httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bri...@apache.org
Subject cvs commit: httpd-2.0/support htpasswd.c
Date Sat, 14 Sep 2002 06:53:40 GMT
brianp      2002/09/13 23:53:40

  Modified:    support  htpasswd.c
  Log:
  cleaned up the file access checking
  
  Revision  Changes    Path
  1.60      +16 -26    httpd-2.0/support/htpasswd.c
  
  Index: htpasswd.c
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/support/htpasswd.c,v
  retrieving revision 1.59
  retrieving revision 1.60
  diff -u -r1.59 -r1.60
  --- htpasswd.c	14 Sep 2002 03:40:11 -0000	1.59
  +++ htpasswd.c	14 Sep 2002 06:53:40 -0000	1.60
  @@ -513,46 +513,36 @@
       }
   #endif
       if (!(mask & APHTP_NOFILE)) {
  +        int file_exists = exists(pwfilename, pool);
           /*
            * Only do the file checks if we're supposed to frob it.
            *
            * Verify that the file exists if -c was omitted.  We give a special
            * message if it doesn't.
            */
  -        if (!(mask & APHTP_NEWFILE) && !exists(pwfilename, pool)) {
  +        if (!(mask & APHTP_NEWFILE) && !file_exists) {
               apr_file_printf(errfile,
                       "%s: cannot modify file %s; use '-c' to create it\n",
                       argv[0], pwfilename);
               exit(ERR_FILEPERM);
           }
           /*
  -         * Verify that we can read the existing file in the case of an update
  -         * to it (rather than creation of a new one).
  +         * If the file exists, check that it's readable and writable.
  +         * If it doesn't exist, verify that we can create it.
            */
  -        if (!(mask & APHTP_NEWFILE) && !readable(pool, pwfilename)) {
  -            apr_file_printf(errfile, "%s: cannot open file %s for read "
  -                            "access\n", argv[0], pwfilename);
  -            exit(ERR_FILEPERM);
  -        }
  -        /*
  -         * Now check to see if we can preserve an existing file in case
  -         * of password verification errors on a -c operation.
  -         */
  -        if ((mask & APHTP_NEWFILE) && exists(pwfilename, pool)
  -                && !readable(pool, pwfilename)) {
  -            apr_file_printf(errfile, "%s: cannot open file %s for read access\n"
  -                    "%s: existing auth data would be lost on "
  -                    "password mismatch",
  -                    argv[0], pwfilename, argv[0]);
  -            exit(ERR_FILEPERM);
  +        if (file_exists) {
  +            if (!accessible(pool, pwfilename, APR_READ | APR_APPEND)) {
  +                apr_file_printf(errfile, "%s: cannot open file %s for "
  +                                "read/write access\n", argv[0], pwfilename);
  +                exit(ERR_FILEPERM);
  +            }
           }
  -        /*
  -         * Now verify that the file is writable!
  -         */
  -        if (!writable(pool, pwfilename)) {
  -            apr_file_printf(errfile, "%s: cannot open file %s for write "
  -                            "access\n", argv[0], pwfilename);
  -            exit(ERR_FILEPERM);
  +        else {
  +            if (!accessible(pool, pwfilename, APR_CREATE | APR_WRITE)) {
  +                apr_file_printf(errfile, "%s: cannot create file %s\n",
  +                                argv[0], pwfilename);
  +                exit(ERR_FILEPERM);
  +            }
           }
       }
   
  
  
  

Mime
View raw message