nginx: src/os/unix/ngx_user.c annotate

annotate src/os/unix/ngx_user.c @ 9274:46ecad404a29 default tip

Mail: reset imap tag to empty after authentication attempt. We need to reset the imap tag to empty after an authentication attempt completes, otherwise if the next line parsed is incomplete with no tag (e.g. empty line) then we use the "tag" from the previous buffer which is now definitely wrong and has been partially overwritten with the most recently read data (e.g. CRLF). An example before this patch: S: * OK IMAP4 ready C: foobar login a b S: foobar NO Incorrect username or password. C: S: S: obar BAD invalid command Then with this patch: S: * OK IMAP4 ready C: foobar login a b S: foobar NO Incorrect username or password. C: S: * BAD invalid command

author	Rob Mueller <robm@fastmailteam.com>
date	Wed, 15 May 2024 10:06:00 +0300
parents	eca3e054e978
children

rev	line source
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	1
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	2 /*
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	3 * Copyright (C) Igor Sysoev
4412 d620f497c50f Copyright updated. Maxim Konovalov <maxim@nginx.com> parents: 3922 diff changeset	4 * Copyright (C) Nginx, Inc.
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	5 */
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	6
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	7
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	8 #include <ngx_config.h>
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	9 #include <ngx_core.h>
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	10
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	11
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	12 #if (NGX_CRYPT)
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	13
527 7fa11e5c6e96 nginx-0.1.38-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: 509 diff changeset	14 #if (NGX_HAVE_GNU_CRYPT_R)
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	15
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	16 ngx_int_t
3922 9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: 3796 diff changeset	17 ngx_libc_crypt(ngx_pool_t pool, u_char key, u_char salt, u_char *encrypted)
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	18 {
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	19 char *value;
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	20 size_t len;
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	21 struct crypt_data cd;
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	22
509 9b8c906f6e63 nginx-0.1.29-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: 503 diff changeset	23 cd.initialized = 0;
9b8c906f6e63 nginx-0.1.29-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: 503 diff changeset	24
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	25 value = crypt_r((char ) key, (char ) salt, &cd);
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	26
4982 6ccd3a50b40f Core: crypt_r() error handling fixed. Maxim Dounin <mdounin@mdounin.ru> parents: 4499 diff changeset	27 if (value) {
3796 7dec2852e8fd allocate last zero byte in ngx_crypt() Igor Sysoev <igor@sysoev.ru> parents: 2049 diff changeset	28 len = ngx_strlen(value) + 1;
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	29
2049 2a92804f4109 ) back out r2040 Igor Sysoev <igor@sysoev.ru>* parents: 529 diff changeset	30 *encrypted = ngx_pnalloc(pool, len);
4982 6ccd3a50b40f Core: crypt_r() error handling fixed. Maxim Dounin <mdounin@mdounin.ru> parents: 4499 diff changeset	31 if (*encrypted == NULL) {
6ccd3a50b40f Core: crypt_r() error handling fixed. Maxim Dounin <mdounin@mdounin.ru> parents: 4499 diff changeset	32 return NGX_ERROR;
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	33 }
4982 6ccd3a50b40f Core: crypt_r() error handling fixed. Maxim Dounin <mdounin@mdounin.ru> parents: 4499 diff changeset	34
6ccd3a50b40f Core: crypt_r() error handling fixed. Maxim Dounin <mdounin@mdounin.ru> parents: 4499 diff changeset	35 ngx_memcpy(*encrypted, value, len);
6ccd3a50b40f Core: crypt_r() error handling fixed. Maxim Dounin <mdounin@mdounin.ru> parents: 4499 diff changeset	36 return NGX_OK;
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	37 }
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	38
4982 6ccd3a50b40f Core: crypt_r() error handling fixed. Maxim Dounin <mdounin@mdounin.ru> parents: 4499 diff changeset	39 ngx_log_error(NGX_LOG_CRIT, pool->log, ngx_errno, "crypt_r() failed");
509 9b8c906f6e63 nginx-0.1.29-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: 503 diff changeset	40
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	41 return NGX_ERROR;
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	42 }
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	43
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	44 #else
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	45
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	46 ngx_int_t
3922 9c057d5e1c27 "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module Igor Sysoev <igor@sysoev.ru> parents: 3796 diff changeset	47 ngx_libc_crypt(ngx_pool_t pool, u_char key, u_char salt, u_char *encrypted)
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	48 {
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	49 char *value;
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	50 size_t len;
509 9b8c906f6e63 nginx-0.1.29-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: 503 diff changeset	51 ngx_err_t err;
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	52
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	53 value = crypt((char ) key, (char ) salt);
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	54
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	55 if (value) {
3796 7dec2852e8fd allocate last zero byte in ngx_crypt() Igor Sysoev <igor@sysoev.ru> parents: 2049 diff changeset	56 len = ngx_strlen(value) + 1;
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	57
2049 2a92804f4109 ) back out r2040 Igor Sysoev <igor@sysoev.ru>* parents: 529 diff changeset	58 *encrypted = ngx_pnalloc(pool, len);
4982 6ccd3a50b40f Core: crypt_r() error handling fixed. Maxim Dounin <mdounin@mdounin.ru> parents: 4499 diff changeset	59 if (*encrypted == NULL) {
6ccd3a50b40f Core: crypt_r() error handling fixed. Maxim Dounin <mdounin@mdounin.ru> parents: 4499 diff changeset	60 return NGX_ERROR;
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	61 }
509 9b8c906f6e63 nginx-0.1.29-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: 503 diff changeset	62
4982 6ccd3a50b40f Core: crypt_r() error handling fixed. Maxim Dounin <mdounin@mdounin.ru> parents: 4499 diff changeset	63 ngx_memcpy(*encrypted, value, len);
509 9b8c906f6e63 nginx-0.1.29-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: 503 diff changeset	64 return NGX_OK;
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	65 }
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	66
509 9b8c906f6e63 nginx-0.1.29-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: 503 diff changeset	67 err = ngx_errno;
9b8c906f6e63 nginx-0.1.29-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: 503 diff changeset	68
9b8c906f6e63 nginx-0.1.29-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: 503 diff changeset	69 ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt() failed");
9b8c906f6e63 nginx-0.1.29-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: 503 diff changeset	70
9b8c906f6e63 nginx-0.1.29-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: 503 diff changeset	71 return NGX_ERROR;
503 b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	72 }
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	73
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	74 #endif
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	75
b1648294f693 nginx-0.1.26-RELEASE import Igor Sysoev <igor@sysoev.ru> parents: diff changeset	76 #endif /* NGX_CRYPT */

Mercurial > hg > nginx

annotate src/os/unix/ngx_user.c @ 9274:46ecad404a29 default tip