1
0
mirror of https://github.com/pi-hole/pi-hole synced 2024-12-22 14:58:08 +00:00

functionise Hashing

This commit is contained in:
Adam Warner 2017-05-02 22:24:37 +01:00
parent a5733508ae
commit 9c136a5579
No known key found for this signature in database
GPG Key ID: 7C062498C7FA6E49
2 changed files with 10 additions and 5 deletions

View File

@ -67,6 +67,13 @@ SetTemperatureUnit(){
}
HashPassword(){
# Compute password hash twice to avoid rainbow table vulnerability
return=$(echo -n ${1} | sha256sum | sed 's/\s.*$//')
return=$(echo -n ${return} | sha256sum | sed 's/\s.*$//')
echo ${return}
}
SetWebPassword(){
if [ "${SUDO_USER}" == "www-data" ]; then
@ -93,9 +100,7 @@ SetWebPassword(){
read -s -p "Confirm Password: " CONFIRM
echo ""
if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
# Compute password hash twice to avoid rainbow table vulnerability
hash=$(echo -n ${PASSWORD} | sha256sum | sed 's/\s.*$//')
hash=$(echo -n ${hash} | sha256sum | sed 's/\s.*$//')
hash=$(HashPassword ${PASSWORD})
# Save hash to file
change_setting "WEBPASSWORD" "${hash}"
echo "New password set"

View File

@ -1413,9 +1413,9 @@ main() {
pw=""
if [[ $(grep 'WEBPASSWORD' -c /etc/pihole/setupVars.conf) == 0 ]] ; then
pw=$(tr -dc _A-Z-a-z-0-9 < /dev/urandom | head -c 8)
hash=$(echo -n ${pw} | sha256sum | sed 's/\s.*$//')
hash=$(echo -n ${pw} | sha256sum | sed 's/\s.*$//' | sha256sum | sed 's/\s.*$//')
hash=$(echo -n ${hash} | sha256sum | sed 's/\s.*$//')
echo "WEBPASSWORD=${hash}" >> ${setupVars}
echo "WEBPASSWORD=$(echo -n ${pw} | sha256sum | sed 's/\s.*$//' | sha256sum | sed 's/\s.*$//')" >> ${setupVars}
fi
fi