Important SECURITY FIX!

The UserDB Passwordcheck was buggy since 1138, any password allows access with the rights of 
the user!

USE SVN or disable all Users(take away all Rights)


git-svn-id: https://svn.berlios.de/svnroot/repos/yacy/trunk@1246 6c8d7289-2bf4-0310-a012-ef5d649a1542

source/de/anomic/data/userDB.java

@@ -238,9 +238,10 @@ public final class userDB {
                     }catch(IOException e){}
                     return null;
                 }
-        }
                 return entry;
         }
+        return null;
+    }
     public Entry md5Auth(String user, String md5){
         Entry entry=this.getEntry(user);
         if( entry != null && entry.getMD5EncodedUserPwd().equals(md5)){