diff options
author | Ermal LUÇI <eri@pfsense.org> | 2015-01-10 22:17:28 +0100 |
---|---|---|
committer | Ermal LUÇI <eri@pfsense.org> | 2015-01-11 16:38:25 +0100 |
commit | 30656f66407ab42c6f42e9552371090ca84165bb (patch) | |
tree | 9c18b37b926836a454432fefea65d83f64b44921 /etc | |
parent | fc03ca011259d829a42ce47353cb5ced84c3b345 (diff) | |
download | pfsense-30656f66407ab42c6f42e9552371090ca84165bb.zip pfsense-30656f66407ab42c6f42e9552371090ca84165bb.tar.gz |
Fixes #4177 convert password to base64 to be submitted to avoid issues with special chars in shell and HTTP GET parameter passing. Probably should add POST support to fcgicli.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/openvpn.auth-user.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/etc/inc/openvpn.auth-user.php b/etc/inc/openvpn.auth-user.php index b7be6ac..3f199e3 100644 --- a/etc/inc/openvpn.auth-user.php +++ b/etc/inc/openvpn.auth-user.php @@ -85,7 +85,7 @@ openlog("openvpn", LOG_ODELAY, LOG_AUTH); if (isset($_GET)) { $authmodes = explode(",", $_GET['authcfg']); $username = $_GET['username']; - $password = urldecode($_GET['password']); + $password = base64_decode(str_replace('%3D', '=', $_GET['password'])); $common_name = $_GET['cn']; $modeid = $_GET['modeid']; $strictusercn = $_GET['strictcn'] == "false" ? false : true; |