proxmox-mirrors/pve-access-control
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-access-control synced 2025-08-12 10:02:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

PVE/Auth/PVE.pm: encode uft8 password before calling crypt

Browse Source
This commit is contained in:
Dietmar Maurer 2017-05-02 10:37:20 +02:00
parent d146e52028
commit 3641833bc0
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
PVE/Auth/PVE.pm
View File

@ -2,6 +2,7 @@ package PVE::Auth::PVE;
use strict; use strict;
use warnings; use warnings;
use Encode;
use PVE::Tools; use PVE::Tools;
use PVE::Auth::Plugin; use PVE::Auth::Plugin;
@ -79,8 +80,9 @@ sub authenticate_user {
my $shadow_cfg = cfs_read_file($shadowconfigfile); my $shadow_cfg = cfs_read_file($shadowconfigfile);
if ($shadow_cfg->{users}->{$username}) { if ($shadow_cfg->{users}->{$username}) {
my $encpw = crypt($password, $shadow_cfg->{users}->{$username}->{shadow}); my $encpw = crypt(Encode::encode('utf8', $password),
die "invalid credentials\n" if ($encpw ne $shadow_cfg->{users}->{$username}->{shadow}); $shadow_cfg->{users}->{$username}->{shadow});
die "invalid credentials\n" if ($encpw ne $shadow_cfg->{users}->{$username}->{shadow});
} else { } else {
die "no password set\n"; die "no password set\n";
} }