include <ngx_core.h>
|
|
10
|
|
11
|
|
12 /*
|
|
13 * Solaris has thread-safe crypt()
|
|
14 * Linux has crypt_r(); "struct crypt_data" is more than 128K
|
|
15 * FreeBSD needs the mutex to protect crypt()
|
|
16 *
|
|
17 * TODO:
|
|
18 * ngx_crypt_init() to init mutex
|
|
19 */
|
|
20
|
|
21
|
54
|
22 #if (NGX_CRYPT)
|
|
23
|
76
|
24 #if (NGX_HAVE_GNU_CRYPT_R)
|
52
|
25
|
|
26 ngx_int_t
|
626
|
27 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted)
|
52
|
28 {
|
|
29 char *value;
|
|
30 size_t len;
|
58
|
31 ngx_err_t err;
|
52
|
32 struct crypt_data cd;
|
|
33
|
58
|
34 ngx_set_errno(0);
|
|
35
|
|
36 cd.initialized = 0;
|
78
|
37 /* work around the glibc bug */
|
|
38 cd.current_salt[0] = ~salt[0];
|
58
|
39
|
52
|
40 value = crypt_r((char *) key, (char *) salt, &cd);
|
|
41
|
58
|
42 err = ngx_errno;
|
|
43
|
|
44 if (err == 0) {
|
604
|
45 len = ngx_strlen(value) + 1;
|
52
|
46
|
382
|
47 *encrypted = ngx_pnalloc(pool, len);
|
52
|
48 if (*encrypted) {
|
604
|
49 ngx_memcpy(*encrypted, value, len);
|
52
|
50 return NGX_OK;
|
|
51 }
|
|
52 }
|
|
53
|
58
|
54 ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt_r() failed");
|
|
55
|
52
|
56 return NGX_ERROR;
|
|
57 }
|
|
58
|
|
59 #else
|
|
60
|
|
61 ngx_int_t
|
626
|
62 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted)
|
52
|
63 {
|
|
64 char *value;
|
|
65 size_t len;
|
58
|
66 ngx_err_t err;
|
52
|
67
|
|
68 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
|
|
69
|
664
|
70 /* crypt() is a time consuming function, so we only try to lock */
|
52
|
71
|
|
72 if (ngx_mutex_trylock(ngx_crypt_mutex) != NGX_OK) {
|
|
73 return NGX_AGAIN;
|
|
74 }
|
|
75
|
|
76 #endif
|
|
77
|
58
|
78 ngx_set_errno(0);
|
52
|
79
|
|
80 value = crypt((char *) key, (char *) salt);
|
|
81
|
|
82 if (value) {
|
604
|
83 len = ngx_strlen(value) + 1;
|
52
|
84
|
382
|
85 *encrypted = ngx_pnalloc(pool, len);
|
52
|
86 if (*encrypted) {
|
604
|
87 ngx_memcpy(*encrypted, value, len);
|
52
|
88 }
|
58
|
89
|
|
90 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
|
|
91 ngx_mutex_unlock(ngx_crypt_mutex);
|
|
92 #endif
|
|
93 return NGX_OK;
|
52
|
94 }
|
|
95
|
58
|
96 err = ngx_errno;
|
|
97
|
52
|
98 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
|
|
99 ngx_mutex_unlock(ngx_crypt_mutex);
|
|
100 #endif
|
|
101
|
58
|
102 ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt() failed");
|
|
103
|
|
104 return NGX_ERROR;
|
52
|
105 }
|
|
106
|
|
107 #endif
|
54
|
108
|
|
109 #endif /* NGX_CRYPT */
|