From 202a7dfaca69e51337631aec1261acd2d40cc098 Mon Sep 17 00:00:00 2001 From: Peter Gietz <peter@daasi.de> Date: Fri, 16 Dec 2011 13:19:48 +0000 Subject: [PATCH] removed a file pwReset.sys~ git-svn-id: https://textgridlab.org/svn/textgrid/trunk/middleware/tgauth@11704 7c539038-3410-0410-b1ec-0f2a7bf1c452 --- .../etc/pwReset.sys~ | 417 ------------------ 1 file changed, 417 deletions(-) delete mode 100644 info.textgrid.middleware.tgauth.passwordReset/etc/pwReset.sys~ diff --git a/info.textgrid.middleware.tgauth.passwordReset/etc/pwReset.sys~ b/info.textgrid.middleware.tgauth.passwordReset/etc/pwReset.sys~ deleted file mode 100644 index 73546dc..0000000 --- a/info.textgrid.middleware.tgauth.passwordReset/etc/pwReset.sys~ +++ /dev/null @@ -1,417 +0,0 @@ -#reading file /usr/local/src/devel/IdM/pwReset/etc/pwReset-unclean.sys - -progname = "pwReset" - -version = 0.1 - -date = "2011-01-11" -<author> - name = "Peter Gietz" - org= "DAASI International GmbH" - mail = "peter.gietz@daasi.de" -</author> - -<copyright> -text1 = Copyright (c) 2005 DAASI International GmbH -text2 = This library is free software; you can redistribute it and/or \ -modify it under the same terms as Perl itself. -</copyright> - -progshortdescr = "Webtool for password reset" - -<progdescription> -text1 ="pwReset is a simple webtool for password reset. It works as follows: \ -When first started (status = 'none') it tests whether cookies are enabled \ -(via redirect to status testcookie), and returns a respective message to the \ -user if not, with a link to start all over again." -text2 = "If the cookie is \ -retrievable an Apache-session is established (information is stored in files \ -on the server) and a mask is shown to the user, where she can input an ID \ -(loginid, email address or TextGrid ID). If mode 'oneinputfield' is set in the \ -configuration there is one input field for either of them, if not, there are \ -three separate input fields." -text3 = "After pressing the \"verify me\" button the programm is called with \ -'sendlink' status where the programm first checks whether the input values \ -conform to configurable regular expressions \ -(e.g. \".*\\@.*\" for email address), \ -returns respective errors if they do not conform. If they do, the programm \ -looks up the ID in the LDAP server and retrieves an email address from there \ -(even if the ID was the mail address). \ -If the ID was found a separate sessionid (not the ID in the cookie) is created \ -and concatenated to an url that calls status 'printform' and that url is sent \ -to the email address with some configurable text." -text4 = "If the user clicks on the url in that email, the sessionid in the \ -query is compared with the respective id stored in the session and if they \ -are identical a form to input the password (in two separate input fields) is \ -displayed. After pressing the button \"reset password\" the program is \ -restarted with the status 'modify'." -text5 = "In this last status again the matching of sessionid is checked, as \ -well as the matching of password and retyped password. Then it is checked how \ -often the session has been used (there is a counter for every access) and \ -whether that number is less than a configurable maximum. The password value is \ -then tested against the configurable regular expression that defines the \ -password policy. If any of these checks fail a respective error message is \ -displayed, otherwise the program looks up the entry and changes the password \ -in the LDAP server." -text6 = "At any error state, the user either gets the last input screen (e.g. \ -when wrong values have been inputted) or a link to restart the process (e.g. if \ -session is not valid any more). A lot of things are configurable (see the \ -single options below). HTTPS as well as TLS for the LDAP connection can be \ -enforced. All activities can be logged. Configuration concerning input fields \ -(labels, regExp, etc.) happens in a hash at the beginning of the source code. \ -Everything else can be configured in a Apache style configuration file. All \ -passwords needed (for LDAP access and for SMTP auth) are sored in a separate \ -file." -text7= "If you start the program with status 'adminhelp' \ -(/url/?status=adminhelp) this manpage is displayed in the browser. You can \ -additionally specify one single configuration option to only have the help to \ -that option displayed (e.g. /url/?status=adminhelp&helpfeature=emailconfig). \ -The adminhelp feature can be turned off in the configuration." - -</progdescription> - - -<bugs> -text1 = "Please report bugs to peter.gietz@daasi.de" -text2 = "some todos are: " -text3 = "more than one regExp per inputfield" -text4 = "multilanguage support is already designed but needs gettext translations" -text5 = "configurable css file does not work properly yet" -</bugs> - -<additions example> -text1 = "For getting this manpage: " -text2 = " pwReset.pl -h" -text3 = " " -</additions> - -<additions requirements> -text1 = "Following modules are required: " -text2 = "* Config::General" -text5 = "* File::Basename" -text6 = "* File::Copy" -text7 = "* File::Flock" -text8 = "* File::Temp" -text9 = "* Getopt::Std" -text10 = "* IO::Prompt" -text11 = "* Log::Log4perl" -text12 = "* LWP::Authen::Ntlm" -text13 = "* MIME::Base64" -text14 = "* Net::LDAP" -text15 = "* Net::SMTP" -text18 = "* Text::Wrap" -</additions> - -<options loglevel> - key = "l" - must = 0 - description = "Loglevel for controlling logmessages." - description_de = "Loglevel zur Kontrolle des Logging." - arg = 1 - argtype = "skalar" - values = "no, all, debug, info, warn, error, fatal" - default = "warn" -</options> - -<options logfile> - key = "L" - must = 0 - description = "Name of the logfile with absolute or relative path. " - description_de = "Name der Logdatei mit absolutem oder relativem Pfad." - arg = 1 - argtype = "filename_add_subdir_log" - default = "pwReset.log" -</options> - -<options debugmode> - key = "d" - must = 0 - description = "Sets debug mode to on." - description_de = "Stellt den Debug-Modus an." - arg = 0 -</options> - -<options verbose> - key = "v" - must = 0 - description = "Sets verbose mode which makes the program quite chatty." - description_de = "Stellt den Verbose-Modus an, womit das Programm \ - gespraechiger wird." - arg = 0 -</options> - -<options language> - key = "G" - must = 0 - description = "Sets the language for output like this one" - description_de = "Setzt die Sprache fuer Ausgaben wie diese. " - arg = 1 - default = en - values = en, de -</options> - -<options passwordfile> - key = "p" - description = "Name of the password file which contains the secrets \ - the programm must know to connect to data bases etc. \ - The format for all lines of this file must be: \ - <token><blank><password> where <token> has to be the \ - option label which defines the database such as e.g. \ - \"outputuri\". " - description_de = "Name einer Datei, welche die Passworte enthaelt, \ - die das Programm wissen muss um Datenbanken zu \ - kontaktieren etc. Das Format dieser Datei ist: \ - <Token><Leerzeichen><Passwort> wobei <Token> ein \ - Optionsname sein muss, welcher die Datenbank \ - definiert wie z.B. \"outputuri\". " - arg = 1 - default = "pwReset.secret" - argtype = "filename_exist" -</options> - -<options configfile> - key = "c" - must = 0 - description = Name of the user config file with absolute or \ - relative path." - description_de = Name der benutzerdefinierten Konfigurationsdatei \ - mit absolutem oder relativem Pfad." - arg = 1 - argtype = "filename_exist_subdir_etc" - default = "./etc/pwReset.conf" -</options> - - -<options printhelp> - key = "h" - must = 0 - description = "prints out the manpage" - description_de = "Druckt die Manpage aus" - arg = 0 -</options> - - -<options helpfeature> - key = "H" - must = 0 - description = "prints out description of the feature referenced by \ - commandline flag or config file token. " - description_de = "Druckt die Beschreibung der Option aus, die \ - entweder ueber den Kommandozeilen- oder ueber den \ - Konfigurationsdatei-Parameter spezifiziert wird." - arg = 1 -</options> - - -<options emailconfig> - key = "e" - must = 0 - description = "specifies the SMTP-communication of the program, in a \ - string with token-value pairs, format: \ - \#token1=value1;\#token2=value; etc. \ - Following tokens are understood: \ - \#smtprelay sets the mailserver from which the mail should \ - be sent \ - \#from sets the from address of the mail to be sent. \ - \#to sets the mailaddress of the administrator to whom mails \ - should be sent. More than one address can be separated by \ - comma. \ - \#subjectpart sets a prefix that will be included in the \ - subject line.\n\ - \#hello sets the smtpclient name.\n\ - \#smtpuser sets the user name SMTP Auth authentication. \ - In this case the corresponding password has to \ - be stored in the passwordfile (-p, default is \ - dbconnector.secret) behind the token smtpauth." - description_de = "Spezifiziert das Mail-Interface des Programms \ - wodurch in bestimmten Faellen automatische E-Mails an den \ - Administrator geschickt werden koennen. Das Format besteht \ - aus mit Semikolon getrennten Schluessel-Wert-Paaren, wobei \ - der Schluessel mit einem vorgestellten \# gekennzeichnet \ - wird: \n\ - \#token1=value1;\#token2=value; etc. \n\ - Folgende Tokens werden unterstuetzt: \n\ - \#smtprelay spezifiziert den Mailserver von welchem aus die \ - Mail geschickt werden soll.\n\ - \#from spezifiziert die Sender-E-Mail-Adresse.\n\ - \#to spezifiziert die Ziel-Adresse des Administratoren, an \ - den die automatischen Mails geschickt werden sollen. \ - Hierbei koennen mehrere mit Komma separierte Adressen \ - angegeben werden.\n\ - \#subjectpart setzt ein Praefix fuer die verschiedenen \ - Mail-Subjects.\n\ - \#hello setzt den smtpclient-Namen.\n\ - \#smtpuser setzt den User-Namen für SMTP \ - Auth-Authentifizierung. Wenn dieser gesetzt ist, muss \ - das korrespondierende Passwort in der mit \ - passwordfile spezifizierten Datei (-p, Voreinstellung \ - ist dbconnector.secret) hinter dem Stichwort smtpauth \ - eingetragen sein." - arg = 1 - argtype = token_emailinfo - default = 0 -</options> - -<options cssfile> - key = "C" - must = 0 - description = "Name of the CSS file with absolute or \ - relative path." - description_de = "Name der CSS-Datei \ - mit absolutem oder relativem Pfad." - arg = 1 - argtype = "filename_exist_subdir_etc" - default = "./etc/pwReset.css" -</options> - -<options sessionpath> - key = "s" - must = 0 - description = "Path (relative or absolute) of the directory where to store session information." - description_de = "Pfad (relativ oder absolut) zum Verzeichnis, in dem die Session-Informationen gespeichert werden." - arg = 1 - argtype = "filename_dir" - default = "./sessions" -</options> - -<options sessionlockpath> - key = "S" - must = 0 - description = "Path (relative or absolute) of the directory where to store session lock information." - description_de = "Pfad (relativ oder absolut) zum Verzeichnis, in dem die Session-Lock-Informationen gespeichert werden." - arg = 1 - argtype = "filename_dir" - default = "./locks" -</options> - -<options sessiontime> - key = "T" - must = 0 - description = "Sets the duration of a cookie session. Format: +<number><unit>, where you can specify the following units: s for seconds, m for minutes, h for hours, d for days, M for months, and y for years" - description_de = "definiert die Lebensdauer einer cookie session. Format: +<Nummer><Einheit>, wobei Einheit s für Sekunden, m für Minuten, h für Stunden, d für Tage, M für Monate, und y für Jahre steht. " - arg = 1 - default = "2d" -</options> - - -<options title> - key = "t" - must = 1 - description = "Sets the page title." - description_de = "definiert den Seitentitel." - arg = 1 - default = "Password Reset Tool" -</options> - -<options charset> - key = "X" - must = 1 - description = "Sets the character set." - description_de = "definiert die Zeichensatzkodierung." - arg = 1 - default = "utf-8" - values = "utf-8, iso5889" -</options> - -<options bgcolor> - key = "b" - must = 0 - description = "Sets the background color" - description_de = "definiert die Hintergrundsfarbe." - arg = 1 - default = "ffffff" -</options> - -<options linkmail> - key = "K" - must = 0 - description = "Sets the text for the link mail" - description_de = "Definiert die link mail" - arg = 1 - default = "You receive this message, because someone (probably you) requested $ to reset your Password. $ You can do this with following link: %URL%" -</options> - - -<options meta> - key = "M" - must = 0 - description = "Sets the metatags. Format: name1:content1|name2:content2" - description_de = "definiert die Meta-Tags. \ - Format: name1:content1|name2:content2" - arg = 1 - default = "Robots:noindex,nofollow" -</options> - -<options ldapuri> - key = "u" - must = 1 - description = "URI for input of LDAP data. \n\ - The format for the LDAP URI is (see RFC 4516): \ - ldap://<host>[:<port>]/<basedn>?<attributes>?<scope>?\n\ - <filter>?<extension> where <extension> can by now only \ - be either bindname=<bindname> for authenticating to the \ - server. In this case the corresponding password has to \ - be stored in the passwordfile (-p, default is \ - dbconnector.secret) behind the token inputuri. \ - The second extension supported is \ - config=<Slapd-configuration file>, which is only \ - needed with inputformat _REPL." - description_de = "URI fuer Eingabedaten aus einem LDAP-Server.\n\ - Das Format fuer die LDAP-URI (siehe RFC 4516) ist: \ - ldap://<host>[:<port>]/<basedn>?<attributes>?<scope>?\n\ - <filter>?<extension> wobei als <extension> gegenwaertig \ - folgende Erweiterungen unterstuetzt werden:\n\ - bindname=<bindname> zur Authentifizierung am Server, \ - wobei das korrespondierende Passwort in der mit \ - passwordfile spezifizierten Datei (-p, Voreinstellung \ - ist dbconnector.secret) hinter dem Stichwort inputuri \ - eingetragen sein muss.\n\ - config=<Slapd-configuration file>, womit die zu \ - verwendende Open-LDAP-Konfigurationsdatei spezifiziert \ - wird, was nur im Zusammenhang mit dem inputformat (-I) \ - \"_REPL\" benoetigt wird." - arg = 1 - argtype = "uri" -</options> - -<options pwhash> - key = "P" - must = 1 - description = "Specifies the password hash algorithm" - description_de = "definiert den Passwort-Hash-Algorhitmus" - arg = 1 - default = "SSHA" - values = "SSHA, MD5, CRYPT" -</options> - -<options forcehttps> - key = "f" - must = 0 - description = "Forces https." - description_de = "Erzwingt https." - arg = 0 -</options> - -<options oneinputfield> - key = "o" - must = 0 - description = "Combines all ID-inputfields to one and creates a complex filter" - description_de = "vereinigt alle ID-Eingabefelder in eins und baut entsprechende Filter auf" - arg = 0 -</options> - -<options forcetls> - key = "z" - must = 0 - description = "Forces START_TLS in LDAP-connection" - description_de = "Erzwingt START_TLS in LDAP-Verbindung" - arg = 0 -</options> - -<options enableadminhelp> - key = "a" - must = 0 - description = "Allows display of adminhelp" - description_de = "Erlaubt die Anzeige der Admin-Hilfe" - arg = 0 -</options> -- GitLab