Mercurial > hg > nginx

comparison src/mail/ngx_mail_auth_http_module.c @ 1405:fdd064faf26a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
escape " ", "%", and %00-%1F in login and password
author Igor Sysoev <igor@sysoev.ru>
date Mon, 20 Aug 2007 09:50:53 +0000
parents 86acec04b8b0
children 59e1caf2be94
comparison
equal deleted inserted replaced
1404:df2592d32e49 1405:fdd064faf26a
1249 1249
1250 1250
1251 static ngx_int_t 1251 static ngx_int_t
1252 ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped) 1252 ngx_mail_auth_http_escape(ngx_pool_t *pool, ngx_str_t *text, ngx_str_t *escaped)
1253 { 1253 {
1254 u_char ch, *p; 1254 u_char *p;
1255 ngx_uint_t i, n; 1255 uintptr_t n;
1256 1256
1257 n = 0; 1257 n = ngx_escape_uri(NULL, text->data, text->len, NGX_ESCAPE_MAIL_AUTH);
1258
1259 for (i = 0; i < text->len; i++) {
1260 ch = text->data[i];
1261
1262 if (ch == CR || ch == LF) {
1263 n++;
1264 }
1265 }
1266 1258
1267 if (n == 0) { 1259 if (n == 0) {
1268 *escaped = *text; 1260 *escaped = *text;
1269 return NGX_OK; 1261 return NGX_OK;
1270 } 1262 }
1274 p = ngx_palloc(pool, escaped->len); 1266 p = ngx_palloc(pool, escaped->len);
1275 if (p == NULL) { 1267 if (p == NULL) {
1276 return NGX_ERROR; 1268 return NGX_ERROR;
1277 } 1269 }
1278 1270
1271 (void) ngx_escape_uri(p, text->data, text->len, NGX_ESCAPE_MAIL_AUTH);
1272
1279 escaped->data = p; 1273 escaped->data = p;
1280
1281 for (i = 0; i < text->len; i++) {
1282 ch = text->data[i];
1283
1284 if (ch == CR) {
1285 *p++ = '%';
1286 *p++ = '0';
1287 *p++ = 'D';
1288 continue;
1289 }
1290
1291 if (ch == LF) {
1292 *p++ = '%';
1293 *p++ = '0';
1294 *p++ = 'A';
1295 continue;
1296 }
1297
1298 *p++ = ch;
1299 }
1300 1274
1301 return NGX_OK; 1275 return NGX_OK;
1302 } 1276 }
1303 1277
1304 1278