projects
/
mirror
/
userdir-ldap-cgi.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
New hmac scheme for sudo passwords.
[mirror/userdir-ldap-cgi.git]
/
update.cgi
diff --git
a/update.cgi
b/update.cgi
index
f78a7eb
..
ae0b6ce
100755
(executable)
--- a/
update.cgi
+++ b/
update.cgi
@@
-128,7
+128,7
@@
if (!($query->param('doupdate'))) {
next;
}
if ($status =~ /^confirmed:/) {
next;
}
if ($status =~ /^confirmed:/) {
- my $data = join(':', 'password-is-confirmed', $uuid, $hosts, $crypted);
+ my $data = join(':', 'password-is-confirmed',
'sudo', $data{'uid'},
$uuid, $hosts, $crypted);
my $hmac = hmac_sha1_hex( $data, $hmac_key);
if ($status eq "confirmed:$hmac") {
$status = 'confirmed';
my $hmac = hmac_sha1_hex( $data, $hmac_key);
if ($status eq "confirmed:$hmac") {
$status = 'confirmed';
@@
-143,7
+143,7
@@
if (!($query->param('doupdate'))) {
<td><input name=\"sudopassword-delete-".CGI::escapeHTML($uuid)."\" type=\"checkbox\" value=\"delete\"> (delete)</td></tr>\n";
$sudopassword .= $e;
if ($status eq 'unconfirmed') {
<td><input name=\"sudopassword-delete-".CGI::escapeHTML($uuid)."\" type=\"checkbox\" value=\"delete\"> (delete)</td></tr>\n";
$sudopassword .= $e;
if ($status eq 'unconfirmed') {
- my $data = join(':', 'confirm-new-password', $uuid, $hosts, $crypted);
+ my $data = join(':', 'confirm-new-password',
'sudo', $data{'uid'},
$uuid, $hosts, $crypted);
my $hmac = hmac_sha1_hex( $data, $hmac_key);
$confirmstring .= CGI::escapeHTML("confirm sudopassword $uuid $hosts $hmac\n");
}
my $hmac = hmac_sha1_hex( $data, $hmac_key);
$confirmstring .= CGI::escapeHTML("confirm sudopassword $uuid $hosts $hmac\n");
}