Commit b0f23df7 authored by Leigh B. Stoller's avatar Leigh B. Stoller
Browse files

Allow spaces in passphrases by fixing up how shell args where being

escaped, when passed to the checkpass function.
parent ebb5dd08
......@@ -372,10 +372,12 @@ function CHECKURL($url, &$error) {
function CHECKPASSWORD($uid, $password, $name, $email, &$error)
{
global $TBCHKPASS_PATH;
$uid = escapeshellarg($uid);
$password = escapeshellarg($password);
$stuff = escapeshellarg("$name:$email");
$mypipe =
popen(escapeshellcmd("$TBCHKPASS_PATH $password $uid '$name:$email'"),
"w+");
$mypipe = popen("$TBCHKPASS_PATH $password $uid $stuff", "w+");
if ($mypipe) {
$retval=fgets($mypipe, 1024);
......
<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2004 University of Utah and the Flux Group.
# Copyright (c) 2000-2004, 2006 University of Utah and the Flux Group.
# All rights reserved.
#
include("defs.php3");
......@@ -197,6 +197,9 @@ $errors = array();
#
TBUserInfo($target_uid, $user_name, $user_email);
#TBERROR("$target_uid, $user_name, $user_email, " .
# $formfields[passphrase1], 0);
#
# Must supply a reasonable passphrase.
#
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment