my $id = $query->param('id');
my $authtoken = $query->param('authtoken');
-my $password = &Util::CheckAuthToken($authtoken);
-my $editdn = $query->param('editdn');
+
+my $password = undef;
+
+if ($authtoken || $id) {
+ $password = Util::TouchAuthToken($authtoken, $id);
+} else {
+ $password = '';
+ $id = '';
+ $authtoken = '';
+}
if ($proto eq "http" || !($id && $password)) {
print "Location: https://$ENV{SERVER_NAME}/$config{webloginhtml}\n\n";
}
#$SIG{__DIE__} = \&DieHandler;
+my $editdn = "uid=$id,$config{basedn}";
$ldap = Net::LDAP->new($config{ldaphost});
&Util::UpgradeConnection($ldap) unless $config{usessl} eq 'False';
my $confirmstring = '';
my $sudopassword = '';
for my $e(@{$entry->{'sudopassword'}}) {
- my ($uuid, $status, $hosts, $crypted) = ($e =~ /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}) (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*]+) ([^ ]+)$/);
+ my ($uuid, $status, $hosts, $crypted) = ($e =~ /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}) (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*-]+) ([^ ]+)$/);
unless (defined $uuid) {
$sudopassword .= "<tr><td>Unparseable line!</td></tr>\n";
next;
&Util::HTMLError("Password check failed for rtc-password: $msg. Please go back and try again.");
}
# create a md5 crypted password
- $newrtcpassword = &md5_hex( ldap_explode_dn($editid)->[0]{UID} . '@debian.org:rtc.debian.org:' . $query->param('newrtcpass') );
+ $newrtcpassword = &md5_hex( ldap_explode_dn($editdn)->[0]{UID} . '@debian.org:rtc.debian.org:' . $query->param('newrtcpass') );
&Util::LDAPUpdate($ldap, $editdn, 'rtcPassword', $newrtcpassword);
}
&Util::LDAPUpdate($ldap, $editdn, 'sudoPassword', \@keepsudo);
# when we are done, reload the page with the updated details.
- my $url = "https://$ENV{SERVER_NAME}/$config{webupdateurl}?id=$id&authtoken=$authtoken&editdn=";
- $url .= uri_escape($editdn, "\x00-\x40\x7f-\xff");
+ my $url = "https://$ENV{SERVER_NAME}/$config{webupdateurl}?id=$id;authtoken=$authtoken";
print "Location: $url\n\n";
}