From bb937c32bd6f82064c59c56ef4dc718deb7b581e Mon Sep 17 00:00:00 2001
From: Luca Filipozzi <lfilipoz@emyr.net>
Date: Tue, 14 Jan 2014 01:27:04 +0000
Subject: [PATCH] store voipPassword as an HA1

---
 debian/control | 1 +
 update.cgi     | 4 +++-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/debian/control b/debian/control
index d6dd18a..e2d06d1 100644
--- a/debian/control
+++ b/debian/control
@@ -14,6 +14,7 @@ Depends: userdir-ldap,
 	libcrypt-passwdmd5-perl,
 	libdate-manip-perl,
 	libdigest-hmac-perl,
+	libdigest-md5-perl,
 	libio-socket-ssl-perl,
 	libnet-ldap-perl,
 	libossp-uuid-perl,
diff --git a/update.cgi b/update.cgi
index 3663169..c4d121d 100755
--- a/update.cgi
+++ b/update.cgi
@@ -10,11 +10,13 @@ use strict vars;
 use CGI;
 use Data::UUID;
 use Digest::HMAC_SHA1 qw(hmac_sha1_hex);
+use Digest::MD5 qw(md5_hex);
 use Util;
 use English;
 use URI::Escape;
 use Crypt::PasswdMD5;
 use Net::LDAP qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR);
+use Net::LDAP::Util qw(ldap_explode_dn);
 
 my %config = &Util::ReadConfigFile;
 
@@ -264,7 +266,7 @@ if (!($query->param('doupdate'))) {
       &Util::HTMLError("Password check failed for voip-password: $msg.  Please go back and try again.");
     }
     # create a md5 crypted password
-    $newvoippassword = '{crypt}'.crypt($query->param('newpass'), &Util::CreateCryptSalt(1));
+    $newvoippassword = &md5_hex( ldap_explode_dn($editid)->[0]{UID} . '@debian.org:sip.debian.org:' . $query->param('newvoippass') );
 
     &Util::LDAPUpdate($ldap, $editdn, 'voipPassword', $newvoippassword);
   }  
-- 
2.20.1