BUG/MEDIUM: auth: fix segfault with http-auth and a configuration with an unknown encryption algorithm Grégoire Morpain reported a segfault when a secured password is used for http authentication. It was caused by the use of an unsupported encryption algorithm with libcrypto. In this case, crypt() returns a NULL pointer. The fix should be backported to 1.4 and 1.5. (cherry picked from commit c82279c5fc70a6d12ab6efd61e6c9f536e5d4a3f)

commit: f09c9fef8008dbf9650f966fa30697b3e6e7a150 [log] [tgz]
author: Cyril Bonté <cyril.bonte@free.fr> Fri Aug 29 20:20:01 2014 +0200
committer: Willy Tarreau <w@1wt.eu> Fri Aug 29 21:08:32 2014 +0200
tree: 6e9097959a5a697ef9b9f4f29d50bc23209bb63b
parent: a669e84e34218b4a6de027c04fd2e5e3525f9667 [diff] [blame]
diff --git a/src/auth.c b/src/auth.c
index 1069c5b..42c0808 100644
--- a/src/auth.c
+++ b/src/auth.c

@@ -252,7 +252,7 @@
 	fprintf(stderr, ", crypt=%s\n", ep);
 #endif
 
-	if (!strcmp(ep, u->pass))
+	if (ep && strcmp(ep, u->pass) == 0)
 		return 1;
 	else
 		return 0;
commit	f09c9fef8008dbf9650f966fa30697b3e6e7a150	[log] [tgz]
author	Cyril Bonté <cyril.bonte@free.fr>	Fri Aug 29 20:20:01 2014 +0200
committer	Willy Tarreau <w@1wt.eu>	Fri Aug 29 21:08:32 2014 +0200
tree	6e9097959a5a697ef9b9f4f29d50bc23209bb63b
parent	a669e84e34218b4a6de027c04fd2e5e3525f9667 [diff] [blame]