# HG changeset patch # User Pascal Bellard # Date 1320610619 -3600 # Node ID b162a1ec67de02e3e05513bf8c65405161b1871b # Parent fb505ef6dddba3f74a20f2403b5740199a9aa5ac busybox/httpd: fix pam failure case diff -r fb505ef6dddb -r b162a1ec67de busybox/stuff/busybox-1.19-httpd.u --- a/busybox/stuff/busybox-1.19-httpd.u Sun Nov 06 19:03:48 2011 +0100 +++ b/busybox/stuff/busybox-1.19-httpd.u Sun Nov 06 21:16:59 2011 +0100 @@ -91,7 +91,7 @@ dir_prefix = cur->before_colon; -@@ -1771,36 +1833,78 @@ +@@ -1771,36 +1833,80 @@ prev = dir_prefix; if (ENABLE_FEATURE_HTTPD_AUTH_MD5) { @@ -113,20 +113,22 @@ + struct pam_userinfo userinfo; + struct pam_conv conv_info = {&pam_talker, (void *) &userinfo}; + pam_handle_t *pamh; ++ ++ userinfo.name = username; ++ userinfo.pw = unencrypted; - md5_passwd = strchr(cur->after_colon, ':'); - if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1' - && md5_passwd[3] == '$' && md5_passwd[4] -+ userinfo.name = username; -+ userinfo.pw = unencrypted; -+ + if (cur->after_colon[0] != '*' && + strncmp(username,cur->after_colon,user_len_p1 - 1) != 0) + continue; + r = pam_start("httpd", username, &conv_info, &pamh) != PAM_SUCCESS -+ || pam_authenticate(pamh, PAM_DISALLOW_NULL_AUTHTOK) != PAM_SUCCESS -+ || pam_acct_mgmt(pamh, PAM_DISALLOW_NULL_AUTHTOK) != PAM_SUCCESS; -+ pam_end(pamh, PAM_SUCCESS); ++ if (r == 0) { ++ r = pam_authenticate(pamh, PAM_DISALLOW_NULL_AUTHTOK) != PAM_SUCCESS ++ || pam_acct_mgmt(pamh, PAM_DISALLOW_NULL_AUTHTOK) != PAM_SUCCESS; ++ pam_end(pamh, PAM_SUCCESS); ++ } + goto end_check_passwd; +#else + struct passwd *pw = getpwnam(username);