]>
Commit | Line | Data |
---|---|---|
ed38f89d | 1 | #!/usr/bin/perl |
70df8302 MT |
2 | ############################################################################### |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2007 Michael Tremer & Christian Schmidt # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
ed38f89d MT |
21 | |
22 | use CGI qw(param); | |
23 | ||
363fb6af | 24 | $swroot = "/var/ipfire"; |
ed38f89d MT |
25 | |
26 | my %cgiparams; | |
27 | my %mainsettings; | |
28 | my %proxysettings; | |
29 | ||
30 | $proxysettings{'NCSA_MIN_PASS_LEN'} = 6; | |
31 | ||
32 | ### Initialize environment | |
33 | &readhash("${swroot}/main/settings", \%mainsettings); | |
34 | &readhash("${swroot}/proxy/advanced/settings", \%proxysettings); | |
35 | $language = $mainsettings{'LANGUAGE'}; | |
36 | ||
37 | ### Initialize language | |
38 | if ($language =~ /^(\w+)$/) {$language = $1;} | |
39 | # | |
40 | # Uncomment this to force a certain language: | |
41 | # $language='en'; | |
42 | # | |
43 | require "${swroot}/langs/en.pl"; | |
44 | require "${swroot}/langs/${language}.pl"; | |
45 | ||
46 | my $userdb = "$swroot/proxy/advanced/ncsa/passwd"; | |
47 | ||
48 | &readhash("$swroot/ethernet/settings", \%netsettings); | |
49 | ||
50 | my $success = 0; | |
51 | ||
52 | &getcgihash(\%cgiparams); | |
53 | ||
54 | if ($cgiparams{'SUBMIT'} eq $tr{'advproxy chgwebpwd change password'}) | |
55 | { | |
56 | if ($cgiparams{'USERNAME'} eq '') | |
57 | { | |
58 | $errormessage = $tr{'advproxy errmsg no username'}; | |
59 | goto ERROR; | |
60 | } | |
61 | if (($cgiparams{'OLD_PASSWORD'} eq '') || ($cgiparams{'NEW_PASSWORD_1'} eq '') || ($cgiparams{'NEW_PASSWORD_2'} eq '')) | |
62 | { | |
63 | $errormessage = $tr{'advproxy errmsg no password'}; | |
64 | goto ERROR; | |
65 | } | |
66 | if (!($cgiparams{'NEW_PASSWORD_1'} eq $cgiparams{'NEW_PASSWORD_2'})) | |
67 | { | |
68 | $errormessage = $tr{'advproxy errmsg passwords different'}; | |
69 | goto ERROR; | |
70 | } | |
71 | if (length($cgiparams{'NEW_PASSWORD_1'}) < $proxysettings{'NCSA_MIN_PASS_LEN'}) | |
72 | { | |
73 | $errormessage = $tr{'advproxy errmsg password length 1'}.$proxysettings{'NCSA_MIN_PASS_LEN'}.$tr{'advproxy errmsg password length 2'}; | |
74 | goto ERROR; | |
75 | } | |
76 | if (! -z $userdb) | |
77 | { | |
78 | open FILE, $userdb; | |
79 | @users = <FILE>; | |
80 | close FILE; | |
81 | ||
82 | $username = ''; | |
83 | $cryptpwd = ''; | |
84 | ||
85 | foreach (@users) | |
86 | { | |
87 | chomp; | |
88 | @temp = split(/:/,$_); | |
89 | if ($temp[0] =~ /^$cgiparams{'USERNAME'}$/i) | |
90 | { | |
91 | $username = $temp[0]; | |
92 | $cryptpwd = $temp[1]; | |
93 | } | |
94 | } | |
95 | } | |
96 | if ($username eq '') | |
97 | { | |
98 | $errormessage = $tr{'advproxy errmsg invalid user'}; | |
99 | goto ERROR; | |
100 | } | |
101 | if (!(crypt($cgiparams{'OLD_PASSWORD'}, $cryptpwd) eq $cryptpwd)) | |
102 | { | |
103 | $errormessage = $tr{'advproxy errmsg password incorrect'}; | |
104 | goto ERROR; | |
105 | } | |
8fb1a115 | 106 | $returncode = system("/usr/sbin/htpasswd -b $userdb $username $cgiparams{'NEW_PASSWORD_1'}"); |
ed38f89d MT |
107 | if ($returncode == 0) |
108 | { | |
109 | $success = 1; | |
110 | undef %cgiparams; | |
111 | } else { | |
112 | $errormessage = $tr{'advproxy errmsg change fail'}; | |
113 | goto ERROR; | |
114 | } | |
115 | } | |
116 | ||
117 | ERROR: | |
118 | ||
119 | print "Pragma: no-cache\n"; | |
120 | print "Cache-control: no-cache\n"; | |
121 | print "Connection: close\n"; | |
122 | print "Content-type: text/html\n\n"; | |
123 | ||
124 | print <<END | |
125 | <html> | |
126 | <head> | |
127 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> | |
128 | <title></title> | |
129 | </head> | |
130 | ||
131 | <body bgcolor="#FFFFFF"> | |
132 | ||
133 | <center> | |
134 | ||
135 | <form method='post' action='$ENV{'SCRIPT_NAME'}'> | |
136 | ||
5be3900c | 137 | <table width="80%" cellspacing="10" cellpadding="5"> |
ed38f89d MT |
138 | |
139 | <tr> | |
5be3900c JPT |
140 | <td bgcolor="#FFFFFF" align="center"> |
141 | <table width="100%" cellspacing="10" cellpadding="10" bordercolor="#9A9A9A" border="1"> | |
ed38f89d | 142 | <tr> |
5be3900c JPT |
143 | <td nowrap bgcolor="#993333" align="center" > |
144 | <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="4"> | |
ed38f89d MT |
145 | <b>$tr{'advproxy chgwebpwd change web password'}</b> |
146 | </font> | |
147 | </td> | |
148 | </tr> | |
149 | <tr> | |
150 | <td align="center"> | |
5be3900c | 151 | <table width="50%" cellspacing="7" cellpadding="7"> |
ed38f89d | 152 | <tr> |
5be3900c JPT |
153 | <td nowrap bgcolor="#FFFFFF" align="left"> |
154 | <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2"> | |
ed38f89d MT |
155 | <b>$tr{'advproxy chgwebpwd username'}:</b> |
156 | </font> | |
157 | </td> | |
5be3900c | 158 | <td ><input type="text" name="USERNAME" value="$cgiparams{'USERNAME'}" size="30"></td> |
ed38f89d MT |
159 | </tr> |
160 | <tr> | |
5be3900c JPT |
161 | <td nowrap bgcolor="#FFFFFF" align="left"> |
162 | <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2"> | |
ed38f89d MT |
163 | <b>$tr{'advproxy chgwebpwd old password'}:</b> |
164 | </font> | |
165 | </td> | |
5be3900c | 166 | <td><input type="password" name="OLD_PASSWORD" value="$cgiparams{'OLD_PASSWORD'}" size="30"></td> |
ed38f89d MT |
167 | </tr> |
168 | <tr> | |
5be3900c JPT |
169 | <td nowrap bgcolor="#FFFFFF" align="left"> |
170 | <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2"> | |
ed38f89d MT |
171 | <b>$tr{'advproxy chgwebpwd new password'}:</b> |
172 | </font> | |
173 | </td> | |
5be3900c | 174 | <td><input type="password" name="NEW_PASSWORD_1" value="$cgiparams{'NEW_PASSWORD_1'}" size="30"></td> |
ed38f89d MT |
175 | </tr> |
176 | <tr> | |
5be3900c JPT |
177 | <td nowrap bgcolor="#FFFFFF" align="left"> |
178 | <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2"> | |
ed38f89d MT |
179 | <b>$tr{'advproxy chgwebpwd new password confirm'}:</b> |
180 | </font> | |
181 | </td> | |
5be3900c | 182 | <td><input type="password" name="NEW_PASSWORD_2" value="$cgiparams{'NEW_PASSWORD_2'}" size="30"></td> |
ed38f89d MT |
183 | </tr> |
184 | </table> | |
185 | <table width="100%" cellspacing="7" cellpadding="7"> | |
186 | <tr> | |
187 | <td align="center"><br><input type='submit' name='SUBMIT' value="$tr{'advproxy chgwebpwd change password'}"></td> | |
188 | </tr> | |
189 | </table> | |
190 | </td> | |
191 | </tr> | |
192 | END | |
193 | ; | |
194 | ||
195 | if ($errormessage) | |
196 | { | |
197 | print <<END | |
198 | <tr> | |
199 | <td nowrap bgcolor="#FF0000" align="center"> | |
5be3900c | 200 | <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="2"> |
ed38f89d MT |
201 | <b>$tr{'advproxy chgwebpwd ERROR'}</b> $errormessage |
202 | </font> | |
203 | </td> | |
204 | </tr> | |
205 | END | |
206 | ; | |
207 | } | |
208 | ||
209 | if ($success) | |
210 | { | |
211 | print <<END | |
212 | <tr> | |
213 | <td nowrap bgcolor="#00C000" align="center"> | |
5be3900c | 214 | <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="2"> |
ed38f89d MT |
215 | <b>$tr{'advproxy chgwebpwd SUCCESS'}</b> $tr{'advproxy errmsg change success'} |
216 | </font> | |
217 | </td> | |
218 | </tr> | |
219 | END | |
220 | ; | |
221 | } | |
222 | ||
223 | ||
224 | print <<END | |
225 | ||
226 | </td> | |
227 | </tr> | |
228 | </table> | |
229 | ||
ed38f89d MT |
230 | </table> |
231 | ||
232 | </form> | |
233 | ||
234 | </center> | |
235 | ||
236 | </body> | |
237 | ||
238 | </html> | |
239 | END | |
240 | ; | |
241 | ||
242 | # ------------------------------------------------------------------- | |
243 | ||
244 | sub readhash | |
245 | { | |
246 | my $filename = $_[0]; | |
247 | my $hash = $_[1]; | |
248 | my ($var, $val); | |
249 | ||
250 | if (-e $filename) | |
251 | { | |
252 | open(FILE, $filename) or die "Unable to read file $filename"; | |
253 | while (<FILE>) | |
254 | { | |
255 | chop; | |
256 | ($var, $val) = split /=/, $_, 2; | |
257 | if ($var) | |
258 | { | |
259 | $val =~ s/^\'//g; | |
260 | $val =~ s/\'$//g; | |
261 | ||
262 | # Untaint variables read from hash | |
263 | $var =~ /([A-Za-z0-9_-]*)/; $var = $1; | |
264 | $val =~ /([\w\W]*)/; $val = $1; | |
265 | $hash->{$var} = $val; | |
266 | } | |
267 | } | |
268 | close FILE; | |
269 | } | |
270 | } | |
271 | ||
272 | # ------------------------------------------------------------------- | |
273 | ||
274 | sub getcgihash | |
275 | { | |
276 | my ($hash, $params) = @_; | |
277 | my $cgi = CGI->new (); | |
278 | return if ($ENV{'REQUEST_METHOD'} ne 'POST'); | |
279 | if (!$params->{'wantfile'}) { | |
280 | $CGI::DISABLE_UPLOADS = 1; | |
281 | $CGI::POST_MAX = 512 * 1024; | |
282 | } else { | |
283 | $CGI::POST_MAX = 10 * 1024 * 1024; | |
284 | } | |
285 | ||
286 | $cgi->referer() =~ m/^https?\:\/\/([^\/]+)/; | |
287 | my $referer = $1; | |
288 | $cgi->url() =~ m/^https?\:\/\/([^\/]+)/; | |
289 | my $servername = $1; | |
290 | return if ($referer ne $servername); | |
291 | ||
292 | ### Modified for getting multi-vars, split by | | |
293 | %temp = $cgi->Vars(); | |
294 | foreach my $key (keys %temp) { | |
295 | $hash->{$key} = $temp{$key}; | |
296 | $hash->{$key} =~ s/\0/|/g; | |
297 | $hash->{$key} =~ s/^\s*(.*?)\s*$/$1/; | |
298 | } | |
299 | ||
300 | if (($params->{'wantfile'})&&($params->{'filevar'})) { | |
301 | $hash->{$params->{'filevar'}} = $cgi->upload | |
302 | ($params->{'filevar'}); | |
303 | } | |
304 | return; | |
305 | } | |
306 | ||
307 | # ------------------------------------------------------------------- |