Project

General

Profile

0001-mod_auth-ignore-comments-trailing-blanks-and-empty-l.patch

jmuchemb, 2011-07-24 20:51

View differences:

src/http_auth.c
141 141
	return result;
142 142
}
143 143

  
144
static char *parse_line(char *s, size_t *c) {
145
	char *e, *comment;
146
	size_t len = *c;
147

  
148
	if (NULL != (e = memchr(s, '\n', len)))
149
		len = e++ - s;
150
	/* ignore comments */
151
	if (NULL != (comment = memchr(s, '#', len)))
152
		len = comment - s;
153
	/* ignore trailing blanks */
154
	while (len && isblank(s[len-1]))
155
		len--;
156
	*c = len;
157
	return e;
158
}
159

  
144 160
static int http_auth_get_password(server *srv, mod_auth_plugin_data *p, buffer *username, buffer *realm, buffer *password) {
145 161
	int ret = -1;
146 162

  
......
149 165
	if (p->conf.auth_backend == AUTH_BACKEND_HTDIGEST) {
150 166
		stream f;
151 167
		char * f_line;
168
		size_t line_len;
152 169

  
153 170
		if (buffer_is_empty(p->conf.auth_htdigest_userfile)) return -1;
154 171

  
......
160 177

  
161 178
		f_line = f.start;
162 179

  
163
		while (f_line - f.start != f.size) {
164
			char *f_user, *f_pwd, *e, *f_realm;
165
			size_t u_len, pwd_len, r_len;
180
		while (f_line && (line_len = f.size - (f_line - f.start))) {
181
			char *f_user, *f_pwd, *f_realm;
182
			size_t u_len, r_len;
166 183

  
167 184
			f_user = f_line;
168 185

  
......
172 189
			 * user:realm:md5(user:realm:password)
173 190
			 */
174 191

  
175
			if (NULL == (f_realm = memchr(f_user, ':', f.size - (f_user - f.start) ))) {
192
			f_line = parse_line(f_user, &line_len);
193
			if (!line_len)
194
				continue;
195

  
196
			if (NULL == (f_realm = memchr(f_user, ':', line_len))) {
176 197
				log_error_write(srv, __FILE__, __LINE__, "sbs",
177 198
						"parsed error in", p->conf.auth_htdigest_userfile,
178 199
						"expected 'username:realm:hashed password'");
......
181 202

  
182 203
				return -1;
183 204
			}
205
			u_len = f_realm - f_user;
206
			f_realm++;
184 207

  
185
			if (NULL == (f_pwd = memchr(f_realm + 1, ':', f.size - (f_realm + 1 - f.start)))) {
208
			if (NULL == (f_pwd = memchr(f_realm, ':', line_len - u_len - 1))) {
186 209
				log_error_write(srv, __FILE__, __LINE__, "sbs",
187 210
						"parsed error in", p->conf.auth_plain_userfile,
188 211
						"expected 'username:realm:hashed password'");
......
191 214

  
192 215
				return -1;
193 216
			}
194

  
195
			/* get pointers to the fields */
196
			u_len = f_realm - f_user;
197
			f_realm++;
198 217
			r_len = f_pwd - f_realm;
199 218
			f_pwd++;
200 219

  
201
			if (NULL != (e = memchr(f_pwd, '\n', f.size - (f_pwd - f.start)))) {
202
				pwd_len = e - f_pwd;
203
			} else {
204
				pwd_len = f.size - (f_pwd - f.start);
205
			}
206

  
207 220
			if (username->used - 1 == u_len &&
208 221
			    (realm->used - 1 == r_len) &&
209 222
			    (0 == strncmp(username->ptr, f_user, u_len)) &&
210 223
			    (0 == strncmp(realm->ptr, f_realm, r_len))) {
211 224
				/* found */
212 225

  
213
				buffer_copy_string_len(password, f_pwd, pwd_len);
226
				buffer_copy_string_len(password, f_pwd, line_len - (f_pwd - f_user));
214 227

  
215 228
				ret = 0;
216 229
				break;
217 230
			}
218

  
219
			/* EOL */
220
			if (!e) break;
221

  
222
			f_line = e + 1;
223 231
		}
224 232

  
225 233
		stream_close(&f);
......
228 236
		stream f;
229 237
		char * f_line;
230 238
		buffer *auth_fn;
239
		size_t line_len;
231 240

  
232 241
		auth_fn = (p->conf.auth_backend == AUTH_BACKEND_HTPASSWD) ? p->conf.auth_htpasswd_userfile : p->conf.auth_plain_userfile;
233 242

  
......
242 251

  
243 252
		f_line = f.start;
244 253

  
245
		while (f_line - f.start != f.size) {
246
			char *f_user, *f_pwd, *e;
247
			size_t u_len, pwd_len;
254
		while (f_line && (line_len = f.size - (f_line - f.start))) {
255
			char *f_user, *f_pwd;
256
			size_t u_len;
248 257

  
249 258
			f_user = f_line;
250 259

  
......
254 263
			 * user:crypted passwd
255 264
			 */
256 265

  
257
			if (NULL == (f_pwd = memchr(f_user, ':', f.size - (f_user - f.start) ))) {
266
			f_line = parse_line(f_user, &line_len);
267
			if (!line_len)
268
				continue;
269

  
270
			if (NULL == (f_pwd = memchr(f_user, ':', line_len))) {
258 271
				log_error_write(srv, __FILE__, __LINE__, "sbs",
259 272
						"parsed error in", auth_fn,
260 273
						"expected 'username:hashed password'");
......
268 281
			u_len = f_pwd - f_user;
269 282
			f_pwd++;
270 283

  
271
			if (NULL != (e = memchr(f_pwd, '\n', f.size - (f_pwd - f.start)))) {
272
				pwd_len = e - f_pwd;
273
			} else {
274
				pwd_len = f.size - (f_pwd - f.start);
275
			}
276

  
277 284
			if (username->used - 1 == u_len &&
278 285
			    (0 == strncmp(username->ptr, f_user, u_len))) {
279 286
				/* found */
280 287

  
281
				buffer_copy_string_len(password, f_pwd, pwd_len);
288
				buffer_copy_string_len(password, f_pwd, line_len - (f_pwd - f_user));
282 289

  
283 290
				ret = 0;
284 291
				break;
285 292
			}
286

  
287
			/* EOL */
288
			if (!e) break;
289

  
290
			f_line = e + 1;
291 293
		}
292 294

  
293 295
		stream_close(&f);
tests/lighttpd.htpasswd
1
# some comment
1 2
des:12tMnfw882VDQ
2
md5:$1$md5$kIa7Juuiv8zja0ILQPR36/
3

  
4
md5:$1$md5$kIa7Juuiv8zja0ILQPR36/  # another one
3
-