diff options
Diffstat (limited to 'httpd-2.4.2-r1346905.patch')
-rw-r--r-- | httpd-2.4.2-r1346905.patch | 65 |
1 files changed, 0 insertions, 65 deletions
diff --git a/httpd-2.4.2-r1346905.patch b/httpd-2.4.2-r1346905.patch deleted file mode 100644 index e94558e..0000000 --- a/httpd-2.4.2-r1346905.patch +++ /dev/null @@ -1,65 +0,0 @@ -# ./pullrev.sh 1346905 - -https://bugzilla.redhat.com/show_bug.cgi?id=818684 - -http://svn.apache.org/viewvc?view=revision&revision=1346905 - ---- httpd-2.4.2/support/htdbm.c -+++ httpd-2.4.2/support/htdbm.c -@@ -288,6 +288,9 @@ - { - char cpw[MAX_STRING_LEN]; - char salt[9]; -+#if (!(defined(WIN32) || defined(NETWARE))) -+ char *cbuf; -+#endif - - switch (htdbm->alg) { - case ALG_APSHA: -@@ -315,7 +318,15 @@ - (void) srand((int) time((time_t *) NULL)); - to64(&salt[0], rand(), 8); - salt[8] = '\0'; -- apr_cpystrn(cpw, crypt(htdbm->userpass, salt), sizeof(cpw) - 1); -+ cbuf = crypt(htdbm->userpass, salt); -+ if (cbuf == NULL) { -+ char errbuf[128]; -+ -+ fprintf(stderr, "crypt() failed: %s\n", -+ apr_strerror(errno, errbuf, sizeof errbuf)); -+ exit(ERR_PWMISMATCH); -+ } -+ apr_cpystrn(cpw, cbuf, sizeof(cpw) - 1); - fprintf(stderr, "CRYPT is now deprecated, use MD5 instead!\n"); - #endif - default: ---- httpd-2.4.2/support/htpasswd.c -+++ httpd-2.4.2/support/htpasswd.c -@@ -174,6 +174,9 @@ - char pwv[MAX_STRING_LEN]; - char salt[9]; - apr_size_t bufsize; -+#if CRYPT_ALGO_SUPPORTED -+ char *cbuf; -+#endif - - if (passwd != NULL) { - pw = passwd; -@@ -226,7 +229,16 @@ - to64(&salt[0], rand(), 8); - salt[8] = '\0'; - -- apr_cpystrn(cpw, crypt(pw, salt), sizeof(cpw) - 1); -+ cbuf = crypt(pw, salt); -+ if (cbuf == NULL) { -+ char errbuf[128]; -+ -+ apr_snprintf(record, rlen-1, "crypt() failed: %s", -+ apr_strerror(errno, errbuf, sizeof errbuf)); -+ return ERR_PWMISMATCH; -+ } -+ -+ apr_cpystrn(cpw, cbuf, sizeof(cpw) - 1); - if (strlen(pw) > 8) { - char *truncpw = strdup(pw); - truncpw[8] = '\0'; |