#!/usr/bin/perl # $Id: login.cgi,v 1.4 1999/12/11 07:03:45 tausq Exp $ # (c) 1999 Randolph Chung. Licensed under the GPL. use lib '.'; use strict; #use Apache::Registry; use CGI; use Util; use URI::Escape; use Crypt::Blowfish; use Net::LDAP qw(:all); my %config = &Util::ReadConfigFile; my $query = new CGI; my $proto = ($ENV{HTTPS} ? "https" : "http"); if (!($query->param('username')) || !($query->param('password'))) { print "Location: $proto://$ENV{SERVER_NAME}/$config{webloginurl}\n\n"; exit; } my $key = &Util::CreateKey($config{blowfishkeylen}); # human-readable version of the key my $hrkey = unpack("H".($config{blowfishkeylen}*2), $key); my $cipher = new Crypt::Blowfish $key; my $ldap = Net::LDAP->new($config{ldaphost}) || &Util::HTMLError($!); my $username = $query->param('username'); my $password = $query->param('password'); my $binddn = "uid=$username,$config{basedn}"; &logf(sprintf("proto=[%s]; key=[%s]; hrkey=[%s]; username=[%s]; passwd=[%s]; binddn=[%s]", $proto, $key, $hrkey, $username, ($password ? "shh!" : "(null)"), $binddn)); my $mesg = $ldap->bind($binddn, password => $password); $mesg->sync; if ($mesg->code == LDAP_SUCCESS) { my $cryptid = &Util::SavePasswordToFile($username, $password, $cipher); if ($query->param('update')) { my $url = "$proto://$ENV{SERVER_NAME}/$config{webupdateurl}?id=$username&authtoken=$cryptid,$hrkey&editdn="; $url .= uri_escape("uid=$username,$config{basedn}", "\x00-\x40\x7f-\xff"); &logf("redirect url = [$url]"); print "Location: $url\n\n"; } else { my $url = "$proto://$ENV{SERVER_NAME}/$config{websearchurl}?id=$username&authtoken=$cryptid,$hrkey"; &logf("redirect url = [$url]"); print "Location: $url\n\n"; } $ldap->unbind; } else { &logf("bad auth"); print "Content-type: text/html\n\n"; print "

Not authenticated

\n"; } sub logf { my $msg = shift; my $t = localtime; if (open(L, ">>$config{weblogfile}")) { print L sprintf("[%s] %s: %s\n", $ENV{REMOTE_ADDR}, $t, $msg); close L; } } exit 0;