httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dirk.vanGulik" <Dirk.vanGu...@jrc.it>
Subject tightening email on anonymous loging
Date Tue, 18 Mar 1997 09:49:56 GMT

Tom Dawes-Gamble <tmdg@avnet.co.uk> correctly reported that
the anonymous login module is too slack when it comes to
checking that the password looks like an email address; the
manual says that it has have a @ and a '.' somewhere, whereas
in fact either would do. 

Here is a massive patch to fix that.

Dw.

*** mod_auth_anon.c	Wed Jan  1 21:00:18 1997
--- a	Tue Mar 18 10:45:58 1997
***************
*** 234,241 ****
  	( (!sec->auth_anon_mustemail) || strlen(send_pw)  ) &&
  	/* does the password look like an email address ? */
  	( (!sec->auth_anon_verifyemail) || 
! 	     (strpbrk("@",send_pw) != NULL) || 
! 	     (strpbrk(".",send_pw) != NULL) 
  	  ) 
  	) {
        if (sec->auth_anon_logemail) {
--- 234,242 ----
  	( (!sec->auth_anon_mustemail) || strlen(send_pw)  ) &&
  	/* does the password look like an email address ? */
  	( (!sec->auth_anon_verifyemail) || 
! 	     ((strpbrk("@",send_pw) != NULL) 
! 	      &&
! 	      (strpbrk(".",send_pw) != NULL))
  	  ) 
  	) {
        if (sec->auth_anon_logemail) {



Mime
View raw message