From: Henrik Nordstrom <henrik@henriknordstrom.net>
Date: Tue, 13 Jul 2010 20:42:09 +0000 (+0200)
Subject: Correct Joomla DB auth handling
X-Git-Tag: SQUID_3_2_0_1~64
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=329088dc35906a88a8d1b73caa238ebcb0955ee6;p=thirdparty%2Fsquid.git

Correct Joomla DB auth handling

Found while reading the code. Original clearly could not have worked as
it split the password field using an uninitialized delimiter.
---

diff --git a/helpers/basic_auth/DB/basic_db_auth.pl.in b/helpers/basic_auth/DB/basic_db_auth.pl.in
index 9a809e1264..481961bedc 100644
--- a/helpers/basic_auth/DB/basic_db_auth.pl.in
+++ b/helpers/basic_auth/DB/basic_db_auth.pl.in
@@ -142,7 +142,7 @@ sub check_password($$)
     if ($isjoomla){
         my $salt;
         my $key2;
-        ($key2,$salt) = split (/$salt/, $key);
+        ($key2,$salt) = plit (/:/, $key);
         return 1 if md5_hex($password.$salt).':'.$salt eq $key;
     }
     else{