[Da-tools-commits] ./debian/userdir-ldap-cgi r115: New hmac scheme for sudo passwords.
Peter Palfrader
peter at palfrader.org
Fri Nov 14 19:35:58 UTC 2008
------------------------------------------------------------
revno: 115
committer: Peter Palfrader <peter at palfrader.org>
branch nick: userdir-ldap-cgi
timestamp: Fri 2008-11-14 20:35:58 +0100
message:
New hmac scheme for sudo passwords.
modified:
debian/changelog
update.cgi
-------------- next part --------------
=== modified file 'debian/changelog'
--- a/debian/changelog 2008-09-16 20:11:07 +0000
+++ b/debian/changelog 2008-11-14 19:35:58 +0000
@@ -1,3 +1,9 @@
+userdir-ldap-cgi (0.3.23) unstable; urgency=low
+
+ * New hmac scheme for sudo passwords.
+
+ -- Peter Palfrader <weasel at debian.org> Fri, 14 Nov 2008 20:01:38 +0100
+
userdir-ldap-cgi (0.3.22) unstable; urgency=low
* Verify confirmed hmac in web display, showing status as either 'confirmed'
=== modified file 'update.cgi'
--- a/update.cgi 2008-09-16 20:11:07 +0000
+++ b/update.cgi 2008-11-14 19:35:58 +0000
@@ -128,7 +128,7 @@
next;
}
if ($status =~ /^confirmed:/) {
- my $data = join(':', 'password-is-confirmed', $uuid, $hosts, $crypted);
+ my $data = join(':', 'password-is-confirmed', 'sudo', $data{'uid'}, $uuid, $hosts, $crypted);
my $hmac = hmac_sha1_hex( $data, $hmac_key);
if ($status eq "confirmed:$hmac") {
$status = 'confirmed';
@@ -143,7 +143,7 @@
<td><input name=\"sudopassword-delete-".CGI::escapeHTML($uuid)."\" type=\"checkbox\" value=\"delete\"> (delete)</td></tr>\n";
$sudopassword .= $e;
if ($status eq 'unconfirmed') {
- my $data = join(':', 'confirm-new-password', $uuid, $hosts, $crypted);
+ my $data = join(':', 'confirm-new-password', 'sudo', $data{'uid'}, $uuid, $hosts, $crypted);
my $hmac = hmac_sha1_hex( $data, $hmac_key);
$confirmstring .= CGI::escapeHTML("confirm sudopassword $uuid $hosts $hmac\n");
}
More information about the Da-tools-commits
mailing list