1
0
mirror of https://github.com/pi-hole/pi-hole synced 2024-11-18 06:08:21 +00:00

Merge pull request #1355 from pmo3/development

Mask password input when changing password
This commit is contained in:
Mcat12 2017-04-03 20:23:19 -04:00 committed by GitHub
commit 57e8b7f924
2 changed files with 16 additions and 7 deletions

View File

@ -81,19 +81,28 @@ SetWebPassword(){
exit 1
fi
# Set password only if there is one to be set
if (( ${#args[2]} > 0 )) ; then
read -s -p "Enter New Password (Blank for no password): " PASSWORD
echo ""
if [ "${PASSWORD}" == "" ]; then
change_setting "WEBPASSWORD" ""
echo "Password Removed"
exit 0
fi
read -s -p "Confirm Password: " CONFIRM
echo ""
if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
# Compute password hash twice to avoid rainbow table vulnerability
hash=$(echo -n ${args[2]} | sha256sum | sed 's/\s.*$//')
hash=$(echo -n ${PASSWORD} | sha256sum | sed 's/\s.*$//')
hash=$(echo -n ${hash} | sha256sum | sed 's/\s.*$//')
# Save hash to file
change_setting "WEBPASSWORD" "${hash}"
echo "New password set"
else
change_setting "WEBPASSWORD" ""
echo "Password removed"
echo "Passwords don't match. Your password has not been changed"
exit 1
fi
}
ProcessDNSSettings() {

View File

@ -1460,7 +1460,7 @@ main() {
echo "::: ${pw}"
echo ":::"
echo "::: You can always change it using"
echo "::: pihole -a -p new_password"
echo "::: pihole -a -p"
fi
fi