Mercurial > hg > nginx-quic
annotate src/os/unix/ngx_user.c @ 8099:b4ef79ef1c23 quic
QUIC: refined the "c->quic->initialized" flag usage.
The flag is tied to the initial secret creation. The presence of c->quic
pointer is sufficient to enable execution of ngx_quic_close_quic().
The ngx_quic_new_connection() function now returns the allocated quic
connection object and the c->quic pointer is set by the caller.
If an early error occurs before secrets initialization (i.e. in cases
of invalid retry token or nginx exiting), it is still possible to
generate an error response by trying to initialize secrets directly
in the ngx_quic_send_cc() function.
Before the change such early errors failed to send proper connection close
message and logged an error.
An auxilliary ngx_quic_init_secrets() function is introduced to avoid
verbose call to ngx_quic_set_initial_secret() requiring local variable.
author | Vladimir Homutov <vl@nginx.com> |
---|---|
date | Wed, 30 Sep 2020 21:27:52 +0300 |
parents | eca3e054e978 |
children |
rev | line source |
---|---|
503 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4412 | 4 * Copyright (C) Nginx, Inc. |
503 | 5 */ |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 | |
11 | |
12 #if (NGX_CRYPT) | |
13 | |
527 | 14 #if (NGX_HAVE_GNU_CRYPT_R) |
503 | 15 |
16 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
3796
diff
changeset
|
17 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 18 { |
19 char *value; | |
20 size_t len; | |
21 struct crypt_data cd; | |
22 | |
509 | 23 cd.initialized = 0; |
24 | |
503 | 25 value = crypt_r((char *) key, (char *) salt, &cd); |
26 | |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
27 if (value) { |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
28 len = ngx_strlen(value) + 1; |
503 | 29 |
2049 | 30 *encrypted = ngx_pnalloc(pool, len); |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
31 if (*encrypted == NULL) { |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
32 return NGX_ERROR; |
503 | 33 } |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
34 |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
35 ngx_memcpy(*encrypted, value, len); |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
36 return NGX_OK; |
503 | 37 } |
38 | |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
39 ngx_log_error(NGX_LOG_CRIT, pool->log, ngx_errno, "crypt_r() failed"); |
509 | 40 |
503 | 41 return NGX_ERROR; |
42 } | |
43 | |
44 #else | |
45 | |
46 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
3796
diff
changeset
|
47 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 48 { |
49 char *value; | |
50 size_t len; | |
509 | 51 ngx_err_t err; |
503 | 52 |
53 value = crypt((char *) key, (char *) salt); | |
54 | |
55 if (value) { | |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
56 len = ngx_strlen(value) + 1; |
503 | 57 |
2049 | 58 *encrypted = ngx_pnalloc(pool, len); |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
59 if (*encrypted == NULL) { |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
60 return NGX_ERROR; |
503 | 61 } |
509 | 62 |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
63 ngx_memcpy(*encrypted, value, len); |
509 | 64 return NGX_OK; |
503 | 65 } |
66 | |
509 | 67 err = ngx_errno; |
68 | |
69 ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt() failed"); | |
70 | |
71 return NGX_ERROR; | |
503 | 72 } |
73 | |
74 #endif | |
75 | |
76 #endif /* NGX_CRYPT */ |