From 37fc575e5eebf83d97fd08531d0b600f6f8f022b Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Fri, 8 Jul 2011 15:05:38 +0200 Subject: [PATCH] s3 swat: Add XSRF protection to password page Signed-off-by: Kai Blin (cherry picked from commit 4850456845d2da5e3451716a5ad4ca0ef034e01f) --- source/web/swat.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/source/web/swat.c b/source/web/swat.c index 4544c318e35..524248481b9 100644 --- a/source/web/swat.c +++ b/source/web/swat.c @@ -1225,12 +1225,15 @@ static void chg_passwd(void) static void passwd_page(void) { const char *new_name = cgi_user_name(); + const char passwd_form[] = "passwd"; + const char rpasswd_form[] = "rpasswd"; if (!new_name) new_name = ""; printf("

%s

\n", _("Server Password Management")); printf("
\n"); + print_xsrf_token(cgi_user_name(), cgi_user_pass(), passwd_form); printf("\n"); @@ -1270,14 +1273,16 @@ static void passwd_page(void) * Do some work if change, add, disable or enable was * requested. It could be this is the first time through this * code, so there isn't anything to do. */ - if ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) || - (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG))) { + if (verify_xsrf_token(passwd_form) && + ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) || + (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG)))) { chg_passwd(); } printf("

%s

\n", _("Client/Server Password Management")); printf("\n"); + print_xsrf_token(cgi_user_name(), cgi_user_pass(), rpasswd_form); printf("
\n"); @@ -1310,7 +1315,7 @@ static void passwd_page(void) * password somewhere other than the server. It could be this * is the first time through this code, so there isn't * anything to do. */ - if (cgi_variable(CHG_R_PASSWD_FLAG)) { + if (verify_xsrf_token(passwd_form) && cgi_variable(CHG_R_PASSWD_FLAG)) { chg_passwd(); } -- 2.47.2