#!/usr/bin/perl -wT #---------------------------------------------------------------------- # e-smith manager functions: userpassword # copyright (C) 1999, 2000, 2001 e-smith, inc. # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # Technical support for this program is available from e-smith, inc. # Please visit our web site www.e-smith.com for details. #---------------------------------------------------------------------- use strict; use esmith::FormMagick; use esmith::util; use esmith::ConfigDB; our $configdb = esmith::ConfigDB->open(); my $fm = new esmith::FormMagick; $fm->display(); sub change_password { my ($fm) = @_; my $q = $fm->{cgi}; $q->param( -name => 'wherenext', -value => 'Done' ); my $oldPass = $q->param('oldPass'); my $pass = $q->param('pass'); my $acctName = $q->param('account'); unless (($oldPass) = ($oldPass =~ /^(\S+)$/ )) { $q->param(-name => 'status_message', -value => 'TAINTED_OLDPASS'); return; } unless (($pass) = ($pass =~ /^([ -~]+)$/ )) { $q->param(-name => 'status_message', -value => 'TAINTED_PASS'); return; } unless (($acctName) = ($acctName =~ /^([a-z][\-\_\.a-z0-9]*)$/ )) { $q->param(-name => 'status_message', -value => 'TAINTED_ACCOUNT'); return; } use esmith::AccountsDB; my $accountdb = esmith::AccountsDB->open(); my $acct; unless ($acct = $accountdb->get($acctName)) { $q->param(-name => 'status_message', -value => 'YOUR_ACCOUNT_INVALID'); return; } unless ($acct->prop('type') eq 'user') { $q->param(-name=>'status_message', -value=>"YOUR_ACCOUNT_INVALID"); return; } unless (esmith::util::setUserPasswordRequirePrevious( $acctName, $oldPass, $pass)) { $q->param(-name => 'status_message', -value => 'ERROR_PASSWORD_CHANGE'); return; } $acct->set_prop("PasswordSet", "yes"); undef $accountdb; system("/sbin/e-smith/signal-event", "password-modify", $acctName) == 0 or die ("Error occurred while modifying password for $acctName.\n"); $accountdb = esmith::AccountsDB->open(); $q->param(-name => 'status_message', -value => 'PASSWORD_CHANGE_SUCCESS'); return; } sub password_compare { my $fm = shift; my $pass2 = shift; my $pass1 = $fm->{cgi}->param('pass'); unless ($pass1 eq $pass2) { $fm->{cgi}->param( -name => 'wherenext', -value => 'Password' ); return "PASSWORD_VERIFY_ERROR"; } return "OK"; } =pod =head2 check_password Validates the password using the desired strength =cut sub check_password { my $fm = shift; my $pass1 = shift; my $check_type; my $rec = $configdb->get('passwordstrength'); $check_type = ($rec ? ($rec->prop('Users') || 'none') : 'none'); return $fm->validate_password($check_type,$pass1); } __DATA__
DESCRIPTION