reject passwords with single or double quotes or backslashes

2025-12-07 01:32:47 +01:00 · 2020-09-28 11:51:19 -04:00
parent 3ba8f47d9c
commit 85e53c53af
5 changed files with 28 additions and 1 deletions
--- a/setup/so-functions
+++ b/setup/so-functions
@@ -371,7 +371,11 @@ collect_webuser_inputs() {

 	WPMATCH=no
 	while [[ $WPMATCH != yes ]]; do
-		whiptail_create_web_user_password1
+	    whiptail_create_web_user_password1
+	    while ! check_password "$WEBPASSWD1"; do
+			whiptail_invalid_pass_characters_warning
+			whiptail_create_web_user_password1
+		done
 		if echo "$WEBPASSWD1" | so-user valpass >> "$setup_log" 2>&1; then
 			whiptail_create_web_user_password2
 			check_web_pass