Skip to content

Instantly share code, notes, and snippets.

@pauamma
Last active December 16, 2017 22:58
Show Gist options
  • Save pauamma/16977a9d0114d1a5e3a6f7417423f22a to your computer and use it in GitHub Desktop.
Save pauamma/16977a9d0114d1a5e3a6f7417423f22a to your computer and use it in GitHub Desktop.
#!/usr/bin/perl
#
# This code was forked from the LiveJournal project owned and operated
# by Live Journal, Inc. The code has been modified and expanded by
# Dreamwidth Studios, LLC. These files were originally licensed under
# the terms of the license supplied by Live Journal, Inc, which can
# currently be found at:
#
# http://code.livejournal.org/trac/livejournal/browser/trunk/LICENSE-LiveJournal.txt
#
# In accordance with the original license, this code and all its
# modifications are provided under the GNU General Public License.
# A copy of that license can be found in the LICENSE file included as
# part of this distribution.
use strict;
BEGIN {
require "$ENV{LJHOME}/cgi-bin/ljlib.pl";
}
my $dbh = LJ::get_dbh("master");
print "
This tool will create your $LJ::SITENAMESHORT 'system' account and
set its password. Or, if you already have a system user, it'll change
its password to whatever you specify.
";
print "Enter (non-empty) password for the 'system' account: ";
my $pass = <STDIN>;
chomp $pass;
while ($pass eq "") {
print "Password was empty, try again: ";
$pass = <STDIN>;
chomp $pass;
}
print "\n";
print "Creating system account...\n";
my $u = LJ::User->create( user => 'system',
name => 'System Account',
password => $pass );
unless ( $u ) {
print "Already exists.\nModifying 'system' account...\n";
my $id = LJ::get_userid("system");
$dbh->do("UPDATE password SET password=? WHERE userid=?",
undef, $pass, $id);
}
$u ||= LJ::load_user( "system" );
unless ( $u ) {
print "ERROR: can't find newly-created system account.\n";
exit 1;
}
print "Checking password for consistency using several methods...\n";
my $stored_password = $u->password;
if ( $stored_password ne $pass ) {
print "WARNING: inconsistency using ->password (expected=$pass, stored=$stored_password)\n";
}
use LJ::Auth;
my $chal = LJ::challenge_generate( );
my %cc_opts = ( dont_check_count => 1 ); # Make challenge_check idempotent
print "WARNING: challenge_check returned 0 on fresh challenge (with valid=$cc_opts{valid} expired=$cc_opts{expired})\n"
unless LJ::challenge_check( $chal, \%cc_opts );
my $banned = 2; # So we can see whether it was set at all
my %ccl_opts = (); # Let challenge_check not be idempotent this time
print "WARNING: challenge_check_login returned 0 (with banned=$banned valid=$ccl_opts{valid} expired=$ccl_opts{expired} count=$ccl_opts{count})\n"
unless LJ::challenge_check_login( $u, $chal, Digest::MD5::md5_hex( $chal . Digest::MD5::md5_hex( $pass ) ), \$banned, \%ccl_opts );
print "Giving 'system' account 'admin' priv on all areas...\n";
if ( $u->has_priv( "admin", "*" ) ) {
print "Already has it.\n";
} else {
my $sth = $dbh->prepare("INSERT INTO priv_map (userid, prlid, arg) ".
"SELECT $u->{'userid'}, prlid, '*' ".
"FROM priv_list WHERE privcode='admin'");
$sth->execute;
if ($dbh->err || $sth->rows == 0) {
print "Couldn't grant system account admin privs\n";
exit 1;
}
}
print "Done.\n\n";
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment