Github
/
FTL
mirror of
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Write-only property webserver.api.password should reset all sessions when being used 

Signed-off-by: DL6ER <dl6er@dl6er.de>
This commit is contained in:
DL6ER 2023-05-28 08:21:37 +02:00
parent fe3ed0bb74
commit 13e3421d4a
No known key found for this signature in database
GPG Key ID: 00135ACBD90B28DD
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/config/cli.c
View File

@ -383,7 +383,10 @@ int set_config_from_CLI(const char *key, const char *value)
return 2;
// Check if value changed compared to current value
if(!compare_config_item(conf_item->t, &new_item->v, &conf_item->v))
// Also check if this is the password config item change as this
// actually changed pwhash behind the scenes
if(!compare_config_item(conf_item->t, &new_item->v, &conf_item->v) ||
new_item == &newconf.webserver.api.password)
{
// Config item changed

2
src/config/config.c
View File

@ -898,7 +898,7 @@ void initConfig(struct config *conf)
conf->webserver.api.password.h = "Pi-hole web interface and API password. When set to something different than \""PASSWORD_VALUE"\", this property will compute the corresponding password hash to set webserver.api.pwhash";
conf->webserver.api.password.a = cJSON_CreateStringReference("<valid Pi-hole password>");
conf->webserver.api.password.t = CONF_PASSWORD;
conf->webserver.api.password.f = FLAG_PSEUDO_ITEM;
conf->webserver.api.password.f = FLAG_PSEUDO_ITEM | FLAG_INVALIDATE_SESSIONS;
conf->webserver.api.password.d.s = (char*)"";
conf->webserver.api.totp_secret.k = "webserver.api.totp_secret";