proxy.cgi: Switch to MD5 hashed passwords for local user auth.

The former used default Crypt algorithmus only supports passwords up to eight signs wheater MD5 does not have any limitation here. Fixes 12290. Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org> Reviewed-by: Michael Tremer <michael.tremer@ipfire.org> Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
2026-04-10 02:55:55 +02:00 · 2020-02-07 12:06:39 +01:00
parent 7b7789da2f
commit 77ea7462bc
1 changed files with 7 additions and 1 deletions
--- a/html/cgi-bin/proxy.cgi
+++ b/html/cgi-bin/proxy.cgi
@@ -3945,7 +3945,13 @@ sub adduser
 	} else {
 		&deluser($str_user);

-		my $htpasswd = new Apache::Htpasswd("$userdb");
+		my %htpasswd_options = (
+			passwdFile => "$userdb",
+			UseMD5 => 1,
+		);
+
+		my $htpasswd = new Apache::Htpasswd(\%htpasswd_options);
+
 		$htpasswd->htpasswd($str_user, $str_pass);
 	}