📄 ch8.htm
字号:
if ($ARGV[Ø] =~ /^-a(.*)/) {
$total_age = $1;
$total_age = $age + 1 if $total_age <= Ø;
$total_age = $exp = 1 if $total_age > $exp;
shift;
}
($user) = @ARGV;
die "You are unable to change the password for $user.\n" if $my_pswd && $<;
$user = getlogin unless $user;
$user = (getpwid($<))[Ø] unless $user;
$SIG{'INT'} = 'CLEANUP';
$SIG{'HUP'} = 'CLEANUP';
$SIG{'QUIT'} = 'CLEANUP';
$SIG{'PIPE'} = 'CLEANUP';
$SIG{'ALRM'} = 'CLEANUP';
# This traps the signals
die "Password file is busy.\n" if -f 'ptmp';
# This section checks to see if the user has
# already made an application for a password
# to the system.
open(FORMS,"forms") || die "Unable to open the password application file.";
$informs = Ø;
while (<FORMS>) {
chop;
if ($_ eq $user) {
$informs = 1;
last;
}
}
close(FORMS);
die <<"EOM" unless $informs;
There is no password application on file for $user,
please contact the system administrator to make an application.
EOM
print "\nNow changing password for $user.\n";
$login = ''; # This section takes in all password
# entries and logins
open(PASSWD,"passwd") || die "Can't open password file.";
while (<PASSWD>) {
/^([^:]+)/;
if ($1 eq $user) {
($login,$openpasswd,$uid,$gid,$home,$shell) = split(/:/);
die "Your data does not match.
Please try again. ($< $uid $user $x $login)\n"
if $< && $< != $uid; # security
# double check on user and password
$chr = substr($openpasswd,Ø,2);
# These are a listing of names
$ogcos =~ s/,.*//;
$mynames = $ogcos;
$mynames =~ s/\W+/ /;
$mynames =~ s/^ //;
$mynames =~ s/ $//;
$mynames =~ s/ . / /g;
$mynames =~ s/ . / /g;
$mynames =~ s/^.//;
$mynames =~ s/ .$//;
$mynames =~ s/ /|/;
$mynames =~ '^$' if $mynames eq '';
}
++$isalogin{$1} if length($1) >= 6;
}
close(PASSWD);
die "Unable to find $user in password file.\n"; unless $login;
if ($opasswd eq 'x' && -f 'etc/shadow') {
# checking for a shadow password file
$shadow = 1;
open(SHADOW,"shadow") || die "Unable to open shadow password file.";
while (<SHADOW>) {
/^([^:]+)/;
if ($1 eq $user) {
($login,$passwd) = split(/:/);
$chr = substr($opasswd,Ø,2);
last;
}
}
close(SHADOW);
}
open(PASSHIST,"passhist"); # This section retrieves
# old passwords
while (<PASSHIST>) {
/^([^:]+)/;
if ($1 eq $user) {
($login,$oldpass,$when) = split(/:/);
$oldpass{$oldpass} = $when;
}
}
close PASSHIST;
$check = 'sub badpass (local($_) = @_;study;';
# this section uses the subroutine
# BADPASS to match the new password against
# the bad password parameters
open(BADPASS,$BADPASS);
while (<BADPASS>) {
($badpwd,$maybe) = split(/[\n\t]+/);
($response = $maybe) =~ s/'/\\'/ if $maybe;
$check .= "return '$response' if /$badpwd/;\n";
}
close BADPASS;
$check .= 'return Ø;}';
eval $check; # this will define subroutine BADPASS
system 'stty', '-echo';
# This section asks for the new password and checks
# it against the bad password parameters before it
# replaces the old.
if ($<) {
print"Your old password is: ";
chop($passØ = <STDIN>);
print "\n";
do myexit(1) unless $passØ;
if (crypt($passØ,$chr) ne $opasswd) {
print "Cannot complete this function.\n";
do myexit(1);
}
}
for (;;) { # user chooses new password
$good = Ø;
until ($good) {
print "Your new password is: ";
chop($pass1 = <STDIN>);
print "\n";
do myexit(1) unless $pass1;
print "Checking new password against bad password parameters.\n";
$good = &good($pass1);
if ($good && length($pass1) > 8 {
# This stipulates to check only the first 8
# characters of the new password
$pass8 = substr($pass1,Ø,8);
print "rechecking your first 8 characters.\n";
unless ($good = &good($pass8)) {
# This will limit the check to only the first 8 characters
print << 'EOM';
EOM
}
}
};
print "Please enter your new password again: ";
chop($pass2 = <STDIN>);
print "\n";
last if ($pass1 eq $pass2);
print "Passwords don't match, please try again.\n";
}
system 'stty','echo';
if (-f 'ptmp') { # this section checks for a lock on
# the password file
print "Unable to access the password file, will try again in 6Ø seconds...\n";
for ($1 = 6Ø; $i > Ø; -$i) {
sleep(1);
print $i,'...';
last unless -f 'ptmp.txt';
}
}
die "\nThe password file is busy, please try again later.\n" if -f 'ptmp.txt';
open(PTMP,">ptmptmp$$") || die "Unable to create a tempoary password file.\n"; \
# this section locks the tempoary password file
close PTMP;
$lock = link("ptmptmp$$",'ptmp.txt');
unlink "ptmptmp$$";
$lock || die " The password file is busy, please try again later.\n";
open(PASSWD,"passwd") || die "Unable to open password file.\n";
open(PTMP,">ptmp") || die "Unable to copy password file.\n";
$today = time; # this section erypts the passwords
($pert1,$pert2) = unpack("C2", $user);
$week = $today / (6Ø*6Ø*24*7) + $pert1 + $pert2 - $total_age;
$nsalt = $chrset[$today % 64];
$cryptpass = crypt($pass1,$nsalt);
while (<PASSWD>) { # this section builds the new
# password
chop;
($login,$passwd,$uid,$gid,$gcos$,$home,$shell) = split(/:/);
next if $login eq '';
$passwd = '*' if $passwd eq '' && $login !~ /^\+/;
# this disables any open accounts
if ($login eq $me) {
if ($shadow) {
$passwd = 'x';
} else {
$passwd = $cryptpass;
}
# this section introduces an aging element to
# the user's password by switching old passwords
# to another shell. The choice of this shell changes
# with each system
if ($shell =~ /(exp|age)\.(.*)/) {
$shell = "/bin/$2";
}
if ($total_age >= $exp) {
if ($shell =~ m|/bin/(.*)|) {
$sh = $1;
$sh = 'csh' if $sh eq '';
$shell = "/usr/etc/exp.$sh";
}
} elsif ($total_age >= $age) {
if ($shell =~ m|/bin/(.*)|) {
$sh = $1;
$sh = 'csh' if $sh eq '';
$shell = "/usr/etc/age.$sh";
}
}
}
print PTMP "$login:$passwd:$uid:$gid:$gcos:$home:$shell\n"
|| do { unlink 'ptmp.txt' ; die "Unable to write ptmp: $!"; };
}
close PASSWD;
close PTMP;
($dev,$ino,$omode,$nlink,$uid,$gid,$rdev,$osize) = stat('passwd');
($dev,$ino,$omode,$nlink,$uid,$gid,$rdev,$nsize) = stat('ptmp');
if ($nsize < $osize - 2Ø || $uid) {
unlink ('ptmp');
die "Unable to write new password file. ($uid)\n";
}
chmod Ø644, 'ptmp.txt';
if ($shadow) { # this section creates a shadow
# password file
open(SHADOW,"shadow") || die "Unable to open shadow file.\n";
umask Ø77;
open(STMP,"stmp") || die "Unable to copy shadow file.\n";
while (<SHADOW>) { # builds new shadow file
chop;
@fields = split(/:/);
if ($fields[Ø] eq $user) {
$fields[1] = $crypypass;
}
print STMP join(':',@fields), "/n";
}
close SHADOW;
close STMP;
chmod Ø6ØØ, 'shadow';
rename('shadow','shadow_old');
chmod Ø6ØØ, 'stmp';
rename('stmp','shadow');
}
rename('passwd','passwd_old');
rename('ptmp','passwd') || die "Unable to create new password file.: $!\n";
$now = time;
open(PASSHIST,">>passhist") || exit 1;
print PASSHIST "$user:$opasswd:$now\n";
close PASSHIST;
exit Ø;
# Now the subroutines
sub good {
return 1 if $okay;
$pass = shift(@_);
$mono = $pass !~ /^.+([A-Z].*[a-z].*[A-Z])/;
$mono = Ø if $pass =~ /[a-zA-ZØ-9]/;
$now = time;
($nsec,$nmin,$nhour,$nmday,$nmon,$nyear) = localtime($now);
if ($pass =~ /\Ø/) {
print <<"EOM";
Do not use null characters in your passwords.
EOM
return Ø;
}
if (crypt($pass,$chr) eq $opasswd) {
print <<"EOM";
Do not use the same password as you had before.
EOM
return Ø;
}
if ($passØ && length($passØ) == length($pass)) {
$diff = Ø;
for ($i = length($pass)-1; $I >= Ø; -$i) {
++$diff
if substr($pass,$i,1) ne substr($passØ,$i,1);
}
if ($diff <= 2) {
print <<"EOM";
Please enter a new password signifigantly different than your old password.
EOM
return Ø;
}
}
if (length($pass) < 6) {
print "Please choose a password of at least six characters.\n";
}
return Ø;
}
$isaid = Ø;
if ($pass =~ /^[a-zA-Z]/) {
($check = $pass) =~ y/A-Z/a-z/;
if ($response = do badpats($check)) {
print $response, " Please try again.\n";
return Ø;
}
$shorte = '';
$short = $pass;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -