add missing check for unencrypted passwords

[project/uhttpd.git] / auth.c

diff --git a/auth.c b/auth.c
index e1b1575..0c4872f 100644 (file)
--- a/auth.c
+++ b/auth.c
@@ -118,7 +118,9 @@ bool uh_auth_check(struct client *cl, struct path_info *pi)
        if (!req->realm)
                return true;
 
-       if (user_match && !strcmp(crypt(pass, realm->pass), realm->pass))
+       if (user_match &&
+           (!strcmp(pass, realm->pass) ||
+            !strcmp(crypt(pass, realm->pass), realm->pass)))
                return true;
 
        uh_http_header(cl, 401, "Authorization Required");