>Number: 3362
>Category: mod_auth-any
>Synopsis: Password File is not parsed correctly
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: apache
>State: open
>Class: sw-bug
>Submitter-Id: apache
>Arrival-Date: Sat Nov 7 17:10:00 PST 1998
>Last-Modified:
>Originator: [EMAIL PROTECTED]
>Organization:
apache
>Release: 1.2.6 and prior (and above?)
>Environment:
BSD/OS gapdev.com 3.1 BSDI BSD/OS 3.1 Virtual Kernel #12: Fri Jun 19 14:32:14
MDT 1998
gcc version 2.7.2.1
>Description:
Password Files that are not in the format of:
userid:password
are not parsed correctly.
This:
userid:password:7100:100:Staranet Admin:/:ftp;mail
returns a password of:
password:7100:100:Staranet Admin:/:ftp;mail
Anything after the first ":" is considered to be the Password.
>How-To-Repeat:
Use your /etc/passwd file for authentication or any password file that contains
extra information after the password field.
>Fix:
authenticate_basic_user() function in mod_auth.c:
Just before:
/* anyone know where the prototype for crypt is? */
if (strcmp(real_pw,(char *)crypt(sent_pw,real_pw)))
Add:
{
char *real_pwptr = real_pw;
while (*real_pwptr)
{
if (*real_pwptr == ':')
{
*real_pwptr = 0;
break;
}
++real_pwptr;
}
}
>Audit-Trail:
>Unformatted:
[In order for any reply to be added to the PR database, ]
[you need to include <[EMAIL PROTECTED]> in the Cc line ]
[and leave the subject line UNCHANGED. This is not done]
[automatically because of the potential for mail loops. ]
[If you do not include this Cc, your reply may be ig- ]
[nored unless you are responding to an explicit request ]
[from a developer. ]
[Reply only with text; DO NOT SEND ATTACHMENTS! ]
