summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Beaver <sbeaver@netgate.com>2015-12-28 16:59:54 -0500
committerStephen Beaver <sbeaver@netgate.com>2015-12-28 16:59:54 -0500
commit76d6d92535ad26d2b951a433658d5de62c62a15f (patch)
treef281570f1c8acc7d6a7db326efedf36130eae98c
parentc8b10b4ce59161e21a93786d04237ad3f330178a (diff)
downloadpfsense-76d6d92535ad26d2b951a433658d5de62c62a15f.zip
pfsense-76d6d92535ad26d2b951a433658d5de62c62a15f.tar.gz
FInished password hiding logic by ensuring $_POST['password'] != DMYPWD before updating
-rw-r--r--src/usr/local/www/diag_backup.php14
-rw-r--r--src/usr/local/www/firewall_virtual_ip_edit.php5
-rw-r--r--src/usr/local/www/interfaces.php12
-rw-r--r--src/usr/local/www/interfaces_ppps_edit.php4
-rw-r--r--src/usr/local/www/services_captiveportal_vouchers.php4
-rw-r--r--src/usr/local/www/services_dyndns_edit.php4
-rw-r--r--src/usr/local/www/system_advanced_misc.php4
-rw-r--r--src/usr/local/www/system_advanced_notifications.php11
-rwxr-xr-xsrc/usr/local/www/system_hasync.php8
-rw-r--r--src/usr/local/www/vpn_l2tp.php10
-rw-r--r--src/usr/local/www/vpn_openvpn_client.php10
11 files changed, 59 insertions, 27 deletions
diff --git a/src/usr/local/www/diag_backup.php b/src/usr/local/www/diag_backup.php
index 173da92..074ae28 100644
--- a/src/usr/local/www/diag_backup.php
+++ b/src/usr/local/www/diag_backup.php
@@ -225,12 +225,9 @@ if ($_POST) {
if ($mode) {
if ($mode == "download") {
if ($_POST['encrypt']) {
- if (!$_POST['encrypt_password'] || !$_POST['encrypt_password_confirm']) {
+ if (!$_POST['encrypt_password']) {
$input_errors[] = gettext("You must supply and confirm the password for encryption.");
}
- if ($_POST['encrypt_password'] != $_POST['encrypt_password_confirm']) {
- $input_errors[] = gettext("The supplied 'Password' and 'Confirm' field values must match.");
- }
}
if (!$input_errors) {
@@ -303,12 +300,9 @@ if ($_POST) {
if ($mode == "restore") {
if ($_POST['decrypt']) {
- if (!$_POST['decrypt_password'] || !$_POST['decrypt_password_confirm']) {
+ if (!$_POST['decrypt_password']) {
$input_errors[] = gettext("You must supply and confirm the password for decryption.");
}
- if ($_POST['decrypt_password'] != $_POST['decrypt_password_confirm']) {
- $input_errors[] = gettext("The supplied 'Password' and 'Confirm' field values must match.");
- }
}
if (!$input_errors) {
@@ -659,7 +653,7 @@ $section->addInput(new Form_Checkbox(
false
));
-$section->addPassword(new Form_Input(
+$section->addInput(new Form_Input(
'encrypt_password',
'Password',
'password',
@@ -703,7 +697,7 @@ $section->addInput(new Form_Checkbox(
false
));
-$section->addPassword(new Form_Input(
+$section->addInput(new Form_Input(
'decrypt_password',
'Password',
'password',
diff --git a/src/usr/local/www/firewall_virtual_ip_edit.php b/src/usr/local/www/firewall_virtual_ip_edit.php
index 16d26ef..a98c967 100644
--- a/src/usr/local/www/firewall_virtual_ip_edit.php
+++ b/src/usr/local/www/firewall_virtual_ip_edit.php
@@ -275,7 +275,10 @@ if ($_POST) {
$vipent['uniqid'] = $_POST['uniqid'];
$vipent['advskew'] = $_POST['advskew'];
$vipent['advbase'] = $_POST['advbase'];
- $vipent['password'] = $_POST['password'];
+
+ if ($_POST['password'] != DMYPWD) {
+ $vipent['password'] = $_POST['password'];
+ }
}
/* Common fields */
diff --git a/src/usr/local/www/interfaces.php b/src/usr/local/www/interfaces.php
index 547e93f..db69970 100644
--- a/src/usr/local/www/interfaces.php
+++ b/src/usr/local/www/interfaces.php
@@ -1138,7 +1138,9 @@ if ($_POST['apply']) {
$a_ppps[$pppid]['if'] = $_POST['type'].$_POST['ptpid'];
$a_ppps[$pppid]['ports'] = $_POST['port'];
$a_ppps[$pppid]['username'] = $_POST['ppp_username'];
- $a_ppps[$pppid]['password'] = base64_encode($_POST['ppp_password']);
+ if ($_POST['ppp_password'] != DMYPWD) {
+ $a_ppps[$pppid]['password'] = base64_encode($_POST['ppp_password']);
+ }
$a_ppps[$pppid]['phone'] = $_POST['phone'];
$a_ppps[$pppid]['apn'] = $_POST['apn'];
$wancfg['if'] = $_POST['type'] . $_POST['ptpid'];
@@ -1155,7 +1157,9 @@ if ($_POST['apply']) {
$a_ppps[$pppid]['ports'] = $wancfg['if'];
}
$a_ppps[$pppid]['username'] = $_POST['pppoe_username'];
- $a_ppps[$pppid]['password'] = base64_encode($_POST['pppoe_password']);
+ if ($_POST['pppoe_password'] != DMYPWD) {
+ $a_ppps[$pppid]['password'] = base64_encode($_POST['pppoe_password']);
+ }
if (!empty($_POST['provider'])) {
$a_ppps[$pppid]['provider'] = $_POST['provider'];
} else {
@@ -1191,7 +1195,9 @@ if ($_POST['apply']) {
$a_ppps[$pppid]['ports'] = $wancfg['if'];
}
$a_ppps[$pppid]['username'] = $_POST['pptp_username'];
- $a_ppps[$pppid]['password'] = base64_encode($_POST['pptp_password']);
+ if ($_POST['pptp_password'] != DMYPWD) {
+ $a_ppps[$pppid]['password'] = base64_encode($_POST['pptp_password']);
+ }
// Replace the first (0) entry with the posted data. Preserve any other entries that might be there.
$poriginal['pptp_localip'][0] = $_POST['pptp_local0'];
$a_ppps[$pppid]['localip'] = implode(',', $poriginal['pptp_localip']);
diff --git a/src/usr/local/www/interfaces_ppps_edit.php b/src/usr/local/www/interfaces_ppps_edit.php
index d8d19af..1522963 100644
--- a/src/usr/local/www/interfaces_ppps_edit.php
+++ b/src/usr/local/www/interfaces_ppps_edit.php
@@ -323,7 +323,9 @@ if ($_POST) {
$ppp['if'] = $ppp['type'].$ppp['ptpid'];
$ppp['ports'] = implode(',', $_POST['interfaces']);
$ppp['username'] = $_POST['username'];
- $ppp['password'] = base64_encode($_POST['passwordfld']);
+ if ($_POST['passwordfld'] != DMYPWD) {
+ $ppp['password'] = base64_encode($_POST['passwordfld']);
+ }
$ppp['ondemand'] = $_POST['ondemand'] ? true : false;
if (!empty($_POST['idletimeout'])) {
$ppp['idletimeout'] = $_POST['idletimeout'];
diff --git a/src/usr/local/www/services_captiveportal_vouchers.php b/src/usr/local/www/services_captiveportal_vouchers.php
index 39f62fc..46a6104 100644
--- a/src/usr/local/www/services_captiveportal_vouchers.php
+++ b/src/usr/local/www/services_captiveportal_vouchers.php
@@ -316,7 +316,9 @@ if ($_POST) {
$newvoucher['vouchersyncdbip'] = $_POST['vouchersyncdbip'];
$newvoucher['vouchersyncport'] = $_POST['vouchersyncport'];
$newvoucher['vouchersyncusername'] = $_POST['vouchersyncusername'];
- $newvoucher['vouchersyncpass'] = $_POST['vouchersyncpass'];
+ if ($_POST['vouchersyncpass'] != DMYPWD ) {
+ $newvoucher['vouchersyncpass'] = $_POST['vouchersyncpass'];
+ }
if ($newvoucher['vouchersyncpass'] && $newvoucher['vouchersyncusername'] &&
$newvoucher['vouchersyncport'] && $newvoucher['vouchersyncdbip']) {
// Synchronize the voucher DB from the master node
diff --git a/src/usr/local/www/services_dyndns_edit.php b/src/usr/local/www/services_dyndns_edit.php
index a2d797b..e6938e1 100644
--- a/src/usr/local/www/services_dyndns_edit.php
+++ b/src/usr/local/www/services_dyndns_edit.php
@@ -167,7 +167,9 @@ if ($_POST) {
$dyndns = array();
$dyndns['type'] = $_POST['type'];
$dyndns['username'] = $_POST['username'];
- $dyndns['password'] = $_POST['passwordfld'];
+ if ($_POST['passwordfld'] != DMYPWD) {
+ $dyndns['password'] = $_POST['passwordfld'];
+ }
$dyndns['host'] = $_POST['host'];
$dyndns['mx'] = $_POST['mx'];
$dyndns['wildcard'] = $_POST['wildcard'] ? true : false;
diff --git a/src/usr/local/www/system_advanced_misc.php b/src/usr/local/www/system_advanced_misc.php
index ad56a98..862e049 100644
--- a/src/usr/local/www/system_advanced_misc.php
+++ b/src/usr/local/www/system_advanced_misc.php
@@ -181,7 +181,9 @@ if ($_POST) {
}
if ($_POST['proxypass'] <> "") {
- $config['system']['proxypass'] = $_POST['proxypass'];
+ if ($_POST['proxypass'] != DMYPWD) {
+ $config['system']['proxypass'] = $_POST['proxypass'];
+ }
} else {
unset($config['system']['proxypass']);
}
diff --git a/src/usr/local/www/system_advanced_notifications.php b/src/usr/local/www/system_advanced_notifications.php
index 7bd5ee8..99bec31 100644
--- a/src/usr/local/www/system_advanced_notifications.php
+++ b/src/usr/local/www/system_advanced_notifications.php
@@ -126,7 +126,14 @@ if ($_POST) {
// Growl
$config['notifications']['growl']['ipaddress'] = $_POST['ipaddress'];
- $config['notifications']['growl']['password'] = $_POST['password'];
+ if ($_POST['password'] != DMYPWD) {
+ if ($_POST['password'] == $_POST['password_confirm']) {
+ $config['notifications']['growl']['password'] = $_POST['password'];
+ } else {
+ $input_errors[] = gettext("Growl passwords must match");
+ }
+ }
+
$config['notifications']['growl']['name'] = $_POST['name'];
$config['notifications']['growl']['notification_name'] = $_POST['notification_name'];
@@ -263,7 +270,7 @@ $section->addInput(new Form_Input(
))->setHelp('This is the IP address that you would like to send growl '.
'notifications to.');
-$section->addInput(new Form_Input(
+$section->addPassword(new Form_Input(
'password',
'Password',
'text',
diff --git a/src/usr/local/www/system_hasync.php b/src/usr/local/www/system_hasync.php
index 8c44ae9..6104d5c 100755
--- a/src/usr/local/www/system_hasync.php
+++ b/src/usr/local/www/system_hasync.php
@@ -95,13 +95,15 @@ if ($_POST) {
foreach ($checkbox_names as $name) {
$a_hasync[$name] = $pconfig[$name] ? $pconfig[$name] : false;
}
- $a_hasync['pfsyncpeerip'] = $pconfig['pfsyncpeerip'];
+ $a_hasync['pfsyncpeerip'] = $pconfig['pfsyncpeerip'];
$a_hasync['pfsyncinterface'] = $pconfig['pfsyncinterface'];
$a_hasync['synchronizetoip'] = $pconfig['synchronizetoip'];
- $a_hasync['username'] = $pconfig['username'];
+ $a_hasync['username'] = $pconfig['username'];
if ($pconfig['passwordfld'] == $pconfig['passwordfld_confirm']) {
- $a_hasync['password'] = $pconfig['passwordfld'];
+ if ($pconfig['passwordfld'] != DMYPWD) {
+ $a_hasync['password'] = $pconfig['passwordfld'];
+ }
} else {
$input_errors[] = gettext("Password and confirmation must match.");
}
diff --git a/src/usr/local/www/vpn_l2tp.php b/src/usr/local/www/vpn_l2tp.php
index 04a8990..092a0ba 100644
--- a/src/usr/local/www/vpn_l2tp.php
+++ b/src/usr/local/www/vpn_l2tp.php
@@ -158,8 +158,14 @@ if ($_POST) {
$l2tpcfg['interface'] = $_POST['interface'];
$l2tpcfg['n_l2tp_units'] = $_POST['n_l2tp_units'];
$l2tpcfg['radius']['server'] = $_POST['radiusserver'];
- $l2tpcfg['radius']['secret'] = $_POST['radiussecret'];
- $l2tpcfg['secret'] = $_POST['secret'];
+ if ($_POST['radiussecret'] != DMYPWD) {
+ $l2tpcfg['radius']['secret'] = $_POST['radiussecret'];
+ }
+
+ if ($_POST['secret'] != DMYPWD) {
+ $l2tpcfg['secret'] = $_POST['secret'];
+ }
+
$l2tpcfg['paporchap'] = $_POST['paporchap'];
diff --git a/src/usr/local/www/vpn_openvpn_client.php b/src/usr/local/www/vpn_openvpn_client.php
index 63e52b1..6e6693a 100644
--- a/src/usr/local/www/vpn_openvpn_client.php
+++ b/src/usr/local/www/vpn_openvpn_client.php
@@ -136,7 +136,11 @@ if ($_GET['act'] == "new") {
}
global $simplefields;
-$simplefields = array('auth_user', 'auth_pass');
+if ($_POST['auth_pass'] == DMYPWD) {
+ $simplefields = array('auth_user');
+} else {
+ $simplefields = array('auth_user', 'auth_pass');
+}
if ($_GET['act'] == "edit") {
@@ -364,7 +368,9 @@ if ($_POST) {
$client['proxy_port'] = $pconfig['proxy_port'];
$client['proxy_authtype'] = $pconfig['proxy_authtype'];
$client['proxy_user'] = $pconfig['proxy_user'];
- $client['proxy_passwd'] = $pconfig['proxy_passwd'];
+ if ($pconfig['proxy_passwd'] != DMYPWD) {
+ $client['proxy_passwd'] = $pconfig['proxy_passwd'];
+ }
$client['description'] = $pconfig['description'];
$client['mode'] = $pconfig['mode'];
$client['custom_options'] = str_replace("\r\n", "\n", $pconfig['custom_options']);
OpenPOWER on IntegriCloud