Changeset 92


Ignore:
Timestamp:
04/14/11 15:28:40 (14 years ago)
Author:
Kris Deugau
Message:

/trunk

Add support for imported VegaDNS encrypted passwords (hex-coded MD5)
Tweak permission-fiddling on new group to eliminate uninitialized variable warnings
Switch logic on failure deleting a group to match domain and user delete
URL-encode values passed for extra parameters in changepage()
Whitespace nitpick fiddling between subs

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/dns.cgi

    r91 r92  
    1717use CGI::Session;
    1818use Crypt::PasswdMD5;
     19use Digest::MD5 qw(md5_hex);
    1920use Net::DNS;
    2021use DBI;
     
    116117    $webvar{loginfailed} = 1 if !defined($uid);
    117118
    118 ##fixme:  allow imported VegaDNS passwords.  hash is hex-coded MD5.
    119 #perl -e 'use Digest::MD5 qw(md5 md5_hex md5_base64); print md5_hex("test")."\n";'
    120 #098f6bcd4621d373cade4e832627b4f6
    121 
    122119    if ($pass =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) {
     120      # native passwords (crypt-md5)
    123121      $webvar{loginfailed} = 1 if $pass ne unix_md5_crypt($webvar{password},$1);
     122    } elsif ($pass =~ /^[0-9a-f]{32}$/) {
     123      # VegaDNS import (hex-coded MD5)
     124      $webvar{loginfailed} = 1 if $pass ne md5_hex($webvar{password});
    124125    } else {
     126      # plaintext (convenient now and then)
    125127      $webvar{loginfailed} = 1 if $pass ne $webvar{password};
    126128    }
     
    490492    foreach (@permtypes) {
    491493      $newperms{$_} = 0;
    492       $newperms{$_} = 1 if $webvar{$_} eq 'on';
     494      $newperms{$_} = (defined($webvar{$_}) && $webvar{$_} eq 'on' ? 1 : 0);
    493495    }
    494496    # not gonna provide the 4th param: template-or-clone flag, just yet
     
    529531    if ($code ne 'OK') {
    530532# need to find failure mode
    531       $page->param(del_failed => 1);
    532       $page->param(errmsg => $msg);
    533       $page->param(curpage => $webvar{page});
    534       listgroups();
     533      changepage(page => "grpman", del_failed => 1, errmsg => $msg);
    535534##fixme: log
    536535    } else {
     
    11151114  my $newurl = "http://$ENV{HTTP_HOST}$ENV{SCRIPT_NAME}?sid=$sid";
    11161115  foreach (keys %params) {
    1117     $newurl .= "&$_=$params{$_}";
     1116    $newurl .= "&$_=".$q->url_encode($params{$_});
    11181117  }
    11191118
     
    14681467} # end listgroups()
    14691468
     1469
    14701470sub fill_grouplist {
    14711471  my $template_var = shift;
     
    14961496} # end fill_grouplist()
    14971497
     1498
    14981499sub list_users {
    14991500
     
    15701571} # end list_users()
    15711572
     1573
    15721574# Generate all of the glop necessary to add or not the appropriate marker/flag for
    15731575# the sort order and column in domain, user, group, and record lists
     
    16081610} # end fill_colheads()
    16091611
     1612
    16101613sub logaction {
    16111614  my $domid = shift;
     
    16231626  $sth->execute($domid,$user_id,$groupid,$username,$fullname,$entry);
    16241627} # end logaction()
     1628
    16251629
    16261630##fixme:  generalize to return appropriate id on all cases (ie, use $partype)
     
    16601664} # end parentID()
    16611665
     1666
    16621667# we have to do this in a variety of places;  let's make it consistent
    16631668sub fill_permissions {
Note: See TracChangeset for help on using the changeset viewer.