httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Terbush <ra...@zyzzyva.com>
Subject Re: tightening email on anonymous loging
Date Tue, 18 Mar 1997 22:35:02 GMT

+1

> 
> Tom Dawes-Gamble <tmdg@avnet.co.uk> correctly reported that
> the anonymous login module is too slack when it comes to
> checking that the password looks like an email address; the
> manual says that it has have a @ and a '.' somewhere, whereas
> in fact either would do. 
> 
> Here is a massive patch to fix that.
> 
> Dw.
> 
> *** mod_auth_anon.c	Wed Jan  1 21:00:18 1997
> --- a	Tue Mar 18 10:45:58 1997
> ***************
> *** 234,241 ****
>   	( (!sec->auth_anon_mustemail) || strlen(send_pw)  ) &&
>   	/* does the password look like an email address ? */
>   	( (!sec->auth_anon_verifyemail) || 
> ! 	     (strpbrk("@",send_pw) != NULL) || 
> ! 	     (strpbrk(".",send_pw) != NULL) 
>   	  ) 
>   	) {
>         if (sec->auth_anon_logemail) {
> --- 234,242 ----
>   	( (!sec->auth_anon_mustemail) || strlen(send_pw)  ) &&
>   	/* does the password look like an email address ? */
>   	( (!sec->auth_anon_verifyemail) || 
> ! 	     ((strpbrk("@",send_pw) != NULL) 
> ! 	      &&
> ! 	      (strpbrk(".",send_pw) != NULL))
>   	  ) 
>   	) {
>         if (sec->auth_anon_logemail) {
> 




Mime
View raw message