From ee296f36c199bcf26b3d944fb3a4cc7b04fe8cc4 Mon Sep 17 00:00:00 2001
From: Patrick O'Brien <patrick@patrickmobrien.com>
Date: Thu, 23 Mar 2017 18:47:30 -0400
Subject: [PATCH] mask password input on command line

---
 advanced/Scripts/webpage.sh        | 14 ++++++++------
 automated install/basic-install.sh |  2 +-
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/advanced/Scripts/webpage.sh b/advanced/Scripts/webpage.sh
index 9637cc6f..55ae3d96 100755
--- a/advanced/Scripts/webpage.sh
+++ b/advanced/Scripts/webpage.sh
@@ -81,19 +81,21 @@ SetWebPassword(){
 		exit 1
 	fi
 
-	# Set password only if there is one to be set
-	if (( ${#args[2]} > 0 )) ; then
+	read -s -p "Enter New Password: " PASSWORD
+	echo ""
+	read -s -p "Confirm Password: " CONFIRM
+	echo ""
+	if [ "${PASSWORD}" == "${CONFIRM}" ] ; then
 		# Compute password hash twice to avoid rainbow table vulnerability
-		hash=$(echo -n ${args[2]} | sha256sum | sed 's/\s.*$//')
+		hash=$(echo -n ${PASSWORD} | sha256sum | sed 's/\s.*$//')
 		hash=$(echo -n ${hash} | sha256sum | sed 's/\s.*$//')
 		# Save hash to file
 		change_setting "WEBPASSWORD" "${hash}"
 		echo "New password set"
 	else
-		change_setting "WEBPASSWORD" ""
-		echo "Password removed"
+		echo "Passwords don't match. Your password has not been changed"
+		exit 1
 	fi
-
 }
 
 ProcessDNSSettings() {
diff --git a/automated install/basic-install.sh b/automated install/basic-install.sh
index b1ee90d6..bf083adb 100755
--- a/automated install/basic-install.sh	
+++ b/automated install/basic-install.sh	
@@ -1460,7 +1460,7 @@ main() {
       echo ":::                                ${pw}"
       echo ":::"
       echo "::: You can always change it using"
-      echo ":::                                pihole -a -p new_password"
+      echo ":::                                pihole -a -p"
     fi
   fi