Merge r1346905:

     htdbm/htpasswd: fix handling of crypt() failures.

Reviewed by: jorton, covener, sf

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1356887 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/CHANGES b/CHANGES
index 5ab3041efecdc2a202ec63318a44dc1a8e3b7057..1d1b871754a4ed3ed3be5fa0e5e5bd333733e7a8 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -3,6 +3,9 @@
 
 Changes with Apache 2.4.3
 
+  *) htdbm, htpasswd: Don't crash if crypt() fails (e.g. with FIPS enabled). 
+     [Paul Wouters <pwouters redhat.com>, Joe Orton]
+
   *) core: Use a TLS 1.0 close_notify alert for internal dummy connection if
      the chosen listener is configured for https. [Joe Orton]
 

diff --git a/STATUS b/STATUS
index eb370cf944ec1103d4a39677f1ad5488a0f413f5..03fd5462e5c5891e2bb064fe6429c2d57b189282 100644 (file)
--- a/STATUS
+++ b/STATUS
@@ -88,11 +88,6 @@ RELEASE SHOWSTOPPERS:
 PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
   [ start all new proposals below, under PATCHES PROPOSED. ]
 
-  * htdbm/htpasswd: fix handling of crypt() failures.
-    trunk patch: http://svn.apache.org/viewvc?rev=1346905&view=rev
-    2.4.x patch: trunk patch (ex CHANGES) works
-    +1: jorton, covener, sf
-
   * mod_negotiation: CVE-2012-2687 XSS in mod_negotiation
     trunk patch: http://svn.apache.org/viewvc?view=revision&revision=1349905
     2.4.x patch: trunk works

diff --git a/support/htdbm.c b/support/htdbm.c
index f9a02bd49cd323bf9dda642cd1b5410ae5c52ebf..4898ed8c187fa48ea6fb93a2941a2a1dd80ce872 100644 (file)
--- a/support/htdbm.c
+++ b/support/htdbm.c
@@ -288,6 +288,9 @@ static apr_status_t htdbm_make(htdbm_t *htdbm)
 {
     char cpw[MAX_STRING_LEN];
     char salt[9];
+#if (!(defined(WIN32) || defined(NETWARE)))
+    char *cbuf;
+#endif
 
     switch (htdbm->alg) {
         case ALG_APSHA:
@@ -315,7 +318,15 @@ static apr_status_t htdbm_make(htdbm_t *htdbm)
             (void) srand((int) time((time_t *) NULL));
             to64(&salt[0], rand(), 8);
             salt[8] = '\0';
-            apr_cpystrn(cpw, crypt(htdbm->userpass, salt), sizeof(cpw) - 1);
+            cbuf = crypt(htdbm->userpass, salt);
+            if (cbuf == NULL) {
+                char errbuf[128];
+                
+                fprintf(stderr, "crypt() failed: %s\n", 
+                        apr_strerror(errno, errbuf, sizeof errbuf));
+                exit(ERR_PWMISMATCH);
+            }
+            apr_cpystrn(cpw, cbuf, sizeof(cpw) - 1);
             fprintf(stderr, "CRYPT is now deprecated, use MD5 instead!\n");
 #endif
         default:

diff --git a/support/htpasswd.c b/support/htpasswd.c
index f67076fffc622b3c78a5a3a2286be8bef79c1ed2..16e55a0630b1d5881bd9706eda99093884390a6a 100644 (file)
--- a/support/htpasswd.c
+++ b/support/htpasswd.c
@@ -174,6 +174,9 @@ static int mkrecord(char *user, char *record, apr_size_t rlen, char *passwd,
     char pwv[MAX_STRING_LEN];
     char salt[9];
     apr_size_t bufsize;
+#if CRYPT_ALGO_SUPPORTED
+    char *cbuf;
+#endif
 
     if (passwd != NULL) {
         pw = passwd;
@@ -226,7 +229,16 @@ static int mkrecord(char *user, char *record, apr_size_t rlen, char *passwd,
         to64(&salt[0], rand(), 8);
         salt[8] = '\0';
 
-        apr_cpystrn(cpw, crypt(pw, salt), sizeof(cpw) - 1);
+        cbuf = crypt(pw, salt);
+        if (cbuf == NULL) {
+            char errbuf[128];
+
+            apr_snprintf(record, rlen-1, "crypt() failed: %s", 
+                         apr_strerror(errno, errbuf, sizeof errbuf));
+            return ERR_PWMISMATCH;
+        }
+
+        apr_cpystrn(cpw, cbuf, sizeof(cpw) - 1);
         if (strlen(pw) > 8) {
             char *truncpw = strdup(pw);
             truncpw[8] = '\0';