Martchus
/
syncthing
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

cmd/syncthing: Accept pre-hashed password in config POST (fixes #4458) 

It must be a bcrypt hash.

GitHub-Pull-Request: https://github.com/syncthing/syncthing/pull/4466
This commit is contained in:
Jakob Borg 2017-11-06 14:22:10 +00:00
parent 62a4106a79
commit 941c9f1531
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cmd/syncthing/gui.go
View File

@ -16,6 +16,7 @@ import (
"os" "os"
"path/filepath" "path/filepath"
"reflect" "reflect"
"regexp"
"runtime" "runtime"
"runtime/pprof" "runtime/pprof"
"sort" "sort"
@ -43,6 +44,9 @@ import (
var ( var (
startTime = time.Now() startTime = time.Now()
// matches a bcrypt hash and not too much else
bcryptExpr = regexp.MustCompile(`^\$2[aby]\$\d+\$.{50,}`)
) )
const ( const (
@ -790,7 +794,7 @@ func (s *apiService) postSystemConfig(w http.ResponseWriter, r *http.Request) {
} }
if to.GUI.Password != s.cfg.GUI().Password { if to.GUI.Password != s.cfg.GUI().Password {
if to.GUI.Password != "" { if to.GUI.Password != "" && !bcryptExpr.MatchString(to.GUI.Password) {
hash, err := bcrypt.GenerateFromPassword([]byte(to.GUI.Password), 0) hash, err := bcrypt.GenerateFromPassword([]byte(to.GUI.Password), 0)
if err != nil { if err != nil {
l.Warnln("bcrypting password:", err) l.Warnln("bcrypting password:", err)