From a750624f4d005e2bc415e86a38947a7fa10d0cb9 Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Wed, 20 Aug 2003 21:52:52 +0000
Subject: checlking in initial version of 2.2 scripts so I can start updating
 them (This used to be commit 766a5070d58ada7a871a7fab45b5f7e203264952)

---
 examples/LDAP/smbldap-tools/cgi/ldappass.cgi | 202 +++++++++++++++++++++++++++
 1 file changed, 202 insertions(+)
 create mode 100755 examples/LDAP/smbldap-tools/cgi/ldappass.cgi

(limited to 'examples/LDAP/smbldap-tools/cgi/ldappass.cgi')
diff --git a/examples/LDAP/smbldap-tools/cgi/ldappass.cgi b/examples/LDAP/smbldap-tools/cgi/ldappass.cgi
new file mode 100755
index 0000000000..4a5ecb8f3a
--- /dev/null
+++ b/examples/LDAP/smbldap-tools/cgi/ldappass.cgi
@@ -0,0 +1,202 @@
+#!/usr/bin/perl
+
+################################################################################
+#
+# changepass.pl - A program to allow users to change their passwords
+#                 via a web browser.
+# Terry Davis
+# 
+# URLs
+#	Net::LDAP - http://
+#	usermod and this file - http://www.cloudamster.com/cloudmaster/projects
+#
+# Release History:
+#	Version 0.1 - initial write
+#
+# ToDo:
+#	... the ToDo section is on the ToDo list...
+#
+# Limitations:
+#	The password cannot contain single and double quotes.....welcome to quoting hell....
+#
+# Notes:
+#       This code is largely based on work done by Danny Sauer - http://www.cloudamster.com/cloudmaster/projects
+#       His work is not licensed and is marked as 'freely distributable'.
+#       Thank you to Danny for his hard work on the initial work.
+#
+################################################################################
+
+use CGI qw(:standard);
+use Net::LDAP;
+
+# CONFIGURATION SECTION
+$masterLDAP = "ldap.idealx.org";
+$basedn = "dc=IDEALX,dc=org";
+$masterPw = "";
+$masterDN = "cn=manager,$basedn";
+$ldap_path = "/usr/bin";
+$ldap_opts = "-x";
+$ldappasswd = "$ldap_path/ldappasswd $ldap_opts -h $masterLDAP -D '$masterDN' -w '$masterPw'";
+$usersdn = "ou=Users,$basedn";
+# END CONFIGURATION
+
+
+
+# DONT EDIT ANYTHING BELOW THIS LINE
+$logtag = "Login:";
+$passtag = "Current password:";
+$npasstag1 = "New password:";
+$npasstag2 = "Retype new pasword:";
+$error = "";
+$color = "<FONT color='red'>";
+$stopcolor = "</FONT>";
+
+if(param()){
+	nologin() unless ($username = param('login'));
+	nopass() unless ($oldpass = param('oldpass'));
+	nonewpass(1) unless ($newpass1 = param('newpass'));
+	nonewpass(2) unless ($newpass2 = param('newpass2'));
+	verifyuser($username) or die "bad user";
+	verifypass($username, $oldpass) or die "bad pass";
+	testnewpass($newpass1, $newpass2) or die "bad new pass";
+	changepass($username, $newpass1) or die "couldn't change pass";
+	printsuccess();
+}else{
+	printpage();
+}
+exit(0);
+
+sub verifyuser{
+	local $user = shift;
+	$ldap = Net::LDAP->new($masterLDAP) or die "can't make new LDAP object: $@";
+	$ldap->bind();
+	if (0 < $ldap->search(base => $basedn, filter => "(uid=$user)")->count){
+		return 1;
+	}
+	$logtag = $color . $logtag . $color;
+	$error = "No such user";
+	printpage();
+	return 0;
+}
+
+sub verifypass{
+	$uid = shift;
+	$pass = shift;
+	$ldap = Net::LDAP->new($masterLDAP) or die "can't make new LDAP object: $@";
+	$binddn = "uid=$uid,ou=People,$basedn";
+	return 1 if($ldap->bind( $binddn, password => $pass)->code == 0);
+	if($ldap->bind()){
+		$passtag = $color . $passtag . $color;
+		$error = "Incorrect password";
+		printpage();
+		return 0;
+	}else{
+		print header, start_html(-title=>"LDAP dead");
+		print h2("<CENTER>The LDAP server is temporarily unavailable."),
+			p,"Please try again later</CENTER>";
+		return 0;
+	}die "Something (or someone) is defective, contact your friendly Systems Administrator";
+}
+
+sub testnewpass{
+	$p1 = shift; $p2 = shift;
+	if ($p1 ne $p2){
+		$npasstag1 = $color . $npasstag1 . $color;
+		$npasstag2 = $color . $npasstag2 . $color;
+		$error = "Passwords don't match ($p1 vs $p2)";
+		printpage();
+		return 0;
+	}
+        if ($p1 =~ /"/ ){
+                $npasstag1 = $color . $npasstag1 . $color;
+                $npasstag2 = $color . $npasstag2 . $color;
+                $error = "Passwords cannot contain double quotes. Sorry";
+                printpage();
+                return 0;
+        }
+        if ($p1 =~ /'/ ){
+                $npasstag1 = $color . $npasstag1 . $color;
+                $npasstag2 = $color . $npasstag2 . $color;
+                $error = "Passwords cannot contain single quotes. Sorry";
+                printpage();
+                return 0;
+        }
+	return 1;
+}
+
+sub changepass{
+	local $user = shift;
+	local $newpass = shift;
+	local $dn = "uid=$user,$usersdn";
+	system "$ldappasswd $dn -s '$newpass' > /dev/null";
+	`/usr/bin/sudo /usr/bin/smbpasswd $user "$newpass"`;	
+	exit(1);
+}
+
+sub nologin{
+	$logtag = $color . $logtag . $color;
+	$error = "You need to enter a Login Name";
+	printpage();
+	exit(1);
+}
+
+sub nopass{
+	$passtag = $color . $passtag . $color;
+	$error = "Please enter your old password";
+	printpage();
+	exit(1);
+}
+
+sub nonewpass{
+	$f=shift;
+	$npasstag1 = $color . $npasstag1 . $color if($f==1);
+	$npasstag2 = $color . $npasstag2 . $color if($f==2);
+	$error = "You need to enter your new password";
+	$error .= " twice" if($f==2);
+	printpage();
+	exit(1);
+}
+
+sub printpage{
+	print header,
+	      start_html(-title=> "Password Change Page",
+	                 -author=> 'tdavis@birddog.com',
+			 -BGCOLOR=> 'WHITE'),
+	      h3('Password Change Page'),
+	      startform(-method=>'POST'),
+	      "<TABLE BORDER=0 WIDTH=50%>",
+	      "<font size=2>",
+	      "<TR><TD>",
+	      $logtag,
+	      "</TD><TD>",
+	      textfield(-name=>'login', -default=>$login, 
+	                -size=>15, -maxlength=>20),
+	      "</TD><TR><TD>",
+	      $passtag,
+	      "</TD><TD>",
+	      password_field(-name=>'oldpass', -size=>15, -maxlength=>25),
+	      "</TD><TR><TD>",
+	      $npasstag1,
+	      "</TD><TD>",
+	      password_field(-name=>'newpass', -size=>15, -maxlength=>25),
+	      "</TD><TR><TD>",
+	      $npasstag2,
+	      "</TD><TD>",
+	      password_field(-name=>'newpass2', -size=>15, -maxlength=>25),
+	      "</TD><TR><TD></TD><TD>",
+	      submit(-name=>"change"),reset(),
+	      "</TD></TR></TABLE>",
+	      "</font>",
+	      endform(),
+	      "<FONT color='red'>$error</FONT>",
+	      end_html;
+}
+
+sub printsuccess(){
+	print header,
+	      start_html(-title=> "Success",
+		             -BGCOLOR=> 'WHITE'),
+		  h1("Password Succesfully Changed"),
+		  "<br>",
+		  end_html;
+}
-- 
cgit 


", + $logtag, + "	", + textfield(-name=>'login', -default=>$login, + -size=>15, -maxlength=>20), + "
", + $passtag, + "	", + password_field(-name=>'oldpass', -size=>15, -maxlength=>25), + "
", + $npasstag1, + "	", + password_field(-name=>'newpass', -size=>15, -maxlength=>25), + "
", + $npasstag2, + "	", + password_field(-name=>'newpass2', -size=>15, -maxlength=>25), + "
	", + submit(-name=>"change"),reset(), + "