Project

General

Profile

Download (5.28 KB)

Feature #2327 » 0001-mod_auth-ignore-comments-and-empty-lines-in-ht-diges.patch

jmuchemb, 2011-07-26 13:35

View differences:

src/http_auth.c
if (p->conf.auth_backend == AUTH_BACKEND_HTDIGEST) {
stream f;
char * f_line;
size_t line_len;
if (buffer_is_empty(p->conf.auth_htdigest_userfile)) return -1;
......
f_line = f.start;
while (f_line - f.start != f.size) {
char *f_user, *f_pwd, *e, *f_realm;
size_t u_len, pwd_len, r_len;
while (f_line && (line_len = f.size - (f_line - f.start))) {
char *f_user, *f_pwd, *f_realm;
size_t u_len, r_len;
f_user = f_line;
......
* user:realm:md5(user:realm:password)
*/
if (NULL == (f_realm = memchr(f_user, ':', f.size - (f_user - f.start) ))) {
if ((f_line = memchr(f_user, '\n', line_len)))
line_len = f_line++ - f_user;
/* ignore comments and empty lines */
if (!line_len || f_user[0] == '#')
continue;
if (NULL == (f_realm = memchr(f_user, ':', line_len))) {
log_error_write(srv, __FILE__, __LINE__, "sbs",
"parsed error in", p->conf.auth_htdigest_userfile,
"expected 'username:realm:hashed password'");
......
return -1;
}
u_len = f_realm - f_user;
f_realm++;
if (NULL == (f_pwd = memchr(f_realm + 1, ':', f.size - (f_realm + 1 - f.start)))) {
if (NULL == (f_pwd = memchr(f_realm, ':', line_len - u_len - 1))) {
log_error_write(srv, __FILE__, __LINE__, "sbs",
"parsed error in", p->conf.auth_plain_userfile,
"expected 'username:realm:hashed password'");
......
return -1;
}
/* get pointers to the fields */
u_len = f_realm - f_user;
f_realm++;
r_len = f_pwd - f_realm;
f_pwd++;
if (NULL != (e = memchr(f_pwd, '\n', f.size - (f_pwd - f.start)))) {
pwd_len = e - f_pwd;
} else {
pwd_len = f.size - (f_pwd - f.start);
}
if (username->used - 1 == u_len &&
(realm->used - 1 == r_len) &&
(0 == strncmp(username->ptr, f_user, u_len)) &&
(0 == strncmp(realm->ptr, f_realm, r_len))) {
/* found */
buffer_copy_string_len(password, f_pwd, pwd_len);
buffer_copy_string_len(password, f_pwd, line_len - (f_pwd - f_user));
ret = 0;
break;
}
/* EOL */
if (!e) break;
f_line = e + 1;
}
stream_close(&f);
......
stream f;
char * f_line;
buffer *auth_fn;
size_t line_len;
auth_fn = (p->conf.auth_backend == AUTH_BACKEND_HTPASSWD) ? p->conf.auth_htpasswd_userfile : p->conf.auth_plain_userfile;
......
f_line = f.start;
while (f_line - f.start != f.size) {
char *f_user, *f_pwd, *e;
size_t u_len, pwd_len;
while (f_line && (line_len = f.size - (f_line - f.start))) {
char *f_user, *f_pwd;
size_t u_len;
f_user = f_line;
......
* user:crypted passwd
*/
if (NULL == (f_pwd = memchr(f_user, ':', f.size - (f_user - f.start) ))) {
if ((f_line = memchr(f_user, '\n', line_len)))
line_len = f_line++ - f_user;
/* ignore comments and empty lines */
if (!line_len || f_user[0] == '#')
continue;
if (NULL == (f_pwd = memchr(f_user, ':', line_len))) {
log_error_write(srv, __FILE__, __LINE__, "sbs",
"parsed error in", auth_fn,
"expected 'username:hashed password'");
......
u_len = f_pwd - f_user;
f_pwd++;
if (NULL != (e = memchr(f_pwd, '\n', f.size - (f_pwd - f.start)))) {
pwd_len = e - f_pwd;
} else {
pwd_len = f.size - (f_pwd - f.start);
}
if (username->used - 1 == u_len &&
(0 == strncmp(username->ptr, f_user, u_len))) {
/* found */
buffer_copy_string_len(password, f_pwd, pwd_len);
buffer_copy_string_len(password, f_pwd, line_len - (f_pwd - f_user));
ret = 0;
break;
}
/* EOL */
if (!e) break;
f_line = e + 1;
}
stream_close(&f);
tests/lighttpd.htpasswd
# some comment
des:12tMnfw882VDQ
md5:$1$md5$kIa7Juuiv8zja0ILQPR36/
(2-2/2)