webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-27 11:13:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

chpasswd.cgi: fixed for new MD5 password hashes.

Browse Source
This commit is contained in:
Arne Fitzenreiter
2012-01-21 20:13:54 +01:00
parent d8799d9280
commit 18e7404874
2 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
html/cgi-bin/chpasswd.cgi
View File

@@ -20,6 +20,7 @@
###############################################################################
use CGI qw(param);
use Crypt::PasswdMD5;
$swroot = "/var/ipfire";
@@ -98,7 +99,10 @@ if ($cgiparams{'SUBMIT'} eq $tr{'advproxy chgwebpwd change password'})
$errormessage = $tr{'advproxy errmsg invalid user'};
goto ERROR;
}
if (!(crypt($cgiparams{'OLD_PASSWORD'}, $cryptpwd) eq $cryptpwd))
if (
!(crypt($cgiparams{'OLD_PASSWORD'}, $cryptpwd) eq $cryptpwd) &&
!(apache_md5_crypt($cgiparams{'OLD_PASSWORD'}, $cryptpwd) eq $cryptpwd)
)
{
$errormessage = $tr{'advproxy errmsg password incorrect'};
goto ERROR;