michael/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2026-02-03 06:03:28 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Use the same message for wrong user and password

Browse Source
This commit is contained in:
Jamie Cameron
2024-08-14 03:08:26 -07:00
parent 7198370f9b
commit efccfc4db6
2 changed files with 5 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lang/en
View File

@@ -287,6 +287,7 @@ password_done=Your password has been successfully changed. You may now <a href='
password_err=Failed to change password password_err=Failed to change password
password_euser=Your login name was not found in the password file! password_euser=Your login name was not found in the password file!
password_eold=The current password is incorrect password_eold=The current password is incorrect
password_euserpass=Invalid username or password
password_enew1=No new password was entered password_enew1=No new password was entered
password_enew2=Your new passwords do not match password_enew2=Your new passwords do not match
password_epam=PAM error : $1 password_epam=PAM error : $1

8
password_change.cgi
View File

@@ -39,7 +39,7 @@ if (!$in{'pam'} && !$wuser) {
if ($wuser) { if ($wuser) {
# Update Webmin user's password # Update Webmin user's password
$ok = &acl::validate_password($in{'old'}, $wuser->{'pass'}); $ok = &acl::validate_password($in{'old'}, $wuser->{'pass'});
$ok || &pass_error($text{'password_eold'}); $ok || &pass_error($text{'password_euserpass'});
$perr = &acl::check_password_restrictions($in{'user'}, $in{'new1'}); $perr = &acl::check_password_restrictions($in{'user'}, $in{'new1'});
$perr && &pass_error(&text('password_enewpass', $perr)); $perr && &pass_error(&text('password_enewpass', $perr));
$wuser->{'pass'} = &acl::encrypt_password($in{'new1'}); $wuser->{'pass'} = &acl::encrypt_password($in{'new1'});
@@ -117,7 +117,7 @@ elsif ($in{'pam'}) {
$pamh = new Authen::PAM($service, $in{'user'}, \&pam_check_func); $pamh = new Authen::PAM($service, $in{'user'}, \&pam_check_func);
$rv = $pamh->pam_authenticate(); $rv = $pamh->pam_authenticate();
$rv == PAM_SUCCESS() || $rv == PAM_SUCCESS() ||
&pass_error($text{'password_eold'}); &pass_error($text{'password_euserpass'});
$pamh = undef; $pamh = undef;
# Change the password with PAM, in a sub-process. This is needed because # Change the password with PAM, in a sub-process. This is needed because
@@ -159,12 +159,12 @@ else {
last; last;
} }
} }
defined($idx) || &pass_error($text{'password_euser'}); defined($idx) || &pass_error($text{'password_euserpass'});
# Validate old password # Validate old password
&unix_crypt($in{'old'}, $line[$miniserv{'passwd_pindex'}]) eq &unix_crypt($in{'old'}, $line[$miniserv{'passwd_pindex'}]) eq
$line[$miniserv{'passwd_pindex'}] || $line[$miniserv{'passwd_pindex'}] ||
&pass_error($text{'password_eold'}); &pass_error($text{'password_euserpass'});
# Make sure new password meets restrictions # Make sure new password meets restrictions
if (&foreign_check("changepass")) { if (&foreign_check("changepass")) {