summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/core/nginx.c2
-rw-r--r--src/core/nginx.h2
-rw-r--r--src/core/ngx_conf_file.c60
-rw-r--r--src/core/ngx_conf_file.h6
-rw-r--r--src/core/ngx_config.h3
-rw-r--r--src/core/ngx_log.c37
-rw-r--r--src/core/ngx_log.h5
-rw-r--r--src/core/ngx_regex.c25
-rw-r--r--src/core/ngx_string.c4
-rw-r--r--src/core/ngx_string.h4
-rw-r--r--src/event/ngx_event.c3
-rw-r--r--src/event/ngx_event_accept.c2
-rw-r--r--src/http/modules/ngx_http_auth_basic_module.c436
-rw-r--r--src/http/modules/ngx_http_autoindex_module.c5
-rw-r--r--src/http/modules/ngx_http_fastcgi_module.c2
-rw-r--r--src/http/modules/ngx_http_userid_filter_module.c4
-rw-r--r--src/http/modules/proxy/ngx_http_proxy_handler.c6
-rw-r--r--src/http/ngx_http.c5
-rw-r--r--src/http/ngx_http_core_module.c5
-rw-r--r--src/http/ngx_http_parse.c34
-rw-r--r--src/http/ngx_http_request.c19
-rw-r--r--src/http/ngx_http_request.h7
-rw-r--r--src/http/ngx_http_special_response.c4
-rw-r--r--src/http/ngx_http_upstream.c4
-rw-r--r--src/os/unix/ngx_linux_config.h1
-rw-r--r--src/os/unix/ngx_solaris_config.h1
-rw-r--r--src/os/unix/ngx_user.c85
-rw-r--r--src/os/unix/ngx_user.h5
28 files changed, 701 insertions, 75 deletions
diff --git a/src/core/nginx.c b/src/core/nginx.c
index e2a35dc67..06eedd3d7 100644
--- a/src/core/nginx.c
+++ b/src/core/nginx.c
@@ -119,7 +119,7 @@ ngx_module_t ngx_core_module = {
ngx_uint_t ngx_max_module;
-int
+int ngx_cdecl
main(int argc, char *const *argv)
{
ngx_int_t i;
diff --git a/src/core/nginx.h b/src/core/nginx.h
index 54afca93a..53c8cf343 100644
--- a/src/core/nginx.h
+++ b/src/core/nginx.h
@@ -8,7 +8,7 @@
#define _NGINX_H_INCLUDED_
-#define NGINX_VER "nginx/0.1.25"
+#define NGINX_VER "nginx/0.1.26"
#define NGINX_VAR "NGINX"
#define NGX_NEWPID_EXT ".newbin"
diff --git a/src/core/ngx_conf_file.c b/src/core/ngx_conf_file.c
index 653ff48b3..e8119fcdd 100644
--- a/src/core/ngx_conf_file.c
+++ b/src/core/ngx_conf_file.c
@@ -9,6 +9,7 @@
static ngx_int_t ngx_conf_handler(ngx_conf_t *cf, ngx_int_t last);
+static ngx_int_t ngx_conf_read_token(ngx_conf_t *cf);
static char *ngx_conf_include(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
@@ -35,7 +36,6 @@ ngx_module_t ngx_conf_module = {
};
-
/* The ten fixed arguments */
static int argument_number[] = {
@@ -49,10 +49,9 @@ static int argument_number[] = {
NGX_CONF_TAKE7
};
-static ngx_int_t ngx_conf_read_token(ngx_conf_t *cf);
-
-char *ngx_conf_parse(ngx_conf_t *cf, ngx_str_t *filename)
+char *
+ngx_conf_parse(ngx_conf_t *cf, ngx_str_t *filename)
{
char *rv;
ngx_fd_t fd;
@@ -173,7 +172,8 @@ char *ngx_conf_parse(ngx_conf_t *cf, ngx_str_t *filename)
}
-static ngx_int_t ngx_conf_handler(ngx_conf_t *cf, ngx_int_t last)
+static ngx_int_t
+ngx_conf_handler(ngx_conf_t *cf, ngx_int_t last)
{
char *rv;
void *conf, **confp;
@@ -331,7 +331,8 @@ static ngx_int_t ngx_conf_handler(ngx_conf_t *cf, ngx_int_t last)
}
-static ngx_int_t ngx_conf_read_token(ngx_conf_t *cf)
+static ngx_int_t
+ngx_conf_read_token(ngx_conf_t *cf)
{
u_char *start, ch, *src, *dst;
int len;
@@ -576,7 +577,8 @@ static ngx_int_t ngx_conf_read_token(ngx_conf_t *cf)
}
-static char *ngx_conf_include(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+static char *
+ngx_conf_include(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
ngx_str_t *value, file;
@@ -593,7 +595,8 @@ static char *ngx_conf_include(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
-ngx_int_t ngx_conf_full_name(ngx_cycle_t *cycle, ngx_str_t *name)
+ngx_int_t
+ngx_conf_full_name(ngx_cycle_t *cycle, ngx_str_t *name)
{
u_char *p;
ngx_str_t old;
@@ -641,7 +644,8 @@ ngx_int_t ngx_conf_full_name(ngx_cycle_t *cycle, ngx_str_t *name)
}
-ngx_open_file_t *ngx_conf_open_file(ngx_cycle_t *cycle, ngx_str_t *name)
+ngx_open_file_t *
+ngx_conf_open_file(ngx_cycle_t *cycle, ngx_str_t *name)
{
ngx_str_t full;
ngx_uint_t i;
@@ -703,8 +707,9 @@ ngx_open_file_t *ngx_conf_open_file(ngx_cycle_t *cycle, ngx_str_t *name)
}
-void ngx_conf_log_error(ngx_uint_t level, ngx_conf_t *cf, ngx_err_t err,
- char *fmt, ...)
+void ngx_cdecl
+ngx_conf_log_error(ngx_uint_t level, ngx_conf_t *cf, ngx_err_t err,
+ char *fmt, ...)
{
u_char errstr[NGX_MAX_CONF_ERRSTR], *buf, *last;
va_list args;
@@ -729,7 +734,8 @@ void ngx_conf_log_error(ngx_uint_t level, ngx_conf_t *cf, ngx_err_t err,
}
-char *ngx_conf_set_flag_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+char *
+ngx_conf_set_flag_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
char *p = conf;
@@ -768,7 +774,8 @@ char *ngx_conf_set_flag_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
-char *ngx_conf_set_str_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+char *
+ngx_conf_set_str_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
char *p = conf;
@@ -794,7 +801,8 @@ char *ngx_conf_set_str_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
-char *ngx_conf_set_num_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+char *
+ngx_conf_set_num_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
char *p = conf;
@@ -824,7 +832,8 @@ char *ngx_conf_set_num_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
-char *ngx_conf_set_size_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+char *
+ngx_conf_set_size_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
char *p = conf;
@@ -854,7 +863,8 @@ char *ngx_conf_set_size_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
-char *ngx_conf_set_msec_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+char *
+ngx_conf_set_msec_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
char *p = conf;
@@ -888,7 +898,8 @@ char *ngx_conf_set_msec_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
-char *ngx_conf_set_sec_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+char *
+ngx_conf_set_sec_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
char *p = conf;
@@ -922,7 +933,8 @@ char *ngx_conf_set_sec_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
-char *ngx_conf_set_bufs_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+char *
+ngx_conf_set_bufs_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
char *p = conf;
@@ -951,7 +963,8 @@ char *ngx_conf_set_bufs_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
-char *ngx_conf_set_enum_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+char *
+ngx_conf_set_enum_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
char *p = conf;
@@ -987,7 +1000,8 @@ char *ngx_conf_set_enum_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
-char *ngx_conf_set_bitmask_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+char *
+ngx_conf_set_bitmask_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
char *p = conf;
@@ -1032,13 +1046,15 @@ char *ngx_conf_set_bitmask_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
-char *ngx_conf_unsupported(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+char *
+ngx_conf_unsupported(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
return "unsupported on this platform";
}
-char *ngx_conf_check_num_bounds(ngx_conf_t *cf, void *post, void *data)
+char *
+ngx_conf_check_num_bounds(ngx_conf_t *cf, void *post, void *data)
{
ngx_conf_num_bounds_t *bounds = post;
ngx_int_t *np = data;
diff --git a/src/core/ngx_conf_file.h b/src/core/ngx_conf_file.h
index 8dcdd5455..d5a7a6622 100644
--- a/src/core/ngx_conf_file.h
+++ b/src/core/ngx_conf_file.h
@@ -148,7 +148,7 @@ struct ngx_conf_s {
typedef char *(*ngx_conf_post_handler_pt) (ngx_conf_t *cf,
- void *data, void *conf);
+ void *data, void *conf);
typedef struct {
ngx_conf_post_handler_pt post_handler;
@@ -274,8 +274,8 @@ char *ngx_conf_parse(ngx_conf_t *cf, ngx_str_t *filename);
ngx_int_t ngx_conf_full_name(ngx_cycle_t *cycle, ngx_str_t *name);
ngx_open_file_t *ngx_conf_open_file(ngx_cycle_t *cycle, ngx_str_t *name);
-void ngx_conf_log_error(ngx_uint_t level, ngx_conf_t *cf, ngx_err_t err,
- char *fmt, ...);
+void ngx_cdecl ngx_conf_log_error(ngx_uint_t level, ngx_conf_t *cf,
+ ngx_err_t err, char *fmt, ...);
char *ngx_conf_set_flag_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
diff --git a/src/core/ngx_config.h b/src/core/ngx_config.h
index bc02449dc..675d427d4 100644
--- a/src/core/ngx_config.h
+++ b/src/core/ngx_config.h
@@ -63,6 +63,9 @@
#define NGX_CHANGEBIN_SIGNAL USR2
#endif
+#define ngx_cdecl
+#define ngx_libc_cdecl
+
#endif
diff --git a/src/core/ngx_log.c b/src/core/ngx_log.c
index adccd5e33..181d05928 100644
--- a/src/core/ngx_log.c
+++ b/src/core/ngx_log.c
@@ -58,11 +58,17 @@ static const char *debug_levels[] = {
#if (NGX_HAVE_VARIADIC_MACROS)
-void ngx_log_error_core(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
- const char *fmt, ...)
+
+void
+ngx_log_error_core(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
+ const char *fmt, ...)
+
#else
-void ngx_log_error_core(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
- const char *fmt, va_list args)
+
+void
+ngx_log_error_core(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
+ const char *fmt, va_list args)
+
#endif
{
#if (NGX_HAVE_VARIADIC_MACROS)
@@ -144,7 +150,8 @@ void ngx_log_error_core(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
}
-static void ngx_log_write(ngx_log_t *log, u_char *errstr, size_t len)
+static void
+ngx_log_write(ngx_log_t *log, u_char *errstr, size_t len)
{
#if (NGX_WIN32)
u_long written;
@@ -180,8 +187,9 @@ static void ngx_log_write(ngx_log_t *log, u_char *errstr, size_t len)
#if !(NGX_HAVE_VARIADIC_MACROS)
-void ngx_log_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
- const char *fmt, ...)
+void ngx_cdecl
+ngx_log_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
+ const char *fmt, ...)
{
va_list args;
@@ -193,7 +201,8 @@ void ngx_log_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
}
-void ngx_log_debug_core(ngx_log_t *log, ngx_err_t err, const char *fmt, ...)
+void ngx_cdecl
+ngx_log_debug_core(ngx_log_t *log, ngx_err_t err, const char *fmt, ...)
{
va_list args;
@@ -205,7 +214,8 @@ void ngx_log_debug_core(ngx_log_t *log, ngx_err_t err, const char *fmt, ...)
#endif
-ngx_log_t *ngx_log_init(void)
+ngx_log_t *
+ngx_log_init(void)
{
ngx_log.file = &ngx_stderr;
ngx_log.log_level = NGX_LOG_NOTICE;
@@ -240,7 +250,8 @@ ngx_log_t *ngx_log_init(void)
}
-ngx_log_t *ngx_log_create_errlog(ngx_cycle_t *cycle, ngx_array_t *args)
+ngx_log_t *
+ngx_log_create_errlog(ngx_cycle_t *cycle, ngx_array_t *args)
{
ngx_log_t *log;
ngx_str_t *value, *name;
@@ -267,7 +278,8 @@ ngx_log_t *ngx_log_create_errlog(ngx_cycle_t *cycle, ngx_array_t *args)
}
-char *ngx_set_error_log_levels(ngx_conf_t *cf, ngx_log_t *log)
+char *
+ngx_set_error_log_levels(ngx_conf_t *cf, ngx_log_t *log)
{
ngx_uint_t i, n, d;
ngx_str_t *value;
@@ -320,7 +332,8 @@ char *ngx_set_error_log_levels(ngx_conf_t *cf, ngx_log_t *log)
}
-static char *ngx_set_error_log(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+static char *
+ngx_set_error_log(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
ngx_str_t *value;
diff --git a/src/core/ngx_log.h b/src/core/ngx_log.h
index aae92e718..5952b5243 100644
--- a/src/core/ngx_log.h
+++ b/src/core/ngx_log.h
@@ -103,11 +103,12 @@ void ngx_log_error_core(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
#define NGX_HAVE_VARIADIC_MACROS 0
-void ngx_log_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
+void ngx_cdecl ngx_log_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
const char *fmt, ...);
void ngx_log_error_core(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
const char *fmt, va_list args);
-void ngx_log_debug_core(ngx_log_t *log, ngx_err_t err, const char *fmt, ...);
+void ngx_cdecl ngx_log_debug_core(ngx_log_t *log, ngx_err_t err,
+ const char *fmt, ...);
#endif /* VARIADIC MACROS */
diff --git a/src/core/ngx_regex.c b/src/core/ngx_regex.c
index 12579946b..eda243bec 100644
--- a/src/core/ngx_regex.c
+++ b/src/core/ngx_regex.c
@@ -8,22 +8,24 @@
#include <ngx_core.h>
-static void *ngx_regex_malloc(size_t size);
-static void ngx_regex_free(void *p);
+static void * ngx_libc_cdecl ngx_regex_malloc(size_t size);
+static void ngx_libc_cdecl ngx_regex_free(void *p);
static ngx_pool_t *ngx_pcre_pool;
-void ngx_regex_init(void)
+void
+ngx_regex_init(void)
{
pcre_malloc = ngx_regex_malloc;
pcre_free = ngx_regex_free;
}
-ngx_regex_t *ngx_regex_compile(ngx_str_t *pattern, ngx_int_t options,
- ngx_pool_t *pool, ngx_str_t *err)
+ngx_regex_t *
+ngx_regex_compile(ngx_str_t *pattern, ngx_int_t options, ngx_pool_t *pool,
+ ngx_str_t *err)
{
int erroff;
const char *errstr;
@@ -79,7 +81,8 @@ ngx_regex_t *ngx_regex_compile(ngx_str_t *pattern, ngx_int_t options,
}
-ngx_int_t ngx_regex_capture_count(ngx_regex_t *re)
+ngx_int_t
+ngx_regex_capture_count(ngx_regex_t *re)
{
int rc, n;
@@ -95,8 +98,8 @@ ngx_int_t ngx_regex_capture_count(ngx_regex_t *re)
}
-ngx_int_t ngx_regex_exec(ngx_regex_t *re, ngx_str_t *s,
- int *captures, ngx_int_t size)
+ngx_int_t
+ngx_regex_exec(ngx_regex_t *re, ngx_str_t *s, int *captures, ngx_int_t size)
{
int rc;
@@ -111,7 +114,8 @@ ngx_int_t ngx_regex_exec(ngx_regex_t *re, ngx_str_t *s,
}
-static void *ngx_regex_malloc(size_t size)
+static void * ngx_libc_cdecl
+ngx_regex_malloc(size_t size)
{
ngx_pool_t *pool;
#if (NGX_THREADS)
@@ -135,7 +139,8 @@ static void *ngx_regex_malloc(size_t size)
}
-static void ngx_regex_free(void *p)
+static void ngx_libc_cdecl
+ngx_regex_free(void *p)
{
return;
}
diff --git a/src/core/ngx_string.c b/src/core/ngx_string.c
index a1f593f96..8d69c1b72 100644
--- a/src/core/ngx_string.c
+++ b/src/core/ngx_string.c
@@ -75,7 +75,7 @@ ngx_pstrdup(ngx_pool_t *pool, ngx_str_t *src)
*/
-u_char *
+u_char * ngx_cdecl
ngx_sprintf(u_char *buf, const char *fmt, ...)
{
u_char *p;
@@ -89,7 +89,7 @@ ngx_sprintf(u_char *buf, const char *fmt, ...)
}
-u_char *
+u_char * ngx_cdecl
ngx_snprintf(u_char *buf, size_t max, const char *fmt, ...)
{
u_char *p;
diff --git a/src/core/ngx_string.h b/src/core/ngx_string.h
index 25b06b3f6..24a237903 100644
--- a/src/core/ngx_string.h
+++ b/src/core/ngx_string.h
@@ -74,8 +74,8 @@ typedef struct {
u_char *ngx_cpystrn(u_char *dst, u_char *src, size_t n);
u_char *ngx_pstrdup(ngx_pool_t *pool, ngx_str_t *src);
-u_char *ngx_sprintf(u_char *buf, const char *fmt, ...);
-u_char *ngx_snprintf(u_char *buf, size_t max, const char *fmt, ...);
+u_char * ngx_cdecl ngx_sprintf(u_char *buf, const char *fmt, ...);
+u_char * ngx_cdecl ngx_snprintf(u_char *buf, size_t max, const char *fmt, ...);
u_char *ngx_vsnprintf(u_char *buf, size_t max, const char *fmt, va_list args);
ngx_int_t ngx_rstrncmp(u_char *s1, u_char *s2, size_t n);
diff --git a/src/event/ngx_event.c b/src/event/ngx_event.c
index 371c5c706..0d10c4b56 100644
--- a/src/event/ngx_event.c
+++ b/src/event/ngx_event.c
@@ -883,7 +883,8 @@ static char *ngx_accept_mutex_check(ngx_conf_t *cf, void *post, void *data)
*fp = 0;
ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
- "\"accept_mutex\" is not supported, ignored");
+ "\"accept_mutex\" is not supported on this platform, "
+ "ignored");
#endif
diff --git a/src/event/ngx_event_accept.c b/src/event/ngx_event_accept.c
index 8e2a1ea9a..9441c82a6 100644
--- a/src/event/ngx_event_accept.c
+++ b/src/event/ngx_event_accept.c
@@ -203,7 +203,7 @@ ngx_event_accept(ngx_event_t *ev)
if (*(&c->lock)) {
ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0,
- "spinlock in accept, fd:%", s);
+ "spinlock in accept, fd:%d", s);
ngx_spinlock(&c->lock, 1000);
ngx_unlock(&c->lock);
}
diff --git a/src/http/modules/ngx_http_auth_basic_module.c b/src/http/modules/ngx_http_auth_basic_module.c
new file mode 100644
index 000000000..03314b5cf
--- /dev/null
+++ b/src/http/modules/ngx_http_auth_basic_module.c
@@ -0,0 +1,436 @@
+
+/*
+ * Copyright (C) Igor Sysoev
+ */
+
+
+#include <ngx_config.h>
+#include <ngx_core.h>
+#include <ngx_http.h>
+
+
+#define NGX_HTTP_AUTH_BUF_SIZE 2048
+
+
+typedef struct {
+ ngx_str_t passwd;
+} ngx_http_auth_basic_ctx_t;
+
+
+typedef struct {
+ ngx_str_t realm;
+ ngx_str_t user_file;
+} ngx_http_auth_basic_loc_conf_t;
+
+
+static ngx_int_t ngx_http_auth_basic_handler(ngx_http_request_t *r);
+static ngx_int_t ngx_http_auth_basic_crypt_handler(ngx_http_request_t *r,
+ ngx_http_auth_basic_ctx_t *ctx, ngx_str_t *passwd, ngx_str_t *realm);
+static ngx_int_t ngx_http_auth_basic_set_realm(ngx_http_request_t *r,
+ ngx_str_t *realm);
+static void ngx_http_auth_basic_close(ngx_file_t *file);
+static void *ngx_http_auth_basic_create_loc_conf(ngx_conf_t *cf);
+static char *ngx_http_auth_basic_merge_loc_conf(ngx_conf_t *cf,
+ void *parent, void *child);
+static ngx_int_t ngx_http_auth_basic_init(ngx_cycle_t *cycle);
+static char *ngx_http_auth_basic(ngx_conf_t *cf, void *post, void *data);
+
+
+static ngx_conf_post_handler_pt ngx_http_auth_basic_p = ngx_http_auth_basic;
+
+static ngx_command_t ngx_http_auth_basic_commands[] = {
+
+ { ngx_string("auth_basic"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_str_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_auth_basic_loc_conf_t, realm),
+ &ngx_http_auth_basic_p },
+
+ { ngx_string("auth_basic_user_file"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_str_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_auth_basic_loc_conf_t, user_file),
+ NULL },
+
+ ngx_null_command
+};
+
+
+
+ngx_http_module_t ngx_http_auth_basic_module_ctx = {
+ NULL, /* pre conf */
+
+ NULL, /* create main configuration */
+ NULL, /* init main configuration */
+
+ NULL, /* create server configuration */
+ NULL, /* merge server configuration */
+
+ ngx_http_auth_basic_create_loc_conf, /* create location configuration */
+ ngx_http_auth_basic_merge_loc_conf /* merge location configuration */
+};
+
+
+ngx_module_t ngx_http_auth_basic_module = {
+ NGX_MODULE,
+ &ngx_http_auth_basic_module_ctx, /* module context */
+ ngx_http_auth_basic_commands, /* module directives */
+ NGX_HTTP_MODULE, /* module type */
+ ngx_http_auth_basic_init, /* init module */
+ NULL /* init process */
+};
+
+
+static ngx_int_t
+ngx_http_auth_basic_handler(ngx_http_request_t *r)
+{
+ off_t offset;
+ ssize_t n;
+ ngx_fd_t fd;
+ ngx_str_t auth, encoded, pwd;
+ ngx_uint_t i, login, len, left, passwd;
+ ngx_file_t file;
+ ngx_http_auth_basic_ctx_t *ctx;
+ ngx_http_auth_basic_loc_conf_t *alcf;
+ u_char buf[NGX_HTTP_AUTH_BUF_SIZE];
+ enum {
+ sw_login,
+ sw_passwd,
+ sw_skip
+ } state;
+
+ alcf = ngx_http_get_module_loc_conf(r, ngx_http_auth_basic_module);
+
+ if (alcf->realm.len == 0 || alcf->user_file.len == 0) {
+ return NGX_OK;
+ }
+
+ ctx = ngx_http_get_module_ctx(r, ngx_http_auth_basic_module);
+
+ if (ctx) {
+ return ngx_http_auth_basic_crypt_handler(r, ctx, &ctx->passwd,
+ &alcf->realm);
+ }
+
+ if (r->headers_in.authorization == NULL) {
+ return ngx_http_auth_basic_set_realm(r, &alcf->realm);
+ }
+
+ encoded = r->headers_in.authorization->value;
+
+ if (encoded.len < sizeof("Basic ") - 1
+ || ngx_strncasecmp(encoded.data, "Basic ", sizeof("Basic ") - 1) != 0)
+ {
+ return ngx_http_auth_basic_set_realm(r, &alcf->realm);
+ }
+
+ encoded.len -= sizeof("Basic ") - 1;
+ encoded.data += sizeof("Basic ") - 1;
+
+ while (encoded.len && encoded.data[0] == ' ') {
+ encoded.len--;
+ encoded.data++;
+ }
+
+ if (encoded.len == 0) {
+ return ngx_http_auth_basic_set_realm(r, &alcf->realm);
+ }
+
+ auth.len = ngx_base64_decoded_length(encoded.len);
+ auth.data = ngx_palloc(r->pool, auth.len + 1);
+ if (auth.data == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ if (ngx_decode_base64(&auth, &encoded) != NGX_OK) {
+ return ngx_http_auth_basic_set_realm(r, &alcf->realm);
+ }
+
+ auth.data[auth.len] = '\0';
+
+ for (len = 0; len < auth.len; len++) {
+ if (auth.data[len] == ':') {
+ break;
+ }
+ }
+
+ if (len == auth.len) {
+ return ngx_http_auth_basic_set_realm(r, &alcf->realm);
+ }
+
+ r->headers_in.user.len = len;
+ r->headers_in.user.data = auth.data;
+ r->headers_in.passwd.len = auth.len - len - 1;
+ r->headers_in.passwd.data = &auth.data[len + 1];
+
+ fd = ngx_open_file(alcf->user_file.data, NGX_FILE_RDONLY, NGX_FILE_OPEN);
+
+ if (fd == NGX_INVALID_FILE) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, ngx_errno,
+ ngx_open_file_n " \"%s\" failed", alcf->user_file.data);
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ ngx_memzero(&file, sizeof(ngx_file_t));
+
+ file.fd = fd;
+ file.name = alcf->user_file;
+ file.log = r->connection->log;
+
+ state = sw_login;
+ passwd = 0;
+ login = 0;
+ left = 0;
+ offset = 0;
+
+ for ( ;; ) {
+ n = ngx_read_file(&file, buf + left, NGX_HTTP_AUTH_BUF_SIZE - left,
+ offset);
+
+ if (n == NGX_ERROR) {
+ ngx_http_auth_basic_close(&file);
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ if (n == 0) {
+ break;
+ }
+
+ for (i = left; i < left + n; i++) {
+ switch (state) {
+
+ case sw_login:
+ if (login == 0 && buf[i] == '#') {
+ state = sw_skip;
+ break;
+ }
+
+ if (buf[i] != auth.data[login]) {
+ state = sw_skip;
+ break;
+ }
+
+ if (login == len) {
+ state = sw_passwd;
+ passwd = i + 1;
+ }
+
+ login++;
+
+ break;
+
+ case sw_passwd:
+ if (buf[i] == LF || buf[i] == CR || buf[i] == ':') {
+ buf[i] = '\0';
+
+ ngx_http_auth_basic_close(&file);
+
+ pwd.len = i - passwd;
+ pwd.data = &buf[passwd];
+
+ return ngx_http_auth_basic_crypt_handler(r, NULL, &pwd,
+ &alcf->realm);
+ }
+
+ break;
+
+ case sw_skip:
+ if (buf[i] == LF) {
+ state = sw_login;
+ login = 0;
+ }
+
+ break;
+ }
+ }
+
+ if (state == sw_passwd) {
+ left = left + n - passwd;
+ ngx_memcpy(buf, &buf[passwd], left);
+ passwd = 0;
+
+ } else {
+ left = 0;
+ }
+
+ offset += n;
+ }
+
+ ngx_http_auth_basic_close(&file);
+
+ return ngx_http_auth_basic_set_realm(r, &alcf->realm);
+}
+
+
+static ngx_int_t
+ngx_http_auth_basic_crypt_handler(ngx_http_request_t *r,
+ ngx_http_auth_basic_ctx_t *ctx, ngx_str_t *passwd, ngx_str_t *realm)
+{
+ ngx_int_t rc;
+ u_char *encrypted;
+
+ rc = ngx_crypt(r->pool, r->headers_in.passwd.data, passwd->data,
+ &encrypted);
+
+ ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "rc: %d user: \"%V\" salt: \"%s\"",
+ rc, &r->headers_in.user, passwd->data);
+
+ if (rc == NGX_OK) {
+ if (ngx_strcmp(encrypted, passwd->data) == 0) {
+ return NGX_OK;
+ }
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "encrypted: \"%s\"", encrypted);
+
+ return ngx_http_auth_basic_set_realm(r, realm);
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ /* rc == NGX_AGAIN */
+
+ if (ctx == NULL) {
+ ctx = ngx_palloc(r->pool, sizeof(ngx_http_auth_basic_ctx_t));
+ if (ctx == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ ngx_http_set_ctx(r, ctx, ngx_http_auth_basic_module);
+
+ ctx->passwd.len = passwd->len;
+ passwd->len++;
+
+ ctx->passwd.data = ngx_pstrdup(r->pool, passwd);
+ if (ctx->passwd.data == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ }
+
+ /* TODO: add mutex event */
+
+ return rc;
+}
+
+
+static ngx_int_t
+ngx_http_auth_basic_set_realm(ngx_http_request_t *r, ngx_str_t *realm)
+{
+ r->headers_out.www_authenticate = ngx_list_push(&r->headers_out.headers);
+ if (r->headers_out.www_authenticate == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ r->headers_out.www_authenticate->key.len = sizeof("WWW-Authenticate") - 1;
+ r->headers_out.www_authenticate->key.data = (u_char *) "WWW-Authenticate";
+ r->headers_out.www_authenticate->value = *realm;
+
+ return NGX_HTTP_UNAUTHORIZED;
+}
+
+static void
+ngx_http_auth_basic_close(ngx_file_t *file)
+{
+ if (ngx_close_file(file->fd) == NGX_FILE_ERROR) {
+ ngx_log_error(NGX_LOG_ALERT, file->log, ngx_errno,
+ ngx_close_file_n " \"%s\" failed", file->name.data);
+ }
+}
+
+
+static void *
+ngx_http_auth_basic_create_loc_conf(ngx_conf_t *cf)
+{
+ ngx_http_auth_basic_loc_conf_t *conf;
+
+ conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_auth_basic_loc_conf_t));
+ if (conf == NULL) {
+ return NGX_CONF_ERROR;
+ }
+
+ return conf;
+}
+
+
+static char *
+ngx_http_auth_basic_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
+{
+ ngx_http_auth_basic_loc_conf_t *prev = parent;
+ ngx_http_auth_basic_loc_conf_t *conf = child;
+
+ size_t len;
+ u_char *realm, *p;
+
+ if (conf->realm.data) {
+ if (conf->realm.len) {
+ len = sizeof("Basic realm=\"") - 1 + conf->realm.len + 1;
+
+ realm = ngx_palloc(cf->pool, len);
+ if (realm == NULL) {
+ return NGX_CONF_ERROR;
+ }
+
+ p = ngx_cpymem(realm, "Basic realm=\"",
+ sizeof("Basic realm=\"") - 1);
+ p = ngx_cpymem(p, conf->realm.data, conf->realm.len);
+ *p = '"';
+
+ conf->realm.len = len;
+ conf->realm.data = realm;
+ }
+
+ } else {
+ conf->realm = prev->realm;
+ }
+
+
+ if (conf->user_file.data) {
+ if (ngx_conf_full_name(cf->cycle, &conf->user_file) != NGX_OK) {
+ return NGX_CONF_ERROR;
+ }
+
+ } else {
+ conf->user_file = prev->user_file;
+ }
+
+ return NGX_CONF_OK;
+}
+
+
+static ngx_int_t
+ngx_http_auth_basic_init(ngx_cycle_t *cycle)
+{
+ ngx_http_handler_pt *h;
+ ngx_http_core_main_conf_t *cmcf;
+
+ cmcf = ngx_http_cycle_get_module_main_conf(cycle, ngx_http_core_module);
+
+ h = ngx_array_push(&cmcf->phases[NGX_HTTP_ACCESS_PHASE].handlers);
+ if (h == NULL) {
+ return NGX_ERROR;
+ }
+
+ *h = ngx_http_auth_basic_handler;
+
+ return NGX_OK;
+}
+
+
+static char *
+ngx_http_auth_basic(ngx_conf_t *cf, void *post, void *data)
+{
+ ngx_str_t *realm = data;
+
+ if (ngx_strcmp(realm->data, "off") == 0) {
+ realm->len = 0;
+ realm->data = (u_char *) "";
+ }
+
+ return NGX_CONF_OK;
+}
diff --git a/src/http/modules/ngx_http_autoindex_module.c b/src/http/modules/ngx_http_autoindex_module.c
index a7b998678..ff163ed3c 100644
--- a/src/http/modules/ngx_http_autoindex_module.c
+++ b/src/http/modules/ngx_http_autoindex_module.c
@@ -39,7 +39,8 @@ typedef struct {
#define NGX_HTTP_AUTOINDEX_NAME_LEN 50
-static int ngx_http_autoindex_cmp_entries(const void *one, const void *two);
+static int ngx_libc_cdecl ngx_http_autoindex_cmp_entries(const void *one,
+ const void *two);
static ngx_int_t ngx_http_autoindex_error(ngx_http_request_t *r,
ngx_dir_t *dir, u_char *name);
static ngx_int_t ngx_http_autoindex_init(ngx_cycle_t *cycle);
@@ -446,7 +447,7 @@ ngx_http_autoindex_handler(ngx_http_request_t *r)
}
-static int
+static int ngx_libc_cdecl
ngx_http_autoindex_cmp_entries(const void *one, const void *two)
{
ngx_http_autoindex_entry_t *first = (ngx_http_autoindex_entry_t *) one;
diff --git a/src/http/modules/ngx_http_fastcgi_module.c b/src/http/modules/ngx_http_fastcgi_module.c
index a5f9a02c8..986215ba0 100644
--- a/src/http/modules/ngx_http_fastcgi_module.c
+++ b/src/http/modules/ngx_http_fastcgi_module.c
@@ -153,7 +153,9 @@ static ngx_str_t ngx_http_fastcgi_methods[] = {
};
+#if (NGX_PCRE)
static ngx_str_t ngx_http_fastcgi_uri = ngx_string("/");
+#endif
static ngx_http_header_t ngx_http_fastcgi_headers_in[] = {
diff --git a/src/http/modules/ngx_http_userid_filter_module.c b/src/http/modules/ngx_http_userid_filter_module.c
index 62d40ac34..4889fbffd 100644
--- a/src/http/modules/ngx_http_userid_filter_module.c
+++ b/src/http/modules/ngx_http_userid_filter_module.c
@@ -605,7 +605,7 @@ ngx_http_userid_domain(ngx_conf_t *cf, void *post, void *data)
u_char *p, *new;
- if (domain->len == 4 && ngx_strcmp(domain->data, "none") == 0) {
+ if (ngx_strcmp(domain->data, "none") == 0) {
domain->len = 0;
domain->data = (u_char *) "";
@@ -690,7 +690,7 @@ ngx_http_userid_p3p(ngx_conf_t *cf, void *post, void *data)
{
ngx_str_t *p3p = data;
- if (p3p->len == 4 && ngx_strcmp(p3p->data, "none") == 0) {
+ if (ngx_strcmp(p3p->data, "none") == 0) {
p3p->len = 0;
p3p->data = (u_char *) "";
}
diff --git a/src/http/modules/proxy/ngx_http_proxy_handler.c b/src/http/modules/proxy/ngx_http_proxy_handler.c
index edad22cdf..2b76c1f9d 100644
--- a/src/http/modules/proxy/ngx_http_proxy_handler.c
+++ b/src/http/modules/proxy/ngx_http_proxy_handler.c
@@ -362,7 +362,9 @@ static ngx_str_t cache_reasons[] = {
};
+#if (NGX_PCRE)
static ngx_str_t ngx_http_proxy_uri = ngx_string("/");
+#endif
static ngx_int_t ngx_http_proxy_handler(ngx_http_request_t *r)
@@ -812,9 +814,11 @@ u_char *ngx_http_proxy_log_error(ngx_log_t *log, u_char *buf, size_t len)
peer = &ctx->proxy->upstream->peer;
p = ngx_snprintf(buf, len,
- " while %s, client: %V, URL: %V, upstream: http://%V%s%V",
+ " while %s, client: %V, host: %V, URL: \"%V\","
+ " upstream: http://%V%s%V",
ctx->proxy->action,
&r->connection->addr_text,
+ &r->server_name,
&r->unparsed_uri,
&peer->peers->peer[peer->cur_peer].name,
ctx->proxy->lcf->upstream->uri_separator,
diff --git a/src/http/ngx_http.c b/src/http/ngx_http.c
index e4c8f2e9c..2c97d7190 100644
--- a/src/http/ngx_http.c
+++ b/src/http/ngx_http.c
@@ -11,7 +11,8 @@
static char *ngx_http_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
-static int ngx_cmp_server_names(const void *one, const void *two);
+static int ngx_libc_cdecl ngx_cmp_server_names(const void *one,
+ const void *two);
static ngx_int_t ngx_http_add_address(ngx_conf_t *cf,
ngx_http_in_port_t *in_port, ngx_http_listen_t *lscf,
ngx_http_core_srv_conf_t *cscf);
@@ -687,7 +688,7 @@ ngx_http_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
}
-static int
+static int ngx_libc_cdecl
ngx_cmp_server_names(const void *one, const void *two)
{
ngx_http_server_name_t *first = (ngx_http_server_name_t *) one;
diff --git a/src/http/ngx_http_core_module.c b/src/http/ngx_http_core_module.c
index 620d2e9e5..d1bf10457 100644
--- a/src/http/ngx_http_core_module.c
+++ b/src/http/ngx_http_core_module.c
@@ -35,7 +35,8 @@ static char *ngx_http_core_server(ngx_conf_t *cf, ngx_command_t *cmd,
void *dummy);
static char *ngx_http_core_location(ngx_conf_t *cf, ngx_command_t *cmd,
void *dummy);
-static int ngx_http_core_cmp_locations(const void *first, const void *second);
+static int ngx_libc_cdecl ngx_http_core_cmp_locations(const void *first,
+ const void *second);
static char *ngx_http_core_types(ngx_conf_t *cf, ngx_command_t *cmd,
void *conf);
@@ -1257,7 +1258,7 @@ ngx_http_core_location(ngx_conf_t *cf, ngx_command_t *cmd, void *dummy)
}
-static int
+static int ngx_libc_cdecl
ngx_http_core_cmp_locations(const void *one, const void *two)
{
ngx_int_t rc;
diff --git a/src/http/ngx_http_parse.c b/src/http/ngx_http_parse.c
index a7d8fe37f..7f031cf0d 100644
--- a/src/http/ngx_http_parse.c
+++ b/src/http/ngx_http_parse.c
@@ -497,9 +497,10 @@ ngx_int_t ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b)
sw_space_before_value,
sw_value,
sw_space_after_value,
+ sw_ignore_line,
+ sw_skip_line,
sw_almost_done,
- sw_header_almost_done,
- sw_ignore_line
+ sw_header_almost_done
} state;
state = r->state;
@@ -511,6 +512,8 @@ ngx_int_t ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b)
/* first char */
case sw_start:
+ r->invalid_header = 0;
+
switch (ch) {
case CR:
r->header_end = p;
@@ -528,7 +531,7 @@ ngx_int_t ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b)
break;
}
- if (ch == '-' || ch == '_' || ch == '~' || ch == '.') {
+ if (ch == '-') {
break;
}
@@ -536,7 +539,9 @@ ngx_int_t ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b)
break;
}
- return NGX_HTTP_PARSE_INVALID_HEADER;
+ r->invalid_header = 1;
+ state = sw_skip_line;
+ break;
}
break;
@@ -554,7 +559,7 @@ ngx_int_t ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b)
break;
}
- if (ch == '-' || ch == '_' || ch == '~' || ch == '.') {
+ if (ch == '-') {
break;
}
@@ -572,7 +577,9 @@ ngx_int_t ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b)
break;
}
- return NGX_HTTP_PARSE_INVALID_HEADER;
+ r->invalid_header = 1;
+ state = sw_skip_line;
+ break;
/* space* before header value */
case sw_space_before_value:
@@ -637,6 +644,21 @@ ngx_int_t ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b)
}
break;
+ /* skip header line */
+ case sw_skip_line:
+ switch (ch) {
+ case CR:
+ r->header_end = p;
+ state = sw_almost_done;
+ break;
+ case LF:
+ r->header_end = p;
+ goto done;
+ default:
+ break;
+ }
+ break;
+
/* end of header line */
case sw_almost_done:
switch (ch) {
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
index 3876e39e7..461c028d9 100644
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -722,6 +722,7 @@ ngx_http_process_request_headers(ngx_event_t *rev)
{
ssize_t n;
ngx_int_t rc, rv, i;
+ ngx_str_t header;
ngx_table_elt_t *h, **cookie;
ngx_connection_t *c;
ngx_http_request_t *r;
@@ -771,6 +772,19 @@ ngx_http_process_request_headers(ngx_event_t *rev)
if (rc == NGX_OK) {
+ if (r->invalid_header) {
+
+ /* there was error while a header line parsing */
+
+ header.len = r->header_end - r->header_name_start;
+ header.data = r->header_name_start;
+
+ ngx_log_error(NGX_LOG_INFO, rev->log, 0,
+ "client sent invalid header: \"%V\", ignored,",
+ &header);
+ continue;
+ }
+
/* a header line has been parsed successfully */
r->headers_n++;
@@ -2371,6 +2385,11 @@ ngx_http_log_error(ngx_log_t *log, u_char *buf, size_t len)
len -= p - buf;
+ if (ctx->request->server_name.data) {
+ p = ngx_snprintf(p, len, ", host: %V", &ctx->request->server_name);
+ len -= p - buf;
+ }
+
p = ngx_snprintf(p, len, ", URL: \"%V\"", &ctx->request->unparsed_uri);
if (ctx->request->headers_in.referer == NULL) {
diff --git a/src/http/ngx_http_request.h b/src/http/ngx_http_request.h
index 413af2fab..a1e9ae554 100644
--- a/src/http/ngx_http_request.h
+++ b/src/http/ngx_http_request.h
@@ -55,6 +55,7 @@
#define NGX_HTTP_NOT_MODIFIED 304
#define NGX_HTTP_BAD_REQUEST 400
+#define NGX_HTTP_UNAUTHORIZED 401
#define NGX_HTTP_FORBIDDEN 403
#define NGX_HTTP_NOT_FOUND 404
#define NGX_HTTP_NOT_ALLOWED 405
@@ -157,6 +158,9 @@ typedef struct {
ngx_table_elt_t *accept_language;
#endif
+ ngx_str_t user;
+ ngx_str_t passwd;
+
ngx_array_t cookies;
size_t host_name_len;
@@ -194,6 +198,7 @@ typedef struct {
ngx_table_elt_t *last_modified;
ngx_table_elt_t *content_range;
ngx_table_elt_t *accept_ranges;
+ ngx_table_elt_t *www_authenticate;
ngx_table_elt_t *expires;
ngx_table_elt_t *cache_control;
ngx_table_elt_t *etag;
@@ -336,6 +341,8 @@ struct ngx_http_request_s {
unsigned uri_changed:1;
unsigned uri_changes:4;
+ unsigned invalid_header:1;
+
unsigned low_case_exten:1;
unsigned header_timeout_set:1;
diff --git a/src/http/ngx_http_special_response.c b/src/http/ngx_http_special_response.c
index 44da5f388..2ccf51cf4 100644
--- a/src/http/ngx_http_special_response.c
+++ b/src/http/ngx_http_special_response.c
@@ -53,9 +53,9 @@ static char error_400_page[] =
static char error_401_page[] =
"<html>" CRLF
-"<head><title>401 Unauthorized</title></head>" CRLF
+"<head><title>401 Authorization Required</title></head>" CRLF
"<body bgcolor=\"white\">" CRLF
-"<center><h1>401 Unauthorized</h1></center>" CRLF
+"<center><h1>401 Authorization Required</h1></center>" CRLF
;
diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c
index 3076df7de..0624c0f9a 100644
--- a/src/http/ngx_http_upstream.c
+++ b/src/http/ngx_http_upstream.c
@@ -1148,9 +1148,11 @@ ngx_http_upstream_log_error(ngx_log_t *log, u_char *buf, size_t len)
peer = &u->peer;
p = ngx_snprintf(buf, len,
- " while %s, client: %V, URL: %V, upstream: %V%V%s%V",
+ " while %s, client: %V, host: %V, URL: \"%V\","
+ " upstream: %V%V%s%V",
log->action,
&r->connection->addr_text,
+ &r->server_name,
&r->unparsed_uri,
&u->schema,
&peer->peers->peer[peer->cur_peer].name,
diff --git a/src/os/unix/ngx_linux_config.h b/src/os/unix/ngx_linux_config.h
index 35e3b8b73..29d8aae1b 100644
--- a/src/os/unix/ngx_linux_config.h
+++ b/src/os/unix/ngx_linux_config.h
@@ -48,6 +48,7 @@
#include <malloc.h> /* memalign() */
#include <sys/ioctl.h>
#include <sys/sysctl.h>
+#include <crypt.h>
#include <ngx_auto_config.h>
diff --git a/src/os/unix/ngx_solaris_config.h b/src/os/unix/ngx_solaris_config.h
index d629e046b..088fbd023 100644
--- a/src/os/unix/ngx_solaris_config.h
+++ b/src/os/unix/ngx_solaris_config.h
@@ -46,6 +46,7 @@
#include <sys/systeminfo.h>
#include <limits.h> /* IOV_MAX */
#include <inttypes.h>
+#include <crypt.h>
#include <ngx_auto_config.h>
diff --git a/src/os/unix/ngx_user.c b/src/os/unix/ngx_user.c
new file mode 100644
index 000000000..2b9af6082
--- /dev/null
+++ b/src/os/unix/ngx_user.c
@@ -0,0 +1,85 @@
+
+/*
+ * Copyright (C) Igor Sysoev
+ */
+
+
+#include <ngx_config.h>
+#include <ngx_core.h>
+
+
+/*
+ * Solaris has thread-safe crypt()
+ * Linux has crypt_r(); "struct crypt_data" is more than 128K
+ * FreeBSD needs the mutex to protect crypt()
+ *
+ * TODO:
+ * ngx_crypt_init() to init mutex
+ */
+
+
+#if (NGX_LINUX)
+
+ngx_int_t
+ngx_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted)
+{
+ char *value;
+ size_t len;
+ struct crypt_data cd;
+
+ value = crypt_r((char *) key, (char *) salt, &cd);
+
+ if (value) {
+ len = ngx_strlen(value);
+
+ *encrypted = ngx_palloc(pool, len);
+ if (*encrypted) {
+ ngx_memcpy(*encrypted, value, len + 1);
+ return NGX_OK;
+ }
+ }
+
+ return NGX_ERROR;
+}
+
+#else
+
+ngx_int_t
+ngx_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted)
+{
+ char *value;
+ size_t len;
+ ngx_int_t rc;
+
+#if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
+
+ /* crypt() is a time consuming funtion, so we only try to lock */
+
+ if (ngx_mutex_trylock(ngx_crypt_mutex) != NGX_OK) {
+ return NGX_AGAIN;
+ }
+
+#endif
+
+ rc = NGX_ERROR;
+
+ value = crypt((char *) key, (char *) salt);
+
+ if (value) {
+ len = ngx_strlen(value);
+
+ *encrypted = ngx_palloc(pool, len);
+ if (*encrypted) {
+ ngx_memcpy(*encrypted, value, len + 1);
+ rc = NGX_OK;
+ }
+ }
+
+#if (NGX_THREADS && NGX_NONREENTRANT_CRYPT)
+ ngx_mutex_unlock(ngx_crypt_mutex);
+#endif
+
+ return rc;
+}
+
+#endif
diff --git a/src/os/unix/ngx_user.h b/src/os/unix/ngx_user.h
index f939b84b4..a24a66bf3 100644
--- a/src/os/unix/ngx_user.h
+++ b/src/os/unix/ngx_user.h
@@ -16,4 +16,9 @@ typedef uid_t ngx_uid_t;
typedef gid_t ngx_gid_t;
+ngx_int_t ngx_crypt(ngx_pool_t *pool, u_char *key, u_char *salt,
+ u_char **encrypted);
+
+
+
#endif /* _NGX_USER_H_INCLUDED_ */