From nobody@hyperreal.com Wed Apr 23 07:22:41 1997 Received: (from nobody@localhost) by hyperreal.com (8.8.4/8.8.4) id HAA09660; Wed, 23 Apr 1997 07:22:41 -0700 (PDT) Message-Id: <199704231422.HAA09660@hyperreal.com> Date: Wed, 23 Apr 1997 07:22:41 -0700 (PDT) From: Siegmund Stirnweiss Reply-To: siegst@kat.ina.de To: apbugs@hyperreal.com Subject: Password-Files must at most have two columns X-Send-Pr-Version: 3.2 >Number: 460 >Category: mod_auth-any >Synopsis: Password-Files must at most have two columns >Confidential: no >Severity: non-critical >Priority: medium >Responsible: apache >State: closed >Class: change-request >Submitter-Id: apache >Arrival-Date: Wed Apr 23 07:30:01 1997 >Last-Modified: Sat Jun 28 21:29:57 PDT 1997 >Originator: siegst@kat.ina.de >Organization: >Release: 1.1.1 >Environment: Solaris 2.5, Sun-C-Compiler, Version doesn't matter >Description: My Apache doesn't like password-files, that have more than two columns separated by a colon ":". I would like to use the /etc/passwd-file or the password-file I used for my CERN-httpd (It has three columns.). >How-To-Repeat: Use /etc/passwd as AuthUserFile and try to access a protected URL. >Fix: Change line 106 in mod_auth.c (that's the return-statement of get_pw()) from: return pstrdup (r->pool, rpw); to: return getword(r->pool, &rpw, ':'); mod_auth then works for password-files with two columns as well as with three and more columns. %0 >Audit-Trail: State-Changed-From-To: open-suspended State-Changed-By: coar@decus.org State-Changed-When: Thu Apr 24 07:46:15 PDT 1997 State-Changed-Why: Thank you for the information. We will see about implementing this in a future release; it's too late to get this into 1.2. State-Changed-From-To: suspended-closed State-Changed-By: marc State-Changed-When: Sat Jun 28 21:29:56 PDT 1997 State-Changed-Why: A change to make Apache ignore all fields after the first two in the password file has been applied to the 1.3-dev source tree. >Unformatted: