wok-undigest rev 547
busybox/httpd: fix pam failure case
| author | Pascal Bellard <pascal.bellard@slitaz.org> |
|---|---|
| date | Sun Nov 06 21:16:59 2011 +0100 (2011-11-06) |
| parents | fb505ef6dddb |
| children | a04db637d5d2 |
| files | busybox/stuff/busybox-1.19-httpd.u |
line diff
1.1 --- a/busybox/stuff/busybox-1.19-httpd.u Sun Nov 06 19:03:48 2011 +0100 1.2 +++ b/busybox/stuff/busybox-1.19-httpd.u Sun Nov 06 21:16:59 2011 +0100 1.3 @@ -91,7 +91,7 @@ 1.4 1.5 dir_prefix = cur->before_colon; 1.6 1.7 -@@ -1771,36 +1833,78 @@ 1.8 +@@ -1771,36 +1833,80 @@ 1.9 prev = dir_prefix; 1.10 1.11 if (ENABLE_FEATURE_HTTPD_AUTH_MD5) { 1.12 @@ -113,20 +113,22 @@ 1.13 + struct pam_userinfo userinfo; 1.14 + struct pam_conv conv_info = {&pam_talker, (void *) &userinfo}; 1.15 + pam_handle_t *pamh; 1.16 ++ 1.17 ++ userinfo.name = username; 1.18 ++ userinfo.pw = unencrypted; 1.19 1.20 - md5_passwd = strchr(cur->after_colon, ':'); 1.21 - if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1' 1.22 - && md5_passwd[3] == '$' && md5_passwd[4] 1.23 -+ userinfo.name = username; 1.24 -+ userinfo.pw = unencrypted; 1.25 -+ 1.26 + if (cur->after_colon[0] != '*' && 1.27 + strncmp(username,cur->after_colon,user_len_p1 - 1) != 0) 1.28 + continue; 1.29 + r = pam_start("httpd", username, &conv_info, &pamh) != PAM_SUCCESS 1.30 -+ || pam_authenticate(pamh, PAM_DISALLOW_NULL_AUTHTOK) != PAM_SUCCESS 1.31 -+ || pam_acct_mgmt(pamh, PAM_DISALLOW_NULL_AUTHTOK) != PAM_SUCCESS; 1.32 -+ pam_end(pamh, PAM_SUCCESS); 1.33 ++ if (r == 0) { 1.34 ++ r = pam_authenticate(pamh, PAM_DISALLOW_NULL_AUTHTOK) != PAM_SUCCESS 1.35 ++ || pam_acct_mgmt(pamh, PAM_DISALLOW_NULL_AUTHTOK) != PAM_SUCCESS; 1.36 ++ pam_end(pamh, PAM_SUCCESS); 1.37 ++ } 1.38 + goto end_check_passwd; 1.39 +#else 1.40 + struct passwd *pw = getpwnam(username);