summaryrefslogtreecommitdiff
path: root/source3/web/cgi.c
AgeCommit message (Collapse)AuthorFilesLines
2001-09-24convert all POST variables from display to unix charsetAndrew Tridgell1-22/+28
(This used to be commit cd6478ad9890949d0ef34a7078ec5518debe4a3c)
2001-09-20Move pass_check.c over to NTSTATUS, allowing full NTSTATUS from PAM to wire!Andrew Bartlett1-8/+5
Add the ability for swat to run in non-root-mode (ie non-root from inetd). - we still need some of the am_root() calls fixed however. (This used to be commit 2c2317c56ee13abdbdbc866363c3b52dab826e3c)
2001-09-19Remove the ugly hacks to get around the Get_Pwnam() calls in pass_check.c byAndrew Bartlett1-47/+24
simply not doing Get_Pwnam() calls in pass_check.c We now make *one* sys_getpnam() call in cgi.c and we always call PAM no matter what it returns. We also no longer run the password cracker for these logins. The truly parinod will note the slight difference in call paths, in that we only call crypt for valid password structs (if not --with-pam). The truly parinoid don't run SWAT either, so I don't think this is an issue. Andrew Bartlett (This used to be commit 9020d884935243f28c19cedc88f076f0709e12cb)
2001-09-17move to SAFE_FREE()Simo Sorce1-1/+1
(This used to be commit 67db8f03c5c9e81e11b5f3276b50ee23e09a2659)
2001-09-10replaced stdio in many parts of samba with a XFILE. XFILE is a cut-downAndrew Tridgell1-3/+3
replacemnt of stdio that doesn't suffer from the 8-bit filedescriptor limit that we hit with nasty consequences on some systems I would eventually prefer us to have a configure test to see if we need to replace stdio, but for now this code needs to be tested widely so I'm enabling it by default. (This used to be commit 1af8bf34f1caa3e7ec312d8109c07d32a945a448)
2001-08-12it was half committed last time,Simo Sorce1-2/+2
thanks to Hasch@t-online.de (Juergen Hasch) for spotting that. (This used to be commit a2a4d4e6286c2127b6f8e32fc97b96dabd7cdb40)
2001-08-08Change all realloc() statements to Realloc() (ecxept for tdb.c)Simo Sorce1-13/+13
changed some code to exploit the fact that Realloc(NULL, size) == malloc(size) fixed some possible mem leaks, or seg faults. thanks to andreas moroder (mallocs not checked in client/client.c, client/smbumount.c) (This used to be commit 7f33c01688b825ab2fa9bbb2730bff4f2fa352be)
2001-07-08This removes unused paramaters from various authtication functions, and shouldAndrew Bartlett1-2/+2
not change behaviour. This should make my later diffs smaller, where I actualy start cleaning up this mess... Andrew Bartlett (This used to be commit 04f090c224bb7ac3b53c430a591fce1fc939a81c)
2001-07-04strchr and strrchr are macros when compiling with optimisation in gcc, so we ↵Andrew Tridgell1-12/+12
can't redefine them. damn. (This used to be commit c41fc06376d1a2b83690612304e85010b5e5f3cf)
2001-05-17- added ability for swat to run under CGI. This needsAndrew Tridgell1-1/+33
to be setup very carefully for it not to be a security hole - reran configure (This used to be commit cf4e439a1e0f3fadbe08c474e5b201827866d7f5)
2001-03-11Merge of new 2.2 code into HEAD (Gerald I hate you :-) :-). Allows new SAMRJeremy Allison1-2/+1
RPC code to merge with new passdb code. Currently rpcclient doesn't compile. I'm working on it... Jeremy. (This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
2000-11-06Fix to the "known/unknown user" difference patch from "Ron Alexander" ↵Jeremy Allison1-0/+1
<rcalex@home.com>. Jeremy. (This used to be commit 7a698c1f23ea8740755c544f631789848a360e42)
2000-11-01Remove CGI logging code. Make username/password lookups takeJeremy Allison1-29/+28
the same time. Jeremy. (This used to be commit 9698f746858f0f2b37ec6494fca990e958d97cb7)
2000-09-01Fix for swat to return correct MIME type for text files. From "RonTim Potter1-0/+2
Alexander" <rcalex@home.com> (This used to be commit 061e5e50523913a26bc86bd816c4e26a37a832c7)
2000-04-11finally got sick of the "extern int Client" code and the stupidAndrew Tridgell1-3/+3
assumption that we have one socket everywhere while doing so I discovered a few bugs! 1) the clientgen session retarget code if used from smbd or nmbd would cause a crash as it called close_sockets() which closed our main socket! fixed by removing close_sockets() completely - it is unnecessary 2) the caching in client_addr() and client_name() was bogus - it could easily get fooled and give the wrong result. fixed. 3) the retarget could could recurse, allowing an easy denial of service attack on nmbd. fixed. (This used to be commit 5937ab14d222696e40a3fc6f0e6a536f2d7305d3)
2000-04-11two minor bugfixes for SCO UnixWare. The first is to catch SIGPIPE so that ↵Andrew Tridgell1-0/+1
putmsg() inside their send() doesn't kill swat and the scond is to open /dev/null to replace stdin after we close that (This used to be commit d35bbe56bc9e3e5896b2ebdf33ff6468a0432e1f)
1999-12-13first pass at updating head branch to be to be the same as the SAMBA_2_0 branchAndrew Tridgell1-17/+4
(This used to be commit 453a822a76780063dff23526c35408866d0c0154)
1999-06-13Moved code that changes the pw_passwd entry (i.e shadow password andTim Potter1-1/+1
weird unixware stuff) into _Get_Pwnam() to fix a memory allocation bug. Note that the Get_Pwnam() function now returns a const struct passwd * as a hint to other developers not to change entries in the struct passwd. (This used to be commit 36d7cb4ccc42268e8e6a7b783c945d1853624958)
1998-11-21make SWAT obey the global "hosts allow" and "hosts deny" settings.Andrew Tridgell1-1/+24
any attempt to run swat from a host that is disallowed will give an error. (This used to be commit fe4ef4bbef01aed75807c884249ca8efa5de4140)
1998-11-17Added the same open()/fopen()/creat()/mmap() -> sys_XXX calls.Jeremy Allison1-2/+2
Tidied up some of the mess (no other word for it). Still doesn't compile cleanly. There are calls with incorrect parameters that don't seem to be doing the right thing. This code still needs surgery :-(. Jeremy. (This used to be commit 18ff93a9abbf68ee8c59c0af3e57c63e4a015dac)
1998-11-14remove code that allows installation via cgiAndrew Tridgell1-20/+35
swat will now give an error message if run via cgi (This used to be commit 55377e3cdd5d8428e89b40946f0535b8cf5247ae)
1998-11-12Added the security changes suggested by Andrew - become theJeremy Allison1-8/+62
user that authenticated to swat permanently (if not root). Jeremy. (This used to be commit 7d55bf379177a4a448e39577ae0af603d5e958f6)
1998-11-11changed is_root() to am_root() to prevent clash with variable names.Andrew Tridgell1-2/+2
(This used to be commit 52f47b8d2ef5ee64e2f8dcfeb6840071e57904d1)
1998-11-11J.F.'s latest printer fixes plus his gcc -picky fix for web/cgi.cJeremy Allison1-1/+1
Jeremy. (This used to be commit bd4e2972f50cafd932a5c915cdeeef7eedda07cc)
1998-11-11rpc_server/srv_netlog.c: Fixed crash bug with ACB_PWNOTREQ.Jeremy Allison1-2/+2
script/makeyodldocs.sh: Added code to make text docs for non-man page YODL docs. web/cgi.c web/swat.c: SGI compiler warnings fixed. Jeremy. (This used to be commit 80e0f7e1071f032c5004aecb01a91d1397e6a161)
1998-11-11added password change functionality to swatHerb Lewis1-6/+33
(This used to be commit 06d4026cf1521766b52766193774f1fd8dd70c81)
1998-10-26report ourselves as HTTP/1.0 not HTTP/1.1Andrew Tridgell1-3/+3
(This used to be commit b2210614e810c8e84c9a14a8e32e05f95d92479b)
1998-09-28Changes to test in configure if capabilities are enabled on a system.Jeremy Allison1-2/+0
Changes to get Samba to compile cleanly with the IRIX compiler with the options : -fullwarn -woff 1209,1174 (the -woff options are to turn off warnings about unused function parameters and controlling loop expressions being constants). Split prototype generation as we hit a limit in IRIX nawk. Removed "." code in smbd/filename.c (yet again :-). Jeremy. (This used to be commit e0567433bd72aec17bf5a54cc292701095d25f09)
1998-09-05tridge the destroyer returns!Andrew Tridgell1-168/+0
prompted by the interpret_security() dead code that Jean-Francois pointed out I added a make target "finddead" that finds potentially dead (ie. unused) code. It spat out 304 function names ... I went through these are deleted many of them, making others static (finddead also reports functions that are used only in the local file). in doing this I have almost certainly deleted some useful code. I may have even prevented compilation with some compile options. I apologise. I decided it was better to get rid of this code now and add back the one or two functions that are needed than to keep all this baggage. So, if I have done a bit too much "destroying" then let me know. Keep the swearing to a minimum :) One bit I didn't do is the ubibt code. Chris, can you look at that? Heaps of unused functions there. Can they be made static? (This used to be commit 2204475c87f3024ea8fd1fbd7385b2def617a46f)
1998-09-02use /swat/ prefix in both inetd and cgi modes, to enable a static header.htmlAndrew Tridgell1-14/+4
(This used to be commit ddb788c24d043b18506138a7759b8128df1673aa)
1998-09-01More abstraction of file system data types, to move to a 64Jeremy Allison1-1/+1
bit file interface for the NT SMB's. Created a new define, SMB_STRUCT_STAT that currently is defined to be struct stat - this wil change to a user defined type containing 64 bit info when the correct wrappers are written for 64 bit stat(), fstat() and lstat() calls. Also changed all sys_xxxx() calls that were previously just wrappers to the same call prefixed by a dos_to_unix() call into dos_xxxx() calls. This makes it explicit when a pathname translation is being done, and when it is not. Now, all sys_xxx() calls are meant to be wrappers to mask OS differences, and not silently converting filenames on the fly. Jeremy. (This used to be commit 28aa182dbffaa4ffd86047e608400de4b26e80eb)
1998-09-01fixed a bug in the base64 hanlding that led to auth failures for someAndrew Tridgell1-2/+6
passwords with SWAT (This used to be commit edcde70108ab643a29f3e0e0cc97609287da6e87)
1998-08-15configure: Changes for extra headers.Jeremy Allison1-1/+1
configure.in: Source for header changes. client/clitar.c: Fixed isXXX macros & debugs for gcc pedantic compile. include/config.h.in: Added MEMSET, BZERO, MEMORY, RPCSVC_YPCLNT, STRINGS headers. include/includes.h: Headers for the above. include/smb.h: Made SIGNAL_CAST POSIX by default void (*)(int). lib/access.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/charset.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/debug.c: Fixed signal functs. lib/kanji.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/smbrun.c: Fixed isXXX macros & debugs for gcc pedantic compile. lib/util.c: Fixed isXXX macros & debugs for gcc pedantic compile. libsmb/namequery.c: Fixed isXXX macros & debugs for gcc pedantic compile. locking/shmem.c: Fixed isXXX macros & debugs for gcc pedantic compile. locking/shmem_sysv.c: Fixed error messages in sysV stuff. nmbd/asyncdns.c: Fixed signal functs. nmbd/nmbd.c: Fixed isXXX macros & debugs for gcc pedantic compile. passdb/passdb.c: Fixed isXXX macros & debugs for gcc pedantic compile. passdb/smbpassfile.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/chgpasswd.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/ipc.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/nttrans.c: Fixed fsp code path. smbd/password.c: fixed HAVE_YP_GET_DEFAULT_DOMAIN problem. smbd/printing.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/reply.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/server.c: Fixed isXXX macros & debugs for gcc pedantic compile. smbd/trans2.c: Fixed core dump bug. smbd/uid.c: Fixed isXXX macros & debugs for gcc pedantic compile. Jeremy. (This used to be commit 1b9cbcd02e575dc0a95fa589f720df30a4acc46b)
1998-08-10split the system password checking routines out of smbd/password.c andAndrew Tridgell1-1/+1
into passdb/pass_check.c. This means SWAT no longer needs to link to smbd/password.c (This used to be commit 90d93889d722670cbb517017531264630af759bf)
1998-05-12This is a security audit change of the main source.Jeremy Allison1-5/+5
It removed all ocurrences of the following functions : sprintf strcpy strcat The replacements are slprintf, safe_strcpy and safe_strcat. It should not be possible to use code in Samba that uses sprintf, strcpy or strcat, only the safe_equivalents. Once Andrew has fixed the slprintf implementation then this code will be moved back to the 1.9.18 code stream. Jeremy. (This used to be commit 2d774454005f0b54e5684cf618da7060594dfcbb)
1998-03-21Getting ready for first Red Hat Linux RPMs for 1.9.19 pre-alpha releaseJohn Terpstra1-1/+1
(This used to be commit 4e424d0ba652bf9c5dfd3c44216b6145538cf821)
1998-03-18changed the method used for auto-reload on the status page to useAndrew Tridgell1-1/+13
JavaScript. This avoids the nasty inetd problem. (This used to be commit 9d9b13880963a0e3cf5213ce2a24c52f4a11a472)
1998-03-17when CGI_LOGGING is on log the host name and IPAndrew Tridgell1-1/+3
this is just so I can snoop on who is looking at the demo :-) (This used to be commit 78abb9fec3aac235ad26d0192351dc81ade6c584)
1998-03-17this isn't a big commit, it just looks like it :-)Andrew Tridgell1-0/+21
I needed the client_name() and client_addr() functions in swat so I could tell who was connecting from where. The problem was that these functions didn't take a file descriptor parameter they just used the global "Client". So I needed to change all calls to pass a parameter ... lots of files. (This used to be commit a776058900a727591bd7b69debdaa25c0e31d693)
1998-03-14fixed support for running swat via cgi-binAndrew Tridgell1-7/+43
(This used to be commit 9dbfb16990954ee3518ce3bc73e067c82b653930)
1998-03-12use password_ok() instead of calling crypt()Andrew Tridgell1-11/+2
(This used to be commit 53dc8ea5e315abf9ee8d38ffdb8a3057df0235be)
1998-03-10added Date and Expires headers in the mini web server so clients knowAndrew Tridgell1-10/+25
what they can cache. (This used to be commit b6055e40bb91775a29b756640d95910a6f19814f)
1998-03-08- remove redundent strstr()Andrew Tridgell1-5/+0
- don't show printers in shares page (This used to be commit 2b4204a7769a974a74a7658e787274f6251b1d69)
1998-03-08allow for non-authenticated SWAT for demo purposesAndrew Tridgell1-2/+2
(This used to be commit 6e1237568b559c006ee5429308ac47e97cc4a1c4)
1998-03-08Jeremy is going to hate me ...Andrew Tridgell1-2/+11
These are some hacks on SWAT. Maybe users will actually be able to work out how to use it now. Unfortunately these changes required some editing in loadparm.c and smb.h which will make Jeremys merge job harder. Sorry! (This used to be commit 674c88a6bf4c8009769a482c53f105efdc54bbc8)
1998-01-22This is *not* a big change (although it looks like one).Jeremy Allison1-1/+1
This is merely updating the Copyright statements from 1997 to 1998. It's a once a year thing :-). NO OTHER CHANGES WERE MADE. Jeremy. (This used to be commit b9c16977231efb274e08856f7f3f4408dad6d96c)
1998-01-12propogate my cgi changes to the main branchAndrew Tridgell1-1/+1
(This used to be commit 215c97e83ac74757cffb4f64176c80ddb845d65f)
1997-11-23minor wsmbconf and cgi changesAndrew Tridgell1-2/+17
(This used to be commit bca9c49e6f24c2ee79cbb9b6ebf69d6647146fc1)
1997-11-22this new cgi code includes the ability to act as a mini web server,Andrew Tridgell1-67/+510
allowing people to use web configuration of Samba without installing a web server (This used to be commit b4e05c360e77cbf27a95920b613bfe6bc874ea1b)
1997-09-11cgi.c is a simple set of CGI manipulation routinesAndrew Tridgell1-0/+163
wsmbconf.c is a rudimentary web based smb.conf editor. Its really there just to demonstrate how such an editor can hook into loadparm.c, I don't expect anyone to actually use it as is. wsmbstatus.c is a simple web based smbstatus. Its probably broken. (This used to be commit ced5205f72ba58d677f3cfa480fddc58ec9faa27)