diff --git a/codepot/Makefile.am b/codepot/Makefile.am index 8b1c01e1..1e8cf632 100644 --- a/codepot/Makefile.am +++ b/codepot/Makefile.am @@ -1,7 +1,7 @@ ACLOCAL_AMFLAGS = -I ac/m4 AUTOMAKE_OPTION = foreign -SUBDIRS = etc src +SUBDIRS = etc src sbin EXTRA_DIST = README mkmf.sh DEBIAN diff --git a/codepot/Makefile.in b/codepot/Makefile.in index c1206ba6..3a4488de 100644 --- a/codepot/Makefile.in +++ b/codepot/Makefile.in @@ -155,7 +155,7 @@ target_alias = @target_alias@ wwwdir = @wwwdir@ ACLOCAL_AMFLAGS = -I ac/m4 AUTOMAKE_OPTION = foreign -SUBDIRS = etc src +SUBDIRS = etc src sbin EXTRA_DIST = README mkmf.sh DEBIAN all: config.h $(MAKE) $(AM_MAKEFLAGS) all-recursive @@ -350,7 +350,7 @@ distclean-tags: distdir: $(DISTFILES) $(am__remove_distdir) mkdir $(distdir) - $(mkdir_p) $(distdir)/. $(distdir)/DEBIAN $(distdir)/ac/aux $(distdir)/ac/m4 $(distdir)/etc $(distdir)/src + $(mkdir_p) $(distdir)/. $(distdir)/DEBIAN $(distdir)/ac/aux $(distdir)/ac/m4 $(distdir)/etc $(distdir)/sbin $(distdir)/src @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ list='$(DISTFILES)'; for file in $$list; do \ diff --git a/codepot/codepot.spec.in b/codepot/codepot.spec.in index 0f3f92af..1e484884 100644 --- a/codepot/codepot.spec.in +++ b/codepot/codepot.spec.in @@ -41,6 +41,7 @@ rm -rf $RPM_BUILD_ROOT %defattr(-,root,root) /var/www/html/codepot +/usr/sbin/codepot-user %config(noreplace) /etc/codepot/codepot.ini /etc/codepot/codepot.mysql diff --git a/codepot/configure b/codepot/configure index 73b499ff..ee545124 100755 --- a/codepot/configure +++ b/codepot/configure @@ -2544,7 +2544,7 @@ cachedir=$cachedir - ac_config_files="$ac_config_files Makefile codepot.spec etc/Makefile etc/codepot.ini etc/codepot.a2ldap etc/start-commit etc/post-commit etc/pre-revprop-change etc/post-revprop-change DEBIAN/Makefile DEBIAN/control DEBIAN/postinst DEBIAN/postrm src/config.php src/codepot/config/Makefile src/codepot/controllers/Makefile src/codepot/errors/Makefile src/codepot/helpers/Makefile src/codepot/hooks/Makefile src/codepot/language/english/Makefile src/codepot/language/indonesian/Makefile src/codepot/language/korean/Makefile src/codepot/language/Makefile src/codepot/libraries/Makefile src/codepot/models/Makefile src/codepot/views/Makefile src/codepot/Makefile src/css/images/Makefile src/css/Makefile src/js/prettify/Makefile src/js/Makefile src/system/cache/Makefile src/system/codeigniter/Makefile src/system/database/drivers/mssql/Makefile src/system/database/drivers/mysql/Makefile src/system/database/drivers/mysqli/Makefile src/system/database/drivers/oci8/Makefile src/system/database/drivers/odbc/Makefile src/system/database/drivers/postgre/Makefile src/system/database/drivers/sqlite/Makefile src/system/database/drivers/Makefile src/system/database/Makefile src/system/fonts/Makefile src/system/helpers/Makefile src/system/language/english/Makefile src/system/language/korean/Makefile src/system/language/Makefile src/system/libraries/Makefile src/system/logs/Makefile src/system/plugins/Makefile src/system/scaffolding/images/Makefile src/system/scaffolding/views/Makefile src/system/scaffolding/Makefile src/system/Makefile src/Makefile" + ac_config_files="$ac_config_files Makefile codepot.spec etc/Makefile etc/codepot.ini etc/codepot.a2ldap etc/start-commit etc/post-commit etc/pre-revprop-change etc/post-revprop-change sbin/Makefile sbin/codepot-user DEBIAN/Makefile DEBIAN/control DEBIAN/postinst DEBIAN/postrm src/config.php src/codepot/config/Makefile src/codepot/controllers/Makefile src/codepot/errors/Makefile src/codepot/helpers/Makefile src/codepot/hooks/Makefile src/codepot/language/english/Makefile src/codepot/language/indonesian/Makefile src/codepot/language/korean/Makefile src/codepot/language/Makefile src/codepot/libraries/Makefile src/codepot/models/Makefile src/codepot/views/Makefile src/codepot/Makefile src/css/images/Makefile src/css/Makefile src/js/prettify/Makefile src/js/Makefile src/system/cache/Makefile src/system/codeigniter/Makefile src/system/database/drivers/mssql/Makefile src/system/database/drivers/mysql/Makefile src/system/database/drivers/mysqli/Makefile src/system/database/drivers/oci8/Makefile src/system/database/drivers/odbc/Makefile src/system/database/drivers/postgre/Makefile src/system/database/drivers/sqlite/Makefile src/system/database/drivers/Makefile src/system/database/Makefile src/system/fonts/Makefile src/system/helpers/Makefile src/system/language/english/Makefile src/system/language/korean/Makefile src/system/language/Makefile src/system/libraries/Makefile src/system/logs/Makefile src/system/plugins/Makefile src/system/scaffolding/images/Makefile src/system/scaffolding/views/Makefile src/system/scaffolding/Makefile src/system/Makefile src/Makefile" cat >confcache <<\_ACEOF # This file is a shell script that caches the results of configure @@ -3080,6 +3080,8 @@ do "etc/post-commit" ) CONFIG_FILES="$CONFIG_FILES etc/post-commit" ;; "etc/pre-revprop-change" ) CONFIG_FILES="$CONFIG_FILES etc/pre-revprop-change" ;; "etc/post-revprop-change" ) CONFIG_FILES="$CONFIG_FILES etc/post-revprop-change" ;; + "sbin/Makefile" ) CONFIG_FILES="$CONFIG_FILES sbin/Makefile" ;; + "sbin/codepot-user" ) CONFIG_FILES="$CONFIG_FILES sbin/codepot-user" ;; "DEBIAN/Makefile" ) CONFIG_FILES="$CONFIG_FILES DEBIAN/Makefile" ;; "DEBIAN/control" ) CONFIG_FILES="$CONFIG_FILES DEBIAN/control" ;; "DEBIAN/postinst" ) CONFIG_FILES="$CONFIG_FILES DEBIAN/postinst" ;; diff --git a/codepot/configure.ac b/codepot/configure.ac index 6d0076fd..36aed3eb 100644 --- a/codepot/configure.ac +++ b/codepot/configure.ac @@ -90,6 +90,8 @@ AC_CONFIG_FILES([ etc/post-commit etc/pre-revprop-change etc/post-revprop-change + sbin/Makefile + sbin/codepot-user DEBIAN/Makefile DEBIAN/control DEBIAN/postinst diff --git a/codepot/etc/codepot.ini.in b/codepot/etc/codepot.ini.in index c11694f1..692c36cc 100644 --- a/codepot/etc/codepot.ini.in +++ b/codepot/etc/codepot.ini.in @@ -94,7 +94,7 @@ svn_base_url = "${REQUEST_PROTOCOL}://${SERVER_NAME}:${SERVER_PORT}/svn" ; Login model to use. ;------------------------------------------------------------------------------ login_model = "LdapLoginModel" -#login_model = "DatabaseLoginModel" +#login_model = "DbLoginModel" ;------------------------------------------------------------------------------ ; Comma separated list of system administrator IDs diff --git a/codepot/etc/perl/Codepot/AccessHandler.pm b/codepot/etc/perl/Codepot/AccessHandler.pm index 870330ed..fa0092f3 100644 --- a/codepot/etc/perl/Codepot/AccessHandler.pm +++ b/codepot/etc/perl/Codepot/AccessHandler.pm @@ -132,15 +132,25 @@ sub authenticate_database { my ($dbh, $prefix, $userid, $password) = @_; - my $query = $dbh->prepare ("SELECT userid FROM ${prefix}account WHERE userid=? AND password=?"); - if (!$query || !$query->execute ($userid, sha1_hex($password))) + my $query = $dbh->prepare ("SELECT userid,passwd FROM ${prefix}user WHERE userid=? and enabled='Y'"); + if (!$query || !$query->execute ($userid)) { return (-1, $dbh->errstr()); } my @row = $query->fetchrow_array; $query->finish (); - return (((scalar(@row) > 0)? 1: 0), undef); + + if (scalar(@row) <= 0) { return (0, undef); } + + my $db_pw = $row[1]; + if (length($db_pw) < 10) { return (0, undef); } + + my $hexsalt = substr ($db_pw, -10); + my $binsalt = pack ('H*', $hexsalt); + + my $fmt_pw = '{ssha1}' . sha1_hex ($password . $binsalt) . $hexsalt; + return (($fmt_pw eq $db_pw? 1: 0), undef); } sub open_database @@ -255,9 +265,11 @@ sub __handler { $auth = authenticate_ldap ($cfg, $userid, $password); } - elsif ($cfg->{login_model} eq 'DatabaseLoginModel') + elsif ($cfg->{login_model} eq 'DbLoginModel') { - $auth = authenticate_database ($dbh, $cfg->{database_prefix}, $userid, $password); + my $errmsg; + ($auth,$errmsg) = authenticate_database ( + $dbh, $cfg->{database_prefix}, $userid, $password); } if ($auth <= -1) { diff --git a/codepot/sbin/Makefile.am b/codepot/sbin/Makefile.am new file mode 100644 index 00000000..c002e3b2 --- /dev/null +++ b/codepot/sbin/Makefile.am @@ -0,0 +1,4 @@ + +sbin_SCRIPTS = codepot-user + +EXTRA_DIST = $(sbin_SCRIPTS) diff --git a/codepot/sbin/Makefile.in b/codepot/sbin/Makefile.in new file mode 100644 index 00000000..f18db777 --- /dev/null +++ b/codepot/sbin/Makefile.in @@ -0,0 +1,315 @@ +# Makefile.in generated by automake 1.9.6 from Makefile.am. +# @configure_input@ + +# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, +# 2003, 2004, 2005 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +@SET_MAKE@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ +top_builddir = .. +am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd +INSTALL = @INSTALL@ +install_sh_DATA = $(install_sh) -c -m 644 +install_sh_PROGRAM = $(install_sh) -c +install_sh_SCRIPT = $(install_sh) -c +INSTALL_HEADER = $(INSTALL_DATA) +transform = $(program_transform_name) +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +subdir = sbin +DIST_COMMON = $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ + $(srcdir)/codepot-user.in +ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 +am__aclocal_m4_deps = $(top_srcdir)/ac/m4/as-ac-expand.m4 \ + $(top_srcdir)/configure.ac +am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ + $(ACLOCAL_M4) +mkinstalldirs = $(install_sh) -d +CONFIG_HEADER = $(top_builddir)/./config.h +CONFIG_CLEAN_FILES = codepot-user +am__installdirs = "$(DESTDIR)$(sbindir)" +sbinSCRIPT_INSTALL = $(INSTALL_SCRIPT) +SCRIPTS = $(sbin_SCRIPTS) +SOURCES = +DIST_SOURCES = +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) +ACLOCAL = @ACLOCAL@ +AMTAR = @AMTAR@ +AUTOCONF = @AUTOCONF@ +AUTOHEADER = @AUTOHEADER@ +AUTOMAKE = @AUTOMAKE@ +AWK = @AWK@ +BINDIR = @BINDIR@ +CACHEDIR = @CACHEDIR@ +CFGDIR = @CFGDIR@ +CYGPATH_W = @CYGPATH_W@ +DATADIR = @DATADIR@ +DEFS = @DEFS@ +DEPOTDIR = @DEPOTDIR@ +DOCDIR = @DOCDIR@ +ECHO_C = @ECHO_C@ +ECHO_N = @ECHO_N@ +ECHO_T = @ECHO_T@ +GREP = @GREP@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_PROGRAM = @INSTALL_STRIP_PROGRAM@ +LD = @LD@ +LIBDIR = @LIBDIR@ +LIBEXECDIR = @LIBEXECDIR@ +LIBOBJS = @LIBOBJS@ +LIBS = @LIBS@ +LOCALSTATEDIR = @LOCALSTATEDIR@ +LOGDIR = @LOGDIR@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +PACKAGE = @PACKAGE@ +PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ +PACKAGE_NAME = @PACKAGE_NAME@ +PACKAGE_STRING = @PACKAGE_STRING@ +PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_VERSION = @PACKAGE_VERSION@ +PATH_SEPARATOR = @PATH_SEPARATOR@ +PREFIX = @PREFIX@ +RM = @RM@ +RMDIR = @RMDIR@ +SBINDIR = @SBINDIR@ +SED = @SED@ +SET_MAKE = @SET_MAKE@ +SHELL = @SHELL@ +STRIP = @STRIP@ +SYSCONFDIR = @SYSCONFDIR@ +VERSION = @VERSION@ +WWWDIR = @WWWDIR@ +ac_ct_GREP = @ac_ct_GREP@ +ac_ct_LD = @ac_ct_LD@ +ac_ct_RM = @ac_ct_RM@ +ac_ct_RMDIR = @ac_ct_RMDIR@ +ac_ct_SED = @ac_ct_SED@ +ac_ct_STRIP = @ac_ct_STRIP@ +am__leading_dot = @am__leading_dot@ +am__tar = @am__tar@ +am__untar = @am__untar@ +bindir = @bindir@ +build_alias = @build_alias@ +cachedir = @cachedir@ +cfgdir = @cfgdir@ +datadir = @datadir@ +depotdir = @depotdir@ +exec_prefix = @exec_prefix@ +host_alias = @host_alias@ +includedir = @includedir@ +infodir = @infodir@ +install_sh = @install_sh@ +libdir = @libdir@ +libexecdir = @libexecdir@ +localstatedir = @localstatedir@ +logdir = @logdir@ +mandir = @mandir@ +mkdir_p = @mkdir_p@ +oldincludedir = @oldincludedir@ +prefix = @prefix@ +program_transform_name = @program_transform_name@ +sbindir = @sbindir@ +sharedstatedir = @sharedstatedir@ +sysconfdir = @sysconfdir@ +target_alias = @target_alias@ +wwwdir = @wwwdir@ +sbin_SCRIPTS = codepot-user +EXTRA_DIST = $(sbin_SCRIPTS) +all: all-am + +.SUFFIXES: +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(am__configure_deps) + @for dep in $?; do \ + case '$(am__configure_deps)' in \ + *$$dep*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh \ + && exit 0; \ + exit 1;; \ + esac; \ + done; \ + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign sbin/Makefile'; \ + cd $(top_srcdir) && \ + $(AUTOMAKE) --foreign sbin/Makefile +.PRECIOUS: Makefile +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + @case '$?' in \ + *config.status*) \ + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh;; \ + *) \ + echo ' cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe)'; \ + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ $(am__depfiles_maybe);; \ + esac; + +$(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh + +$(top_srcdir)/configure: $(am__configure_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +$(ACLOCAL_M4): $(am__aclocal_m4_deps) + cd $(top_builddir) && $(MAKE) $(AM_MAKEFLAGS) am--refresh +codepot-user: $(top_builddir)/config.status $(srcdir)/codepot-user.in + cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@ +install-sbinSCRIPTS: $(sbin_SCRIPTS) + @$(NORMAL_INSTALL) + test -z "$(sbindir)" || $(mkdir_p) "$(DESTDIR)$(sbindir)" + @list='$(sbin_SCRIPTS)'; for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + if test -f $$d$$p; then \ + f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ + echo " $(sbinSCRIPT_INSTALL) '$$d$$p' '$(DESTDIR)$(sbindir)/$$f'"; \ + $(sbinSCRIPT_INSTALL) "$$d$$p" "$(DESTDIR)$(sbindir)/$$f"; \ + else :; fi; \ + done + +uninstall-sbinSCRIPTS: + @$(NORMAL_UNINSTALL) + @list='$(sbin_SCRIPTS)'; for p in $$list; do \ + f=`echo "$$p" | sed 's|^.*/||;$(transform)'`; \ + echo " rm -f '$(DESTDIR)$(sbindir)/$$f'"; \ + rm -f "$(DESTDIR)$(sbindir)/$$f"; \ + done +uninstall-info-am: +tags: TAGS +TAGS: + +ctags: CTAGS +CTAGS: + + +distdir: $(DISTFILES) + @srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; \ + topsrcdirstrip=`echo "$(top_srcdir)" | sed 's|.|.|g'`; \ + list='$(DISTFILES)'; for file in $$list; do \ + case $$file in \ + $(srcdir)/*) file=`echo "$$file" | sed "s|^$$srcdirstrip/||"`;; \ + $(top_srcdir)/*) file=`echo "$$file" | sed "s|^$$topsrcdirstrip/|$(top_builddir)/|"`;; \ + esac; \ + if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ + dir=`echo "$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test "$$dir" != "$$file" && test "$$dir" != "."; then \ + dir="/$$dir"; \ + $(mkdir_p) "$(distdir)$$dir"; \ + else \ + dir=''; \ + fi; \ + if test -d $$d/$$file; then \ + if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ + cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + fi; \ + cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done +check-am: all-am +check: check-am +all-am: Makefile $(SCRIPTS) +installdirs: + for dir in "$(DESTDIR)$(sbindir)"; do \ + test -z "$$dir" || $(mkdir_p) "$$dir"; \ + done +install: install-am +install-exec: install-exec-am +install-data: install-data-am +uninstall: uninstall-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am + +installcheck: installcheck-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + `test -z '$(STRIP)' || \ + echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + +maintainer-clean-generic: + @echo "This command is intended for maintainers to use" + @echo "it deletes files that may require special tools to rebuild." +clean: clean-am + +clean-am: clean-generic mostlyclean-am + +distclean: distclean-am + -rm -f Makefile +distclean-am: clean-am distclean-generic + +dvi: dvi-am + +dvi-am: + +html: html-am + +info: info-am + +info-am: + +install-data-am: + +install-exec-am: install-sbinSCRIPTS + +install-info: install-info-am + +install-man: + +installcheck-am: + +maintainer-clean: maintainer-clean-am + -rm -f Makefile +maintainer-clean-am: distclean-am maintainer-clean-generic + +mostlyclean: mostlyclean-am + +mostlyclean-am: mostlyclean-generic + +pdf: pdf-am + +pdf-am: + +ps: ps-am + +ps-am: + +uninstall-am: uninstall-info-am uninstall-sbinSCRIPTS + +.PHONY: all all-am check check-am clean clean-generic distclean \ + distclean-generic distdir dvi dvi-am html html-am info info-am \ + install install-am install-data install-data-am install-exec \ + install-exec-am install-info install-info-am install-man \ + install-sbinSCRIPTS install-strip installcheck installcheck-am \ + installdirs maintainer-clean maintainer-clean-generic \ + mostlyclean mostlyclean-generic pdf pdf-am ps ps-am uninstall \ + uninstall-am uninstall-info-am uninstall-sbinSCRIPTS + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/codepot/sbin/codepot-user.in b/codepot/sbin/codepot-user.in new file mode 100644 index 00000000..301f8461 --- /dev/null +++ b/codepot/sbin/codepot-user.in @@ -0,0 +1,260 @@ +#!/usr/bin/perl + +# This script manipulate the user table in the codepot datbase. +# It doesn't handle LDAP. + +use strict; + +use Switch; +use Config::Simple; +use DBI; +use Digest::SHA1 qw (sha1_hex); + + +my $CFG_FILE = '@CFGDIR@/codepot.ini'; + +sub get_config +{ + my $cfg = new Config::Simple(); + + if (!$cfg->read ($CFG_FILE)) + { + return undef; + } + + my $config = { + database_hostname => $cfg->param ("database_hostname"), + database_username => $cfg->param ("database_username"), + database_password => $cfg->param ("database_password"), + database_name => $cfg->param ("database_name"), + database_driver => $cfg->param ("database_driver"), + database_prefix => $cfg->param ("database_prefix") + }; + + return $config; +} + +sub open_database +{ + my ($cfg) = @_; + + my $dbtype = $cfg->{database_driver}; + my $dbname = $cfg->{database_name}; + my $dbhost = $cfg->{database_hostname}; + + my $dbh = DBI->connect( + "DBI:$dbtype:$dbname:$dbhost", + $cfg->{database_username}, + $cfg->{database_password}, + { RaiseError => 0, PrintError => 0, AutoCommit => 0 } + ); + + return $dbh; +} + +sub close_database +{ + my ($dbh) = @_; + $dbh->disconnect (); +} + +sub rand_string +{ + my ($length) = @_; + + my $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; + + my $str = ''; + my $size = length ($chars); + for( my $i = 0; $i < $length; $i++ ) + { + $str = $str . substr ($chars, rand($size), 1) ; + } + + return $str; +} + +sub format_passwd +{ + my ($password, $binsalt, $hexsalt) = @_; + my $fmt_pw = '{ssha1}' . sha1_hex ($password . $binsalt) . $hexsalt; + return $fmt_pw; +} + +sub authenticate_database +{ + my ($dbh, $prefix, $userid, $password) = @_; + + my $query = $dbh->prepare ("SELECT userid,passwd FROM ${prefix}user WHERE userid=? and enabled='N'"); + if (!$query || !$query->execute ($userid)) + { + return (-1, $dbh->errstr()); + } + + my @row = $query->fetchrow_array; + $query->finish (); + + if (scalar(@row) <= 0) { return (0, undef); } + + my $db_pw = $row[1]; + if (length($db_pw) < 10) { return (0, undef); } + + my $hexsalt = substr ($db_pw, -10); + my $binsalt = pack ('H*', $hexsalt); + + #my $fmt_pw = '{ssha1}' . sha1_hex ($password . $binsalt) . $hexsalt; + my $fmt_pw = format_passwd ($password, $binsalt, $hexsalt); + return (($fmt_pw eq $db_pw? 1: 0), undef); +} + +sub add_user +{ + my ($dbh, $prefix, $userid, $passwd, $email) = @_; + + my $binsalt = rand_string (5); + my $hexsalt = unpack ("H*", $binsalt); + my $fmt_pw = format_passwd ($passwd, $binsalt, $hexsalt); + + $dbh->begin_work (); + + my $query = $dbh->prepare ("INSERT INTO ${prefix}user (userid,passwd,email,enabled) VALUES (?, ?, ?, ?)"); + if (!$query || !$query->execute ($userid, $fmt_pw, $email, 'N')) + { + my $errstr = $dbh->errstr(); + $dbh->rollback (); + print (STDERR "Cannot add a user - $errstr\n"); + return -1; + } + + $query->finish (); + $dbh->commit (); + return 0; +} + +sub delete_user +{ + my ($dbh, $prefix, $userid) = @_; + + $dbh->begin_work (); + + my $query = $dbh->prepare ("DELETE FROM ${prefix}user WHERE userid=?"); + if (!$query || !$query->execute ($userid) || $query->rows() <= 0) + { + my $errstr = $dbh->errstr(); + $dbh->rollback (); + print (STDERR "Cannot delete a user - $errstr\n"); + return -1; + } + + $query->finish (); + $dbh->commit (); + return 0; +} + +sub toggle_user +{ + my ($dbh, $prefix, $userid, $enabled) = @_; + + $dbh->begin_work (); + + my $query = $dbh->prepare ("UPDATE ${prefix}user SET enabled=? WHERE userid=?"); + if (!$query || !$query->execute ($enabled, $userid) || $query->rows() <= 0) + { + my $errstr = $dbh->errstr(); + $dbh->rollback (); + print (STDERR "Cannot enable/disable a user - $errstr\n"); + return -1; + } + + $query->finish (); + $dbh->commit (); + return 0; +} + +sub print_usage +{ + print (STDERR "Usage: codepot-user add user-id password email\n"); + print (STDERR " codepot-user delete user-id\n"); + print (STDERR " codepot-user enable user-id\n"); + print (STDERR " codepot-user disable user-id\n"); +} + +#------------------------------------------------------------ +# MAIN +#------------------------------------------------------------ + +my $ARGC = scalar(@ARGV); +my $USERID; +my $PASSWD; +my $EMAIL; +my $op = 0; +my $ret = 0; + +if ($ARGC >= 1) +{ + if ($ARGV[0] eq 'add') + { + if ($ARGC == 4) + { + $USERID = $ARGV[1]; + $PASSWD = $ARGV[2]; + $EMAIL = $ARGV[3]; + $op = 1; + } + } + elsif ($ARGV[0] eq 'delete') + { + if ($ARGC == 2) + { + $USERID = $ARGV[1]; + $op = 2; + } + } + elsif ($ARGV[0] eq 'enable') + { + if ($ARGC == 2) + { + $USERID = $ARGV[1]; + $op = 3; + } + } + elsif ($ARGV[0] eq 'disable') + { + if ($ARGC == 2) + { + $USERID = $ARGV[1]; + $op = 4; + } + } +} + +if ($op <= 0) +{ + print_usage (); + exit (2); +} + +my $cfg = get_config (); +if (!defined($cfg)) +{ + print (STDERR "Cannot load codepot configuration file\n"); + exit (1); +} + +my $dbh = open_database ($cfg); +if (!defined($dbh)) +{ + print (STDERR "Cannot open database\n"); + exit (1); +} + +switch ($op) +{ + case 1 { $ret = add_user ($dbh, $cfg->{database_prefix}, $USERID, $PASSWD, $EMAIL); } + case 2 { $ret = delete_user ($dbh, $cfg->{database_prefix}, $USERID); } + case 3 { $ret = toggle_user ($dbh, $cfg->{database_prefix}, $USERID, 'Y'); } + case 4 { $ret = toggle_user ($dbh, $cfg->{database_prefix}, $USERID, 'N'); } +} + +close_database ($dbh); +exit ($ret); diff --git a/codepot/src/codepot/models/dbloginmodel.php b/codepot/src/codepot/models/dbloginmodel.php index 7e1276e4..aecff03c 100644 --- a/codepot/src/codepot/models/dbloginmodel.php +++ b/codepot/src/codepot/models/dbloginmodel.php @@ -40,6 +40,7 @@ class DbLoginModel extends LoginModel $this->db->select ('userid,passwd,email'); $this->db->where ('userid', $userid); + $this->db->where ('enabled', 'Y'); $query = $this->db->get ('user'); if ($this->db->trans_status() == FALSE) @@ -53,15 +54,16 @@ class DbLoginModel extends LoginModel { $this->db->trans_complete (); return FALSE; - } + } $this->db->trans_complete (); if ($this->db->trans_status() == FALSE) return FALSE; $user = $result[0]; if (strlen($user->passwd) < 10) return FALSE; + // the last 10 characters are the salt. $hexsalt = substr ($user->passwd, -10); - $binsalt = pack("H*" , $hexsalt); + $binsalt = pack('H*' , $hexsalt); if (strcmp ($this->format_password_with_salt($passwd,$binsalt),$user->passwd) != 0) return FALSE;