diff options
Diffstat (limited to 'source3/web')
| -rw-r--r-- | source3/web/.cvsignore | 0 | ||||
| -rw-r--r-- | source3/web/cgi.c | 665 | ||||
| -rw-r--r-- | source3/web/diagnose.c | 66 | ||||
| -rw-r--r-- | source3/web/neg_lang.c | 66 | ||||
| -rw-r--r-- | source3/web/startstop.c | 104 | ||||
| -rw-r--r-- | source3/web/statuspage.c | 373 | ||||
| -rw-r--r-- | source3/web/swat.c | 1119 |
7 files changed, 2393 insertions, 0 deletions
diff --git a/source3/web/.cvsignore b/source3/web/.cvsignore new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/source3/web/.cvsignore diff --git a/source3/web/cgi.c b/source3/web/cgi.c new file mode 100644 index 0000000000..e785ce92d8 --- /dev/null +++ b/source3/web/cgi.c @@ -0,0 +1,665 @@ +/* + some simple CGI helper routines + Copyright (C) Andrew Tridgell 1997-1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + + +#include "includes.h" +#include "smb.h" + +#define MAX_VARIABLES 10000 + +/* set the expiry on fixed pages */ +#define EXPIRY_TIME (60*60*24*7) + +#ifdef DEBUG_COMMENTS +extern void print_title(char *fmt, ...); +#endif + +struct var { + char *name; + char *value; +}; + +static struct var variables[MAX_VARIABLES]; +static int num_variables; +static int content_length; +static int request_post; +static char *query_string; +static char *baseurl; +static char *pathinfo; +static char *C_user; +static BOOL inetd_server; +static BOOL got_request; + +static void unescape(char *buf) +{ + char *p=buf; + + while ((p=strchr_m(p,'+'))) + *p = ' '; + + p = buf; + + while (p && *p && (p=strchr_m(p,'%'))) { + int c1 = p[1]; + int c2 = p[2]; + + if (c1 >= '0' && c1 <= '9') + c1 = c1 - '0'; + else if (c1 >= 'A' && c1 <= 'F') + c1 = 10 + c1 - 'A'; + else if (c1 >= 'a' && c1 <= 'f') + c1 = 10 + c1 - 'a'; + else {p++; continue;} + + if (c2 >= '0' && c2 <= '9') + c2 = c2 - '0'; + else if (c2 >= 'A' && c2 <= 'F') + c2 = 10 + c2 - 'A'; + else if (c2 >= 'a' && c2 <= 'f') + c2 = 10 + c2 - 'a'; + else {p++; continue;} + + *p = (c1<<4) | c2; + + memcpy(p+1, p+3, strlen(p+3)+1); + p++; + } +} + + +static char *grab_line(FILE *f, int *cl) +{ + char *ret = NULL; + int i = 0; + int len = 0; + + while ((*cl)) { + int c; + + if (i == len) { + char *ret2; + if (len == 0) len = 1024; + else len *= 2; + ret2 = (char *)Realloc(ret, len); + if (!ret2) return ret; + ret = ret2; + } + + c = fgetc(f); + (*cl)--; + + if (c == EOF) { + (*cl) = 0; + break; + } + + if (c == '\r') continue; + + if (strchr_m("\n&", c)) break; + + ret[i++] = c; + + } + + + ret[i] = 0; + return ret; +} + +/*************************************************************************** + load all the variables passed to the CGI program. May have multiple variables + with the same name and the same or different values. Takes a file parameter + for simulating CGI invocation eg loading saved preferences. + ***************************************************************************/ +void cgi_load_variables(void) +{ + static char *line; + char *p, *s, *tok; + int len, i; + FILE *f = stdin; + +#ifdef DEBUG_COMMENTS + char dummy[100]=""; + print_title(dummy); + d_printf("<!== Start dump in cgi_load_variables() %s ==>\n",__FILE__); +#endif + + if (!content_length) { + p = getenv("CONTENT_LENGTH"); + len = p?atoi(p):0; + } else { + len = content_length; + } + + + if (len > 0 && + (request_post || + ((s=getenv("REQUEST_METHOD")) && + strcasecmp(s,"POST")==0))) { + while (len && (line=grab_line(f, &len))) { + p = strchr_m(line,'='); + if (!p) continue; + + *p = 0; + + variables[num_variables].name = strdup(line); + variables[num_variables].value = strdup(p+1); + + SAFE_FREE(line); + + if (!variables[num_variables].name || + !variables[num_variables].value) + continue; + + unescape(variables[num_variables].value); + unescape(variables[num_variables].name); + +#ifdef DEBUG_COMMENTS + printf("<!== POST var %s has value \"%s\" ==>\n", + variables[num_variables].name, + variables[num_variables].value); +#endif + + num_variables++; + if (num_variables == MAX_VARIABLES) break; + } + } + + fclose(stdin); + open("/dev/null", O_RDWR); + + if ((s=query_string) || (s=getenv("QUERY_STRING"))) { + for (tok=strtok(s,"&;");tok;tok=strtok(NULL,"&;")) { + p = strchr_m(tok,'='); + if (!p) continue; + + *p = 0; + + variables[num_variables].name = strdup(tok); + variables[num_variables].value = strdup(p+1); + + if (!variables[num_variables].name || + !variables[num_variables].value) + continue; + + unescape(variables[num_variables].value); + unescape(variables[num_variables].name); + +#ifdef DEBUG_COMMENTS + printf("<!== Commandline var %s has value \"%s\" ==>\n", + variables[num_variables].name, + variables[num_variables].value); +#endif + num_variables++; + if (num_variables == MAX_VARIABLES) break; + } + + } +#ifdef DEBUG_COMMENTS + printf("<!== End dump in cgi_load_variables() ==>\n"); +#endif + + /* variables from the client are in display charset - convert them + to our internal charset before use */ + for (i=0;i<num_variables;i++) { + pstring dest; + + convert_string(CH_DISPLAY, CH_UNIX, + variables[i].name, -1, + dest, sizeof(dest)); + free(variables[i].name); + variables[i].name = strdup(dest); + + convert_string(CH_DISPLAY, CH_UNIX, + variables[i].value, -1, + dest, sizeof(dest)); + free(variables[i].value); + variables[i].value = strdup(dest); + } +} + + +/*************************************************************************** + find a variable passed via CGI + Doesn't quite do what you think in the case of POST text variables, because + if they exist they might have a value of "" or even " ", depending on the + browser. Also doesn't allow for variables[] containing multiple variables + with the same name and the same or different values. + ***************************************************************************/ +char *cgi_variable(char *name) +{ + int i; + + for (i=0;i<num_variables;i++) + if (strcmp(variables[i].name, name) == 0) + return variables[i].value; + return NULL; +} + +/*************************************************************************** +tell a browser about a fatal error in the http processing + ***************************************************************************/ +static void cgi_setup_error(char *err, char *header, char *info) +{ + if (!got_request) { + /* damn browsers don't like getting cut off before they give a request */ + char line[1024]; + while (fgets(line, sizeof(line)-1, stdin)) { + if (strncasecmp(line,"GET ", 4)==0 || + strncasecmp(line,"POST ", 5)==0 || + strncasecmp(line,"PUT ", 4)==0) { + break; + } + } + } + + d_printf("HTTP/1.0 %s\r\n%sConnection: close\r\nContent-Type: text/html\r\n\r\n<HTML><HEAD><TITLE>%s</TITLE></HEAD><BODY><H1>%s</H1>%s<p></BODY></HTML>\r\n\r\n", err, header, err, err, info); + fclose(stdin); + fclose(stdout); + exit(0); +} + + +/*************************************************************************** +tell a browser about a fatal authentication error + ***************************************************************************/ +static void cgi_auth_error(void) +{ + if (inetd_server) { + cgi_setup_error("401 Authorization Required", + "WWW-Authenticate: Basic realm=\"SWAT\"\r\n", + "You must be authenticated to use this service"); + } else { + printf("Content-Type: text/html\r\n"); + + printf("\r\n<HTML><HEAD><TITLE>SWAT</TITLE></HEAD>\n"); + printf("<BODY><H1>Installation Error</H1>\n"); + printf("SWAT must be installed via inetd. It cannot be run as a CGI script<p>\n"); + printf("</BODY></HTML>\r\n"); + } + exit(0); +} + +/*************************************************************************** +authenticate when we are running as a CGI + ***************************************************************************/ +static void cgi_web_auth(void) +{ + char *user = getenv("REMOTE_USER"); + struct passwd *pwd; + char *head = "Content-Type: text/html\r\n\r\n<HTML><BODY><H1>SWAT installation Error</H1>\n"; + char *tail = "</BODY></HTML>\r\n"; + + if (!user) { + printf("%sREMOTE_USER not set. Not authenticated by web server.<br>%s\n", + head, tail); + exit(0); + } + + pwd = getpwnam_alloc(user); + if (!pwd) { + printf("%sCannot find user %s<br>%s\n", head, user, tail); + exit(0); + } + + setuid(0); + setuid(pwd->pw_uid); + if (geteuid() != pwd->pw_uid || getuid() != pwd->pw_uid) { + printf("%sFailed to become user %s - uid=%d/%d<br>%s\n", + head, user, (int)geteuid(), (int)getuid(), tail); + exit(0); + } + passwd_free(&pwd); +} + +/*************************************************************************** +decode a base64 string in-place - simple and slow algorithm + ***************************************************************************/ +static void base64_decode(char *s) +{ + char *b64 = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; + int bit_offset, byte_offset, idx, i, n; + unsigned char *d = (unsigned char *)s; + char *p; + + n=i=0; + + while (*s && (p=strchr_m(b64,*s))) { + idx = (int)(p - b64); + byte_offset = (i*6)/8; + bit_offset = (i*6)%8; + d[byte_offset] &= ~((1<<(8-bit_offset))-1); + if (bit_offset < 3) { + d[byte_offset] |= (idx << (2-bit_offset)); + n = byte_offset+1; + } else { + d[byte_offset] |= (idx >> (bit_offset-2)); + d[byte_offset+1] = 0; + d[byte_offset+1] |= (idx << (8-(bit_offset-2))) & 0xFF; + n = byte_offset+2; + } + s++; i++; + } + /* null terminate */ + d[n] = 0; +} + +/*************************************************************************** +handle a http authentication line + ***************************************************************************/ +static BOOL cgi_handle_authorization(char *line) +{ + char *p, *user, *user_pass; + struct passwd *pass = NULL; + + if (strncasecmp(line,"Basic ", 6)) { + goto err; + } + line += 6; + while (line[0] == ' ') line++; + base64_decode(line); + if (!(p=strchr_m(line,':'))) { + /* + * Always give the same error so a cracker + * cannot tell why we fail. + */ + goto err; + } + *p = 0; + user = line; + user_pass = p+1; + + /* + * Try and get the user from the UNIX password file. + */ + + pass = getpwnam_alloc(user); + + /* + * Validate the password they have given. + */ + + if NT_STATUS_IS_OK(pass_check(pass, user, user_pass, + strlen(user_pass), NULL, False)) { + + if (pass) { + /* + * Password was ok. + */ + + become_user_permanently(pass->pw_uid, pass->pw_gid); + + /* Save the users name */ + C_user = strdup(user); + passwd_free(&pass); + return True; + } + } + +err: + cgi_setup_error("401 Bad Authorization", "", + "username or password incorrect"); + + passwd_free(&pass); + return False; +} + +/*************************************************************************** +is this root? + ***************************************************************************/ +BOOL am_root(void) +{ + if (geteuid() == 0) { + return( True); + } else { + return( False); + } +} + +/*************************************************************************** +return a ptr to the users name + ***************************************************************************/ +char *cgi_user_name(void) +{ + return(C_user); +} + + +/*************************************************************************** +handle a file download + ***************************************************************************/ +static void cgi_download(char *file) +{ + SMB_STRUCT_STAT st; + char buf[1024]; + int fd, l, i; + char *p; + char *lang; + + /* sanitise the filename */ + for (i=0;file[i];i++) { + if (!isalnum((int)file[i]) && !strchr_m("/.-_", file[i])) { + cgi_setup_error("404 File Not Found","", + "Illegal character in filename"); + } + } + + if (!file_exist(file, &st)) { + cgi_setup_error("404 File Not Found","", + "The requested file was not found"); + } + + fd = web_open(file,O_RDONLY,0); + if (fd == -1) { + cgi_setup_error("404 File Not Found","", + "The requested file was not found"); + } + printf("HTTP/1.0 200 OK\r\n"); + if ((p=strrchr_m(file,'.'))) { + if (strcmp(p,".gif")==0) { + printf("Content-Type: image/gif\r\n"); + } else if (strcmp(p,".jpg")==0) { + printf("Content-Type: image/jpeg\r\n"); + } else if (strcmp(p,".txt")==0) { + printf("Content-Type: text/plain\r\n"); + } else { + printf("Content-Type: text/html\r\n"); + } + } + printf("Expires: %s\r\n", http_timestring(time(NULL)+EXPIRY_TIME)); + + lang = lang_tdb_current(); + if (lang) { + printf("Content-Language: %s\r\n", lang); + } + + printf("Content-Length: %d\r\n\r\n", (int)st.st_size); + while ((l=read(fd,buf,sizeof(buf)))>0) { + fwrite(buf, 1, l, stdout); + } + close(fd); + exit(0); +} + + + + +/** + * @brief Setup the CGI framework. + * + * Setup the cgi framework, handling the possibility that this program + * is either run as a true CGI program with a gateway to a web server, or + * is itself a mini web server. + **/ +void cgi_setup(const char *rootdir, int auth_required) +{ + BOOL authenticated = False; + char line[1024]; + char *url=NULL; + char *p; + char *lang; + + if (chdir(rootdir)) { + cgi_setup_error("400 Server Error", "", + "chdir failed - the server is not configured correctly"); + } + + /* Handle the possability we might be running as non-root */ + sec_init(); + + if ((lang=getenv("HTTP_ACCEPT_LANGUAGE"))) { + /* if running as a cgi program */ + web_set_lang(lang); + } + + /* maybe we are running under a web server */ + if (getenv("CONTENT_LENGTH") || getenv("REQUEST_METHOD")) { + if (auth_required) { + cgi_web_auth(); + } + return; + } + + inetd_server = True; + + if (!check_access(1, lp_hostsallow(-1), lp_hostsdeny(-1))) { + cgi_setup_error("400 Server Error", "", + "Samba is configured to deny access from this client\n<br>Check your \"hosts allow\" and \"hosts deny\" options in smb.conf "); + } + + /* we are a mini-web server. We need to read the request from stdin + and handle authentication etc */ + while (fgets(line, sizeof(line)-1, stdin)) { + if (line[0] == '\r' || line[0] == '\n') break; + if (strncasecmp(line,"GET ", 4)==0) { + got_request = True; + url = strdup(&line[4]); + } else if (strncasecmp(line,"POST ", 5)==0) { + got_request = True; + request_post = 1; + url = strdup(&line[5]); + } else if (strncasecmp(line,"PUT ", 4)==0) { + got_request = True; + cgi_setup_error("400 Bad Request", "", + "This server does not accept PUT requests"); + } else if (strncasecmp(line,"Authorization: ", 15)==0) { + authenticated = cgi_handle_authorization(&line[15]); + } else if (strncasecmp(line,"Content-Length: ", 16)==0) { + content_length = atoi(&line[16]); + } else if (strncasecmp(line,"Accept-Language: ", 17)==0) { + web_set_lang(&line[17]); + } + /* ignore all other requests! */ + } + + if (auth_required && !authenticated) { + cgi_auth_error(); + } + + if (!url) { + cgi_setup_error("400 Bad Request", "", + "You must specify a GET or POST request"); + } + + /* trim the URL */ + if ((p = strchr_m(url,' ')) || (p=strchr_m(url,'\t'))) { + *p = 0; + } + while (*url && strchr_m("\r\n",url[strlen(url)-1])) { + url[strlen(url)-1] = 0; + } + + /* anything following a ? in the URL is part of the query string */ + if ((p=strchr_m(url,'?'))) { + query_string = p+1; + *p = 0; + } + + string_sub(url, "/swat/", "", 0); + + if (url[0] != '/' && strstr(url,"..")==0 && file_exist(url, NULL)) { + cgi_download(url); + } + + printf("HTTP/1.0 200 OK\r\nConnection: close\r\n"); + printf("Date: %s\r\n", http_timestring(time(NULL))); + baseurl = ""; + pathinfo = url+1; +} + + +/*************************************************************************** +return the current pages URL + ***************************************************************************/ +char *cgi_baseurl(void) +{ + if (inetd_server) { + return baseurl; + } + return getenv("SCRIPT_NAME"); +} + +/*************************************************************************** +return the current pages path info + ***************************************************************************/ +char *cgi_pathinfo(void) +{ + char *r; + if (inetd_server) { + return pathinfo; + } + r = getenv("PATH_INFO"); + if (!r) return ""; + if (*r == '/') r++; + return r; +} + +/*************************************************************************** +return the hostname of the client + ***************************************************************************/ +char *cgi_remote_host(void) +{ + if (inetd_server) { + return get_socket_name(1); + } + return getenv("REMOTE_HOST"); +} + +/*************************************************************************** +return the hostname of the client + ***************************************************************************/ +char *cgi_remote_addr(void) +{ + if (inetd_server) { + return get_socket_addr(1); + } + return getenv("REMOTE_ADDR"); +} + + +/*************************************************************************** +return True if the request was a POST + ***************************************************************************/ +BOOL cgi_waspost(void) +{ + if (inetd_server) { + return request_post; + } + return strequal(getenv("REQUEST_METHOD"), "POST"); +} diff --git a/source3/web/diagnose.c b/source3/web/diagnose.c new file mode 100644 index 0000000000..73c23ea2bb --- /dev/null +++ b/source3/web/diagnose.c @@ -0,0 +1,66 @@ +/* + Unix SMB/CIFS implementation. + diagnosis tools for web admin + Copyright (C) Andrew Tridgell 1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" +#include "smb.h" + + +/* check to see if nmbd is running on localhost by looking for a __SAMBA__ + response */ +BOOL nmbd_running(void) +{ + extern struct in_addr loopback_ip; + int fd, count; + struct in_addr *ip_list; + + if ((fd = open_socket_in(SOCK_DGRAM, 0, 3, + interpret_addr("127.0.0.1"), True)) != -1) { + if ((ip_list = name_query(fd, "__SAMBA__", 0, + True, True, loopback_ip, + &count)) != NULL) { + SAFE_FREE(ip_list); + close(fd); + return True; + } + close (fd); + } + + return False; +} + + +/* check to see if smbd is running on localhost by trying to open a connection + then closing it */ +BOOL smbd_running(void) +{ + static struct cli_state cli; + extern struct in_addr loopback_ip; + + if (!cli_initialise(&cli)) + return False; + + if (!cli_connect(&cli, "localhost", &loopback_ip)) { + cli_shutdown(&cli); + return False; + } + + cli_shutdown(&cli); + return True; +} diff --git a/source3/web/neg_lang.c b/source3/web/neg_lang.c new file mode 100644 index 0000000000..fc115bfd61 --- /dev/null +++ b/source3/web/neg_lang.c @@ -0,0 +1,66 @@ +/* + Unix SMB/CIFS implementation. + SWAT language handling + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + + Created by Ryo Kawahara <rkawa@lbe.co.jp> +*/ + +#include "includes.h" + +/* + during a file download we first check to see if there is a language + specific file available. If there is then use that, otherwise + just open the specified file +*/ +int web_open(const char *fname, int flags, mode_t mode) +{ + char *p = NULL; + char *lang = lang_tdb_current(); + int fd; + if (lang) { + asprintf(&p, "lang/%s/%s", lang, fname); + if (p) { + fd = sys_open(p, flags, mode); + free(p); + if (fd != -1) { + return fd; + } + } + } + + /* fall through to default name */ + return sys_open(fname, flags, mode); +} + + +/* + choose from a list of languages. The list can be comma or space + separated + Keep choosing until we get a hit +*/ +void web_set_lang(const char *lang_list) +{ + fstring lang; + char *p = (char *)lang_list; + + while (next_token(&p, lang, ", \t\r\n", sizeof(lang))) { + if (lang_tdb_init(lang)) return; + } + + /* it's not an error to not initialise - we just fall back to + the default */ +} diff --git a/source3/web/startstop.c b/source3/web/startstop.c new file mode 100644 index 0000000000..c56320c962 --- /dev/null +++ b/source3/web/startstop.c @@ -0,0 +1,104 @@ +/* + Unix SMB/CIFS implementation. + start/stop nmbd and smbd + Copyright (C) Andrew Tridgell 1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" +#include "smb.h" +#include "dynconfig.h" + +/** Need to wait for daemons to startup */ +#define SLEEP_TIME 3 + +/** Startup smbd from web interface. */ +void start_smbd(void) +{ + pstring binfile; + + if (geteuid() != 0) return; + + if (fork()) { + sleep(SLEEP_TIME); + return; + } + + slprintf(binfile, sizeof(pstring) - 1, "%s/smbd", dyn_SBINDIR); + + become_daemon(); + + execl(binfile, binfile, "-D", NULL); + + exit(0); +} + +/* startup nmbd */ +void start_nmbd(void) +{ + pstring binfile; + + if (geteuid() != 0) return; + + if (fork()) { + sleep(SLEEP_TIME); + return; + } + + slprintf(binfile, sizeof(pstring) - 1, "%s/nmbd", dyn_SBINDIR); + + become_daemon(); + + execl(binfile, binfile, "-D", NULL); + + exit(0); +} + + +/* stop smbd */ +void stop_smbd(void) +{ + pid_t pid = pidfile_pid("smbd"); + + if (geteuid() != 0) return; + + if (pid <= 0) return; + + kill(pid, SIGTERM); +} + +/* stop nmbd */ +void stop_nmbd(void) +{ + pid_t pid = pidfile_pid("nmbd"); + + if (geteuid() != 0) return; + + if (pid <= 0) return; + + kill(pid, SIGTERM); +} + +/* kill a specified process */ +void kill_pid(pid_t pid) +{ + if (geteuid() != 0) return; + + if (pid <= 0) return; + + kill(pid, SIGTERM); + sleep(SLEEP_TIME); +} diff --git a/source3/web/statuspage.c b/source3/web/statuspage.c new file mode 100644 index 0000000000..62158a5f32 --- /dev/null +++ b/source3/web/statuspage.c @@ -0,0 +1,373 @@ +/* + Unix SMB/CIFS implementation. + web status page + Copyright (C) Andrew Tridgell 1997-1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#define PIDMAP struct PidMap + +PIDMAP { + PIDMAP *next, *prev; + pid_t pid; + char *machine; +}; + +static PIDMAP *pidmap; +static int PID_or_Machine; /* 0 = show PID, else show Machine name */ + +static pid_t smbd_pid; + +/* from 2nd call on, remove old list */ +static void initPid2Machine (void) +{ + /* show machine name rather PID on table "Open Files"? */ + if (PID_or_Machine) { + PIDMAP *p; + + for (p = pidmap; p != NULL; ) { + DLIST_REMOVE(pidmap, p); + SAFE_FREE(p->machine); + SAFE_FREE(p); + } + + pidmap = NULL; + } +} + +/* add new PID <-> Machine name mapping */ +static void addPid2Machine (pid_t pid, char *machine) +{ + /* show machine name rather PID on table "Open Files"? */ + if (PID_or_Machine) { + PIDMAP *newmap; + + if ((newmap = (PIDMAP *) malloc (sizeof (PIDMAP))) == NULL) { + /* XXX need error message for this? + if malloc fails, PID is always shown */ + return; + } + + newmap->pid = pid; + newmap->machine = strdup (machine); + + DLIST_ADD(pidmap, newmap); + } +} + +/* lookup PID <-> Machine name mapping */ +static char *mapPid2Machine (pid_t pid) +{ + static char pidbuf [64]; + PIDMAP *map; + + /* show machine name rather PID on table "Open Files"? */ + if (PID_or_Machine) { + for (map = pidmap; map != NULL; map = map->next) { + if (pid == map->pid) { + if (map->machine == NULL) /* no machine name */ + break; /* show PID */ + + return map->machine; + } + } + } + + /* PID not in list or machine name NULL? return pid as string */ + snprintf (pidbuf, sizeof (pidbuf) - 1, "%d", pid); + return pidbuf; +} + +static char *tstring(time_t t) +{ + static pstring buf; + pstrcpy(buf, asctime(LocalTime(&t))); + all_string_sub(buf," "," ",sizeof(buf)); + return buf; +} + +static void print_share_mode(share_mode_entry *e, char *fname) +{ + d_printf("<tr><td>%s</td>",_(mapPid2Machine(e->pid))); + d_printf("<td>"); + switch ((e->share_mode>>4)&0xF) { + case DENY_NONE: d_printf("DENY_NONE"); break; + case DENY_ALL: d_printf("DENY_ALL "); break; + case DENY_DOS: d_printf("DENY_DOS "); break; + case DENY_READ: d_printf("DENY_READ "); break; + case DENY_WRITE:d_printf("DENY_WRITE "); break; + } + d_printf("</td>"); + + d_printf("<td>"); + switch (e->share_mode&0xF) { + case 0: d_printf("RDONLY "); break; + case 1: d_printf("WRONLY "); break; + case 2: d_printf("RDWR "); break; + } + d_printf("</td>"); + + d_printf("<td>"); + if((e->op_type & + (EXCLUSIVE_OPLOCK|BATCH_OPLOCK)) == + (EXCLUSIVE_OPLOCK|BATCH_OPLOCK)) + d_printf("EXCLUSIVE+BATCH "); + else if (e->op_type & EXCLUSIVE_OPLOCK) + d_printf("EXCLUSIVE "); + else if (e->op_type & BATCH_OPLOCK) + d_printf("BATCH "); + else if (e->op_type & LEVEL_II_OPLOCK) + d_printf("LEVEL_II "); + else + d_printf("NONE "); + d_printf("</td>"); + + d_printf("<td>%s</td><td>%s</td></tr>\n", + fname,tstring(e->time.tv_sec)); +} + + +/* kill off any connections chosen by the user */ +static int traverse_fn1(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, void* state) +{ + struct connections_data crec; + + if (dbuf.dsize != sizeof(crec)) + return 0; + + memcpy(&crec, dbuf.dptr, sizeof(crec)); + + if (crec.cnum == -1 && process_exists(crec.pid)) { + char buf[30]; + slprintf(buf,sizeof(buf)-1,"kill_%d", (int)crec.pid); + if (cgi_variable(buf)) { + kill_pid(crec.pid); + } + } + return 0; +} + +/* traversal fn for showing machine connections */ +static int traverse_fn2(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, void* state) +{ + struct connections_data crec; + + if (dbuf.dsize != sizeof(crec)) + return 0; + + memcpy(&crec, dbuf.dptr, sizeof(crec)); + + if (crec.cnum != -1 || !process_exists(crec.pid) || (crec.pid == smbd_pid)) + return 0; + + addPid2Machine (crec.pid, crec.machine); + + d_printf("<tr><td>%d</td><td>%s</td><td>%s</td><td>%s</td>\n", + (int)crec.pid, + crec.machine,crec.addr, + tstring(crec.start)); + if (geteuid() == 0) { + d_printf("<td><input type=submit value=\"X\" name=\"kill_%d\"></td>\n", + (int)crec.pid); + } + d_printf("</tr>\n"); + + return 0; +} + +/* traversal fn for showing share connections */ +static int traverse_fn3(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, void* state) +{ + struct connections_data crec; + + if (dbuf.dsize != sizeof(crec)) + return 0; + + memcpy(&crec, dbuf.dptr, sizeof(crec)); + + if (crec.cnum == -1 || !process_exists(crec.pid)) + return 0; + + d_printf("<tr><td>%s</td><td>%s</td><td>%s</td><td>%d</td><td>%s</td><td>%s</td></tr>\n", + crec.name,uidtoname(crec.uid), + gidtoname(crec.gid),(int)crec.pid, + crec.machine, + tstring(crec.start)); + return 0; +} + + +/* show the current server status */ +void status_page(void) +{ + char *v; + int autorefresh=0; + int refresh_interval=30; + TDB_CONTEXT *tdb; + + smbd_pid = pidfile_pid("smbd"); + + if (cgi_variable("smbd_restart")) { + stop_smbd(); + start_smbd(); + } + + if (cgi_variable("smbd_start")) { + start_smbd(); + } + + if (cgi_variable("smbd_stop")) { + stop_smbd(); + } + + if (cgi_variable("nmbd_restart")) { + stop_nmbd(); + start_nmbd(); + } + if (cgi_variable("nmbd_start")) { + start_nmbd(); + } + + if (cgi_variable("nmbd_stop")) { + stop_nmbd(); + } + + if (cgi_variable("autorefresh")) { + autorefresh = 1; + } else if (cgi_variable("norefresh")) { + autorefresh = 0; + } else if (cgi_variable("refresh")) { + autorefresh = 1; + } + + if ((v=cgi_variable("refresh_interval"))) { + refresh_interval = atoi(v); + } + + if (cgi_variable("show_client_in_col_1")) { + PID_or_Machine = 1; + } + + tdb = tdb_open_log(lock_path("connections.tdb"), 0, TDB_DEFAULT, O_RDONLY, 0); + if (tdb) tdb_traverse(tdb, traverse_fn1, NULL); + + initPid2Machine (); + + d_printf("<H2>%s</H2>\n", _("Server Status")); + + d_printf("<FORM method=post>\n"); + + if (!autorefresh) { + d_printf("<input type=submit value=\"%s\" name=autorefresh>\n", _("Auto Refresh")); + d_printf("<br>%s", _("Refresh Interval: ")); + d_printf("<input type=text size=2 name=\"refresh_interval\" value=%d>\n", + refresh_interval); + } else { + d_printf("<input type=submit value=\"%s\" name=norefresh>\n", _("Stop Refreshing")); + d_printf("<br>%s%d\n", _("Refresh Interval: "), refresh_interval); + d_printf("<input type=hidden name=refresh value=1>\n"); + } + + d_printf("<p>\n"); + + if (!tdb) { + /* open failure either means no connections have been + made */ + } + + + d_printf("<table>\n"); + + d_printf("<tr><td>%s</td><td>%s</td></tr>", _("version:"), VERSION); + + fflush(stdout); + d_printf("<tr><td>%s</td><td>%s</td>\n", _("smbd:"), smbd_running()?_("running"):_("not running")); + if (geteuid() == 0) { + if (smbd_running()) { + d_printf("<td><input type=submit name=\"smbd_stop\" value=\"%s\"></td>\n", _("Stop smbd")); + } else { + d_printf("<td><input type=submit name=\"smbd_start\" value=\"%s\"></td>\n", _("Start smbd")); + } + d_printf("<td><input type=submit name=\"smbd_restart\" value=\"%s\"></td>\n", _("Restart smbd")); + } + d_printf("</tr>\n"); + + fflush(stdout); + d_printf("<tr><td>%s</td><td>%s</td>\n", _("nmbd:"), nmbd_running()?_("running"):_("not running")); + if (geteuid() == 0) { + if (nmbd_running()) { + d_printf("<td><input type=submit name=\"nmbd_stop\" value=\"%s\"></td>\n", _("Stop nmbd")); + } else { + d_printf("<td><input type=submit name=\"nmbd_start\" value=\"%s\"></td>\n", _("Start nmbd")); + } + d_printf("<td><input type=submit name=\"nmbd_restart\" value=\"%s\"></td>\n", _("Restart nmbd")); + } + d_printf("</tr>\n"); + + d_printf("</table>\n"); + fflush(stdout); + + d_printf("<p><h3>%s</h3>\n", _("Active Connections")); + d_printf("<table border=1>\n"); + d_printf("<tr><th>%s</th><th>%s</th><th>%s</th><th>%s</th>\n", _("PID"), _("Client"), _("IP address"), _("Date")); + if (geteuid() == 0) { + d_printf("<th>%s</th>\n", _("Kill")); + } + d_printf("</tr>\n"); + + if (tdb) tdb_traverse(tdb, traverse_fn2, NULL); + + d_printf("</table><p>\n"); + + d_printf("<p><h3>%s</h3>\n", _("Active Shares")); + d_printf("<table border=1>\n"); + d_printf("<tr><th>%s</th><th>%s</th><th>%s</th><th>%s</th><th>%s</th><th>%s</th></tr>\n\n", + _("Share"), _("User"), _("Group"), _("PID"), _("Client"), _("Date")); + + if (tdb) tdb_traverse(tdb, traverse_fn3, NULL); + + d_printf("</table><p>\n"); + + d_printf("<h3>%s</h3>\n", _("Open Files")); + d_printf("<table border=1>\n"); + d_printf("<tr><th>%s</th><th>%s</th><th>%s</th><th>%s</th><th>%s</th><th>%s</th></tr>\n", _("PID"), _("Sharing"), _("R/W"), _("Oplock"), _("File"), _("Date")); + + locking_init(1); + share_mode_forall(print_share_mode); + locking_end(); + d_printf("</table>\n"); + + if (tdb) tdb_close(tdb); + + d_printf("<br><input type=submit name=\"show_client_in_col_1\" value=\"Show Client in col 1\">\n"); + d_printf("<input type=submit name=\"show_pid_in_col_1\" value=\"Show PID in col 1\">\n"); + + d_printf("</FORM>\n"); + + if (autorefresh) { + /* this little JavaScript allows for automatic refresh + of the page. There are other methods but this seems + to be the best alternative */ + d_printf("<script language=\"JavaScript\">\n"); + d_printf("<!--\nsetTimeout('window.location.replace(\"%s/status?refresh_interval=%d&refresh=1\")', %d)\n", + cgi_baseurl(), + refresh_interval, + refresh_interval*1000); + d_printf("//-->\n</script>\n"); + } +} diff --git a/source3/web/swat.c b/source3/web/swat.c new file mode 100644 index 0000000000..955cbb0748 --- /dev/null +++ b/source3/web/swat.c @@ -0,0 +1,1119 @@ +/* + Unix SMB/CIFS implementation. + Samba Web Administration Tool + Copyright (C) Andrew Tridgell 1997-1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +/** + * @group swat SWAT + * @{ + * @file swat.c + * + * @brief Samba Web Administration Tool. + **/ + +#include "includes.h" + +#define GLOBALS_SNUM -1 + +static BOOL demo_mode = False; +static BOOL have_write_access = False; +static BOOL have_read_access = False; +static int iNumNonAutoPrintServices = 0; + +/* + * Password Management Globals + */ +#define SWAT_USER "username" +#define OLD_PSWD "old_passwd" +#define NEW_PSWD "new_passwd" +#define NEW2_PSWD "new2_passwd" +#define CHG_S_PASSWD_FLAG "chg_s_passwd_flag" +#define CHG_R_PASSWD_FLAG "chg_r_passwd_flag" +#define ADD_USER_FLAG "add_user_flag" +#define DELETE_USER_FLAG "delete_user_flag" +#define DISABLE_USER_FLAG "disable_user_flag" +#define ENABLE_USER_FLAG "enable_user_flag" +#define RHOST "remote_host" + +/* we need these because we link to locking*.o */ + void become_root(void) {} + void unbecome_root(void) {} + +/**************************************************************************** +****************************************************************************/ +static int enum_index(int value, struct enum_list *enumlist) +{ + int i; + for (i=0;enumlist[i].name;i++) + if (value == enumlist[i].value) break; + return(i); +} + +static char *fix_backslash(char *str) +{ + static char newstring[1024]; + char *p = newstring; + + while (*str) { + if (*str == '\\') {*p++ = '\\';*p++ = '\\';} + else *p++ = *str; + ++str; + } + *p = '\0'; + return newstring; +} + +static char *stripspace(char *str) +{ +static char newstring[1024]; +char *p = newstring; + + while (*str) { + if (*str != ' ') *p++ = *str; + ++str; + } + *p = '\0'; + return newstring; +} + +static char *make_parm_name(char *label) +{ + static char parmname[1024]; + char *p = parmname; + + while (*label) { + if (*label == ' ') *p++ = '_'; + else *p++ = *label; + ++label; + } + *p = '\0'; + return parmname; +} + +/**************************************************************************** + include a lump of html in a page +****************************************************************************/ +static int include_html(char *fname) +{ + int fd; + char buf[1024]; + int ret; + + fd = web_open(fname, O_RDONLY, 0); + + if (fd == -1) { + d_printf("ERROR: Can't open %s\n", fname); + return 0; + } + + while ((ret = read(fd, buf, sizeof(buf))) > 0) { + write(1, buf, ret); + } + + close(fd); + return 1; +} + +/**************************************************************************** + start the page with standard stuff +****************************************************************************/ +static void print_header(void) +{ + if (!cgi_waspost()) { + d_printf("Expires: 0\r\n"); + } + d_printf("Content-type: text/html\r\n\r\n"); + + if (!include_html("include/header.html")) { + d_printf("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2//EN\">\n"); + d_printf("<HTML>\n<HEAD>\n<TITLE>Samba Web Administration Tool</TITLE>\n</HEAD>\n<BODY background=\"/swat/images/background.jpg\">\n\n"); + } +} + +/* ******************************************************************* + show parameter label with translated name in the following form + because showing original and translated label in one line looks + too long, and showing translated label only is unusable for + heavy users. + ------------------------------- + HELP security [combo box][button] + SECURITY + ------------------------------- + (capital words are translated by gettext.) + if no translation is available, then same form as original is + used. + "i18n_translated_parm" class is used to change the color of the + translated parameter with CSS. + **************************************************************** */ +static const char* get_parm_translated( + const char* pAnchor, const char* pHelp, const char* pLabel) +{ + const char* pTranslated = _(pLabel); + static pstring output; + if(strcmp(pLabel, pTranslated) != 0) + { + snprintf(output, sizeof(output), + "<A HREF=\"/swat/help/smb.conf.5.html#%s\" target=\"docs\"> %s</A> %s <br><span class=\"i18n_translated_parm\">%s</span>", + pAnchor, pHelp, pLabel, pTranslated); + return output; + } + snprintf(output, sizeof(output), + "<A HREF=\"/swat/help/smb.conf.5.html#%s\" target=\"docs\"> %s</A> %s", + pAnchor, pHelp, pLabel); + return output; +} +/**************************************************************************** + finish off the page +****************************************************************************/ +static void print_footer(void) +{ + if (!include_html("include/footer.html")) { + d_printf("\n</BODY>\n</HTML>\n"); + } +} + +/**************************************************************************** + display one editable parameter in a form +****************************************************************************/ +static void show_parameter(int snum, struct parm_struct *parm) +{ + int i; + void *ptr = parm->ptr; + + if (parm->class == P_LOCAL && snum >= 0) { + ptr = lp_local_ptr(snum, ptr); + } + + printf("<tr><td>%s</td><td>", get_parm_translated(stripspace(parm->label), _("Help"), parm->label)); + switch (parm->type) { + case P_CHAR: + d_printf("<input type=text size=2 name=\"parm_%s\" value=\"%c\">", + make_parm_name(parm->label), *(char *)ptr); + d_printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%c\'\">", + _("Set Default"), make_parm_name(parm->label),(char)(parm->def.cvalue)); + break; + + case P_LIST: + d_printf("<input type=text size=40 name=\"parm_%s\" value=\"", + make_parm_name(parm->label)); + if ((char ***)ptr && *(char ***)ptr && **(char ***)ptr) { + char **list = *(char ***)ptr; + for (;*list;list++) { + d_printf("%s%s", *list, ((*(list+1))?" ":"")); + } + } + d_printf("\">"); + d_printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'", + _("Set Default"), make_parm_name(parm->label)); + if (parm->def.lvalue) { + char **list = (char **)(parm->def.lvalue); + for (; *list; list++) { + d_printf("%s%s", *list, ((*(list+1))?" ":"")); + } + } + d_printf("\'\">"); + break; + + case P_STRING: + case P_USTRING: + d_printf("<input type=text size=40 name=\"parm_%s\" value=\"%s\">", + make_parm_name(parm->label), *(char **)ptr); + d_printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">", + _("Set Default"), make_parm_name(parm->label),fix_backslash((char *)(parm->def.svalue))); + break; + + case P_GSTRING: + case P_UGSTRING: + d_printf("<input type=text size=40 name=\"parm_%s\" value=\"%s\">", + make_parm_name(parm->label), (char *)ptr); + d_printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">", + _("Set Default"), make_parm_name(parm->label),fix_backslash((char *)(parm->def.svalue))); + break; + + case P_BOOL: + d_printf("<select name=\"parm_%s\">",make_parm_name(parm->label)); + d_printf("<option %s>Yes", (*(BOOL *)ptr)?"selected":""); + d_printf("<option %s>No", (*(BOOL *)ptr)?"":"selected"); + d_printf("</select>"); + d_printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.selectedIndex=\'%d\'\">", + _("Set Default"), make_parm_name(parm->label),(BOOL)(parm->def.bvalue)?0:1); + break; + + case P_BOOLREV: + d_printf("<select name=\"parm_%s\">",make_parm_name(parm->label)); + d_printf("<option %s>Yes", (*(BOOL *)ptr)?"":"selected"); + d_printf("<option %s>No", (*(BOOL *)ptr)?"selected":""); + d_printf("</select>"); + d_printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.selectedIndex=\'%d\'\">", + _("Set Default"), make_parm_name(parm->label),(BOOL)(parm->def.bvalue)?1:0); + break; + + case P_INTEGER: + d_printf("<input type=text size=8 name=\"parm_%s\" value=%d>", make_parm_name(parm->label), *(int *)ptr); + d_printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%d\'\">", + _("Set Default"), make_parm_name(parm->label),(int)(parm->def.ivalue)); + break; + + case P_OCTAL: + d_printf("<input type=text size=8 name=\"parm_%s\" value=%s>", make_parm_name(parm->label), octal_string(*(int *)ptr)); + d_printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">", + _("Set Default"), make_parm_name(parm->label), + octal_string((int)(parm->def.ivalue))); + break; + + case P_ENUM: + d_printf("<select name=\"parm_%s\">",make_parm_name(parm->label)); + for (i=0;parm->enum_list[i].name;i++) { + if (i == 0 || parm->enum_list[i].value != parm->enum_list[i-1].value) { + d_printf("<option %s>%s",(*(int *)ptr)==parm->enum_list[i].value?"selected":"",parm->enum_list[i].name); + } + } + d_printf("</select>"); + d_printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.selectedIndex=\'%d\'\">", + _("Set Default"), make_parm_name(parm->label),enum_index((int)(parm->def.ivalue),parm->enum_list)); + break; + case P_SEP: + break; + } + d_printf("</td></tr>\n"); +} + +/**************************************************************************** + display a set of parameters for a service +****************************************************************************/ +static void show_parameters(int snum, int allparameters, int advanced, int printers) +{ + int i = 0; + struct parm_struct *parm; + char *heading = NULL; + char *last_heading = NULL; + + while ((parm = lp_next_parameter(snum, &i, allparameters))) { + if (snum < 0 && parm->class == P_LOCAL && !(parm->flags & FLAG_GLOBAL)) + continue; + if (parm->class == P_SEPARATOR) { + heading = parm->label; + continue; + } + if (parm->flags & FLAG_HIDE) continue; + if (snum >= 0) { + if (printers & !(parm->flags & FLAG_PRINT)) continue; + if (!printers & !(parm->flags & FLAG_SHARE)) continue; + } + if (!advanced) { + if (!(parm->flags & FLAG_BASIC)) { + void *ptr = parm->ptr; + + if (parm->class == P_LOCAL && snum >= 0) { + ptr = lp_local_ptr(snum, ptr); + } + + switch (parm->type) { + case P_CHAR: + if (*(char *)ptr == (char)(parm->def.cvalue)) continue; + break; + + case P_LIST: + if (!lp_list_compare(*(char ***)ptr, (char **)(parm->def.lvalue))) continue; + break; + + case P_STRING: + case P_USTRING: + if (!strcmp(*(char **)ptr,(char *)(parm->def.svalue))) continue; + break; + + case P_GSTRING: + case P_UGSTRING: + if (!strcmp((char *)ptr,(char *)(parm->def.svalue))) continue; + break; + + case P_BOOL: + case P_BOOLREV: + if (*(BOOL *)ptr == (BOOL)(parm->def.bvalue)) continue; + break; + + case P_INTEGER: + case P_OCTAL: + if (*(int *)ptr == (int)(parm->def.ivalue)) continue; + break; + + + case P_ENUM: + if (*(int *)ptr == (int)(parm->def.ivalue)) continue; + break; + case P_SEP: + continue; + } + } + if (printers && !(parm->flags & FLAG_PRINT)) continue; + } + if (heading && heading != last_heading) { + d_printf("<tr><td></td></tr><tr><td><b><u>%s</u></b></td></tr>\n", _(heading)); + last_heading = heading; + } + show_parameter(snum, parm); + } +} + +/**************************************************************************** + load the smb.conf file into loadparm. +****************************************************************************/ +static BOOL load_config(BOOL save_def) +{ + lp_resetnumservices(); + return lp_load(dyn_CONFIGFILE,False,save_def,False); +} + +/**************************************************************************** + write a config file +****************************************************************************/ +static void write_config(FILE *f, BOOL show_defaults) +{ + fprintf(f, "# Samba config file created using SWAT\n"); + fprintf(f, "# from %s (%s)\n", cgi_remote_host(), cgi_remote_addr()); + fprintf(f, "# Date: %s\n\n", timestring(False)); + + lp_dump(f, show_defaults, iNumNonAutoPrintServices); +} + +/**************************************************************************** + save and reoad the smb.conf config file +****************************************************************************/ +static int save_reload(int snum) +{ + FILE *f; + struct stat st; + + f = sys_fopen(dyn_CONFIGFILE,"w"); + if (!f) { + d_printf("failed to open %s for writing\n", dyn_CONFIGFILE); + return 0; + } + + /* just in case they have used the buggy xinetd to create the file */ + if (fstat(fileno(f), &st) == 0 && + (st.st_mode & S_IWOTH)) { + fchmod(fileno(f), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH); + } + + write_config(f, False); + if (snum) + lp_dump_one(f, False, snum); + fclose(f); + + lp_killunused(NULL); + + if (!load_config(False)) { + d_printf("Can't reload %s\n", dyn_CONFIGFILE); + return 0; + } + iNumNonAutoPrintServices = lp_numservices(); + load_printers(); + + return 1; +} + +/**************************************************************************** + commit one parameter +****************************************************************************/ +static void commit_parameter(int snum, struct parm_struct *parm, char *v) +{ + int i; + char *s; + + if (snum < 0 && parm->class == P_LOCAL) { + /* this handles the case where we are changing a local + variable globally. We need to change the parameter in + all shares where it is currently set to the default */ + for (i=0;i<lp_numservices();i++) { + s = lp_servicename(i); + if (s && (*s) && lp_is_default(i, parm)) { + lp_do_parameter(i, parm->label, v); + } + } + } + + lp_do_parameter(snum, parm->label, v); +} + +/**************************************************************************** + commit a set of parameters for a service +****************************************************************************/ +static void commit_parameters(int snum) +{ + int i = 0; + struct parm_struct *parm; + pstring label; + char *v; + + while ((parm = lp_next_parameter(snum, &i, 1))) { + slprintf(label, sizeof(label)-1, "parm_%s", make_parm_name(parm->label)); + if ((v = cgi_variable(label))) { + if (parm->flags & FLAG_HIDE) continue; + commit_parameter(snum, parm, v); + } + } +} + +/**************************************************************************** + spit out the html for a link with an image +****************************************************************************/ +static void image_link(const char *name, const char *hlink, const char *src) +{ + d_printf("<A HREF=\"%s/%s\"><img border=\"0\" src=\"/swat/%s\" alt=\"%s\"></A>\n", + cgi_baseurl(), hlink, src, name); +} + +/**************************************************************************** + display the main navigation controls at the top of each page along + with a title +****************************************************************************/ +static void show_main_buttons(void) +{ + char *p; + + if ((p = cgi_user_name()) && strcmp(p, "root")) { + d_printf(_("Logged in as <b>%s</b><p>\n"), p); + } + + image_link(_("Home"), "", "images/home.gif"); + if (have_write_access) { + image_link(_("Globals"), "globals", "images/globals.gif"); + image_link(_("Shares"), "shares", "images/shares.gif"); + image_link(_("Printers"), "printers", "images/printers.gif"); + } + if (have_read_access) { + image_link(_("Status"), "status", "images/status.gif"); + image_link(_("View Config"), "viewconfig", "images/viewconfig.gif"); + } + image_link(_("Password Management"), "passwd", "images/passwd.gif"); + + d_printf("<HR>\n"); +} + +/**************************************************************************** + display a welcome page +****************************************************************************/ +static void welcome_page(void) +{ + include_html("help/welcome.html"); +} + +/**************************************************************************** + display the current smb.conf +****************************************************************************/ +static void viewconfig_page(void) +{ + int full_view=0; + + if (cgi_variable("full_view")) { + full_view = 1; + } + + d_printf("<H2>%s</H2>\n", _("Current Config")); + d_printf("<form method=post>\n"); + + if (full_view) { + d_printf("<input type=submit name=\"normal_view\" value=\"%s\">\n", _("Normal View")); + } else { + d_printf("<input type=submit name=\"full_view\" value=\"%s\">\n", _("Full View")); + } + + d_printf("<p><pre>"); + write_config(stdout, full_view); + d_printf("</pre>"); + d_printf("</form>\n"); +} + +/**************************************************************************** + display a globals editing page +****************************************************************************/ +static void globals_page(void) +{ + int advanced = 0; + + d_printf("<H2>%s</H2>\n", _("Global Variables")); + + if (cgi_variable("Advanced") && !cgi_variable("Basic")) + advanced = 1; + + if (cgi_variable("Commit")) { + commit_parameters(GLOBALS_SNUM); + save_reload(0); + } + + d_printf("<FORM name=\"swatform\" method=post>\n"); + + if (have_write_access) { + d_printf("<input type=submit name=\"Commit\" value=\"%s\">\n", + _("Commit Changes")); + } + + d_printf("<input type=reset name=\"Reset Values\" value=\"%s\">\n", + _("Reset Values")); + if (advanced == 0) { + d_printf("<input type=submit name=\"Advanced\" value=\"%s\">\n", _("Advanced View")); + } else { + d_printf("<input type=submit name=\"Basic\" value=\"%s\">\n", _("Basic View")); + } + d_printf("<p>\n"); + + d_printf("<table>\n"); + show_parameters(GLOBALS_SNUM, 1, advanced, 0); + d_printf("</table>\n"); + + if (advanced) { + d_printf("<input type=hidden name=\"Advanced\" value=1>\n"); + } + + d_printf("</FORM>\n"); +} + +/**************************************************************************** + display a shares editing page. share is in unix codepage, and must be in + dos codepage. FIXME !!! JRA. +****************************************************************************/ +static void shares_page(void) +{ + char *share = cgi_variable("share"); + char *s; + int snum = -1; + int i; + int advanced = 0; + + if (share) + snum = lp_servicenumber(share); + + d_printf("<H2>%s</H2>\n", _("Share Parameters")); + + if (cgi_variable("Advanced") && !cgi_variable("Basic")) + advanced = 1; + + if (cgi_variable("Commit") && snum >= 0) { + commit_parameters(snum); + save_reload(0); + } + + if (cgi_variable("Delete") && snum >= 0) { + lp_remove_service(snum); + save_reload(0); + share = NULL; + snum = -1; + } + + if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) { + load_config(False); + lp_copy_service(GLOBALS_SNUM, share); + iNumNonAutoPrintServices = lp_numservices(); + save_reload(0); + snum = lp_servicenumber(share); + } + + d_printf("<FORM name=\"swatform\" method=post>\n"); + + d_printf("<table>\n"); + d_printf("<tr>\n"); + d_printf("<td><input type=submit name=selectshare value=\"%s\"></td>\n", _("Choose Share")); + d_printf("<td><select name=share>\n"); + if (snum < 0) + d_printf("<option value=\" \"> \n"); + for (i=0;i<lp_numservices();i++) { + s = lp_servicename(i); + if (s && (*s) && strcmp(s,"IPC$") && !lp_print_ok(i)) { + d_printf("<option %s value=\"%s\">%s\n", + (share && strcmp(share,s)==0)?"SELECTED":"", + s, s); + } + } + d_printf("</select></td>\n"); + if (have_write_access) { + d_printf("<td><input type=submit name=\"Delete\" value=\"%s\"></td>\n", _("Delete Share")); + } + d_printf("</tr>\n"); + d_printf("</table>"); + d_printf("<table>"); + if (have_write_access) { + d_printf("<tr>\n"); + d_printf("<td><input type=submit name=createshare value=\"%s\"></td>\n", _("Create Share")); + d_printf("<td><input type=text size=30 name=newshare></td></tr>\n"); + } + d_printf("</table>"); + + + if (snum >= 0) { + if (have_write_access) { + d_printf("<input type=submit name=\"Commit\" value=\"%s\">\n", _("Commit Changes")); + } + + d_printf("<input type=reset name=\"Reset Values\" value=\"%s\">\n", _("Reset Values")); + if (advanced == 0) { + d_printf("<input type=submit name=\"Advanced\" value=\"%s\">\n", _("Advanced View")); + } else { + d_printf("<input type=submit name=\"Basic\" value=\"%s\">\n", _("Basic View")); + } + d_printf("<p>\n"); + } + + if (snum >= 0) { + d_printf("<table>\n"); + show_parameters(snum, 1, advanced, 0); + d_printf("</table>\n"); + } + + if (advanced) { + d_printf("<input type=hidden name=\"Advanced\" value=1>\n"); + } + + d_printf("</FORM>\n"); +} + +/************************************************************* +change a password either locally or remotely +*************************************************************/ +static BOOL change_password(const char *remote_machine, char *user_name, + char *old_passwd, char *new_passwd, + int local_flags) +{ + BOOL ret = False; + pstring err_str; + pstring msg_str; + + if (demo_mode) { + d_printf("%s<p>", _("password change in demo mode rejected\n")); + return False; + } + + if (remote_machine != NULL) { + ret = remote_password_change(remote_machine, user_name, old_passwd, + new_passwd, err_str, sizeof(err_str)); + if(*err_str) + d_printf("%s\n<p>", err_str); + return ret; + } + + if(!initialize_password_db(True)) { + d_printf("Can't setup password database vectors.\n<p>"); + return False; + } + + ret = local_password_change(user_name, local_flags, new_passwd, err_str, sizeof(err_str), + msg_str, sizeof(msg_str)); + + if(*msg_str) + d_printf("%s\n<p>", msg_str); + if(*err_str) + d_printf("%s\n<p>", err_str); + + return ret; +} + +/**************************************************************************** + do the stuff required to add or change a password +****************************************************************************/ +static void chg_passwd(void) +{ + char *host; + BOOL rslt; + int local_flags = 0; + + /* Make sure users name has been specified */ + if (strlen(cgi_variable(SWAT_USER)) == 0) { + d_printf("<p>%s", _(" Must specify \"User Name\" \n")); + return; + } + + /* + * smbpasswd doesn't require anything but the users name to delete, disable or enable the user, + * so if that's what we're doing, skip the rest of the checks + */ + if (!cgi_variable(DISABLE_USER_FLAG) && !cgi_variable(ENABLE_USER_FLAG) && !cgi_variable(DELETE_USER_FLAG)) { + + /* + * If current user is not root, make sure old password has been specified + * If REMOTE change, even root must provide old password + */ + if (((!am_root()) && (strlen( cgi_variable(OLD_PSWD)) <= 0)) || + ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable(OLD_PSWD)) <= 0))) { + d_printf("<p>%s", _(" Must specify \"Old Password\" \n")); + return; + } + + /* If changing a users password on a remote hosts we have to know what host */ + if ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable(RHOST)) <= 0)) { + d_printf("<p>%s", _(" Must specify \"Remote Machine\" \n")); + return; + } + + /* Make sure new passwords have been specified */ + if ((strlen( cgi_variable(NEW_PSWD)) <= 0) || + (strlen( cgi_variable(NEW2_PSWD)) <= 0)) { + d_printf("<p>%s", _(" Must specify \"New, and Re-typed Passwords\" \n")); + return; + } + + /* Make sure new passwords was typed correctly twice */ + if (strcmp(cgi_variable(NEW_PSWD), cgi_variable(NEW2_PSWD)) != 0) { + d_printf("<p>%s", _(" Re-typed password didn't match new password\n")); + return; + } + } + + if (cgi_variable(CHG_R_PASSWD_FLAG)) { + host = cgi_variable(RHOST); + } else if (am_root()) { + host = NULL; + } else { + host = "127.0.0.1"; + } + + /* + * Set up the local flags. + */ + + local_flags |= (cgi_variable(ADD_USER_FLAG) ? LOCAL_ADD_USER : 0); + local_flags |= (cgi_variable(DELETE_USER_FLAG) ? LOCAL_DELETE_USER : 0); + local_flags |= (cgi_variable(ENABLE_USER_FLAG) ? LOCAL_ENABLE_USER : 0); + local_flags |= (cgi_variable(DISABLE_USER_FLAG) ? LOCAL_DISABLE_USER : 0); + + rslt = change_password(host, + cgi_variable(SWAT_USER), + cgi_variable(OLD_PSWD), cgi_variable(NEW_PSWD), + local_flags); + + if(local_flags == 0) { + d_printf("<p>"); + if (rslt == True) { + d_printf(_(" The passwd for '%s' has been changed. \n"), cgi_variable(SWAT_USER)); + } else { + d_printf(_(" The passwd for '%s' has NOT been changed. \n"), cgi_variable(SWAT_USER)); + } + } + + return; +} + +/**************************************************************************** + display a password editing page +****************************************************************************/ +static void passwd_page(void) +{ + char *new_name = cgi_user_name(); + + /* + * After the first time through here be nice. If the user + * changed the User box text to another users name, remember it. + */ + if (cgi_variable(SWAT_USER)) { + new_name = cgi_variable(SWAT_USER); + } + + if (!new_name) new_name = ""; + + d_printf("<H2>%s</H2>\n", _("Server Password Management")); + + d_printf("<FORM name=\"swatform\" method=post>\n"); + + d_printf("<table>\n"); + + /* + * Create all the dialog boxes for data collection + */ + d_printf("<tr><td>%s</td>\n", _(" User Name : ")); + d_printf("<td><input type=text size=30 name=%s value=%s></td></tr> \n", SWAT_USER, new_name); + if (!am_root()) { + d_printf("<tr><td>%s</td>\n", _(" Old Password : ")); + d_printf("<td><input type=password size=30 name=%s></td></tr> \n",OLD_PSWD); + } + d_printf("<tr><td>%s</td>\n", _(" New Password : ")); + d_printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW_PSWD); + d_printf("<tr><td>%s</td>\n", _(" Re-type New Password : ")); + d_printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW2_PSWD); + d_printf("</table>\n"); + + /* + * Create all the control buttons for requesting action + */ + d_printf("<input type=submit name=%s value=\"%s\">\n", + CHG_S_PASSWD_FLAG, _("Change Password")); + if (demo_mode || am_root()) { + d_printf("<input type=submit name=%s value=\"%s\">\n", + ADD_USER_FLAG, _("Add New User")); + d_printf("<input type=submit name=%s value=\"%s\">\n", + DELETE_USER_FLAG, _("Delete User")); + d_printf("<input type=submit name=%s value=\"%s\">\n", + DISABLE_USER_FLAG, _("Disable User")); + d_printf("<input type=submit name=%s value=\"%s\">\n", + ENABLE_USER_FLAG, _("Enable User")); + } + d_printf("<p></FORM>\n"); + + /* + * Do some work if change, add, disable or enable was + * requested. It could be this is the first time through this + * code, so there isn't anything to do. */ + if ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) || + (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG))) { + chg_passwd(); + } + + d_printf("<H2>%s</H2>\n", _("Client/Server Password Management")); + + d_printf("<FORM name=\"swatform\" method=post>\n"); + + d_printf("<table>\n"); + + /* + * Create all the dialog boxes for data collection + */ + d_printf("<tr><td>%s</td>\n", _(" User Name : ")); + d_printf("<td><input type=text size=30 name=%s value=%s></td></tr>\n",SWAT_USER, new_name); + d_printf("<tr><td>%s</td>\n", _(" Old Password : ")); + d_printf("<td><input type=password size=30 name=%s></td></tr>\n",OLD_PSWD); + d_printf("<tr><td>%s</td>\n", _(" New Password : ")); + d_printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW_PSWD); + d_printf("<tr><td>%s</td>\n", _(" Re-type New Password : ")); + d_printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW2_PSWD); + d_printf("<tr><td>%s</td>\n", _(" Remote Machine : ")); + d_printf("<td><input type=text size=30 name=%s></td></tr>\n",RHOST); + + d_printf("</table>"); + + /* + * Create all the control buttons for requesting action + */ + d_printf("<input type=submit name=%s value=\"%s\">", + CHG_R_PASSWD_FLAG, _("Change Password")); + + d_printf("<p></FORM>\n"); + + /* + * Do some work if a request has been made to change the + * password somewhere other than the server. It could be this + * is the first time through this code, so there isn't + * anything to do. */ + if (cgi_variable(CHG_R_PASSWD_FLAG)) { + chg_passwd(); + } + +} + +/**************************************************************************** + display a printers editing page +****************************************************************************/ +static void printers_page(void) +{ + char *share = cgi_variable("share"); + char *s; + int snum=-1; + int i; + int advanced = 0; + + if (share) + snum = lp_servicenumber(share); + + d_printf("<H2>%s</H2>\n", _("Printer Parameters")); + + d_printf("<H3>%s</H3>\n", _("Important Note:")); + d_printf(_("Printer names marked with [*] in the Choose Printer drop-down box ")); + d_printf(_("are autoloaded printers from ")); + d_printf("<A HREF=\"/swat/help/smb.conf.5.html#printcapname\" target=\"docs\">%s</A>\n", _("Printcap Name")); + d_printf(_("Attempting to delete these printers from SWAT will have no effect.\n")); + + if (cgi_variable("Advanced") && !cgi_variable("Basic")) + advanced = 1; + + if (cgi_variable("Commit") && snum >= 0) { + commit_parameters(snum); + if (snum >= iNumNonAutoPrintServices) + save_reload(snum); + else + save_reload(0); + } + + if (cgi_variable("Delete") && snum >= 0) { + lp_remove_service(snum); + save_reload(0); + share = NULL; + snum = -1; + } + + if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) { + load_config(False); + lp_copy_service(GLOBALS_SNUM, share); + iNumNonAutoPrintServices = lp_numservices(); + snum = lp_servicenumber(share); + lp_do_parameter(snum, "print ok", "Yes"); + save_reload(0); + snum = lp_servicenumber(share); + } + + d_printf("<FORM name=\"swatform\" method=post>\n"); + + d_printf("<table>\n"); + d_printf("<tr><td><input type=submit name=selectshare value=\"%s\"></td>\n", _("Choose Printer")); + d_printf("<td><select name=share>\n"); + if (snum < 0 || !lp_print_ok(snum)) + d_printf("<option value=\" \"> \n"); + for (i=0;i<lp_numservices();i++) { + s = lp_servicename(i); + if (s && (*s) && strcmp(s,"IPC$") && lp_print_ok(i)) { + if (i >= iNumNonAutoPrintServices) + d_printf("<option %s value=\"%s\">[*]%s\n", + (share && strcmp(share,s)==0)?"SELECTED":"", + s, s); + else + d_printf("<option %s value=\"%s\">%s\n", + (share && strcmp(share,s)==0)?"SELECTED":"", + s, s); + } + } + d_printf("</select></td>"); + if (have_write_access) { + d_printf("<td><input type=submit name=\"Delete\" value=\"%s\"></td>\n", _("Delete Printer")); + } + d_printf("</tr>"); + d_printf("</table>\n"); + + if (have_write_access) { + d_printf("<table>\n"); + d_printf("<tr><td><input type=submit name=createshare value=\"%s\"></td>\n", _("Create Printer")); + d_printf("<td><input type=text size=30 name=newshare></td></tr>\n"); + d_printf("</table>"); + } + + + if (snum >= 0) { + if (have_write_access) { + d_printf("<input type=submit name=\"Commit\" value=\"%s\">\n", _("Commit Changes")); + } + d_printf("<input type=reset name=\"Reset Values\" value=\"%s\">\n", _("Reset Values")); + if (advanced == 0) { + d_printf("<input type=submit name=\"Advanced\" value=\"%s\">\n", _("Advanced View")); + } else { + d_printf("<input type=submit name=\"Basic\" value=\"%s\">\n", _("Basic View")); + } + d_printf("<p>\n"); + } + + if (snum >= 0) { + d_printf("<table>\n"); + show_parameters(snum, 1, advanced, 1); + d_printf("</table>\n"); + } + + if (advanced) { + d_printf("<input type=hidden name=\"Advanced\" value=1>\n"); + } + + d_printf("</FORM>\n"); +} + + +/** + * main function for SWAT. + **/ + int main(int argc, char *argv[]) +{ + extern char *optarg; + extern int optind; + int opt; + char *page; + + fault_setup(NULL); + umask(S_IWGRP | S_IWOTH); + +#if defined(HAVE_SET_AUTH_PARAMETERS) + set_auth_parameters(argc, argv); +#endif /* HAVE_SET_AUTH_PARAMETERS */ + + /* just in case it goes wild ... */ + alarm(300); + + setlinebuf(stdout); + + /* we don't want any SIGPIPE messages */ + BlockSignals(True,SIGPIPE); + + dbf = x_fopen("/dev/null", O_WRONLY, 0); + if (!dbf) dbf = x_stderr; + + /* we don't want stderr screwing us up */ + close(2); + open("/dev/null", O_WRONLY); + + while ((opt = getopt(argc, argv,"s:a")) != EOF) { + switch (opt) { + case 's': + pstrcpy(dyn_CONFIGFILE,optarg); + break; + case 'a': + demo_mode = True; + break; + } + } + + setup_logging(argv[0],False); + load_config(True); + iNumNonAutoPrintServices = lp_numservices(); + load_printers(); + + cgi_setup(dyn_SWATDIR, !demo_mode); + + print_header(); + + cgi_load_variables(); + + if (!file_exist(dyn_CONFIGFILE, NULL)) { + have_read_access = True; + have_write_access = True; + } else { + /* check if the authenticated user has write access - if not then + don't show write options */ + have_write_access = (access(dyn_CONFIGFILE,W_OK) == 0); + + /* if the user doesn't have read access to smb.conf then + don't let them view it */ + have_read_access = (access(dyn_CONFIGFILE,R_OK) == 0); + } + + show_main_buttons(); + + page = cgi_pathinfo(); + + /* Root gets full functionality */ + if (have_read_access && strcmp(page, "globals")==0) { + globals_page(); + } else if (have_read_access && strcmp(page,"shares")==0) { + shares_page(); + } else if (have_read_access && strcmp(page,"printers")==0) { + printers_page(); + } else if (have_read_access && strcmp(page,"status")==0) { + status_page(); + } else if (have_read_access && strcmp(page,"viewconfig")==0) { + viewconfig_page(); + } else if (strcmp(page,"passwd")==0) { + passwd_page(); + } else { + welcome_page(); + } + + print_footer(); + return 0; +} + +/** @} **/ |