This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".
The branch, master has been updated via 1d32c50e0306b7b9d304bd0037a99252f9e6eb9a (commit) from 92a5ad86e7012d1c1c2e7a3446c63c78e3d7abef (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 1d32c50e0306b7b9d304bd0037a99252f9e6eb9a Author: Stefan Schantl stefan.schantl@ipfire.org Date: Tue Jul 6 18:08:29 2021 +0200
ddns.cgi: Fix sanity check logic.
The input validation did not work in the proper way. It allways reported "No password" when using a provider which supports token and the token has been given.
This of course is wrong and leaded to unuseable providers.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org Signed-off-by: Michael Tremer michael.tremer@ipfire.org
-----------------------------------------------------------------------
Summary of changes: html/cgi-bin/ddns.cgi | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-)
Difference in files: diff --git a/html/cgi-bin/ddns.cgi b/html/cgi-bin/ddns.cgi index e30aa3d4f..0e3ccbe45 100644 --- a/html/cgi-bin/ddns.cgi +++ b/html/cgi-bin/ddns.cgi @@ -171,20 +171,28 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang:: $errormessage = $Lang::tr{'invalid domain name'}; }
- # Check if a username has been sent. - if ($settings{'LOGIN'} eq '') { - $errormessage = $Lang::tr{'username not set'}; - } + # Check if the choosen provider supports token based authentication. + if ($settings{'SERVICE'} ~~ @token_provider) { + # Check if a token has been given. + unless ($settings{'TOKEN'}) { + $errormessage = $Lang::tr{'token not set'}; + }
- # Check if a password has been typed in. - # freedns.afraid.org does not require this field. - if (($settings{'PASSWORD'} eq '') && ($settings{'SERVICE'} ne 'freedns.afraid.org') && ($settings{'SERVICE'} ne 'regfish.com')) { - $errormessage = $Lang::tr{'password not set'}; - } + # Automatically set the username to token. + $settings{'LOGIN'} = "token";
- # Check if a token has been given for provider which support tokens. - if (($settings{'SERVICE'} ~~ @token_provider) && ($settings{'TOKEN'} eq '')) { - $errormessage = $Lang::tr{'token not set'}; + # A provider without token support has been choosen. + } else { + # Check if a username has been sent. + if ($settings{'LOGIN'} eq '') { + $errormessage = $Lang::tr{'username not set'}; + } + + # Check if a password has been typed in. + # freedns.afraid.org does not require this field. + if (($settings{'PASSWORD'} eq '') && ($settings{'SERVICE'} ne 'freedns.afraid.org') && ($settings{'SERVICE'} ne 'regfish.com')) { + $errormessage = $Lang::tr{'password not set'}; + } }
# Go furter if there was no error.
hooks/post-receive -- IPFire 2.x development tree