You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by jo...@apache.org on 2017/10/20 15:40:37 UTC

svn commit: r1812756 - in /httpd/httpd/trunk: CHANGES support/htpasswd.c

Author: jorton
Date: Fri Oct 20 15:40:37 2017
New Revision: 1812756

URL: http://svn.apache.org/viewvc?rev=1812756&view=rev
Log:
* support/htpasswd.c (main): Only check for readability if running in
  verify (-v) mode.

PR: 61631

Modified:
    httpd/httpd/trunk/CHANGES
    httpd/httpd/trunk/support/htpasswd.c

Modified: httpd/httpd/trunk/CHANGES
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/CHANGES?rev=1812756&r1=1812755&r2=1812756&view=diff
==============================================================================
--- httpd/httpd/trunk/CHANGES [utf-8] (original)
+++ httpd/httpd/trunk/CHANGES [utf-8] Fri Oct 20 15:40:37 2017
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.5.0
 
+  *) htpasswd: Don't fail in -v mode if password file is unwritable.
+     PR 61631.  [Joe Orton]
+
   *) core: A signal received while stopping could have crashed the main
      process.  PR 61558.  [Yann Ylavic]
 

Modified: httpd/httpd/trunk/support/htpasswd.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/support/htpasswd.c?rev=1812756&r1=1812755&r2=1812756&view=diff
==============================================================================
--- httpd/httpd/trunk/support/htpasswd.c (original)
+++ httpd/httpd/trunk/support/htpasswd.c Fri Oct 20 15:40:37 2017
@@ -329,7 +329,7 @@ int main(int argc, const char * const ar
      */
     if (!(mask & APHTP_NOFILE)) {
         existing_file = exists(pwfilename, pool);
-        if (existing_file) {
+        if (existing_file && (mask & APHTP_VERIFY) == 0) {
             /*
              * Check that this existing file is readable and writable.
              */
@@ -339,6 +339,16 @@ int main(int argc, const char * const ar
                 exit(ERR_FILEPERM);
             }
         }
+        else if (existing_file && (mask & APHTP_VERIFY) != 0) {
+            /*
+             * Check that this existing file is readable.
+             */
+            if (!accessible(pool, pwfilename, APR_FOPEN_READ)) {
+                apr_file_printf(errfile, "%s: cannot open file %s for "
+                                "read access" NL, argv[0], pwfilename);
+                exit(ERR_FILEPERM);
+            }
+        }
         else {
             /*
              * Error out if -c was omitted for this non-existant file.