Mercurial > hg > nginx
annotate src/os/unix/ngx_user.c @ 7142:b9d919b53593 stable-1.12
Stream: relaxed next upstream condition (ticket #1317).
When switching to a next upstream, some buffers could be stuck in the middle
of the filter chain. A condition existed that raised an error when this
happened. As it turned out, this condition prevented switching to a next
upstream if ssl preread was used with the TCP protocol (see the ticket).
In fact, the condition does not make sense for TCP, since after successful
connection to an upstream switching to another upstream never happens. As for
UDP, the issue with stuck buffers is unlikely to happen, but is still possible.
Specifically, if a filter delays sending data to upstream.
The condition can be relaxed to only check the "buffered" bitmask of the
upstream connection. The new condition is simpler and fixes the ticket issue
as well. Additionally, the upstream_out chain is now reset for UDP prior to
connecting to a new upstream to prevent repeating the client data twice.
author | Roman Arutyunyan <arut@nginx.com> |
---|---|
date | Mon, 11 Sep 2017 15:32:31 +0300 |
parents | e284f3ff6831 |
children | 4a670c18e5e6 |
rev | line source |
---|---|
503 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4412 | 4 * Copyright (C) Nginx, Inc. |
503 | 5 */ |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 | |
11 | |
12 /* | |
13 * Solaris has thread-safe crypt() | |
14 * Linux has crypt_r(); "struct crypt_data" is more than 128K | |
15 * FreeBSD needs the mutex to protect crypt() | |
16 * | |
17 * TODO: | |
18 * ngx_crypt_init() to init mutex | |
19 */ | |
20 | |
21 | |
22 #if (NGX_CRYPT) | |
23 | |
527 | 24 #if (NGX_HAVE_GNU_CRYPT_R) |
503 | 25 |
26 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
3796
diff
changeset
|
27 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 28 { |
29 char *value; | |
30 size_t len; | |
31 struct crypt_data cd; | |
32 | |
509 | 33 cd.initialized = 0; |
5955
fd6fd02f6a4d
Fixed building with musl libc (ticket #685).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4982
diff
changeset
|
34 #ifdef __GLIBC__ |
529 | 35 /* work around the glibc bug */ |
36 cd.current_salt[0] = ~salt[0]; | |
5955
fd6fd02f6a4d
Fixed building with musl libc (ticket #685).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4982
diff
changeset
|
37 #endif |
509 | 38 |
503 | 39 value = crypt_r((char *) key, (char *) salt, &cd); |
40 | |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
41 if (value) { |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
42 len = ngx_strlen(value) + 1; |
503 | 43 |
2049 | 44 *encrypted = ngx_pnalloc(pool, len); |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
45 if (*encrypted == NULL) { |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
46 return NGX_ERROR; |
503 | 47 } |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
48 |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
49 ngx_memcpy(*encrypted, value, len); |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
50 return NGX_OK; |
503 | 51 } |
52 | |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
53 ngx_log_error(NGX_LOG_CRIT, pool->log, ngx_errno, "crypt_r() failed"); |
509 | 54 |
503 | 55 return NGX_ERROR; |
56 } | |
57 | |
58 #else | |
59 | |
60 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
3796
diff
changeset
|
61 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 62 { |
63 char *value; | |
64 size_t len; | |
509 | 65 ngx_err_t err; |
503 | 66 |
67 value = crypt((char *) key, (char *) salt); | |
68 | |
69 if (value) { | |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
70 len = ngx_strlen(value) + 1; |
503 | 71 |
2049 | 72 *encrypted = ngx_pnalloc(pool, len); |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
73 if (*encrypted == NULL) { |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
74 return NGX_ERROR; |
503 | 75 } |
509 | 76 |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
77 ngx_memcpy(*encrypted, value, len); |
509 | 78 return NGX_OK; |
503 | 79 } |
80 | |
509 | 81 err = ngx_errno; |
82 | |
83 ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt() failed"); | |
84 | |
85 return NGX_ERROR; | |
503 | 86 } |
87 | |
88 #endif | |
89 | |
90 #endif /* NGX_CRYPT */ |