• htpasswd.cgi 网页远程修改gerrit ht 认证的密码文件


    在搭建gerrit系统时,一般都会采用apache的.htacces 认证方法 但trac本身并不提供修改密码的功能,修改密码只能通过htpasswd/htpasswd2命令来进行,这的确是一件相当不make sense的事。
    其实,利用一个免费的perl脚本可以方便的通过http方式修改apache的认证文件。
    文件名:htpasswd.pl,获取地址http://home.xnet.com/~efflandt/pub/htpasswd.pl
    该脚本可以通过web浏览器从你的htpasswd文件直接增加或者删除用户,管理者密码是经过加密的。该脚本本身并不保护一个目录,也不创建一个口令保护功能。它仅用来帮助你管理你的口令文件。这就是说在你的服务器上事先应有口令文件时,该脚本方可发挥作用。

    安装&配置

    1.拷贝htpasswd.pl至cgi-bin目录

    linux对应 /var/www/cgi-bin
    suse对应/srv/www/cgi-bin
    fedora对应/var/www/cgi-bin

    或者放置在例如如/usr/lib 的任意位置,不过需要在apache的配置文件vi /etc/apache2/sites-available/default添加:

    ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
        <Directory "/usr/lib/cgi-bin">
            AllowOverride None
            Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
            Order allow,deny
            Allow from all
        </Directory>

    2.改名
    把htpasswd.pl改名为htpasswd.cgi
    3.用文本编辑器打开配置脚本(cfg.pl)
    编辑如下变量:
    #!/usr/local/bin/perl 修改为 #!/bin/perl
    配置要修改的apache认证文件,找到以下几行
    # Password file with full system path (where not accessible by URL).
    $file = '/home/gerrit/gerrit.passwd'; 修改为你的验证文件是/etc/apache2/auth-file
    step4 chmod 755 htpasswd.cgi

    已经配置搭建好apache的话,访问http://localhost/cgi-bin/htpasswd.cgi即可出现密码修改页面
    #!/usr/bin/perl 

    # htpasswd.cgi by David Efflandt (efflandt@xnet.com) 8/97
    # Last update 10/4/99
    #
    # Update password file from the web for use with user authentication.
    # Stores each line in the format: username:crypted_password
    #
    # Built-in form is provided if you GET the script.
    # Form is processed if you POST to this script.
    #
    # If you want your passwords to be secure, it is best to run this
    # suid as you (chmod 4705 htpasswd.cgi) which may require C wrapper.
    # Also keep this script in a directory that requires user authentication
    # unless you allow new users to set their own password (see $allow_new).
    #
    # If not running suid you should touch the password file first and
    # chmod 606 (or whatever is req'd to access it as you and webserver).
    #
    # To add or remove users by an administrator, create a user called 'admin'
    # with a password.  Enter username you want to add or remove with admin
    # password as "Current Password" (plus new passwords for new users).
    #
    # Anyone may remove their own name from the password file if they supply
    # their correct password.

    ### Variables

    # Password file with full system path (where not accessible by URL).
    $file = '/home/gerrit/gerrit.passwd';

    # Allow anyone to add new users (1 = yes, 0 = no)
    $allow_new = 0;

    # Set untainted path for suid scripts
    $ENV{PATH} = '/bin:/usr/bin:/usr/local/bin';
    $ENV{IFS} = "" if $ENV{IFS} ne "";

    ### End of Variables

    # Create form and exit on GET
    &make_form unless ($ENV{'REQUEST_METHOD'} eq "POST");

    # Get POST input
    read(STDIN, $buffer, $ENV{'CONTENT_LENGTH'});

    # Split the name-value pairs
    @pairs = split(/&/, $buffer);

    foreach $pair (@pairs)
    {
      ($name, $value) = split(/=/, $pair);

      $value =~ tr/+/ /;
      $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
      $name =~ tr/+/ /;
      $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

      $FORM{$name} = $value;
    }

    if ($FORM{user}) {
      $user = $FORM{user};
    } else {
      &error("Error", "Username missing from form.");
    }
    $pwd = $FORM{old};
    $command = $FORM{command};
    unless (($command eq 'remove')
        ||($FORM{new} && $FORM{new} eq $FORM{new2})) {
      &error("Password Mismatch", "New password mismatch or missing.");
    }

    # Get existing passwords
    if (-e $file) {
      open (IN, $file) or &error("Error", "Can't open password file: $!");
      flock(IN,2);
      seek(IN,0,0);
      while (<IN>) {
        chomp;
        ($name, $value, $tail) = split(/:/, $_, 3);
        $hash{$name} = $value;
        $tail{$name} = $tail; # maintain any additional fields
      }
      close IN;
    }

    # Salt for crypt
    @range = ('0'..'9','a'..'z','A'..'Z','.','/');
    srand ( time() ^ ($$ + ($$ << 15)) );
    $salt = $range[rand(int($#range)+1)] . $range[rand(int($#range)+1)];

    # Check for valid password or existing user
    $pass = $hash{$user} if $hash{$user};
    $cpwd = crypt($pwd, $pass);
    $admin = $hash{admin} && crypt($pwd, $hash{admin}) eq $hash{admin};

    if (($command ne 'new') && ($admin || $pass && $cpwd eq $pass)) {
      if ($command eq 'remove') {
        delete($hash{$user}); delete($tail{$user});
        $msg = "User <B>$user</B> was removed from password file.";
      } elsif (!$pass) {
        $msg = "WARNING! 'Change Password' checked for non-existing user? "
        . "<P>Assigning password for new user <B>$user</B> anyway. "
        . "<P>If this was an error, go back and 'Remove User'";
      } else {
        $msg = "Password has been updated for $user.";
      }
    } elsif ($FORM{command} eq 'new') {
      if ($pass) {
        &error("Sorry", "User <B>$user</B> is already assigned.");
      }elsif ($allow_new || $admin) {
        $msg = "Password has been assigned for new user $user.";
      } else {
        &begin_html("Sorry, New User");
        print "Contact file owner for password you can change later.";
        &end_html;
        exit;
      }
    } else {
      &error("Password Error",
        "Invalid user or password or forgot to check 'New User'.");
    }

    # Assign new password to user and write to file
    $hash{$user} = crypt($FORM{new}, $salt) if $command ne 'remove';
    if (open(OUT, ">$file")) {
      flock(OUT,2);
      seek(OUT,0,0);
      foreach $name (sort keys %hash) {
        print OUT "$name:$hash{$name}";
        print OUT ":$tail{$name}" if $tail{$name};
        print OUT " ";
      }
    } else {
      &error("Error","Can't update password file: $!");
    }

    # Print Return HTML
    &begin_html("Thank You");
    print "$msg ";
    &end_html;

    ### Subroutines

    #subroutine begin_html(title)
    sub begin_html {
      local ($title) = @_;
      print "Content-type: text/html ";
      print "<html><head><title>$title</title></head><body> ";
      print "<center><h1>$title</h1></center> <hr><p> ";
    }

    #subroutine end_html
    sub end_html {
    # Add footer links here
      print "<P></body></html> ";
    }

    #subroutine make_form
    sub make_form {
      &begin_html("Change password for Gerrit");

    print <<NEW_FORM;
    Use this form to change your password for access to Gerrit code review system.

    <FORM METHOD="POST" ACTION="$ENV{SCRIPT_NAME}">

    <DL>
    <DT> Username:
    <DD><INPUT NAME="user">

    <DT> Current Password:
    <DD><INPUT TYPE=PASSWORD NAME="old">

    <DT> New Password:
    <DD><INPUT TYPE=PASSWORD NAME="new">

    <DT> Confirm New Password:
    <DD><INPUT TYPE=PASSWORD NAME="new2">

    <DT>Request:
    <DD>
      <INPUT TYPE="radio" NAME="command" VALUE="change" CHECKED> Change Password
    </DL>

    <P><INPUT TYPE="submit" VALUE=" Submit ">
    </FORM>
    NEW_FORM
      &end_html;
      exit;
    }

    sub error {
      local($title,$msg) = @_;
      &begin_html($title);
      print "<P>$msg ";
      print "<P>Please check your name and re-enter passwords. ";
      &end_html;
      exit;
    }




     

  • 相关阅读:
    vsftpd安装问题汇总(持续更新。。)
    Office2010安装问题总结
    AM335X 开发板安装vsftpd操作流程
    Source Insight常用快捷键及注释快捷键设置
    小四轴之第二次飞行篇
    linux命令df中df -h和df -i
    Linux tail 命令
    Linux chmod命令用法
    ps -ef |grep java
    jupyter notebook安装、登录
  • 原文地址:https://www.cnblogs.com/james1207/p/3329129.html
Copyright © 2020-2023  润新知