#!/usr/bin/perl $| = 1; open(STDERR, ">&STDOUT"); use warnings; use CGI; use Crypt::CBC; use IPC::Open2; use MIME::Base32 qw( RFC ); use Piny::Auth; my $auth = Piny::Auth->new( ); my $cipher = Crypt::CBC->new( "-key" => $auth->key, "-cipher" => "Blowfish" ); $q = CGI->new; print( "Content-type: text/plain\n\n" ); if( $q->param("n") && $q->param("a") && $q->param("p") ) { my $pass = $q->param("p"); my $code; if ( $q->param("h") ) { $pass = $cipher->decrypt( MIME::Base32::decode( $pass ) ); $code = $auth->hash( { "n" => $q->param( "n" ), "a" => $q->param( "a" ), "p" => $pass } ); } else { $code = $auth->hash( { "n" => $q->param( "n" ), "a" => $q->param( "a" ), "p" => $pass } ); $pass = MIME::Base32::encode( $cipher->encrypt( $pass ) ); }; if ( $q->param("h") && $q->param("h") eq $code ) { unless( open2( OUT, IN, "/usr/bin/sudo", "/usr/sbin/newuser", "--batch", $q->param("a"), $q->param("n") ) ) { print "could not execute newrepo"; die; }; # make things flushier select((select(IN), $| = 1)[0]); select((select(OUT), $| = 1)[0]); print( IN $pass . "\n" ); close( IN ); while( ) { print; }; } else { # No hash, they need one sent to their address print( "Dispatching email to " . $q->param("a") . "...\n" ); unless( open( MAIL, "|/usr/lib/sendmail -t" ) ) { print "could not execute sendmail"; die; }; print( MAIL "To: " . $q->param("a") . "\n" ); print( MAIL "Subject: Verifying account " . $q->param("n") . "\n" ); print( MAIL "Content-Type: text/plain; charset=us-ascii\n\n" ); print( MAIL "http" ); if( $ENV{"HTTPS"} eq "on" ) { print( MAIL "s" ); }; print( MAIL "://" . $ENV{"SERVER_NAME"} . $ENV{"SCRIPT_NAME"} . "?" ); print( MAIL "h=" . $code ); print( MAIL "&n=" . $q->param("n") ); print( MAIL "&a=" . $q->param("a") ); print( MAIL "&p=" . $pass ); print( MAIL "\n"); close( MAIL ); print( "Done!" ); }; } else { print( "Missing parameters." ); };