X-Git-Url: https://git.exim.org/buildfarm-server.git/blobdiff_plain/a59c49981887fdcc58a1c3b00ebfb1e9f80b9699..251195be66761203a58f20b889fe9247541c5d55:/cgi-bin/register.pl diff --git a/cgi-bin/register.pl b/cgi-bin/register.pl index 37290f8..1e3aba4 100755 --- a/cgi-bin/register.pl +++ b/cgi-bin/register.pl @@ -1,5 +1,13 @@ #!/usr/bin/perl +=comment + +Copyright (c) 2003-2010, Andrew Dunstan + +See accompanying License file for license details + +=cut + use strict; use DBI; use Template; @@ -7,7 +15,8 @@ use CGI; use Template; use Captcha::reCAPTCHA; -use vars qw($dbhost $dbname $dbuser $dbpass $dbport $notifyapp $captcha_pubkey $captcha_privkey $template_dir $default_host); +use vars qw($dbhost $dbname $dbuser $dbpass $dbport $notifyapp + $captcha_pubkey $captcha_privkey $template_dir $default_host); require "$ENV{BFConfDir}/BuildFarmWeb.pl"; @@ -21,8 +30,10 @@ my $query = new CGI; my $params = $query->Vars; -my ($os, $osv, $comp, $compv, $arch, $email, $owner, $challenge, $response ) = @{$params}{ - qw(os osv comp compv arch email owner recaptcha_challenge_field recaptcha_response_field)}; +my ($os, $osv, $comp, $compv, $arch, $email, $owner, $challenge, $response ) = + @{$params}{ + qw(os osv comp compv arch email owner recaptcha_challenge_field + recaptcha_response_field)}; my $captcha = Captcha::reCAPTCHA->new; my $captcha_ok = $captcha->check_answer @@ -33,17 +44,20 @@ my $captcha_ok = $captcha->check_answer ); -unless ($os && $osv && $comp && $compv && $arch && $email && $owner && $captcha_ok->{is_valid}) +unless ($os && $osv && $comp && $compv && $arch && $email && $owner && + $captcha_ok->{is_valid}) { print "Content-Type: text/html\n\n"; $template->process('register-incomplete.tt'); exit; } -# some idiot has a script that tries to talk to me -# this should catch and dispose of him -if ((grep {/rgergerger|\@pgbuildfarm\.org|Content-Type:|http:|mailto:|href=|None|Unknown/} $os,$osv,$comp,$compv,$arch,$email,$owner) - || ($email =~ /john.*\@aol.com/) ) +# these filters should catch and dispose of idiots, +# although I hope they are redundant now we're using captchas. + +if ((grep + {/\@pgbuildfarm\.org|Content-Type:|http:|mailto:|href=|None|Unknown/} + $os,$osv,$comp,$compv,$arch,$email,$owner)) { print "Status: 403 Forbidden - go away idiot\n", @@ -71,6 +85,12 @@ foreach (split "" ,"$os$osv$comp$compv$arch$owner") } # reject junk with too many transitions into/outof upper case + +=comment + +# disable this check now, probably redundant with captchas +# and we just got a false positive + if ($counttrans > 20) { print @@ -79,6 +99,7 @@ if ($counttrans > 20) exit; } +=cut my $secret = ""; @@ -127,13 +148,13 @@ my $me = `id -un`; chomp($me); my $host = `hostname`; chomp ($host); $host = $default_host unless ($host =~ m/[.]/ || !defined($default_host)); -my $from_addr = "PG Build Farm <$me\@$host>"; +my $from_addr = "Exim Build Farm <$me\@$host>"; $from_addr =~ tr /\r\n//d; $msg->set('From',$from_addr); $msg->to(@$notifyapp); -$msg->subject('New Buildfarm Application'); +$msg->subject('New BuildFarm Application'); my $fh = $msg->open; print $fh "\n\nName: $dummyname\n", "OS: $os: $osv\n",