diff options
| author | Cliff Woolley <jwoolley@apache.org> | 2001-10-01 21:19:45 +0200 |
|---|---|---|
| committer | Cliff Woolley <jwoolley@apache.org> | 2001-10-01 21:19:45 +0200 |
| commit | 3e1155b1156387bdfa19f9b13ce4c1c88a2324be (patch) | |
| tree | 9e011e6b5e08980bca235097794e3a0c63faf5d9 /support/htdigest.c | |
| parent | Two more loadable modules on Win32, thank you Gunther! (diff) | |
| download | apache2-3e1155b1156387bdfa19f9b13ce4c1c88a2324be.tar.xz apache2-3e1155b1156387bdfa19f9b13ce4c1c88a2324be.zip | |
Switch from tmpnam() to apr_file_mktemp() so that gcc with a recent glibc
will shut the hell up about tmpnam() being unsafe. htpasswd.c needs a
similar treatment, but it won't be _quite_ as easy since htpasswd has not
been completely apr-ized yet.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@91222 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'support/htdigest.c')
| -rw-r--r-- | support/htdigest.c | 27 |
1 files changed, 13 insertions, 14 deletions
diff --git a/support/htdigest.c b/support/htdigest.c index 511921089f..f4df5ad2f1 100644 --- a/support/htdigest.c +++ b/support/htdigest.c @@ -97,7 +97,7 @@ #define MAX_STRING_LEN 256 -char *tn; +apr_file_t *tfp = NULL; apr_pool_t *cntxt; #if APR_CHARSET_EBCDIC apr_xlate_t *to_ascii; @@ -166,8 +166,8 @@ static void add_password(char *user, char *realm, apr_file_t *f) apr_password_get("Re-type new password: ", pwv, &len); if (strcmp(pwin, pwv) != 0) { fprintf(stderr, "They don't match, sorry.\n"); - if (tn) { - apr_file_remove(tn, cntxt); + if (tfp) { + apr_file_close(tfp); } exit(1); } @@ -200,8 +200,9 @@ static void usage(void) static void interrupted(void) { fprintf(stderr, "Interrupted.\n"); - if (tn) - apr_file_remove(tn, cntxt); + if (tfp) { + apr_file_close(tfp); + } exit(1); } @@ -212,8 +213,9 @@ static void terminate(void) int main(int argc, char *argv[]) { - apr_file_t *tfp = NULL, *f; + apr_file_t *f; apr_status_t rv; + char tn[] = "htdigest.tmp.XXXXXX"; char user[MAX_STRING_LEN]; char realm[MAX_STRING_LEN]; char line[MAX_STRING_LEN]; @@ -241,12 +243,11 @@ int main(int argc, char *argv[]) } #endif - tn = NULL; apr_signal(SIGINT, (void (*)(int)) interrupted); if (argc == 5) { if (strcmp(argv[1], "-c")) usage(); - rv = apr_file_open(&tfp, argv[2], APR_WRITE | APR_CREATE, -1, cntxt); + rv = apr_file_open(&f, argv[2], APR_WRITE | APR_CREATE, -1, cntxt); if (rv != APR_SUCCESS) { char errmsg[120]; @@ -256,15 +257,14 @@ int main(int argc, char *argv[]) exit(1); } printf("Adding password for %s in realm %s.\n", argv[4], argv[3]); - add_password(argv[4], argv[3], tfp); - apr_file_close(tfp); + add_password(argv[4], argv[3], f); + apr_file_close(f); exit(0); } else if (argc != 4) usage(); - tn = tmpnam(NULL); - if (apr_file_open(&tfp, tn, APR_WRITE | APR_CREATE, -1, cntxt)!= APR_SUCCESS) { + if (apr_file_mktemp(&tfp, tn, cntxt) != APR_SUCCESS) { fprintf(stderr, "Could not open temp file.\n"); exit(1); } @@ -302,13 +302,12 @@ int main(int argc, char *argv[]) add_password(user, realm, tfp); } apr_file_close(f); - apr_file_close(tfp); #if defined(OS2) || defined(WIN32) sprintf(command, "copy \"%s\" \"%s\"", tn, argv[1]); #else sprintf(command, "cp %s %s", tn, argv[1]); #endif system(command); - apr_file_remove(tn, cntxt); + apr_file_close(tfp); return 0; } |