lighttpd
/
lighttpd1.4
2
0
Fork 0
Code Issues Releases Wiki Activity

[mod_auth] revert adjustment to auth passwd cache (#3112) 

revert b1d1202a which is no longer needed with recent update to
ck_memeq_const_time()

x-ref:
  https://redmine.lighttpd.net/issues/3112
  "mod_auth cache password doesn't match"
This commit is contained in:
Glenn Strauss 2021-10-18 11:04:42 -04:00
parent 9d05b648ee
commit 97eed364ff
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/mod_auth.c
View File

@ -63,7 +63,7 @@ http_auth_cache_entry_init (const struct http_auth_require_t * const require, co
*(store pointer to http_auth_require_t, which is persistent
* and will be different for each realm + permissions combo)*/
http_auth_cache_entry * const ae =
malloc(sizeof(http_auth_cache_entry) + ulen + pwlen+1);
malloc(sizeof(http_auth_cache_entry) + ulen + pwlen);
force_assert(ae);
ae->require = require;
ae->ctime = log_monotonic_secs;
@ -74,7 +74,6 @@ http_auth_cache_entry_init (const struct http_auth_require_t * const require, co
ae->pwdigest = ae->username + ulen;
memcpy(ae->username, username, ulen);
memcpy(ae->pwdigest, pw, pwlen);
ae->pwdigest[pwlen] = '\0';
return ae;
}