initial checkin

3 files changed, 255 insertions, 0 deletions

diff --git a/fs_signup/Signup.pm b/fs_signup/Signup.pm
new file mode 100755
index 0000000..bcf09f1
--- /dev/null
+++ b/fs_signup/Signup.pm
@@ -0,0 +1,129 @@
+#!/usr/bin/perl -Tw
+#
+# fs_passwd
+#
+# portions of this script are copied from the `passwd' script in the original
+# (perl 4) camel book, now archived at 
+# http://www.perl.com/CPAN/scripts/nutshell/ch6/passwd
+#
+# ivan@sisd.com 98-mar-8
+#
+# password lengths 0,255 instead of 6,8 - we'll let the server process
+# check the data ivan@sisd.com 98-jul-17
+
+use strict;
+use Getopt::Std;
+use Socket;
+use IO::Handle;
+use vars qw($opt_f $opt_s);
+
+my($fs_passwdd_socket)="/usr/local/freeside/fs_passwdd_socket";
+my($freeside_uid)=scalar(getpwnam('freeside'));
+
+$ENV{'PATH'} ='/usr/bin:/usr/ucb:/bin';
+$ENV{'SHELL'} = '/bin/sh';
+$ENV{'IFS'} = " \t\n";
+$ENV{'CDPATH'} = '';
+$ENV{'ENV'} = '';
+$ENV{'BASH_ENV'} = '';
+
+$SIG{__DIE__}= sub { system '/bin/stty', 'echo'; };
+
+die "passwd program isn't running setuid to freeside\n" if $> != $freeside_uid;
+
+unshift @ARGV, "-f" if $0 =~ /chfn$/;
+unshift @ARGV, "-s" if $0 =~ /chsh$/;
+
+getopts('fs');
+
+my($me)='';
+if ( $_ = shift(@ARGV) ) {
+  /^(\w{2,8})$/;
+  $me = $1; 
+}
+die "You can't change the password for $me." if $me && $<;
+$me = (getpwuid($<))[0] unless $me;
+
+my($name,$passwd,$uid,$gid,$quota,$comment,$gcos,$dir,$shell)=
+  getpwnam $me;
+
+my($old_password,$new_password,$new_gecos,$new_shell);
+
+if ( $opt_f || $opt_s ) {
+  system '/bin/stty', '-echo';
+  print "Password:";
+  $old_password=<STDIN>;
+  system '/bin/stty', 'echo'; 
+  chop($old_password);
+  #$old_password =~ /^(.{6,8})$/ or die "\nIllegal password.\n";
+  $old_password =~ /^(.{0,255})$/ or die "\nIllegal password.\n";
+  $old_password = $1;
+
+  $new_password = '';
+
+  if ( $opt_f ) {
+    print "\nChanging gecos for $me.\n";
+    print "Gecos [", $gcos, "]: ";
+    $new_gecos=<STDIN>;
+    chop($new_gecos);
+    $new_gecos ||= $gcos;
+    $new_gecos =~ /^(.{0,255})$/ or die "\nIllegal gecos.\n";
+  } else {
+    $new_gecos = '';
+  } 
+
+  if ( $opt_s ) {
+    print "\nChanging shell for $me.\n";
+    print "Shell [", $shell, "]: ";
+    $new_shell=<STDIN>;
+    chop($new_shell);
+    $new_shell ||= $shell;
+    $new_shell =~ /^(.{0,255})$/ or die "\nIllegal shell.\n";
+  } else {
+    $new_shell = '';
+  }
+
+} else {
+
+  print "Changing password for $me.\n";
+  print "Old password:";
+  system '/bin/stty', '-echo';
+  $old_password=<STDIN>;
+  chop $old_password;
+  #$old_password =~ /^(.{6,8})$/ or die "\nIllegal password.\n";
+  $old_password =~ /^(.{0,255})$/ or die "\nIllegal password.\n";
+  $old_password = $1;
+  print "\nEnter the new password (minimum of 6, maximum of 8 characters)\n";
+  print "Please use a combination of upper and lowercase letters and numbers.\n";
+  print "New password:";
+  $new_password=<STDIN>;
+  chop($new_password);
+  #$new_password =~ /^(.{6,8})$/ or die "\nIllegal password.\n";
+  $new_password =~ /^(.{0,255})$/ or die "\nIllegal password.\n";
+  $new_password = $1;
+  print "\nRe-enter new password:";
+  my($check_new_password);
+  $check_new_password=<STDIN>;
+  chop($check_new_password);
+  die "\nThey don't match; try again.\n" unless $check_new_password eq $new_password;
+
+  $new_gecos='';
+  $new_shell='';
+}
+print "\n";
+
+system '/bin/stty', 'echo'; 
+
+socket(SOCK, PF_UNIX, SOCK_STREAM, 0) or die "socket: $!";
+connect(SOCK, sockaddr_un($fs_passwdd_socket)) or die "connect: $!";
+print SOCK join("\n",$me,$old_password,$new_password,$new_gecos,$new_shell),"\n";
+SOCK->flush;
+my($error);
+$error = <SOCK>;
+chop $error;
+
+if ($error) {
+  print "\nUpdate error: $error\n";
+} else {
+  print "\nUpdate sucessful.\n";
+}
diff --git a/fs_signup/fs_signup_server b/fs_signup/fs_signup_server
new file mode 100755
index 0000000..cb0e693
--- /dev/null
+++ b/fs_signup/fs_signup_server
@@ -0,0 +1,77 @@
+#!/usr/bin/perl -Tw
+#
+# fs_passwd_server
+#
+# portions of this script are copied from the `passwd' script in the original
+# (perl 4) camel book, now archived at 
+# http://www.perl.com/CPAN/scripts/nutshell/ch6/passwd
+#
+# ivan@sisd.com 98-mar-9
+#
+# crypt-aware, s/password/_password/; ivan@sisd.com 98-aug-23
+
+use strict;
+use IO::Handle;
+use FS::SSH qw(sshopen2);
+use FS::UID qw(adminsuidsetup);
+use FS::Record qw(qsearchs);
+use FS::svc_acct;
+
+my $user = shift or die &usage;
+adminsuidsetup $user; 
+
+my($shellmachine)=shift or die &usage;
+
+$SIG{CHLD} = sub { wait() };
+
+my($fs_passwdd)="/usr/local/sbin/fs_passwdd";
+
+while (1) {
+  my($reader,$writer)=(new IO::Handle, new IO::Handle);
+  $writer->autoflush(1);
+  sshopen2($shellmachine,$reader,$writer,$fs_passwdd);
+  while (1) {
+    my($username,$old_password,$new_password,$new_gecos,$new_shell);
+    defined($username=<$reader>) or last;
+    defined($old_password=<$reader>) or last; 
+    defined($new_password=<$reader>) or last; 
+    defined($new_gecos=<$reader>) or last; 
+    defined($new_shell=<$reader>) or last; 
+    chop($username);
+    chop($old_password);
+    chop($new_password);
+    chop($new_gecos);
+    chop($new_shell);
+    my($svc_acct);
+
+    #need to try both $old_password and encrypted $old_password
+    #maybe the crypt function in svc_acct.export needs to be a library?
+    my $salt = substr($old_password,0,2);
+    my $cold_password = crypt($old_password,$salt);
+    $svc_acct=qsearchs('svc_acct',{'username'=>$username,
+                                   '_password'=>$old_password,
+    } )
+           || qsearchs('svc_acct',{'username'=>$username,
+                                   '_password'=>$cold_password,
+    } );
+    unless ( $svc_acct ) { print $writer "Incorrect password.\n"; next; }
+
+    my(%hash)=$svc_acct->hash;
+    my($new_svc_acct) = new FS::svc_acct ( \%hash );
+    $new_svc_acct->setfield('_password',$new_password) 
+      if $new_password && $new_password ne $old_password;
+    $new_svc_acct->setfield('finger',$new_gecos) if $new_gecos;
+    $new_svc_acct->setfield('shell',$new_shell) if $new_shell;
+    my($error)=$new_svc_acct->replace($svc_acct);
+    print $writer $error,"\n";
+  }
+  close $writer;
+  close $reader;
+  sleep 60;
+  warn "Connection to $shellmachine lost!  Reconnecting...\n";
+}
+
+sub usage {
+  die "Usage:\n\n  fs_passwd_server user shellmachine\n";
+}
+
diff --git a/fs_signup/fs_signupd b/fs_signup/fs_signupd
new file mode 100755
index 0000000..582e13c
--- /dev/null
+++ b/fs_signup/fs_signupd
@@ -0,0 +1,49 @@
+#!/usr/bin/perl -Tw
+#
+# fs_passwdd
+#
+# This is run REMOTELY over ssh by fs_passwd_server.
+#
+# ivan@sisd.com 98-mar-9
+
+use strict;
+use Socket;
+
+my($fs_passwdd_socket)="/usr/local/freeside/fs_passwdd_socket";
+
+$ENV{'PATH'} ='/usr/bin:/usr/ucb:/bin';
+$ENV{'SHELL'} = '/bin/sh';
+$ENV{'IFS'} = " \t\n";
+$ENV{'CDPATH'} = '';
+$ENV{'ENV'} = '';
+$ENV{'BASH_ENV'} = '';
+
+$|=1;
+
+my $uaddr = sockaddr_un($fs_passwdd_socket);
+my $proto = getprotobyname('tcp');
+
+socket(Server,PF_UNIX,SOCK_STREAM,0) or die "socket: $!";
+unlink($fs_passwdd_socket);
+bind(Server, $uaddr) or die "bind: $!";
+listen(Server,SOMAXCONN) or die "listen: $!";
+
+my($paddr);
+for ( ; $paddr = accept(Client,Server); close Client) {
+  my($me,$old_password,$new_password,$new_gecos,$new_shell);
+
+  $me=<Client>;
+  $old_password=<Client>;
+  $new_password=<Client>;
+  $new_gecos=<Client>;
+  $new_shell=<Client>;
+
+  print $me,$old_password,$new_password,$new_gecos,$new_shell;
+  my($error);
+
+  $error=<STDIN>;
+  
+  print Client $error;
+  close Client;
+}
+