]>
Commit | Line | Data |
---|---|---|
ed38f89d | 1 | #!/usr/bin/perl |
70df8302 MT |
2 | ############################################################################### |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2007 Michael Tremer & Christian Schmidt # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
ed38f89d MT |
21 | |
22 | use CGI qw(param); | |
0aff7b81 | 23 | use Apache::Htpasswd; |
18e74048 | 24 | use Crypt::PasswdMD5; |
ed38f89d | 25 | |
363fb6af | 26 | $swroot = "/var/ipfire"; |
ed38f89d MT |
27 | |
28 | my %cgiparams; | |
29 | my %mainsettings; | |
30 | my %proxysettings; | |
31 | ||
32 | $proxysettings{'NCSA_MIN_PASS_LEN'} = 6; | |
33 | ||
34 | ### Initialize environment | |
35 | &readhash("${swroot}/main/settings", \%mainsettings); | |
36 | &readhash("${swroot}/proxy/advanced/settings", \%proxysettings); | |
37 | $language = $mainsettings{'LANGUAGE'}; | |
38 | ||
39 | ### Initialize language | |
40 | if ($language =~ /^(\w+)$/) {$language = $1;} | |
41 | # | |
42 | # Uncomment this to force a certain language: | |
43 | # $language='en'; | |
44 | # | |
45 | require "${swroot}/langs/en.pl"; | |
46 | require "${swroot}/langs/${language}.pl"; | |
47 | ||
48 | my $userdb = "$swroot/proxy/advanced/ncsa/passwd"; | |
49 | ||
50 | &readhash("$swroot/ethernet/settings", \%netsettings); | |
51 | ||
52 | my $success = 0; | |
53 | ||
54 | &getcgihash(\%cgiparams); | |
55 | ||
56 | if ($cgiparams{'SUBMIT'} eq $tr{'advproxy chgwebpwd change password'}) | |
57 | { | |
58 | if ($cgiparams{'USERNAME'} eq '') | |
59 | { | |
60 | $errormessage = $tr{'advproxy errmsg no username'}; | |
61 | goto ERROR; | |
62 | } | |
63 | if (($cgiparams{'OLD_PASSWORD'} eq '') || ($cgiparams{'NEW_PASSWORD_1'} eq '') || ($cgiparams{'NEW_PASSWORD_2'} eq '')) | |
64 | { | |
65 | $errormessage = $tr{'advproxy errmsg no password'}; | |
66 | goto ERROR; | |
67 | } | |
68 | if (!($cgiparams{'NEW_PASSWORD_1'} eq $cgiparams{'NEW_PASSWORD_2'})) | |
69 | { | |
70 | $errormessage = $tr{'advproxy errmsg passwords different'}; | |
71 | goto ERROR; | |
72 | } | |
73 | if (length($cgiparams{'NEW_PASSWORD_1'}) < $proxysettings{'NCSA_MIN_PASS_LEN'}) | |
74 | { | |
75 | $errormessage = $tr{'advproxy errmsg password length 1'}.$proxysettings{'NCSA_MIN_PASS_LEN'}.$tr{'advproxy errmsg password length 2'}; | |
76 | goto ERROR; | |
77 | } | |
0aff7b81 MT |
78 | |
79 | my $htpasswd = new Apache::Htpasswd("$userdb"); | |
80 | ||
81 | # Check if a user with this name exists | |
82 | my $old_password = $htpasswd->fetchPass($cgiparams{'USERNAME'}); | |
83 | if (!$old_password) { | |
ed38f89d MT |
84 | $errormessage = $tr{'advproxy errmsg invalid user'}; |
85 | goto ERROR; | |
86 | } | |
0aff7b81 MT |
87 | |
88 | # Reset password | |
89 | if (!$htpasswd->htpasswd($cgiparams{'USERNAME'}, $cgiparams{'NEW_PASSWORD_1'}, | |
90 | $cgiparams{'OLD_PASSWORD'})) { | |
ed38f89d MT |
91 | $errormessage = $tr{'advproxy errmsg password incorrect'}; |
92 | goto ERROR; | |
93 | } | |
0aff7b81 MT |
94 | |
95 | $success = 1; | |
96 | undef %cgiparams; | |
ed38f89d MT |
97 | } |
98 | ||
99 | ERROR: | |
100 | ||
101 | print "Pragma: no-cache\n"; | |
102 | print "Cache-control: no-cache\n"; | |
103 | print "Connection: close\n"; | |
104 | print "Content-type: text/html\n\n"; | |
105 | ||
106 | print <<END | |
107 | <html> | |
108 | <head> | |
109 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> | |
110 | <title></title> | |
111 | </head> | |
112 | ||
113 | <body bgcolor="#FFFFFF"> | |
114 | ||
115 | <center> | |
116 | ||
117 | <form method='post' action='$ENV{'SCRIPT_NAME'}'> | |
118 | ||
5be3900c | 119 | <table width="80%" cellspacing="10" cellpadding="5"> |
ed38f89d MT |
120 | |
121 | <tr> | |
5be3900c JPT |
122 | <td bgcolor="#FFFFFF" align="center"> |
123 | <table width="100%" cellspacing="10" cellpadding="10" bordercolor="#9A9A9A" border="1"> | |
ed38f89d | 124 | <tr> |
5be3900c JPT |
125 | <td nowrap bgcolor="#993333" align="center" > |
126 | <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="4"> | |
ed38f89d MT |
127 | <b>$tr{'advproxy chgwebpwd change web password'}</b> |
128 | </font> | |
129 | </td> | |
130 | </tr> | |
131 | <tr> | |
132 | <td align="center"> | |
5be3900c | 133 | <table width="50%" cellspacing="7" cellpadding="7"> |
ed38f89d | 134 | <tr> |
5be3900c JPT |
135 | <td nowrap bgcolor="#FFFFFF" align="left"> |
136 | <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2"> | |
ed38f89d MT |
137 | <b>$tr{'advproxy chgwebpwd username'}:</b> |
138 | </font> | |
139 | </td> | |
5be3900c | 140 | <td ><input type="text" name="USERNAME" value="$cgiparams{'USERNAME'}" size="30"></td> |
ed38f89d MT |
141 | </tr> |
142 | <tr> | |
5be3900c JPT |
143 | <td nowrap bgcolor="#FFFFFF" align="left"> |
144 | <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2"> | |
ed38f89d MT |
145 | <b>$tr{'advproxy chgwebpwd old password'}:</b> |
146 | </font> | |
147 | </td> | |
5be3900c | 148 | <td><input type="password" name="OLD_PASSWORD" value="$cgiparams{'OLD_PASSWORD'}" size="30"></td> |
ed38f89d MT |
149 | </tr> |
150 | <tr> | |
5be3900c JPT |
151 | <td nowrap bgcolor="#FFFFFF" align="left"> |
152 | <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2"> | |
ed38f89d MT |
153 | <b>$tr{'advproxy chgwebpwd new password'}:</b> |
154 | </font> | |
155 | </td> | |
5be3900c | 156 | <td><input type="password" name="NEW_PASSWORD_1" value="$cgiparams{'NEW_PASSWORD_1'}" size="30"></td> |
ed38f89d MT |
157 | </tr> |
158 | <tr> | |
5be3900c JPT |
159 | <td nowrap bgcolor="#FFFFFF" align="left"> |
160 | <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2"> | |
ed38f89d MT |
161 | <b>$tr{'advproxy chgwebpwd new password confirm'}:</b> |
162 | </font> | |
163 | </td> | |
5be3900c | 164 | <td><input type="password" name="NEW_PASSWORD_2" value="$cgiparams{'NEW_PASSWORD_2'}" size="30"></td> |
ed38f89d MT |
165 | </tr> |
166 | </table> | |
167 | <table width="100%" cellspacing="7" cellpadding="7"> | |
168 | <tr> | |
169 | <td align="center"><br><input type='submit' name='SUBMIT' value="$tr{'advproxy chgwebpwd change password'}"></td> | |
170 | </tr> | |
171 | </table> | |
172 | </td> | |
173 | </tr> | |
174 | END | |
175 | ; | |
176 | ||
177 | if ($errormessage) | |
178 | { | |
179 | print <<END | |
180 | <tr> | |
181 | <td nowrap bgcolor="#FF0000" align="center"> | |
5be3900c | 182 | <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="2"> |
ed38f89d MT |
183 | <b>$tr{'advproxy chgwebpwd ERROR'}</b> $errormessage |
184 | </font> | |
185 | </td> | |
186 | </tr> | |
187 | END | |
188 | ; | |
189 | } | |
190 | ||
191 | if ($success) | |
192 | { | |
193 | print <<END | |
194 | <tr> | |
195 | <td nowrap bgcolor="#00C000" align="center"> | |
5be3900c | 196 | <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="2"> |
ed38f89d MT |
197 | <b>$tr{'advproxy chgwebpwd SUCCESS'}</b> $tr{'advproxy errmsg change success'} |
198 | </font> | |
199 | </td> | |
200 | </tr> | |
201 | END | |
202 | ; | |
203 | } | |
204 | ||
205 | ||
206 | print <<END | |
207 | ||
208 | </td> | |
209 | </tr> | |
210 | </table> | |
211 | ||
ed38f89d MT |
212 | </table> |
213 | ||
214 | </form> | |
215 | ||
216 | </center> | |
217 | ||
218 | </body> | |
219 | ||
220 | </html> | |
221 | END | |
222 | ; | |
223 | ||
224 | # ------------------------------------------------------------------- | |
225 | ||
226 | sub readhash | |
227 | { | |
228 | my $filename = $_[0]; | |
229 | my $hash = $_[1]; | |
230 | my ($var, $val); | |
231 | ||
232 | if (-e $filename) | |
233 | { | |
234 | open(FILE, $filename) or die "Unable to read file $filename"; | |
235 | while (<FILE>) | |
236 | { | |
237 | chop; | |
238 | ($var, $val) = split /=/, $_, 2; | |
239 | if ($var) | |
240 | { | |
241 | $val =~ s/^\'//g; | |
242 | $val =~ s/\'$//g; | |
243 | ||
244 | # Untaint variables read from hash | |
245 | $var =~ /([A-Za-z0-9_-]*)/; $var = $1; | |
246 | $val =~ /([\w\W]*)/; $val = $1; | |
247 | $hash->{$var} = $val; | |
248 | } | |
249 | } | |
250 | close FILE; | |
251 | } | |
252 | } | |
253 | ||
254 | # ------------------------------------------------------------------- | |
255 | ||
256 | sub getcgihash | |
257 | { | |
258 | my ($hash, $params) = @_; | |
259 | my $cgi = CGI->new (); | |
260 | return if ($ENV{'REQUEST_METHOD'} ne 'POST'); | |
261 | if (!$params->{'wantfile'}) { | |
262 | $CGI::DISABLE_UPLOADS = 1; | |
263 | $CGI::POST_MAX = 512 * 1024; | |
264 | } else { | |
265 | $CGI::POST_MAX = 10 * 1024 * 1024; | |
266 | } | |
267 | ||
268 | $cgi->referer() =~ m/^https?\:\/\/([^\/]+)/; | |
269 | my $referer = $1; | |
270 | $cgi->url() =~ m/^https?\:\/\/([^\/]+)/; | |
271 | my $servername = $1; | |
272 | return if ($referer ne $servername); | |
273 | ||
274 | ### Modified for getting multi-vars, split by | | |
275 | %temp = $cgi->Vars(); | |
276 | foreach my $key (keys %temp) { | |
277 | $hash->{$key} = $temp{$key}; | |
278 | $hash->{$key} =~ s/\0/|/g; | |
279 | $hash->{$key} =~ s/^\s*(.*?)\s*$/$1/; | |
280 | } | |
281 | ||
282 | if (($params->{'wantfile'})&&($params->{'filevar'})) { | |
283 | $hash->{$params->{'filevar'}} = $cgi->upload | |
284 | ($params->{'filevar'}); | |
285 | } | |
286 | return; | |
287 | } | |
288 | ||
289 | # ------------------------------------------------------------------- |