#!/usr/bin/perl
###############################################################################
# #
# IPFire.org - A linux based firewall #
# Copyright (C) 2007 Michael Tremer & Christian Schmidt #
# #
# This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by #
# the Free Software Foundation, either version 3 of the License, or #
# (at your option) any later version. #
# #
# This program is distributed in the hope that it will be useful, #
# but WITHOUT ANY WARRANTY; without even the implied warranty of #
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
# GNU General Public License for more details. #
# #
# You should have received a copy of the GNU General Public License #
# along with this program. If not, see . #
# #
###############################################################################
use CGI qw(param);
use Apache::Htpasswd;
use Crypt::PasswdMD5;
$swroot = "/var/ipfire";
my %cgiparams;
my %mainsettings;
my %proxysettings;
$proxysettings{'NCSA_MIN_PASS_LEN'} = 6;
### Initialize environment
&readhash("${swroot}/main/settings", \%mainsettings);
&readhash("${swroot}/proxy/advanced/settings", \%proxysettings);
$language = $mainsettings{'LANGUAGE'};
### Initialize language
if ($language =~ /^(\w+)$/) {$language = $1;}
#
# Uncomment this to force a certain language:
# $language='en';
#
require "${swroot}/langs/en.pl";
require "${swroot}/langs/${language}.pl";
my $userdb = "$swroot/proxy/advanced/ncsa/passwd";
&readhash("$swroot/ethernet/settings", \%netsettings);
my $success = 0;
&getcgihash(\%cgiparams);
if ($cgiparams{'SUBMIT'} eq $tr{'advproxy chgwebpwd change password'})
{
if ($cgiparams{'USERNAME'} eq '')
{
$errormessage = $tr{'advproxy errmsg no username'};
goto ERROR;
}
if (($cgiparams{'OLD_PASSWORD'} eq '') || ($cgiparams{'NEW_PASSWORD_1'} eq '') || ($cgiparams{'NEW_PASSWORD_2'} eq ''))
{
$errormessage = $tr{'advproxy errmsg no password'};
goto ERROR;
}
if (!($cgiparams{'NEW_PASSWORD_1'} eq $cgiparams{'NEW_PASSWORD_2'}))
{
$errormessage = $tr{'advproxy errmsg passwords different'};
goto ERROR;
}
if (length($cgiparams{'NEW_PASSWORD_1'}) < $proxysettings{'NCSA_MIN_PASS_LEN'})
{
$errormessage = $tr{'advproxy errmsg password length 1'}.$proxysettings{'NCSA_MIN_PASS_LEN'}.$tr{'advproxy errmsg password length 2'};
goto ERROR;
}
my $htpasswd = new Apache::Htpasswd("$userdb");
# Check if a user with this name exists
my $old_password = $htpasswd->fetchPass($cgiparams{'USERNAME'});
if (!$old_password) {
$errormessage = $tr{'advproxy errmsg invalid user'};
goto ERROR;
}
# Reset password
if (!$htpasswd->htpasswd($cgiparams{'USERNAME'}, $cgiparams{'NEW_PASSWORD_1'},
$cgiparams{'OLD_PASSWORD'})) {
$errormessage = $tr{'advproxy errmsg password incorrect'};
goto ERROR;
}
$success = 1;
undef %cgiparams;
}
ERROR:
print "Pragma: no-cache\n";
print "Cache-control: no-cache\n";
print "Connection: close\n";
print "Content-type: text/html\n\n";
print <