diff options
| author | stbuehler <stbuehler@152afb58-edef-0310-8abb-c4023f1b3aa9> | 2013-04-29 13:08:23 +0000 |
|---|---|---|
| committer | stbuehler <stbuehler@152afb58-edef-0310-8abb-c4023f1b3aa9> | 2013-04-29 13:08:23 +0000 |
| commit | a7706a5b4ed44f373dc3edabce23495d50ac0f79 (patch) | |
| tree | 27e2029c30634b5e7a75e7281458ac8e04aeacb8 | |
| parent | b83bbcaed2946ea45edac2ec6c6aea52320e95f4 (diff) | |
| download | lighttpd-a7706a5b4ed44f373dc3edabce23495d50ac0f79.tar.gz | |
[mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes #2483)
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2869 152afb58-edef-0310-8abb-c4023f1b3aa9
| -rw-r--r-- | NEWS | 1 | ||||
| -rw-r--r-- | src/http_auth.c | 55 |
2 files changed, 12 insertions, 44 deletions
@@ -10,6 +10,7 @@ NEWS * [mod_fastcgi,log] support multi line logging (fixes #2252) * call ERR_clear_error only for ssl connections in CON_STATE_ERROR * reject non ASCII characters in HTTP header names + * [mod_auth] use crypt() on encrypted password instead of extracting salt first (fixes #2483) - 1.4.32 - 2012-11-21 * Code cleanup with clang/sparse (fixes #2437, thx kibi) diff --git a/src/http_auth.c b/src/http_auth.c index d7d246bf..451d5d70 100644 --- a/src/http_auth.c +++ b/src/http_auth.c @@ -645,56 +645,23 @@ static int http_auth_basic_password_compare(server *srv, mod_auth_plugin_data *p return (strcmp(sample, password->ptr) == 0) ? 0 : 1; } else { #ifdef HAVE_CRYPT - char salt[32]; - char *crypted; - size_t salt_len = 0; - /* - * htpasswd format - * - * user:crypted password - */ + char *crypted; - /* - * Algorithm Salt - * CRYPT_STD_DES 2-character (Default) - * CRYPT_EXT_DES 9-character - * CRYPT_MD5 12-character beginning with $1$ - * CRYPT_BLOWFISH 16-character beginning with $2$ - */ - - if (password->used < 13 + 1) { - return -1; - } - - if (password->used == 13 + 1) { - /* a simple DES password is 2 + 11 characters */ - salt_len = 2; - } else if (password->ptr[0] == '$' && password->ptr[2] == '$') { - char *dollar = NULL; - - if (NULL == (dollar = strchr(password->ptr + 3, '$'))) { + /* a simple DES password is 2 + 11 characters. everything else should be longer. */ + if (password->used < 13 + 1) { return -1; } - salt_len = dollar - password->ptr; - } - - if (salt_len > sizeof(salt) - 1) { - return -1; - } - - strncpy(salt, password->ptr, salt_len); - - salt[salt_len] = '\0'; - - crypted = crypt(pw, salt); - - if (0 == strcmp(password->ptr, crypted)) { - return 0; - } + if (0 == (crypted = crypt(pw, password->ptr))) { + /* crypt failed. */ + return -1; + } + if (0 == strcmp(password->ptr, crypted)) { + return 0; + } #endif - } + } } else if (p->conf.auth_backend == AUTH_BACKEND_PLAIN) { if (0 == strcmp(password->ptr, pw)) { return 0; |