nginx: src/core/ngx_crypt.c annotate

annotate src/core/ngx_crypt.c @ 5360:3d2d3e1cf427

Win32: MinGW GCC compatibility. Several warnings silenced, notably (ngx_socket_t) -1 is now checked on socket operations instead of -1, as ngx_socket_t is unsigned on win32 and gcc complains on comparison. With this patch, it's now possible to compile nginx using mingw gcc, with options we normally compile on win32.

author	Maxim Dounin <mdounin@mdounin.ru>
date	Wed, 04 Sep 2013 20:48:28 +0400
parents	e4441ebe05d5
children	2d947c2e3ea1

rev	line source
3922 9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	1
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	2 /*
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	3 * Copyright (C) Maxim Dounin
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	4 */
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	5
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	6
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	7 #include <ngx_config.h>
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	8 #include <ngx_core.h>
4759 4c36e15651f7 Fixed compilation with -Wmissing-prototypes. Ruslan Ermilov <ru@nginx.com> parents: 3928 diff changeset	9 #include <ngx_crypt.h>
3922 9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	10 #include <ngx_md5.h>
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	11 #if (NGX_HAVE_SHA1)
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	12 #include <ngx_sha1.h>
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	13 #endif
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	14
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	15
3926 14622ee4fa08 fix building --without-http_auth_basic_module, Igor Sysoev <igor@sysoev.ru> parents: 3922 diff changeset	16 #if (NGX_CRYPT)
14622ee4fa08 fix building --without-http_auth_basic_module, Igor Sysoev <igor@sysoev.ru> parents: 3922 diff changeset	17
3922 9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	18 static ngx_int_t ngx_crypt_apr1(ngx_pool_t pool, u_char key, u_char *salt,
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	19 u_char **encrypted);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	20 static ngx_int_t ngx_crypt_plain(ngx_pool_t pool, u_char key, u_char *salt,
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	21 u_char **encrypted);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	22
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	23 #if (NGX_HAVE_SHA1)
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	24
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	25 static ngx_int_t ngx_crypt_ssha(ngx_pool_t pool, u_char key, u_char *salt,
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	26 u_char **encrypted);
5034 e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	27 static ngx_int_t ngx_crypt_sha(ngx_pool_t pool, u_char key, u_char *salt,
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	28 u_char **encrypted);
3922 9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	29
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	30 #endif
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	31
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	32
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	33 static u_char ngx_crypt_to64(u_char p, uint32_t v, size_t n);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	34
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	35
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	36 ngx_int_t
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	37 ngx_crypt(ngx_pool_t pool, u_char key, u_char salt, u_char *encrypted)
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	38 {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	39 if (ngx_strncmp(salt, "$apr1$", sizeof("$apr1$") - 1) == 0) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	40 return ngx_crypt_apr1(pool, key, salt, encrypted);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	41
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	42 } else if (ngx_strncmp(salt, "{PLAIN}", sizeof("{PLAIN}") - 1) == 0) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	43 return ngx_crypt_plain(pool, key, salt, encrypted);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	44
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	45 #if (NGX_HAVE_SHA1)
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	46 } else if (ngx_strncmp(salt, "{SSHA}", sizeof("{SSHA}") - 1) == 0) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	47 return ngx_crypt_ssha(pool, key, salt, encrypted);
5034 e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	48
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	49 } else if (ngx_strncmp(salt, "{SHA}", sizeof("{SHA}") - 1) == 0) {
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	50 return ngx_crypt_sha(pool, key, salt, encrypted);
3922 9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	51 #endif
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	52 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	53
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	54 /* fallback to libc crypt() */
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	55
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	56 return ngx_libc_crypt(pool, key, salt, encrypted);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	57 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	58
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	59
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	60 static ngx_int_t
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	61 ngx_crypt_apr1(ngx_pool_t pool, u_char key, u_char salt, u_char *encrypted)
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	62 {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	63 ngx_int_t n;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	64 ngx_uint_t i;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	65 u_char p, last, final[16];
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	66 size_t saltlen, keylen;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	67 ngx_md5_t md5, ctx1;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	68
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	69 /* Apache's apr1 crypt is Paul-Henning Kamp's md5 crypt with $apr1$ magic */
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	70
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	71 keylen = ngx_strlen(key);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	72
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	73 /* true salt: no magic, max 8 chars, stop at first $ */
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	74
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	75 salt += sizeof("$apr1$") - 1;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	76 last = salt + 8;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	77 for (p = salt; p && p != '$' && p < last; p++) { /* void */ }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	78 saltlen = p - salt;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	79
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	80 /* hash key and salt */
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	81
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	82 ngx_md5_init(&md5);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	83 ngx_md5_update(&md5, key, keylen);
3928 105841a157b9 fix building on FreeBSD 6 or earlier against system md5 Igor Sysoev <igor@sysoev.ru> parents: 3926 diff changeset	84 ngx_md5_update(&md5, (u_char *) "$apr1$", sizeof("$apr1$") - 1);
3922 9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	85 ngx_md5_update(&md5, salt, saltlen);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	86
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	87 ngx_md5_init(&ctx1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	88 ngx_md5_update(&ctx1, key, keylen);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	89 ngx_md5_update(&ctx1, salt, saltlen);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	90 ngx_md5_update(&ctx1, key, keylen);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	91 ngx_md5_final(final, &ctx1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	92
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	93 for (n = keylen; n > 0; n -= 16) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	94 ngx_md5_update(&md5, final, n > 16 ? 16 : n);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	95 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	96
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	97 ngx_memzero(final, sizeof(final));
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	98
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	99 for (i = keylen; i; i >>= 1) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	100 if (i & 1) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	101 ngx_md5_update(&md5, final, 1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	102
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	103 } else {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	104 ngx_md5_update(&md5, key, 1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	105 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	106 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	107
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	108 ngx_md5_final(final, &md5);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	109
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	110 for (i = 0; i < 1000; i++) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	111 ngx_md5_init(&ctx1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	112
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	113 if (i & 1) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	114 ngx_md5_update(&ctx1, key, keylen);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	115
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	116 } else {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	117 ngx_md5_update(&ctx1, final, 16);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	118 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	119
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	120 if (i % 3) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	121 ngx_md5_update(&ctx1, salt, saltlen);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	122 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	123
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	124 if (i % 7) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	125 ngx_md5_update(&ctx1, key, keylen);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	126 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	127
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	128 if (i & 1) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	129 ngx_md5_update(&ctx1, final, 16);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	130
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	131 } else {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	132 ngx_md5_update(&ctx1, key, keylen);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	133 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	134
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	135 ngx_md5_final(final, &ctx1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	136 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	137
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	138 /* output */
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	139
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	140 *encrypted = ngx_pnalloc(pool, sizeof("$apr1$") - 1 + saltlen + 16 + 1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	141 if (*encrypted == NULL) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	142 return NGX_ERROR;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	143 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	144
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	145 p = ngx_cpymem(*encrypted, "$apr1$", sizeof("$apr1$") - 1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	146 p = ngx_copy(p, salt, saltlen);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	147 *p++ = '$';
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	148
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	149 p = ngx_crypt_to64(p, (final[ 0]<<16) \| (final[ 6]<<8) \| final[12], 4);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	150 p = ngx_crypt_to64(p, (final[ 1]<<16) \| (final[ 7]<<8) \| final[13], 4);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	151 p = ngx_crypt_to64(p, (final[ 2]<<16) \| (final[ 8]<<8) \| final[14], 4);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	152 p = ngx_crypt_to64(p, (final[ 3]<<16) \| (final[ 9]<<8) \| final[15], 4);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	153 p = ngx_crypt_to64(p, (final[ 4]<<16) \| (final[10]<<8) \| final[ 5], 4);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	154 p = ngx_crypt_to64(p, final[11], 2);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	155 *p = '\0';
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	156
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	157 return NGX_OK;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	158 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	159
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	160
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	161 static u_char *
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	162 ngx_crypt_to64(u_char *p, uint32_t v, size_t n)
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	163 {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	164 static u_char itoa64[] =
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	165 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	166
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	167 while (n--) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	168 *p++ = itoa64[v & 0x3f];
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	169 v >>= 6;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	170 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	171
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	172 return p;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	173 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	174
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	175
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	176 static ngx_int_t
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	177 ngx_crypt_plain(ngx_pool_t pool, u_char key, u_char salt, u_char *encrypted)
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	178 {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	179 size_t len;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	180 u_char *p;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	181
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	182 len = ngx_strlen(key);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	183
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	184 *encrypted = ngx_pnalloc(pool, sizeof("{PLAIN}") - 1 + len + 1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	185 if (*encrypted == NULL) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	186 return NGX_ERROR;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	187 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	188
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	189 p = ngx_cpymem(*encrypted, "{PLAIN}", sizeof("{PLAIN}") - 1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	190 ngx_memcpy(p, key, len + 1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	191
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	192 return NGX_OK;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	193 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	194
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	195
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	196 #if (NGX_HAVE_SHA1)
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	197
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	198 static ngx_int_t
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	199 ngx_crypt_ssha(ngx_pool_t pool, u_char key, u_char salt, u_char *encrypted)
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	200 {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	201 size_t len;
4815 63dff7943fc7 Crypt: fixed handling of corrupted SSHA entries in password file. Maxim Dounin <mdounin@mdounin.ru> parents: 4759 diff changeset	202 ngx_int_t rc;
3922 9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	203 ngx_str_t encoded, decoded;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	204 ngx_sha1_t sha1;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	205
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	206 /* "{SSHA}" base64(SHA1(key salt) salt) */
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	207
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	208 /* decode base64 salt to find out true salt */
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	209
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	210 encoded.data = salt + sizeof("{SSHA}") - 1;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	211 encoded.len = ngx_strlen(encoded.data);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	212
4815 63dff7943fc7 Crypt: fixed handling of corrupted SSHA entries in password file. Maxim Dounin <mdounin@mdounin.ru> parents: 4759 diff changeset	213 len = ngx_max(ngx_base64_decoded_length(encoded.len), 20);
63dff7943fc7 Crypt: fixed handling of corrupted SSHA entries in password file. Maxim Dounin <mdounin@mdounin.ru> parents: 4759 diff changeset	214
63dff7943fc7 Crypt: fixed handling of corrupted SSHA entries in password file. Maxim Dounin <mdounin@mdounin.ru> parents: 4759 diff changeset	215 decoded.data = ngx_pnalloc(pool, len);
3922 9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	216 if (decoded.data == NULL) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	217 return NGX_ERROR;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	218 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	219
4815 63dff7943fc7 Crypt: fixed handling of corrupted SSHA entries in password file. Maxim Dounin <mdounin@mdounin.ru> parents: 4759 diff changeset	220 rc = ngx_decode_base64(&decoded, &encoded);
63dff7943fc7 Crypt: fixed handling of corrupted SSHA entries in password file. Maxim Dounin <mdounin@mdounin.ru> parents: 4759 diff changeset	221
63dff7943fc7 Crypt: fixed handling of corrupted SSHA entries in password file. Maxim Dounin <mdounin@mdounin.ru> parents: 4759 diff changeset	222 if (rc != NGX_OK \|\| decoded.len < 20) {
63dff7943fc7 Crypt: fixed handling of corrupted SSHA entries in password file. Maxim Dounin <mdounin@mdounin.ru> parents: 4759 diff changeset	223 decoded.len = 20;
63dff7943fc7 Crypt: fixed handling of corrupted SSHA entries in password file. Maxim Dounin <mdounin@mdounin.ru> parents: 4759 diff changeset	224 }
3922 9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	225
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	226 /* update SHA1 from key and salt */
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	227
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	228 ngx_sha1_init(&sha1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	229 ngx_sha1_update(&sha1, key, ngx_strlen(key));
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	230 ngx_sha1_update(&sha1, decoded.data + 20, decoded.len - 20);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	231 ngx_sha1_final(decoded.data, &sha1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	232
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	233 /* encode it back to base64 */
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	234
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	235 len = sizeof("{SSHA}") - 1 + ngx_base64_encoded_length(decoded.len) + 1;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	236
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	237 *encrypted = ngx_pnalloc(pool, len);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	238 if (*encrypted == NULL) {
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	239 return NGX_ERROR;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	240 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	241
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	242 encoded.data = ngx_cpymem(*encrypted, "{SSHA}", sizeof("{SSHA}") - 1);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	243 ngx_encode_base64(&encoded, &decoded);
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	244 encoded.data[encoded.len] = '\0';
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	245
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	246 return NGX_OK;
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	247 }
9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	248
5034 e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	249
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	250 static ngx_int_t
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	251 ngx_crypt_sha(ngx_pool_t pool, u_char key, u_char salt, u_char *encrypted)
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	252 {
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	253 size_t len;
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	254 ngx_str_t encoded, decoded;
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	255 ngx_sha1_t sha1;
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	256 u_char digest[20];
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	257
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	258 /* "{SHA}" base64(SHA1(key)) */
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	259
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	260 decoded.len = sizeof(digest);
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	261 decoded.data = digest;
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	262
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	263 ngx_sha1_init(&sha1);
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	264 ngx_sha1_update(&sha1, key, ngx_strlen(key));
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	265 ngx_sha1_final(digest, &sha1);
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	266
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	267 len = sizeof("{SHA}") - 1 + ngx_base64_encoded_length(decoded.len) + 1;
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	268
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	269 *encrypted = ngx_pnalloc(pool, len);
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	270 if (*encrypted == NULL) {
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	271 return NGX_ERROR;
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	272 }
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	273
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	274 encoded.data = ngx_cpymem(*encrypted, "{SHA}", sizeof("{SHA}") - 1);
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	275 ngx_encode_base64(&encoded, &decoded);
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	276 encoded.data[encoded.len] = '\0';
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	277
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	278 return NGX_OK;
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	279 }
e4441ebe05d5 Added support for {SHA} passwords (ticket #50). Maxim Dounin <mdounin@mdounin.ru> parents: 4815 diff changeset	280
3922 9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: diff changeset	281 #endif /* NGX_HAVE_SHA1 */
3926 14622ee4fa08 fix building --without-http_auth_basic_module, Igor Sysoev <igor@sysoev.ru> parents: 3922 diff changeset	282
14622ee4fa08 fix building --without-http_auth_basic_module, Igor Sysoev <igor@sysoev.ru> parents: 3922 diff changeset	283 #endif /* NGX_CRYPT */

Mercurial > hg > nginx

annotate src/core/ngx_crypt.c @ 5360:3d2d3e1cf427