Browse Source

[mod_auth] revert adjustment to auth passwd cache (#3112)

revert b1d1202a which is no longer needed with recent update to
ck_memeq_const_time()

x-ref:
  https://redmine.lighttpd.net/issues/3112
  "mod_auth cache password doesn't match"
Glenn Strauss 1 month ago
parent
commit
151d7045eb
  1. 3
      src/mod_auth.c

3
src/mod_auth.c

@ -63,7 +63,7 @@ http_auth_cache_entry_init (const struct http_auth_require_t * const require, co
*(store pointer to http_auth_require_t, which is persistent
* and will be different for each realm + permissions combo)*/
http_auth_cache_entry * const ae =
malloc(sizeof(http_auth_cache_entry) + ulen + pwlen+1);
malloc(sizeof(http_auth_cache_entry) + ulen + pwlen);
force_assert(ae);
ae->require = require;
ae->ctime = log_monotonic_secs;
@ -74,7 +74,6 @@ http_auth_cache_entry_init (const struct http_auth_require_t * const require, co
ae->pwdigest = ae->username + ulen;
memcpy(ae->username, username, ulen);
memcpy(ae->pwdigest, pw, pwlen);
ae->pwdigest[pwlen] = '\0';
return ae;
}

Loading…
Cancel
Save