1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
|
#!/usr/bin/perl
$| = 1;
open(STDERR, ">&STDOUT");
use warnings;
use CGI;
use Crypt::CBC;
use IPC::Open2;
use MIME::Base32 qw( RFC );
use Captcha::reCAPTCHA;
use Piny::Auth;
my $auth = Piny::Auth->new( );
my $cipher = Crypt::CBC->new( "-key" => $auth->key, "-cipher" => "Blowfish" );
$q = CGI->new;
print( "Content-type: text/plain\n\n" );
if( $q->param("n") && $q->param("a") && $q->param("p") ) {
my $pass = $q->param("p");
my $code;
if ( $q->param("h") ) {
$pass = $cipher->decrypt( MIME::Base32::decode( $pass ) );
$code = $auth->hash( { "n" => $q->param( "n" ), "a" => $q->param( "a" ), "p" => $pass } );
} else {
$code = $auth->hash( { "n" => $q->param( "n" ), "a" => $q->param( "a" ), "p" => $pass } );
$pass = MIME::Base32::encode( $cipher->encrypt( $pass ) );
};
if ( $q->param("h") ) {
if ( $q->param("h") eq $code ) {
unless( open2( OUT, IN, "/usr/bin/sudo", "/usr/sbin/newuser", "--batch", $q->param("a"), $q->param("n") ) ) {
print "could not execute newrepo";
die;
};
# make things flushier
select((select(IN), $| = 1)[0]);
select((select(OUT), $| = 1)[0]);
print( IN $pass . "\n" );
close( IN );
while( <OUT> ) {
print;
};
} else { # Invalid hash
print( "I'm sorry, the link you followed is invalid.\n" );
};
} else { # No hash, they need one sent to their address
# CAPTCHA check
if ( -f "/etc/recaptcha/private.key" ) {
if ( $q->param('recaptcha_response_field') && $q->param('recaptcha_challenge_field') ) {
open(RECAPTCHA, '/etc/recaptcha/private.key') || ( print "Can't read recaptcha key: [$!]\n" && exit 0 );
my $recaptchakey = <RECAPTCHA>;
close (RECAPTCHA);
chomp($recaptchakey);
my $c = Captcha::reCAPTCHA->new;
my $result = $c->check_answer( $recaptchakey, $ENV{'REMOTE_ADDR'}, $q->param( 'recaptcha_challenge_field' ), $q->param( 'recaptcha_response_field' ) );
if ( $result->{is_valid} ) {
print "Good recaptcha submission.\n"
} else {
print "Bad recaptcha submission: $result->{error}\n";
exit 0;
};
} else {
print( "Missing recaptcha parameters." );
exit 0;
};
};
print( "Dispatching email to " . $q->param("a") . "...\n" );
unless( open( MAIL, "|/usr/lib/sendmail -t" ) ) {
print "could not execute sendmail";
die;
};
print( MAIL "To: " . $q->param("a") . "\n" );
print( MAIL "Subject: Verifying account " . $q->param("n") . "\n" );
print( MAIL "Content-Type: text/plain; charset=us-ascii\n\n" );
print( MAIL "http" );
if( $ENV{"HTTPS"} eq "on" ) {
print( MAIL "s" );
};
print( MAIL "://" . $ENV{"SERVER_NAME"} . $ENV{"SCRIPT_NAME"} . "?" );
print( MAIL "h=" . CGI::escape( $code ) );
print( MAIL "&n=" . CGI::escape( $q->param("n") ) );
print( MAIL "&a=" . CGI::escape( $q->param("a") ) );
print( MAIL "&p=" . CGI::escape( $pass ) );
print( MAIL "\n");
close( MAIL );
print( "Done!" );
};
} else {
print( "Missing parameters." );
};
|