310-passwd_access.patch

Revision 3294, 1.2 kB (checked in by tg, 5 years ago)
add comments to some of the diffs

busybox-1.4.2/networking/httpd.c

old	new
1404	1404	if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
1405	1405	char *cipher;
1406	1406	char *pp;
	1407	char *ppnew = NULL;
	1408	struct passwd * pwd = NULL;
1407	1409
1408	1410	if (strncmp(p, request, u-request) != 0) {
1409	1411	/* user uncompared */
…	…
1410	1412	continue;
1411	1413	}
1412	1414	pp = strchr(p, ':');
	1415	if(pp && pp[1] == '$' && pp[2] == 'p' &&
	1416	pp[3] == '$' && pp[4] &&
	1417	(pwd = getpwnam(&pp[4])) != NULL) {
	1418	if(pwd->pw_passwd && pwd->pw_passwd[0] == '!') {
	1419	prev = NULL;
	1420	continue;
	1421	}
	1422	ppnew = malloc(5 + strlen(pwd->pw_passwd));
	1423	ppnew[0] = ':';
	1424	strcpy(ppnew + 1, pwd->pw_passwd);
	1425	pp = ppnew;
	1426	}
1413	1427	if (pp && pp[1] == '$' && pp[2] == '1' &&
1414	1428	pp[3] == '$' && pp[4]) {
1415	1429	pp++;
…	…
1418	1432	goto set_remoteuser_var; /* Ok */
1419	1433	/* unauthorized */
1420	1434	continue;
	1435	}
	1436	if (ppnew) {
	1437	free(ppnew);
	1438	ppnew = NULL;
1421	1439	}
1422	1440	}
1423	1441

Note: See TracBrowser for help on using the browser.