rev |
line source |
pascal@536
|
1 Check system passwords
|
pascal@536
|
2 --- busybox-1.19.0/networking/httpd.c
|
pascal@536
|
3 +++ busybox-1.19.0/networking/httpd.c
|
pascal@536
|
4 @@ -54,6 +54,7 @@
|
pascal@536
|
5 * /cgi-bin:foo:bar # Require user foo, pwd bar on urls starting with /cgi-bin/
|
pascal@536
|
6 * /adm:admin:setup # Require user admin, pwd setup on urls starting with /adm/
|
pascal@536
|
7 * /adm:toor:PaSsWd # or user toor, pwd PaSsWd on urls starting with /adm/
|
pascal@536
|
8 + * /adm:root:* # or user root, pwd from /etc/passwd on urls starting with /adm/
|
pascal@536
|
9 * .au:audio/basic # additional mime type for audio.au files
|
pascal@536
|
10 * *.php:/path/php # run xxx.php through an interpreter
|
pascal@536
|
11 *
|
pascal@536
|
12 @@ -1745,7 +1746,7 @@
|
pascal@536
|
13 const char *prev = NULL;
|
pascal@536
|
14
|
pascal@536
|
15 for (cur = g_auth; cur; cur = cur->next) {
|
pascal@536
|
16 - const char *dir_prefix;
|
pascal@536
|
17 + const char *dir_prefix, *passwd;
|
pascal@536
|
18 size_t len;
|
pascal@536
|
19
|
pascal@536
|
20 dir_prefix = cur->before_colon;
|
pascal@536
|
21 @@ -1770,18 +1771,28 @@
|
pascal@536
|
22 /* Path match found */
|
pascal@536
|
23 prev = dir_prefix;
|
pascal@536
|
24
|
pascal@536
|
25 + remoteuser = xstrndup(user_and_passwd,
|
pascal@536
|
26 + strchrnul(user_and_passwd, ':') - user_and_passwd);
|
pascal@536
|
27 + passwd = strchr(cur->after_colon, ':');
|
pascal@536
|
28 +
|
pascal@536
|
29 + if (passwd && passwd[1] == '*' && passwd[2] == 0) {
|
pascal@536
|
30 + pw = getpwnam(remoteuser);
|
pascal@536
|
31 + /* Don't check the password if password entry is empty (!) */
|
pascal@536
|
32 + if (pw && pw->pw_passwd[0] != '!' && pw->pw_passwd[0] != '*' &&
|
pascal@536
|
33 + (!pw->pw_passwd[0] || correct_password(pw)))
|
pascal@536
|
34 + return 1; /* Ok */
|
pascal@536
|
35 + free(remoteuser);
|
pascal@536
|
36 + continue;
|
pascal@536
|
37 + }
|
pascal@536
|
38 if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
|
pascal@536
|
39 - char *md5_passwd;
|
pascal@536
|
40 -
|
pascal@536
|
41 - md5_passwd = strchr(cur->after_colon, ':');
|
pascal@536
|
42 - if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1'
|
pascal@536
|
43 - && md5_passwd[3] == '$' && md5_passwd[4]
|
pascal@536
|
44 + if (passwd && passwd[1] == '$' && passwd[2] == '1'
|
pascal@536
|
45 + && passwd[3] == '$' && passwd[4]
|
pascal@536
|
46 ) {
|
pascal@536
|
47 char *encrypted;
|
pascal@536
|
48 int r, user_len_p1;
|
pascal@536
|
49
|
pascal@536
|
50 - md5_passwd++;
|
pascal@536
|
51 - user_len_p1 = md5_passwd - cur->after_colon;
|
pascal@536
|
52 + passwd++;
|
pascal@536
|
53 + user_len_p1 = passwd - cur->after_colon;
|
pascal@536
|
54 /* comparing "user:" */
|
pascal@536
|
55 if (strncmp(cur->after_colon, user_and_passwd, user_len_p1) != 0) {
|
pascal@536
|
56 continue;
|
pascal@536
|
57 @@ -1789,22 +1800,20 @@
|
pascal@536
|
58
|
pascal@536
|
59 encrypted = pw_encrypt(
|
pascal@536
|
60 user_and_passwd + user_len_p1 /* cleartext pwd from user */,
|
pascal@536
|
61 - md5_passwd /*salt */, 1 /* cleanup */);
|
pascal@536
|
62 - r = strcmp(encrypted, md5_passwd);
|
pascal@536
|
63 + passwd /*salt */, 1 /* cleanup */);
|
pascal@536
|
64 + r = strcmp(encrypted, passwd);
|
pascal@536
|
65 free(encrypted);
|
pascal@536
|
66 if (r == 0)
|
pascal@536
|
67 - goto set_remoteuser_var; /* Ok */
|
pascal@536
|
68 + return 1; /* Ok */
|
pascal@536
|
69 continue;
|
pascal@536
|
70 }
|
pascal@536
|
71 }
|
pascal@536
|
72
|
pascal@536
|
73 /* Comparing plaintext "user:pass" in one go */
|
pascal@536
|
74 - if (strcmp(cur->after_colon, user_and_passwd) == 0) {
|
pascal@536
|
75 - set_remoteuser_var:
|
pascal@536
|
76 - remoteuser = xstrndup(user_and_passwd,
|
pascal@536
|
77 - strchrnul(user_and_passwd, ':') - user_and_passwd);
|
pascal@536
|
78 + if (strcmp(cur->after_colon, user_and_passwd) == 0)
|
pascal@536
|
79 return 1; /* Ok */
|
pascal@536
|
80 - }
|
pascal@536
|
81 + free(remoteuser);
|
pascal@536
|
82 + remoteuser = NULL;
|
pascal@536
|
83 } /* for */
|
pascal@536
|
84
|
pascal@536
|
85 /* 0(bad) if prev is set: matches were found but passwd was wrong */
|