wok-undigest annotate busybox/stuff/busybox-1.19-httpd.u @ rev 536

busybox/httpd: check system passwords
author Pascal Bellard <pascal.bellard@slitaz.org>
date Sat Nov 05 14:10:28 2011 +0100 (2011-11-05)
parents
children e3d45fb903d5
rev   line source
pascal@536 1 Check system passwords
pascal@536 2 --- busybox-1.19.0/networking/httpd.c
pascal@536 3 +++ busybox-1.19.0/networking/httpd.c
pascal@536 4 @@ -54,6 +54,7 @@
pascal@536 5 * /cgi-bin:foo:bar # Require user foo, pwd bar on urls starting with /cgi-bin/
pascal@536 6 * /adm:admin:setup # Require user admin, pwd setup on urls starting with /adm/
pascal@536 7 * /adm:toor:PaSsWd # or user toor, pwd PaSsWd on urls starting with /adm/
pascal@536 8 + * /adm:root:* # or user root, pwd from /etc/passwd on urls starting with /adm/
pascal@536 9 * .au:audio/basic # additional mime type for audio.au files
pascal@536 10 * *.php:/path/php # run xxx.php through an interpreter
pascal@536 11 *
pascal@536 12 @@ -1745,7 +1746,7 @@
pascal@536 13 const char *prev = NULL;
pascal@536 14
pascal@536 15 for (cur = g_auth; cur; cur = cur->next) {
pascal@536 16 - const char *dir_prefix;
pascal@536 17 + const char *dir_prefix, *passwd;
pascal@536 18 size_t len;
pascal@536 19
pascal@536 20 dir_prefix = cur->before_colon;
pascal@536 21 @@ -1770,18 +1771,28 @@
pascal@536 22 /* Path match found */
pascal@536 23 prev = dir_prefix;
pascal@536 24
pascal@536 25 + remoteuser = xstrndup(user_and_passwd,
pascal@536 26 + strchrnul(user_and_passwd, ':') - user_and_passwd);
pascal@536 27 + passwd = strchr(cur->after_colon, ':');
pascal@536 28 +
pascal@536 29 + if (passwd && passwd[1] == '*' && passwd[2] == 0) {
pascal@536 30 + pw = getpwnam(remoteuser);
pascal@536 31 + /* Don't check the password if password entry is empty (!) */
pascal@536 32 + if (pw && pw->pw_passwd[0] != '!' && pw->pw_passwd[0] != '*' &&
pascal@536 33 + (!pw->pw_passwd[0] || correct_password(pw)))
pascal@536 34 + return 1; /* Ok */
pascal@536 35 + free(remoteuser);
pascal@536 36 + continue;
pascal@536 37 + }
pascal@536 38 if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
pascal@536 39 - char *md5_passwd;
pascal@536 40 -
pascal@536 41 - md5_passwd = strchr(cur->after_colon, ':');
pascal@536 42 - if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1'
pascal@536 43 - && md5_passwd[3] == '$' && md5_passwd[4]
pascal@536 44 + if (passwd && passwd[1] == '$' && passwd[2] == '1'
pascal@536 45 + && passwd[3] == '$' && passwd[4]
pascal@536 46 ) {
pascal@536 47 char *encrypted;
pascal@536 48 int r, user_len_p1;
pascal@536 49
pascal@536 50 - md5_passwd++;
pascal@536 51 - user_len_p1 = md5_passwd - cur->after_colon;
pascal@536 52 + passwd++;
pascal@536 53 + user_len_p1 = passwd - cur->after_colon;
pascal@536 54 /* comparing "user:" */
pascal@536 55 if (strncmp(cur->after_colon, user_and_passwd, user_len_p1) != 0) {
pascal@536 56 continue;
pascal@536 57 @@ -1789,22 +1800,20 @@
pascal@536 58
pascal@536 59 encrypted = pw_encrypt(
pascal@536 60 user_and_passwd + user_len_p1 /* cleartext pwd from user */,
pascal@536 61 - md5_passwd /*salt */, 1 /* cleanup */);
pascal@536 62 - r = strcmp(encrypted, md5_passwd);
pascal@536 63 + passwd /*salt */, 1 /* cleanup */);
pascal@536 64 + r = strcmp(encrypted, passwd);
pascal@536 65 free(encrypted);
pascal@536 66 if (r == 0)
pascal@536 67 - goto set_remoteuser_var; /* Ok */
pascal@536 68 + return 1; /* Ok */
pascal@536 69 continue;
pascal@536 70 }
pascal@536 71 }
pascal@536 72
pascal@536 73 /* Comparing plaintext "user:pass" in one go */
pascal@536 74 - if (strcmp(cur->after_colon, user_and_passwd) == 0) {
pascal@536 75 - set_remoteuser_var:
pascal@536 76 - remoteuser = xstrndup(user_and_passwd,
pascal@536 77 - strchrnul(user_and_passwd, ':') - user_and_passwd);
pascal@536 78 + if (strcmp(cur->after_colon, user_and_passwd) == 0)
pascal@536 79 return 1; /* Ok */
pascal@536 80 - }
pascal@536 81 + free(remoteuser);
pascal@536 82 + remoteuser = NULL;
pascal@536 83 } /* for */
pascal@536 84
pascal@536 85 /* 0(bad) if prev is set: matches were found but passwd was wrong */