Fixed handling of non-null-terminated unix sockets. At least FreeBSD, macOS, NetBSD, and OpenBSD can return unix sockets with non-null-terminated sun_path. Additionally, the address may become non-null-terminated if it does not fit into the buffer provided and was truncated (may happen on macOS, NetBSD, and Solaris, which allow unix socket addresess larger than struct sockaddr_un). As such, ngx_sock_ntop() might overread the sockaddr provided, as it used "%s" format and thus assumed null-terminated string. To fix this, the ngx_strnlen() function was introduced, and it is now used to calculate correct length of sun_path.

/*
 * Copyright (C) Igor Sysoev
 * Copyright (C) Nginx, Inc.
 */


#ifndef _NGX_CRYPT_H_INCLUDED_
#define _NGX_CRYPT_H_INCLUDED_


#include <ngx_config.h>
#include <ngx_core.h>


ngx_int_t ngx_crypt(ngx_pool_t *pool, u_char *key, u_char *salt,
    u_char **encrypted);


#endif /* _NGX_CRYPT_H_INCLUDED_ */