X-Git-Url: http://git.archive.openwrt.org/?p=project%2Fuhttpd.git;a=blobdiff_plain;f=auth.c;h=0c4872fe3ed8077e5838d72f9f4c285680a97623;hp=301e9383f9c05aa27fa439d53d57dcfff8b593e3;hb=d09bf11d572207b79286cdb5e6253278ebec147c;hpb=73c843c1186c74e897022a3edb88d0d4f0ff27dc

diff --git a/auth.c b/auth.c
index 301e938..0c4872f 100644
--- a/auth.c
+++ b/auth.c
@@ -1,25 +1,28 @@
 /*
  * uhttpd - Tiny single-threaded httpd
  *
- *   Copyright (C) 2010-2012 Jo-Philipp Wich <xm@subsignal.org>
- *   Copyright (C) 2012 Felix Fietkau <nbd@openwrt.org>
+ *   Copyright (C) 2010-2013 Jo-Philipp Wich <xm@subsignal.org>
+ *   Copyright (C) 2013 Felix Fietkau <nbd@openwrt.org>
  *
- *  Licensed under the Apache License, Version 2.0 (the "License");
- *  you may not use this file except in compliance with the License.
- *  You may obtain a copy of the License at
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
  *
- *      http://www.apache.org/licenses/LICENSE-2.0
- *
- *  Unless required by applicable law or agreed to in writing, software
- *  distributed under the License is distributed on an "AS IS" BASIS,
- *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- *  See the License for the specific language governing permissions and
- *  limitations under the License.
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
 #define _GNU_SOURCE
 #define _XOPEN_SOURCE	700
 #include <strings.h>
+#ifdef HAVE_SHADOW
+#include <shadow.h>
+#endif
 #include "uhttpd.h"
 
 static LIST_HEAD(auth_realms);
@@ -115,7 +118,9 @@ bool uh_auth_check(struct client *cl, struct path_info *pi)
 	if (!req->realm)
 		return true;
 
-	if (user_match && !strcmp(crypt(pass, realm->pass), realm->pass))
+	if (user_match &&
+	    (!strcmp(pass, realm->pass) ||
+	     !strcmp(crypt(pass, realm->pass), realm->pass)))
 		return true;
 
 	uh_http_header(cl, 401, "Authorization Required");