]> git.ipfire.org Git - ipfire-2.x.git/blob - html/cgi-bin/chpasswd.cgi
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
freeradius: Update to version 3.0.18
[ipfire-2.x.git] / html / cgi-bin / chpasswd.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2007 Michael Tremer & Christian Schmidt #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use CGI qw(param);
23 use Apache::Htpasswd;
24 use Crypt::PasswdMD5;
25
26 $swroot = "/var/ipfire";
27
28 my %cgiparams;
29 my %mainsettings;
30 my %proxysettings;
31
32 $proxysettings{'NCSA_MIN_PASS_LEN'} = 6;
33
34 ### Initialize environment
35 &readhash("${swroot}/main/settings", \%mainsettings);
36 &readhash("${swroot}/proxy/advanced/settings", \%proxysettings);
37 $language = $mainsettings{'LANGUAGE'};
38
39 ### Initialize language
40 if ($language =~ /^(\w+)$/) {$language = $1;}
41 #
42 # Uncomment this to force a certain language:
43 # $language='en';
44 #
45 require "${swroot}/langs/en.pl";
46 require "${swroot}/langs/${language}.pl";
47
48 my $userdb = "$swroot/proxy/advanced/ncsa/passwd";
49
50 &readhash("$swroot/ethernet/settings", \%netsettings);
51
52 my $success = 0;
53
54 &getcgihash(\%cgiparams);
55
56 if ($cgiparams{'SUBMIT'} eq $tr{'advproxy chgwebpwd change password'})
57 {
58 if ($cgiparams{'USERNAME'} eq '')
59 {
60 $errormessage = $tr{'advproxy errmsg no username'};
61 goto ERROR;
62 }
63 if (($cgiparams{'OLD_PASSWORD'} eq '') || ($cgiparams{'NEW_PASSWORD_1'} eq '') || ($cgiparams{'NEW_PASSWORD_2'} eq ''))
64 {
65 $errormessage = $tr{'advproxy errmsg no password'};
66 goto ERROR;
67 }
68 if (!($cgiparams{'NEW_PASSWORD_1'} eq $cgiparams{'NEW_PASSWORD_2'}))
69 {
70 $errormessage = $tr{'advproxy errmsg passwords different'};
71 goto ERROR;
72 }
73 if (length($cgiparams{'NEW_PASSWORD_1'}) < $proxysettings{'NCSA_MIN_PASS_LEN'})
74 {
75 $errormessage = $tr{'advproxy errmsg password length 1'}.$proxysettings{'NCSA_MIN_PASS_LEN'}.$tr{'advproxy errmsg password length 2'};
76 goto ERROR;
77 }
78
79 my $htpasswd = new Apache::Htpasswd("$userdb");
80
81 # Check if a user with this name exists
82 my $old_password = $htpasswd->fetchPass($cgiparams{'USERNAME'});
83 if (!$old_password) {
84 $errormessage = $tr{'advproxy errmsg invalid user'};
85 goto ERROR;
86 }
87
88 # Reset password
89 if (!$htpasswd->htpasswd($cgiparams{'USERNAME'}, $cgiparams{'NEW_PASSWORD_1'},
90 $cgiparams{'OLD_PASSWORD'})) {
91 $errormessage = $tr{'advproxy errmsg password incorrect'};
92 goto ERROR;
93 }
94
95 $success = 1;
96 undef %cgiparams;
97 }
98
99 ERROR:
100
101 print "Pragma: no-cache\n";
102 print "Cache-control: no-cache\n";
103 print "Connection: close\n";
104 print "Content-type: text/html\n\n";
105
106 print <<END
107 <html>
108 <head>
109 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
110 <title></title>
111 </head>
112
113 <body bgcolor="#FFFFFF">
114
115 <center>
116
117 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
118
119 <table width="80%" cellspacing="10" cellpadding="5">
120
121 <tr>
122 <td bgcolor="#FFFFFF" align="center">
123 <table width="100%" cellspacing="10" cellpadding="10" bordercolor="#9A9A9A" border="1">
124 <tr>
125 <td nowrap bgcolor="#993333" align="center" >
126 <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="4">
127 <b>$tr{'advproxy chgwebpwd change web password'}</b>
128 </font>
129 </td>
130 </tr>
131 <tr>
132 <td align="center">
133 <table width="50%" cellspacing="7" cellpadding="7">
134 <tr>
135 <td nowrap bgcolor="#FFFFFF" align="left">
136 <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2">
137 <b>$tr{'advproxy chgwebpwd username'}:</b>
138 </font>
139 </td>
140 <td ><input type="text" name="USERNAME" value="$cgiparams{'USERNAME'}" size="30"></td>
141 </tr>
142 <tr>
143 <td nowrap bgcolor="#FFFFFF" align="left">
144 <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2">
145 <b>$tr{'advproxy chgwebpwd old password'}:</b>
146 </font>
147 </td>
148 <td><input type="password" name="OLD_PASSWORD" value="$cgiparams{'OLD_PASSWORD'}" size="30"></td>
149 </tr>
150 <tr>
151 <td nowrap bgcolor="#FFFFFF" align="left">
152 <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2">
153 <b>$tr{'advproxy chgwebpwd new password'}:</b>
154 </font>
155 </td>
156 <td><input type="password" name="NEW_PASSWORD_1" value="$cgiparams{'NEW_PASSWORD_1'}" size="30"></td>
157 </tr>
158 <tr>
159 <td nowrap bgcolor="#FFFFFF" align="left">
160 <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2">
161 <b>$tr{'advproxy chgwebpwd new password confirm'}:</b>
162 </font>
163 </td>
164 <td><input type="password" name="NEW_PASSWORD_2" value="$cgiparams{'NEW_PASSWORD_2'}" size="30"></td>
165 </tr>
166 </table>
167 <table width="100%" cellspacing="7" cellpadding="7">
168 <tr>
169 <td align="center"><br><input type='submit' name='SUBMIT' value="$tr{'advproxy chgwebpwd change password'}"></td>
170 </tr>
171 </table>
172 </td>
173 </tr>
174 END
175 ;
176
177 if ($errormessage)
178 {
179 print <<END
180 <tr>
181 <td nowrap bgcolor="#FF0000" align="center">
182 <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="2">
183 <b>$tr{'advproxy chgwebpwd ERROR'}</b> $errormessage
184 </font>
185 </td>
186 </tr>
187 END
188 ;
189 }
190
191 if ($success)
192 {
193 print <<END
194 <tr>
195 <td nowrap bgcolor="#00C000" align="center">
196 <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="2">
197 <b>$tr{'advproxy chgwebpwd SUCCESS'}</b> $tr{'advproxy errmsg change success'}
198 </font>
199 </td>
200 </tr>
201 END
202 ;
203 }
204
205
206 print <<END
207
208 </td>
209 </tr>
210 </table>
211
212 </table>
213
214 </form>
215
216 </center>
217
218 </body>
219
220 </html>
221 END
222 ;
223
224 # -------------------------------------------------------------------
225
226 sub readhash
227 {
228 my $filename = $_[0];
229 my $hash = $_[1];
230 my ($var, $val);
231
232 if (-e $filename)
233 {
234 open(FILE, $filename) or die "Unable to read file $filename";
235 while (<FILE>)
236 {
237 chop;
238 ($var, $val) = split /=/, $_, 2;
239 if ($var)
240 {
241 $val =~ s/^\'//g;
242 $val =~ s/\'$//g;
243
244 # Untaint variables read from hash
245 $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
246 $val =~ /([\w\W]*)/; $val = $1;
247 $hash->{$var} = $val;
248 }
249 }
250 close FILE;
251 }
252 }
253
254 # -------------------------------------------------------------------
255
256 sub getcgihash
257 {
258 my ($hash, $params) = @_;
259 my $cgi = CGI->new ();
260 return if ($ENV{'REQUEST_METHOD'} ne 'POST');
261 if (!$params->{'wantfile'}) {
262 $CGI::DISABLE_UPLOADS = 1;
263 $CGI::POST_MAX = 512 * 1024;
264 } else {
265 $CGI::POST_MAX = 10 * 1024 * 1024;
266 }
267
268 $cgi->referer() =~ m/^https?\:\/\/([^\/]+)/;
269 my $referer = $1;
270 $cgi->url() =~ m/^https?\:\/\/([^\/]+)/;
271 my $servername = $1;
272 return if ($referer ne $servername);
273
274 ### Modified for getting multi-vars, split by |
275 %temp = $cgi->Vars();
276 foreach my $key (keys %temp) {
277 $hash->{$key} = $temp{$key};
278 $hash->{$key} =~ s/\0/|/g;
279 $hash->{$key} =~ s/^\s*(.*?)\s*$/$1/;
280 }
281
282 if (($params->{'wantfile'})&&($params->{'filevar'})) {
283 $hash->{$params->{'filevar'}} = $cgi->upload
284 ($params->{'filevar'});
285 }
286 return;
287 }
288
289 # -------------------------------------------------------------------
IPFire 2.x development tree