Home Explore Help
Sign In
bignose
/
debian_pkg-listmaster
Watch 1
Star 0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
debian_pkg-l...
/
archive-spam-removals
/
cgi-bin
/
request-password.pl

request-password.pl 3.4 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125 
  1. #!/usr/bin/perl -wT
    2. 

  2. 

  3. # cord@debian.org
    4. 

  4. 

  5. use lib "/var/list/reaper/lib";
    6. 

  6. use strict;
    7. 

  7. use CGI qw/:standard/;
    8. 

  8. use CGI::Carp qw(fatalsToBrowser);
    9. 

  9. use MIME::Lite;
    10. 

  10. 

  11. my $userfile='/etc/postfix/debian';
    12. 

  12. my $passwd='/org/lists.debian.org/cgi-bin/review/.htpasswd';
    13. 

  13. my $bounce_addr = "cord\@liszt.debian.org";
    14. 

  14. my $logfile = '/org/lists.debian.org/spam-log/pw-reminder.log';
    15. 

  15. 

  16. $ENV{'PATH'} = '';
    17. 

  17. 

  18. print header;
    19. 

  19. 

  20. open (HEADER, "/org/lists.debian.org/html/header.in") or 
    21. 

  21.   die ("$0: can't open /org/lists.debian.org/html/header.in: $!\n");
    22. 

  22. while (<HEADER>) {
    23. 

  23.   s/u_TITLE_u/Request a Password for Listarchive Review/;
    24. 

  24.   print;
    25. 

  25. }
    26. 

  26. close (HEADER);
    27. 

  27. 

  28. print h2('Request A Password for Listarchive Review');
    29. 

  29. 

  30. print "<hr noshade width=\"100%\" size=\"1\">\n";
    31. 

  31. 

  32. print p("Only Debian Developer are allowed to review the Listarchive. Please
    33. 

  33. 	enter your Debian userid, and press 'Submit', and a new generated
    34. 

  34. 	password will be send to your Debian-Mailadress.");
    35. 

  35. 

  36. print p("This user/pass-method is a temporary solution, when we have a
    37. 

  37. 	solution for authorizing against a central DB, we will switch over.");
    38. 

  38. 

  39. print start_form;
    40. 

  40. 

  41. print p("Your Debian UserId:", textfield('uid'), "\@debian.org");
    42. 

  42. 

  43. print submit('Request Password');
    44. 

  44. print end_form;
    45. 

  45. 

  46. if (param()) {
    47. 

  47.   if (param('uid') =~ m#^(\w+)$#) {
    48. 

  48.     my $uid = $1;
    49. 

  49.     open(DD, $userfile) or die ("$0: can't open $userfile for reading: $!\n");
    50. 

  50.     my $line;
    51. 

  51.     my $found = 0;
    52. 

  52.     foreach $line (<DD>) {
    53. 

  53.       $line = (split(' ', $line))[0];
    54. 

  54.       if ($line eq "$uid\@debian.org") {
    55. 

  55.         $found = 1;
    56. 

  56.       }
    57. 

  57.     }
    58. 

  58.     close (DD);
    59. 

  59. 

  60.     if (-e $logfile) {
    61. 

  61.       open (LOG, $logfile) or die ("$0: can't open $logfile for reading\n");
    62. 

  62.       my ($time, $ip, $user);
    63. 

  63.       foreach (<LOG>) {
    64. 

  64.         ($time, $ip, $user) = split(m#\s+#, $_);
    65. 

  65.         next if (time()-3600 > $time);
    66. 

  66.         next if ($user ne $uid);
    67. 

  67.         $found = -1;
    68. 

  68.       }
    69. 

  69.     }
    70. 

  70. 

  71.     if ($found == 1) {
    72. 

  72.       my $pw=`/usr/bin/pwgen 8 1`;
    73. 

  73.       $pw =~ m#^([\w\d]+)$#;
    74. 

  74.       my $password = $1;
    75. 

  75.       system('/usr/bin/htpasswd', '-b', $passwd, $uid, $password);
    76. 

  76.       my $msg = MIME::Lite->new (
    77. 

  77. 	From => "Debian Listmaster Team <listmaster\@lists.debian.org>",
    78. 

  78.         To => "$uid\@debian.org",
    79. 

  79. 	Subject => "$uid\@debian.org Password for Debian Listarchive Review",
    80. 

  80.         Type => "text/plain",
    81. 

  81. 	"X-Loop:" => "liszt-password-resetter",
    82. 

  82.         "Precedence:" => "junk",
    83. 

  83.         "Reply-To:" => "listmaster\@lists.debian.org",
    84. 

  84.         "Errors-To:" => "listmaster\@lists.debian.org",
    85. 

  85.         "Datestamp" => 0,
    86. 

  86.         Data => "Thank you for participating in the Debian Listarchive Review.
    87. 

  87. 

  88. Now you can go to https://lists.debian.org/cgi-bin/review/review1.pl and
    89. 

  89. start reviewing.
    90. 

  90. 

  91. When you are asked for Authorisation please enter:
    92. 

  92. 

  93. user: $uid
    94. 

  94. pass: $password
    95. 

  95. 

  96.         Sincerely,
    97. 

  97. The Listmaster Team
    98. 

  98. -- 
    99. 

  99. http://lists.debian.org
    100. 

  100. ");
    101. 

  101.       $msg->send or die "$0: you DON'T have mail!: $!\n";
    102. 

  102.       print p("New password send out");
    103. 

  103.       open(LOG, '>>', $logfile) or die ("$0: can't open $logfile for writing: $!\n");
    104. 

  104.       print LOG time . " $ENV{'REMOTE_ADDR'} $uid\n";
    105. 

  105.       close LOG;
    106. 

  106.     } elsif ($found == 0) {
    107. 

  107.       print p("FAIL: user unknown");
    108. 

  108.     } elsif ($found == -1) {
    109. 

  109.       print p("FAIL: already requested a password in the last hour");
    110. 

  110.     } else {
    111. 

  111.       print p("FAIL: this shouldn't happen");
    112. 

  112.     }
    113. 

  113.   } else {
    114. 

  114.     print p("FAIL: invalid characters");
    115. 

  115.   }
    116. 

  116. }
    117. 

  117. 

  118. open (FOOTER, "/org/lists.debian.org/html/footer.in") or 
    119. 

  119.   die ("$0: can't open /org/lists.debian.org/html/footer.in: $!\n");
    120. 

  120. while (<FOOTER>) {
    121. 

  121.   print;
    122. 

  122. }
    123. 

  123. close (FOOTER);
    124. 

  124. 

  125.