You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by sf...@apache.org on 2009/10/24 20:37:28 UTC

svn commit: r829431 - /httpd/httpd/trunk/support/htpasswd.c

Author: sf
Date: Sat Oct 24 18:37:28 2009
New Revision: 829431

URL: http://svn.apache.org/viewvc?rev=829431&view=rev
Log:
Fix brown-paper-bag bug.

Modified:
    httpd/httpd/trunk/support/htpasswd.c

Modified: httpd/httpd/trunk/support/htpasswd.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/support/htpasswd.c?rev=829431&r1=829430&r2=829431&view=diff
==============================================================================
--- httpd/httpd/trunk/support/htpasswd.c (original)
+++ httpd/httpd/trunk/support/htpasswd.c Sat Oct 24 18:37:28 2009
@@ -222,7 +222,7 @@
         if (strlen(pw) > 8) {
             char *truncpw = strdup(pw);
             truncpw[8] = '\0';
-            if (!strcmp(cpw, crypt(pw, salt))) {
+            if (!strcmp(cpw, crypt(truncpw, salt))) {
                 apr_file_printf(errfile, "Warning: Password truncated to 8 characters "
                                 "by CRYPT algorithm." NL);
             }