| 1 | #!/usr/bin/perl -w
|
---|
| 2 | #
|
---|
| 3 | # $Id$
|
---|
| 4 | #
|
---|
| 5 | # Simple CGI script to change your password, currently 'configured'
|
---|
| 6 | # for dovecotpw, but could easy be ported to something else.
|
---|
| 7 | #
|
---|
| 8 | # License: BSDLike
|
---|
| 9 | # Rick van der Zwet <info@rickvanderzwet.nl>
|
---|
| 10 |
|
---|
| 11 | use CGI;
|
---|
| 12 | $q = CGI->new;
|
---|
| 13 |
|
---|
| 14 | $MIN_PASSWD_LENGTH=8;
|
---|
| 15 |
|
---|
| 16 | $PASSWDFILE='/usr/local/etc/dovecot.passwd';
|
---|
| 17 | $DOVECOTPW='/usr/local/sbin/dovecotpw';
|
---|
| 18 |
|
---|
| 19 | if (! -w $PASSWDFILE || ! -x $DOVECOTPW) {
|
---|
| 20 | print $q->header(-status=>$error);
|
---|
| 21 | print $q->start_html('Problems');
|
---|
| 22 | print $q->h2('Not able to open internals (database or binary)');
|
---|
| 23 | exit 1;
|
---|
| 24 | };
|
---|
| 25 |
|
---|
| 26 |
|
---|
| 27 | # Message 'buffer', entries in here will be pushed on top of form
|
---|
| 28 | @messages = ();
|
---|
| 29 |
|
---|
| 30 |
|
---|
| 31 | #
|
---|
| 32 | # Verify validity of CGI input
|
---|
| 33 | sub check_cgi() {
|
---|
| 34 | if ($q->request_method() eq "POST") {
|
---|
| 35 | if (! ($q->param('username') && $q->param('old_password') &&
|
---|
| 36 | $q->param('new_password') && $q->param('verify_password'))) {
|
---|
| 37 | push(@messages, "Not all fields are provided");
|
---|
| 38 | return 1;
|
---|
| 39 | }
|
---|
| 40 | if ($q->param('new_password') ne $q->param('verify_password')) {
|
---|
| 41 | push(@messages, 'New passwords does not match');
|
---|
| 42 | return 1;
|
---|
| 43 | }
|
---|
| 44 | if ($q->param('new_password') eq $q->param('old_password')) {
|
---|
| 45 | push(@messages, 'New password equal to old password not changing');
|
---|
| 46 | return 1;
|
---|
| 47 | }
|
---|
| 48 | if (length($q->param('new_password')) < $MIN_PASSWD_LENGTH) {
|
---|
| 49 | push(@messages, "New password to short (minimal $MIN_PASSWD_LENGTH characters)");
|
---|
| 50 | return 1;
|
---|
| 51 | }
|
---|
| 52 | return 0;
|
---|
| 53 | }
|
---|
| 54 | return 1;
|
---|
| 55 | }
|
---|
| 56 |
|
---|
| 57 |
|
---|
| 58 | #
|
---|
| 59 | # Process CGI, assuming all values are correct
|
---|
| 60 | sub process_cgi_for_dovecotpw() {
|
---|
| 61 | my $username = $q->param('username');
|
---|
| 62 | my $old_password = $q->param('old_password');
|
---|
| 63 | my $new_password = $q->param('new_password');
|
---|
| 64 |
|
---|
| 65 | # XXX: Untested LOCK setup
|
---|
| 66 | open(LOCK, '>> /tmp/changepw.lock');
|
---|
| 67 | flock LOCK, 2;
|
---|
| 68 | my $password = `$DOVECOTPW -p $old_password`;
|
---|
| 69 | open(FH, "<$PASSWDFILE");
|
---|
| 70 | my @users = <FH>;
|
---|
| 71 | close(FH);
|
---|
| 72 | # Find all lines _NOT_ matching this entry
|
---|
| 73 | my @lines = grep (!/^$username:$password/, @users);
|
---|
| 74 | # If we still have the same amount of lines we did not remove anything
|
---|
| 75 | if ((scalar(@lines) - scalar(@users)) == 0) {
|
---|
| 76 | push(@messages, "Username or password invalid");
|
---|
| 77 | flock LOCK, 2;
|
---|
| 78 | close(LOCK);
|
---|
| 79 | return;
|
---|
| 80 | }
|
---|
| 81 | $password = `$DOVECOTPW -p $new_password`;
|
---|
| 82 | push(@lines,"$username:$password");
|
---|
| 83 |
|
---|
| 84 | open(FH, ">$PASSWDFILE");
|
---|
| 85 | print FH sort(@lines);
|
---|
| 86 | close(FH);
|
---|
| 87 | push(@messages, "Password changed");
|
---|
| 88 | flock LOCK, 2;
|
---|
| 89 | close(LOCK);
|
---|
| 90 | }
|
---|
| 91 |
|
---|
| 92 | # Only process if field are valid
|
---|
| 93 | if (check_cgi() == 0) {
|
---|
| 94 | process_cgi_for_dovecotpw();
|
---|
| 95 | }
|
---|
| 96 |
|
---|
| 97 | print $q->header;
|
---|
| 98 | print $q->start_html('Change Email Password');
|
---|
| 99 | print $q->start_center();
|
---|
| 100 | if (@messages) {
|
---|
| 101 | print $q->h2($q->ul({-style => 'list-style-type: none'}, $q->li(@messages)));
|
---|
| 102 | };
|
---|
| 103 | print $q->start_form();
|
---|
| 104 | print $q->table($q->caption($q->h2('Please provide your values to change password')),
|
---|
| 105 | $q->Tr([$q->td(['username', $q->textfield('username','somebody@example.org')])]),
|
---|
| 106 | $q->Tr([$q->td(['old password', $q->password_field('old_password')])]),
|
---|
| 107 | $q->Tr([$q->td(['new password', $q->password_field('new_password')])]),
|
---|
| 108 | $q->Tr([$q->td(['verify new password', $q->password_field('verify_password')])]),
|
---|
| 109 | $q->Tr([$q->td({-colspan=>2,-align=>'center'},[$q->submit('submit', 'Change Password')])])
|
---|
| 110 | );
|
---|
| 111 | print '</table>';
|
---|
| 112 | print $q->end_form();
|
---|
| 113 | print $q->end_center();
|
---|
| 114 | print $q->end_html;
|
---|