| 1 |
|
| 2 |
what does this patch do? |
| 3 |
|
| 4 |
--- busybox-1.4.2/networking/httpd.c.orig Wed Jun 6 15:40:06 2007 |
| 5 |
+++ busybox-1.4.2/networking/httpd.c Wed Jun 6 15:41:11 2007 |
| 6 |
@@ -1404,6 +1404,8 @@ static int checkPerm(const char *path, c |
| 7 |
if (ENABLE_FEATURE_HTTPD_AUTH_MD5) { |
| 8 |
char *cipher; |
| 9 |
char *pp; |
| 10 |
+ char *ppnew = NULL; |
| 11 |
+ struct passwd * pwd = NULL; |
| 12 |
|
| 13 |
if (strncmp(p, request, u-request) != 0) { |
| 14 |
/* user uncompared */ |
| 15 |
@@ -1410,6 +1412,18 @@ static int checkPerm(const char *path, c |
| 16 |
continue; |
| 17 |
} |
| 18 |
pp = strchr(p, ':'); |
| 19 |
+ if(pp && pp[1] == '$' && pp[2] == 'p' && |
| 20 |
+ pp[3] == '$' && pp[4] && |
| 21 |
+ (pwd = getpwnam(&pp[4])) != NULL) { |
| 22 |
+ if(pwd->pw_passwd && pwd->pw_passwd[0] == '!') { |
| 23 |
+ prev = NULL; |
| 24 |
+ continue; |
| 25 |
+ } |
| 26 |
+ ppnew = malloc(5 + strlen(pwd->pw_passwd)); |
| 27 |
+ ppnew[0] = ':'; |
| 28 |
+ strcpy(ppnew + 1, pwd->pw_passwd); |
| 29 |
+ pp = ppnew; |
| 30 |
+ } |
| 31 |
if (pp && pp[1] == '$' && pp[2] == '1' && |
| 32 |
pp[3] == '$' && pp[4]) { |
| 33 |
pp++; |
| 34 |
@@ -1418,6 +1432,10 @@ static int checkPerm(const char *path, c |
| 35 |
goto set_remoteuser_var; /* Ok */ |
| 36 |
/* unauthorized */ |
| 37 |
continue; |
| 38 |
+ } |
| 39 |
+ if (ppnew) { |
| 40 |
+ free(ppnew); |
| 41 |
+ ppnew = NULL; |
| 42 |
} |
| 43 |
} |
| 44 |
|
Parent Directory
| 
Revision Log
