Fixed passwordHook handling

-Added placeholders like %password isntead of appending the password strings directly
-added escapgeshellargs for security reasons

git-svn-id: https://oss.gonicus.de/repositories/gosa/trunk@19467 594d385d-05f5-0310-b6e9-bd551577e9d8

diff --git a/gosa-core/html/password.php b/gosa-core/html/password.php
index 954231dfe3890fb26f4f2ac3bfc8018ab12c8700..9315fe63a406642ccd43c9beda4aa38099b8fd24 100644 (file)
--- a/gosa-core/html/password.php
+++ b/gosa-core/html/password.php
@@ -289,11 +289,13 @@ if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['apply'])) {
         /* Passed quality check, just try to change the password now */
         $output= "";
         if ($config->get_cfg_value("core","passwordHook") != "") {
-            exec(
-                $config->get_cfg_value("core","passwordHook")." ".$ui->username." ".
-                $_POST['current_password']." ".$_POST['new_password'],
-                $resarr
-            );
+
+            $cmd = $config->get_cfg_value("core","passwordHook");
+            $cmd = preg_replace("/%current_password/",escapeshellarg(get_post('current_password')), $cmd);
+            $cmd = preg_replace("/%new_password/",escapeshellarg(get_post('new_password')), $cmd);
+            $cmd = preg_replace("/%uid/",escapeshellarg($ui->username), $cmd);
+            $cmd = preg_replace("/%dn/",escapeshellarg($ui->dn), $cmd);
+            exec($cmd, $resarr);
             if (count($resarr) > 0) {
                 $output= join('\n', $resarr);
             }

diff --git a/gosa-core/include/functions.inc b/gosa-core/include/functions.inc
index f592449fd76cc3cf418a27389dc6d2a8c0172c8f..33ef64f6d9e74e17a808805f4d159b4a5cbaa706 100644 (file)
--- a/gosa-core/include/functions.inc
+++ b/gosa-core/include/functions.inc
@@ -3154,7 +3154,9 @@ function generate_smb_nt_hash($password)
       return ("");
     }
   } else {
-         $tmp= $config->get_cfg_value("core",'sambaHashHook')." ".escapeshellarg($password);
+         $tmp = $config->get_cfg_value("core",'sambaHashHook');
+      $tmp = preg_replace("/%userPassword/", escapeshellarg($password), $tmp);
+      $tmp = preg_replace("/%password/", escapeshellarg($password), $tmp);
          @DEBUG (DEBUG_LDAP, __LINE__, __FUNCTION__, __FILE__, $tmp, "Execute");
 
          exec($tmp, $ar);

diff --git a/gosa-core/plugins/admin/users/class_userManagement.inc b/gosa-core/plugins/admin/users/class_userManagement.inc
index b4bb70beb3a3bc80c8bbd0b46cf73f78d0c19a6a..af2658688d078d5034be5cc05213decad355e521 100644 (file)
--- a/gosa-core/plugins/admin/users/class_userManagement.inc
+++ b/gosa-core/plugins/admin/users/class_userManagement.inc
@@ -320,6 +320,21 @@ class userManagement extends management
                     }
                 }
 
+                // Check password via check hook
+                if ($this->config->get_cfg_value("core","passwordHook") != ""){
+                    $ldap = $this->config->get_ldap_link();
+                    $ldap->cd($this->config->current['BASE']);
+                    $ldap->cat($this->dn,array('uid'));
+                    $attrs = $ldap->fetch();
+                    $cmd = $this->config->get_cfg_value("core","passwordHook");
+                    $cmd = preg_replace("/%current_password/",'',$cmd);
+                    $cmd = preg_replace("/%new_password/",escapeshellarg($new_password), $cmd);
+                    $cmd = preg_replace("/%uid/",escapeshellarg($attrs['uid'][0]), $cmd);
+                    $cmd = preg_replace("/%dn/",escapeshellarg($attrs['dn']), $cmd);
+                    exec($cmd,$resarr);
+                    $message = array_merge($message, $resarr);
+                }
+
                 // Display errors
                 if (count($message) != 0){
                     msg_dialog::displayChecks($message);
@@ -336,13 +351,6 @@ class userManagement extends management
                         return($smarty->fetch(get_template_path('password.tpl', TRUE)));
                     }
                 }
-                if ($this->config->get_cfg_value("core","passwordHook") != ""){
-                    $ldap = $this->config->get_ldap_link();
-                    $ldap->cd($this->config->current['BASE']);
-                    $ldap->cat($this->dn,array('uid'));
-                    $attrs = $ldap->fetch();
-                    exec($this->config->get_cfg_value("core","passwordHook")." ".$attrs['uid'][0]." ".$new_password, $resarr);
-                }
         
                 // The user has to change his password on next login
                 // - We are going to update samba and posix attributes here, to enforce

diff --git a/gosa-core/plugins/personal/password/class_password.inc b/gosa-core/plugins/personal/password/class_password.inc
index d293183a96840ce5ebe623ae5d220e51829f80f7..d7d323c49f3269f0afa18d736fec2f931b8f7f2b 100644 (file)
--- a/gosa-core/plugins/personal/password/class_password.inc
+++ b/gosa-core/plugins/personal/password/class_password.inc
@@ -110,11 +110,15 @@ class password extends plugin
 
             /* Call external password quality hook ?*/
             $check_hook   = $this->config->get_cfg_value("core","passwordHook") != "";
-            $hook         = $this->config->get_cfg_value("core","passwordHook")." ".
-                        $ui->username." ".$current_password." ".$new_password;
 
+            /* Prepare password hook */
+            $cmd = $this->config->get_cfg_value("core","passwordHook");
+            $cmd = preg_replace("/%current_password/",escapeshellarg(get_post('current_password')), $cmd);
+            $cmd = preg_replace("/%new_password/",escapeshellarg(get_post('new_password')), $cmd);
+            $cmd = preg_replace("/%uid/",escapeshellarg($ui->username), $cmd);
+            $cmd = preg_replace("/%dn/",escapeshellarg($ui->dn), $cmd);
             if($check_hook){
-                exec($hook,$resarr);
+                exec($cmd,$resarr);
                 $check_hook_output = "";
                 if(count($resarr) > 0) {
                     $check_hook_output= join('\n', $resarr);