From: Rainer Jung <rjung@apache.org>
Date: Thu, 15 Mar 2018 22:53:42 +0000 (+0000)
Subject: Merge 1812756 from trunk:
X-Git-Tag: 2.4.33~29
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3458fc6c09ba3c1bb23d6e39fc67900d187c12ed;p=apache

Merge 1812756 from trunk:

htpasswd: Don't fail in -v mode if password file is unwritable.
PR 61631.

Submitted by: rjung
Reviewed by: rjung, ylavic, covener


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1826887 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/CHANGES b/CHANGES
index 51bc9948bc..020215dd23 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,6 +1,9 @@
                                                          -*- coding: utf-8 -*-
 Changes with Apache 2.4.33
 
+  *) htpasswd: Don't fail in -v mode if password file is unwritable.
+     PR 61631.  [Joe Orton]
+
   *) htpasswd: don't point to (unused) stack memory on output
      to make static analysers happy.  PR 60634.
      [Yann Ylavic, reported by shqking and Zhenwei Zou]
diff --git a/STATUS b/STATUS
index dc57864011..67c46203da 100644
--- a/STATUS
+++ b/STATUS
@@ -126,13 +126,6 @@ PATCHES ACCEPTED TO BACKPORT FROM TRUNK:
      2.4.x patch: svn merge -c 1826686 ^/httpd/httpd/trunk .
      +1: jailletc36, ylavic, covener
 
-  *) htpasswd: Don't fail in -v mode if password file is unwritable.
-     PR 61631.
-     This brings 2.4.x htpasswd in sync with trunk.
-     trunk patch: http://svn.apache.org/r1812756
-     2.4.x patch: svn merge -c 1812756 ^/httpd/httpd/trunk .
-     +1: rjung, ylavic, covener
-
   *) htpasswd/htdbm: report the right limit when get_password() overflows.
      This brings 2.4.x passwd_common.c in sync with trunk.
      trunk patch: http://svn.apache.org/r1781516
diff --git a/support/htpasswd.c b/support/htpasswd.c
index 65a0b9c3bb..660a27c792 100644
--- a/support/htpasswd.c
+++ b/support/htpasswd.c
@@ -329,7 +329,7 @@ int main(int argc, const char * const argv[])
      */
     if (!(mask & APHTP_NOFILE)) {
         existing_file = exists(pwfilename, pool);
-        if (existing_file) {
+        if (existing_file && (mask & APHTP_VERIFY) == 0) {
             /*
              * Check that this existing file is readable and writable.
              */
@@ -339,6 +339,16 @@ int main(int argc, const char * const argv[])
                 exit(ERR_FILEPERM);
             }
         }
+        else if (existing_file && (mask & APHTP_VERIFY) != 0) {
+            /*
+             * Check that this existing file is readable.
+             */
+            if (!accessible(pool, pwfilename, APR_FOPEN_READ)) {
+                apr_file_printf(errfile, "%s: cannot open file %s for "
+                                "read access" NL, argv[0], pwfilename);
+                exit(ERR_FILEPERM);
+            }
+        }
         else {
             /*
              * Error out if -c was omitted for this non-existant file.