From c92496720d21ea7888187a8ae305c392d4fe824a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Stefan=20B=C3=BChler?= Date: Thu, 12 Feb 2015 06:39:39 +0000 Subject: [PATCH 26/29] [mod_auth] use crypt_r instead of crypt if available MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit From: Stefan Bühler git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2986 152afb58-edef-0310-8abb-c4023f1b3aa9 --- NEWS | 1 + configure.ac | 22 +++++++++++++++------- src/CMakeLists.txt | 12 +++++++++--- src/config.h.cmake | 3 ++- src/http_auth.c | 10 +++++++++- 5 files changed, 36 insertions(+), 12 deletions(-) diff --git a/NEWS b/NEWS index ddb370d..59fd4f6 100644 --- a/NEWS +++ b/NEWS @@ -16,6 +16,7 @@ NEWS * [connections] fix bug in connection state handling * print backtrace in assert logging with libunwind * major refactoring of internal buffer/chunk handling + * [mod_auth] use crypt_r instead of crypt if available - 1.4.35 - 2014-03-12 * [network/ssl] fix build error if TLSEXT is disabled diff --git a/configure.ac b/configure.ac index c846d1a..16e66d6 100644 --- a/configure.ac +++ b/configure.ac @@ -528,19 +528,27 @@ if test "$WITH_LUA" != "no"; then AC_SUBST(LUA_LIBS) fi +dnl search for crypt_r and (fallback) for crypt save_LIBS=$LIBS -AC_SEARCH_LIBS(crypt,crypt,[ +LIBS= +AC_SEARCH_LIBS([crypt_r],[crypt],[ + AC_DEFINE([HAVE_CRYPT_R], [1], [crypt_r]) AC_CHECK_HEADERS([crypt.h],[ - AC_DEFINE([HAVE_CRYPT_H], [1]) + AC_DEFINE([HAVE_CRYPT_H], [1], [crypt.h]) ]) - AC_DEFINE([HAVE_LIBCRYPT], [1], [libcrypt]) - if test "$ac_cv_search_crypt" != no; then - test "$ac_cv_search_crypt" = "none required" || CRYPT_LIB="$ac_cv_search_crypt" - fi + CRYPT_LIB=$LIBS +],[ + AC_SEARCH_LIBS([crypt],[crypt],[ + AC_CHECK_HEADERS([crypt.h],[ + AC_DEFINE([HAVE_CRYPT_H], [1], [crypt.h]) + ]) + + CRYPT_LIB=$LIBS + ]) ]) LIBS=$save_LIBS -AC_SUBST(CRYPT_LIB) +AC_SUBST([CRYPT_LIB]) save_LIBS=$LIBS AC_SEARCH_LIBS(sendfilev,sendfile,[ diff --git a/src/http_auth.c b/src/http_auth.c index a98ea62..dacf70a 100644 --- a/src/http_auth.c +++ b/src/http_auth.c @@ -669,15 +669,23 @@ static int http_auth_basic_password_compare(server *srv, mod_auth_plugin_data *p return (strcmp(sample, password->ptr) == 0) ? 0 : 1; #endif } else { -#ifdef HAVE_CRYPT +#if defined(HAVE_CRYPT_R) || defined(HAVE_CRYPT) char *crypted; +#if defined(HAVE_CRYPT_R) + struct crypt_data crypt_tmp_data; + crypt_tmp_data.initialized = 0; +#endif /* a simple DES password is 2 + 11 characters. everything else should be longer. */ if (buffer_string_length(password) < 13) { return -1; } +#if defined(HAVE_CRYPT_R) + if (0 == (crypted = crypt_r(pw, password->ptr, &crypt_tmp_data))) { +#else if (0 == (crypted = crypt(pw, password->ptr))) { +#endif /* crypt failed. */ return -1; } -- 2.4.5