Merge 760dc494d4 into 63b3ef0151

This is often required for the keyboard/mouse to be recognized in
BIOS/UEFI firmware.

usb.go

@@ -132,7 +132,7 @@ func writeGadgetConfig() error {
 	}
 	err = writeGadgetAttrs(hid0Path, [][]string{
 		{"protocol", "1"},
-		{"subclass", "0"},
+		{"subclass", "1"},
 		{"report_length", "8"},
 	})
 	if err != nil {
@@ -152,7 +152,7 @@ func writeGadgetConfig() error {
 	}
 	err = writeGadgetAttrs(hid1Path, [][]string{
 		{"protocol", "2"},
-		{"subclass", "0"},
+		{"subclass", "1"},
 		{"report_length", "6"},
 	})
 	if err != nil {

web.go

@@ -227,45 +227,50 @@ func handleDevice(c *gin.Context) {
 }
 
 func handleCreatePassword(c *gin.Context) {
-	LoadConfig()
+    LoadConfig()
 
-	if config.HashedPassword != "" {
-		c.JSON(http.StatusBadRequest, gin.H{"error": "Password already set"})
-		return
-	}
+    if config.HashedPassword != "" {
+        c.JSON(http.StatusBadRequest, gin.H{"error": "Password already set"})
+        return
+    }
 
 	// We only allow users with noPassword mode to set a new password
 	// Users with password mode are not allowed to set a new password without providing the old password
 	// We have a PUT endpoint for changing the password, use that instead
-	if config.LocalAuthMode != "noPassword" {
-		c.JSON(http.StatusBadRequest, gin.H{"error": "Password mode is not enabled"})
-		return
-	}
 
-	var req SetPasswordRequest
-	if err := c.ShouldBindJSON(&req); err != nil || req.Password == "" {
-		c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid request"})
-		return
-	}
+    if config.LocalAuthMode != "noPassword" {
+        c.JSON(http.StatusBadRequest, gin.H{"error": "Password mode is not enabled"})
+        return
+    }
 
-	hashedPassword, err := bcrypt.GenerateFromPassword([]byte(req.Password), bcrypt.DefaultCost)
-	if err != nil {
-		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to hash password"})
-		return
-	}
+    var req SetPasswordRequest
+    if err := c.ShouldBindJSON(&req); err != nil || req.Password == "" {
+        c.JSON(http.StatusBadRequest, gin.H{"error": "Invalid request"})
+        return
+    }
 
-	config.HashedPassword = string(hashedPassword)
-	config.LocalAuthToken = uuid.New().String()
-	config.LocalAuthMode = "password"
-	if err := SaveConfig(); err != nil {
-		c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to save configuration"})
-		return
-	}
+    truncatedPassword := req.Password
+    if len(truncatedPassword) > 70 {
+        truncatedPassword = truncatedPassword[:70]
+    }
 
-	// Set the cookie
-	c.SetCookie("authToken", config.LocalAuthToken, 7*24*60*60, "/", "", false, true)
+    hashedPassword, err := bcrypt.GenerateFromPassword([]byte(truncatedPassword), bcrypt.DefaultCost)
+    if err != nil {
+        c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to hash password"})
+        return
+    }
 
-	c.JSON(http.StatusCreated, gin.H{"message": "Password set successfully"})
+    config.HashedPassword = string(hashedPassword)
+    config.LocalAuthToken = uuid.New().String()
+    config.LocalAuthMode = "password"
+    if err := SaveConfig(); err != nil {
+        c.JSON(http.StatusInternalServerError, gin.H{"error": "Failed to save configuration"})
+        return
+    }
+
+    c.SetCookie("authToken", config.LocalAuthToken, 7*24*60*60, "/", "", false, true)
+
+    c.JSON(http.StatusCreated, gin.H{"message": "Password set successfully"})
 }
 
 func handleUpdatePassword(c *gin.Context) {