# $Id: login.cgi,v 1.10 2006/12/22 08:58:50 rmurray Exp $
# (c) 1999 Randolph Chung. Licensed under the GPL. <tausq@debian.org>
# (c) 2006 Ryan Murray. Licensed under the GPL. <rmurray@debian.org>
+# Copyright (c) 2008, 2011, 2015 Peter Palfrader
use lib '.';
use strict;
use CGI;
use Util;
use URI::Escape;
-use Crypt::Blowfish;
-use Net::LDAP qw(:all);
+use Net::LDAP qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR);
my %config = &Util::ReadConfigFile;
exit;
}
-my $key = &Util::CreateKey($config{blowfishkeylen}); # human-readable version of the key
-my $hrkey = unpack("H".($config{blowfishkeylen}*2), $key);
-my $cipher = new Crypt::Blowfish $key;
-
my $ldap = Net::LDAP->new($config{ldaphost}) || &Util::HTMLError($!);
&Util::UpgradeConnection($ldap) unless $config{usessl} eq 'False';
}
## END HACK HACK HACK
- my $cryptid = &Util::SavePasswordToFile($username, $password, $cipher);
+ my $authtoken = &Util::SavePasswordToFile($username, $password);
if ($query->param('update')) {
- my $url = "$proto://$ENV{SERVER_NAME}/$config{webupdateurl}?id=$username&authtoken=$cryptid,$hrkey&editdn=";
- $url .= uri_escape("uid=$username,$config{basedn}", "\x00-\x40\x7f-\xff");
+ my $url = "$proto://$ENV{SERVER_NAME}/$config{webupdateurl}?id=$username;authtoken=$authtoken";
print "Location: $url\n\n";
} else {
- my $url = "$proto://$ENV{SERVER_NAME}/$config{websearchurl}?id=$username&authtoken=$cryptid,$hrkey";
+ my $url = "$proto://$ENV{SERVER_NAME}/$config{websearchurl}?id=$username;authtoken=$authtoken";
print "Location: $url\n\n";
}