add missing check for unencrypted passwords
authorFelix Fietkau <nbd@openwrt.org>
Mon, 21 Jan 2013 12:21:34 +0000 (13:21 +0100)
committerFelix Fietkau <nbd@openwrt.org>
Mon, 21 Jan 2013 12:22:50 +0000 (13:22 +0100)
Signed-off-by: Felix Fietkau <nbd@openwrt.org>
auth.c

diff --git a/auth.c b/auth.c
index e1b1575..0c4872f 100644 (file)
--- a/auth.c
+++ b/auth.c
@@ -118,7 +118,9 @@ bool uh_auth_check(struct client *cl, struct path_info *pi)
        if (!req->realm)
                return true;
 
-       if (user_match && !strcmp(crypt(pass, realm->pass), realm->pass))
+       if (user_match &&
+           (!strcmp(pass, realm->pass) ||
+            !strcmp(crypt(pass, realm->pass), realm->pass)))
                return true;
 
        uh_http_header(cl, 401, "Authorization Required");