diff options
Diffstat (limited to 'package/busybox/patches/310-passwd_access.patch')
-rw-r--r-- | package/busybox/patches/310-passwd_access.patch | 45 |
1 files changed, 0 insertions, 45 deletions
diff --git a/package/busybox/patches/310-passwd_access.patch b/package/busybox/patches/310-passwd_access.patch index bd0db8f..e69de29 100644 --- a/package/busybox/patches/310-passwd_access.patch +++ b/package/busybox/patches/310-passwd_access.patch @@ -1,45 +0,0 @@ - - Copyright (C) 2006 OpenWrt.org - -Index: busybox-1.7.2/networking/httpd.c -=================================================================== ---- busybox-1.7.2.orig/networking/httpd.c 2007-10-30 15:34:59.000000000 -0500 -+++ busybox-1.7.2/networking/httpd.c 2007-10-30 15:35:03.000000000 -0500 -@@ -1527,12 +1527,26 @@ - if (ENABLE_FEATURE_HTTPD_AUTH_MD5) { - char *cipher; - char *pp; -+ char *ppnew = NULL; -+ struct passwd *pwd = NULL; - - if (strncmp(p, request, u - request) != 0) { - /* user doesn't match */ - continue; - } - pp = strchr(p, ':'); -+ if(pp && pp[1] == '$' && pp[2] == 'p' && -+ pp[3] == '$' && pp[4] && -+ (pwd = getpwnam(&pp[4])) != NULL) { -+ if(pwd->pw_passwd && pwd->pw_passwd[0] == '!') { -+ prev = NULL; -+ continue; -+ } -+ ppnew = xrealloc(ppnew, 5 + strlen(pwd->pw_passwd)); -+ ppnew[0] = ':'; -+ strcpy(ppnew + 1, pwd->pw_passwd); -+ pp = ppnew; -+ } - if (pp && pp[1] == '$' && pp[2] == '1' - && pp[3] == '$' && pp[4] - ) { -@@ -1543,6 +1557,10 @@ - /* unauthorized */ - continue; - } -+ if (ppnew) { -+ free(ppnew); -+ ppnew = NULL; -+ } - } - - if (strcmp(p, request) == 0) { |