summaryrefslogtreecommitdiff
path: root/package/busybox/patches/310-passwd_access.patch
diff options
context:
space:
mode:
authorFelix Fietkau <nbd@openwrt.org>2006-10-13 22:51:49 +0200
committerFelix Fietkau <nbd@openwrt.org>2016-03-20 17:29:15 +0100
commit60c1f0f64d23003a19a07d6b9638542130f6641d (patch)
tree8fb2787f4c49baded97cd55e0c371fe1cffce2b6 /package/busybox/patches/310-passwd_access.patch
parentd58a09110ccfa95f06c983fe796806f2e035c9d2 (diff)
parentb3ce218b51746d3a576221ea542facf3a1703ab2 (diff)
downloadmtk-20170518-60c1f0f64d23003a19a07d6b9638542130f6641d.zip
mtk-20170518-60c1f0f64d23003a19a07d6b9638542130f6641d.tar.gz
mtk-20170518-60c1f0f64d23003a19a07d6b9638542130f6641d.tar.bz2
finally move buildroot-ng to trunk
Diffstat (limited to 'package/busybox/patches/310-passwd_access.patch')
-rw-r--r--package/busybox/patches/310-passwd_access.patch44
1 files changed, 44 insertions, 0 deletions
diff --git a/package/busybox/patches/310-passwd_access.patch b/package/busybox/patches/310-passwd_access.patch
new file mode 100644
index 0000000..868abfc
--- /dev/null
+++ b/package/busybox/patches/310-passwd_access.patch
@@ -0,0 +1,44 @@
+
+ Copyright (C) 2006 OpenWrt.org
+
+diff -urN busybox.old/networking/httpd.c busybox.dev/networking/httpd.c
+--- busybox.old/networking/httpd.c 2004-10-08 10:03:29.000000000 +0200
++++ busybox.dev/networking/httpd.c 2006-02-04 01:54:19.688016250 +0100
+@@ -1467,12 +1467,26 @@
+ {
+ char *cipher;
+ char *pp;
++ char *ppnew = NULL;
++ struct passwd *pwd = NULL;
+
+ if(strncmp(p, request, u-request) != 0) {
+ /* user uncompared */
+ continue;
+ }
+ pp = strchr(p, ':');
++ if(pp && pp[1] == '$' && pp[2] == 'p' &&
++ pp[3] == '$' && pp[4] &&
++ (pwd = getpwnam(&pp[4])) != NULL) {
++ if(pwd->pw_passwd && pwd->pw_passwd[0] == '!') {
++ prev = NULL;
++ continue;
++ }
++ ppnew = malloc(5 + strlen(pwd->pw_passwd));
++ ppnew[0] = ':';
++ strcpy(ppnew + 1, pwd->pw_passwd);
++ pp = ppnew;
++ }
+ if(pp && pp[1] == '$' && pp[2] == '1' &&
+ pp[3] == '$' && pp[4]) {
+ pp++;
+@@ -1482,6 +1492,10 @@
+ /* unauthorized */
+ continue;
+ }
++ if (ppnew) {
++ free(ppnew);
++ ppnew = NULL;
++ }
+ }
+ #endif
+ if (strcmp(p, request) == 0) {