From 66d982fd16b5ca7a2452ae8c6ed2df7a4852215a Mon Sep 17 00:00:00 2001
From: Franco Fichtner <franco@opnsense.org>
Date: Thu, 16 Feb 2017 08:47:08 +0100
Subject: [PATCH] system: allow random password reset; closes #1351

---
 src/etc/inc/auth.inc                       |  8 +++++++-
 src/www/system_usermanager.php             | 18 +++++++++++++-----
 src/www/system_usermanager_import_ldap.php | 11 ++++-------
 src/www/system_usermanager_passwordmg.php  |  6 +++---
 4 files changed, 27 insertions(+), 16 deletions(-)

diff --git a/src/etc/inc/auth.inc b/src/etc/inc/auth.inc
index f102ce508..1159830f0 100644
--- a/src/etc/inc/auth.inc
+++ b/src/etc/inc/auth.inc
@@ -497,10 +497,16 @@ function local_user_del($user)
     local_group_del_user($user);
 }
 
-function local_user_set_password(&$user, $password)
+function local_user_set_password(&$user, $password = null)
 {
     $cost = 10;
 
+    if ($password == null) {
+        /* generate a random password */
+        $bytes = openssl_random_pseudo_bytes(50);
+        $password = pack('H*',bin2hex($bytes));
+    }
+
     $hash = password_hash($password, PASSWORD_BCRYPT, [ 'cost' => $cost ]);
     if ($hash !== false) {
         /*
diff --git a/src/www/system_usermanager.php b/src/www/system_usermanager.php
index 10a249746..5433c8834 100644
--- a/src/www/system_usermanager.php
+++ b/src/www/system_usermanager.php
@@ -232,8 +232,13 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
             $input_errors[] = gettext("The username is longer than 16 characters.");
         }
 
-        if (($pconfig['passwordfld1']) && ($pconfig['passwordfld1'] != $pconfig['passwordfld2'])) {
-            $input_errors[] = gettext("The passwords do not match.");
+        if (!empty($pconfig['passwordfld1'])) {
+            if ($pconfig['passwordfld1'] != $pconfig['passwordfld2']) {
+                $input_errors[] = gettext('The passwords do not match.');
+            }
+            if (!empty($pconfig['gen_new_password'])) {
+                $input_errors[] = gettext('Cannot set random password due to explicit input.');
+            }
         }
 
         if (!empty($pconfig['disabled']) && $_SESSION['Username'] === $a_user[$id]['name']) {
@@ -305,6 +310,8 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
             /* the user password was modified */
             if (!empty($pconfig['passwordfld1'])) {
                 local_user_set_password($userent, $pconfig['passwordfld1']);
+            } elseif (!empty($pconfig['gen_new_password'])) {
+                local_user_set_password($userent);
             }
 
             isset($pconfig['scope']) ? $userent['scope'] = $pconfig['scope'] : $userent['scope'] = "system";
@@ -572,8 +579,9 @@ $( document ).ready(function() {
                     <td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Password");?></td>
                     <td>
                       <input name="passwordfld1" type="password" class="formfld pwd" id="passwordfld1" size="20" value="" /><br/>
-                      <input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" value="" />&nbsp;
-                      <small><?= gettext("(confirmation)"); ?></small>
+                      <input name="passwordfld2" type="password" class="formfld pwd" id="passwordfld2" size="20" value="" />
+                      <small><?= gettext("(confirmation)"); ?></small><br/><br/>
+                      <input type="checkbox" name="gen_new_password"/>&nbsp;<small><?=gettext('Generate new random password') ?></small>
                     </td>
                   </tr>
                   <tr>
@@ -822,7 +830,7 @@ $( document ).ready(function() {
                     <td><a id="help_for_otp_seed" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a>  <?=gettext("OTP seed");?></td>
                     <td>
                       <input name="otp_seed" type="text" value="<?=$pconfig['otp_seed'];?>"/>
-                      <input type="checkbox" name="gen_otp_seed"/>&nbsp;<small><?=gettext("generate new (160bit) secret");?></small>
+                      <input type="checkbox" name="gen_otp_seed"/>&nbsp;<small><?= gettext('Generate new secret (160 bit)') ?></small>
                       <div class="hidden" for="help_for_otp_seed">
                         <?=gettext("OTP (base32) seed to use when a one time password authenticator is used");?><br/>
 <?php
diff --git a/src/www/system_usermanager_import_ldap.php b/src/www/system_usermanager_import_ldap.php
index 158b7f616..9ea0c86bb 100644
--- a/src/www/system_usermanager_import_ldap.php
+++ b/src/www/system_usermanager_import_ldap.php
@@ -30,13 +30,10 @@
 require_once("guiconfig.inc");
 require_once("auth.inc");
 
-function add_local_user($username, $userdn, $userfullname) {
+function add_local_user($username, $userdn, $userfullname)
+{
     global $config;
 
-    // generate new random user_password
-    $bytes = openssl_random_pseudo_bytes(50);
-    $user_password = pack('H*',bin2hex($bytes));
-
     foreach ($config['system']['user'] as &$user) {
         if ($user['name'] == $username && $user['name'] != 'root') {
           // link local user to remote server by updating user_dn
@@ -44,7 +41,7 @@ function add_local_user($username, $userdn, $userfullname) {
           // trash user password when linking to ldap, avoid accidental login
           // using fall-back local password. User could still reset it's
           // local password, but only by choice.
-          local_user_set_password($user, $user_password);
+          local_user_set_password($user);
           local_user_set($user);
           return;
         }
@@ -55,7 +52,7 @@ function add_local_user($username, $userdn, $userfullname) {
     $new_user['name'] = $username;
     $new_user['user_dn'] = $userdn;
     $new_user['descr'] = $userfullname;
-    local_user_set_password($new_user, $user_password);
+    local_user_set_password($new_user);
     $new_user['uid'] = $config['system']['nextuid']++;
     $config['system']['user'][] = $new_user;
     local_user_set($new_user);
diff --git a/src/www/system_usermanager_passwordmg.php b/src/www/system_usermanager_passwordmg.php
index b5aa5bd2d..c23e45181 100644
--- a/src/www/system_usermanager_passwordmg.php
+++ b/src/www/system_usermanager_passwordmg.php
@@ -35,8 +35,8 @@ if (isset($_POST['save'])) {
     $input_errors = array();
     /* input validation */
 
-    $reqdfields = explode(" ", "passwordfld0 passwordfld1 passwordfld2");
-    $reqdfieldsn = array(gettext("Password"));
+    $reqdfields = explode(' ', 'passwordfld0 passwordfld1');
+    $reqdfieldsn = array(gettext('Old password'), gettext('New password'));
     do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
 
     if ($_POST['passwordfld1'] != $_POST['passwordfld2'] ||
@@ -49,6 +49,7 @@ if (isset($_POST['save'])) {
     foreach ($config['system']['user'] as $user) {
         if ($user['name'] == $username) {
             $userFound = true;
+            break;
         }
     }
 
@@ -57,7 +58,6 @@ if (isset($_POST['save'])) {
     }
 
     if (count($input_errors) == 0) {
-        // all values are okay --> saving changes
         local_user_set_password($config['system']['user'][$userindex[$username]], $_POST['passwordfld1']);
         local_user_set($config['system']['user'][$userindex[$username]]);