152 lines
4.5 KiB
Perl
152 lines
4.5 KiB
Perl
#!/usr/bin/perl -wT
|
|
|
|
#----------------------------------------------------------------------
|
|
# e-smith manager functions: userpassword
|
|
# copyright (C) 1999, 2000, 2001 e-smith, inc.
|
|
#
|
|
# This program is free software; you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program; if not, write to the Free Software
|
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
|
|
#
|
|
# Technical support for this program is available from e-smith, inc.
|
|
# Please visit our web site www.e-smith.com for details.
|
|
#----------------------------------------------------------------------
|
|
|
|
use strict;
|
|
use esmith::FormMagick;
|
|
use esmith::util;
|
|
use esmith::ConfigDB;
|
|
|
|
our $configdb = esmith::ConfigDB->open();
|
|
my $fm = new esmith::FormMagick;
|
|
$fm->display();
|
|
|
|
sub change_password {
|
|
my ($fm) = @_;
|
|
|
|
my $q = $fm->{cgi};
|
|
|
|
$q->param( -name => 'wherenext', -value => 'Done' );
|
|
|
|
my $oldPass = $q->param('oldPass');
|
|
my $pass = $q->param('pass');
|
|
my $acctName = $q->param('account');
|
|
|
|
unless (($oldPass) = ($oldPass =~ /^(\S+)$/ ))
|
|
{
|
|
$q->param(-name => 'status_message', -value => 'TAINTED_OLDPASS');
|
|
return;
|
|
}
|
|
|
|
unless (($pass) = ($pass =~ /^([ -~]+)$/ ))
|
|
{
|
|
$q->param(-name => 'status_message', -value => 'TAINTED_PASS');
|
|
return;
|
|
}
|
|
|
|
unless (($acctName) = ($acctName =~ /^([a-z][\-\_\.a-z0-9]*)$/ ))
|
|
{
|
|
$q->param(-name => 'status_message', -value => 'TAINTED_ACCOUNT');
|
|
return;
|
|
}
|
|
|
|
use esmith::AccountsDB;
|
|
my $accountdb = esmith::AccountsDB->open();
|
|
|
|
my $acct;
|
|
unless ($acct = $accountdb->get($acctName))
|
|
{
|
|
$q->param(-name => 'status_message', -value => 'YOUR_ACCOUNT_INVALID');
|
|
return;
|
|
}
|
|
|
|
unless ($acct->prop('type') eq 'user')
|
|
{
|
|
$q->param(-name=>'status_message', -value=>"YOUR_ACCOUNT_INVALID");
|
|
return;
|
|
}
|
|
|
|
unless (esmith::util::setUserPasswordRequirePrevious(
|
|
$acctName,
|
|
$oldPass,
|
|
$pass))
|
|
{
|
|
$q->param(-name => 'status_message',
|
|
-value => 'ERROR_PASSWORD_CHANGE');
|
|
return;
|
|
}
|
|
$acct->set_prop("PasswordSet", "yes");
|
|
undef $accountdb;
|
|
|
|
system("/sbin/e-smith/signal-event", "password-modify", $acctName) == 0
|
|
or die ("Error occurred while modifying password for $acctName.\n");
|
|
$accountdb = esmith::AccountsDB->open();
|
|
|
|
$q->param(-name => 'status_message', -value => 'PASSWORD_CHANGE_SUCCESS');
|
|
return;
|
|
}
|
|
|
|
sub password_compare {
|
|
my $fm = shift;
|
|
my $pass2 = shift;
|
|
|
|
my $pass1 = $fm->{cgi}->param('pass');
|
|
unless ($pass1 eq $pass2) {
|
|
$fm->{cgi}->param( -name => 'wherenext', -value => 'Password' );
|
|
return "PASSWORD_VERIFY_ERROR";
|
|
}
|
|
return "OK";
|
|
}
|
|
|
|
=pod
|
|
|
|
=head2 check_password
|
|
|
|
Validates the password using the desired strength
|
|
|
|
=cut
|
|
|
|
sub check_password {
|
|
my $fm = shift;
|
|
my $pass1 = shift;
|
|
|
|
my $check_type;
|
|
my $rec = $configdb->get('passwordstrength');
|
|
$check_type = ($rec ? ($rec->prop('Users') || 'none') : 'none');
|
|
|
|
return $fm->validate_password($check_type,$pass1);
|
|
}
|
|
|
|
__DATA__
|
|
<form title="ACCOUNT_PASSWORD_CHANGE" header="/etc/e-smith/web/common/userpassword_head.tmpl" footer="/etc/e-smith/web/common/foot.tmpl">
|
|
<page name="Password" post-event="change_password" pre-event="turn_off_buttons()" header="/etc/e-smith/web/common/head.tmpl" footer="/etc/e-smith/web/common/foot.tmpl">
|
|
<description>DESCRIPTION</description>
|
|
|
|
<field type="text" id="account" validation="nonblank" value="">
|
|
<label>YOUR_ACCOUNT</label>
|
|
</field>
|
|
<field type="password" id="oldPass" validation="nonblank" value="">
|
|
<label>PASSWORD_OLD</label>
|
|
</field>
|
|
<field type="password" id="pass" validation="nonblank, check_password" value="">
|
|
<label>PASSWORD_NEW</label>
|
|
</field>
|
|
<field type="password" id="passVerify" validation="password_compare" value="">
|
|
<label>PASSWORD_VERIFY_NEW</label>
|
|
</field>
|
|
<subroutine src="print_button('PASSWORD_CHANGE')" />
|
|
</page>
|
|
<page name="Done" pre-event="print_status_message()">
|
|
</page>
|
|
</form>
|