Mercurial > hg > nginx
annotate src/os/unix/ngx_user.c @ 8882:6204120cf37f quic
QUIC: traffic-based flood detection.
With this patch, all traffic over a QUIC connection is compared to traffic
over QUIC streams. As long as total traffic is many times larger than stream
traffic, we consider this to be a flood.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Wed, 13 Oct 2021 14:41:46 +0300 |
parents | eca3e054e978 |
children |
rev | line source |
---|---|
503 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4412 | 4 * Copyright (C) Nginx, Inc. |
503 | 5 */ |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 | |
11 | |
12 #if (NGX_CRYPT) | |
13 | |
527 | 14 #if (NGX_HAVE_GNU_CRYPT_R) |
503 | 15 |
16 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
3796
diff
changeset
|
17 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 18 { |
19 char *value; | |
20 size_t len; | |
21 struct crypt_data cd; | |
22 | |
509 | 23 cd.initialized = 0; |
24 | |
503 | 25 value = crypt_r((char *) key, (char *) salt, &cd); |
26 | |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
27 if (value) { |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
28 len = ngx_strlen(value) + 1; |
503 | 29 |
2049 | 30 *encrypted = ngx_pnalloc(pool, len); |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
31 if (*encrypted == NULL) { |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
32 return NGX_ERROR; |
503 | 33 } |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
34 |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
35 ngx_memcpy(*encrypted, value, len); |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
36 return NGX_OK; |
503 | 37 } |
38 | |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
39 ngx_log_error(NGX_LOG_CRIT, pool->log, ngx_errno, "crypt_r() failed"); |
509 | 40 |
503 | 41 return NGX_ERROR; |
42 } | |
43 | |
44 #else | |
45 | |
46 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
3796
diff
changeset
|
47 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 48 { |
49 char *value; | |
50 size_t len; | |
509 | 51 ngx_err_t err; |
503 | 52 |
53 value = crypt((char *) key, (char *) salt); | |
54 | |
55 if (value) { | |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
56 len = ngx_strlen(value) + 1; |
503 | 57 |
2049 | 58 *encrypted = ngx_pnalloc(pool, len); |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
59 if (*encrypted == NULL) { |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
60 return NGX_ERROR; |
503 | 61 } |
509 | 62 |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
63 ngx_memcpy(*encrypted, value, len); |
509 | 64 return NGX_OK; |
503 | 65 } |
66 | |
509 | 67 err = ngx_errno; |
68 | |
69 ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt() failed"); | |
70 | |
71 return NGX_ERROR; | |
503 | 72 } |
73 | |
74 #endif | |
75 | |
76 #endif /* NGX_CRYPT */ |