luci-app-acl: remove support for plaintext login passwords
authorJo-Philipp Wich <jo@mein.io>
Tue, 13 Jul 2021 18:45:29 +0000 (20:45 +0200)
committerJo-Philipp Wich <jo@mein.io>
Tue, 13 Jul 2021 18:46:57 +0000 (20:46 +0200)
Upon reviewing the rpcd session support code, it turns out that account
definitions with plaintext password values are not supported, the password
value is treated as crypt() hash/salt in any case.

Ref: https://github.com/openwrt/luci/issues/5179
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
applications/luci-app-acl/htdocs/luci-static/resources/view/system/acl.js

index 7f86a298c130f434be0d539c4b552edbdc88612b..50e6075fbb835020e56fa5b96220b762219280aa 100644 (file)
@@ -219,16 +219,13 @@ return view.extend({
                o.modalonly = true;
                o.value('shadow', _('Use UNIX password in /etc/shadow'));
                o.value('crypted', _('Use encrypted password hash'));
-               o.value('plain', _('Use plain password'));
                o.cfgvalue = function(section_id) {
                        var value = uci.get('rpcd', section_id, 'password') || '';
 
                        if (value.substring(0, 3) == '$p$')
                                return 'shadow';
-                       else if (value.substring(0, 3) == '$1$' || value == null)
-                               return 'crypted';
                        else
-                               return 'plain';
+                               return 'crypted';
                };
                o.write = function() {};
 
@@ -249,7 +246,6 @@ return view.extend({
                o.password = true;
                o.rmempty = false;
                o.depends('_variant', 'crypted');
-               o.depends('_variant', 'plain');
                o.cfgvalue = function(section_id) {
                        var value = uci.get('rpcd', section_id, 'password') || '';
                        return (value.substring(0, 3) == '$p$') ? '' : value;