wok-undigest rev 545
busybox/httpd: fix shadow password (again)
author | Pascal Bellard <pascal.bellard@slitaz.org> |
---|---|
date | Sun Nov 06 10:22:45 2011 +0100 (2011-11-06) |
parents | 5545842dea8c |
children | fb505ef6dddb |
files | busybox/stuff/busybox-1.19-httpd.u |
line diff
1.1 --- a/busybox/stuff/busybox-1.19-httpd.u Sun Nov 06 09:41:04 2011 +0100 1.2 +++ b/busybox/stuff/busybox-1.19-httpd.u Sun Nov 06 10:22:45 2011 +0100 1.3 @@ -96,6 +96,11 @@ 1.4 1.5 if (ENABLE_FEATURE_HTTPD_AUTH_MD5) { 1.6 - char *md5_passwd; 1.7 ++#if ENABLE_FEATURE_SHADOWPASSWDS && !ENABLE_PAM 1.8 ++ /* Using _r function to avoid pulling in static buffers */ 1.9 ++ struct spwd spw; 1.10 ++ char buffer[256]; 1.11 ++#endif 1.12 + const char *unencrypted = strchr(user_and_passwd, ':') + 1; 1.13 + const char *passwd = strchr(cur->after_colon, ':'); 1.14 + int user_len_p1 = unencrypted - user_and_passwd; 1.15 @@ -108,13 +113,13 @@ 1.16 + struct pam_userinfo userinfo; 1.17 + struct pam_conv conv_info = {&pam_talker, (void *) &userinfo}; 1.18 + pam_handle_t *pamh; 1.19 -+ 1.20 -+ userinfo.name = username; 1.21 -+ userinfo.pw = unencrypted; 1.22 1.23 - md5_passwd = strchr(cur->after_colon, ':'); 1.24 - if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1' 1.25 - && md5_passwd[3] == '$' && md5_passwd[4] 1.26 ++ userinfo.name = username; 1.27 ++ userinfo.pw = unencrypted; 1.28 ++ 1.29 + if (cur->after_colon[0] != '*' && 1.30 + strncmp(username,cur->after_colon,user_len_p1 - 1) != 0) 1.31 + continue; 1.32 @@ -124,11 +129,6 @@ 1.33 + pam_end(pamh, PAM_SUCCESS); 1.34 + goto end_check_passwd; 1.35 +#else 1.36 -+#if ENABLE_FEATURE_SHADOWPASSWDS 1.37 -+ /* Using _r function to avoid pulling in static buffers */ 1.38 -+ struct spwd spw; 1.39 -+ char buffer[256]; 1.40 -+#endif 1.41 + struct passwd *pw = getpwnam(username); 1.42 + if (!pw || !pw->pw_passwd) 1.43 + continue;