From ee296f36c199bcf26b3d944fb3a4cc7b04fe8cc4 Mon Sep 17 00:00:00 2001
From: Patrick O'Brien <patrick@patrickmobrien.com>
Date: Thu, 23 Mar 2017 18:47:30 -0400
Subject: [PATCH 1/3] mask password input on command line

---
 advanced/Scripts/webpage.sh        | 14 ++++++++------
 automated install/basic-install.sh |  2 +-
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 9637cc6f..55ae3d96 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -81,19 +81,21 @@ SetWebPassword(){
 		exit 1
 	fi
 
-	# Set password only if there is one to be set
-	if (( ${#args[2]} > 0 )) ; then
+	read -s -p "Enter New Password: " PASSWORD
+	echo ""
+	read -s -p "Confirm Password: " CONFIRM
+	echo ""
+	if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
 		# Compute password hash twice to avoid rainbow table vulnerability
-		hash=$(echo -n ${args[2]} | sha256sum | sed 's/\s.*$//')
+		hash=$(echo -n ${PASSWORD} | sha256sum | sed 's/\s.*$//')
 		hash=$(echo -n ${hash} | sha256sum | sed 's/\s.*$//')
 		# Save hash to file
 		change_setting "WEBPASSWORD" "${hash}"
 		echo "New password set"
 	else
-		change_setting "WEBPASSWORD" ""
-		echo "Password removed"
+		echo "Passwords don't match. Your password has not been changed"
+		exit 1
 	fi
-
 }
 
 ProcessDNSSettings() {
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index b1ee90d6..bf083adb 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1460,7 +1460,7 @@ main() {
       echo ":::                                ${pw}"
       echo ":::"
       echo "::: You can always change it using"
-      echo ":::                                pihole -a -p new_password"
+      echo ":::                                pihole -a -p"
     fi
   fi
 

From a463250ecf3658fa2b1084261ef7979faf76bdba Mon Sep 17 00:00:00 2001
From: Patrick O'Brien <patrick@patrickmobrien.com>
Date: Mon, 27 Mar 2017 13:37:19 -0400
Subject: [PATCH 2/3] don't hash an empty password

---
 .gitignore                  | 2 ++
 advanced/Scripts/webpage.sh | 9 ++++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 91014dcd..e7ebe0b6 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,3 +4,5 @@
 __pycache__
 .cache
 .pullapprove.yml
+Vagrantfile
+.vagrant/
diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 55ae3d96..c6717cf1 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -81,8 +81,15 @@ SetWebPassword(){
 		exit 1
 	fi
 
-	read -s -p "Enter New Password: " PASSWORD
+	read -s -p "Enter New Password (Blank for no password): " PASSWORD
 	echo ""
+
+	if [ "${PASSWORD}" == "" ]; then
+		change_setting "WEBPASSWORD" ""
+		echo "Password Removed"
+		exit 0
+	fi
+
 	read -s -p "Confirm Password: " CONFIRM
 	echo ""
 	if [ "${PASSWORD}" == "${CONFIRM}" ] ; then

From 263eb856d549cdb2d108c336736c812c6ad0515d Mon Sep 17 00:00:00 2001
From: Patrick O'Brien <patrick@patrickmobrien.com>
Date: Mon, 3 Apr 2017 15:15:44 -0400
Subject: [PATCH 3/3] remove vagrant from gitignore

---
 .gitignore | 2 --
 1 file changed, 2 deletions(-)

diff --git a/.gitignore b/.gitignore
index e7ebe0b6..91014dcd 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,5 +4,3 @@
 __pycache__
 .cache
 .pullapprove.yml
-Vagrantfile
-.vagrant/