stefan at konink
Oct 6, 2009, 11:12 PM
Post #2 of 3
(267 views)
Permalink
|
|
Re: [Cherokee-commits] [3681] cherokee/trunk/cherokee/validator_htpasswd.c: Adds a missing check.
[In reply to]
|
|
In that case remove all the checks and init the var.
Stefan
Op 7 okt 2009 om 03:44 heeft Alvaro Lopez Ortega <alvaro [at] octality>
het volgende geschreven:\
> Hello there,
>
> I don't think this one is right. There are other validation modules
> that can handle empty passwords. For instance:
>
> http://svn.cherokee-project.com/browser/cherokee/trunk/cherokee/validator_plain.c#L180
>
> Is there some reason why the htpasswd module wouldn't do so?. I'm
> not certain right now, I'd have to find some more time to check it
> out. :-m
>
>
> On Wed, Oct 7, 2009 at 1:56 AM, SVN @ cherokee-project.com <cherokee [at] cherokee-project
> > wrote:
> Revision
> 3681
> Author
> taher
> Date
> 2009-10-06 19:56:41 +0200 (Tue, 06 Oct 2009)
> Log Message
>
> Adds a missing check. Thanks to Stefan de Konink for catching this
> one.
> Modified Paths
>
> cherokee/trunk/cherokee/validator_htpasswd.c
> Diff
>
> Modified: cherokee/trunk/cherokee/validator_htpasswd.c (3680 => 3681)
>
> --- cherokee/trunk/cherokee/validator_htpasswd.c 2009-09-29 16:30:34
> UTC (rev 3680)
> +++ cherokee/trunk/cherokee/validator_htpasswd.c 2009-10-06 17:56:41
> UTC (rev 3681)
> @@ -195,6 +195,9 @@
> char *new_md5_crypt;
> char space[120];
>
> + if (cherokee_buffer_is_empty (&conn->validator->passwd))
> + return ret_error;
> +
> new_md5_crypt = md5_crypt (conn->validator->passwd.buf, crypted,
> magic, space);
> if (new_md5_crypt == NULL)
> return ret_error;
>
> _______________________________________________
> Cherokee-commits mailing list
> Cherokee-commits [at] lists
> http://lists.octality.com/listinfo/cherokee-commits
>
>
>
>
> --
> Greetings, alo
> http://www.alobbs.com/
> _______________________________________________
> Cherokee-dev mailing list
> Cherokee-dev [at] lists
> http://lists.octality.com/listinfo/cherokee-dev
|
