use better regex for detecting pre crypt()'d passwords

author Dominik Csapak <d.csapak@proxmox.com>

Thu, 21 Jun 2018 12:14:27 +0000 (14:14 +0200)

committer Wolfgang Bumiller <w.bumiller@proxmox.com>

Tue, 21 Aug 2018 08:02:27 +0000 (10:02 +0200)
author Dominik Csapak <d.csapak@proxmox.com>
Thu, 21 Jun 2018 12:14:27 +0000 (14:14 +0200)
committer Wolfgang Bumiller <w.bumiller@proxmox.com>
Tue, 21 Aug 2018 08:02:27 +0000 (10:02 +0200)
diff --git a/src/PVE/LXC/Setup/Base.pm b/src/PVE/LXC/Setup/Base.pm

index 964d8d57d55730c5de44a219cfef62f0132fd5d7..9b1cf124ecac80c09b5e835e10e8162e5bf6a82b 100644 (file)
--- a/src/PVE/LXC/Setup/Base.pm
+++ b/src/PVE/LXC/Setup/Base.pm
@@ -354,7 +354,7 @@ sub set_user_password {
      my $shadow = "/etc/shadow";
      
      if (defined($opt_password)) {
-       if ($opt_password !~ m/^\$/) {
+       if ($opt_password !~ m/^\$(?:1|2[axy]?|5|6)\$[a-zA-Z0-9.\/]{1,16}\$[a-zA-Z0-9.\/]+$/) {
             my $time = substr (Digest::SHA::sha1_base64 (time), 0, 8);
             $opt_password = crypt(encode("utf8", $opt_password), "\$1\$$time\$");
         };
diff --git a/src/test/run_setup_tests.pl b/src/test/run_setup_tests.pl

index bae94e8194d49baa44e762e280188740808cb1e0..678ff0f7e8c783c78f6c095f5215f8a3dfb260d6 100755 (executable)
--- a/src/test/run_setup_tests.pl
+++ b/src/test/run_setup_tests.pl
@@ -50,7 +50,7 @@ sub run_test {
         # run tests twice, to make sure scripts are idempotent
         
         srand(0);
-       $lxc_setup->post_create_hook('$TEST$ABCDEF','ssh-rsa ABCDEFG ABC@DEF');
+       $lxc_setup->post_create_hook('$5$SALT$PASS','ssh-rsa ABCDEFG ABC@DEF');
  
         my @testfiles = qw(/etc/hostname
                            /etc/hosts
diff --git a/src/test/test-debian-009/etc/shadow.exp b/src/test/test-debian-009/etc/shadow.exp

index 34768b5ddb1d710a1382dcb6a00b4f59c14c321b..03c43ace44c10e34b932d0c5e624973b0a5d8d14 100644 (file)
--- a/src/test/test-debian-009/etc/shadow.exp
+++ b/src/test/test-debian-009/etc/shadow.exp
@@ -1,4 +1,4 @@
-root:$TEST$ABCDEF:@DAYS@:0:99999:7:::
+root:$5$SALT$PASS:@DAYS@:0:99999:7:::
  daemon:*:15908:0:99999:7:::
  bin:*:15908:0:99999:7:::
  sys:*:15908:0:99999:7:::
diff --git a/src/test/test-debian-014/etc/shadow.exp b/src/test/test-debian-014/etc/shadow.exp

index 34768b5ddb1d710a1382dcb6a00b4f59c14c321b..03c43ace44c10e34b932d0c5e624973b0a5d8d14 100644 (file)
--- a/src/test/test-debian-014/etc/shadow.exp
+++ b/src/test/test-debian-014/etc/shadow.exp
@@ -1,4 +1,4 @@
-root:$TEST$ABCDEF:@DAYS@:0:99999:7:::
+root:$5$SALT$PASS:@DAYS@:0:99999:7:::
  daemon:*:15908:0:99999:7:::
  bin:*:15908:0:99999:7:::
  sys:*:15908:0:99999:7:::
author	Dominik Csapak <d.csapak@proxmox.com>
	Thu, 21 Jun 2018 12:14:27 +0000 (14:14 +0200)
committer	Wolfgang Bumiller <w.bumiller@proxmox.com>
	Tue, 21 Aug 2018 08:02:27 +0000 (10:02 +0200)
src/PVE/LXC/Setup/Base.pm		patch \| blob \| blame \| history
src/test/run_setup_tests.pl		patch \| blob \| blame \| history
src/test/test-debian-009/etc/shadow.exp		patch \| blob \| blame \| history
src/test/test-debian-014/etc/shadow.exp		patch \| blob \| blame \| history