From b19d4fc0055472c3b4316f9f2942549b96359698 Mon Sep 17 00:00:00 2001
From: Jamie Cameron <jcameron@webmin.com>
Date: Sun, 1 Aug 2021 14:41:30 -0700
Subject: [PATCH] Fixed bugs in password change API

---
 passwd/change_passwd.cgi | 5 +++--
 passwd/passwd-lib.pl     | 2 +-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/passwd/change_passwd.cgi b/passwd/change_passwd.cgi
index 065d5a4b3..57c2be6a2 100755
--- a/passwd/change_passwd.cgi
+++ b/passwd/change_passwd.cgi
@@ -2,6 +2,7 @@
 # Change a user's password knowing the old one. For user only via anonymous
 # API calls.
 
+$trust_unknown_referers = 1;
 require './passwd-lib.pl';
 &ReadParse();
 print "Content-type: text/plain\n\n";
@@ -27,7 +28,7 @@ $user || &error_exit("User does not exist");
 &useradmin::validate_password($in{'old'}, $user->{'pass'}) ||
 	&error_exit("Incorrect password");
 my $err = &useradmin::check_password_restrictions(
-	$in{'pass'}, $in{'user'}, $user);
+	$in{'new'}, $in{'user'}, $user);
 &error_exit("Invalid password : $err") if ($err);
 
 # Do the change
@@ -35,7 +36,7 @@ my $err = &useradmin::check_password_restrictions(
 &clear_rate_limit($in{'user'});
 eval {
 	local $main::error_must_die = 1;
-	&change_password($user, $in{'pass'}, 1);
+	&change_password($user, $in{'new'}, 1);
 	};
 if ($@) {
 	&error_exit($@);
diff --git a/passwd/passwd-lib.pl b/passwd/passwd-lib.pl
index c90496f03..dcace3250 100755
--- a/passwd/passwd-lib.pl
+++ b/passwd/passwd-lib.pl
@@ -168,7 +168,7 @@ if ($rate{$key} > $rate_limit_max) {
 	$rv = "Too many failures for $key";
 	}
 else {
-	sleep($rate{$key} ** 2);
+	sleep(2 ** $rate{$key});
 	$rate{$key}++;
 	}
 &write_file($rate_limit_file, \%rate);