-#!/usr/bin/perl -wT
-use v5.14;
+#!/usr/bin/perl -T
+use 5.014000;
use strict;
+use warnings;
+
+our $VERSION = 0.002001;
use Apache2::Authen::Passphrase qw/pwset USER_REGEX/;
use IO::Prompter [qw/-e* -stdio/];
-die "Usage: aap-passwd [rootdir] username\n" unless $#ARGV >= 0 && $#ARGV <= 1;
-($Apache2::Authen::Passphrase::rootdir) = (shift =~ /(.*)/) if $#ARGV == 1;
+die "Usage: aap-passwd [rootdir] username\n" if @ARGV == 0 || @ARGV > 1;
+($Apache2::Authen::Passphrase::rootdir) = (shift =~ /(.*)/s) if $#ARGV == 1;
my $username = shift;
-die "Invalid username" unless $username =~ USER_REGEX;
-($username) = ($username =~ /(.*)/);
+die "Invalid username\n" unless $username =~ USER_REGEX;
+($username) = ($username =~ /(.*)/s);
my $passwd = prompt 'Enter new Apache2::Authen::Passphrase password: ';
my $confirm = prompt 'Retype new Apache2::Authen::Passphrase password: ';
die "Sorry, passwords do not match\n" unless $passwd eq $confirm;
pwset $username, $passwd;
-say "Password updated successfully";
+say 'Password updated successfully'; ## no critic (RequireCheckedSyscalls)
__END__
=cut
-
package Apache2::Authen::Passphrase;
-our $VERSION = 0.002001;
-
use 5.014000;
use strict;
use warnings;
use parent qw/Exporter/;
use subs qw/OK HTTP_UNAUTHORIZED/;
-use constant +{
- USER_REGEX => qr/^\w{2,20}$/pa,
- PASSPHRASE_VERSION => 1,
- INVALID_USER => "invalid-user\n",
- BAD_PASSWORD => "bad-password\n",
-};
+our $VERSION = 0.002001;
+
+use constant USER_REGEX => qr/^\w{2,20}$/pas;
+use constant PASSPHRASE_VERSION => 1;
+use constant INVALID_USER => "invalid-user\n";
+use constant BAD_PASSWORD => "bad-password\n";
use if $ENV{MOD_PERL}, 'Apache2::RequestRec';
use if $ENV{MOD_PERL}, 'Apache2::Access';
##################################################
-our $rootdir //= $ENV{AAP_ROOTDIR};
+our $rootdir;
+$rootdir //= $ENV{AAP_ROOTDIR};
sub pwhash{
my ($pass)=@_;
sub pwcheck{
my ($user, $pass)=@_;
- die INVALID_USER unless $user =~ USER_REGEX;
+ die INVALID_USER unless $user =~ USER_REGEX; ## no critic (RequireCarping)
$user=${^MATCH};# Make taint shut up
my $conf=LoadFile "$rootdir/$user.yml";
+ ## no critic (RequireCarping)
die BAD_PASSWORD unless keys $conf;# Empty hash means no such user
die BAD_PASSWORD unless Authen::Passphrase->from_rfc2307($conf->{passphrase})->match($pass);
+ ## use critic
pwset $user, $pass if $conf->{passphrase_version} < PASSPHRASE_VERSION
}