- Don't pass password to useradd and use chpasswd with proc_open instead, fixes #5416

Marius Burkard · Marius Burkard · commit 9d5bde2cf445 · 2019-10-04T10:32:48.000+02:00
diff --git a/server/lib/classes/system.inc.php b/server/lib/classes/system.inc.php
@@ -2191,4 +2191,31 @@ public function create_jailkit_chroot($home_dir, $app_sections = array()) {
 		return true;
 	}
 	
+	
+	public function pipe_exec($cmd, $stdin, &$retval = null, &$stderr = null) {
+		$descriptors = array(
+			0 => array('pipe', 'r'),
+			1 => array('pipe', 'w'),
+			2 => array('pipe', 'w')
+		);
+		
+		$result = '';
+		$pipes = null;
+		$proc = proc_open($cmd, $descriptors, $pipes);
+		if(is_resource($proc)) {
+			fwrite($pipes[0], $stdin);
+			fclose($pipes[0]);
+			
+			$result = stream_get_contents($pipes[1]);
+			$stderr = stream_get_contents($pipes[2]);
+			fclose($pipes[1]);
+			fclose($pipes[2]);
+			
+			$retval = proc_close($proc);
+			
+			return $result;
+		} else {
+			return false;
+		}
+	}
 }
diff --git a/server/plugins-available/shelluser_base_plugin.inc.php b/server/plugins-available/shelluser_base_plugin.inc.php
@@ -129,12 +129,20 @@ function insert($event_name, $data) {
 					$app->system->chgrp($homedir,$data['new']['pgroup'],false);
 				}
 				$command = 'useradd -d ? -g ? -o'; // non unique
-				if($data['new']['password'] != '') $command .= ' -p ' . escapeshellarg($data['new']['password']);
 				$command .= ' -s ? -u ? ?';
 				$app->system->exec_safe($command, $homedir, $data['new']['pgroup'], $data['new']['shell'], $uid, $data['new']['username']);
 				$app->log("Executed command: ".$command, LOGLEVEL_DEBUG);
 				$app->log("Added shelluser: ".$data['new']['username'], LOGLEVEL_DEBUG);
-				
+
+				if($data['new']['password'] != '') {
+					$retval = null;
+					$stderr = '';
+					$app->system->pipe_exec('chpasswd -e ' . escapeshellarg($data['new']['username']), $data['new']['username'] . ':' . $data['new']['password'], $retval, $stderr);
+					if($retval != 0) {
+						$app->log("Command chpasswd failed for user ".$data['new']['username'] . ' with code ' . $retval . ': ' . $stderr, LOGLEVEL_WARN);
+					}
+				}
+			
 				$app->system->chown($data['new']['dir'],$data['new']['username'],false);
 				$app->system->chgrp($data['new']['dir'],$data['new']['pgroup'],false);
 				
