nginx 1.3.10 *) Change: domain names specified in configuration file are now resolved to IPv6 addresses as well as IPv4 ones. *) Change: now if the "include" directive with mask is used on Unix systems, included files are sorted in alphabetical order. *) Change: the "add_header" directive adds headers to 201 responses. *) Feature: the "geo" directive now supports IPv6 addresses in CIDR notation. *) Feature: the "flush" and "gzip" parameters of the "access_log" directive. *) Feature: variables support in the "auth_basic" directive. *) Bugfix: nginx could not be built with the ngx_http_perl_module in some cases. *) Bugfix: a segmentation fault might occur in a worker process if the ngx_http_xslt_module was used. *) Bugfix: nginx could not be built on MacOSX in some cases. Thanks to Piotr Sikora. *) Bugfix: the "limit_rate" directive with high rates might result in truncated responses on 32-bit platforms. Thanks to Alexey Antropov. *) Bugfix: a segmentation fault might occur in a worker process if the "if" directive was used. Thanks to Piotr Sikora. *) Bugfix: a "100 Continue" response was issued with "413 Request Entity Too Large" responses. *) Bugfix: the "image_filter", "image_filter_jpeg_quality" and "image_filter_sharpen" directives might be inherited incorrectly. Thanks to Ian Babrou. *) Bugfix: "crypt_r() failed" errors might appear if the "auth_basic" directive was used on Linux. *) Bugfix: in backup servers handling. Thanks to Thomas Chen. *) Bugfix: proxied HEAD requests might return incorrect response if the "gzip" directive was used.

--- a/src/os/unix/ngx_user.c
+++ b/src/os/unix/ngx_user.c
@@ -28,30 +28,27 @@ ngx_libc_crypt(ngx_pool_t *pool, u_char 
 {
     char               *value;
     size_t              len;
-    ngx_err_t           err;
     struct crypt_data   cd;
 
-    ngx_set_errno(0);
-
     cd.initialized = 0;
     /* work around the glibc bug */
     cd.current_salt[0] = ~salt[0];
 
     value = crypt_r((char *) key, (char *) salt, &cd);
 
-    err = ngx_errno;
-
-    if (err == 0) {
+    if (value) {
         len = ngx_strlen(value) + 1;
 
         *encrypted = ngx_pnalloc(pool, len);
-        if (*encrypted) {
-            ngx_memcpy(*encrypted, value, len);
-            return NGX_OK;
+        if (*encrypted == NULL) {
+            return NGX_ERROR;
         }
+
+        ngx_memcpy(*encrypted, value, len);
+        return NGX_OK;
     }
 
-    ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt_r() failed");
+    ngx_log_error(NGX_LOG_CRIT, pool->log, ngx_errno, "crypt_r() failed");
 
     return NGX_ERROR;
 }
@@ -75,18 +72,20 @@ ngx_libc_crypt(ngx_pool_t *pool, u_char 
 
 #endif
 
-    ngx_set_errno(0);
-
     value = crypt((char *) key, (char *) salt);
 
     if (value) {
         len = ngx_strlen(value) + 1;
 
         *encrypted = ngx_pnalloc(pool, len);
-        if (*encrypted) {
-            ngx_memcpy(*encrypted, value, len);
+        if (*encrypted == NULL) {
+#if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
+            ngx_mutex_unlock(ngx_crypt_mutex);
+#endif
+            return NGX_ERROR;
         }
 
+        ngx_memcpy(*encrypted, value, len);
 #if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
         ngx_mutex_unlock(ngx_crypt_mutex);
 #endif