fix busybox http auth if the root user has an empty password

[openwrt/svn-archive/archive.git] / package / busybox / patches / 310-passwd_access.patch

diff --git a/package/busybox/patches/310-passwd_access.patch b/package/busybox/patches/310-passwd_access.patch
index 868abfcd069d5bf8e0ad76b4792e35489863ee24..9a1cc95bb3268ce86138d699f4572bc6c86071f0 100644 (file)
--- a/package/busybox/patches/310-passwd_access.patch
+++ b/package/busybox/patches/310-passwd_access.patch
@@ -1,44 +1,41 @@
 
        Copyright (C) 2006 OpenWrt.org
 
-diff -urN busybox.old/networking/httpd.c busybox.dev/networking/httpd.c
---- busybox.old/networking/httpd.c     2004-10-08 10:03:29.000000000 +0200
-+++ busybox.dev/networking/httpd.c     2006-02-04 01:54:19.688016250 +0100
-@@ -1467,12 +1467,26 @@
-               {
-                       char *cipher;
-                       char *pp;
-+                      char *ppnew = NULL;
-+                      struct passwd *pwd = NULL;
+--- a/networking/httpd.c
++++ b/networking/httpd.c
+@@ -1697,21 +1697,32 @@ static int check_user_passwd(const char 
  
-                       if(strncmp(p, request, u-request) != 0) {
-                               /* user uncompared */
-                               continue;
-                       }
-                       pp = strchr(p, ':');
-+                      if(pp && pp[1] == '$' && pp[2] == 'p' &&
-+                                               pp[3] == '$' && pp[4] &&
-+                                               (pwd = getpwnam(&pp[4])) != NULL) {
-+                              if(pwd->pw_passwd && pwd->pw_passwd[0] == '!') {
-+                                      prev = NULL;
-+                                      continue;
-+                              }
-+                              ppnew = malloc(5 + strlen(pwd->pw_passwd));
-+                              ppnew[0] = ':';
-+                              strcpy(ppnew + 1, pwd->pw_passwd);
-+                              pp = ppnew;
-+                      }
-                       if(pp && pp[1] == '$' && pp[2] == '1' &&
-                                                pp[3] == '$' && pp[4]) {
-                               pp++;
-@@ -1482,6 +1492,10 @@
-                               /* unauthorized */
-                               continue;
-                       }
-+                      if (ppnew) {
-+                              free(ppnew);
-+                              ppnew = NULL;
-+                      }
-               }
- #endif
-               if (strcmp(p, request) == 0) {
+               if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
+                       char *md5_passwd;
++                      int user_len_p1;
+ 
+                       md5_passwd = strchr(cur->after_colon, ':');
+-                      if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1'
++                      user_len_p1 = md5_passwd + 1 - cur->after_colon;
++                      if (md5_passwd && !strncmp(md5_passwd + 1, "$p$", 3)) {
++                              struct passwd *pwd = NULL;
++
++                              pwd = getpwnam(&md5_passwd[4]);
++                              if(!pwd->pw_passwd || !pwd->pw_passwd[0] || pwd->pw_passwd[0] == '!')
++                                      return 1;
++
++                              md5_passwd = pwd->pw_passwd;
++                              goto check_md5_pw;
++                      } else if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1'
+                        && md5_passwd[3] == '$' && md5_passwd[4]
+                       ) {
+                               char *encrypted;
+-                              int r, user_len_p1;
++                              int r;
+ 
+                               md5_passwd++;
+-                              user_len_p1 = md5_passwd - cur->after_colon;
+                               /* comparing "user:" */
+                               if (strncmp(cur->after_colon, user_and_passwd, user_len_p1) != 0) {
+                                       continue;
+                               }
+ 
++check_md5_pw:
+                               encrypted = pw_encrypt(
+                                       user_and_passwd + user_len_p1 /* cleartext pwd from user */,
+                                       md5_passwd /*salt */, 1 /* cleanup */);