From 77ea7462bcc134b6147dd985abdd4e2311487515 Mon Sep 17 00:00:00 2001
From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Fri, 7 Feb 2020 12:06:39 +0100
Subject: [PATCH] proxy.cgi: Switch to MD5 hashed passwords for local user
 auth.

The former used default Crypt algorithmus only supports passwords up to
eight signs wheater MD5 does not have any limitation here.

Fixes 12290.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---
 html/cgi-bin/proxy.cgi | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi
index b639640817..06aca579b9 100644
--- a/html/cgi-bin/proxy.cgi
+++ b/html/cgi-bin/proxy.cgi
@@ -3945,7 +3945,13 @@ sub adduser
 	} else {
 		&deluser($str_user);
 
-		my $htpasswd = new Apache::Htpasswd("$userdb");
+		my %htpasswd_options = (
+			passwdFile => "$userdb",
+			UseMD5 => 1,
+		);
+
+		my $htpasswd = new Apache::Htpasswd(\%htpasswd_options);
+
 		$htpasswd->htpasswd($str_user, $str_pass);
 	}
 
-- 
2.39.2