X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=Util.pm;h=08a5f070ae891700ea52a7e6636ba3eeae9df852;hb=6565c4df864eaf8ebf23c1cb26cd5a3ac67ee585;hp=b1b85f3f0b0b1c6971a6a8833b9997a1ecfc0438;hpb=a8c57b57660d7f459f7dcc3404d47fc938a4d8d1;p=mirror%2Fuserdir-ldap-cgi.git diff --git a/Util.pm b/Util.pm index b1b85f3..08a5f07 100644 --- a/Util.pm +++ b/Util.pm @@ -2,6 +2,7 @@ package Util; use strict; +use Date::Manip qw(ParseDate); my $blocksize = 8; # A blowfish block is 8 bytes my $configfile = "/etc/userdir-ldap/userdir-ldap.conf"; @@ -50,7 +51,9 @@ sub Encrypt { my $input = shift; my ($pos, $output); - $input .= " " x ($blocksize - (length($input) % $blocksize)) if (length($input % $blocksize)); + # prepend a length byte */ + $input = chr(length($input)).$input; + $input .= "\001" x ($blocksize - (length($input) % $blocksize)) if (length($input % $blocksize)); for ($pos = 0; $pos < length($input); $pos += $blocksize) { $output .= unpack("H16", $cipher->encrypt(substr($input, $pos, $blocksize))) if ($hascryptix); @@ -63,7 +66,7 @@ sub Decrypt { # trailing spaces are unimportant. my $cipher = shift; my $input = shift; - my ($pos, $portion, $output); + my ($pos, $portion, $output, $len); ((length($input) % $blocksize) == 0) || &HTMLError("Password corrupted"); # should always be true... @@ -71,8 +74,10 @@ sub Decrypt { $portion = pack("H16", substr($input, $pos, $blocksize*2)); $output .= $cipher->decrypt($portion) if ($hascryptix); } - - $output =~ s/ +$//; + + # check length byte, discard junk + $len = substr($output, 0, 1); + $output = substr($output, 1, ord($len)); return $output; } @@ -185,7 +190,7 @@ sub FetchKey { $fingerprint = "0x".$fingerprint; $/ = undef; # just suck it up .... - open(FP, "$config{gpg} --no-options --no-default-keyring $keyringparam --list-sigs --fingerprint $fingerprint|"); + open(FP, "$config{gpg} --no-options --no-default-keyring $keyringparam --check-sigs --fingerprint $fingerprint|"); $out = ; close FP; open(FP, "$config{gpg} --no-options --no-default-keyring $keyringparam --export -a $fingerprint|"); @@ -207,12 +212,22 @@ sub FormatLastSeen { # Format: # [Tue, 11 Jan 2000 02:37:18] "Joey Hess " " archive/latest/7130" "<20000110181924.H19910@kitenet.net>" # [Mon, 10 Jan 2000 21:48:19] "9E1E 1052 F8BB A351 0606 5527 50BB 2974 2D59 A7D2" " archive/latest/58632" "<20000110200506.13257.qmail@master.debian.org>" - my $lastseen = shift; - return "No activity detected" if (!$lastseen); + my $lastseenpgp = shift; + my $lastseenfrom = shift; + my ($d1, $d2, $lastseen); + + return "No activity detected" if (!$lastseenpgp && !$lastseenfrom); + $lastseen = $lastseenfrom if (!$lastseenpgp); + + if ($lastseenfrom && $lastseenpgp) { + ($d1) = ($lastseenpgp =~ /^\[(.+?)\]/); $d1 = ParseDate($d1); + ($d2) = ($lastseenfrom =~ /^\[(.+?)\]/); $d2 = ParseDate($d2); + $lastseen = (($d1 gt $d2) ? $lastseenpgp : $lastseenfrom); + } - my ($date,$user,$list,$msgid) = ($lastseen =~ /^\[(.+?)\]\s+"(.+?)"\s+"<(.+?)>.+?"\s+"<(.+?)>"/); - - return "$list
Message ID: $msgid"; + my ($date,$user,$list,$msgid) = ($lastseen =~ /^\[(.+?)\]\s+"(.+?)"\s+"(?:<(.+?)>.*?|\-)"\s+"<(.+?)>"/); + $list = "on $list" if ($list); + return "$date $list
 Message ID: $msgid"; } sub LookupCountry { @@ -263,6 +278,38 @@ sub CheckLatLong { } } +sub FixParams { + my $query = shift; + my $key; + my @names = $query->param; + + foreach $key (@names) { # web security is a joke ... + $_ = $query->param($key); + s/&/&/g; + s/[<\x8B]/</g; + s/[>\x9B]/>/g; + + $query->param($key, $_); + } +} + + +sub LDAPUpdate { + my $ldap = shift; + my $dn = shift; + my $attr = shift; + my $val = shift; + my $mesg; + + if (!$val) { + $mesg = $ldap->modify($dn, delete => { $attr => [] }); + } else { + $val = [ $val ] if (!ref($val)); + $mesg = $ldap->modify($dn, replace => { $attr => $val }); + $mesg->code && &Util::HTMLError("error updating $attr: ".$mesg->error); + } +} + ################### # Config file stuff sub ReadConfigFile {