diff options
| author | John Southworth <john.southworth@vyatta.com> | 2012-09-25 10:16:57 -0700 |
|---|---|---|
| committer | John Southworth <john.southworth@vyatta.com> | 2012-09-25 10:16:57 -0700 |
| commit | ed7cdece4009646b7f2d67030c439108c3692485 (patch) | |
| tree | 8274096d8283f885ff2373976d7af97f9b557523 /scripts/vyatta-first-login-passwd.sh | |
| parent | 0aabbfdb8bf8b51eb774f385f1ec8da0c599a2b4 (diff) | |
| parent | 647f7b50a80925bed700525aebd225ad59319cf4 (diff) | |
| download | vyatta-cfg-system-ed7cdece4009646b7f2d67030c439108c3692485.tar.gz vyatta-cfg-system-ed7cdece4009646b7f2d67030c439108c3692485.zip | |
Bugfix 8290: Detect original unsalted password
Diffstat (limited to 'scripts/vyatta-first-login-passwd.sh')
| -rwxr-xr-x | scripts/vyatta-first-login-passwd.sh | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/scripts/vyatta-first-login-passwd.sh b/scripts/vyatta-first-login-passwd.sh index 467eff4b..bb37fcc8 100755 --- a/scripts/vyatta-first-login-passwd.sh +++ b/scripts/vyatta-first-login-passwd.sh @@ -91,6 +91,7 @@ change_password() { save } +dpwd='"*"' for user in $($API listEffectiveNodes system login user); do user=${user//\'/} epwd=$(show system login user $user authentication encrypted-password) @@ -100,13 +101,15 @@ for user in $($API listEffectiveNodes system login user); do change_password $user continue fi - salt=$(awk 'BEGIN{ FS="$" }; { print $3 }' <<<$epwd) - if [[ $salt == '' ]];then - continue - fi - vyatta_epwd=$(mkpasswd -H md5 -S $salt vyatta) - if [[ $epwd == $vyatta_epwd ]]; then - change_password $user + if [[ $epwd != $dpwd ]]; then + salt=$(awk 'BEGIN{ FS="$" }; { print $3 }' <<<$epwd) + if [[ $salt == '' ]];then + continue + fi + vyatta_epwd=$(mkpasswd -H md5 -S $salt vyatta) + if [[ $epwd == $vyatta_epwd ]]; then + change_password $user + fi fi done eval $(exit_configure) |