Project

General

Profile

Actions

Feature #1042

closed

Switch from mk_passwd to shell script to generate passwords for lighttpd

Added by Hammel about 1 year ago. Updated about 1 year ago.

Status:
Closed
Priority:
Immediate
Assignee:
Target version:
Start date:
25 Sep 2023
Due date:
% Done:

100%

Estimated time:
Severity:
02 - High

Description

piboxd uses mk_passwd (defined via queueProcessor.h:MK_PASSWD) to generate passwords via the web UI. mk_passwd comes from Monkey, which is deprecated in favor of lighttpd.
According to the lighttpd web site, we can generate .htpasswd entries with the following command.

printf "%s:%s:%s\n" "$user" "$realm" "$(printf "%s" "$user:$realm:$pass" | md5sum | awk '{print $1}')" 

This uses the username and realm as the salt. This has been tested manually and works with lighttpd. Change piboxd to use a shell script that runs this using getopt args and logger to log errors to /var/log/messages.

Actions #1

Updated by Hammel about 1 year ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

Implemented. Tested on hardware and it works.

Code committed and pushed.

Closing issue.

Actions

Also available in: Atom PDF