]> git.ipfire.org Git - ipfire-2.x.git/blob - html/cgi-bin/chpasswd.cgi
projects / ipfire-2.x.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
vpn-statistic: change title of ovpn RW statistic page
[ipfire-2.x.git] / html / cgi-bin / chpasswd.cgi
1 #!/usr/bin/perl
2 ###############################################################################
3 # #
4 # IPFire.org - A linux based firewall #
5 # Copyright (C) 2007 Michael Tremer & Christian Schmidt #
6 # #
7 # This program is free software: you can redistribute it and/or modify #
8 # it under the terms of the GNU General Public License as published by #
9 # the Free Software Foundation, either version 3 of the License, or #
10 # (at your option) any later version. #
11 # #
12 # This program is distributed in the hope that it will be useful, #
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of #
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
15 # GNU General Public License for more details. #
16 # #
17 # You should have received a copy of the GNU General Public License #
18 # along with this program. If not, see <http://www.gnu.org/licenses/>. #
19 # #
20 ###############################################################################
21
22 use CGI qw(param);
23 use Crypt::PasswdMD5;
24
25 $swroot = "/var/ipfire";
26
27 my %cgiparams;
28 my %mainsettings;
29 my %proxysettings;
30
31 $proxysettings{'NCSA_MIN_PASS_LEN'} = 6;
32
33 ### Initialize environment
34 &readhash("${swroot}/main/settings", \%mainsettings);
35 &readhash("${swroot}/proxy/advanced/settings", \%proxysettings);
36 $language = $mainsettings{'LANGUAGE'};
37
38 ### Initialize language
39 if ($language =~ /^(\w+)$/) {$language = $1;}
40 #
41 # Uncomment this to force a certain language:
42 # $language='en';
43 #
44 require "${swroot}/langs/en.pl";
45 require "${swroot}/langs/${language}.pl";
46
47 my $userdb = "$swroot/proxy/advanced/ncsa/passwd";
48
49 &readhash("$swroot/ethernet/settings", \%netsettings);
50
51 my $success = 0;
52
53 &getcgihash(\%cgiparams);
54
55 if ($cgiparams{'SUBMIT'} eq $tr{'advproxy chgwebpwd change password'})
56 {
57 if ($cgiparams{'USERNAME'} eq '')
58 {
59 $errormessage = $tr{'advproxy errmsg no username'};
60 goto ERROR;
61 }
62 if (($cgiparams{'OLD_PASSWORD'} eq '') || ($cgiparams{'NEW_PASSWORD_1'} eq '') || ($cgiparams{'NEW_PASSWORD_2'} eq ''))
63 {
64 $errormessage = $tr{'advproxy errmsg no password'};
65 goto ERROR;
66 }
67 if (!($cgiparams{'NEW_PASSWORD_1'} eq $cgiparams{'NEW_PASSWORD_2'}))
68 {
69 $errormessage = $tr{'advproxy errmsg passwords different'};
70 goto ERROR;
71 }
72 if (length($cgiparams{'NEW_PASSWORD_1'}) < $proxysettings{'NCSA_MIN_PASS_LEN'})
73 {
74 $errormessage = $tr{'advproxy errmsg password length 1'}.$proxysettings{'NCSA_MIN_PASS_LEN'}.$tr{'advproxy errmsg password length 2'};
75 goto ERROR;
76 }
77 if (! -z $userdb)
78 {
79 open FILE, $userdb;
80 @users = <FILE>;
81 close FILE;
82
83 $username = '';
84 $cryptpwd = '';
85
86 foreach (@users)
87 {
88 chomp;
89 @temp = split(/:/,$_);
90 if ($temp[0] =~ /^$cgiparams{'USERNAME'}$/i)
91 {
92 $username = $temp[0];
93 $cryptpwd = $temp[1];
94 }
95 }
96 }
97 if ($username eq '')
98 {
99 $errormessage = $tr{'advproxy errmsg invalid user'};
100 goto ERROR;
101 }
102 if (
103 !(crypt($cgiparams{'OLD_PASSWORD'}, $cryptpwd) eq $cryptpwd) &&
104 !(apache_md5_crypt($cgiparams{'OLD_PASSWORD'}, $cryptpwd) eq $cryptpwd)
105 )
106 {
107 $errormessage = $tr{'advproxy errmsg password incorrect'};
108 goto ERROR;
109 }
110 $returncode = system("/usr/sbin/htpasswd -b $userdb $username $cgiparams{'NEW_PASSWORD_1'}");
111 if ($returncode == 0)
112 {
113 $success = 1;
114 undef %cgiparams;
115 } else {
116 $errormessage = $tr{'advproxy errmsg change fail'};
117 goto ERROR;
118 }
119 }
120
121 ERROR:
122
123 print "Pragma: no-cache\n";
124 print "Cache-control: no-cache\n";
125 print "Connection: close\n";
126 print "Content-type: text/html\n\n";
127
128 print <<END
129 <html>
130 <head>
131 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
132 <title></title>
133 </head>
134
135 <body bgcolor="#FFFFFF">
136
137 <center>
138
139 <form method='post' action='$ENV{'SCRIPT_NAME'}'>
140
141 <table width="80%" cellspacing="10" cellpadding="5">
142
143 <tr>
144 <td bgcolor="#FFFFFF" align="center">
145 <table width="100%" cellspacing="10" cellpadding="10" bordercolor="#9A9A9A" border="1">
146 <tr>
147 <td nowrap bgcolor="#993333" align="center" >
148 <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="4">
149 <b>$tr{'advproxy chgwebpwd change web password'}</b>
150 </font>
151 </td>
152 </tr>
153 <tr>
154 <td align="center">
155 <table width="50%" cellspacing="7" cellpadding="7">
156 <tr>
157 <td nowrap bgcolor="#FFFFFF" align="left">
158 <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2">
159 <b>$tr{'advproxy chgwebpwd username'}:</b>
160 </font>
161 </td>
162 <td ><input type="text" name="USERNAME" value="$cgiparams{'USERNAME'}" size="30"></td>
163 </tr>
164 <tr>
165 <td nowrap bgcolor="#FFFFFF" align="left">
166 <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2">
167 <b>$tr{'advproxy chgwebpwd old password'}:</b>
168 </font>
169 </td>
170 <td><input type="password" name="OLD_PASSWORD" value="$cgiparams{'OLD_PASSWORD'}" size="30"></td>
171 </tr>
172 <tr>
173 <td nowrap bgcolor="#FFFFFF" align="left">
174 <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2">
175 <b>$tr{'advproxy chgwebpwd new password'}:</b>
176 </font>
177 </td>
178 <td><input type="password" name="NEW_PASSWORD_1" value="$cgiparams{'NEW_PASSWORD_1'}" size="30"></td>
179 </tr>
180 <tr>
181 <td nowrap bgcolor="#FFFFFF" align="left">
182 <font face="trebuchet ms, helvetica, sans-serif" color="#666666" size="2">
183 <b>$tr{'advproxy chgwebpwd new password confirm'}:</b>
184 </font>
185 </td>
186 <td><input type="password" name="NEW_PASSWORD_2" value="$cgiparams{'NEW_PASSWORD_2'}" size="30"></td>
187 </tr>
188 </table>
189 <table width="100%" cellspacing="7" cellpadding="7">
190 <tr>
191 <td align="center"><br><input type='submit' name='SUBMIT' value="$tr{'advproxy chgwebpwd change password'}"></td>
192 </tr>
193 </table>
194 </td>
195 </tr>
196 END
197 ;
198
199 if ($errormessage)
200 {
201 print <<END
202 <tr>
203 <td nowrap bgcolor="#FF0000" align="center">
204 <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="2">
205 <b>$tr{'advproxy chgwebpwd ERROR'}</b> $errormessage
206 </font>
207 </td>
208 </tr>
209 END
210 ;
211 }
212
213 if ($success)
214 {
215 print <<END
216 <tr>
217 <td nowrap bgcolor="#00C000" align="center">
218 <font face="trebuchet ms, helvetica, sans-serif" color="#FFFFFF" size="2">
219 <b>$tr{'advproxy chgwebpwd SUCCESS'}</b> $tr{'advproxy errmsg change success'}
220 </font>
221 </td>
222 </tr>
223 END
224 ;
225 }
226
227
228 print <<END
229
230 </td>
231 </tr>
232 </table>
233
234 </table>
235
236 </form>
237
238 </center>
239
240 </body>
241
242 </html>
243 END
244 ;
245
246 # -------------------------------------------------------------------
247
248 sub readhash
249 {
250 my $filename = $_[0];
251 my $hash = $_[1];
252 my ($var, $val);
253
254 if (-e $filename)
255 {
256 open(FILE, $filename) or die "Unable to read file $filename";
257 while (<FILE>)
258 {
259 chop;
260 ($var, $val) = split /=/, $_, 2;
261 if ($var)
262 {
263 $val =~ s/^\'//g;
264 $val =~ s/\'$//g;
265
266 # Untaint variables read from hash
267 $var =~ /([A-Za-z0-9_-]*)/; $var = $1;
268 $val =~ /([\w\W]*)/; $val = $1;
269 $hash->{$var} = $val;
270 }
271 }
272 close FILE;
273 }
274 }
275
276 # -------------------------------------------------------------------
277
278 sub getcgihash
279 {
280 my ($hash, $params) = @_;
281 my $cgi = CGI->new ();
282 return if ($ENV{'REQUEST_METHOD'} ne 'POST');
283 if (!$params->{'wantfile'}) {
284 $CGI::DISABLE_UPLOADS = 1;
285 $CGI::POST_MAX = 512 * 1024;
286 } else {
287 $CGI::POST_MAX = 10 * 1024 * 1024;
288 }
289
290 $cgi->referer() =~ m/^https?\:\/\/([^\/]+)/;
291 my $referer = $1;
292 $cgi->url() =~ m/^https?\:\/\/([^\/]+)/;
293 my $servername = $1;
294 return if ($referer ne $servername);
295
296 ### Modified for getting multi-vars, split by |
297 %temp = $cgi->Vars();
298 foreach my $key (keys %temp) {
299 $hash->{$key} = $temp{$key};
300 $hash->{$key} =~ s/\0/|/g;
301 $hash->{$key} =~ s/^\s*(.*?)\s*$/$1/;
302 }
303
304 if (($params->{'wantfile'})&&($params->{'filevar'})) {
305 $hash->{$params->{'filevar'}} = $cgi->upload
306 ($params->{'filevar'});
307 }
308 return;
309 }
310
311 # -------------------------------------------------------------------
IPFire 2.x development tree