| 1 |
dpavlin |
1.1 |
#!/usr/local/bin/perl |
| 2 |
|
|
|
| 3 |
|
|
# PopPass - a CGI script in Perl to allow users to changes their password |
| 4 |
|
|
# using a WWW interface. PopPass uses poppassd version 1.2 (available at |
| 5 |
|
|
# ftp://ftp.qualcomm.com/eudora/servers/unix/password/ to actually make |
| 6 |
|
|
# the password change. It can therefore run as an unprivilaged user on any |
| 7 |
|
|
# server (not necessarly the server where the password file exists). The |
| 8 |
|
|
# Perl 5 modules IO::Socket and CGI are also required (available from your |
| 9 |
|
|
# favorite CPAN site). |
| 10 |
|
|
# A version of poppassd for Linux systems using shadow passwords can be |
| 11 |
|
|
# found at ftp://ftp.ceti.com.pl/pub/linux/poppassd-1.8-ceti.tar.gz |
| 12 |
|
|
# ========================================================================== |
| 13 |
|
|
# Created: 2 Feb 96 by Jerry Workman (jerry@mtnsoft.com) |
| 14 |
|
|
# Last Revised: 19 January 2000 |
| 15 |
|
|
# ========================================================================== |
| 16 |
|
|
|
| 17 |
|
|
# 2001-10-12 DbP <dpavlin@rot13.org> support for multiple servers separated |
| 18 |
|
|
# by spaces |
| 19 |
|
|
|
| 20 |
|
|
use strict; |
| 21 |
|
|
use CGI qw(:all); # CGI forms etc |
| 22 |
|
|
use CGI::Carp qw(fatalsToBrowser set_message); |
| 23 |
|
|
use IO::Socket::INET; |
| 24 |
|
|
|
| 25 |
|
|
BEGIN { |
| 26 |
|
|
sub handle_errors { |
| 27 |
|
|
my $msg = shift; |
| 28 |
|
|
print "<h2>Error:</H2><i>$msg</i>"; |
| 29 |
|
|
} |
| 30 |
|
|
set_message(\&handle_errors); |
| 31 |
|
|
} |
| 32 |
|
|
#$SIG{ALRM} = \&error_exit; |
| 33 |
|
|
#alarm(3*60); |
| 34 |
|
|
open(STDERR,">&STDOUT") || die "Can't dup stdout: $!\n"; |
| 35 |
|
|
select(STDERR); $| = 1; # Make unbuffered. |
| 36 |
|
|
select(STDOUT); $| = 1; # Make unbuffered. |
| 37 |
|
|
# -------------------------------------------------------------------------- |
| 38 |
|
|
my $DEBUG = 0; |
| 39 |
|
|
my $DEFAULTHOST = 'localhost'; # host name if different from web server |
| 40 |
|
|
my $TITLE = 'Change Your Password'; |
| 41 |
|
|
my $AUTHOR = 'Jerry Workman'; |
| 42 |
|
|
my $COPYRIGHT = "Copyright 1996-2000 $AUTHOR"; |
| 43 |
|
|
my $HOME = hr. a({href=>CGI::referer()}, "Home"); # Very Basic Home link |
| 44 |
|
|
my $MESSAGE = <<EOM; |
| 45 |
|
|
Enter your UserName, current password, and new password (twice for |
| 46 |
|
|
verification) then click on Change Password. Passwords must be |
| 47 |
|
|
at least 6 characters and can be mixed case. |
| 48 |
|
|
EOM |
| 49 |
|
|
# ** End of Configurable Parameters (unless you're a Perl hacker) ** |
| 50 |
|
|
# -------------------------------------------------------------------------- |
| 51 |
|
|
my $host = param('host') || $DEFAULTHOST; |
| 52 |
|
|
my $username = param('username'); |
| 53 |
|
|
my $password = param('password'); |
| 54 |
|
|
my $newpassword1 = param('newpassword1'); |
| 55 |
|
|
my $newpassword2 = param('newpassword2'); |
| 56 |
|
|
my $msg; |
| 57 |
|
|
# -------------------------------------------------------------------------- |
| 58 |
|
|
print header, |
| 59 |
|
|
start_html(-title=>$TITLE, |
| 60 |
|
|
-author=>$AUTHOR, |
| 61 |
|
|
-base=>'true', |
| 62 |
|
|
-meta=>{'copyright'=>$COPYRIGHT}); |
| 63 |
|
|
#print CGI::dump() if $DEBUG; |
| 64 |
|
|
if(!param()) { |
| 65 |
|
|
showform(); |
| 66 |
|
|
} else { |
| 67 |
|
|
error_exit("You must supply a Username") |
| 68 |
|
|
if (!$username); |
| 69 |
|
|
error_exit("New Passwords do not match") |
| 70 |
|
|
if ($newpassword1 ne $newpassword2); |
| 71 |
|
|
error_exit("The New Password can not be blank") |
| 72 |
|
|
if length($newpassword1) == 0; |
| 73 |
|
|
my $newpassword = $newpassword1; |
| 74 |
|
|
error_exit("New Password can not contain spaces") |
| 75 |
|
|
if $newpassword =~ / /; |
| 76 |
|
|
error_exit ("Password must be eight or more characters") |
| 77 |
|
|
if length($newpassword) < 8; |
| 78 |
|
|
if ($host =~ m,\s+,) { |
| 79 |
|
|
my @host_arr=split(/\s+/,$host); |
| 80 |
|
|
foreach $host (@host_arr) { |
| 81 |
|
|
print b("working on host: $host"),p if $DEBUG; |
| 82 |
|
|
if(poppass($host, $username, $password, $newpassword)) { |
| 83 |
|
|
print p, center(h2("Password on $host changed successfully")), "\n"; |
| 84 |
|
|
} else { |
| 85 |
|
|
print p, center(h2("Error changing password on $host: $msg")); |
| 86 |
|
|
} |
| 87 |
|
|
} |
| 88 |
|
|
} else { |
| 89 |
|
|
if(poppass($host, $username, $password, $newpassword)) { |
| 90 |
|
|
print p, center(h2("Password changed successfully")), "\n"; |
| 91 |
|
|
} else { |
| 92 |
|
|
error_exit($msg); |
| 93 |
|
|
} |
| 94 |
|
|
} |
| 95 |
|
|
} |
| 96 |
|
|
print $HOME, end_html; |
| 97 |
|
|
# -------------------------------------------------------------------------- |
| 98 |
|
|
# Subroutines |
| 99 |
|
|
# -------------------------------------------------------------------------- |
| 100 |
|
|
sub showform { |
| 101 |
|
|
print p, blockquote(center(h2('Change Password')), hr, |
| 102 |
|
|
$MESSAGE, hr, center(pre(startform(), |
| 103 |
|
|
"<b> UserName: </b>", textfield('username','', 25), "\n", |
| 104 |
|
|
"<b> Old Password: </b>", password_field('password','', 25), "\n", |
| 105 |
|
|
"<b> New Password: </b>", password_field('newpassword1','',25),"\n", |
| 106 |
|
|
"<b>Verify New Password: </b>", password_field('newpassword2','',25),"\n\n", |
| 107 |
|
|
submit('action','Change Password'), |
| 108 |
|
|
endform))), "\n"; |
| 109 |
|
|
} |
| 110 |
|
|
# -------------------------------------------------------------------------- |
| 111 |
|
|
sub error_exit { |
| 112 |
|
|
my($msg) = @_; |
| 113 |
|
|
print h1("Error:"), h2($msg), hr, |
| 114 |
|
|
"Return to the previous page and make the necessary corrections", |
| 115 |
|
|
$HOME, end_html; |
| 116 |
|
|
exit; |
| 117 |
|
|
} |
| 118 |
|
|
# -------------------------------------------------------------------------- |
| 119 |
|
|
# Change the password using service poppassd at port 106 |
| 120 |
|
|
# |
| 121 |
|
|
sub poppass |
| 122 |
|
|
{ |
| 123 |
|
|
my($host, $username, $password, $newpassword) = @_; |
| 124 |
|
|
my $status = 0; |
| 125 |
|
|
eval { |
| 126 |
|
|
sub popout { |
| 127 |
|
|
my ($socket,$str) = @_; |
| 128 |
|
|
print $socket "$str\n"; |
| 129 |
|
|
print "$str <br>\n" if $DEBUG; |
| 130 |
|
|
} |
| 131 |
|
|
print "connect: $host 106<br>\n" if $DEBUG; |
| 132 |
|
|
my $socket = IO::Socket::INET->new( |
| 133 |
|
|
PeerAddr => $host, |
| 134 |
|
|
PeerPort => 106, |
| 135 |
|
|
Timeout => 5, |
| 136 |
|
|
Reuse => 1 |
| 137 |
|
|
) or |
| 138 |
|
|
( $msg = "No Response from poppass server $host:$@\n", return $status = 0 ); |
| 139 |
|
|
|
| 140 |
|
|
$socket->autoflush(1); |
| 141 |
|
|
|
| 142 |
|
|
while ($_ = <$socket>) { |
| 143 |
|
|
s/\n//g; |
| 144 |
|
|
s/\r//g; |
| 145 |
|
|
print "$_ <br>\n" if $DEBUG; |
| 146 |
|
|
/200 poppassd/ && |
| 147 |
|
|
(popout($socket,"USER $username"), next ); |
| 148 |
|
|
/200.*[Yy]our password please/ && |
| 149 |
|
|
(popout($socket,"PASS $password"), next ); |
| 150 |
|
|
/200.*new password/ && |
| 151 |
|
|
(popout($socket,"NEWPASS $newpassword"), next ); |
| 152 |
|
|
/200 Password changed/ && |
| 153 |
|
|
( $msg = "Password successfully changed", $status = 1, last ); |
| 154 |
|
|
/200 Bye/ && |
| 155 |
|
|
(popout($socket,"QUIT"), last ); |
| 156 |
|
|
/500/ && ( s/500//, $msg = $_, $status = undef, last ); |
| 157 |
|
|
// && ( $msg = "No Response from server", $status = 0, last ); |
| 158 |
|
|
print "bonk: $_<br>\n" if $DEBUG; |
| 159 |
|
|
} |
| 160 |
|
|
undef $socket; |
| 161 |
|
|
}; #eval |
| 162 |
|
|
if ($@) { |
| 163 |
|
|
($msg) = split(/:/, $@); |
| 164 |
|
|
$msg =~ /[Tt]imeout/ && ($msg = "poppassd server not responding, try again later."); |
| 165 |
|
|
$status = 0; |
| 166 |
|
|
} |
| 167 |
|
|
return $status; |
| 168 |
|
|
} |
Parent Directory
| 
Revision Log