From patchwork Tue Jul 6 16:08:29 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Schantl X-Patchwork-Id: 4489 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4GK6tX15rBz3xCV for ; Tue, 6 Jul 2021 16:08:52 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail02.haj.ipfire.org", Issuer "R3" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4GK6tS3KXzz1NJ; Tue, 6 Jul 2021 16:08:48 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4GK6tS1pDsz2xjs; Tue, 6 Jul 2021 16:08:48 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail01.haj.ipfire.org", Issuer "R3" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4GK6tR39WGz2xWS for ; Tue, 6 Jul 2021 16:08:47 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4GK6tK4lJNztr; Tue, 6 Jul 2021 16:08:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1625587722; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=zUXYPmXrcxZZG/na6UwqUJPm2YwM9fszm7giJsTS87A=; b=b5DmsnQ/YxVThX7oE5qc40DpYv13Y/jfC0dsbE6yVm227gVYcOozdc89ytHCpJh/XchkzK PCrYxOJqlS1zxGLq9oPn+SdqHx66GoHWCCpKrnrUYfb8DrChfIPoRL6ghpsRoJxtJZlEI1 U+N5I+lba3AK1+yXp4NFG0tKCuQ+Mv4IJUaoHK6Y2VStP3jtKDpo38TJOjQ0ZXqVAX/fpH OxG/MZ1XfF/cbJJ5KruPE2Kj8DMlopC/b7j2a/biFQy60KlCzHey2Uw3hCJKuXUXYwX1rs wm0zq8KNlv1K1m1x3lJzpkcgf8w77eh1Q1LuQgh/2cBrwzpwwu2ScMCntbsmDQ== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1625587722; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=zUXYPmXrcxZZG/na6UwqUJPm2YwM9fszm7giJsTS87A=; b=zqL08SGY+5rTaFp8fCc5CY0TFbM16jqSnFgSQiClmbcj9SC5OsWvQSdZIMU9KrrWRGELqz WKvOm4uyxIShTDDQ== From: Stefan Schantl To: development@lists.ipfire.org Subject: [PATCH] ddns.cgi: Fix sanity check logic. Date: Tue, 6 Jul 2021 18:08:29 +0200 Message-Id: <20210706160829.2548-1-stefan.schantl@ipfire.org> MIME-Version: 1.0 X-BeenThere: development@lists.ipfire.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: IPFire development talk List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: development-bounces@lists.ipfire.org Sender: "Development" The input validation did not work in the proper way. It allways reported "No password" when using a provider which supports token and the token has been given. This of course is wrong and leaded to unuseable providers. Signed-off-by: Stefan Schantl Tested-by: Bernhard Bitsch --- html/cgi-bin/ddns.cgi | 32 ++++++++++++++++++++------------ 1 file changed, 20 insertions(+), 12 deletions(-) diff --git a/html/cgi-bin/ddns.cgi b/html/cgi-bin/ddns.cgi index e30aa3d4f..0e3ccbe45 100644 --- a/html/cgi-bin/ddns.cgi +++ b/html/cgi-bin/ddns.cgi @@ -171,20 +171,28 @@ if (($settings{'ACTION'} eq $Lang::tr{'add'}) || ($settings{'ACTION'} eq $Lang:: $errormessage = $Lang::tr{'invalid domain name'}; } - # Check if a username has been sent. - if ($settings{'LOGIN'} eq '') { - $errormessage = $Lang::tr{'username not set'}; - } + # Check if the choosen provider supports token based authentication. + if ($settings{'SERVICE'} ~~ @token_provider) { + # Check if a token has been given. + unless ($settings{'TOKEN'}) { + $errormessage = $Lang::tr{'token not set'}; + } - # Check if a password has been typed in. - # freedns.afraid.org does not require this field. - if (($settings{'PASSWORD'} eq '') && ($settings{'SERVICE'} ne 'freedns.afraid.org') && ($settings{'SERVICE'} ne 'regfish.com')) { - $errormessage = $Lang::tr{'password not set'}; - } + # Automatically set the username to token. + $settings{'LOGIN'} = "token"; - # Check if a token has been given for provider which support tokens. - if (($settings{'SERVICE'} ~~ @token_provider) && ($settings{'TOKEN'} eq '')) { - $errormessage = $Lang::tr{'token not set'}; + # A provider without token support has been choosen. + } else { + # Check if a username has been sent. + if ($settings{'LOGIN'} eq '') { + $errormessage = $Lang::tr{'username not set'}; + } + + # Check if a password has been typed in. + # freedns.afraid.org does not require this field. + if (($settings{'PASSWORD'} eq '') && ($settings{'SERVICE'} ne 'freedns.afraid.org') && ($settings{'SERVICE'} ne 'regfish.com')) { + $errormessage = $Lang::tr{'password not set'}; + } } # Go furter if there was no error.