From: Felix Fietkau <nbd@openwrt.org>
Date: Mon, 21 Jan 2013 12:21:34 +0000 (+0100)
Subject: add missing check for unencrypted passwords
X-Git-Url: http://git.archive.openwrt.org/?p=project%2Fuhttpd.git;a=commitdiff_plain;h=7bd66ddacb6b87a927b7846a44c02c0df7988c71

add missing check for unencrypted passwords

Signed-off-by: Felix Fietkau <nbd@openwrt.org>
---

diff --git a/auth.c b/auth.c
index e1b1575..0c4872f 100644
--- a/auth.c
+++ b/auth.c
@@ -118,7 +118,9 @@ bool uh_auth_check(struct client *cl, struct path_info *pi)
 	if (!req->realm)
 		return true;
 
-	if (user_match && !strcmp(crypt(pass, realm->pass), realm->pass))
+	if (user_match &&
+	    (!strcmp(pass, realm->pass) ||
+	     !strcmp(crypt(pass, realm->pass), realm->pass)))
 		return true;
 
 	uh_http_header(cl, 401, "Authorization Required");