httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Hartill <hart...@ooo.lanl.gov>
Subject Re: bug: mod_auth.c mistreats data after password (fwd)
Date Tue, 30 Jan 1996 20:47:44 GMT
 
> Acked.  I thought that the .htpasswd file only took 2 fields.
> Since when has there ever been other stuff?  Shout if you want me
> to me to rerol this patch and upload it.

the thing he's copying from mod_auth_db.c is probably the group
info modification. mod_auth_db.c allows the database value to be 
an crypted password followed by optional multiple group name(s).

Are their any side effects i.e. can a mod_auth.c password contain a ":" ?

> > Unlike mod_auth_dbm.c, mod_auth.c mistreats data after password.
> >   me:H9y4/kmFYiMj2
> > will work, but:
> >   me:H9y4/kmFYiMj2:other stuff
> > doesn't.
> > I simply copied three lines from mod_auth_dbm.c to fix this bug.
> > A patchfile is at the end of this message.
> > Thanx for providing Apache, bye,

Mime
View raw message