2006-06-27 03:51:59 +03:00
|
|
|
|
|
|
|
Copyright (C) 2006 OpenWrt.org
|
|
|
|
|
2006-12-30 21:35:58 +02:00
|
|
|
diff -ruN busybox-1.3.1-old/networking/httpd.c busybox-1.3.1/networking/httpd.c
|
|
|
|
--- busybox-1.3.1-old/networking/httpd.c 2006-12-28 18:17:23.000000000 +0100
|
|
|
|
+++ busybox-1.3.1/networking/httpd.c 2006-12-28 19:56:34.000000000 +0100
|
|
|
|
@@ -1381,12 +1381,26 @@
|
|
|
|
if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
|
|
|
|
char *cipher;
|
|
|
|
char *pp;
|
|
|
|
+ char *ppnew = NULL;
|
|
|
|
+ struct passwd *pwd = NULL;
|
2006-02-04 03:21:35 +02:00
|
|
|
|
2006-12-30 21:35:58 +02:00
|
|
|
if (strncmp(p, request, u-request) != 0) {
|
|
|
|
/* user uncompared */
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
pp = strchr(p, ':');
|
|
|
|
+ if(pp && pp[1] == '$' && pp[2] == 'p' &&
|
2006-02-04 03:21:35 +02:00
|
|
|
+ pp[3] == '$' && pp[4] &&
|
2006-12-30 21:35:58 +02:00
|
|
|
+ (pwd = getpwnam(&pp[4])) != NULL) {
|
|
|
|
+ if(pwd->pw_passwd && pwd->pw_passwd[0] == '!') {
|
|
|
|
+ prev = NULL;
|
|
|
|
+ continue;
|
|
|
|
+ }
|
|
|
|
+ ppnew = xrealloc(ppnew, 5 + strlen(pwd->pw_passwd));
|
|
|
|
+ ppnew[0] = ':';
|
|
|
|
+ strcpy(ppnew + 1, pwd->pw_passwd);
|
|
|
|
+ pp = ppnew;
|
|
|
|
+ }
|
|
|
|
if (pp && pp[1] == '$' && pp[2] == '1' &&
|
|
|
|
pp[3] == '$' && pp[4]) {
|
|
|
|
pp++;
|
|
|
|
@@ -1396,6 +1410,10 @@
|
|
|
|
/* unauthorized */
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
+ if (ppnew) {
|
|
|
|
+ free(ppnew);
|
|
|
|
+ ppnew = NULL;
|
2006-10-06 21:52:02 +03:00
|
|
|
+ }
|
2006-02-04 03:21:35 +02:00
|
|
|
}
|
2006-12-30 21:35:58 +02:00
|
|
|
|
|
|
|
if (strcmp(p, request) == 0) {
|