Changeset 92 for trunk/dns.cgi

Timestamp:

04/14/11 15:28:40 (13 years ago)

Author:

Kris Deugau

Message:

/trunk

Add support for imported VegaDNS encrypted passwords (hex-coded MD5)
Tweak permission-fiddling on new group to eliminate uninitialized variable warnings
Switch logic on failure deleting a group to match domain and user delete
URL-encode values passed for extra parameters in changepage()
Whitespace nitpick fiddling between subs

File:

• trunk/dns.cgi (modified) (11 diffs)

trunk/dns.cgi

@@ -17 +17 @@
 use CGI::Session;
 use Crypt::PasswdMD5;
+use Digest::MD5 qw(md5_hex);
 use Net::DNS;
 use DBI;
@@ -116 +117 @@
     $webvar{loginfailed} = 1 if !defined($uid);
 
-##fixme:  allow imported VegaDNS passwords.  hash is hex-coded MD5.
-#perl -e 'use Digest::MD5 qw(md5 md5_hex md5_base64); print md5_hex("test")."\n";'
-#098f6bcd4621d373cade4e832627b4f6
-
     if ($pass =~ m|^\$1\$([A-Za-z0-9/.]+)\$|) {
+      # native passwords (crypt-md5)
       $webvar{loginfailed} = 1 if $pass ne unix_md5_crypt($webvar{password},$1);
+    } elsif ($pass =~ /^[0-9a-f]{32}$/) {
+      # VegaDNS import (hex-coded MD5)
+      $webvar{loginfailed} = 1 if $pass ne md5_hex($webvar{password});
     } else {
+      # plaintext (convenient now and then)
       $webvar{loginfailed} = 1 if $pass ne $webvar{password};
     }
@@ -490 +492 @@
     foreach (@permtypes) {
       $newperms{$_} = 0;
-      $newperms{$_} = 1 if $webvar{$_} eq 'on';
+      $newperms{$_} = (defined($webvar{$_}) && $webvar{$_} eq 'on' ? 1 : 0);
     }
     # not gonna provide the 4th param: template-or-clone flag, just yet
@@ -529 +531 @@
     if ($code ne 'OK') {
 # need to find failure mode
-      $page->param(del_failed => 1);
-      $page->param(errmsg => $msg);
-      $page->param(curpage => $webvar{page});
-      listgroups();
+      changepage(page => "grpman", del_failed => 1, errmsg => $msg);
 ##fixme: log
     } else {
@@ -1115 +1114 @@
   my $newurl = "http://$ENV{HTTP_HOST}$ENV{SCRIPT_NAME}?sid=$sid";
   foreach (keys %params) {
-    $newurl .= "&$_=$params{$_}";
+    $newurl .= "&$_=".$q->url_encode($params{$_});
   }
 
@@ -1468 +1467 @@
 } # end listgroups()
 
+
 sub fill_grouplist {
   my $template_var = shift;
@@ -1496 +1496 @@
 } # end fill_grouplist()
 
+
 sub list_users {
 
@@ -1570 +1571 @@
 } # end list_users()
 
+
 # Generate all of the glop necessary to add or not the appropriate marker/flag for
 # the sort order and column in domain, user, group, and record lists
@@ -1608 +1610 @@
 } # end fill_colheads()
 
+
 sub logaction {
   my $domid = shift;
@@ -1623 +1626 @@
   $sth->execute($domid,$user_id,$groupid,$username,$fullname,$entry);
 } # end logaction()
+
 
 ##fixme:  generalize to return appropriate id on all cases (ie, use $partype)
@@ -1660 +1664 @@
 } # end parentID()
 
+
 # we have to do this in a variety of places;  let's make it consistent
 sub fill_permissions {