X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;ds=sidebyside;f=update.cgi;h=1ff3d004cb6e97298773c6f6cacecdb14610a5e5;hb=c4f7f37b019553aabda9ae50d88c71d7ac7cf5e5;hp=02d3a5b28b5cb63030937a5a14e28809bef11c4b;hpb=dce01ebc1c99705de3acd1638edf0b9301ddf8cb;p=mirror%2Fuserdir-ldap-cgi.git
diff --git a/update.cgi b/update.cgi
index 02d3a5b..1ff3d00 100755
--- a/update.cgi
+++ b/update.cgi
@@ -10,11 +10,13 @@ use strict vars;
use CGI;
use Data::UUID;
use Digest::HMAC_SHA1 qw(hmac_sha1_hex);
+use Digest::MD5 qw(md5_hex);
use Util;
use English;
use URI::Escape;
use Crypt::PasswdMD5;
use Net::LDAP qw(LDAP_SUCCESS LDAP_PROTOCOL_ERROR);
+use Net::LDAP::Util qw(ldap_explode_dn);
my %config = &Util::ReadConfigFile;
@@ -23,8 +25,16 @@ my $proto = ($ENV{HTTPS} ? "https" : "http");
my $id = $query->param('id');
my $authtoken = $query->param('authtoken');
-my $password = &Util::CheckAuthToken($authtoken);
-my $editdn = $query->param('editdn');
+
+my $password = undef;
+
+if ($authtoken || $id) {
+ $password = Util::TouchAuthToken($authtoken, $id);
+} else {
+ $password = '';
+ $id = '';
+ $authtoken = '';
+}
if ($proto eq "http" || !($id && $password)) {
print "Location: https://$ENV{SERVER_NAME}/$config{webloginhtml}\n\n";
@@ -42,7 +52,8 @@ sub DieHandler {
$ldap->unbind if (defined($ldap));
}
-$SIG{__DIE__} = \&DieHandler;
+#$SIG{__DIE__} = \&DieHandler;
+my $editdn = "uid=$id,$config{basedn}";
$ldap = Net::LDAP->new($config{ldaphost});
&Util::UpgradeConnection($ldap) unless $config{usessl} eq 'False';
@@ -144,7 +155,7 @@ if (!($query->param('doupdate'))) {
my $confirmstring = '';
my $sudopassword = '';
for my $e(@{$entry->{'sudopassword'}}) {
- my ($uuid, $status, $hosts, $crypted) = ($e =~ /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}) (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*]+) ([^ ]+)$/);
+ my ($uuid, $status, $hosts, $crypted) = ($e =~ /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}) (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*-]+) ([^ ]+)$/);
unless (defined $uuid) {
$sudopassword .= "
Unparseable line!
\n";
next;
@@ -171,7 +182,7 @@ if (!($query->param('doupdate'))) {
}
};
if ($confirmstring ne '') {
- $confirmstring = " To confirm your new sudo passwords send signed mail to changes\@db.debian.org with a signed body containing these lines:
$confirmstring
";
+ $confirmstring = " To confirm your new sudo passwords send signed mail to changes\@$config{maildomain} with a signed body containing these lines: