Increased password max length to 128 (#8909)

include/ntop_defines.h

@@ -142,7 +142,7 @@
 #define REST_API_PREFIX "/lua/rest/"
 #define REST_API_PRO_PREFIX "/lua/pro/rest/"
 #define INTERFACE_DATA_URL "/lua/rest/get/interface/data.lua"
-#define MAX_PASSWORD_LEN 32 + 1      /* \0 */
+#define MAX_PASSWORD_LEN 128 + 1      /* \0 */
 #define HTTP_SESSION_DURATION 43200  // 12h
 #define HTTP_SESSION_MIDNIGHT_EXPIRATION false
 #define EXTENDED_HTTP_SESSION_DURATION 604800  // 7d

scripts/lua/modules/lua_utils_get.lua

@@ -520,7 +520,7 @@ end
 
 function getPasswordInputPattern()
     -- maximum len must be kept in sync with MAX_PASSWORD_LEN
-    return [[^[\w\$\\!\/\(\)= \?\^\*@_\-\u0000-\u0019\u0021-\u00ff]{5,31}$]]
+    return [[^[\w\$\\!\/\(\)= \?\^\*@_\-\u0000-\u0019\u0021-\u00ff]{5,128}$]]
 end
 
 -- ##############################################

src/HTTPserver.cpp

@@ -505,7 +505,7 @@ static int getAuthorizedUser(struct mg_connection *conn,
          authentication. For this reason it is necessary to check submitted
          username and password. */
       if (strcmp(request_info->request_method, "POST") == 0) {
-        char post_data[1024];
+        char post_data[2048];
         char label[128];
         int post_data_len = mg_read(conn, post_data, sizeof(post_data));
         bool success;
@@ -987,7 +987,7 @@ static void redirect_to_password_change(
 static void authorize(struct mg_connection *conn,
                       const struct mg_request_info *request_info,
                       char *username, char *group, bool *localuser) {
-  char user[32] = {'\0'}, password[32] = {'\0'}, referer[256] = {'\0'};
+  char user[32] = {'\0'}, password[129] = {'\0'}, referer[256] = {'\0'};
   bool bad_user_pwd = false;
 
   if (!strcmp(request_info->request_method, "POST")) {