projects / openwrt / staging / mkresin.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
update busybox to v1.3.1, i was too lazy to update patch 320, feel free to do so
[openwrt/staging/mkresin.git] / package / busybox / patches / 310-passwd_access.patch
1
2 Copyright (C) 2006 OpenWrt.org
3
4 diff -ruN busybox-1.3.1-old/networking/httpd.c busybox-1.3.1/networking/httpd.c
5 --- busybox-1.3.1-old/networking/httpd.c 2006-12-28 18:17:23.000000000 +0100
6 +++ busybox-1.3.1/networking/httpd.c 2006-12-28 19:56:34.000000000 +0100
7 @@ -1381,12 +1381,26 @@
8 if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
9 char *cipher;
10 char *pp;
11 + char *ppnew = NULL;
12 + struct passwd *pwd = NULL;
13
14 if (strncmp(p, request, u-request) != 0) {
15 /* user uncompared */
16 continue;
17 }
18 pp = strchr(p, ':');
19 + if(pp && pp[1] == '$' && pp[2] == 'p' &&
20 + pp[3] == '$' && pp[4] &&
21 + (pwd = getpwnam(&pp[4])) != NULL) {
22 + if(pwd->pw_passwd && pwd->pw_passwd[0] == '!') {
23 + prev = NULL;
24 + continue;
25 + }
26 + ppnew = xrealloc(ppnew, 5 + strlen(pwd->pw_passwd));
27 + ppnew[0] = ':';
28 + strcpy(ppnew + 1, pwd->pw_passwd);
29 + pp = ppnew;
30 + }
31 if (pp && pp[1] == '$' && pp[2] == '1' &&
32 pp[3] == '$' && pp[4]) {
33 pp++;
34 @@ -1396,6 +1410,10 @@
35 /* unauthorized */
36 continue;
37 }
38 + if (ppnew) {
39 + free(ppnew);
40 + ppnew = NULL;
41 + }
42 }
43
44 if (strcmp(p, request) == 0) {
Staging tree of Mathias Kresin