Project

General

Profile

Feature #2327

Ignore comments, trailing blanks and empty lines in ht{digest,passwd} files

Added by jmuchemb about 6 years ago. Updated over 1 year ago.

Status:
Fixed
Priority:
Normal
Assignee:
-
Category:
mod_auth
Target version:
Start date:
2011-07-24
Due date:
% Done:

100%

Estimated time:
Missing in 1.5.x:
Yes

Description

I am migrating a server from Apache to Lighttpd, and I have a htpasswd file with comments and empty lines.
I'd like to keep them, so here is a patch for lighttpd 1.4.x

The patch implements this for both htpasswd & htdigest.
Unit test is updated but only check htpasswd.
Although I don't use htdigest, I tested the changes manually.

Associated revisions

Revision b47c393e (diff)
Added by gstrauss over 1 year ago

[mod_auth] skip blank lines and comment lines (fixes #2327)

x-ref:
"Ignore comments and empty lines in ht{digest,passwd} files"
https://redmine.lighttpd.net/issues/2327

History

#1 Updated by jmuchemb about 6 years ago

I just realised that '#' may be a legitimate char in the realm or password fields (at least plain passwords).

So here is a new patch that only ignores empty lines and lines starting with a # (the same way as Apache).
Tested like the previous one.

Title of this feature request should be changed also.

#2 Updated by gstrauss over 1 year ago

  • Target version changed from 1.4.x to 1.4.40

building on https://github.com/lighttpd/lighttpd1.4/pull/57

diff --git a/src/http_auth.c b/src/http_auth.c
index 91299ad..1b62183 100644
--- a/src/http_auth.c
+++ b/src/http_auth.c
@@ -86,6 +86,9 @@ static int http_auth_get_password(server *srv, mod_auth_plugin_data *p, buffer *
                        char *f_pwd, *f_realm;
                        size_t u_len, r_len;

+                       /* skip blank lines and comment lines (beginning '#') */
+                       if (f_user[0] == '#' || f_user[0] == '\n' || f_user[0] == '\0') continue;
+
                        /*
                         * htdigest format
                         *
@@ -153,6 +156,9 @@ static int http_auth_get_password(server *srv, mod_auth_plugin_data *p, buffer *
                        char *f_pwd;
                        size_t u_len;

+                       /* skip blank lines and comment lines (beginning '#') */
+                       if (f_user[0] == '#' || f_user[0] == '\n' || f_user[0] == '\0') continue;
+
                        /*
                         * htpasswd format
                         *
diff --git a/tests/lighttpd.htpasswd b/tests/lighttpd.htpasswd
index edd7509..87338c1 100644
--- a/tests/lighttpd.htpasswd
+++ b/tests/lighttpd.htpasswd
@@ -1,4 +1,6 @@
+# some comment
 des:12tMnfw882VDQ
+
 md5:$1$md5$kIa7Juuiv8zja0ILQPR36/
 sha:{SHA}2PRZAyDhNDqRW2OUFwZQqPNdaSY=
 apr-md5:$apr1$w2kLqmDN$uMe8ZCfMRT81wf43Y1hny0

#3 Updated by gstrauss over 1 year ago

  • Status changed from Patch Pending to Fixed
  • % Done changed from 0 to 100

Also available in: Atom