From: Adolf Belka <adolf.belka@ipfire.org>
Date: Wed, 7 May 2025 09:58:33 +0000 (+0200)
Subject: passwords.c: Update number of rounds for passwords from 7 to 10
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=75b77a2b2643316fed1e1e510f607809be2dc813;p=people%2Fstevee%2Fipfire-2.x.git

passwords.c: Update number of rounds for passwords from 7 to 10

- This improves the security of the root and admin passwords created and makes it the
   same as used for the proxy local auth password code in proxy.cgi & chpasswd.cgi

Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/src/setup/passwords.c b/src/setup/passwords.c
index 6242577af..bb6ffe8e6 100644
--- a/src/setup/passwords.c
+++ b/src/setup/passwords.c
@@ -56,7 +56,7 @@ int handleadminpassword(void)
 		return 0;
 	
 	snprintf(commandstring, STRING_SIZE,
-		"/usr/bin/htpasswd -c -B -C 7 -b " CONFIG_ROOT "/auth/users admin '%s'", password);
+		"/usr/bin/htpasswd -c -B -C 10 -b " CONFIG_ROOT "/auth/users admin '%s'", password);
 	sprintf(message, _("Setting %s 'admin' user password..."), NAME);
 	if (runhiddencommandwithstatus(commandstring, _("Setting password"), message, NULL)) {
 		sprintf(message, _("Problem setting %s 'admin' user password."), NAME);