From owner-freebsd-questions Sun Dec 6 21:27:17 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id VAA17790 for freebsd-questions-outgoing; Sun, 6 Dec 1998 21:27:17 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from firewall.scitec.com.au (fgate.scitec.com.au [203.17.180.68]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id VAA17715 for ; Sun, 6 Dec 1998 21:27:12 -0800 (PST) (envelope-from john.saunders@scitec.com.au) Received: by firewall.scitec.com.au; id QAA15358; Mon, 7 Dec 1998 16:27:08 +1100 (EST) Received: from mailhub.scitec.com.au(203.17.180.131) by fgate.scitec.com.au via smap (3.2) id xma015336; Mon, 7 Dec 98 16:26:59 +1100 Received: from saruman (saruman.scitec.com.au [203.17.182.108]) by mailhub.scitec.com.au (8.6.12/8.6.9) with SMTP id QAA00342; Mon, 7 Dec 1998 16:26:58 +1100 From: "John Saunders" To: "Cliff Reardon" Cc: "FreeBSD questions" Subject: RE: Change Password On-Line Date: Mon, 7 Dec 1998 16:26:57 +1100 Message-ID: <002a01be21a2$357262e0$6cb611cb@saruman.scitec.com.au> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: <365DE1EF.9B4A1EA7@webnet.com.au> X-Mimeole: Produced By Microsoft MimeOLE V4.72.2106.4 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > I was wondering if anybody had a script to use via the web ie: either > .cgi or .pl or even .c so as dial in users can change their passwords > on-line. They are authenticated using the passwd file on a freebsd > computer, and we are using Apache as the web server. Not sure if anybody has answered you yet. Anyway the easiest way I have found is to install the poppassd port (/usr/ports/mail/poppassd) which allows Eudora Mail to change passwords from it's menu. With this in place I wrote a HTML form and got a perl cgi script to talk to the popassd server. The perl script came from a wwwpass package I found. It's also portable, with poppassd running on Linux or anything else the web side doesn't need to be changed. P.S. I've removed some company messages from these things so expect a couple of typos you may need to clean up before it works. Cheers. -chpasswd.html-------------------------------------------------------------- ---------

Change Your Password

Enter your username:

Enter your password:

Now, enter what you want to change your password to.

New password:

Re-type new password:

-chpasswd.html-------------------------------------------------------------- --------- -chpasswd.cgi--------------------------------------------------------------- --------- #!/usr/local/bin/perl # Back-end script to let a user change their password from a web page # Interfaces to popassd daemon use Socket; require "cgi-lib.pl"; # Replace with the name of your password host. $pass_host = "pop.domain.com"; &ReadParse; print &PrintHeader; $| = 1; umask(077); $login = $in{"username"}; $p = $in{"password"}; $np = $in{"newpasswd"}; $np1 = $in{"verifypasswd"}; $l = length($np); if (($np ne $np1) || ($l < 6) || ($np eq '')) { print "\n"; print "\n\n"; print "

Change Password Error!

\n\n

\nI'm sorry $login, "; if ($np ne $np1) { print "the two new passwords you entered did not match.\n

\n"; } elsif ($l < 6) { print "your password must have a least 6 characters.\n

\n"; } else { print "you may not enter a blank password.\n

\n"; } print "\n

\nYour password was not changed. Would you like to\n"; print "try again?\n

\n\n"; print "\n\n"; exit 0; } &start_poppassd($pass_host); # Get hello prompt $_ = ; unless (/^200/) {&pass_error;} # Send username print PASSD "user $login\n"; $_ = ; unless (/^200/) {&pass_error;} # Send Old Password print PASSD "pass $p\n"; $_ = ; if (/^500/) { # For now, a generic error &pass_error; } # Now new password print PASSD "newpass $np\n"; $_ = ; if (/^500/) { # Generic error again &pass_error; } # We are done, quit; print PASSD "quit\n"; $_ = ; print "\n"; print "\n\n"; print "

Change Password OK

\n\n"; print "

\n$login, your password has been successfully changed. Don't\n"; print "forget to change your log-in script and your mail programs to\n"; print "reflect this new password.\n

\n"; print "\n

\nAlso, don't forget your new password!\n

\n\n"; print "\n\n"; exit 0; sub pass_error { s/^\d\d\d //; print "\n"; print "\n\n"; print "

Change Password Error!

\n\n"; print "

\nI'm sorry, I was unable to change your password. The\n"; print "password server returned the following error:\n"; print "$_\n

\n"; print "\n

\nWould you like to \n"; print "try again ?\n

\n\n"; print "\n"; exit 0; } #********** # START_POPPASSD -- Open poppassd connection to user server #********** sub start_poppassd { local($name)=@_; $SIG{'INT'}='dokill'; $sockaddr='Sna4x8'; ($n,$aliases,$proto)=getprotobyname('tcp'); ($n,$aliases,$port)=getservbyname('poppassd','tcp'); if ($name =~ /^\d+\.\d+\.\d+\.\d+$/) { $thataddr = pack('cccc',split(/\./,$name)); } else { ($n,$aliases,$type,$len,$thataddr)=gethostbyname($name); } $that=pack($sockaddr, AF_INET, $port, $thataddr); socket(PASSD, PF_INET, SOCK_STREAM, $proto) || die "socket: $!"; connect(PASSD, $that) || die "connect: $!"; select(PASSD); $|=1; select(STDIN); $|=1; select(STDOUT); $|=1; } -chpasswd.cgi--------------------------------------------------------------- --------- -- . +-------------------------------------------------------+ ,--_|\ | John Saunders mailto:John.Saunders@scitec.com.au | / Oz \ | SCITEC LIMITED Phone +61294289563 Fax +61294289933 | \_,--\_/ | "By the time you make ends meet, they move the ends." | v +-------------------------------------------------------+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message