mirror of
git://projects.qi-hardware.com/openwrt-xburst.git
synced 2024-11-27 19:37:10 +02:00
add back busybox httpd password auth support - fixes x-wrt
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@12422 3c298f89-4303-0410-b956-a3cf2f4a3e73
This commit is contained in:
parent
ef5d60de3b
commit
41d62be633
41
package/busybox/patches/310-passwd_access.patch
Normal file
41
package/busybox/patches/310-passwd_access.patch
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
|
||||||
|
Copyright (C) 2006 OpenWrt.org
|
||||||
|
|
||||||
|
--- a/networking/httpd.c
|
||||||
|
+++ b/networking/httpd.c
|
||||||
|
@@ -1697,21 +1697,32 @@
|
||||||
|
|
||||||
|
if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
|
||||||
|
char *md5_passwd;
|
||||||
|
+ int user_len_p1;
|
||||||
|
|
||||||
|
md5_passwd = strchr(cur->after_colon, ':');
|
||||||
|
- if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1'
|
||||||
|
+ user_len_p1 = md5_passwd + 1 - cur->after_colon;
|
||||||
|
+ if (md5_passwd && !strncmp(md5_passwd + 1, "$p$", 3)) {
|
||||||
|
+ struct passwd *pwd = NULL;
|
||||||
|
+
|
||||||
|
+ pwd = getpwnam(&md5_passwd[4]);
|
||||||
|
+ if(!pwd->pw_passwd || !pwd->pw_passwd[0] || pwd->pw_passwd[0] == '!')
|
||||||
|
+ continue;
|
||||||
|
+
|
||||||
|
+ md5_passwd = pwd->pw_passwd;
|
||||||
|
+ goto check_md5_pw;
|
||||||
|
+ } else if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1'
|
||||||
|
&& md5_passwd[3] == '$' && md5_passwd[4]
|
||||||
|
) {
|
||||||
|
char *encrypted;
|
||||||
|
- int r, user_len_p1;
|
||||||
|
+ int r;
|
||||||
|
|
||||||
|
md5_passwd++;
|
||||||
|
- user_len_p1 = md5_passwd - cur->after_colon;
|
||||||
|
/* comparing "user:" */
|
||||||
|
if (strncmp(cur->after_colon, user_and_passwd, user_len_p1) != 0) {
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
+check_md5_pw:
|
||||||
|
encrypted = pw_encrypt(
|
||||||
|
user_and_passwd + user_len_p1 /* cleartext pwd from user */,
|
||||||
|
md5_passwd /*salt */, 1 /* cleanup */);
|
Loading…
Reference in New Issue
Block a user