You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by sf...@apache.org on 2009/10/24 20:37:28 UTC
svn commit: r829431 - /httpd/httpd/trunk/support/htpasswd.c
Author: sf
Date: Sat Oct 24 18:37:28 2009
New Revision: 829431
URL: http://svn.apache.org/viewvc?rev=829431&view=rev
Log:
Fix brown-paper-bag bug.
Modified:
httpd/httpd/trunk/support/htpasswd.c
Modified: httpd/httpd/trunk/support/htpasswd.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/support/htpasswd.c?rev=829431&r1=829430&r2=829431&view=diff
==============================================================================
--- httpd/httpd/trunk/support/htpasswd.c (original)
+++ httpd/httpd/trunk/support/htpasswd.c Sat Oct 24 18:37:28 2009
@@ -222,7 +222,7 @@
if (strlen(pw) > 8) {
char *truncpw = strdup(pw);
truncpw[8] = '\0';
- if (!strcmp(cpw, crypt(pw, salt))) {
+ if (!strcmp(cpw, crypt(truncpw, salt))) {
apr_file_printf(errfile, "Warning: Password truncated to 8 characters "
"by CRYPT algorithm." NL);
}