bayrepo/hestiacp
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added sha-512 authorization fix

Browse Source
This commit is contained in:
Alexey Berezhok
2025-01-07 15:27:17 +03:00
parent 4c51952ee3
commit 95a0e87271
3 changed files with 21 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
bin/v-get-user-salt
View File

@@ -36,7 +36,8 @@ json_list() {
"METHOD": "'$method'", "METHOD": "'$method'",
"SALT": "'$salt'", "SALT": "'$salt'",
"TIME": "'$time'", "TIME": "'$time'",
"DATE": "'$date'" "DATE": "'$date'",
"ROUND":"'$round'"
}' }'
echo '}' echo '}'
} }
@@ -45,17 +46,18 @@ json_list() {
shell_list() { shell_list() {
echo "METHOD: $method" echo "METHOD: $method"
echo "SALT: $salt" echo "SALT: $salt"
echo "ROUND: $round"
} }
# PLAIN list function # PLAIN list function
plain_list() { plain_list() {
echo -e "$method\t$salt" echo -e "$method\t$salt\t$round"
} }
# CSV list function # CSV list function
csv_list() { csv_list() {
echo "METHOD,SALT" echo "METHOD,SALT,ROUND"
echo "$method, $salt" echo "$method, $salt, $round"
} }
#----------------------------------------------------------# #----------------------------------------------------------#
@@ -81,6 +83,11 @@ shadow=$(grep "^$user:" /etc/shadow | cut -f 2 -d :)
if echo "$shadow" | grep -qE '^\$[0-9a-z]+\$[^\$]+\$'; then if echo "$shadow" | grep -qE '^\$[0-9a-z]+\$[^\$]+\$'; then
salt=$(echo "$shadow" | cut -f 3 -d \$) salt=$(echo "$shadow" | cut -f 3 -d \$)
round=""
if [[ "$salt" =~ ^rounds= ]]; then
round=$salt
salt=$(echo "$shadow" | cut -f 4 -d \$)
fi
method=$(echo "$shadow" | cut -f 2 -d \$) method=$(echo "$shadow" | cut -f 2 -d \$)
if [ "$method" = "y" ]; then if [ "$method" = "y" ]; then
method='yescrypt' method='yescrypt'

5
src/rpm/hestia/hestia.spec
View File

@@ -2,7 +2,7 @@
%global _hardened_build 1 %global _hardened_build 1
Name: hestia Name: hestia
Version: 1.9.2 Version: 1.9.3
Release: 1%{dist} Release: 1%{dist}
Summary: Hestia Control Panel Summary: Hestia Control Panel
Group: System Environment/Base Group: System Environment/Base
@@ -184,8 +184,9 @@ fi
%{_tmpfilesdir}/%{name}.conf %{_tmpfilesdir}/%{name}.conf
%changelog %changelog
* Sun Jan 05 2025 Alexey Berezhok <a@bayrepo.ru> - 1.9.2-1 * Sun Jan 05 2025 Alexey Berezhok <a@bayrepo.ru> - 1.9.3-1
- Added minor fixes - Added minor fixes
- Added authorization fix for rhel 9.5
* Mon Dec 30 2024 Alexey Berezhok <a@bayrepo.ru> - 1.9.1-1 * Mon Dec 30 2024 Alexey Berezhok <a@bayrepo.ru> - 1.9.1-1
- Added port specification ofor local services on domain editing - Added port specification ofor local services on domain editing

9
web/login/index.php
View File

@@ -145,13 +145,18 @@ function authenticate_user($user, $password, $twofa = "") {
} else { } else {
$salt = $pam[$user]["SALT"]; $salt = $pam[$user]["SALT"];
$method = $pam[$user]["METHOD"]; $method = $pam[$user]["METHOD"];
$round = $pam[$user]["ROUND"];
if ($method == "md5") { if ($method == "md5") {
$hash = crypt($password, '$1$' . $salt . '$'); $hash = crypt($password, '$1$' . $salt . '$');
} }
if ($method == "sha-512") { if ($method == "sha-512") {
$hash = crypt($password, '$6$rounds=5000$' . $salt . '$'); if ($round == "") {
$hash = str_replace('$rounds=5000', "", $hash); $hash = crypt($password, '$6$rounds=5000$' . $salt . '$');
$hash = str_replace('$rounds=5000', "", $hash);
} else {
$hash = crypt($password, '$6$' . $round . '$' . $salt . '$');
}
} }
if ($method == "yescrypt") { if ($method == "yescrypt") {
$fp = tmpfile(); $fp = tmpfile();