]>
Commit | Line | Data |
---|---|---|
ed38f89d | 1 | #!/usr/bin/perl |
70df8302 MT |
2 | ############################################################################### |
3 | # # | |
4 | # IPFire.org - A linux based firewall # | |
5 | # Copyright (C) 2007 Michael Tremer & Christian Schmidt # | |
6 | # # | |
7 | # This program is free software: you can redistribute it and/or modify # | |
8 | # it under the terms of the GNU General Public License as published by # | |
9 | # the Free Software Foundation, either version 3 of the License, or # | |
10 | # (at your option) any later version. # | |
11 | # # | |
12 | # This program is distributed in the hope that it will be useful, # | |
13 | # but WITHOUT ANY WARRANTY; without even the implied warranty of # | |
14 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # | |
15 | # GNU General Public License for more details. # | |
16 | # # | |
17 | # You should have received a copy of the GNU General Public License # | |
18 | # along with this program. If not, see <http://www.gnu.org/licenses/>. # | |
19 | # # | |
20 | ############################################################################### | |
ed38f89d MT |
21 | |
22 | use CGI qw(param); | |
23 | ||
363fb6af | 24 | $swroot = "/var/ipfire"; |
ed38f89d MT |
25 | |
26 | my %cgiparams; | |
27 | my %mainsettings; | |
28 | my %proxysettings; | |
29 | ||
30 | $proxysettings{'NCSA_MIN_PASS_LEN'} = 6; | |
31 | ||
32 | ### Initialize environment | |
33 | &readhash("${swroot}/main/settings", \%mainsettings); | |
34 | &readhash("${swroot}/proxy/advanced/settings", \%proxysettings); | |
35 | $language = $mainsettings{'LANGUAGE'}; | |
36 | ||
37 | ### Initialize language | |
38 | if ($language =~ /^(\w+)$/) {$language = $1;} | |
39 | # | |
40 | # Uncomment this to force a certain language: | |
41 | # $language='en'; | |
42 | # | |
43 | require "${swroot}/langs/en.pl"; | |
44 | require "${swroot}/langs/${language}.pl"; | |
45 | ||
46 | my $userdb = "$swroot/proxy/advanced/ncsa/passwd"; | |
47 | ||
48 | &readhash("$swroot/ethernet/settings", \%netsettings); | |
49 | ||
50 | my $success = 0; | |
51 | ||
52 | &getcgihash(\%cgiparams); | |
53 | ||
54 | if ($cgiparams{'SUBMIT'} eq $tr{'advproxy chgwebpwd change password'}) | |
55 | { | |
56 | if ($cgiparams{'USERNAME'} eq '') | |
57 | { | |
58 | $errormessage = $tr{'advproxy errmsg no username'}; | |
59 | goto ERROR; | |
60 | } | |
61 | if (($cgiparams{'OLD_PASSWORD'} eq '') || ($cgiparams{'NEW_PASSWORD_1'} eq '') || ($cgiparams{'NEW_PASSWORD_2'} eq '')) | |
62 | { | |
63 | $errormessage = $tr{'advproxy errmsg no password'}; | |
64 | goto ERROR; | |
65 | } | |
66 | if (!($cgiparams{'NEW_PASSWORD_1'} eq $cgiparams{'NEW_PASSWORD_2'})) | |
67 | { | |
68 | $errormessage = $tr{'advproxy errmsg passwords different'}; | |
69 | goto ERROR; | |
70 | } | |
71 | if (length($cgiparams{'NEW_PASSWORD_1'}) < $proxysettings{'NCSA_MIN_PASS_LEN'}) | |
72 | { | |
73 | $errormessage = $tr{'advproxy errmsg password length 1'}.$proxysettings{'NCSA_MIN_PASS_LEN'}.$tr{'advproxy errmsg password length 2'}; | |
74 | goto ERROR; | |
75 | } | |
76 | if (! -z $userdb) | |
77 | { | |
78 | open FILE, $userdb; | |
79 | @users = <FILE>; | |
80 | close FILE; | |
81 | ||
82 | $username = ''; | |
83 | $cryptpwd = ''; | |
84 | ||
85 | foreach (@users) | |
86 | { | |
87 | chomp; | |
88 | @temp = split(/:/,$_); | |
89 | if ($temp[0] =~ /^$cgiparams{'USERNAME'}$/i) | |
90 | { | |
91 | $username = $temp[0]; | |
92 | $cryptpwd = $temp[1]; | |
93 | } | |
94 | } | |
95 | } | |
96 | if ($username eq '') | |
97 | { | |
98 | $errormessage = $tr{'advproxy errmsg invalid user'}; | |
99 | goto ERROR; | |
100 | } | |
101 | if (!(crypt($cgiparams{'OLD_PASSWORD'}, $cryptpwd) eq $cryptpwd)) | |
102 | { | |
103 | $errormessage = $tr{'advproxy errmsg password incorrect'}; | |
104 | goto ERROR; | |
105 | } | |
106 | $returncode = system("/usr/bin/htpasswd -b $userdb $username $cgiparams{'NEW_PASSWORD_1'}"); | |
107 | if ($returncode == 0) | |
108 | { | |
109 | $success = 1; | |
110 | undef %cgiparams; | |
111 | } else { | |
112 | $errormessage = $tr{'advproxy errmsg change fail'}; | |
113 | goto ERROR; | |
114 | } | |
115 | } | |
116 | ||
117 | ERROR: | |
118 | ||
119 | print "Pragma: no-cache\n"; | |
120 | print "Cache-control: no-cache\n"; | |
121 | print "Connection: close\n"; | |
122 | print "Content-type: text/html\n\n"; | |
123 | ||
124 | print <<END | |
125 | <html> | |
126 | <head> | |
127 | <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> | |
128 | <title></title> | |
129 | </head> | |
130 | ||
131 | <body bgcolor="#FFFFFF"> | |
132 | ||
133 | <center> | |
134 | ||
135 | <form method='post' action='$ENV{'SCRIPT_NAME'}'> | |
136 | ||
137 | <table width="80%" cellspacing="10" cellpadding="5" border="0"> | |
138 | ||
139 | <tr> | |
140 | <td bgcolor="#C0C0C0"> | |
141 | <font face="verdana, arial, sans serif" color="#000000" size="2"> | |
142 | <b> </b> | |
143 | </font> | |
144 | </td> | |
145 | </tr> | |
146 | <tr> | |
147 | <td bgcolor="#F4F4F4" align="center"> | |
148 | <table width="100%" cellspacing="10" cellpadding="10"> | |
149 | <tr> | |
150 | <td nowrap bgcolor="#0050C0" align="center"> | |
151 | <font face="verdana, arial, sans serif" color="#FFFFFF" size="3"> | |
152 | <b>$tr{'advproxy chgwebpwd change web password'}</b> | |
153 | </font> | |
154 | </td> | |
155 | </tr> | |
156 | <tr> | |
157 | <td align="center"> | |
158 | <table width="70%" cellspacing="7" cellpadding="7"> | |
159 | <tr> | |
160 | <td nowrap bgcolor="#F4F4F4" align="left"> | |
161 | <font face="verdana, arial, sans serif" color="#000000" size="2"> | |
162 | <b>$tr{'advproxy chgwebpwd username'}:</b> | |
163 | </font> | |
164 | </td> | |
165 | <td><input type="text" name="USERNAME" value="$cgiparams{'USERNAME'}" size="15"></td> | |
166 | </tr> | |
167 | <tr> | |
168 | <td nowrap bgcolor="#F4F4F4" align="left"> | |
169 | <font face="verdana, arial, sans serif" color="#000000" size="2"> | |
170 | <b>$tr{'advproxy chgwebpwd old password'}:</b> | |
171 | </font> | |
172 | </td> | |
173 | <td><input type="password" name="OLD_PASSWORD" value="$cgiparams{'OLD_PASSWORD'}" size="15"></td> | |
174 | </tr> | |
175 | <tr> | |
176 | <td nowrap bgcolor="#F4F4F4" align="left"> | |
177 | <font face="verdana, arial, sans serif" color="#000000" size="2"> | |
178 | <b>$tr{'advproxy chgwebpwd new password'}:</b> | |
179 | </font> | |
180 | </td> | |
181 | <td><input type="password" name="NEW_PASSWORD_1" value="$cgiparams{'NEW_PASSWORD_1'}" size="15"></td> | |
182 | </tr> | |
183 | <tr> | |
184 | <td nowrap bgcolor="#F4F4F4" align="left"> | |
185 | <font face="verdana, arial, sans serif" color="#000000" size="2"> | |
186 | <b>$tr{'advproxy chgwebpwd new password confirm'}:</b> | |
187 | </font> | |
188 | </td> | |
189 | <td><input type="password" name="NEW_PASSWORD_2" value="$cgiparams{'NEW_PASSWORD_2'}" size="15"></td> | |
190 | </tr> | |
191 | </table> | |
192 | <table width="100%" cellspacing="7" cellpadding="7"> | |
193 | <tr> | |
194 | <td align="center"><br><input type='submit' name='SUBMIT' value="$tr{'advproxy chgwebpwd change password'}"></td> | |
195 | </tr> | |
196 | </table> | |
197 | </td> | |
198 | </tr> | |
199 | END | |
200 | ; | |
201 | ||
202 | if ($errormessage) | |
203 | { | |
204 | print <<END | |
205 | <tr> | |
206 | <td nowrap bgcolor="#FF0000" align="center"> | |
207 | <font face="verdana, arial, sans serif" color="#FFFFFF" size="2"> | |
208 | <b>$tr{'advproxy chgwebpwd ERROR'}</b> $errormessage | |
209 | </font> | |
210 | </td> | |
211 | </tr> | |
212 | END | |
213 | ; | |
214 | } | |
215 | ||
216 | if ($success) | |
217 | { | |
218 | print <<END | |
219 | <tr> | |
220 | <td nowrap bgcolor="#00C000" align="center"> | |
221 | <font face="verdana, arial, sans serif" color="#FFFFFF" size="2"> | |
222 | <b>$tr{'advproxy chgwebpwd SUCCESS'}</b> $tr{'advproxy errmsg change success'} | |
223 | </font> | |
224 | </td> | |
225 | </tr> | |
226 | END | |
227 | ; | |
228 | } | |
229 | ||
230 | ||
231 | print <<END | |
232 | ||
233 | </td> | |
234 | </tr> | |
235 | </table> | |
236 | ||
237 | <tr> | |
238 | <td bgcolor="#C0C0C0" align="right"> | |
239 | <a href="http://www.advproxy.net" target="_blank"><b> | |
240 | <font face="verdana,arial,sans serif" color="#FFFFFF" size="1">Advanced Proxy</b></a> running on</font> | |
241 | <a href="http://www.ipcop.org" target="_blank"><b> | |
242 | <font face="verdana,arial,sans serif" color="#FFFFFF" size="1">IPCop</b></a></font> | |
243 | </td> | |
244 | </tr> | |
245 | ||
246 | </table> | |
247 | ||
248 | </form> | |
249 | ||
250 | </center> | |
251 | ||
252 | </body> | |
253 | ||
254 | </html> | |
255 | END | |
256 | ; | |
257 | ||
258 | # ------------------------------------------------------------------- | |
259 | ||
260 | sub readhash | |
261 | { | |
262 | my $filename = $_[0]; | |
263 | my $hash = $_[1]; | |
264 | my ($var, $val); | |
265 | ||
266 | if (-e $filename) | |
267 | { | |
268 | open(FILE, $filename) or die "Unable to read file $filename"; | |
269 | while (<FILE>) | |
270 | { | |
271 | chop; | |
272 | ($var, $val) = split /=/, $_, 2; | |
273 | if ($var) | |
274 | { | |
275 | $val =~ s/^\'//g; | |
276 | $val =~ s/\'$//g; | |
277 | ||
278 | # Untaint variables read from hash | |
279 | $var =~ /([A-Za-z0-9_-]*)/; $var = $1; | |
280 | $val =~ /([\w\W]*)/; $val = $1; | |
281 | $hash->{$var} = $val; | |
282 | } | |
283 | } | |
284 | close FILE; | |
285 | } | |
286 | } | |
287 | ||
288 | # ------------------------------------------------------------------- | |
289 | ||
290 | sub getcgihash | |
291 | { | |
292 | my ($hash, $params) = @_; | |
293 | my $cgi = CGI->new (); | |
294 | return if ($ENV{'REQUEST_METHOD'} ne 'POST'); | |
295 | if (!$params->{'wantfile'}) { | |
296 | $CGI::DISABLE_UPLOADS = 1; | |
297 | $CGI::POST_MAX = 512 * 1024; | |
298 | } else { | |
299 | $CGI::POST_MAX = 10 * 1024 * 1024; | |
300 | } | |
301 | ||
302 | $cgi->referer() =~ m/^https?\:\/\/([^\/]+)/; | |
303 | my $referer = $1; | |
304 | $cgi->url() =~ m/^https?\:\/\/([^\/]+)/; | |
305 | my $servername = $1; | |
306 | return if ($referer ne $servername); | |
307 | ||
308 | ### Modified for getting multi-vars, split by | | |
309 | %temp = $cgi->Vars(); | |
310 | foreach my $key (keys %temp) { | |
311 | $hash->{$key} = $temp{$key}; | |
312 | $hash->{$key} =~ s/\0/|/g; | |
313 | $hash->{$key} =~ s/^\s*(.*?)\s*$/$1/; | |
314 | } | |
315 | ||
316 | if (($params->{'wantfile'})&&($params->{'filevar'})) { | |
317 | $hash->{$params->{'filevar'}} = $cgi->upload | |
318 | ($params->{'filevar'}); | |
319 | } | |
320 | return; | |
321 | } | |
322 | ||
323 | # ------------------------------------------------------------------- |