notdcc: cgi-bin/chgpasswd.in annotate

annotate cgi-bin/chgpasswd.in @ 2:f6716cb00029

Replace buggy stuff in deb dir, never make phone calls while working

author	Peter Gervai <grin@grin.hu>
date	Tue, 10 Mar 2009 14:29:12 +0100
parents	c7f6b056b673
children

rev	line source
0 c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	1 #! @PERL@ -wT
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	2
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	3 # Change a DCC end-user's password
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	4
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	5 # Copyright (c) 2008 by Rhyolite Software, LLC
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	6 #
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	7 # This agreement is not applicable to any entity which sells anti-spam
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	8 # solutions to others or provides an anti-spam solution as part of a
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	9 # security solution sold to other entities, or to a private network
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	10 # which employs the DCC or uses data provided by operation of the DCC
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	11 # but does not provide corresponding data to other users.
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	12 #
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	13 # Permission to use, copy, modify, and distribute this software without
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	14 # changes for any purpose with or without fee is hereby granted, provided
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	15 # that the above copyright notice and this permission notice appear in all
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	16 # copies and any distributed versions or copies are either unchanged
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	17 # or not called anything similar to "DCC" or "Distributed Checksum
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	18 # Clearinghouse".
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	19 #
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	20 # Parties not eligible to receive a license under this agreement can
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	21 # obtain a commercial license to use DCC by contacting Rhyolite Software
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	22 # at sales@rhyolite.com.
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	23 #
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	24 # A commercial license would be for Distributed Checksum and Reputation
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	25 # Clearinghouse software. That software includes additional features. This
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	26 # free license for Distributed ChecksumClearinghouse Software does not in any
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	27 # way grant permision to use Distributed Checksum and Reputation Clearinghouse
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	28 # software
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	29 #
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	30 # THE SOFTWARE IS PROVIDED "AS IS" AND RHYOLITE SOFTWARE, LLC DISCLAIMS ALL
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	31 # WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	32 # OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL RHYOLITE SOFTWARE, LLC
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	33 # BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	34 # OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	35 # WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	36 # ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	37 # SOFTWARE.
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	38 # Rhyolite Software DCC 1.3.103-1.19 $Revision$
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	39 # @configure_input@
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	40
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	41 # This file must protected with equivalents to the httpd.conf lines
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	42 # in the README file.
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	43
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	44 use strict 'subs';
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	45 use 5.004;
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	46 use Fcntl qw(:DEFAULT :flock);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	47
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	48
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	49 sub emsg {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	50 my($msg) = html_str_encode(@_);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	51
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	52 $msg =~ s/^\s+//;
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	53 $msg =~ s/\s+$//;
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	54 $msg =~ s/\n/<BR>\n/g;
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	55
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	56 return "<P class=warn>$msg";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	57 }
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	58
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	59
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	60 my($preq, $passwd1, $passwd2, @file, %dict,
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	61 $locked, $result_msg, $restart_url);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	62
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	63 # get DCC parameters
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	64 local($DCCM_USERDIRS,
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	65 $hostname,
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	66 $user,
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	67 $whiteclnt_lock,
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	68 $edit_url, $passwd_url,
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	69 $url_ques, $url_suffix,
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	70 $form_hidden);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	71 do('@cgibin@/common') \|\| die("could not get DCC configuration: $!\n");
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	72
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	73 read_whiteclnt(\@file, \%dict);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	74
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	75
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	76 $webusers="@prefix@/$DCCM_USERDIRS/webusers";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	77 $webusers_lock="$webusers.lock";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	78
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	79 $passwd1 = $query{passwd1} ? $query{passwd1} : "";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	80 $passwd2 = $query{passwd2} ? $query{passwd2} : "";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	81 if ($hostname eq "www.rhyolite.com"
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	82 && $ENV{AuthName} && $ENV{AuthName} eq "DCC-demo-cgi"
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	83 && $user eq "cgi-demo"
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	84 && $passwd1 && $passwd2 && $passwd1 eq $passwd2) {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	85 $passwd1 = "cgi-demo";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	86 $passwd2 = "cgi-demo";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	87 }
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	88
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	89 $preq="The password must be 4 or more characters.";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	90 $locked = ($whiteclnt_lock =~ /\blocked/) ? " disabled" : "";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	91 if ($locked) {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	92 $result_msg = emsg("$whiteclnt locked; password not changed");
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	93 } elsif (!$passwd1) {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	94 if ($locked) {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	95 $result_msg = emsg("$whiteclnt locked");
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	96 } else {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	97 $result_msg = html_str_encode($preq);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	98 }
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	99 } elsif (length($passwd1) < 4) {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	100 $result_msg = emsg("$preq");
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	101
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	102 } elsif ($passwd1 ne $passwd2) {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	103 $result_msg = emsg("The two copies of the password differ.");
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	104 } elsif ($passwd1 !~ /^([^'"`]+)$/) {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	105 $result_msg = emsg("Quotes are not allowed in passwords.");
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	106 } else {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	107 $passwd1 = $1; # quite Perl taint warnings
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	108
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	109 # use a separate lock file in case htpasswd does some locking of its own
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	110 if (!sysopen(LOCKFH, "$webusers_lock", O_WRONLY \| O_CREAT)) {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	111 $result_msg = emsg("open($webusers_lock): $!");
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	112 } elsif (!flock(LOCKFH, LOCK_EX \| LOCK_NB)) {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	113 $result_msg = emsg("$webusers_lock busy: $!\nTry again");
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	114 close(LOCKFH);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	115 } else {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	116 $locked = " disabled";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	117 open(CMD, "@HTPASSWD@ -b $webusers '$user' '$passwd1' 2>&1 \|");
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	118 if (!read(CMD, $result_msg, 1000)) {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	119 $result_msg = emsg("read(htpasswd): $!");
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	120 # put the error message into the Apache error log
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	121 print STDERR "DCC cgi chgpasswd $result_msg\n";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	122 $result_msg = emsg($result_msg);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	123 close(CMD);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	124 close(LOCKFH);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	125 } else {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	126 close(LOCKFH);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	127 if (!close(CMD)) {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	128 $result_msg = ($! ? "$result_msg\nclose(htpasswd): $!"
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	129 : "$result_msg\nhtpasswd exit status $?");
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	130 # put the error message into the Apache error log
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	131 print STDERR "DCC cgi chgpasswd $result_msg\n";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	132 $result_msg = emsg($result_msg);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	133 } else {
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	134 $restart_url = ($query{goback} && $query{goback} ne $passwd_url
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	135 ? "$query{goback}$url_suffix"
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	136 : $edit_url);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	137 $restart_url .= $url_ques;
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	138 }
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	139 }
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	140 }
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	141 }
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	142
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	143 html_head("Change DCC Password for $user", $restart_url);
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	144
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	145 print "<H3>Change DCC Password for <EM>$user</EM></H3>\n<P>\n";
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	146
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	147 common_buttons();
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	148 print <<EOF;
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	149 </TABLE>
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	150
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	151 <P>
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	152 <FORM action="$ENV{SCRIPT_NAME}" name=form method=POST>
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	153 <TABLE border=0 cellspacing=1 cellpadding=1>
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	154 <TR><TD align=right><LABEL for=passwd1>Password</LABEL>
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	155 <TD><INPUT$locked id=passwd1 type=password name=passwd1 maxlength=12 value="$passwd1">
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	156 <TR><TD align=right><LABEL for=passwd2>Confirm</LABEL>
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	157 <TD><INPUT$locked id=passwd2 type=password name=passwd2 maxlength=12 value="$passwd2">
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	158 <TR><TD><INPUT type=submit $locked value="Change">$form_hidden
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	159 </TABLE>
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	160 </FORM>
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	161
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	162 <P>
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	163 $result_msg
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	164
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	165 EOF
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	166 html_footer();
c7f6b056b673 First import of vendor version Peter Gervai <grin@grin.hu> parents: diff changeset	167 print "</BODY>\n</HTML>\n";

Mercurial > notdcc

annotate cgi-bin/chgpasswd.in @ 2:f6716cb00029