X-Git-Url: http://git.rohieb.name/openwrt.git/blobdiff_plain/b5cb1795de1f0959de1e228bd2e784d1cea921a7..a8060f110a2f805e010b940b5a3f3e712d8ea9f3:/package/busybox/patches/310-passwd_access.patch?ds=sidebyside diff --git a/package/busybox/patches/310-passwd_access.patch b/package/busybox/patches/310-passwd_access.patch index 22e6abcb0..bd0db8ff4 100644 --- a/package/busybox/patches/310-passwd_access.patch +++ b/package/busybox/patches/310-passwd_access.patch @@ -1,19 +1,19 @@ Copyright (C) 2006 OpenWrt.org -Index: busybox-1.4.2/networking/httpd.c +Index: busybox-1.7.2/networking/httpd.c =================================================================== ---- busybox-1.4.2.orig/networking/httpd.c 2007-06-04 13:21:32.190083032 +0200 -+++ busybox-1.4.2/networking/httpd.c 2007-06-04 13:21:34.401746808 +0200 -@@ -1402,12 +1402,26 @@ +--- busybox-1.7.2.orig/networking/httpd.c 2007-10-30 15:34:59.000000000 -0500 ++++ busybox-1.7.2/networking/httpd.c 2007-10-30 15:35:03.000000000 -0500 +@@ -1527,12 +1527,26 @@ if (ENABLE_FEATURE_HTTPD_AUTH_MD5) { char *cipher; char *pp; + char *ppnew = NULL; + struct passwd *pwd = NULL; - if (strncmp(p, request, u-request) != 0) { - /* user uncompared */ + if (strncmp(p, request, u - request) != 0) { + /* user doesn't match */ continue; } pp = strchr(p, ':'); @@ -29,10 +29,10 @@ Index: busybox-1.4.2/networking/httpd.c + strcpy(ppnew + 1, pwd->pw_passwd); + pp = ppnew; + } - if (pp && pp[1] == '$' && pp[2] == '1' && - pp[3] == '$' && pp[4]) { - pp++; -@@ -1417,6 +1431,10 @@ + if (pp && pp[1] == '$' && pp[2] == '1' + && pp[3] == '$' && pp[4] + ) { +@@ -1543,6 +1557,10 @@ /* unauthorized */ continue; }