Fix htdbm password validation for records which included comments.

author Jeff Trawick <trawick@apache.org>

Thu, 23 Jun 2005 20:45:17 +0000 (20:45 +0000)

committer Jeff Trawick <trawick@apache.org>

Thu, 23 Jun 2005 20:45:17 +0000 (20:45 +0000)
author Jeff Trawick <trawick@apache.org>
Thu, 23 Jun 2005 20:45:17 +0000 (20:45 +0000)
committer Jeff Trawick <trawick@apache.org>
Thu, 23 Jun 2005 20:45:17 +0000 (20:45 +0000)
diff --git a/CHANGES b/CHANGES

index c0a1eb2b54a6f5ed7541a3c545acdb86e15397a8..838e5cddaa36001c43ffe07c202fd8b1ca0ffa14 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
  Changes with Apache 2.1.6
    [Remove entries to the current 2.0 section below, when backported]
  
+  *) Fix htdbm password validation for records which included comments.
+     [Eric Covener <covener gmail.com>]
+
    *) SECURITY: 
       proxy HTTP: If a response contains both Transfer-Encoding and a 
       Content-Length, remove the Content-Length and don't reuse the
diff --git a/support/htdbm.c b/support/htdbm.c

index 2f32bcee44fcdf4419691eba00d5b7579dcac755..9af6dad063e0b73e30d91cc90af6d4a0d267fdae 100644 (file)
--- a/support/htdbm.c
+++ b/support/htdbm.c
@@ -226,7 +226,7 @@ static apr_status_t htdbm_verify(htdbm_t *htdbm)
      if (apr_dbm_fetch(htdbm->dbm, key, &val) != APR_SUCCESS)
          return APR_ENOENT;
      rec = apr_pstrndup(htdbm->pool, val.dptr, val.dsize);
-    cmnt = strchr(rec, ';');
+    cmnt = strchr(rec, ':');
      if (cmnt)
          strncpy(pwd, rec, cmnt - rec);
      else
author	Jeff Trawick <trawick@apache.org>
	Thu, 23 Jun 2005 20:45:17 +0000 (20:45 +0000)
committer	Jeff Trawick <trawick@apache.org>
	Thu, 23 Jun 2005 20:45:17 +0000 (20:45 +0000)
CHANGES		patch \| blob \| history
support/htdbm.c		patch \| blob \| history