3 # $Id: login.cgi,v 1.4 1999/12/11 07:03:45 tausq Exp $
4 # (c) 1999 Randolph Chung. Licensed under the GPL. <tausq@debian.org>
13 use Net::LDAP qw(:all);
15 my %config = &Util::ReadConfigFile;
18 my $proto = ($ENV{HTTPS} ? "https" : "http");
20 if (!($query->param('username')) || !($query->param('password'))) {
21 print "Location: $proto://$ENV{SERVER_NAME}/$config{webloginurl}\n\n";
25 my $key = &Util::CreateKey($config{blowfishkeylen}); # human-readable version of the key
26 my $hrkey = unpack("H".($config{blowfishkeylen}*2), $key);
27 my $cipher = new Crypt::Blowfish $key;
29 my $ldap = Net::LDAP->new($config{ldaphost}) || &Util::HTMLError($!);
31 my $username = $query->param('username');
32 my $password = $query->param('password');
33 my $binddn = "uid=$username,$config{basedn}";
35 &logf(sprintf("proto=[%s]; key=[%s]; hrkey=[%s]; username=[%s]; passwd=[%s]; binddn=[%s]",
36 $proto, $key, $hrkey, $username, ($password ? "shh!" : "(null)"), $binddn));
38 my $mesg = $ldap->bind($binddn, password => $password);
41 if ($mesg->code == LDAP_SUCCESS) {
42 my $cryptid = &Util::SavePasswordToFile($username, $password, $cipher);
44 if ($query->param('update')) {
45 my $url = "$proto://$ENV{SERVER_NAME}/$config{webupdateurl}?id=$username&authtoken=$cryptid,$hrkey&editdn=";
46 $url .= uri_escape("uid=$username,$config{basedn}", "\x00-\x40\x7f-\xff");
47 &logf("redirect url = [$url]");
48 print "Location: $url\n\n";
50 my $url = "$proto://$ENV{SERVER_NAME}/$config{websearchurl}?id=$username&authtoken=$cryptid,$hrkey";
51 &logf("redirect url = [$url]");
52 print "Location: $url\n\n";
58 print "Content-type: text/html\n\n";
59 print "<html><body><h1>Not authenticated</h1></body></html>\n";
66 if (open(L, ">>$config{weblogfile}")) {
67 print L sprintf("[%s] %s: %s\n", $ENV{REMOTE_ADDR}, $t, $msg);