Fwd: Re: [perl #28075] Perl-5.8.2 NDBM_File creates DB with Perl code inserts

supraexpress at globaleyes.net supraexpress at globaleyes.net
Sun Apr 11 02:07:52 UTC 2004


I have modified the following two Perl scripts to not require Perl-5.8 for
their SWITCH/CASE statements (which have been left in, but commented out).
They have been tested with both Perl-5.6.1 and -5.8.
1) "gen.passwd.new" script to create a password file and insert user entries
   for NDBM, DB1, DB2/3/4, and 'flatfile' (ala INN/CKPASSWD -f)

2) "read.passwd.new" script to read an NDBM, DB1, DB2/3/4, or 'flatfile'
   database for a specific user entry (primarily for testing/verification

-- Attached file included as plaintext by Ecartis --
-- File: gen.passwd.new

#!/usr/local/bin/perl
# print usage
if ($#ARGV != 7) {
	print("\nUsage: gen.passwd.new -n <file name>\n");
	print("                      -t <storage type>\n");
	print("                      -u <userid>\n");
	print("                      -p <password>\n\n");
	print("ALL parameters are required (on one line, of course)\n\n");
	print("  <file name>: base filename for database or complete filename for flatfile,\n");
	print("               quoted if necessary; case sensitive\n");
	print("  <storage type>: n|ndbm, db|db1, db2|db3|db4, f|flatfile\n");
	print("  <userid>,<password>: (case sensitive) plaintext strings, quoted if necessary\n\n");
	print("Requirements: ndbm  -> NDBM_File.pm\n");
	print("              db1   -> DB_File.pm\n");
	print("              db2-4 -> BerkeleyDB.pm; libdb2.x-libdb4.x\n");
	print("              perl  -> 5.8 (to use SWITCH/CASE code)\n\n");
	print("Berkeley databases (db1-4) are HASH formatted\n");
	print("Flatfile corresponds to CKPASSWD flat file (-f) format\n\n");
	exit 0;
}

#require 5.008;

# process options (requires Perl >= 5.8)
#use Switch;
#for ($I=0;$I<8;$I=$I+2) {
#  switch (@ARGV[$I]) {
#    case "-n"	{$pwfilename = @ARGV[$I + 1]}
#    case "-t"	{$filetype = lc(@ARGV[$I + 1])}
#    case "-u"	{$userid = @ARGV[$I + 1]}
#    case "-p"	{$userpw = @ARGV[$I + 1]}
#    else	{print("INVALID PARAMETER: @ARGV[$I]\n"); exit 1}
#  }
#}

# for use with Perl < 5.8
for ($I=0; $I < 8; $I = $I + 2){
  if    ("@ARGV[$I]" eq "-n") {$pwfilename = @ARGV[$I + 1]}
  elsif ("@ARGV[$I]" eq "-t") {$filetype = lc($ARGV[$I + 1])}
  elsif ("@ARGV[$I]" eq "-u") {$userid = @ARGV[$I + 1]}
  elsif ("@ARGV[$I]" eq "-p") {$userpw = @ARGV[$I + 1]}
  else  {print("INVALID PARAMETER: @ARGV[$I]\n"); exit 1}
}

my @alphabet = ('.', '/', 0..9, 'A'..'Z', 'a'..'z');
my $salt = join '', @alphabet[rand 64, rand 64];
my $cryptpasswd = crypt ($userpw, $salt);

# validate filetype (requires Perl >= 5.8)
#switch ($filetype) {
#  case /n|ndbm/	{NDBM()}
#  case /db2|db3|db4/   {DB234()}
#  case /db|db1/	{DB1()}
#  case /f|flatfile/	{FLATFILE()}
#  else			{print("INVALID FILETYPE: $filetype\n")}
#}

# for use with Perl < 5.8
if    ($filetype =~ /n|ndbm/)      {NDBM()}
elsif ($filetype =~ /db2|db3|db4/) {DB234()}
elsif ($filetype =~ /db1|db/)      {DB1()}
elsif ($filetype =~ /f|flatfile/)  {FLATFILE()}
else  {print("INVALID FILETYPE: $filetype\n")}

exit;
##############
sub DB234 {
if ($pwfilename =~ /.*\.db/) {
  print("Invalid '.db' in '$pwfilename'\n"); return
} 
$pwfilename=$pwfilename.".db";
print("DB234 pwfilename: $pwfilename, userid:$userid\n");
use BerkeleyDB;
use Fcntl;
my $db = new BerkeleyDB::Hash
        -Filename => "$pwfilename",
	-Flags => DB_CREATE
		or die "cannot create '$pwfilename': $BerkeleyDB::Error\n";
$db->db_put("$userid", "$cryptpasswd");
$status=$db->db_close();
undef $db;
}
##############
sub NDBM {
if ($pwfilename =~ /.*\.db/) {
  print("Invalid '.db' in '$pwfilename'\n"); return
}
print("NDBM pwfilename: $pwfilename.db, userid:$userid\n");
use NDBM_File;
use Fcntl;
my $db = NDBM_File::TIEHASH('NDBM_File', "$pwfilename", O_RDWR | O_CREAT, 0640)
    or die "Cannot open '$pwfilename': $!\n";
$rc = NDBM_File::STORE($db, $userid, $cryptpasswd);
}
##############
sub FLATFILE {
print("FLATFILE pwfilename: $pwfilename, userid:$userid\n");
open(pwfile,">>$pwfilename") || die "Couldn't open '$pwfilename'\n";
print(pwfile "$userid:$cryptpasswd\n");
close(pwfile);
}
##############
sub DB1 {
if ($pwfilename =~ /.*\.db/) {
  print("Invalid '.db' in '$pwfilename'\n"); return
}
$pwfilename=$pwfilename.".db";
print("DB1 pwfilename: $pwfilename, userid:$userid\n");
use DB_File;
use Fcntl;
tie (%db, 'DB_File', $pwfilename, O_RDWR | O_CREAT, 0640, $DB_HASH)
  or die "Cannot open '$pwfilename': $!\n";
$db{$userid} = $cryptpasswd;
untie %db;
}


-- Attached file included as plaintext by Ecartis --
-- File: read.passwd.new

#!/usr/local/bin/perl
# print usage
if ($#ARGV != 7) {
	print("\nUsage: read.passwd.new -n <file name>\n");
	print("                       -t <storage type>\n");
	print("                       -u <userid>\n");
	print("                       -p <password>\n\n");
	print("ALL parameters are required (on one line, of course)\n\n");
	print("  <file name>: base filename for database or complete filename for flatfile,\n");
	print("               quoted if necessary; case sensitive\n");
	print("  <storage type>: n|ndbm, db|db1, db2|db3|db4, f|flatfile\n");
	print("  <userid>,<password>: (case sensitive) plaintext strings, quoted if necessary\n\n");
	print("Requirements: ndbm  -> NDBM_File.pm\n");
	print("              db1   -> DB_File.pm\n");
	print("              db2-4 -> BerkeleyDB.pm; libdb2.x-libdb4.x\n");
	print("              perl  -> 5.8 (for SWITCH/CASE code)\n\n");
	print("Berkeley databases (db1-4) are HASH formatted\n");
	print("Flatfile corresponds to CKPASSWD flat file (-f) format\n\n");
	exit 0;
}

#require 5.008;

# process options (requires Perl >= 5.8)
#use Switch;
#for ($I=0;$I<8;$I=$I+2) {
#  switch (@ARGV[$I]) {
#    case "-n"	{$pwfilename = @ARGV[$I + 1]}
#    case "-t"	{$filetype = lc(@ARGV[$I + 1])}
#    case "-u"	{$userid = @ARGV[$I + 1]}
#    case "-p"	{$userpw = @ARGV[$I + 1]}
#    else	{print("INVALID PARAMETER: @ARGV[$I]\n"); exit 1}
#  }
#}

# for use with Perl < 5.8
for ($I=0; $I < 8; $I = $I + 2){
  if    ("@ARGV[$I]" eq "-n") {$pwfilename = @ARGV[$I + 1]}
  elsif ("@ARGV[$I]" eq "-t") {$filetype = lc($ARGV[$I + 1])}
  elsif ("@ARGV[$I]" eq "-u") {$userid = @ARGV[$I + 1]}
  elsif ("@ARGV[$I]" eq "-p") {$userpw = @ARGV[$I + 1]}
  else  {print("INVALID PARAMETER: @ARGV[$I]\n"); exit 1}
}

# validate filetype (requires Perl >= 5.8)
#switch ($filetype) {
#  case /n|ndbm/		{NDBM()}
#  case /db2|db3|db4/    {DB234()}
#  case /db|db1/		{DB1()}
#  case /f|flatfile/	{FLATFILE()}
#  else			{print("INVALID FILETYPE: $filetype\n")}
#}

# for use with Perl < 5.8
if    ($filetype =~ /n|ndbm/)      {NDBM()}
elsif ($filetype =~ /db2|db3|db4/) {DB234()}
elsif ($filetype =~ /db1|db/)      {DB1()}
elsif ($filetype =~ /f|flatfile/)  {FLATFILE()}
else  {print("INVALID FILETYPE: $filetype\n")}

exit;
##############
sub DB234 {
  $pwfilename=$pwfilename.".db";
  print("\nDB234 pwfilename: $pwfilename\n\n");
  use BerkeleyDB;
  my $db = new BerkeleyDB::Hash
          -Filename => "$pwfilename"
  		or die "cannot open '$pwfilename': $BerkeleyDB::Error\n";
  $db->db_get("$userid", $pwfpasswd);
  if ($pwfpasswd eq "") {print("Userid:$userid - Not Found\n\n")}
  else {
    my $cryptpasswd = crypt($userpw,$pwfpasswd);
    print("User:$userid, InputPW:$userpw\n");
    print("pwfpasswd:'$pwfpasswd', cryptInputPW:'$cryptpasswd'\n");
    if ("$pwfpasswd" eq "$cryptpasswd") {print("Passwords MATCH\n\n");}
    else {print("Passwords do NOT match\n\n");}
  }
  $db->db_close();
  undef $db;
}
##############
sub NDBM {
  print("\nNDBM pwfilename: $pwfilename\n\n");
  use NDBM_File;
  use Fcntl;
  tie (%db, 'NDBM_File', "$pwfilename", O_RDONLY, 0440)
      or die "Cannot open '$pwfilename': $!\n";
  my $pwfpasswd = $db{$userid};
  if ("$pwfpasswd" eq "") {print("User:$userid - NOT FOUND\n\n")}
  else {
    my $cryptpasswd = crypt ($userpw, $pwfpasswd);
    print("User:$userid, InputPW:$userpw\n");
    print("pwfpasswd:'$pwfpasswd', cryptInputPW:'$cryptpasswd'\n");
    if ("$pwfpasswd" eq "$cryptpasswd") {print("Passwords MATCH\n\n")}
    else {print("Passwords do NOT match\n\n")}
  }
  untie %db;
}
##############
sub FLATFILE {
  print("\nFLATFILE pwfilename: $pwfilename\n\n");
  open(pwfile,"$pwfilename") || die "Couldn't open '$pwfilename'\n";
  my $userfound = "no"; my $cryptpasswd = "";
  while(<pwfile>) {
    $dataline = $_; chomp $dataline;
    ($pwfuserid,$pwfpasswd) = split(":",$dataline);
    $cryptpasswd = crypt($userpw, $pwfpasswd);
    if ("$pwfuserid" eq "$userid") {$userfound = "yes";last}
  }
  if ("$userfound" eq "yes") {
    print("User:$userid, InputPW:$userpw\n");
    print("pwfpasswd:'$pwfpasswd', cryptInputPW:'$cryptpasswd'\n");
    if ("$pwfpasswd" eq "$cryptpasswd") {print("Passwords MATCH\n\n")}
    else {print("Passwords do NOT match\n\n")}
  }
  else {print("Userid:$userid - NOT found\n\n")}
  close(pwfile);
}
##############
sub DB1 {
  $pwfilename=$pwfilename.".db";
  print("\nDB1 pwfilename: $pwfilename\n\n");
  use DB_File;
  use Fcntl;
  tie (%db, 'DB_File', $pwfilename, O_RDONLY, 0440, $DB_HASH)
    or die "Cannot open '$pwfilename': $!\n";
  my $pwfpasswd = $db{$userid};
  if ("$pwfpasswd" eq "") {print("User:$userid - NOT FOUND\n\n")}
  else {
    my $cryptpasswd = crypt ($userpw, $pwfpasswd);
    print("User:$userid, InputPW:$userpw\n");
    print("pwfpasswd:'$pwfpasswd', cryptInputPW:'$cryptpasswd'\n");
    if ("$pwfpasswd" eq "$cryptpasswd") {print("Passwords MATCH\n\n")}
    else {print("Passwords do NOT match\n\n")}
  }
  untie %db;
}




More information about the inn-workers mailing list