Mercurial > hg > nginx
annotate src/os/unix/ngx_user.c @ 9274:46ecad404a29 default tip
Mail: reset imap tag to empty after authentication attempt.
We need to reset the imap tag to empty after an authentication attempt
completes, otherwise if the next line parsed is incomplete with no tag
(e.g. empty line) then we use the "tag" from the previous buffer which
is now definitely wrong and has been partially overwritten with the most
recently read data (e.g. CRLF).
An example before this patch:
S: * OK IMAP4 ready
C: foobar login a b
S: foobar NO Incorrect username or password.
C:
S:
S: obar BAD invalid command
Then with this patch:
S: * OK IMAP4 ready
C: foobar login a b
S: foobar NO Incorrect username or password.
C:
S: * BAD invalid command
author | Rob Mueller <robm@fastmailteam.com> |
---|---|
date | Wed, 15 May 2024 10:06:00 +0300 |
parents | eca3e054e978 |
children |
rev | line source |
---|---|
503 | 1 |
2 /* | |
3 * Copyright (C) Igor Sysoev | |
4412 | 4 * Copyright (C) Nginx, Inc. |
503 | 5 */ |
6 | |
7 | |
8 #include <ngx_config.h> | |
9 #include <ngx_core.h> | |
10 | |
11 | |
12 #if (NGX_CRYPT) | |
13 | |
527 | 14 #if (NGX_HAVE_GNU_CRYPT_R) |
503 | 15 |
16 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
3796
diff
changeset
|
17 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 18 { |
19 char *value; | |
20 size_t len; | |
21 struct crypt_data cd; | |
22 | |
509 | 23 cd.initialized = 0; |
24 | |
503 | 25 value = crypt_r((char *) key, (char *) salt, &cd); |
26 | |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
27 if (value) { |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
28 len = ngx_strlen(value) + 1; |
503 | 29 |
2049 | 30 *encrypted = ngx_pnalloc(pool, len); |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
31 if (*encrypted == NULL) { |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
32 return NGX_ERROR; |
503 | 33 } |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
34 |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
35 ngx_memcpy(*encrypted, value, len); |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
36 return NGX_OK; |
503 | 37 } |
38 | |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
39 ngx_log_error(NGX_LOG_CRIT, pool->log, ngx_errno, "crypt_r() failed"); |
509 | 40 |
503 | 41 return NGX_ERROR; |
42 } | |
43 | |
44 #else | |
45 | |
46 ngx_int_t | |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
3796
diff
changeset
|
47 ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
503 | 48 { |
49 char *value; | |
50 size_t len; | |
509 | 51 ngx_err_t err; |
503 | 52 |
53 value = crypt((char *) key, (char *) salt); | |
54 | |
55 if (value) { | |
3796
7dec2852e8fd
allocate last zero byte in ngx_crypt()
Igor Sysoev <igor@sysoev.ru>
parents:
2049
diff
changeset
|
56 len = ngx_strlen(value) + 1; |
503 | 57 |
2049 | 58 *encrypted = ngx_pnalloc(pool, len); |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
59 if (*encrypted == NULL) { |
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
60 return NGX_ERROR; |
503 | 61 } |
509 | 62 |
4982
6ccd3a50b40f
Core: crypt_r() error handling fixed.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4499
diff
changeset
|
63 ngx_memcpy(*encrypted, value, len); |
509 | 64 return NGX_OK; |
503 | 65 } |
66 | |
509 | 67 err = ngx_errno; |
68 | |
69 ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt() failed"); | |
70 | |
71 return NGX_ERROR; | |
503 | 72 } |
73 | |
74 #endif | |
75 | |
76 #endif /* NGX_CRYPT */ |