X-Git-Url: https://git.adam-barratt.org.uk/?a=blobdiff_plain;f=update.cgi;h=716faa936390815e225316722ca1220c5277f7e8;hb=7e3253a8e182b7f49f222a760af741dbd27f8367;hp=1a66b753b7932faa7883fadffebb7164c241cccd;hpb=7186c5b0dbf23f02d1564637b55c5f45fbb44193;p=mirror%2Fuserdir-ldap-cgi.git
diff --git a/update.cgi b/update.cgi
index 1a66b75..716faa9 100755
--- a/update.cgi
+++ b/update.cgi
@@ -119,8 +119,8 @@ if (!($query->param('doupdate'))) {
. '>female';
my $confirmstring = '';
my $sudopassword = '';
- for my $entry (@{$entry->{'sudopassword'}}) {
- my ($uuid, $status, $hosts, $crypted) = ($entry =~ /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}) (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*]+) ([^ ]+)$/);
+ for my $e(@{$entry->{'sudopassword'}}) {
+ my ($uuid, $status, $hosts, $crypted) = ($e =~ /^([0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}) (confirmed:[0-9a-f]{40}|unconfirmed) ([a-z0-9.,*]+) ([^ ]+)$/);
unless (defined $uuid) {
$sudopassword .= "
Unparseable line! |
\n";
next;
@@ -165,6 +165,14 @@ if (!($query->param('doupdate'))) {
}
close F;
} else {
+ my @ldapinfo_for_pwcheck;
+ for my $a (qw{cn sn md gecos uid}) {
+ for my $e (@{$entry->{$a}}) {
+ push @ldapinfo_for_pwcheck, $e;
+ }
+ }
+
+
# Actually update stuff...
my ($newpassword, $newstaddress);
@@ -179,7 +187,13 @@ if (!($query->param('doupdate'))) {
if ($query->param('newpass') ne $query->param('newpassvrfy')) {
# passwords don't match...
&Util::HTMLError("The passwords you specified do not match. Please go back and try again.");
- }
+ }
+
+ my ($r, $msg) = &Util::checkPasswordQuality($query->param('newpass'), undef, [@ldapinfo_for_pwcheck]);
+ if ($r) {
+ &Util::HTMLError("Password check failed: $msg. Please go back and try again.");
+ }
+
# create a md5 crypted password
$newpassword = '{crypt}'.crypt($query->param('newpass'), &Util::CreateCryptSalt(1));
@@ -237,13 +251,23 @@ if (!($query->param('doupdate'))) {
my $newsudo;
my $newsudo_hosts;
if ($query->param('newsudopass') && $query->param('newsudopassvrfy')) {
- if ($query->param('newsudopass') ne $query->param('newsudopassvrfy')) {
- &Util::HTMLError("The sudo passwords you specified do not match. Please go back and try again.");
- }
my $host = $query->param('newsudopass-host');
if ($host =~ /[^a-z0-9.-]/ and $host ne '*') {
&Util::HTMLError("The sudo host has weird characters '$host'.");
}
+
+ if ($query->param('newsudopass') ne $query->param('newsudopassvrfy')) {
+ &Util::HTMLError("The sudo passwords you specified do not match. Please go back and try again.");
+ }
+
+ my $ldappass = $password;
+ $ldappass = $query->param('newpass') if $query->param('newpass');
+ push @ldapinfo_for_pwcheck, $host, split(/\./, $host);
+ my ($r, $msg) = &Util::checkPasswordQuality($query->param('newsudopass'), $ldappass, [@ldapinfo_for_pwcheck]);
+ if ($r) {
+ &Util::HTMLError("Password check failed for new sudo pass: $msg. Please go back and try again.");
+ }
+
# create a md5 crypted password
my $newsudopassword = crypt($query->param('newsudopass'), &Util::CreateCryptSalt(1));
my $ug = new Data::UUID;