head	1.2;
access;
symbols
	TIGRIS_1_1_0RC2:1.1
	TIGRIS_1_1_0RC1:1.1
	TIGRIS_1_1:1.1.0.4
	TIGRIS_1_0_8:1.1
	TIGRIS_1_0_8RC3:1.1
	TIGRIS_1_0_8RC2:1.1
	TIGRIS_1_0_8RC1:1.1
	TIGRIS_1_0_7:1.1
	TIGRIS_1_0_7RC3:1.1
	TIGRIS_1_0_7RC2:1.1
	TIGRIS_1_0_7RC1:1.1
	TIGRIS_1_0_6:1.1
	TIGRIS_1_0_6RC5:1.1
	TIGRIS_1_0_6RC4:1.1
	TIGRIS_1_0_6RC3:1.1
	TIGRIS_1_0_6RC2:1.1
	TIGRIS_1_0_6RC1:1.1
	TIGRIS_1_0_5:1.1
	TIGRIS_1_0_5RC6:1.1
	TIGRIS_1_0_5RC5:1.1
	TIGRIS_1_0_5RC4:1.1
	TIGRIS_1_0_5RC3:1.1
	TIGRIS_1_0_5RC2:1.1
	TIGRIS_1_0_5RC1:1.1
	TIGRIS_1_0_4:1.1
	TIGRIS_1_0_3:1.1
	TIGRIS_1_0_2:1.1
	TIGRIS_1_0_1:1.1
	TIGRIS_1_0:1.1.0.6
	TIGRIS_1_0_0:1.1
	TIGRIS_1_0_0_RC1:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2001.04.17.23.59.29;	author edk;	state Exp;
branches;
next	1.1;

1.1
date	2001.01.30.21.36.14;	author edk;	state Exp;
branches;
next	;


desc
@@


1.2
log
@update for new schema : this script is used to check for passwords which
are default or otherwise problematic (ie. the same as the login name).
@
text
@#!/usr/bin/perl

use Getopt::Long;

main();

sub main {
    my $options = getOptions();
    my $list = getList();
    $main::dbh = getDatabaseConnection();
    checkList($main::dbh, $list);
    checkAll($main::dbh);
}


sub getList {
    return {
        'q' => 'a',
        'root' => 'changeme',
    };
}

# we check these through checkAll (since their passwords are the same as
# their LOGIN_NAME):
#       'testcontdev', 'testdev', 'testdomadmin', 'testhostadmin', 
#       'testobserver', 'testowner', 'testreguser'
        

sub checkList {
    my ($dbh, $list) = @@_;

    my $sql = "SELECT LOGIN_NAME from HELM_USER where ";
    my $first = 1;
    while (my ($id,$pass) = each %$list) {
        $sql .= " or " unless $first;
        $first = 0;

        $sql .= " (LOGIN_NAME = '$id' and password = password('$pass')) ";
    }

    my $select  = $dbh->prepare($sql);
    my $ret  = $select->execute();
    warn "error checking list" if not $ret;

    while (my $userRecord = $select->fetchrow_hashref) {
        my $LOGIN_NAME = $userRecord->{'LOGIN_NAME'};
        print "LOGIN_NAME $LOGIN_NAME has the default password!\n";
    }
}

sub checkAll {
    my ($dbh) = @@_;
    my $sql = "SELECT LOGIN_NAME from HELM_USER where password = password(LOGIN_NAME)";
    my $select = $dbh->prepare($sql);
    my $ret = $select->execute();
    warn "error checking all" if not $ret;
    while (my $userRecord = $select->fetchrow_hashref) {
        my $LOGIN_NAME = $userRecord->{'LOGIN_NAME'};
        print "LOGIN_NAME $LOGIN_NAME has the same password as username!\n";
    }
}


use DBI;  
END { $main::dbh->disconnect if $main::dbh }

sub getDatabaseConnection {
    my $db_base = 'mysql';
    my $db_name = $ENV{DATABASE_NAME};
    my $db_host = $ENV{DATABASE_HOST};
    my $db_port = $ENV{DATABASE_PORT};
    my $db_user = $ENV{DATABASE_USER};
    my $db_pass = $ENV{DATABASE_PASSWORD};
    my $connectstring = "dbi:$db_base:$db_name:host=$db_host:port=$db_port";
    my $dbh = DBI->connect($connectstring, $db_user, $db_pass)
        or die "Can't connect to the table '$connectstring'.\n";
    return $dbh;
}

sub getOptions {
    my %options;
    if (!GetOptions(\%options, "help") 
            or $options{help}) {
        showUsage();
    }
    return \%options;
}

sub showUsage {
    my ($message) = @@_;
    print <<EOM;
Usage: check_passwords
EOM
    exit;
}

@


1.1
log
@switch from using tokens to using the environment
@
text
@d24 1
a24 1
# their logins):
d32 1
a32 1
    my $sql = "SELECT loginID from User where ";
d38 1
a38 1
        $sql .= " (loginID = '$id' and password = password('$pass')) ";
d46 2
a47 2
        my $loginID = $userRecord->{'loginID'};
        print "login $loginID has the default password!\n";
d53 1
a53 1
    my $sql = "SELECT loginID from User where password = password(loginID)";
d58 2
a59 2
        my $loginID = $userRecord->{'loginID'};
        print "login $loginID has the same password as username!\n";
@

