crypt_r() issue when viewing HTTP auth page

Maxim Dounin mdounin at mdounin.ru
Thu Dec 20 17:11:43 UTC 2012


Hello!

On Wed, Dec 19, 2012 at 07:42:55PM -0500, digitalpoint wrote:

> When viewing a page that is HTTP auth password protected, we sometimes get
> an error 500 (internal server error), but 100% of the time, a browser reload
> of the page makes it work the second time around.  The ngnix error log shows
> this:
> 
> 2012/12/19 15:50:43 [crit] 28799#0: *6224 crypt_r() failed (2: No such file
> or directory), client: 108.199.xxx.xxx, server: dev.digitalpoint.com,
> request: "GET /admin.php HTTP/1.1", host: "dev.digitalpoint.com", referrer:
> "http://dev.digitalpoint.com/"
> 
> It makes me wonder if maybe nginx worker processes can never read the
> auth_basic_user_file the first time it tries for some reason (but always can
> after that first try)?  Like I mentioned, it will work properly 100% of the
> time on a browser reload.
> 
> relevant part of nginx conf:
> 
>         location /admin.php {
>                 auth_basic                    Restricted;
>                 auth_basic_user_file    /etc/nginx/.passwd;
>         <...clipped...>
>         }
> 
> /etc/nginx/.passwd exists and I assume everything is okay with it since
> everything works as expected on browser reload.
> 
> Anyone know how to fix this?

Try the following patch:

--- a/src/os/unix/ngx_user.c
+++ b/src/os/unix/ngx_user.c
@@ -28,20 +28,15 @@ ngx_libc_crypt(ngx_pool_t *pool, u_char 
 {
     char               *value;
     size_t              len;
-    ngx_err_t           err;
     struct crypt_data   cd;
 
-    ngx_set_errno(0);
-
     cd.initialized = 0;
     /* work around the glibc bug */
     cd.current_salt[0] = ~salt[0];
 
     value = crypt_r((char *) key, (char *) salt, &cd);
 
-    err = ngx_errno;
-
-    if (err == 0) {
+    if (value) {
         len = ngx_strlen(value) + 1;
 
         *encrypted = ngx_pnalloc(pool, len);
@@ -49,9 +44,11 @@ ngx_libc_crypt(ngx_pool_t *pool, u_char 
             ngx_memcpy(*encrypted, value, len);
             return NGX_OK;
         }
+
+        return NGX_ERROR;
     }
 
-    ngx_log_error(NGX_LOG_CRIT, pool->log, err, "crypt_r() failed");
+    ngx_log_error(NGX_LOG_CRIT, pool->log, ngx_errno, "crypt_r() failed");
 
     return NGX_ERROR;
 }


-- 
Maxim Dounin
http://nginx.com/support.html



More information about the nginx mailing list