You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2017/10/20 15:40:37 UTC
svn commit: r1812756 - in /httpd/httpd/trunk: CHANGES support/htpasswd.c
Author: jorton
Date: Fri Oct 20 15:40:37 2017
New Revision: 1812756
URL: http://svn.apache.org/viewvc?rev=1812756&view=rev
Log:
* support/htpasswd.c (main): Only check for readability if running in
verify (-v) mode.
PR: 61631
Modified:
httpd/httpd/trunk/CHANGES
httpd/httpd/trunk/support/htpasswd.c
Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1812756&r1=1812755&r2=1812756&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Fri Oct 20 15:40:37 2017
@@ -1,6 +1,9 @@
-*- coding: utf-8 -*-
Changes with Apache 2.5.0
+ *) htpasswd: Don't fail in -v mode if password file is unwritable.
+ PR 61631. [Joe Orton]
+
*) core: A signal received while stopping could have crashed the main
process. PR 61558. [Yann Ylavic]
Modified: httpd/httpd/trunk/support/htpasswd.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/support/htpasswd.c?rev=1812756&r1=1812755&r2=1812756&view=diff
==============================================================================
--- httpd/httpd/trunk/support/htpasswd.c (original)
+++ httpd/httpd/trunk/support/htpasswd.c Fri Oct 20 15:40:37 2017
@@ -329,7 +329,7 @@ int main(int argc, const char * const ar
*/
if (!(mask & APHTP_NOFILE)) {
existing_file = exists(pwfilename, pool);
- if (existing_file) {
+ if (existing_file && (mask & APHTP_VERIFY) == 0) {
/*
* Check that this existing file is readable and writable.
*/
@@ -339,6 +339,16 @@ int main(int argc, const char * const ar
exit(ERR_FILEPERM);
}
}
+ else if (existing_file && (mask & APHTP_VERIFY) != 0) {
+ /*
+ * Check that this existing file is readable.
+ */
+ if (!accessible(pool, pwfilename, APR_FOPEN_READ)) {
+ apr_file_printf(errfile, "%s: cannot open file %s for "
+ "read access" NL, argv[0], pwfilename);
+ exit(ERR_FILEPERM);
+ }
+ }
else {
/*
* Error out if -c was omitted for this non-existant file.