From fdb025226b441ce03c43c7439ff8ebd8b0cb0997 Mon Sep 17 00:00:00 2001
From: Rob van Son <R.J.J.H.vanSon@gmail.com>
Date: Wed, 20 Jun 2012 07:58:30 +0200
Subject: [PATCH] Refactoring

---
 CGIscriptor.pl | 81 +++++++++++++++++++++++++++++-----------------------------
 1 file changed, 41 insertions(+), 40 deletions(-)

diff --git a/CGIscriptor.pl b/CGIscriptor.pl
index 22b4cf2..12dfea1 100755
--- a/CGIscriptor.pl
+++ b/CGIscriptor.pl
@@ -3156,7 +3156,7 @@ sub change_password	# ($loginfile, $sessionfile, $authorizationfile, $password,
 	# Authorization succeeded, change password
 	$authorization->{'Password'}->[0] = $decryptedPassword;
 	# Apply masterkey
-	EncryptTicketWithMasterPassword($authorization, $authorization->{'Salt'}->[0]) || return "";
+	EncryptTicketWithMasterKey($authorization, $authorization->{'Salt'}->[0]) || return "";
 	
 	
 	open(USERFILE, "<$authorizationfile") || die "<$authorizationfile: $!\n";
@@ -3227,8 +3227,8 @@ sub create_newuser	# ($loginfile, $sessionfile, $authorizationfile, $password, $
 	$newaccount->{'Time'} = [$timesec];
 
 	# Encrypt all passwords with the CGIMasterKey
-	EncryptTicketWithMasterPassword($newaccount, $serversalt) || 
-			die "Encryption failed: EncryptTicketWithMasterPassword ($newaccount, $serversalt)\n";
+	EncryptTicketWithMasterKey($newaccount, $serversalt) || 
+			die "Encryption failed: EncryptTicketWithMasterKey ($newaccount, $serversalt)\n";
 	
 	# Re-encrypt the new password for transmission
 	my $plainpasswordline = $newaccount->{'Password'}->[0];
@@ -3388,33 +3388,8 @@ sub create_login_file	#($PasswordDir, $SessionDir, $IPaddress)
 				my $storedpassword = hash_string("${SERVERSALT}${plainpassword}${testuser}");
 				# Encrypt the new password with the MasterKey
 				my $authorization = read_ticket("$PasswordDir/$testuser") || return "";
-				$authorization->{'Password'} = [$storedpassword];
-				$authorization->{'Salt'} = [$SERVERSALT];
-				EncryptTicketWithMasterPassword($authorization, $SERVERSALT) || return "";
-				$storedpassword = $authorization->{'Password'}->[0];
-				
-				# Now, simply copy the lines
-				# Read the current lines
-				open(USERFILE, "<$PasswordDir/$testuser") || die "</Private/.Passwords/$testuser: $!\n";
-				@USERlines = <USERFILE>;
-				close(USERFILE);
-				
-				# Write the new lines
-				open(USERFILE, ">$PasswordDir/$testuser") || die ">/Private/.Passwords/$testuser: $!\n";
-				# Add Password and Salt
-				foreach my $line (@USERlines)
-				{
-					$line =~ s/^Password: (.*)$/Password: $storedpassword/ig;
-					$line =~ s/^Salt: (.*)$/Salt: $SERVERSALT/ig;
-		
-					# Print the line
-					print USERFILE $line;
-					
-					# Disable all accounts with an expiration date, ie, admin
-					print USERFILE "Expires: -1\n" if $line =~ /Expires/;
-				};
-				close(USERFILE);
-				
+				set_password($authorization, $SERVERSALT, $plainpassword);
+				write_ticket("$PasswordDir/$testuser", $authorization, $SERVERSALT);
 			};
 		};
 	};
@@ -3630,18 +3605,42 @@ sub remove_expired_tickets # ($path) -> number of tickets removed
 	return $removed_tickets;
 };
 
-sub write_ticket	# ($ticketfile, $ticket, $salt) -> &%ticket
+sub set_password # ($ticket, $salt, $plainpassword) -> $password
+{
+	my $ticket = shift || "";
+	my $salt = shift || "";
+	my $plainpassword = shift || "";
+	
+	my $user = $ticket->{'Username'}->[0];
+	return "" unless $user;
+	my $storedpassword = hash_string("${salt}${plainpassword}${user}");
+
+	$ticket->{'Password'} = [$storedpassword];
+	return $ticket->{'Password'}->[0];
+};
+
+sub write_ticket	# ($ticketfile, $ticket, $salt [, $masterkey]) -> &%ticket
 {
 	my $ticketfile = shift || "";
 	my $ticket = shift || "";
 	my $salt = shift || "";
+	my $masterkey = shift || "";
+	
+	# Encrypt password
+	EncryptTicketWithMasterKey($ticket, $salt, $masterkey);
 	
 	# Sign the new ticket
+	my @orderlist = ('Type', 'Username', 'IPaddress', 'AllowedPaths', 'DeniedPaths', 
+						'Expires', 'Capabilities', 'Salt', 'Session', 'Randomsalt', 
+						'Date', 'Time', 'Signature', 'Key', 'Secretkey');
+	my @labellist = keys(%{$ticket});
 	my $signature = SignTicketWithMasterkey($ticket, "");
 	open(TICKET, ">$ticketfile") || die "$ticketfile: $!\n";
-	foreach my $label ('Type', 'Username', 'IPaddress', 'AllowedPaths', 'DeniedPaths', 
-						'Expires', 'Capabilities', 'Salt', 'Session', 'Randomsalt', 
-						'Date', 'Time', 'Signature', 'Key', 'Secretkey')
+	foreach my $label (@orderlist)
+	{
+		@labellist = grep(!/\b$label\b/, @labellist);
+	};
+	foreach my $label (@orderlist, @labellist)
 	{
 		next unless exists($ticket->{$label}) && $ticket->{$label}->[0];
 		foreach my $value (@{$ticket->{$label}})
@@ -3654,9 +3653,11 @@ sub write_ticket	# ($ticketfile, $ticket, $salt) -> &%ticket
 	return $ticketfile;
 };
 
-sub read_ticket	# ($ticketfile) -> &%ticket
+sub read_ticket	# ($ticketfile [, $masterkey]) -> &%ticket
 {
 	my $ticketfile = shift || "";
+	my $masterkey = shift || "";
+	
 	my $ticket = {};
 	if($ticketfile && -s $ticketfile)
 	{
@@ -3727,8 +3728,8 @@ sub read_ticket	# ($ticketfile) -> &%ticket
 			};
 		};
 		# Decrypt all passwords
-		DecryptTicketWithMasterPassword($ticket, $serversalt) ||
-			die "Decryption failed: DecryptTicketWithMasterPassword ($ticket, $serversalt)\n";
+		DecryptTicketWithMasterKey($ticket, $serversalt, $masterkey) ||
+			die "Decryption failed: DecryptTicketWithMasterKey ($ticket, $serversalt)\n";
 
 	};
 	if(exists($ticket->{Expires}))
@@ -3806,7 +3807,7 @@ sub TicketSignature # ($ticket, $serversalt [, $masterkey]) -> $Signature
 };
 
 # Decrypts a password list IN PLACE
-sub DecryptTicketWithMasterPassword # ($ticket, $serversalt) -> \@password_list
+sub DecryptTicketWithMasterKey # ($ticket, $serversalt) -> \@password_list
 {
 	my $ticket = shift || return 0;
 	my $serversalt = shift || "";
@@ -3831,9 +3832,9 @@ sub DecryptTicketWithMasterPassword # ($ticket, $serversalt) -> \@password_list
 	};
 	return $ticket->{Password};
 };
-sub EncryptTicketWithMasterPassword # ($ticket, $serversalt) -> \@password_list
+sub EncryptTicketWithMasterKey # ($ticket, $serversalt) -> \@password_list
 {
-	DecryptTicketWithMasterPassword(@_);
+	DecryptTicketWithMasterKey(@_);
 };
 
 # End of Handle login access
-- 
2.11.4.GIT