From 1dad066225d34fa131ce1fedbea119a53187abb8 Mon Sep 17 00:00:00 2001
From: Andrew Reynolds <andrew@opentechinstitute.org>
Date: Fri, 21 Feb 2014 16:47:46 -0500
Subject: [PATCH 1/3] Updating admin.lua patch to honor password validation
 across maps

---
 .../commotion/patches/admin.oldpasswd.patch   | 65 +++++++++++--------
 1 file changed, 38 insertions(+), 27 deletions(-)

diff --git a/files/usr/share/commotion/patches/admin.oldpasswd.patch b/files/usr/share/commotion/patches/admin.oldpasswd.patch
index ea8867d..d7af35c 100644
--- a/files/usr/share/commotion/patches/admin.oldpasswd.patch
+++ b/files/usr/share/commotion/patches/admin.oldpasswd.patch
@@ -1,10 +1,10 @@
-diff --git a/admin.lua b/admin.lua
-index 61f0141..0d0827f 100644
---- a/admin.lua
-+++ b/admin.lua
-@@ -15,13 +15,33 @@ $Id: admin.lua 8153 2012-01-06 16:42:02Z jow $
+--- admin.lua	2014-02-21 16:33:40.760712034 -0500
++++ admin.new.lua	2014-02-21 16:38:31.456701514 -0500
+@@ -14,14 +14,35 @@
+ ]]--
  
  local fs = require "nixio.fs"
++local formvalue = require "luci.http".formvalue
  
 -m = Map("system", translate("Router Password"),
 -	translate("Changes the administrator password for accessing the device"))
@@ -40,26 +40,20 @@ index 61f0141..0d0827f 100644
  pw1 = s:option(Value, "pw1", translate("Password"))
  pw1.password = true
  
-@@ -32,24 +52,36 @@ function s.cfgsections()
+@@ -32,23 +53,38 @@
  	return { "_pass" }
  end
  
-+function m.on_before_commit(map)
-+	-- if existing password, make sure user has old password
-+	if s0 then
-+		v0 = luci.sys.user.checkpasswd("root", pw0:formvalue("_pass0"))
-+	end
-+
-+	if v0 == false then
-+		m.message = translate("Incorrect password. Changes rejected!")
-+		m.save=v0	
-+		m2.save=v0	
-+	end
-+end
-+
- function m.on_commit(map)
- 	local v1 = pw1:formvalue("_pass")
- 	local v2 = pw2:formvalue("_pass")
+-function m.on_commit(map)
+-	local v1 = pw1:formvalue("_pass")
+-	local v2 = pw2:formvalue("_pass")
++function m.on_save(map)
++	-- Distinguish between page load and form submission
++	if next(formvalue()) then
++		-- if existing password, make sure user has old password
++		if s0 then
++			v0 = luci.sys.user.checkpasswd("root", pw0:formvalue("_pass0"))
++		end
  
 -	if v1 and v2 and #v1 > 0 and #v2 > 0 then
 -		if v1 == v2 then
@@ -70,8 +64,18 @@ index 61f0141..0d0827f 100644
 -			end
 -		else
 -			m.message = translate("Given password confirmation did not match, password not changed!")
--		end
--	end
++		if v0 == false then
++			m.message = translate("Incorrect password. Changes rejected!")
++			m.save=v0	
++			m2.save=v0	
+ 		end
+ 	end
+ end
+ 
++function m.on_commit(map)
++	local v1 = pw1:formvalue("_pass")
++	local v2 = pw2:formvalue("_pass")
++
 +        if v0 == true and v1 and v2 and #v1 > 0 and #v2 > 0 then
 +                if v1 == v2 then
 +                        if luci.sys.user.setpasswd(luci.dispatcher.context.authuser, v1) == 0 then
@@ -83,9 +87,16 @@ index 61f0141..0d0827f 100644
 +                        m.message = translate("Given password confirmation did not match, password not changed!")
 +                end
 +        end
- end
++end
  
--
  if fs.access("/etc/config/dropbear") then
  
- m2 = Map("dropbear", translate("SSH Access"),
+@@ -120,7 +156,7 @@
+ end
+ 
+ function keys.write(self, section, value)
+-	if value then
++	if value and m2.save == true then
+ 		fs.writefile("/etc/dropbear/authorized_keys", value:gsub("\r\n", "\n"))
+ 	end
+ end

From fa8425af38e913971cc3014d5c366c6d33563c9a Mon Sep 17 00:00:00 2001
From: Andrew Reynolds <andrew@opentechinstitute.org>
Date: Mon, 24 Feb 2014 09:12:37 -0500
Subject: [PATCH 2/3] Updated patch -p flag for admin.oldpasswd.patch

---
 files/etc/uci-defaults/luci-mod-commotion | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/files/etc/uci-defaults/luci-mod-commotion b/files/etc/uci-defaults/luci-mod-commotion
index 2739a7c..c78daed 100755
--- a/files/etc/uci-defaults/luci-mod-commotion
+++ b/files/etc/uci-defaults/luci-mod-commotion
@@ -14,7 +14,7 @@ cp -f /usr/share/commotion/files/olsr-viz.sh /www/cgi-bin/olsr-viz.sh
 
 [ -f "/usr/bin/patch" ] && { \
   cd /usr/lib/lua/luci/controller/admin/
-  patch -p1 < /usr/share/commotion/patches/system.oldpasswd.patch
+  patch -p0 < /usr/share/commotion/patches/system.oldpasswd.patch
 
   cd /usr/lib/lua/luci/model/cbi/admin_system/
   patch -p1 < /usr/share/commotion/patches/admin.oldpasswd.patch

From dcbb185d4ae0ea3f6a34ee14c6b0e4cd840753af Mon Sep 17 00:00:00 2001
From: Andrew Reynolds <andrew@opentechinstitute.org>
Date: Mon, 24 Feb 2014 09:36:03 -0500
Subject: [PATCH 3/3] Re-implementing admin password patch

---
 files/etc/uci-defaults/luci-mod-commotion     |  2 +-
 .../commotion/patches/admin.oldpasswd.patch   | 22 ++++++++++---------
 2 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/files/etc/uci-defaults/luci-mod-commotion b/files/etc/uci-defaults/luci-mod-commotion
index c78daed..2739a7c 100755
--- a/files/etc/uci-defaults/luci-mod-commotion
+++ b/files/etc/uci-defaults/luci-mod-commotion
@@ -14,7 +14,7 @@ cp -f /usr/share/commotion/files/olsr-viz.sh /www/cgi-bin/olsr-viz.sh
 
 [ -f "/usr/bin/patch" ] && { \
   cd /usr/lib/lua/luci/controller/admin/
-  patch -p0 < /usr/share/commotion/patches/system.oldpasswd.patch
+  patch -p1 < /usr/share/commotion/patches/system.oldpasswd.patch
 
   cd /usr/lib/lua/luci/model/cbi/admin_system/
   patch -p1 < /usr/share/commotion/patches/admin.oldpasswd.patch
diff --git a/files/usr/share/commotion/patches/admin.oldpasswd.patch b/files/usr/share/commotion/patches/admin.oldpasswd.patch
index d7af35c..5a32284 100644
--- a/files/usr/share/commotion/patches/admin.oldpasswd.patch
+++ b/files/usr/share/commotion/patches/admin.oldpasswd.patch
@@ -1,13 +1,13 @@
---- admin.lua	2014-02-21 16:33:40.760712034 -0500
-+++ admin.new.lua	2014-02-21 16:38:31.456701514 -0500
-@@ -14,14 +14,35 @@
+diff --git a/admin.lua b/admin.lua
+index 61f0141..28f4b78 100644
+--- a/admin.lua
++++ b/admin.lua
+@@ -14,14 +14,35 @@ $Id: admin.lua 8153 2012-01-06 16:42:02Z jow $
  ]]--
  
  local fs = require "nixio.fs"
 +local formvalue = require "luci.http".formvalue
- 
--m = Map("system", translate("Router Password"),
--	translate("Changes the administrator password for accessing the device"))
++
 +m = Map("system", translate("System Access"),
 +	translate("System functions related to system access"))
 +local v0 = true -- track password success across maps
@@ -30,9 +30,11 @@
 +	end
 +end
  
--s = m:section(TypedSection, "_dummy", "")
+-m = Map("system", translate("Router Password"),
 +s = m:section(TypedSection, "_dummy", translate("Router Password"),
-+	translate("Changes the administrator password for accessing the device"))
+ 	translate("Changes the administrator password for accessing the device"))
+-
+-s = m:section(TypedSection, "_dummy", "")
  s.addremove = false
  s.anonymous = true
 -
@@ -40,7 +42,7 @@
  pw1 = s:option(Value, "pw1", translate("Password"))
  pw1.password = true
  
-@@ -32,23 +53,38 @@
+@@ -32,23 +53,38 @@ function s.cfgsections()
  	return { "_pass" }
  end
  
@@ -91,7 +93,7 @@
  
  if fs.access("/etc/config/dropbear") then
  
-@@ -120,7 +156,7 @@
+@@ -120,7 +156,7 @@ function keys.cfgvalue()
  end
  
  function keys.write(self, section, value)