mirror of
https://github.com/pi-hole/pi-hole
synced 2024-12-22 14:58:08 +00:00
functionise Hashing
This commit is contained in:
parent
a5733508ae
commit
9c136a5579
@ -67,6 +67,13 @@ SetTemperatureUnit(){
|
||||
|
||||
}
|
||||
|
||||
HashPassword(){
|
||||
# Compute password hash twice to avoid rainbow table vulnerability
|
||||
return=$(echo -n ${1} | sha256sum | sed 's/\s.*$//')
|
||||
return=$(echo -n ${return} | sha256sum | sed 's/\s.*$//')
|
||||
echo ${return}
|
||||
}
|
||||
|
||||
SetWebPassword(){
|
||||
|
||||
if [ "${SUDO_USER}" == "www-data" ]; then
|
||||
@ -93,9 +100,7 @@ SetWebPassword(){
|
||||
read -s -p "Confirm Password: " CONFIRM
|
||||
echo ""
|
||||
if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
|
||||
# Compute password hash twice to avoid rainbow table vulnerability
|
||||
hash=$(echo -n ${PASSWORD} | sha256sum | sed 's/\s.*$//')
|
||||
hash=$(echo -n ${hash} | sha256sum | sed 's/\s.*$//')
|
||||
hash=$(HashPassword ${PASSWORD})
|
||||
# Save hash to file
|
||||
change_setting "WEBPASSWORD" "${hash}"
|
||||
echo "New password set"
|
||||
|
@ -1413,9 +1413,9 @@ main() {
|
||||
pw=""
|
||||
if [[ $(grep 'WEBPASSWORD' -c /etc/pihole/setupVars.conf) == 0 ]] ; then
|
||||
pw=$(tr -dc _A-Z-a-z-0-9 < /dev/urandom | head -c 8)
|
||||
hash=$(echo -n ${pw} | sha256sum | sed 's/\s.*$//')
|
||||
hash=$(echo -n ${pw} | sha256sum | sed 's/\s.*$//' | sha256sum | sed 's/\s.*$//')
|
||||
hash=$(echo -n ${hash} | sha256sum | sed 's/\s.*$//')
|
||||
echo "WEBPASSWORD=${hash}" >> ${setupVars}
|
||||
echo "WEBPASSWORD=$(echo -n ${pw} | sha256sum | sed 's/\s.*$//' | sha256sum | sed 's/\s.*$//')" >> ${setupVars}
|
||||
fi
|
||||
fi
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user