Changeset 29

Timestamp:

11/05/09 17:55:34 (15 years ago)

Author:

Kris Deugau

Message:

/trunk

DNSDB::initGlobals

• don't roll over and die if the "systemwide defaults" file is missing

dns.cgi

• allow passwords to be crypt-MD5 hashes as well as plaintext (should we insist?)

Location:

trunk

Files:

• DNSDB.pm (modified) (1 diff)
• dns.cgi (modified) (3 diffs)

trunk/DNSDB.pm

@@ -130 +130 @@
 
 # load system-wide site defaults and things from config file
-  open SYSDEFAULTS, "</etc/dnsdb.conf";
+  if (open SYSDEFAULTS, "</etc/dnsdb.conf") {
 ##fixme - error check!
-  while (<SYSDEFAULTS>) {
-    next if /^\s*#/;
-    $def{contact}       = $1 if /contact ?= ?([a-z0-9_.-]+)/i;
-    $def{prins}         = $1 if /prins ?= ?([a-z0-9_.-]+)/i;
-    $def{soattl}        = $1 if /soattl ?= ?([a-z0-9_.-]+)/i;
-    $def{refresh}       = $1 if /refresh ?= ?([a-z0-9_.-]+)/i;
-    $def{retry}         = $1 if /retry ?= ?([a-z0-9_.-]+)/i;
-    $def{expire}        = $1 if /expire ?= ?([a-z0-9_.-]+)/i;
-    $def{minttl}        = $1 if /minttl ?= ?([a-z0-9_.-]+)/i;
-    $def{ttl}           = $1 if /ttl ?= ?([a-z0-9_.-]+)/i;
+    while (<SYSDEFAULTS>) {
+      next if /^\s*#/;
+      $def{contact}     = $1 if /contact ?= ?([a-z0-9_.-]+)/i;
+      $def{prins}               = $1 if /prins ?= ?([a-z0-9_.-]+)/i;
+      $def{soattl}      = $1 if /soattl ?= ?([a-z0-9_.-]+)/i;
+      $def{refresh}     = $1 if /refresh ?= ?([a-z0-9_.-]+)/i;
+      $def{retry}               = $1 if /retry ?= ?([a-z0-9_.-]+)/i;
+      $def{expire}      = $1 if /expire ?= ?([a-z0-9_.-]+)/i;
+      $def{minttl}      = $1 if /minttl ?= ?([a-z0-9_.-]+)/i;
+      $def{ttl}         = $1 if /ttl ?= ?([a-z0-9_.-]+)/i;
 ##fixme?  load DB user/pass from config file?
+    }
   }
 # load from database

trunk/dns.cgi

@@ -16 +16 @@
 use HTML::Template;
 use CGI::Session;
+use Crypt::PasswdMD5;
 use DBI;
 
@@ -74 +75 @@
 my $sortorder = "asc";
 
-my ($dbh,$msg) = connectDB("dnsdb","dnsdb","secret");
+my ($dbh,$msg) = connectDB("dnsdb","dnsdb","secret","dbhost");
 #my $dbh = DBI->connect("DBI:mysql:database=vegadns","vegadns","secret",
 #       { AutoCommit => 0 }) or die $DBI::errstr;
@@ -90 +91 @@
   my ($uid,$gid,$pass,$fname,$lname) = $sth->fetchrow_array;
   $webvar{loginfailed} = 1 if !defined($uid);
-  $webvar{loginfailed} = 1 if $pass ne $webvar{password};
+
+  if ($pass =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) {
+    $webvar{loginfailed} = 1 if $pass ne unix_md5_crypt($webvar{password},$1);
+  } else {
+    $webvar{loginfailed} = 1 if $pass ne $webvar{password};
+  }
 
   # set session bits