version 1.210, 2013/08/29 12:36:15
|
version 1.211, 2014/02/12 20:29:36
|
Line 36 use strict;
|
Line 36 use strict;
|
use LONCAPA; |
use LONCAPA; |
use Apache::Constants qw(:common); |
use Apache::Constants qw(:common); |
use Apache::File; |
use Apache::File; |
use Crypt::DES; |
|
use DynaLoader; # for Crypt::DES version |
|
use Apache::loncommon(); |
use Apache::loncommon(); |
use Apache::lonhtmlcommon(); |
use Apache::lonhtmlcommon(); |
use Apache::lonlocal; |
use Apache::lonlocal; |
Line 45 use Apache::lonnet;
|
Line 43 use Apache::lonnet;
|
use LONCAPA::lonauthcgi(); |
use LONCAPA::lonauthcgi(); |
use LONCAPA(); |
use LONCAPA(); |
|
|
# |
|
# Write lonnet::passwd to do the call below. |
|
# Use: |
|
# my $answer=reply("encrypt:passwd:$udom:$uname:$upass",$tryserver); |
|
# |
|
################################################## |
|
# password associated functions # |
|
################################################## |
|
sub des_keys { |
|
# Make a new key for DES encryption. |
|
# Each key has two parts which are returned separately. |
|
# Please note: Each key must be passed through the &hex function |
|
# before it is output to the web browser. The hex versions cannot |
|
# be used to decrypt. |
|
my @hexstr=('0','1','2','3','4','5','6','7', |
|
'8','9','a','b','c','d','e','f'); |
|
my $lkey=''; |
|
for (0..7) { |
|
$lkey.=$hexstr[rand(15)]; |
|
} |
|
my $ukey=''; |
|
for (0..7) { |
|
$ukey.=$hexstr[rand(15)]; |
|
} |
|
return ($lkey,$ukey); |
|
} |
|
|
|
sub des_decrypt { |
|
my ($key,$cyphertext) = @_; |
|
my $keybin=pack("H16",$key); |
|
my $cypher; |
|
if ($Crypt::DES::VERSION>=2.03) { |
|
$cypher=new Crypt::DES $keybin; |
|
} else { |
|
$cypher=new DES $keybin; |
|
} |
|
my $plaintext= |
|
$cypher->decrypt(unpack("a8",pack("H16",substr($cyphertext,0,16)))); |
|
$plaintext.= |
|
$cypher->decrypt(unpack("a8",pack("H16",substr($cyphertext,16,16)))); |
|
$plaintext=substr($plaintext,1,ord(substr($plaintext,0,1)) ); |
|
return $plaintext; |
|
} |
|
|
|
################################################################ |
################################################################ |
# Handler subroutines # |
# Handler subroutines # |
################################################################ |
################################################################ |
Line 1604 ENDERROR
|
Line 1558 ENDERROR
|
} |
} |
my ($ckey,$n1key,$n2key)=split(/&/,$tmpinfo); |
my ($ckey,$n1key,$n2key)=split(/&/,$tmpinfo); |
# |
# |
$currentpass = &des_decrypt($ckey ,$currentpass); |
$currentpass = &Apache::loncommon::des_decrypt($ckey ,$currentpass); |
$newpass1 = &des_decrypt($n1key,$newpass1); |
$newpass1 = &Apache::loncommon::des_decrypt($n1key,$newpass1); |
$newpass2 = &des_decrypt($n2key,$newpass2); |
$newpass2 = &Apache::loncommon::des_decrypt($n2key,$newpass2); |
# |
# |
if ($caller eq 'reset_by_email') { |
if ($caller eq 'reset_by_email') { |
my %data = &Apache::lonnet::tmpget($mailtoken); |
my %data = &Apache::lonnet::tmpget($mailtoken); |