lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity

[mod_auth] skip blank lines and comment lines (fixes #2327) 

x-ref:
  "Ignore comments and empty lines in ht{digest,passwd} files"
  https://redmine.lighttpd.net/issues/2327
personal/stbuehler/mod-csrf-old
Glenn Strauss 2016-04-25 04:35:02 -04:00
parent 8e3c6bf754
commit b47c393e26
2 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/http_auth.c
View File

@ -86,6 +86,9 @@ static int http_auth_get_password(server *srv, mod_auth_plugin_data *p, buffer *
char *f_pwd, *f_realm;
size_t u_len, r_len;
/* skip blank lines and comment lines (beginning '#') */
if (f_user[0] == '#' || f_user[0] == '\n' || f_user[0] == '\0') continue;
/*
* htdigest format
*
@ -153,6 +156,9 @@ static int http_auth_get_password(server *srv, mod_auth_plugin_data *p, buffer *
char *f_pwd;
size_t u_len;
/* skip blank lines and comment lines (beginning '#') */
if (f_user[0] == '#' || f_user[0] == '\n' || f_user[0] == '\0') continue;
/*
* htpasswd format
*

2
tests/lighttpd.htpasswd
View File

@ -1,4 +1,6 @@
# some comment
des:12tMnfw882VDQ
md5:$1$md5$kIa7Juuiv8zja0ILQPR36/
sha:{SHA}2PRZAyDhNDqRW2OUFwZQqPNdaSY=
apr-md5:$apr1$w2kLqmDN$uMe8ZCfMRT81wf43Y1hny0