summaryrefslogtreecommitdiff
path: root/source3/web/cgi.c
AgeCommit message (Collapse)AuthorFilesLines
2004-02-08(merge from 3.0)Andrew Bartlett1-1/+1
Make more functions static, and remove duplication in the use of functions in lib/smbpasswd.c that were exact duplicates of functions in passdb/passdb.c (These should perhaps be pulled back out to smbpasswd.c, but that can occour later). This also includes some >14 character password changes, and the start of a move away from using 'admin user' to determine if the user is root (as root can login without setting 'admin user'). Andrew Bartlett (This used to be commit be0704abb919152c359a735023283acbf9be3076)
2003-12-25(merge from 3.0)Andrew Bartlett1-0/+18
Fix bug 916 - do not perform a + -> space substitution for squid URL encoded strings, only form input in SWAT. Andrew Bartlett (This used to be commit 794ff4da03a3c5b6afa3ee4802f83f04571a5652)
2003-11-22debug and swat fixes from 3.0Gerald Carter1-1/+2
(This used to be commit 52c1973f39f4c4161097843fcf395e0102531575)
2003-11-07From 3_0:Volker Lendecke1-2/+2
Simple rename of get_socket_addr to get_peer_addr and get_socket_name to get_peer_name. This is to get closer to the getsockname/getpeername system functions. Next step will be the %i macro for the local IP address. I still want to play %L-games in times of port 445. Volker (This used to be commit 99311b437be050fd9ee656cd184f299993d20bfb)
2003-10-22Put strcasecmp/strncasecmp on the banned list (except for needed callsJeremy Allison1-11/+11
in iconv.c and nsswitch/). Using them means you're not thinking about multibyte at all and I really want to discourage that. Jeremy. (This used to be commit 5c050a735f86927c7ef2a98b6f3a56abe39e4674)
2003-10-21call initgroups before becomming the user; patch from Fabio CecchiGerald Carter1-0/+3
(This used to be commit e0db859a312207d961e3a581dfd15d9701bca16d)
2003-02-28Fix HTTP error codes (patch by Vance Lankhaar)Jelmer Vernooij1-3/+3
(This used to be commit 3780d127313ad9f4411751d34fd6e1d96b1422cf)
2003-02-19base64_decode() with heimdal libs, so I've renamed it base64_decode_inplace().Jim McDonough1-1/+1
(This used to be commit 8c69212eeb4a0ec144b960d76319fd4940b8c239)
2003-02-01Prompted by RedHat bugzilla bug #77999, convert the user's username andAndrew Bartlett1-4/+11
password from 'display' to 'unix' before we check them. Andrew Bartlett (This used to be commit 98a4ebf55cfce9da2c187d89a4f9c7b34e5f999e)
2003-01-16Updates to the NTLMSSP code again - moving the base64 decode fuctionality outAndrew Bartlett1-31/+0
of the SWAT code, and adding a base64 encoder. The main purpose of this patch is to add NTLMSSP support to 'ntlm_auth', for use with Squid. Unfortunetly the squid side doesn't quite support what we need yet. Changes to winbind to get us the info we need, and a couple of consequential changes/cleanups in the rest of the code. Andrew Bartlett (This used to be commit fe50ca8f54ded2e119bde08831785fbe0db2ee99)
2003-01-02BIG patch...Andrew Bartlett1-9/+9
This patch makes Samba compile cleanly with -Wwrite-strings. - That is, all string literals are marked as 'const'. These strings are always read only, this just marks them as such for passing to other functions. What is most supprising is that I didn't need to change more than a few lines of code (all in 'net', which got a small cleanup of net.h and extern variables). The rest is just adding a lot of 'const'. As far as I can tell, I have not added any new warnings - apart from making all of tdbutil.c's function const (so they warn for adding that const string to struct). Andrew Bartlett (This used to be commit 92a777d0eaa4fb3a1c7835816f93c6bdd456816d)
2002-12-04Remove FILE_MACRO as __FILE__ is ANSI C.Tim Potter1-1/+1
(This used to be commit 2a9d183cf6ae8333dc7d9d9445c17dce005c1d24)
2002-12-03use FILE_MACRO instead of __FILE__Herb Lewis1-1/+1
use FUNCTION_MACRO instead of __FUNCTION_ (This used to be commit 243763d6eb107ab2444d81025232c8fe795baaf1)
2002-11-24Add ntlm_auth, a new program to provide a stable interface to winbind'sAndrew Bartlett1-41/+4
authentication code. In particular, ntlm_auth is designed to replace the winbind authentication 'helpers' currently supplied by Squid. I have added support for the current plaintext password protocol used by Squid, and will add the real guts (NTLMSSP support) shortly. I'll merge this into 3.0 when I've got the interface more stable (error message format etc) and got the important NTLMSSP support added. Also move SWAT's URL decoding code into util_str.c, for use in both utilities. Andrew Bartlett (This used to be commit 82dbf838879e8a2d2d3f9dd5be6eda50b780b787)
2002-10-09Use memmove when copies can overlap. Spotted by SUGIOKA Toshinobu ↵Jeremy Allison1-1/+1
<sugioka@itonet.co.jp>. Jeremy. (This used to be commit 71768c488e9b498e8cc77a1cfce0fab873e36068)
2002-10-03Another patch from Steve Langasek <vorlon@netexpress.net>, again from theAndrew Bartlett1-1/+1
Debian patchset. The idea is to still allow DNS domains to be specified in 'hosts allow' and 'hosts deny' without making the admin set 'hostname lookups' in their smb.conf. His concern is about upgrades. This has been designed not to change the value of %M. Andrew Bartlett (This used to be commit f428ee98d83a55922c991b0eeddd47891b80d918)
2002-06-25Break up samba's object dependencies, and its prototype includes.Andrew Bartlett1-1/+1
Now smbclient, net, and swat use their own proto files - now the global proto.h The change to libads/kerberos.c was to break up the dependency on secrets.c - we want to be able to write an ADS client that doesn't need local secrets. I have other breakups in the works - I will remove the dependency of rpc_parse on passdb (and therefore secrets.c) shortly. (NOTE: This patch does *not* break up includes.h, or other such forbidden actions). Andrew Bartlett (This used to be commit edb41dad2df0ae3db364dbc3896cc75956262edf)
2002-01-21getpwnam -> getpwnam_allocAndrew Bartlett1-1/+2
(This used to be commit f8208458b3ac05743932d96e4d0a919adc0d9e55)
2002-01-17A nice *big* change to the fundemental way we do things.Andrew Bartlett1-1/+3
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps them around for a long time - often past the next call... This adds a getpwnam_alloc and a getpwuid_alloc to the collection. These function as expected, returning a malloced structure that can be free()ed with passwd_free(&passwd). This patch also cuts down on the number of calls to getpwnam - mostly by taking advantage of the fact that the passdb interface is already case-insensiteve. With this patch most of the recursive cases have been removed (that I know of) and the problems are reduced further by not using the sys_ interface in the new code. This means that pointers to the cache won't be affected. (This is a tempoary HACK, I intend to kill the password cache entirly). The only change I'm a little worried about is the change to rpc_server/srv_samr_nt.c for private groups. In this case we are getting groups from the new group mapping DB. Do we still need to check for private groups? I've toned down the check to a case sensitve match with the new code, but we might be able to kill it entirly. I've also added a make_modifyable_passwd() function, that copies a passwd struct into the form that the old sys_getpw* code provided. As far as I can tell this is only actually used in the pass_check.c crazies, where I moved the final 'special case' for shadow passwords (out of _Get_Pwnam()). The matching case for getpwent() is dealt with already, in lib/util_getent.c Also included in here is a small change to register the [homes] share at vuid creation rather than just in one varient of the session setup. (This picks up the SPNEGO cases). The home directory is now stored on the vuid, and I am hoping this might provide a saner way to do %H substitions. TODO: Kill off remaining Get_Pwnam_Modify calls (they are not needed), change the remaining sys_getpwnam() callers to use getpwnam_alloc() and move Get_Pwnam to return an allocated struct. Andrew Bartlett (This used to be commit 1d86c7f94230bc53daebd4d2cd829da6292e05da)
2001-11-19Fix const warning. Doxyfy comment.Martin Pool1-5/+8
(This used to be commit 91e07a7fdc47b2baf42fc06e77d1e1d883111668)
2001-10-14the next step in the intl changeover. This should get us compiling agian,Andrew Tridgell1-22/+17
and also completes the switch to lang_tdb.c. SWAT should now work with a po file in the lib/ directory also removed useless SYSLOG defines in many files (This used to be commit 5296b20ad85d7519c870768455cb4d8df048c55a)
2001-09-25Fixup passdb stuff to add new nisplus and ldap backends.Jeremy Allison1-0/+2
Jeremy. (This used to be commit 611bf806d569b70edabbc04a2f5408142370a550)
2001-09-24Added SWAT i18n feature:Motonobu Takahashi1-1/+19
TO enable configure with --with-i18n-swat to support this gettext is integrated and a new directories name "po" and "intl" are created. now these languages are supported: en - English (default) ja - Japanese po - Polish tr - Turkish To add your language, to create ${your_language}.po by translating source/po/en.po into your language is needed. some of html and image files of various language version are not included yet, though message catalogue files are installed. you need to copy files manually under ${swatdir}/lang/$ln/{help,images,included,using_samba} And also added a option to intall manual pages: of various lang version To enable configure with --with-manlangs but manual pages themself are not included yet. (This used to be commit 486b79a6fc4ba20a751aab544bd0f7ccff2b3d19)
2001-09-24fixed a silly off by 1 bugAndrew Tridgell1-2/+2
(This used to be commit e558ab6ac8930e3393291fe12289ad43175b8a1d)
2001-09-24fixed bug in POST var handlingAndrew Tridgell1-4/+2
(This used to be commit 73f10d3ef6de2dbcb23f93ef93eb9e7053ebf26b)
2001-09-24convert all POST variables from display to unix charsetAndrew Tridgell1-22/+28
(This used to be commit cd6478ad9890949d0ef34a7078ec5518debe4a3c)
2001-09-20Move pass_check.c over to NTSTATUS, allowing full NTSTATUS from PAM to wire!Andrew Bartlett1-8/+5
Add the ability for swat to run in non-root-mode (ie non-root from inetd). - we still need some of the am_root() calls fixed however. (This used to be commit 2c2317c56ee13abdbdbc866363c3b52dab826e3c)
2001-09-19Remove the ugly hacks to get around the Get_Pwnam() calls in pass_check.c byAndrew Bartlett1-47/+24
simply not doing Get_Pwnam() calls in pass_check.c We now make *one* sys_getpnam() call in cgi.c and we always call PAM no matter what it returns. We also no longer run the password cracker for these logins. The truly parinod will note the slight difference in call paths, in that we only call crypt for valid password structs (if not --with-pam). The truly parinoid don't run SWAT either, so I don't think this is an issue. Andrew Bartlett (This used to be commit 9020d884935243f28c19cedc88f076f0709e12cb)
2001-09-17move to SAFE_FREE()Simo Sorce1-1/+1
(This used to be commit 67db8f03c5c9e81e11b5f3276b50ee23e09a2659)
2001-09-10replaced stdio in many parts of samba with a XFILE. XFILE is a cut-downAndrew Tridgell1-3/+3
replacemnt of stdio that doesn't suffer from the 8-bit filedescriptor limit that we hit with nasty consequences on some systems I would eventually prefer us to have a configure test to see if we need to replace stdio, but for now this code needs to be tested widely so I'm enabling it by default. (This used to be commit 1af8bf34f1caa3e7ec312d8109c07d32a945a448)
2001-08-12it was half committed last time,Simo Sorce1-2/+2
thanks to Hasch@t-online.de (Juergen Hasch) for spotting that. (This used to be commit a2a4d4e6286c2127b6f8e32fc97b96dabd7cdb40)
2001-08-08Change all realloc() statements to Realloc() (ecxept for tdb.c)Simo Sorce1-13/+13
changed some code to exploit the fact that Realloc(NULL, size) == malloc(size) fixed some possible mem leaks, or seg faults. thanks to andreas moroder (mallocs not checked in client/client.c, client/smbumount.c) (This used to be commit 7f33c01688b825ab2fa9bbb2730bff4f2fa352be)
2001-07-08This removes unused paramaters from various authtication functions, and shouldAndrew Bartlett1-2/+2
not change behaviour. This should make my later diffs smaller, where I actualy start cleaning up this mess... Andrew Bartlett (This used to be commit 04f090c224bb7ac3b53c430a591fce1fc939a81c)
2001-07-04strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell1-12/+12
can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
2001-05-17- added ability for swat to run under CGI. This needsAndrew Tridgell1-1/+33
to be setup very carefully for it not to be a security hole - reran configure (This used to be commit cf4e439a1e0f3fadbe08c474e5b201827866d7f5)
2001-03-11Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison1-2/+1
RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
2000-11-06Fix to the "known/unknown user" difference patch from "Ron Alexander" ↵Jeremy Allison1-0/+1
<rcalex@home.com>. Jeremy. (This used to be commit 7a698c1f23ea8740755c544f631789848a360e42)
2000-11-01Remove CGI logging code. Make username/password lookups takeJeremy Allison1-29/+28
the same time. Jeremy. (This used to be commit 9698f746858f0f2b37ec6494fca990e958d97cb7)
2000-09-01Fix for swat to return correct MIME type for text files. From "RonTim Potter1-0/+2
Alexander" <rcalex@home.com> (This used to be commit 061e5e50523913a26bc86bd816c4e26a37a832c7)
2000-04-11finally got sick of the "extern int Client" code and the stupidAndrew Tridgell1-3/+3
assumption that we have one socket everywhere while doing so I discovered a few bugs! 1) the clientgen session retarget code if used from smbd or nmbd would cause a crash as it called close_sockets() which closed our main socket! fixed by removing close_sockets() completely - it is unnecessary 2) the caching in client_addr() and client_name() was bogus - it could easily get fooled and give the wrong result. fixed. 3) the retarget could could recurse, allowing an easy denial of service attack on nmbd. fixed. (This used to be commit 5937ab14d222696e40a3fc6f0e6a536f2d7305d3)
2000-04-11two minor bugfixes for SCO UnixWare. The first is to catch SIGPIPE so that ↵Andrew Tridgell1-0/+1
putmsg() inside their send() doesn't kill swat and the scond is to open /dev/null to replace stdin after we close that (This used to be commit d35bbe56bc9e3e5896b2ebdf33ff6468a0432e1f)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-17/+4
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-06-13Moved code that changes the pw_passwd entry (i.e shadow password andTim Potter1-1/+1
weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug. Note that the Get_Pwnam() function now returns a const struct passwd * as a hint to other developers not to change entries in the struct passwd. (This used to be commit 36d7cb4ccc42268e8e6a7b783c945d1853624958)
1998-11-21make SWAT obey the global "hosts allow" and "hosts deny" settings.Andrew Tridgell1-1/+24
any attempt to run swat from a host that is disallowed will give an error. (This used to be commit fe4ef4bbef01aed75807c884249ca8efa5de4140)
1998-11-17Added the same open()/fopen()/creat()/mmap() -> sys_XXX calls.Jeremy Allison1-2/+2
Tidied up some of the mess (no other word for it). Still doesn't compile cleanly. There are calls with incorrect parameters that don't seem to be doing the right thing. This code still needs surgery :-(. Jeremy. (This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
1998-11-14remove code that allows installation via cgiAndrew Tridgell1-20/+35
swat will now give an error message if run via cgi (This used to be commit 55377e3cdd5d8428e89b40946f0535b8cf5247ae)
1998-11-12Added the security changes suggested by Andrew - become theJeremy Allison1-8/+62
user that authenticated to swat permanently (if not root). Jeremy. (This used to be commit 7d55bf379177a4a448e39577ae0af603d5e958f6)
1998-11-11changed is_root() to am_root() to prevent clash with variable names.Andrew Tridgell1-2/+2
(This used to be commit 52f47b8d2ef5ee64e2f8dcfeb6840071e57904d1)
1998-11-11J.F.'s latest printer fixes plus his gcc -picky fix for web/cgi.cJeremy Allison1-1/+1
Jeremy. (This used to be commit bd4e2972f50cafd932a5c915cdeeef7eedda07cc)
1998-11-11rpc_server/srv_netlog.c: Fixed crash bug with ACB_PWNOTREQ.Jeremy Allison1-2/+2
script/makeyodldocs.sh: Added code to make text docs for non-man page YODL docs. web/cgi.c web/swat.c: SGI compiler warnings fixed. Jeremy. (This used to be commit 80e0f7e1071f032c5004aecb01a91d1397e6a161)