package/busybox/patches/310-passwd_access.patch


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
pre { line-height: 125%; margin: 0; }
td.linenos pre { color: #000000; background-color: #f0f0f0; padding: 0 5px 0 5px; }
span.linenos { color: #000000; background-color: #f0f0f0; padding: 0 5px 0 5px; }
td.linenos pre.special { color: #000000; background-color: #ffffc0; padding: 0 5px 0 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding: 0 5px 0 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight { background: #ffffff; }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { co	Copyright (C) 2006 OpenWrt.org

--- a/networking/httpd.c
+++ b/networking/httpd.c
@@ -1772,21 +1772,32 @@ static int check_user_passwd(const char 
 
 		if (ENABLE_FEATURE_HTTPD_AUTH_MD5) {
 			char *md5_passwd;
+			int user_len_p1;
 
 			md5_passwd = strchr(cur->after_colon, ':');
-			if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1'
+			user_len_p1 = md5_passwd + 1 - cur->after_colon;
+			if (md5_passwd && !strncmp(md5_passwd + 1, "$p$", 3)) {
+				struct passwd *pwd = NULL;
+
+				pwd = getpwnam(&md5_passwd[4]);
+				if(!pwd->pw_passwd || !pwd->pw_passwd[0] || pwd->pw_passwd[0] == '!')
+					return 1;
+
+				md5_passwd = pwd->pw_passwd;
+				goto check_md5_pw;
+			} else if (md5_passwd && md5_passwd[1] == '$' && md5_passwd[2] == '1'
 			 && md5_passwd[3] == '$' && md5_passwd[4]
 			) {
 				char *encrypted;
-				int r, user_len_p1;
+				int r;
 
 				md5_passwd++;
-				user_len_p1 = md5_passwd - cur->after_colon;
 				/* comparing "user:" */
 				if (strncmp(cur->after_colon, user_and_passwd, user_len_p1) != 0) {
 					continue;
 				}
 
+check_md5_pw:
 				encrypted = pw_encrypt(
 					user_and_passwd + user_len_p1 /* cleartext pwd from user */,
 					md5_passwd /*salt */, 1 /* cleanup */);