httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject [Bug 54735] htpasswd creates wrong passfile
Date Mon, 10 Jun 2013 18:40:08 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=54735

--- Comment #15 from Dennis Clarke <dclarke@blastwave.org> ---
I applied that patch, did a re-make and sure enough I have a few new files : 

node002$ find . -newer $SRC/2.4-htpass.patch -ls 
2279859   13 drwxr-xr-x  12 dclarke  other          52 Jun 10 17:52 .
2279897    5 drwxr-xr-x   5 dclarke  other         102 Jun 10 17:52 ./support
1139900    1 -rw-r--r--   1 dclarke  other         272 Jun 10 17:52
./support/passwd_common.lo
1139897    1 -rw-r--r--   1 dclarke  other         262 Jun 10 17:52
./support/htpasswd.lo
1139890    9 -rw-r--r--   1 dclarke  other       16495 Jun 10 17:48
./support/htpasswd.c
1139888    5 -rw-r--r--   1 dclarke  other        8147 Jun 10 17:48
./support/htdigest.c
1139905   18 -rw-r--r--   1 dclarke  other       41200 Jun 10 17:52
./support/htdbm.o
1139899   14 -rw-r--r--   1 dclarke  other       28984 Jun 10 17:52
./support/passwd_common.o
1139906    1 -rw-r--r--   1 dclarke  other         256 Jun 10 17:52
./support/htdbm.lo
2283202   28 -rwxr-xr-x   1 dclarke  other       57176 Jun 10 17:52
./support/htpasswd
2283210   29 -rwxr-xr-x   1 dclarke  other       59912 Jun 10 17:52
./support/htdbm
1139889    3 -rw-r--r--   1 dclarke  other        2908 Jun 10 17:48
./support/passwd_common.h
2283206   15 -rwxr-xr-x   1 dclarke  other       30040 Jun 10 17:52
./support/htdigest
1139903    1 -rw-r--r--   1 dclarke  other         262 Jun 10 17:52
./support/htdigest.lo
1139896   17 -rw-r--r--   1 dclarke  other       36864 Jun 10 17:52
./support/htpasswd.o
1139902   13 -rw-r--r--   1 dclarke  other       28056 Jun 10 17:52
./support/htdigest.o
1139886    8 -rw-r--r--   1 dclarke  other       14325 Jun 10 17:48
./support/htdbm.c
1139887    6 -rw-r--r--   1 dclarke  other       10009 Jun 10 17:48
./support/passwd_common.c
node002$ 
node002$ 
node002$ file ./support/htpasswd ./support/htdbm ./support/passwd_common.h
./support/htdigest 
./support/htpasswd: ELF 64-bit MSB executable SPARCV9 Version 1, UltraSPARC3
Extensions Required, dynamically linked, not stripped
./support/htdbm: ELF 64-bit MSB executable SPARCV9 Version 1, UltraSPARC3
Extensions Required, dynamically linked, not stripped
./support/passwd_common.h: ascii text
./support/htdigest: ELF 64-bit MSB executable SPARCV9 Version 1, UltraSPARC3
Extensions Required, dynamically linked, not stripped
node002$

That header file seems to live in the build tree and never needs to be
installed
in the $DESTDIR/include so I will leave that behind. 

I backup the existing buggy bins : 

node002$ cp -p /usr/local/bin/htdbm /usr/local/bin/htdbm_bug54735
node002$ cp -p /usr/local/bin/htdigest /usr/local/bin/htdigest_bug54735
node002$ cp -p /usr/local/bin/htpasswd /usr/local/bin/htpasswd_bug54735

drop in the new bins : 

node002-sparc-SunOS5.10 # cp -p ./support/htpasswd /usr/local/bin/htpasswd
node002-sparc-SunOS5.10 # cp -p ./support/htdbm /usr/local/bin/htdbm
node002-sparc-SunOS5.10 # cp -p ./support/htdigest /usr/local/bin/htdigest


node002-sparc-SunOS5.10 # chown root:root /usr/local/bin/htpasswd
/usr/local/bin/htdbm /usr/local/bin/htdigest

node002-sparc-SunOS5.10 # ls -lap /usr/local/bin/htpasswd /usr/local/bin/htdbm
/usr/local/bin/htdigest
-rwxr-xr-x   1 root     root       59912 Jun 10 17:52 /usr/local/bin/htdbm
-rwxr-xr-x   1 root     root       30040 Jun 10 17:52 /usr/local/bin/htdigest
-rwxr-xr-x   1 root     root       57176 Jun 10 17:52 /usr/local/bin/htpasswd

quick and dirty test : 

node002-sparc-SunOS5.10 # /usr/local/bin/htpasswd /usr/local/www/conf/.htpasswd
bug54735test
New password: 
Re-type new password: 
Adding password for user bug54735test
node002-sparc-SunOS5.10 # grep bug54735test .htpasswd
bug54735test:$apr1$mBhdHE3M$AmZp9nuLI9DC7D.H7OO.51

first test works like a charm : 

node002-sparc-SunOS5.10 # grep bug54735test
/usr/local/www/var/logs/ssl_request_log
xxx.xxx.52.207 - bug54735test [10/Jun/2013:18:10:02 +0000] "GET /foo.php
HTTP/1.1" 200 75883 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:17.0)
Gecko/20130515 Firefox/17.0 Iceweasel/17.0.6"

looks to be a good patch, however I will keep our internal bug report open
until 2.4.5 releases, 
for now I would say that there is no need for a triage or validation phase
because the core 
services have not been touched and thus this is a great little patch. Already
rolled those
bins out to a collection of servers.

I give thanks and praise to those involved and am a very happy user!

Dennis

-- 
You are receiving this mail because:
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message