|
version 1.91, 2002/08/22 20:00:00
|
version 1.103, 2002/10/30 14:50:04
|
|
Line 83 my $DEBUG = 0; # Non zero to ena
|
Line 83 my $DEBUG = 0; # Non zero to ena
|
| my $status=''; |
my $status=''; |
| my $lastlog=''; |
my $lastlog=''; |
| |
|
| |
# |
| |
# The array below are password error strings." |
| |
# |
| |
my $lastpwderror = 13; # Largest error number from lcpasswd. |
| |
my @passwderrors = ("ok", |
| |
"lcpasswd must be run as user 'www'", |
| |
"lcpasswd got incorrect number of arguments", |
| |
"lcpasswd did not get the right nubmer of input text lines", |
| |
"lcpasswd too many simultaneous pwd changes in progress", |
| |
"lcpasswd User does not exist.", |
| |
"lcpasswd Incorrect current passwd", |
| |
"lcpasswd Unable to su to root.", |
| |
"lcpasswd Cannot set new passwd.", |
| |
"lcpasswd Username has invalid characters", |
| |
"lcpasswd Invalid characters in password", |
| |
"11", "12", |
| |
"lcpasswd Password mismatch"); |
| |
|
| |
|
| |
# The array below are lcuseradd error strings.: |
| |
|
| |
my $lastadderror = 13; |
| |
my @adderrors = ("ok", |
| |
"User ID mismatch, lcuseradd must run as user www", |
| |
"lcuseradd Incorrect number of command line parameters must be 3", |
| |
"lcuseradd Incorrect number of stdinput lines, must be 3", |
| |
"lcuseradd Too many other simultaneous pwd changes in progress", |
| |
"lcuseradd User does not exist", |
| |
"lcuseradd Unabel to mak ewww member of users's group", |
| |
"lcuseradd Unable to su to root", |
| |
"lcuseradd Unable to set password", |
| |
"lcuseradd Usrname has invbalid charcters", |
| |
"lcuseradd Password has an invalid character", |
| |
"lcuseradd User already exists", |
| |
"lcuseradd Could not add user.", |
| |
"lcuseradd Password mismatch"); |
| |
|
| |
|
| |
# |
| |
# Convert an error return code from lcpasswd to a string value. |
| |
# |
| |
sub lcpasswdstrerror { |
| |
my $ErrorCode = shift; |
| |
if(($ErrorCode < 0) || ($ErrorCode > $lastpwderror)) { |
| |
return "lcpasswd Unrecognized error return value ".$ErrorCode; |
| |
} else { |
| |
return $passwderrors[$ErrorCode]; |
| |
} |
| |
} |
| |
|
| |
# |
| |
# Convert an error return code from lcuseradd to a string value: |
| |
# |
| |
sub lcuseraddstrerror { |
| |
my $ErrorCode = shift; |
| |
if(($ErrorCode < 0) || ($ErrorCode > $lastadderror)) { |
| |
return "lcuseradd - Unrecognized error code: ".$ErrorCode; |
| |
} else { |
| |
return $adderrors[$ErrorCode]; |
| |
} |
| |
} |
| |
|
| # grabs exception and records it to log before exiting |
# grabs exception and records it to log before exiting |
| sub catchexception { |
sub catchexception { |
| my ($error)=@_; |
my ($error)=@_; |
|
Line 107 $SIG{'QUIT'}=\&catchexception;
|
Line 169 $SIG{'QUIT'}=\&catchexception;
|
| $SIG{__DIE__}=\&catchexception; |
$SIG{__DIE__}=\&catchexception; |
| |
|
| # ---------------------------------- Read loncapa_apache.conf and loncapa.conf |
# ---------------------------------- Read loncapa_apache.conf and loncapa.conf |
| &status("Read loncapa_apache.conf and loncapa.conf"); |
&status("Read loncapa.conf and loncapa_apache.conf"); |
| my $perlvarref=LONCAPA::Configuration::read_conf('loncapa_apache.conf', |
my $perlvarref=LONCAPA::Configuration::read_conf('loncapa.conf'); |
| 'loncapa.conf'); |
|
| my %perlvar=%{$perlvarref}; |
my %perlvar=%{$perlvarref}; |
| undef $perlvarref; |
undef $perlvarref; |
| |
|
|
Line 279 sub status {
|
Line 340 sub status {
|
| my $now=time; |
my $now=time; |
| my $local=localtime($now); |
my $local=localtime($now); |
| $status=$local.': '.$what; |
$status=$local.': '.$what; |
| |
$0='lond: '.$what.' '.$local; |
| } |
} |
| |
|
| # -------------------------------------------------------- Escape Special Chars |
# -------------------------------------------------------- Escape Special Chars |
|
Line 501 sub make_new_child {
|
Line 563 sub make_new_child {
|
| # ============================================================================= |
# ============================================================================= |
| # do something with the connection |
# do something with the connection |
| # ----------------------------------------------------------------------------- |
# ----------------------------------------------------------------------------- |
| |
$client->sockopt(SO_KEEPALIVE, 1);# Enable monitoring of |
| |
# connection liveness. |
| # see if we know client and check for spoof IP by challenge |
# see if we know client and check for spoof IP by challenge |
| my $caller=getpeername($client); |
my $caller=getpeername($client); |
| my ($port,$iaddr)=unpack_sockaddr_in($caller); |
my ($port,$iaddr)=unpack_sockaddr_in($caller); |
|
Line 632 sub make_new_child {
|
Line 696 sub make_new_child {
|
| my ($howpwd,$contentpwd)=split(/:/,$realpasswd); |
my ($howpwd,$contentpwd)=split(/:/,$realpasswd); |
| my $pwdcorrect=0; |
my $pwdcorrect=0; |
| if ($howpwd eq 'internal') { |
if ($howpwd eq 'internal') { |
| |
&Debug("Internal auth"); |
| $pwdcorrect= |
$pwdcorrect= |
| (crypt($upass,$contentpwd) eq $contentpwd); |
(crypt($upass,$contentpwd) eq $contentpwd); |
| } elsif ($howpwd eq 'unix') { |
} elsif ($howpwd eq 'unix') { |
| $contentpwd=(getpwnam($uname))[1]; |
&Debug("Unix auth"); |
| my $pwauth_path="/usr/local/sbin/pwauth"; |
if((getpwnam($uname))[1] eq "") { #no such user! |
| unless ($contentpwd eq 'x') { |
$pwdcorrect = 0; |
| $pwdcorrect= |
} else { |
| (crypt($upass,$contentpwd) eq $contentpwd); |
$contentpwd=(getpwnam($uname))[1]; |
| } |
my $pwauth_path="/usr/local/sbin/pwauth"; |
| |
unless ($contentpwd eq 'x') { |
| |
$pwdcorrect= |
| |
(crypt($upass,$contentpwd) eq |
| |
$contentpwd); |
| |
} |
| |
|
| elsif (-e $pwauth_path) { |
elsif (-e $pwauth_path) { |
| open PWAUTH, "|$pwauth_path" or |
open PWAUTH, "|$pwauth_path" or |
| die "Cannot invoke authentication"; |
die "Cannot invoke authentication"; |
|
Line 648 sub make_new_child {
|
Line 719 sub make_new_child {
|
| close PWAUTH; |
close PWAUTH; |
| $pwdcorrect=!$?; |
$pwdcorrect=!$?; |
| } |
} |
| |
} |
| } elsif ($howpwd eq 'krb4') { |
} elsif ($howpwd eq 'krb4') { |
| $null=pack("C",0); |
$null=pack("C",0); |
| unless ($upass=~/$null/) { |
unless ($upass=~/$null/) { |
|
Line 660 sub make_new_child {
|
Line 732 sub make_new_child {
|
| $null=pack("C",0); |
$null=pack("C",0); |
| unless ($upass=~/$null/) { |
unless ($upass=~/$null/) { |
| my $krbclient=&Authen::Krb5::parse_name($uname.'@'.$contentpwd); |
my $krbclient=&Authen::Krb5::parse_name($uname.'@'.$contentpwd); |
| &logthis("Realm ".$krbclient->realm); |
|
| my $krbservice="krbtgt/".$contentpwd."\@".$contentpwd; |
my $krbservice="krbtgt/".$contentpwd."\@".$contentpwd; |
| my $krbserver=&Authen::Krb5::parse_name($krbservice); |
my $krbserver=&Authen::Krb5::parse_name($krbservice); |
| my $credentials=&Authen::Krb5::cc_default(); |
my $credentials=&Authen::Krb5::cc_default(); |
|
Line 668 sub make_new_child {
|
Line 739 sub make_new_child {
|
| my $krbreturn = |
my $krbreturn = |
| &Authen::Krb5::get_in_tkt_with_password( |
&Authen::Krb5::get_in_tkt_with_password( |
| $krbclient,$krbserver,$upass,$credentials); |
$krbclient,$krbserver,$upass,$credentials); |
| unless ($krbreturn) { |
# unless ($krbreturn) { |
| &logthis("Krb5 Error: ". |
# &logthis("Krb5 Error: ". |
| &Authen::Krb5::error()); |
# &Authen::Krb5::error()); |
| } |
# } |
| $pwdcorrect = ($krbreturn == 1); |
$pwdcorrect = ($krbreturn == 1); |
| } else { $pwdcorrect=0; } |
} else { $pwdcorrect=0; } |
| } elsif ($howpwd eq 'localauth') { |
} elsif ($howpwd eq 'localauth') { |
|
Line 697 sub make_new_child {
|
Line 768 sub make_new_child {
|
| chomp($npass); |
chomp($npass); |
| $upass=&unescape($upass); |
$upass=&unescape($upass); |
| $npass=&unescape($npass); |
$npass=&unescape($npass); |
| &logthis("Trying to change password for $uname"); |
&Debug("Trying to change password for $uname"); |
| my $proname=propath($udom,$uname); |
my $proname=propath($udom,$uname); |
| my $passfilename="$proname/passwd"; |
my $passfilename="$proname/passwd"; |
| if (-e $passfilename) { |
if (-e $passfilename) { |
|
Line 707 sub make_new_child {
|
Line 778 sub make_new_child {
|
| chomp($realpasswd); |
chomp($realpasswd); |
| my ($howpwd,$contentpwd)=split(/:/,$realpasswd); |
my ($howpwd,$contentpwd)=split(/:/,$realpasswd); |
| if ($howpwd eq 'internal') { |
if ($howpwd eq 'internal') { |
| |
&Debug("internal auth"); |
| if (crypt($upass,$contentpwd) eq $contentpwd) { |
if (crypt($upass,$contentpwd) eq $contentpwd) { |
| my $salt=time; |
my $salt=time; |
| $salt=substr($salt,6,2); |
$salt=substr($salt,6,2); |
|
Line 723 sub make_new_child {
|
Line 795 sub make_new_child {
|
| # one way or another. |
# one way or another. |
| # First: Make sure the current password is |
# First: Make sure the current password is |
| # correct |
# correct |
| |
&Debug("auth is unix"); |
| $contentpwd=(getpwnam($uname))[1]; |
$contentpwd=(getpwnam($uname))[1]; |
| my $pwdcorrect = "0"; |
my $pwdcorrect = "0"; |
| my $pwauth_path="/usr/local/sbin/pwauth"; |
my $pwauth_path="/usr/local/sbin/pwauth"; |
|
Line 734 sub make_new_child {
|
Line 807 sub make_new_child {
|
| die "Cannot invoke authentication"; |
die "Cannot invoke authentication"; |
| print PWAUTH "$uname\n$upass\n"; |
print PWAUTH "$uname\n$upass\n"; |
| close PWAUTH; |
close PWAUTH; |
| $pwdcorrect=!$?; |
&Debug("exited pwauth with $? ($uname,$upass) "); |
| |
$pwdcorrect=($? == 0); |
| } |
} |
| if ($pwdcorrect) { |
if ($pwdcorrect) { |
| my $execdir=$perlvar{'lonDaemons'}; |
my $execdir=$perlvar{'lonDaemons'}; |
| my $pf = IO::File->new("|$execdir/lcpasswd"); |
&Debug("Opening lcpasswd pipeline"); |
| |
my $pf = IO::File->new("|$execdir/lcpasswd > /home/www/lcpasswd.log"); |
| print $pf "$uname\n$npass\n$npass\n"; |
print $pf "$uname\n$npass\n$npass\n"; |
| close $pf; |
close $pf; |
| my $result = ($?>0 ? 'pwchange_failure' |
my $err = $?; |
| |
my $result = ($err>0 ? 'pwchange_failure' |
| : 'ok'); |
: 'ok'); |
| &logthis("Result of password change for $uname: $result"); |
&logthis("Result of password change for $uname: ". |
| |
&lcpasswdstrerror($?)); |
| print $client "$result\n"; |
print $client "$result\n"; |
| } else { |
} else { |
| print $client "non_authorized\n"; |
print $client "non_authorized\n"; |
|
Line 789 sub make_new_child {
|
Line 866 sub make_new_child {
|
| } |
} |
| } |
} |
| unless ($fperror) { |
unless ($fperror) { |
| my $result=&make_passwd_file($umode,$npass, |
my $result=&make_passwd_file($uname, $umode,$npass, |
| $passfilename); |
$passfilename); |
| print $client $result; |
print $client $result; |
| } else { |
} else { |
|
Line 815 sub make_new_child {
|
Line 892 sub make_new_child {
|
| if ($udom ne $perlvar{'lonDefDomain'}) { |
if ($udom ne $perlvar{'lonDefDomain'}) { |
| print $client "not_right_domain\n"; |
print $client "not_right_domain\n"; |
| } else { |
} else { |
| &make_passwd_file($umode,$npass,$passfilename); |
my $result=&make_passwd_file($uname, $umode,$npass, |
| |
$passfilename); |
| print $client $result; |
print $client $result; |
| } |
} |
| } else { |
} else { |
|
Line 938 sub make_new_child {
|
Line 1016 sub make_new_child {
|
| # ------------------------------------------------------------------- subscribe |
# ------------------------------------------------------------------- subscribe |
| } elsif ($userinput =~ /^sub/) { |
} elsif ($userinput =~ /^sub/) { |
| print $client &subscribe($userinput,$clientip); |
print $client &subscribe($userinput,$clientip); |
| |
# ------------------------------------------------------------- current version |
| |
} elsif ($userinput =~ /^currentversion/) { |
| |
my ($cmd,$fname)=split(/:/,$userinput); |
| |
print $client ¤tversion($fname)."\n"; |
| # ------------------------------------------------------------------------- log |
# ------------------------------------------------------------------------- log |
| } elsif ($userinput =~ /^log/) { |
} elsif ($userinput =~ /^log/) { |
| my ($cmd,$udom,$uname,$what)=split(/:/,$userinput); |
my ($cmd,$udom,$uname,$what)=split(/:/,$userinput); |
|
Line 1147 sub make_new_child {
|
Line 1229 sub make_new_child {
|
| } else { |
} else { |
| $regexp='.'; |
$regexp='.'; |
| } |
} |
| my $proname=propath($udom,$uname); |
|
| my $qresult=''; |
my $qresult=''; |
| if (tie(%hash,'GDBM_File',"$proname/$namespace.db",&GDBM_READER,0640)) { |
my $proname=propath($udom,$uname); |
| |
if (tie(%hash,'GDBM_File',"$proname/$namespace.db",&GDBM_READER(),0640)) { |
| study($regexp); |
study($regexp); |
| foreach $key (keys %hash) { |
while (($key,$value) = each(%hash)) { |
| my $unescapeKey = &unescape($key); |
if ($regexp eq '.') { |
| if (eval('$unescapeKey=~/$regexp/')) { |
$qresult.=$key.'='.$value.'&'; |
| $qresult.="$key=$hash{$key}&"; |
} else { |
| } |
my $unescapeKey = &unescape($key); |
| |
if (eval('$unescapeKey=~/$regexp/')) { |
| |
$qresult.="$key=$value&"; |
| |
} |
| |
} |
| } |
} |
| if (untie(%hash)) { |
if (untie(%hash)) { |
| $qresult=~s/\&$//; |
chop($qresult); |
| print $client "$qresult\n"; |
print $client "$qresult\n"; |
| } else { |
} else { |
| print $client "error:$!\n"; |
print $client "error:$!\n"; |
| } |
} |
| } else { |
} else { |
| print $client "error:$!\n"; |
print $client "error:$!\n"; |
|
Line 1566 sub unsub {
|
Line 1652 sub unsub {
|
| return $result; |
return $result; |
| } |
} |
| |
|
| |
sub currentversion { |
| |
my $fname=shift; |
| |
my $version=-1; |
| |
my $ulsdir=''; |
| |
if ($fname=~/^(.+)\/[^\/]+$/) { |
| |
$ulsdir=$1; |
| |
} |
| |
$fname=~s/\.\d+\.(\w+(?:\.meta)*)$/\.$1/; |
| |
$fname=~s/\.(\w+(?:\.meta)*)$/\.\(\\d\+\)\.$1\$/; |
| |
|
| |
if (-e $fname) { $version=1; } |
| |
if (-e $ulsdir) { |
| |
if(-d $ulsdir) { |
| |
if (opendir(LSDIR,$ulsdir)) { |
| |
while ($ulsfn=readdir(LSDIR)) { |
| |
# see if this is a regular file (ignore links produced earlier) |
| |
my $thisfile=$ulsdir.'/'.$ulsfn; |
| |
unless (-l $thisfile) { |
| |
if ($thisfile=~/$fname/) { |
| |
if ($1>$version) { $version=$1; } |
| |
} |
| |
} |
| |
} |
| |
closedir(LSDIR); |
| |
$version++; |
| |
} |
| |
} |
| |
} |
| |
return $version; |
| |
} |
| |
|
| |
sub thisversion { |
| |
my $fname=shift; |
| |
my $version=-1; |
| |
if ($fname=~/\.(\d+)\.\w+(?:\.meta)*$/) { |
| |
$version=$1; |
| |
} |
| |
return $version; |
| |
} |
| |
|
| sub subscribe { |
sub subscribe { |
| my ($userinput,$clientip)=@_; |
my ($userinput,$clientip)=@_; |
| my $result; |
my $result; |
| my ($cmd,$fname)=split(/:/,$userinput); |
my ($cmd,$fname)=split(/:/,$userinput); |
| my $ownership=&ishome($fname); |
my $ownership=&ishome($fname); |
| if ($ownership eq 'owner') { |
if ($ownership eq 'owner') { |
| |
# explitly asking for the current version? |
| |
unless (-e $fname) { |
| |
my $currentversion=¤tversion($fname); |
| |
if (&thisversion($fname)==$currentversion) { |
| |
if ($fname=~/^(.+)\.\d+\.(\w+(?:\.meta)*)$/) { |
| |
my $root=$1; |
| |
my $extension=$2; |
| |
symlink($root.'.'.$extension, |
| |
$root.'.'.$currentversion.'.'.$extension); |
| |
unless ($extension=~/\.meta$/) { |
| |
symlink($root.'.'.$extension.'.meta', |
| |
$root.'.'.$currentversion.'.'.$extension.'.meta'); |
| |
} |
| |
} |
| |
} |
| |
} |
| if (-e $fname) { |
if (-e $fname) { |
| if (-d $fname) { |
if (-d $fname) { |
| $result="directory\n"; |
$result="directory\n"; |
|
Line 1599 sub subscribe {
|
Line 1741 sub subscribe {
|
| } |
} |
| |
|
| sub make_passwd_file { |
sub make_passwd_file { |
| my ($umode,$npass,$passfilename)=@_; |
my ($uname, $umode,$npass,$passfilename)=@_; |
| my $result="ok\n"; |
my $result="ok\n"; |
| if ($umode eq 'krb4' or $umode eq 'krb5') { |
if ($umode eq 'krb4' or $umode eq 'krb5') { |
| { |
{ |
|
Line 1625 sub make_passwd_file {
|
Line 1767 sub make_passwd_file {
|
| my $execpath="$perlvar{'lonDaemons'}/"."lcuseradd"; |
my $execpath="$perlvar{'lonDaemons'}/"."lcuseradd"; |
| { |
{ |
| &Debug("Executing external: ".$execpath); |
&Debug("Executing external: ".$execpath); |
| my $se = IO::File->new("|$execpath"); |
&Debug("user = ".$uname.", Password =". $npass); |
| |
my $se = IO::File->new("|$execpath > /home/www/lcuseradd.log"); |
| print $se "$uname\n"; |
print $se "$uname\n"; |
| print $se "$npass\n"; |
print $se "$npass\n"; |
| print $se "$npass\n"; |
print $se "$npass\n"; |
| } |
} |
| |
my $useraddok = $?; |
| |
if($useraddok > 0) { |
| |
&logthis("Failed lcuseradd: ".&lcuseraddstrerror($useraddok)); |
| |
} |
| my $pf = IO::File->new(">$passfilename"); |
my $pf = IO::File->new(">$passfilename"); |
| print $pf "unix:\n"; |
print $pf "unix:\n"; |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to lond CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom