#define range_len (G.range_len )
#else
enum {
- range_start = 0,
+ range_start = -1,
range_end = MAXINT(off_t) - 1,
range_len = MAXINT(off_t),
};
#define INIT_G() do { \
SET_PTR_TO_GLOBALS(xzalloc(sizeof(G))); \
IF_FEATURE_HTTPD_BASIC_AUTH(g_realm = "Web Server Authentication";) \
+ IF_FEATURE_HTTPD_RANGES(range_start = -1;) \
bind_addr_or_port = "80"; \
index_page = index_html; \
file_size = -1; \
/* the line is not recognized */
config_error:
bb_error_msg("config error '%s' in '%s'", buf, filename);
- } /* while (fgets) */
+ } /* while (fgets) */
- fclose(f);
+ fclose(f);
}
#if ENABLE_FEATURE_HTTPD_ENCODE_URL_STR
if (script != url) { /* paranoia */
*script = '\0';
if (chdir(url + 1) != 0) {
- bb_perror_msg("chdir(%s)", url + 1);
+ bb_perror_msg("can't change directory to '%s'", url + 1);
goto error_execing_cgi;
}
// not needed: *script = '/';
if (what == SEND_BODY /* err pages and ranges don't mix */
|| content_gzip /* we are sending compressed page: can't do ranges */ ///why?
) {
- range_start = 0;
+ range_start = -1;
}
range_len = MAXINT(off_t);
- if (range_start) {
- if (!range_end) {
+ if (range_start >= 0) {
+ if (!range_end || range_end > file_size - 1) {
range_end = file_size - 1;
}
if (range_end < range_start
|| lseek(fd, range_start, SEEK_SET) != range_start
) {
lseek(fd, 0, SEEK_SET);
- range_start = 0;
+ range_start = -1;
} else {
range_len = range_end - range_start + 1;
send_headers(HTTP_PARTIAL_CONTENT);
break; /* fall back to read/write loop */
goto fin;
}
- IF_FEATURE_HTTPD_RANGES(range_len -= sz;)
+ IF_FEATURE_HTTPD_RANGES(range_len -= count;)
if (count == 0 || range_len == 0)
log_and_exit();
}
#if ENABLE_FEATURE_HTTPD_BASIC_AUTH
-# if ENABLE_FEATURE_HTTPD_AUTH_MD5 && ENABLE_PAM
+# if ENABLE_PAM
struct pam_userinfo {
const char *name;
const char *pw;
case PAM_PROMPT_ECHO_OFF:
s = userinfo->pw;
break;
- case PAM_ERROR_MSG:
+ case PAM_ERROR_MSG:
case PAM_TEXT_INFO:
s = "";
break;
colon_after_user = strchr(user_and_passwd, ':');
if (!colon_after_user)
goto bad_input;
+
+ /* compare "user:" */
+ if (cur->after_colon[0] != '*'
+ && strncmp(cur->after_colon, user_and_passwd,
+ colon_after_user - user_and_passwd + 1) != 0
+ ) {
+ continue;
+ }
+ /* this cfg entry is '*' or matches username from peer */
+
passwd = strchr(cur->after_colon, ':');
if (!passwd)
goto bad_input;
struct pam_conv conv_info = { &pam_talker, (void *) &userinfo };
pam_handle_t *pamh;
- /* compare "user:" */
- if (cur->after_colon[0] != '*'
- && strncmp(cur->after_colon, user_and_passwd, colon_after_user - user_and_passwd + 1) != 0
- ) {
- continue;
- }
- /* this cfg entry is '*' or matches username from peer */
*colon_after_user = '\0';
userinfo.name = user_and_passwd;
userinfo.pw = colon_after_user + 1;
passwd = result->sp_pwdp;
}
# endif
+ /* In this case, passwd is ALWAYS encrypted:
+ * it came from /etc/passwd or /etc/shadow!
+ */
+ goto check_encrypted;
# endif /* ENABLE_PAM */
}
+ /* Else: passwd is from httpd.conf, it is either plaintext or encrypted */
- /* compare "user:" */
- if (cur->after_colon[0] != '*'
- && strncmp(cur->after_colon, user_and_passwd, colon_after_user - user_and_passwd + 1) != 0
- ) {
- continue;
- }
- /* this cfg entry is '*' or matches username from peer */
-
- /* encrypt pwd from peer and check match with local one */
- {
- char *encrypted = pw_encrypt(
- /* pwd: */ colon_after_user + 1,
+ if (passwd[0] == '$' && isdigit(passwd[1])) {
+ char *encrypted;
+# if !ENABLE_PAM
+ check_encrypted:
+# endif
+ /* encrypt pwd from peer and check match with local one */
+ encrypted = pw_encrypt(
+ /* pwd (from peer): */ colon_after_user + 1,
/* salt: */ passwd,
/* cleanup: */ 0
);
r = strcmp(encrypted, passwd);
free(encrypted);
- goto end_check_passwd;
+ } else {
+ /* local passwd is from httpd.conf and it's plaintext */
+ r = strcmp(colon_after_user + 1, passwd);
}
- bad_input: ;
+ goto end_check_passwd;
}
-
+ bad_input:
/* Comparing plaintext "user:pass" in one go */
r = strcmp(cur->after_colon, user_and_passwd);
end_check_passwd:
s += sizeof("bytes=")-1;
range_start = BB_STRTOOFF(s, &s, 10);
if (s[0] != '-' || range_start < 0) {
- range_start = 0;
+ range_start = -1;
} else if (s[1]) {
range_end = BB_STRTOOFF(s+1, NULL, 10);
if (errno || range_end < range_start)
- range_start = 0;
+ range_start = -1;
}
}
}
projects / oweals / busybox.git / blobdiff