fix busybox http auth if the root user has an empty password

author Felix Fietkau <nbd@openwrt.org>

Mon, 6 Oct 2008 16:33:14 +0000 (16:33 +0000)

committer Felix Fietkau <nbd@openwrt.org>

Mon, 6 Oct 2008 16:33:14 +0000 (16:33 +0000)
author Felix Fietkau <nbd@openwrt.org>
Mon, 6 Oct 2008 16:33:14 +0000 (16:33 +0000)
committer Felix Fietkau <nbd@openwrt.org>
Mon, 6 Oct 2008 16:33:14 +0000 (16:33 +0000)
diff --git a/package/busybox/patches/310-passwd_access.patch b/package/busybox/patches/310-passwd_access.patch

index 78a43d7782dfd4cb957984379dcfd04a72cd3788..9a1cc95bb3268ce86138d699f4572bc6c86071f0 100644 (file)
--- a/package/busybox/patches/310-passwd_access.patch
+++ b/package/busybox/patches/310-passwd_access.patch
@@ -3,7 +3,7 @@
  
  --- a/networking/httpd.c
  +++ b/networking/httpd.c
-@@ -1697,21 +1697,32 @@
+@@ -1697,21 +1697,32 @@ static int check_user_passwd(const char 
   
                 if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
                         char *md5_passwd;
@@ -17,7 +17,7 @@
  +
  +                              pwd = getpwnam(&md5_passwd[4]);
  +                              if(!pwd->pw_passwd || !pwd->pw_passwd[0] || pwd->pw_passwd[0] == '!')
-+                                      continue;
++                                      return 1;
  +
  +                              md5_passwd = pwd->pw_passwd;
  +                              goto check_md5_pw;
author	Felix Fietkau <nbd@openwrt.org>
	Mon, 6 Oct 2008 16:33:14 +0000 (16:33 +0000)
committer	Felix Fietkau <nbd@openwrt.org>
	Mon, 6 Oct 2008 16:33:14 +0000 (16:33 +0000)