Allow spaces in passphrases by fixing up how shell args where being

escaped, when passed to the checkpass function.

Allow spaces in passphrases by fixing up how shell args where being
escaped, when passed to the checkpass function.
b0f23df7 · Leigh B. Stoller · ebb5dd08 · b0f23df7 · b0f23df7
Commit b0f23df7 authored Mar 09, 2006 by Leigh B. Stoller
--- a/www/defs.php3.in
+++ b/www/defs.php3.in
@@ -372,10 +372,12 @@ function CHECKURL($url, &$error) {
 function CHECKPASSWORD($uid, $password, $name, $email, &$error)
 {
    global $TBCHKPASS_PATH;
+
+    $uid      = escapeshellarg($uid);
+    $password = escapeshellarg($password);
+    $stuff    = escapeshellarg("$name:$email");
    
-    $mypipe =
-	popen(escapeshellcmd("$TBCHKPASS_PATH $password $uid '$name:$email'"),
-	      "w+");
+    $mypipe = popen("$TBCHKPASS_PATH $password $uid $stuff", "w+");
    
    if ($mypipe) { 
        $retval=fgets($mypipe, 1024);

--- a/www/gensslcert.php3
+++ b/www/gensslcert.php3
 <?php
 #
 # EMULAB-COPYRIGHT
-# Copyright (c) 2000-2004 University of Utah and the Flux Group.
+# Copyright (c) 2000-2004, 2006 University of Utah and the Flux Group.
 # All rights reserved.
 #
 include("defs.php3");
@@ -197,6 +197,9 @@ $errors = array();
 #
 TBUserInfo($target_uid, $user_name, $user_email);

+#TBERROR("$target_uid, $user_name, $user_email, " .
+#	$formfields[passphrase1], 0); 
+
 #
 # Must supply a reasonable passphrase.
 #