Mercurial > hg > nginx-quic
annotate src/os/unix/ngx_user.c @ 6817:e75e854657ba
SSL: $ssl_curves (ticket #1088).
The variable contains a list of curves as supported by the client.
Known curves are listed by their names, unknown ones are shown
in hex, e.g., "0x001d:prime256v1:secp521r1:secp384r1".
Note that OpenSSL uses session data for SSL_get1_curves(), and
it doesn't store full list of curves supported by the client when
serializing a session. As a result $ssl_curves is only available
for new sessions (and will be empty for reused ones).
The variable is only meaningful when using OpenSSL 1.0.2 and above.
With older versions the variable is empty.
author | Maxim Dounin <mdounin@mdounin.ru> |
---|---|
date | Mon, 05 Dec 2016 22:23:23 +0300 |
parents | e284f3ff6831 |
children | 4a670c18e5e6 |
rev | line source |
---|---|
503 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4412 | 4 * Copyright (C) Nginx, Inc. |
503 | 5 */ |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 | |
11 | |
12 /* | |
13 * Solaris has thread-safe crypt() | |
14 * Linux has crypt_r(); "struct crypt_data" is more than 128K | |
15 * FreeBSD needs the mutex to protect crypt() | |
16 * | |
17 * TODO: | |
18 * ngx_crypt_init() to init mutex | |
19 */ | |
20 | |
21 | |
22 #if (NGX_CRYPT) | |
23 | |
527 | 24 #if (NGX_HAVE_GNU_CRYPT_R) |
503 | 25 |
26 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
3796
diff
changeset
|
27 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 28 { |
29 char *value; | |
30 size_t len; | |
31 struct crypt_data cd; | |
32 | |
509 | 33 cd.initialized = 0; |
5955
fd6fd02f6a4d
Fixed building with musl libc (ticket #685).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4982
diff
changeset
|
34 #ifdef __GLIBC__ |
529 | 35 /* work around the glibc bug */ |
36 cd.current_salt[0] = ~salt[0]; | |
5955
fd6fd02f6a4d
Fixed building with musl libc (ticket #685).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4982
diff
changeset
|
37 #endif |
509 | 38 |
503 | 39 value = crypt_r((char *) key, (char *) salt, &cd); |
40 | |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
41 if (value) { |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
42 len = ngx_strlen(value) + 1; |
503 | 43 |
2049 | 44 *encrypted = ngx_pnalloc(pool, len); |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
45 if (*encrypted == NULL) { |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
46 return NGX_ERROR; |
503 | 47 } |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
48 |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
49 ngx_memcpy(*encrypted, value, len); |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
50 return NGX_OK; |
503 | 51 } |
52 | |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
53 ngx_log_error(NGX_LOG_CRIT, pool->log, ngx_errno, "crypt_r() failed"); |
509 | 54 |
503 | 55 return NGX_ERROR; |
56 } | |
57 | |
58 #else | |
59 | |
60 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
3796
diff
changeset
|
61 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 62 { |
63 char *value; | |
64 size_t len; | |
509 | 65 ngx_err_t err; |
503 | 66 |
67 value = crypt((char *) key, (char *) salt); | |
68 | |
69 if (value) { | |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
70 len = ngx_strlen(value) + 1; |
503 | 71 |
2049 | 72 *encrypted = ngx_pnalloc(pool, len); |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
73 if (*encrypted == NULL) { |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
74 return NGX_ERROR; |
503 | 75 } |
509 | 76 |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
77 ngx_memcpy(*encrypted, value, len); |
509 | 78 return NGX_OK; |
503 | 79 } |
80 | |
509 | 81 err = ngx_errno; |
82 | |
83 ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt() failed"); | |
84 | |
85 return NGX_ERROR; | |
503 | 86 } |
87 | |
88 #endif | |
89 | |
90 #endif /* NGX_CRYPT */ |