From fa191e29285aec3c5f169d2aa9b89f9387a10d07 Mon Sep 17 00:00:00 2001
From: Jeff Becker <ampernand@gmail.com>
Date: Fri, 9 Dec 2016 09:27:19 -0500
Subject: [PATCH] fixes issue 732 and wave hi to ISPG

---
 HTTPServer.cpp | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/HTTPServer.cpp b/HTTPServer.cpp
index b358ccec..5deb7c60 100644
--- a/HTTPServer.cpp
+++ b/HTTPServer.cpp
@@ -709,11 +709,15 @@ namespace http {
 			char b64_creds[64];
 			std::size_t len = 0;
 			len = i2p::data::ByteStreamToBase64((unsigned char *)expected.c_str(), expected.length(), b64_creds, sizeof(b64_creds));
-			b64_creds[len] = '\0';
-			expected = "Basic ";
-			expected += b64_creds;
-			if (provided == expected)
-				return true;
+			/* if we decoded properly then check credentials */
+			if(len) {
+				b64_creds[len] = '\0';
+				expected = "Basic ";
+				expected += b64_creds;
+				return expected == provided;
+			}
+			/** we decoded wrong so it's not a correct login credential */
+			return false;
 		}
 
 		LogPrint(eLogWarning, "HTTPServer: auth failure from ", m_Socket->remote_endpoint().address ());