Mercurial > hg > nginx
annotate src/core/ngx_crypt.c @ 6257:5eb4d7541107
Extract out version info function.
The code for displaying version info and configuration info seemed to be
cluttering up the main function. I was finding it hard to read main. This
extracts out all of the logic for displaying version and configuration info
into its own function, thus making main easier to read.
author | Kurtis Nusbaum <klnusbaum@gmail.com> |
---|---|
date | Sun, 12 Jul 2015 08:31:38 -0700 |
parents | 58956c644ad0 |
children | 2cd019520210 |
rev | line source |
---|---|
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
1 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
2 /* |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
3 * Copyright (C) Maxim Dounin |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
4 */ |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
5 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
6 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
7 #include <ngx_config.h> |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
8 #include <ngx_core.h> |
4759
4c36e15651f7
Fixed compilation with -Wmissing-prototypes.
Ruslan Ermilov <ru@nginx.com>
parents:
3928
diff
changeset
|
9 #include <ngx_crypt.h> |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
10 #include <ngx_md5.h> |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
11 #if (NGX_HAVE_SHA1) |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
12 #include <ngx_sha1.h> |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
13 #endif |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
14 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
15 |
3926
14622ee4fa08
fix building --without-http_auth_basic_module,
Igor Sysoev <igor@sysoev.ru>
parents:
3922
diff
changeset
|
16 #if (NGX_CRYPT) |
14622ee4fa08
fix building --without-http_auth_basic_module,
Igor Sysoev <igor@sysoev.ru>
parents:
3922
diff
changeset
|
17 |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
18 static ngx_int_t ngx_crypt_apr1(ngx_pool_t *pool, u_char *key, u_char *salt, |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
19 u_char **encrypted); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
20 static ngx_int_t ngx_crypt_plain(ngx_pool_t *pool, u_char *key, u_char *salt, |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
21 u_char **encrypted); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
22 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
23 #if (NGX_HAVE_SHA1) |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
24 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
25 static ngx_int_t ngx_crypt_ssha(ngx_pool_t *pool, u_char *key, u_char *salt, |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
26 u_char **encrypted); |
5034
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
27 static ngx_int_t ngx_crypt_sha(ngx_pool_t *pool, u_char *key, u_char *salt, |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
28 u_char **encrypted); |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
29 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
30 #endif |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
31 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
32 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
33 static u_char *ngx_crypt_to64(u_char *p, uint32_t v, size_t n); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
34 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
35 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
36 ngx_int_t |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
37 ngx_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
38 { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
39 if (ngx_strncmp(salt, "$apr1$", sizeof("$apr1$") - 1) == 0) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
40 return ngx_crypt_apr1(pool, key, salt, encrypted); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
41 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
42 } else if (ngx_strncmp(salt, "{PLAIN}", sizeof("{PLAIN}") - 1) == 0) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
43 return ngx_crypt_plain(pool, key, salt, encrypted); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
44 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
45 #if (NGX_HAVE_SHA1) |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
46 } else if (ngx_strncmp(salt, "{SSHA}", sizeof("{SSHA}") - 1) == 0) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
47 return ngx_crypt_ssha(pool, key, salt, encrypted); |
5034
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
48 |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
49 } else if (ngx_strncmp(salt, "{SHA}", sizeof("{SHA}") - 1) == 0) { |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
50 return ngx_crypt_sha(pool, key, salt, encrypted); |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
51 #endif |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
52 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
53 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
54 /* fallback to libc crypt() */ |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
55 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
56 return ngx_libc_crypt(pool, key, salt, encrypted); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
57 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
58 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
59 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
60 static ngx_int_t |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
61 ngx_crypt_apr1(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
62 { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
63 ngx_int_t n; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
64 ngx_uint_t i; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
65 u_char *p, *last, final[16]; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
66 size_t saltlen, keylen; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
67 ngx_md5_t md5, ctx1; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
68 |
5924 | 69 /* Apache's apr1 crypt is Poul-Henning Kamp's md5 crypt with $apr1$ magic */ |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
70 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
71 keylen = ngx_strlen(key); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
72 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
73 /* true salt: no magic, max 8 chars, stop at first $ */ |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
74 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
75 salt += sizeof("$apr1$") - 1; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
76 last = salt + 8; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
77 for (p = salt; *p && *p != '$' && p < last; p++) { /* void */ } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
78 saltlen = p - salt; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
79 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
80 /* hash key and salt */ |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
81 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
82 ngx_md5_init(&md5); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
83 ngx_md5_update(&md5, key, keylen); |
3928
105841a157b9
fix building on FreeBSD 6 or earlier against system md5
Igor Sysoev <igor@sysoev.ru>
parents:
3926
diff
changeset
|
84 ngx_md5_update(&md5, (u_char *) "$apr1$", sizeof("$apr1$") - 1); |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
85 ngx_md5_update(&md5, salt, saltlen); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
86 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
87 ngx_md5_init(&ctx1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
88 ngx_md5_update(&ctx1, key, keylen); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
89 ngx_md5_update(&ctx1, salt, saltlen); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
90 ngx_md5_update(&ctx1, key, keylen); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
91 ngx_md5_final(final, &ctx1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
92 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
93 for (n = keylen; n > 0; n -= 16) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
94 ngx_md5_update(&md5, final, n > 16 ? 16 : n); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
95 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
96 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
97 ngx_memzero(final, sizeof(final)); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
98 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
99 for (i = keylen; i; i >>= 1) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
100 if (i & 1) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
101 ngx_md5_update(&md5, final, 1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
102 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
103 } else { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
104 ngx_md5_update(&md5, key, 1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
105 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
106 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
107 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
108 ngx_md5_final(final, &md5); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
109 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
110 for (i = 0; i < 1000; i++) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
111 ngx_md5_init(&ctx1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
112 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
113 if (i & 1) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
114 ngx_md5_update(&ctx1, key, keylen); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
115 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
116 } else { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
117 ngx_md5_update(&ctx1, final, 16); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
118 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
119 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
120 if (i % 3) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
121 ngx_md5_update(&ctx1, salt, saltlen); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
122 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
123 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
124 if (i % 7) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
125 ngx_md5_update(&ctx1, key, keylen); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
126 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
127 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
128 if (i & 1) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
129 ngx_md5_update(&ctx1, final, 16); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
130 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
131 } else { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
132 ngx_md5_update(&ctx1, key, keylen); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
133 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
134 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
135 ngx_md5_final(final, &ctx1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
136 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
137 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
138 /* output */ |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
139 |
5386
2d947c2e3ea1
Core: fix misallocation at ngx_crypt_apr1 (ticket #412).
Markus Linnala <Markus.Linnala@cybercom.com>
parents:
5034
diff
changeset
|
140 *encrypted = ngx_pnalloc(pool, sizeof("$apr1$") - 1 + saltlen + 1 + 22 + 1); |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
141 if (*encrypted == NULL) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
142 return NGX_ERROR; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
143 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
144 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
145 p = ngx_cpymem(*encrypted, "$apr1$", sizeof("$apr1$") - 1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
146 p = ngx_copy(p, salt, saltlen); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
147 *p++ = '$'; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
148 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
149 p = ngx_crypt_to64(p, (final[ 0]<<16) | (final[ 6]<<8) | final[12], 4); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
150 p = ngx_crypt_to64(p, (final[ 1]<<16) | (final[ 7]<<8) | final[13], 4); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
151 p = ngx_crypt_to64(p, (final[ 2]<<16) | (final[ 8]<<8) | final[14], 4); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
152 p = ngx_crypt_to64(p, (final[ 3]<<16) | (final[ 9]<<8) | final[15], 4); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
153 p = ngx_crypt_to64(p, (final[ 4]<<16) | (final[10]<<8) | final[ 5], 4); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
154 p = ngx_crypt_to64(p, final[11], 2); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
155 *p = '\0'; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
156 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
157 return NGX_OK; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
158 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
159 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
160 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
161 static u_char * |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
162 ngx_crypt_to64(u_char *p, uint32_t v, size_t n) |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
163 { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
164 static u_char itoa64[] = |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
165 "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz"; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
166 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
167 while (n--) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
168 *p++ = itoa64[v & 0x3f]; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
169 v >>= 6; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
170 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
171 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
172 return p; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
173 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
174 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
175 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
176 static ngx_int_t |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
177 ngx_crypt_plain(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
178 { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
179 size_t len; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
180 u_char *p; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
181 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
182 len = ngx_strlen(key); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
183 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
184 *encrypted = ngx_pnalloc(pool, sizeof("{PLAIN}") - 1 + len + 1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
185 if (*encrypted == NULL) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
186 return NGX_ERROR; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
187 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
188 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
189 p = ngx_cpymem(*encrypted, "{PLAIN}", sizeof("{PLAIN}") - 1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
190 ngx_memcpy(p, key, len + 1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
191 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
192 return NGX_OK; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
193 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
194 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
195 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
196 #if (NGX_HAVE_SHA1) |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
197 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
198 static ngx_int_t |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
199 ngx_crypt_ssha(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
200 { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
201 size_t len; |
4815
63dff7943fc7
Crypt: fixed handling of corrupted SSHA entries in password file.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4759
diff
changeset
|
202 ngx_int_t rc; |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
203 ngx_str_t encoded, decoded; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
204 ngx_sha1_t sha1; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
205 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
206 /* "{SSHA}" base64(SHA1(key salt) salt) */ |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
207 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
208 /* decode base64 salt to find out true salt */ |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
209 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
210 encoded.data = salt + sizeof("{SSHA}") - 1; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
211 encoded.len = ngx_strlen(encoded.data); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
212 |
4815
63dff7943fc7
Crypt: fixed handling of corrupted SSHA entries in password file.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4759
diff
changeset
|
213 len = ngx_max(ngx_base64_decoded_length(encoded.len), 20); |
63dff7943fc7
Crypt: fixed handling of corrupted SSHA entries in password file.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4759
diff
changeset
|
214 |
63dff7943fc7
Crypt: fixed handling of corrupted SSHA entries in password file.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4759
diff
changeset
|
215 decoded.data = ngx_pnalloc(pool, len); |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
216 if (decoded.data == NULL) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
217 return NGX_ERROR; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
218 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
219 |
4815
63dff7943fc7
Crypt: fixed handling of corrupted SSHA entries in password file.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4759
diff
changeset
|
220 rc = ngx_decode_base64(&decoded, &encoded); |
63dff7943fc7
Crypt: fixed handling of corrupted SSHA entries in password file.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4759
diff
changeset
|
221 |
63dff7943fc7
Crypt: fixed handling of corrupted SSHA entries in password file.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4759
diff
changeset
|
222 if (rc != NGX_OK || decoded.len < 20) { |
63dff7943fc7
Crypt: fixed handling of corrupted SSHA entries in password file.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4759
diff
changeset
|
223 decoded.len = 20; |
63dff7943fc7
Crypt: fixed handling of corrupted SSHA entries in password file.
Maxim Dounin <mdounin@mdounin.ru>
parents:
4759
diff
changeset
|
224 } |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
225 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
226 /* update SHA1 from key and salt */ |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
227 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
228 ngx_sha1_init(&sha1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
229 ngx_sha1_update(&sha1, key, ngx_strlen(key)); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
230 ngx_sha1_update(&sha1, decoded.data + 20, decoded.len - 20); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
231 ngx_sha1_final(decoded.data, &sha1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
232 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
233 /* encode it back to base64 */ |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
234 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
235 len = sizeof("{SSHA}") - 1 + ngx_base64_encoded_length(decoded.len) + 1; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
236 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
237 *encrypted = ngx_pnalloc(pool, len); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
238 if (*encrypted == NULL) { |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
239 return NGX_ERROR; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
240 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
241 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
242 encoded.data = ngx_cpymem(*encrypted, "{SSHA}", sizeof("{SSHA}") - 1); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
243 ngx_encode_base64(&encoded, &decoded); |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
244 encoded.data[encoded.len] = '\0'; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
245 |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
246 return NGX_OK; |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
247 } |
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
248 |
5034
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
249 |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
250 static ngx_int_t |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
251 ngx_crypt_sha(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted) |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
252 { |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
253 size_t len; |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
254 ngx_str_t encoded, decoded; |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
255 ngx_sha1_t sha1; |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
256 u_char digest[20]; |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
257 |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
258 /* "{SHA}" base64(SHA1(key)) */ |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
259 |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
260 decoded.len = sizeof(digest); |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
261 decoded.data = digest; |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
262 |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
263 ngx_sha1_init(&sha1); |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
264 ngx_sha1_update(&sha1, key, ngx_strlen(key)); |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
265 ngx_sha1_final(digest, &sha1); |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
266 |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
267 len = sizeof("{SHA}") - 1 + ngx_base64_encoded_length(decoded.len) + 1; |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
268 |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
269 *encrypted = ngx_pnalloc(pool, len); |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
270 if (*encrypted == NULL) { |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
271 return NGX_ERROR; |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
272 } |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
273 |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
274 encoded.data = ngx_cpymem(*encrypted, "{SHA}", sizeof("{SHA}") - 1); |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
275 ngx_encode_base64(&encoded, &decoded); |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
276 encoded.data[encoded.len] = '\0'; |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
277 |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
278 return NGX_OK; |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
279 } |
e4441ebe05d5
Added support for {SHA} passwords (ticket #50).
Maxim Dounin <mdounin@mdounin.ru>
parents:
4815
diff
changeset
|
280 |
3922
9c057d5e1c27
"$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
Igor Sysoev <igor@sysoev.ru>
parents:
diff
changeset
|
281 #endif /* NGX_HAVE_SHA1 */ |
3926
14622ee4fa08
fix building --without-http_auth_basic_module,
Igor Sysoev <igor@sysoev.ru>
parents:
3922
diff
changeset
|
282 |
14622ee4fa08
fix building --without-http_auth_basic_module,
Igor Sysoev <igor@sysoev.ru>
parents:
3922
diff
changeset
|
283 #endif /* NGX_CRYPT */ |