diff options
| author | Sergey Kandaurov <pluknet@nginx.com> | 2020-04-14 19:35:20 +0300 |
|---|---|---|
| committer | Sergey Kandaurov <pluknet@nginx.com> | 2020-04-14 19:35:20 +0300 |
| commit | 987a1216e7a9cdbff02c0ac43b0ebbf50476ba26 (patch) | |
| tree | c5f29769ff038fa068fbfb6a9a2717019ce0fc3d /src/http/modules/ngx_http_auth_basic_module.c | |
| parent | b77fd3dc58b8398bf85d7c11901f5497f1abdf9e (diff) | |
| parent | 3ba88365b5acef17f01671cd969c909dee5e2cde (diff) | |
| download | nginx-987a1216e7a9cdbff02c0ac43b0ebbf50476ba26.tar.gz nginx-987a1216e7a9cdbff02c0ac43b0ebbf50476ba26.zip | |
Merged with the default branch.
Diffstat (limited to 'src/http/modules/ngx_http_auth_basic_module.c')
| -rw-r--r-- | src/http/modules/ngx_http_auth_basic_module.c | 37 |
1 files changed, 18 insertions, 19 deletions
diff --git a/src/http/modules/ngx_http_auth_basic_module.c b/src/http/modules/ngx_http_auth_basic_module.c index a6f9ec46c..ed9df3430 100644 --- a/src/http/modules/ngx_http_auth_basic_module.c +++ b/src/http/modules/ngx_http_auth_basic_module.c @@ -25,7 +25,6 @@ static ngx_int_t ngx_http_auth_basic_crypt_handler(ngx_http_request_t *r, ngx_str_t *passwd, ngx_str_t *realm); static ngx_int_t ngx_http_auth_basic_set_realm(ngx_http_request_t *r, ngx_str_t *realm); -static void ngx_http_auth_basic_close(ngx_file_t *file); static void *ngx_http_auth_basic_create_loc_conf(ngx_conf_t *cf); static char *ngx_http_auth_basic_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child); @@ -177,8 +176,8 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r) offset); if (n == NGX_ERROR) { - ngx_http_auth_basic_close(&file); - return NGX_HTTP_INTERNAL_SERVER_ERROR; + rc = NGX_HTTP_INTERNAL_SERVER_ERROR; + goto cleanup; } if (n == 0) { @@ -219,12 +218,11 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r) if (buf[i] == LF || buf[i] == CR || buf[i] == ':') { buf[i] = '\0'; - ngx_http_auth_basic_close(&file); - pwd.len = i - passwd; pwd.data = &buf[passwd]; - return ngx_http_auth_basic_crypt_handler(r, &pwd, &realm); + rc = ngx_http_auth_basic_crypt_handler(r, &pwd, &realm); + goto cleanup; } break; @@ -251,8 +249,6 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r) offset += n; } - ngx_http_auth_basic_close(&file); - if (state == sw_passwd) { pwd.len = i - passwd; pwd.data = ngx_pnalloc(r->pool, pwd.len + 1); @@ -262,14 +258,26 @@ ngx_http_auth_basic_handler(ngx_http_request_t *r) ngx_cpystrn(pwd.data, &buf[passwd], pwd.len + 1); - return ngx_http_auth_basic_crypt_handler(r, &pwd, &realm); + rc = ngx_http_auth_basic_crypt_handler(r, &pwd, &realm); + goto cleanup; } ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "user \"%V\" was not found in \"%s\"", &r->headers_in.user, user_file.data); - return ngx_http_auth_basic_set_realm(r, &realm); + rc = ngx_http_auth_basic_set_realm(r, &realm); + +cleanup: + + if (ngx_close_file(file.fd) == NGX_FILE_ERROR) { + ngx_log_error(NGX_LOG_ALERT, r->connection->log, ngx_errno, + ngx_close_file_n " \"%s\" failed", user_file.data); + } + + ngx_explicit_memzero(buf, NGX_HTTP_AUTH_BUF_SIZE); + + return rc; } @@ -338,15 +346,6 @@ ngx_http_auth_basic_set_realm(ngx_http_request_t *r, ngx_str_t *realm) return NGX_HTTP_UNAUTHORIZED; } -static void -ngx_http_auth_basic_close(ngx_file_t *file) -{ - if (ngx_close_file(file->fd) == NGX_FILE_ERROR) { - ngx_log_error(NGX_LOG_ALERT, file->log, ngx_errno, - ngx_close_file_n " \"%s\" failed", file->name.data); - } -} - static void * ngx_http_auth_basic_create_loc_conf(ngx_conf_t *cf) |