X-Git-Url: http://git.rohieb.name/openwrt.git/blobdiff_plain/4f17fe653b4bf22aa059b5f5fa5678ceebc18a67..addc1928bde31342dc4e244d519036372bc5b4ff:/package/busybox/patches/310-passwd_access.patch diff --git a/package/busybox/patches/310-passwd_access.patch b/package/busybox/patches/310-passwd_access.patch index b6a06cfd7..bd0db8ff4 100644 --- a/package/busybox/patches/310-passwd_access.patch +++ b/package/busybox/patches/310-passwd_access.patch @@ -1,18 +1,19 @@ Copyright (C) 2006 OpenWrt.org -diff -ruN busybox-1.3.1-old/networking/httpd.c busybox-1.3.1/networking/httpd.c ---- busybox-1.3.1-old/networking/httpd.c 2006-12-28 18:17:23.000000000 +0100 -+++ busybox-1.3.1/networking/httpd.c 2006-12-28 19:56:34.000000000 +0100 -@@ -1381,12 +1381,26 @@ +Index: busybox-1.7.2/networking/httpd.c +=================================================================== +--- busybox-1.7.2.orig/networking/httpd.c 2007-10-30 15:34:59.000000000 -0500 ++++ busybox-1.7.2/networking/httpd.c 2007-10-30 15:35:03.000000000 -0500 +@@ -1527,12 +1527,26 @@ if (ENABLE_FEATURE_HTTPD_AUTH_MD5) { char *cipher; char *pp; + char *ppnew = NULL; + struct passwd *pwd = NULL; - if (strncmp(p, request, u-request) != 0) { - /* user uncompared */ + if (strncmp(p, request, u - request) != 0) { + /* user doesn't match */ continue; } pp = strchr(p, ':'); @@ -28,10 +29,10 @@ diff -ruN busybox-1.3.1-old/networking/httpd.c busybox-1.3.1/networking/httpd.c + strcpy(ppnew + 1, pwd->pw_passwd); + pp = ppnew; + } - if (pp && pp[1] == '$' && pp[2] == '1' && - pp[3] == '$' && pp[4]) { - pp++; -@@ -1396,6 +1410,10 @@ + if (pp && pp[1] == '$' && pp[2] == '1' + && pp[3] == '$' && pp[4] + ) { +@@ -1543,6 +1557,10 @@ /* unauthorized */ continue; }