You are viewing a plain text version of this content. The canonical link for it is here.

Posted to apache-bugdb@apache.org by Siegmund Stirnweiss <si...@kat.ina.de> on 1997/04/23 16:30:02 UTC

mod_auth-any/460: Password-Files must at most have two columns

>Number:         460
>Category:       mod_auth-any
>Synopsis:       Password-Files must at most have two columns
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache (Apache HTTP Project)
>State:          open
>Class:          change-request
>Submitter-Id:   apache
>Arrival-Date:   Wed Apr 23 07:30:01 1997
>Originator:     siegst@kat.ina.de
>Organization:
apache
>Release:        1.1.1
>Environment:
Solaris 2.5, Sun-C-Compiler, Version doesn't matter
>Description:
My Apache doesn't like password-files, that have more than two columns
separated by a colon ":". I would like to use the /etc/passwd-file or the
password-file I used for my CERN-httpd (It has three columns.).
>How-To-Repeat:
Use /etc/passwd as AuthUserFile and try to access a protected URL.
>Fix:
Change line 106 in mod_auth.c (that's the return-statement of get_pw()) from:
    return pstrdup (r->pool, rpw);
to:
    return getword(r->pool, &rpw, ':');

mod_auth then works for password-files with two columns as well as with
three and more columns.
%0
>Audit-Trail:
>Unformatted: