From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Fri, 7 Feb 2020 11:06:39 +0000 (+0100)
Subject: proxy.cgi: Switch to MD5 hashed passwords for local user auth.
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=77ea7462bcc134b6147dd985abdd4e2311487515;p=people%2Fstevee%2Fipfire-2.x.git

proxy.cgi: Switch to MD5 hashed passwords for local user auth.

The former used default Crypt algorithmus only supports passwords up to
eight signs wheater MD5 does not have any limitation here.

Fixes 12290.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Reviewed-by: Michael Tremer <michael.tremer@ipfire.org>
Signed-off-by: Arne Fitzenreiter <arne_f@ipfire.org>
---

diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi
index b639640817..06aca579b9 100644
--- a/html/cgi-bin/proxy.cgi
+++ b/html/cgi-bin/proxy.cgi
@@ -3945,7 +3945,13 @@ sub adduser
 	} else {
 		&deluser($str_user);
 
-		my $htpasswd = new Apache::Htpasswd("$userdb");
+		my %htpasswd_options = (
+			passwdFile => "$userdb",
+			UseMD5 => 1,
+		);
+
+		my $htpasswd = new Apache::Htpasswd(\%htpasswd_options);
+
 		$htpasswd->htpasswd($str_user, $str_pass);
 	}