[BACK]Return to lcpasswd CVS log [TXT] [DIR] Up to [LON-CAPA] / loncom

Diff for /loncom/lcpasswd between versions 1.6 and 1.10

version 1.6, 2000/10/28 19:22:19 version 1.10, 2000/10/30 03:08:28
Line 23  use strict; Line 23  use strict;
 # Second line is CURRENT PASSWORD  # Second line is CURRENT PASSWORD
 # Third line is NEW PASSWORD  # Third line is NEW PASSWORD
   
   # Valid passwords must consist of the
   # ascii characters within the inclusive
   # range of 0x20 (32) to 0x7E (126).
   # These characters are:
   # SPACE and
   # !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNO
   # PQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
   
   # Valid user names must consist of ascii
   # characters that are alphabetical characters
   # (A-Z,a-z), numeric (0-9), or the underscore
   # mark (_). (Essentially, the perl regex \w).
   
 # Command-line arguments  # Command-line arguments
 # Yes, but be very careful here (don't pass shell commands)  # Yes, but be very careful here (don't pass shell commands)
 # and this is only supported to allow perl-system calls.  # and this is only supported to allow perl-system calls.
Line 35  use strict; Line 48  use strict;
   
 # These are the exit codes.  # These are the exit codes.
 # ( (0,"ok"),  # ( (0,"ok"),
 #   (1,"User ID mismatch.  This program must be run as user 'www'),  #   (1,"User ID mismatch.  This program must be run as user 'www'"),
 #   (2,"Error. This program does not accept command-line arguments."),  #   (2,"Error. This program needs 3 command-line arguments (username, old password, new password)."),
 #   (3,"Error. Three lines need to be entered into standard input."),  #   (3,"Error. Three lines need to be entered into standard input."),
 #   (4,"Error. Too many other simultaneous password change requests being made."),  #   (4,"Error. Too many other simultaneous password change requests being made."),
 #   (5,"Error. User $username does not exist."),  #   (5,"Error. User $username does not exist."),
 #   (6,"Error. Invalid entry of current password."),  #   (6,"Error. Invalid entry of current password."),
 #   (7,"Error.  Root was not successfully enabled.") )  #   (7,"Error. Root was not successfully enabled."),
 #   (8,"Error.  Cannot open /etc/passwd.") )  #   (8,"Error. Cannot open /etc/passwd."),
   #   (9,"Error. The user name specified has invalid characters."),
   #   (10,"Error. A password entry had an invalid character.") )
   
 # Security  # Security
 $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information except for what smbpasswd needs  $ENV{'PATH'}='/bin:/usr/bin'; # Nullify path information except for what smbpasswd needs
Line 97  else { Line 112  else {
 }  }
   
 my ($username,$oldpwd,$newpwd)=@input;  my ($username,$oldpwd,$newpwd)=@input;
   $username=~/^(\w+)$/;
   my $safeusername=$1;
   if ($username ne $safeusername) {
       print "Error. The user name specified has invalid characters.\n";
       unlink('/tmp/lock_lcpasswd');
       exit 9;
   }
   my $pbad=0;
   map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$oldpwd));
   map {if (($_<32)&&($_>126)){$pbad=1;}} (split(//,$newpwd));
   if ($pbad) {
       print "Error. A password entry had an invalid character.\n";
       unlink('/tmp/lock_lcpasswd');
       exit 10;
   }
   
 # Grab the line corresponding to username  # Grab the line corresponding to username
 my ($userid,$useroldcryptpwd);  my ($userid,$useroldcryptpwd);
Line 137  for my $l (@lines) { Line 167  for my $l (@lines) {
     else {print PASSWORDFILE "$l\n";}      else {print PASSWORDFILE "$l\n";}
 }  }
 close PASSWORDFILE;  close PASSWORDFILE;
 $username=~/^(\w+)$/;  
 my $safeusername=$1;  
 ($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid environment  ($>,$<)=(0,0); # fool smbpasswd here to think this is not a setuid environment
 unless (-e '/etc/smbpasswd') {  unless (-e '/etc/smbpasswd') {
     open (OUT,'>/etc/smbpasswd'); close OUT;      open (OUT,'>/etc/smbpasswd'); close OUT;
Removed from v.1.6  
changed lines
  Added in v.1.10

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>