From 61a2ad3c020424cead067cbdc89ea6f25708fde4 Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Fri, 17 May 2013 14:16:26 +0200 Subject: swat: Remove swat. Signed-off-by: Kai Blin Reviewed-by: Andrew Bartlett Autobuild-User(master): Kai Blin Autobuild-Date(master): Sat May 18 16:32:38 CEST 2013 on sn-devel-104 --- source3/web/cgi.c | 798 ---------------------- source3/web/diagnose.c | 80 --- source3/web/neg_lang.c | 120 ---- source3/web/startstop.c | 130 ---- source3/web/statuspage.c | 467 ------------- source3/web/swat.c | 1683 +--------------------------------------------- source3/web/swat_proto.h | 76 --- 7 files changed, 37 insertions(+), 3317 deletions(-) delete mode 100644 source3/web/cgi.c delete mode 100644 source3/web/diagnose.c delete mode 100644 source3/web/neg_lang.c delete mode 100644 source3/web/startstop.c delete mode 100644 source3/web/statuspage.c delete mode 100644 source3/web/swat_proto.h (limited to 'source3/web') diff --git a/source3/web/cgi.c b/source3/web/cgi.c deleted file mode 100644 index b97ed2578c..0000000000 --- a/source3/web/cgi.c +++ /dev/null @@ -1,798 +0,0 @@ -/* - some simple CGI helper routines - Copyright (C) Andrew Tridgell 1997-1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . -*/ - - -#include "includes.h" -#include "system/passwd.h" -#include "system/filesys.h" -#include "web/swat_proto.h" -#include "intl/lang_tdb.h" -#include "auth.h" -#include "secrets.h" -#include "../lib/util/setid.h" - -#define MAX_VARIABLES 10000 - -/* set the expiry on fixed pages */ -#define EXPIRY_TIME (60*60*24*7) - -#ifdef DEBUG_COMMENTS -extern void print_title(char *fmt, ...); -#endif - -struct cgi_var { - char *name; - char *value; -}; - -static struct cgi_var variables[MAX_VARIABLES]; -static int num_variables; -static int content_length; -static int request_post; -static char *query_string; -static const char *baseurl; -static char *pathinfo; -static char *C_user; -static char *C_pass; -static bool inetd_server; -static bool got_request; - -static char *grab_line(FILE *f, int *cl) -{ - char *ret = NULL; - int i = 0; - int len = 0; - - while ((*cl)) { - int c; - - if (i == len) { - char *ret2; - if (len == 0) len = 1024; - else len *= 2; - ret2 = (char *)SMB_REALLOC_KEEP_OLD_ON_ERROR(ret, len); - if (!ret2) return ret; - ret = ret2; - } - - c = fgetc(f); - (*cl)--; - - if (c == EOF) { - (*cl) = 0; - break; - } - - if (c == '\r') continue; - - if (strchr_m("\n&", c)) break; - - ret[i++] = c; - - } - - if (ret) { - ret[i] = 0; - } - return ret; -} - -/** - URL encoded strings can have a '+', which should be replaced with a space - - (This was in rfc1738_unescape(), but that broke the squid helper) -**/ - -static void plus_to_space_unescape(char *buf) -{ - char *p=buf; - - while ((p=strchr_m(p,'+'))) - *p = ' '; -} - -/*************************************************************************** - load all the variables passed to the CGI program. May have multiple variables - with the same name and the same or different values. Takes a file parameter - for simulating CGI invocation eg loading saved preferences. - ***************************************************************************/ -void cgi_load_variables(void) -{ - static char *line; - char *p, *s, *tok; - int len, i; - FILE *f = stdin; - -#ifdef DEBUG_COMMENTS - char dummy[100]=""; - print_title(dummy); - printf("\n",__FILE__); -#endif - - if (!content_length) { - p = getenv("CONTENT_LENGTH"); - len = p?atoi(p):0; - } else { - len = content_length; - } - - - if (len > 0 && - (request_post || - ((s=getenv("REQUEST_METHOD")) && - strequal(s,"POST")))) { - while (len && (line=grab_line(f, &len))) { - p = strchr_m(line,'='); - if (!p) continue; - - *p = 0; - - variables[num_variables].name = SMB_STRDUP(line); - variables[num_variables].value = SMB_STRDUP(p+1); - - SAFE_FREE(line); - - if (!variables[num_variables].name || - !variables[num_variables].value) - continue; - - plus_to_space_unescape(variables[num_variables].value); - rfc1738_unescape(variables[num_variables].value); - plus_to_space_unescape(variables[num_variables].name); - rfc1738_unescape(variables[num_variables].name); - -#ifdef DEBUG_COMMENTS - printf("\n", - variables[num_variables].name, - variables[num_variables].value); -#endif - - num_variables++; - if (num_variables == MAX_VARIABLES) break; - } - } - - fclose(stdin); - open("/dev/null", O_RDWR); - - if ((s=query_string) || (s=getenv("QUERY_STRING"))) { - char *saveptr; - for (tok=strtok_r(s, "&;", &saveptr); tok; - tok=strtok_r(NULL, "&;", &saveptr)) { - p = strchr_m(tok,'='); - if (!p) continue; - - *p = 0; - - variables[num_variables].name = SMB_STRDUP(tok); - variables[num_variables].value = SMB_STRDUP(p+1); - - if (!variables[num_variables].name || - !variables[num_variables].value) - continue; - - plus_to_space_unescape(variables[num_variables].value); - rfc1738_unescape(variables[num_variables].value); - plus_to_space_unescape(variables[num_variables].name); - rfc1738_unescape(variables[num_variables].name); - -#ifdef DEBUG_COMMENTS - printf("\n", - variables[num_variables].name, - variables[num_variables].value); -#endif - num_variables++; - if (num_variables == MAX_VARIABLES) break; - } - - } -#ifdef DEBUG_COMMENTS - printf("\n"); -#endif - - /* variables from the client are in UTF-8 - convert them - to our internal unix charset before use */ - for (i=0;i%s

%s

%s

\r\n\r\n", err, header, err, err, info); - fclose(stdin); - fclose(stdout); - exit(0); -} - - -/*************************************************************************** -tell a browser about a fatal authentication error - ***************************************************************************/ -static void cgi_auth_error(void) -{ - if (inetd_server) { - cgi_setup_error("401 Authorization Required", - "WWW-Authenticate: Basic realm=\"SWAT\"\r\n", - "You must be authenticated to use this service"); - } else { - printf("Content-Type: text/html\r\n"); - - printf("\r\nSWAT\n"); - printf("

Installation Error

\n"); - printf("SWAT must be installed via inetd. It cannot be run as a CGI script

\n"); - printf("\r\n"); - } - exit(0); -} - -/*************************************************************************** -authenticate when we are running as a CGI - ***************************************************************************/ -static void cgi_web_auth(void) -{ - const char *user = getenv("REMOTE_USER"); - struct passwd *pwd; - const char *head = "Content-Type: text/html\r\n\r\n

SWAT installation Error

\n"; - const char *tail = "\r\n"; - - if (!user) { - printf("%sREMOTE_USER not set. Not authenticated by web server.
%s\n", - head, tail); - exit(0); - } - - pwd = Get_Pwnam_alloc(talloc_tos(), user); - if (!pwd) { - printf("%sCannot find user %s
%s\n", head, user, tail); - exit(0); - } - - C_user = SMB_STRDUP(user); - - if (!samba_setuid(0)) { - C_pass = secrets_fetch_generic("root", "SWAT"); - if (C_pass == NULL) { - char *tmp_pass = NULL; - tmp_pass = generate_random_password(talloc_tos(), - 16, 16); - if (tmp_pass == NULL) { - printf("%sFailed to create random nonce for " - "SWAT session\n
%s\n", head, tail); - exit(0); - } - secrets_store_generic("root", "SWAT", tmp_pass); - C_pass = SMB_STRDUP(tmp_pass); - TALLOC_FREE(tmp_pass); - } - } - samba_setuid(pwd->pw_uid); - if (geteuid() != pwd->pw_uid || getuid() != pwd->pw_uid) { - printf("%sFailed to become user %s - uid=%d/%d
%s\n", - head, user, (int)geteuid(), (int)getuid(), tail); - exit(0); - } - TALLOC_FREE(pwd); -} - - -/*************************************************************************** -handle a http authentication line - ***************************************************************************/ -static bool cgi_handle_authorization(char *line) -{ - char *p; - fstring user, user_pass; - struct passwd *pass = NULL; - const char *rhost; - char addr[INET6_ADDRSTRLEN]; - size_t size = 0; - - if (!strnequal(line,"Basic ", 6)) { - goto err; - } - line += 6; - while (line[0] == ' ') line++; - base64_decode_inplace(line); - if (!(p=strchr_m(line,':'))) { - /* - * Always give the same error so a cracker - * cannot tell why we fail. - */ - goto err; - } - *p = 0; - - if (!convert_string(CH_UTF8, CH_UNIX, - line, -1, - user, sizeof(user), &size)) { - goto err; - } - - if (!convert_string(CH_UTF8, CH_UNIX, - p+1, -1, - user_pass, sizeof(user_pass), &size)) { - goto err; - } - - /* - * Try and get the user from the UNIX password file. - */ - - pass = Get_Pwnam_alloc(talloc_tos(), user); - - rhost = client_name(1); - if (strequal(rhost,"UNKNOWN")) - rhost = client_addr(1, addr, sizeof(addr)); - - /* - * Validate the password they have given. - */ - - if NT_STATUS_IS_OK(pass_check(pass, user, rhost, user_pass, false)) { - if (pass) { - /* - * Password was ok. - */ - - if ( initgroups(pass->pw_name, pass->pw_gid) != 0 ) - goto err; - - become_user_permanently(pass->pw_uid, pass->pw_gid); - - /* Save the users name */ - C_user = SMB_STRDUP(user); - C_pass = SMB_STRDUP(user_pass); - TALLOC_FREE(pass); - return True; - } - } - -err: - cgi_setup_error("401 Bad Authorization", - "WWW-Authenticate: Basic realm=\"SWAT\"\r\n", - "username or password incorrect"); - - TALLOC_FREE(pass); - return False; -} - -/*************************************************************************** -is this root? - ***************************************************************************/ -bool am_root(void) -{ - if (geteuid() == 0) { - return( True); - } else { - return( False); - } -} - -/*************************************************************************** -return a ptr to the users name - ***************************************************************************/ -char *cgi_user_name(void) -{ - return(C_user); -} - -/*************************************************************************** -return a ptr to the users password - ***************************************************************************/ -char *cgi_user_pass(void) -{ - return(C_pass); -} - -/*************************************************************************** -handle a file download - ***************************************************************************/ -static void cgi_download(char *file) -{ - SMB_STRUCT_STAT st; - char buf[1024]; - int fd, l, i; - char *p; - char *lang; - - /* sanitise the filename */ - for (i=0;file[i];i++) { - if (!isalnum((int)file[i]) && !strchr_m("/.-_", file[i])) { - cgi_setup_error("404 File Not Found","", - "Illegal character in filename"); - } - } - - if (sys_stat(file, &st, false) != 0) { - cgi_setup_error("404 File Not Found","", - "The requested file was not found"); - } - - if (S_ISDIR(st.st_ex_mode)) - { - snprintf(buf, sizeof(buf), "%s/index.html", file); - if (!file_exist_stat(buf, &st, false) - || !S_ISREG(st.st_ex_mode)) - { - cgi_setup_error("404 File Not Found","", - "The requested file was not found"); - } - } - else if (S_ISREG(st.st_ex_mode)) - { - snprintf(buf, sizeof(buf), "%s", file); - } - else - { - cgi_setup_error("404 File Not Found","", - "The requested file was not found"); - } - - fd = web_open(buf,O_RDONLY,0); - if (fd == -1) { - cgi_setup_error("404 File Not Found","", - "The requested file was not found"); - } - printf("HTTP/1.0 200 OK\r\n"); - if ((p=strrchr_m(buf, '.'))) { - if (strcmp(p,".gif")==0) { - printf("Content-Type: image/gif\r\n"); - } else if (strcmp(p,".jpg")==0) { - printf("Content-Type: image/jpeg\r\n"); - } else if (strcmp(p,".png")==0) { - printf("Content-Type: image/png\r\n"); - } else if (strcmp(p,".css")==0) { - printf("Content-Type: text/css\r\n"); - } else if (strcmp(p,".txt")==0) { - printf("Content-Type: text/plain\r\n"); - } else { - printf("Content-Type: text/html\r\n"); - } - } - printf("Expires: %s\r\n", - http_timestring(talloc_tos(), time(NULL)+EXPIRY_TIME)); - - lang = lang_tdb_current(); - if (lang) { - printf("Content-Language: %s\r\n", lang); - } - - printf("Content-Length: %d\r\n\r\n", (int)st.st_ex_size); - while ((l=read(fd,buf,sizeof(buf)))>0) { - if (fwrite(buf, 1, l, stdout) != l) { - break; - } - } - close(fd); - exit(0); -} - - - -/* return true if the char* contains ip addrs only. Used to avoid -name lookup calls */ - -static bool only_ipaddrs_in_list(const char **list) -{ - bool only_ip = true; - - if (!list) { - return true; - } - - for (; *list ; list++) { - /* factor out the special strings */ - if (strequal(*list, "ALL") || strequal(*list, "FAIL") || - strequal(*list, "EXCEPT")) { - continue; - } - - if (!is_ipaddress(*list)) { - /* - * If we failed, make sure that it was not because - * the token was a network/netmask pair. Only - * network/netmask pairs have a '/' in them. - */ - if ((strchr_m(*list, '/')) == NULL) { - only_ip = false; - DEBUG(3,("only_ipaddrs_in_list: list has " - "non-ip address (%s)\n", - *list)); - break; - } - } - } - - return only_ip; -} - -/* return true if access should be allowed to a service for a socket */ -static bool check_access(int sock, const char **allow_list, - const char **deny_list) -{ - bool ret = false; - bool only_ip = false; - char addr[INET6_ADDRSTRLEN]; - - if ((!deny_list || *deny_list==0) && (!allow_list || *allow_list==0)) { - return true; - } - - /* Bypass name resolution calls if the lists - * only contain IP addrs */ - if (only_ipaddrs_in_list(allow_list) && - only_ipaddrs_in_list(deny_list)) { - only_ip = true; - DEBUG (3, ("check_access: no hostnames " - "in host allow/deny list.\n")); - ret = allow_access(deny_list, - allow_list, - "", - get_peer_addr(sock,addr,sizeof(addr))); - } else { - DEBUG (3, ("check_access: hostnames in " - "host allow/deny list.\n")); - ret = allow_access(deny_list, - allow_list, - get_peer_name(sock,true), - get_peer_addr(sock,addr,sizeof(addr))); - } - - if (ret) { - DEBUG(2,("Allowed connection from %s (%s)\n", - only_ip ? "" : get_peer_name(sock,true), - get_peer_addr(sock,addr,sizeof(addr)))); - } else { - DEBUG(0,("Denied connection from %s (%s)\n", - only_ip ? "" : get_peer_name(sock,true), - get_peer_addr(sock,addr,sizeof(addr)))); - } - - return(ret); -} - -/** - * @brief Setup the CGI framework. - * - * Setup the cgi framework, handling the possibility that this program - * is either run as a true CGI program with a gateway to a web server, or - * is itself a mini web server. - **/ -void cgi_setup(const char *rootdir, int auth_required) -{ - bool authenticated = False; - char line[1024]; - char *url=NULL; - char *p; - char *lang; - - if (chdir(rootdir)) { - cgi_setup_error("500 Server Error", "", - "chdir failed - the server is not configured correctly"); - } - - /* Handle the possibility we might be running as non-root */ - sec_init(); - - if ((lang=getenv("HTTP_ACCEPT_LANGUAGE"))) { - /* if running as a cgi program */ - web_set_lang(lang); - } - - /* maybe we are running under a web server */ - if (getenv("CONTENT_LENGTH") || getenv("REQUEST_METHOD")) { - if (auth_required) { - cgi_web_auth(); - } - return; - } - - inetd_server = True; - - if (!check_access(1, lp_hostsallow(-1), lp_hostsdeny(-1))) { - cgi_setup_error("403 Forbidden", "", - "Samba is configured to deny access from this client\n
Check your \"hosts allow\" and \"hosts deny\" options in smb.conf "); - } - - /* we are a mini-web server. We need to read the request from stdin - and handle authentication etc */ - while (fgets(line, sizeof(line)-1, stdin)) { - if (line[0] == '\r' || line[0] == '\n') break; - if (strnequal(line,"GET ", 4)) { - got_request = True; - url = SMB_STRDUP(&line[4]); - } else if (strnequal(line,"POST ", 5)) { - got_request = True; - request_post = 1; - url = SMB_STRDUP(&line[5]); - } else if (strnequal(line,"PUT ", 4)) { - got_request = True; - cgi_setup_error("400 Bad Request", "", - "This server does not accept PUT requests"); - } else if (strnequal(line,"Authorization: ", 15)) { - authenticated = cgi_handle_authorization(&line[15]); - } else if (strnequal(line,"Content-Length: ", 16)) { - content_length = atoi(&line[16]); - } else if (strnequal(line,"Accept-Language: ", 17)) { - web_set_lang(&line[17]); - } - /* ignore all other requests! */ - } - - if (auth_required && !authenticated) { - cgi_auth_error(); - } - - if (!url) { - cgi_setup_error("400 Bad Request", "", - "You must specify a GET or POST request"); - } - - /* trim the URL */ - if ((p = strchr_m(url,' ')) || (p=strchr_m(url,'\t'))) { - *p = 0; - } - while (*url && strchr_m("\r\n",url[strlen(url)-1])) { - url[strlen(url)-1] = 0; - } - - /* anything following a ? in the URL is part of the query string */ - if ((p=strchr_m(url,'?'))) { - query_string = p+1; - *p = 0; - } - - string_sub(url, "/swat/", "", 0); - - if (url[0] != '/' && strstr(url,"..")==0) { - cgi_download(url); - } - - printf("HTTP/1.0 200 OK\r\nConnection: close\r\n"); - printf("Date: %s\r\n", http_timestring(talloc_tos(), time(NULL))); - baseurl = ""; - pathinfo = url+1; -} - - -/*************************************************************************** -return the current pages URL - ***************************************************************************/ -const char *cgi_baseurl(void) -{ - if (inetd_server) { - return baseurl; - } - return getenv("SCRIPT_NAME"); -} - -/*************************************************************************** -return the current pages path info - ***************************************************************************/ -const char *cgi_pathinfo(void) -{ - char *r; - if (inetd_server) { - return pathinfo; - } - r = getenv("PATH_INFO"); - if (!r) return ""; - if (*r == '/') r++; - return r; -} - -/*************************************************************************** -return the hostname of the client - ***************************************************************************/ -const char *cgi_remote_host(void) -{ - if (inetd_server) { - return get_peer_name(1,False); - } - return getenv("REMOTE_HOST"); -} - -/*************************************************************************** -return the hostname of the client - ***************************************************************************/ -const char *cgi_remote_addr(void) -{ - if (inetd_server) { - char addr[INET6_ADDRSTRLEN]; - get_peer_addr(1,addr,sizeof(addr)); - return talloc_strdup(talloc_tos(), addr); - } - return getenv("REMOTE_ADDR"); -} - - -/*************************************************************************** -return True if the request was a POST - ***************************************************************************/ -bool cgi_waspost(void) -{ - if (inetd_server) { - return request_post; - } - return strequal(getenv("REQUEST_METHOD"), "POST"); -} diff --git a/source3/web/diagnose.c b/source3/web/diagnose.c deleted file mode 100644 index 955ff89b99..0000000000 --- a/source3/web/diagnose.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - Unix SMB/CIFS implementation. - diagnosis tools for web admin - Copyright (C) Andrew Tridgell 1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . -*/ - -#include "includes.h" -#include "web/swat_proto.h" -#include "lib/winbind_util.h" -#include "libsmb/libsmb.h" - -#ifdef WITH_WINBIND - -/* check to see if winbind is running by pinging it */ - -bool winbindd_running(void) -{ - return winbind_ping(); -} -#endif - -/* check to see if nmbd is running on localhost by looking for a __SAMBA__ - response */ -bool nmbd_running(void) -{ - struct in_addr loopback_ip; - int count; - struct sockaddr_storage *ss_list; - struct sockaddr_storage ss; - NTSTATUS status; - - loopback_ip.s_addr = htonl(INADDR_LOOPBACK); - in_addr_to_sockaddr_storage(&ss, loopback_ip); - - status = name_query("__SAMBA__", 0, - True, True, &ss, - talloc_tos(), &ss_list, &count, - NULL); - if (NT_STATUS_IS_OK(status)) { - TALLOC_FREE(ss_list); - return True; - } - - return False; -} - - -/* check to see if smbd is running on localhost by trying to open a connection - then closing it */ -bool smbd_running(void) -{ - struct in_addr loopback_ip; - NTSTATUS status; - struct cli_state *cli; - struct sockaddr_storage ss; - - loopback_ip.s_addr = htonl(INADDR_LOOPBACK); - in_addr_to_sockaddr_storage(&ss, loopback_ip); - - status = cli_connect_nb("localhost", &ss, 0, 0x20, lp_netbios_name(), - SMB_SIGNING_DEFAULT, 0, &cli); - if (!NT_STATUS_IS_OK(status)) { - return false; - } - cli_shutdown(cli); - return True; -} diff --git a/source3/web/neg_lang.c b/source3/web/neg_lang.c deleted file mode 100644 index c415449d09..0000000000 --- a/source3/web/neg_lang.c +++ /dev/null @@ -1,120 +0,0 @@ -/* - Unix SMB/CIFS implementation. - SWAT language handling - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . - - Created by Ryo Kawahara -*/ - -#include "includes.h" -#include "web/swat_proto.h" -#include "intl/lang_tdb.h" -#include "system/filesys.h" - -/* - during a file download we first check to see if there is a language - specific file available. If there is then use that, otherwise - just open the specified file -*/ -int web_open(const char *fname, int flags, mode_t mode) -{ - char *p = NULL; - char *lang = lang_tdb_current(); - int fd; - if (lang) { - if (asprintf(&p, "lang/%s/%s", lang, fname) != -1) { - fd = open(p, flags, mode); - free(p); - if (fd != -1) { - return fd; - } - } - } - - /* fall through to default name */ - return open(fname, flags, mode); -} - - -struct pri_list { - float pri; - char *string; -}; - -static int qsort_cmp_list(struct pri_list *a, struct pri_list *b) -{ - if (a->pri > b->pri) return -1; - if (a->pri < b->pri) return 1; - return 0; -} - -/* - choose from a list of languages. The list can be comma or space - separated - Keep choosing until we get a hit - Changed to habdle priority -- Simo -*/ - -void web_set_lang(const char *lang_string) -{ - char **lang_list, **count; - struct pri_list *pl; - int lang_num, i; - - /* build the lang list */ - lang_list = str_list_make_v3(talloc_tos(), lang_string, ", \t\r\n"); - if (!lang_list) return; - - /* sort the list by priority */ - lang_num = 0; - count = lang_list; - while (*count && **count) { - count++; - lang_num++; - } - pl = SMB_MALLOC_ARRAY(struct pri_list, lang_num); - if (!pl) { - return; - } - - for (i = 0; i < lang_num; i++) { - char *pri_code; - if ((pri_code=strstr(lang_list[i], ";q="))) { - *pri_code = '\0'; - pri_code += 3; - sscanf(pri_code, "%f", &(pl[i].pri)); - } else { - pl[i].pri = 1; - } - pl[i].string = SMB_STRDUP(lang_list[i]); - } - TALLOC_FREE(lang_list); - - TYPESAFE_QSORT(pl, lang_num, qsort_cmp_list); - - /* it's not an error to not initialise - we just fall back to - the default */ - - for (i = 0; i < lang_num; i++) { - if (lang_tdb_init(pl[i].string)) break; - } - - for (i = 0; i < lang_num; i++) { - SAFE_FREE(pl[i].string); - } - SAFE_FREE(pl); - - return; -} diff --git a/source3/web/startstop.c b/source3/web/startstop.c deleted file mode 100644 index ec8f802ae9..0000000000 --- a/source3/web/startstop.c +++ /dev/null @@ -1,130 +0,0 @@ -/* - Unix SMB/CIFS implementation. - start/stop nmbd and smbd - Copyright (C) Andrew Tridgell 1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . -*/ - -#include "includes.h" -#include "web/swat_proto.h" -#include "dynconfig/dynconfig.h" -#include "../lib/util/pidfile.h" - -/** Startup smbd from web interface. */ -void start_smbd(void) -{ - char *binfile = NULL; - - if (geteuid() != 0) { - return; - } - - if (fork()) { - return; - } - - if (asprintf(&binfile, "%s/smbd", get_dyn_SBINDIR()) > 0) { - become_daemon(true, false, false); - execl(binfile, binfile, "-D", NULL); - } - exit(0); -} - -/* startup nmbd */ -void start_nmbd(void) -{ - char *binfile = NULL; - - if (geteuid() != 0) { - return; - } - - if (fork()) { - return; - } - - if (asprintf(&binfile, "%s/nmbd", get_dyn_SBINDIR()) > 0) { - become_daemon(true, false, false); - execl(binfile, binfile, "-D", NULL); - } - exit(0); -} - -/** Startup winbindd from web interface. */ -void start_winbindd(void) -{ - char *binfile = NULL; - - if (geteuid() != 0) { - return; - } - - if (fork()) { - return; - } - - if (asprintf(&binfile, "%s/winbindd", get_dyn_SBINDIR()) > 0) { - become_daemon(true, false, false); - execl(binfile, binfile, NULL); - } - exit(0); -} - - -/* stop smbd */ -void stop_smbd(void) -{ - pid_t pid = pidfile_pid(lp_piddir(), "smbd"); - - if (geteuid() != 0) return; - - if (pid <= 0) return; - - kill(pid, SIGTERM); -} - -/* stop nmbd */ -void stop_nmbd(void) -{ - pid_t pid = pidfile_pid(lp_piddir(), "nmbd"); - - if (geteuid() != 0) return; - - if (pid <= 0) return; - - kill(pid, SIGTERM); -} -#ifdef WITH_WINBIND -/* stop winbindd */ -void stop_winbindd(void) -{ - pid_t pid = pidfile_pid(lp_piddir(), "winbindd"); - - if (geteuid() != 0) return; - - if (pid <= 0) return; - - kill(pid, SIGTERM); -} -#endif -/* kill a specified process */ -void kill_pid(struct server_id pid) -{ - if (geteuid() != 0) return; - - if (procid_to_pid(&pid) <= 0) return; - - kill(procid_to_pid(&pid), SIGTERM); -} diff --git a/source3/web/statuspage.c b/source3/web/statuspage.c deleted file mode 100644 index d257970643..0000000000 --- a/source3/web/statuspage.c +++ /dev/null @@ -1,467 +0,0 @@ -/* - Unix SMB/CIFS implementation. - web status page - Copyright (C) Andrew Tridgell 1997-1998 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . -*/ - -#include "includes.h" -#include "web/swat_proto.h" -#include "libcli/security/security.h" -#include "locking/proto.h" -#include "librpc/gen_ndr/open_files.h" -#include "lib/conn_tdb.h" -#include "../lib/util/pidfile.h" - -#define _(x) lang_msg_rotate(talloc_tos(),x) - -#define PIDMAP struct PidMap - -/* how long to wait for start/stops to take effect */ -#define SLEEP_TIME 3 - -PIDMAP { - PIDMAP *next, *prev; - struct server_id pid; - char *machine; -}; - -static PIDMAP *pidmap; -static int PID_or_Machine; /* 0 = show PID, else show Machine name */ - -static struct server_id smbd_pid; - -/* from 2nd call on, remove old list */ -static void initPid2Machine (void) -{ - /* show machine name rather PID on table "Open Files"? */ - if (PID_or_Machine) { - PIDMAP *p, *next; - - for (p = pidmap; p != NULL; p = next) { - next = p->next; - DLIST_REMOVE(pidmap, p); - SAFE_FREE(p->machine); - SAFE_FREE(p); - } - - pidmap = NULL; - } -} - -/* add new PID <-> Machine name mapping */ -static void addPid2Machine (struct server_id pid, const char *machine) -{ - /* show machine name rather PID on table "Open Files"? */ - if (PID_or_Machine) { - PIDMAP *newmap; - - if ((newmap = SMB_MALLOC_P(PIDMAP)) == NULL) { - /* XXX need error message for this? - if malloc fails, PID is always shown */ - return; - } - - newmap->pid = pid; - newmap->machine = SMB_STRDUP(machine); - - DLIST_ADD(pidmap, newmap); - } -} - -/* lookup PID <-> Machine name mapping */ -static char *mapPid2Machine (struct server_id pid) -{ - static char pidbuf [64]; - PIDMAP *map; - - /* show machine name rather PID on table "Open Files"? */ - if (PID_or_Machine) { - for (map = pidmap; map != NULL; map = map->next) { - if (serverid_equal(&pid, &map->pid)) { - if (map->machine == NULL) /* no machine name */ - break; /* show PID */ - - return map->machine; - } - } - } - - /* PID not in list or machine name NULL? return pid as string */ - snprintf (pidbuf, sizeof (pidbuf) - 1, "%s", - procid_str_static(&pid)); - return pidbuf; -} - -static const char *tstring(TALLOC_CTX *ctx, time_t t) -{ - char *buf; - buf = talloc_strdup(ctx, time_to_asc(t)); - if (!buf) { - return ""; - } - buf = talloc_all_string_sub(ctx, - buf, - " ", - " "); - if (!buf) { - return ""; - } - return buf; -} - -static void print_share_mode(const struct share_mode_entry *e, - const char *sharepath, - const char *fname, - void *dummy) -{ - char *utf8_fname; - char *utf8_sharepath; - int deny_mode; - size_t converted_size; - - if (!is_valid_share_mode_entry(e)) { - return; - } - - deny_mode = map_share_mode_to_deny_mode(e->share_access, - e->private_options); - - printf("%s",_(mapPid2Machine(e->pid))); - printf("%u",(unsigned int)e->uid); - printf(""); - switch ((deny_mode>>4)&0xF) { - case DENY_NONE: printf("DENY_NONE"); break; - case DENY_ALL: printf("DENY_ALL "); break; - case DENY_DOS: printf("DENY_DOS "); break; - case DENY_FCB: printf("DENY_FCB "); break; - case DENY_READ: printf("DENY_READ "); break; - case DENY_WRITE:printf("DENY_WRITE "); break; - } - printf(""); - - printf(""); - if (e->access_mask & (FILE_READ_DATA|FILE_WRITE_DATA)) { - printf("%s", _("RDWR ")); - } else if (e->access_mask & FILE_WRITE_DATA) { - printf("%s", _("WRONLY ")); - } else { - printf("%s", _("RDONLY ")); - } - printf(""); - - printf(""); - if((e->op_type & - (EXCLUSIVE_OPLOCK|BATCH_OPLOCK)) == - (EXCLUSIVE_OPLOCK|BATCH_OPLOCK)) - printf("EXCLUSIVE+BATCH "); - else if (e->op_type & EXCLUSIVE_OPLOCK) - printf("EXCLUSIVE "); - else if (e->op_type & BATCH_OPLOCK) - printf("BATCH "); - else if (e->op_type & LEVEL_II_OPLOCK) - printf("LEVEL_II "); - else - printf("NONE "); - printf(""); - - push_utf8_talloc(talloc_tos(), &utf8_fname, fname, &converted_size); - push_utf8_talloc(talloc_tos(), &utf8_sharepath, sharepath, - &converted_size); - printf("%s%s%s\n", - utf8_sharepath,utf8_fname,tstring(talloc_tos(),e->time.tv_sec)); - TALLOC_FREE(utf8_fname); -} - - -/* kill off any connections chosen by the user */ -static int traverse_fn1(const struct connections_key *key, - const struct connections_data *crec, - void *private_data) -{ - if (crec->cnum == TID_FIELD_INVALID && process_exists(crec->pid)) { - char buf[30]; - slprintf(buf,sizeof(buf)-1,"kill_%s", procid_str_static(&crec->pid)); - if (cgi_variable(buf)) { - kill_pid(crec->pid); - sleep(SLEEP_TIME); - } - } - return 0; -} - -/* traversal fn for showing machine connections */ -static int traverse_fn2(const struct connections_key *key, - const struct connections_data *crec, - void *private_data) -{ - if (crec->cnum == TID_FIELD_INVALID || !process_exists(crec->pid) || - serverid_equal(&crec->pid, &smbd_pid)) - return 0; - - addPid2Machine (crec->pid, crec->machine); - - printf("%s%s%s%s\n", - procid_str_static(&crec->pid), - crec->machine, crec->addr, - tstring(talloc_tos(),crec->start)); - if (geteuid() == 0) { - printf("\n", - procid_str_static(&crec->pid)); - } - printf("\n"); - - return 0; -} - -/* traversal fn for showing share connections */ -static int traverse_fn3(const struct connections_key *key, - const struct connections_data *crec, - void *private_data) -{ - if (crec->cnum == TID_FIELD_INVALID || !process_exists(crec->pid)) - return 0; - - printf("%s%s%s%s%s%s\n", - crec->servicename, uidtoname(crec->uid), - gidtoname(crec->gid),procid_str_static(&crec->pid), - crec->machine, - tstring(talloc_tos(),crec->start)); - return 0; -} - - -/* show the current server status */ -void status_page(void) -{ - const char *v; - int autorefresh=0; - int refresh_interval=30; - int nr_running=0; - bool waitup = False; - TALLOC_CTX *ctx = talloc_stackframe(); - const char form_name[] = "status"; - - smbd_pid = pid_to_procid(pidfile_pid(lp_piddir(), "smbd")); - - if (!verify_xsrf_token(form_name)) { - goto output_page; - } - - if (cgi_variable("smbd_restart") || cgi_variable("all_restart")) { - stop_smbd(); - start_smbd(); - waitup=True; - } - - if (cgi_variable("smbd_start") || cgi_variable("all_start")) { - start_smbd(); - waitup=True; - } - - if (cgi_variable("smbd_stop") || cgi_variable("all_stop")) { - stop_smbd(); - waitup=True; - } - - if (cgi_variable("nmbd_restart") || cgi_variable("all_restart")) { - stop_nmbd(); - start_nmbd(); - waitup=True; - } - if (cgi_variable("nmbd_start") || cgi_variable("all_start")) { - start_nmbd(); - waitup=True; - } - - if (cgi_variable("nmbd_stop")|| cgi_variable("all_stop")) { - stop_nmbd(); - waitup=True; - } - -#ifdef WITH_WINBIND - if (cgi_variable("winbindd_restart") || cgi_variable("all_restart")) { - stop_winbindd(); - start_winbindd(); - waitup=True; - } - - if (cgi_variable("winbindd_start") || cgi_variable("all_start")) { - start_winbindd(); - waitup=True; - } - - if (cgi_variable("winbindd_stop") || cgi_variable("all_stop")) { - stop_winbindd(); - waitup=True; - } -#endif - /* wait for daemons to start/stop */ - if (waitup) - sleep(SLEEP_TIME); - - if (cgi_variable("autorefresh")) { - autorefresh = 1; - } else if (cgi_variable("norefresh")) { - autorefresh = 0; - } else if (cgi_variable("refresh")) { - autorefresh = 1; - } - - if ((v=cgi_variable("refresh_interval"))) { - refresh_interval = atoi(v); - } - - if (cgi_variable("show_client_in_col_1")) { - PID_or_Machine = 1; - } - - if (cgi_variable("show_pid_in_col_1")) { - PID_or_Machine = 0; - } - - connections_forall_read(traverse_fn1, NULL); - - initPid2Machine (); - -output_page: - printf("

%s

\n", _("Server Status")); - - printf("
\n"); - print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name); - - if (!autorefresh) { - printf("\n", _("Auto Refresh")); - printf("
%s", _("Refresh Interval: ")); - printf("\n", - refresh_interval); - } else { - printf("\n", _("Stop Refreshing")); - printf("
%s%d\n", _("Refresh Interval: "), refresh_interval); - printf("\n"); - } - - printf("

\n"); - - printf("\n"); - - printf("", _("version:"), samba_version_string()); - - fflush(stdout); - printf("\n", _("smbd:"), smbd_running()?_("running"):_("not running")); - if (geteuid() == 0) { - if (smbd_running()) { - nr_running++; - printf("\n", _("Stop smbd")); - } else { - printf("\n", _("Start smbd")); - } - printf("\n", _("Restart smbd")); - } - printf("\n"); - - fflush(stdout); - printf("\n", _("nmbd:"), nmbd_running()?_("running"):_("not running")); - if (geteuid() == 0) { - if (nmbd_running()) { - nr_running++; - printf("\n", _("Stop nmbd")); - } else { - printf("\n", _("Start nmbd")); - } - printf("\n", _("Restart nmbd")); - } - printf("\n"); - -#ifdef WITH_WINBIND - fflush(stdout); - printf("\n", _("winbindd:"), winbindd_running()?_("running"):_("not running")); - if (geteuid() == 0) { - if (winbindd_running()) { - nr_running++; - printf("\n", _("Stop winbindd")); - } else { - printf("\n", _("Start winbindd")); - } - printf("\n", _("Restart winbindd")); - } - printf("\n"); -#endif - - if (geteuid() == 0) { - printf("\n"); - if (nr_running >= 1) { - /* stop, restart all */ - printf("\n", _("Stop All")); - printf("\n", _("Restart All")); - } - else if (nr_running == 0) { - /* start all */ - printf("\n", _("Start All")); - } - printf("\n"); - } - printf("
%s%s
%s%s
%s%s
%s%s
\n"); - fflush(stdout); - - printf("

%s

\n", _("Active Connections")); - printf("\n"); - printf("\n", _("PID"), _("Client"), _("IP address"), _("Date")); - if (geteuid() == 0) { - printf("\n", _("Kill")); - } - printf("\n"); - - connections_forall_read(traverse_fn2, NULL); - - printf("
%s%s%s%s%s

\n"); - - printf("

%s

\n", _("Active Shares")); - printf("\n"); - printf("\n\n", - _("Share"), _("User"), _("Group"), _("PID"), _("Client"), _("Date")); - - connections_forall_read(traverse_fn3, NULL); - - printf("
%s%s%s%s%s%s

\n"); - - printf("

%s

\n", _("Open Files")); - printf("\n"); - printf("\n", - _("PID"), _("UID"), _("Sharing"), _("R/W"), _("Oplock"), _("Share"), _("File"), _("Date")); - - locking_init_readonly(); - share_mode_forall(print_share_mode, NULL); - locking_end(); - printf("
%s%s%s%s%s%s%s%s
\n"); - - printf("
\n", _("Show Client in col 1")); - printf("\n", _("Show PID in col 1")); - - printf("
\n"); - - if (autorefresh) { - /* this little JavaScript allows for automatic refresh - of the page. There are other methods but this seems - to be the best alternative */ - printf("\n"); - } - TALLOC_FREE(ctx); -} diff --git a/source3/web/swat.c b/source3/web/swat.c index 90e4af9958..bbacdd15b3 100644 --- a/source3/web/swat.c +++ b/source3/web/swat.c @@ -1,4 +1,4 @@ -/* +/* Unix SMB/CIFS implementation. Samba Web Administration Tool Version 3.0.0 @@ -18,1650 +18,41 @@ You should have received a copy of the GNU General Public License along with this program. If not, see . */ - -/** - * @defgroup swat SWAT - Samba Web Administration Tool - * @{ - * @file swat.c - * - * @brief Samba Web Administration Tool. - **/ - -#include "includes.h" -#include "system/filesys.h" -#include "popt_common.h" -#include "web/swat_proto.h" -#include "printing/pcap.h" -#include "printing/load.h" -#include "passdb.h" -#include "intl/lang_tdb.h" -#include "../lib/crypto/md5.h" -#include "lib/param/loadparm.h" -#include "messages.h" - -static int demo_mode = False; -static int passwd_only = False; -static bool have_write_access = False; -static bool have_read_access = False; -static int iNumNonAutoPrintServices = 0; - /* - * Password Management Globals + * 1997 - 2013 SWAT + * R.I.P. :, + * Finally swatted, you will bug us no more. @,@ + * +#`@ + * @`:@ + * ,' :@ #' + * + @ @: @. + * @ + ,@ .@ + * ;` ; @; #+ + * @@` @ @ ;@ @` + * # :@ ' # @, ## + * @ +. # ` ## .@ + * # # ' ;@ @; + *, ' # + ,@` @@ + *' ` + : .@, #@ + *# `@@#. : ;@: '@ + *+. #` ,#@@@@@@@@@@@@@ #@` @@ + * .@@. @ `#@+,` `##@+ + .@@ `@# + * +@. @ ;@;. `:;# '`:+@ `@@, +@: + * :@,#, +`:;;;#.@@.:' :@@: '@# + * + ,: '+@@@@@@@@@+ ;@@+ '@@ + * .: :@@;. @: ;;+@@; ;@@' + * # ,#@', @# .`;#@ @ + * # .@ '' ; @ + * @ ,:@@@+;++..+,. @ + * @ @+;+@+@, . ;` @' + * @ : . @,'@ ' + * .@@+#+''''++#@@@+;., + * .@ @'. : :++@@# . + * + @:#@;'+@@@@@#; + * ` :@; .@ '# + * ,: ,# + * , +. + * , : + * ` + * + */ -#define SWAT_USER "username" -#define OLD_PSWD "old_passwd" -#define NEW_PSWD "new_passwd" -#define NEW2_PSWD "new2_passwd" -#define CHG_S_PASSWD_FLAG "chg_s_passwd_flag" -#define CHG_R_PASSWD_FLAG "chg_r_passwd_flag" -#define ADD_USER_FLAG "add_user_flag" -#define DELETE_USER_FLAG "delete_user_flag" -#define DISABLE_USER_FLAG "disable_user_flag" -#define ENABLE_USER_FLAG "enable_user_flag" -#define RHOST "remote_host" -#define XSRF_TOKEN "xsrf" -#define XSRF_TIME "xsrf_time" -#define XSRF_TIMEOUT 300 - -#define _(x) lang_msg_rotate(talloc_tos(),x) - -/**************************************************************************** -****************************************************************************/ -static int enum_index(int value, const struct enum_list *enumlist) -{ - int i; - for (i=0;enumlist[i].name;i++) - if (value == enumlist[i].value) break; - return(i); -} - -static char *fix_backslash(const char *str) -{ - static char newstring[1024]; - char *p = newstring; - - while (*str) { - if (*str == '\\') {*p++ = '\\';*p++ = '\\';} - else *p++ = *str; - ++str; - } - *p = '\0'; - return newstring; -} - -static const char *fix_quotes(TALLOC_CTX *ctx, char *str) -{ - char *newstring = NULL; - char *p = NULL; - size_t newstring_len; - int quote_len = strlen("""); - - /* Count the number of quotes. */ - newstring_len = 1; - p = (char *) str; - while (*p) { - if ( *p == '\"') { - newstring_len += quote_len; - } else { - newstring_len++; - } - ++p; - } - newstring = talloc_array(ctx, char, newstring_len); - if (!newstring) { - return ""; - } - for (p = newstring; *str; str++) { - if ( *str == '\"') { - strncpy( p, """, quote_len); - p += quote_len; - } else { - *p++ = *str; - } - } - *p = '\0'; - return newstring; -} - -static char *stripspaceupper(const char *str) -{ - static char newstring[1024]; - char *p = newstring; - - while (*str) { - if (*str != ' ') *p++ = toupper_m(*str); - ++str; - } - *p = '\0'; - return newstring; -} - -static char *make_parm_name(const char *label) -{ - static char parmname[1024]; - char *p = parmname; - - while (*label) { - if (*label == ' ') *p++ = '_'; - else *p++ = *label; - ++label; - } - *p = '\0'; - return parmname; -} - -void get_xsrf_token(const char *username, const char *pass, - const char *formname, time_t xsrf_time, char token_str[33]) -{ - struct MD5Context md5_ctx; - uint8_t token[16]; - int i; - - token_str[0] = '\0'; - ZERO_STRUCT(md5_ctx); - MD5Init(&md5_ctx); - - MD5Update(&md5_ctx, (uint8_t *)formname, strlen(formname)); - MD5Update(&md5_ctx, (uint8_t *)&xsrf_time, sizeof(time_t)); - if (username != NULL) { - MD5Update(&md5_ctx, (uint8_t *)username, strlen(username)); - } - if (pass != NULL) { - MD5Update(&md5_ctx, (uint8_t *)pass, strlen(pass)); - } - - MD5Final(token, &md5_ctx); - - for(i = 0; i < sizeof(token); i++) { - char tmp[3]; - - snprintf(tmp, sizeof(tmp), "%02x", token[i]); - /* FIXME ! Truncate check. JRA. */ - (void)strlcat(token_str, tmp, sizeof(tmp)); - } -} - -void print_xsrf_token(const char *username, const char *pass, - const char *formname) -{ - char token[33]; - time_t xsrf_time = time(NULL); - - get_xsrf_token(username, pass, formname, xsrf_time, token); - printf("\n", - XSRF_TOKEN, token); - printf("\n", - XSRF_TIME, (long long int)xsrf_time); -} - -bool verify_xsrf_token(const char *formname) -{ - char expected[33]; - const char *username = cgi_user_name(); - const char *pass = cgi_user_pass(); - const char *token = cgi_variable_nonull(XSRF_TOKEN); - const char *time_str = cgi_variable_nonull(XSRF_TIME); - char *p = NULL; - long long xsrf_time_ll = 0; - time_t xsrf_time = 0; - time_t now = time(NULL); - - errno = 0; - xsrf_time_ll = strtoll(time_str, &p, 10); - if (errno != 0) { - return false; - } - if (p == NULL) { - return false; - } - if (PTR_DIFF(p, time_str) > strlen(time_str)) { - return false; - } - if (xsrf_time_ll > _TYPE_MAXIMUM(time_t)) { - return false; - } - if (xsrf_time_ll < _TYPE_MINIMUM(time_t)) { - return false; - } - xsrf_time = xsrf_time_ll; - - if (abs(now - xsrf_time) > XSRF_TIMEOUT) { - return false; - } - - get_xsrf_token(username, pass, formname, xsrf_time, expected); - return (strncmp(expected, token, sizeof(expected)) == 0); -} - - -/**************************************************************************** - include a lump of html in a page -****************************************************************************/ -static int include_html(const char *fname) -{ - int fd; - char buf[1024]; - int ret; - - fd = web_open(fname, O_RDONLY, 0); - - if (fd == -1) { - printf(_("ERROR: Can't open %s"), fname); - printf("\n"); - return 0; - } - - while ((ret = read(fd, buf, sizeof(buf))) > 0) { - if (write(1, buf, ret) == -1) { - break; - } - } - - close(fd); - return 1; -} - -/**************************************************************************** - start the page with standard stuff -****************************************************************************/ -static void print_header(void) -{ - if (!cgi_waspost()) { - printf("Expires: 0\r\n"); - } - printf("Content-type: text/html\r\n\r\n"); - - if (!include_html("include/header.html")) { - printf("\n"); - printf("\n\nSamba Web Administration Tool\n\n\n\n"); - } -} - -/* ******************************************************************* - show parameter label with translated name in the following form - because showing original and translated label in one line looks - too long, and showing translated label only is unusable for - heavy users. - ------------------------------- - HELP security [combo box][button] - SECURITY - ------------------------------- - (capital words are translated by gettext.) - if no translation is available, then same form as original is - used. - "i18n_translated_parm" class is used to change the color of the - translated parameter with CSS. - **************************************************************** */ -static const char *get_parm_translated(TALLOC_CTX *ctx, - const char* pAnchor, const char* pHelp, const char* pLabel) -{ - const char *pTranslated = _(pLabel); - char *output; - if(strcmp(pLabel, pTranslated) != 0) { - output = talloc_asprintf(ctx, - " %s       %s
%s", - pAnchor, pHelp, pLabel, pTranslated); - return output; - } - output = talloc_asprintf(ctx, - " %s       %s", - pAnchor, pHelp, pLabel); - return output; -} -/**************************************************************************** - finish off the page -****************************************************************************/ -static void print_footer(void) -{ - if (!include_html("include/footer.html")) { - printf("\n\n\n"); - } -} - -/**************************************************************************** - display one editable parameter in a form -****************************************************************************/ -static void show_parameter(int snum, struct parm_struct *parm) -{ - int i; - void *ptr; - char *utf8_s1, *utf8_s2; - size_t converted_size; - TALLOC_CTX *ctx = talloc_stackframe(); - - if (parm->p_class == P_LOCAL && snum >= 0) { - ptr = lp_local_ptr_by_snum(snum, parm); - } else { - ptr = lp_parm_ptr(NULL, parm); - } - - printf("%s", get_parm_translated(ctx, - stripspaceupper(parm->label), _("Help"), parm->label)); - switch (parm->type) { - case P_CHAR: - printf("", - make_parm_name(parm->label), *(char *)ptr); - printf("", - _("Set Default"), make_parm_name(parm->label),(char)(parm->def.cvalue)); - break; - - case P_LIST: - printf("label)); - if ((char ***)ptr && *(char ***)ptr && **(char ***)ptr) { - char **list = *(char ***)ptr; - for (;*list;list++) { - /* enclose in HTML encoded quotes if the string contains a space */ - if ( strchr_m(*list, ' ') ) { - push_utf8_talloc(talloc_tos(), &utf8_s1, *list, &converted_size); - push_utf8_talloc(talloc_tos(), &utf8_s2, ((*(list+1))?", ":""), &converted_size); - printf(""%s"%s", utf8_s1, utf8_s2); - } else { - push_utf8_talloc(talloc_tos(), &utf8_s1, *list, &converted_size); - push_utf8_talloc(talloc_tos(), &utf8_s2, ((*(list+1))?", ":""), &converted_size); - printf("%s%s", utf8_s1, utf8_s2); - } - TALLOC_FREE(utf8_s1); - TALLOC_FREE(utf8_s2); - } - } - printf("\">"); - printf("label)); - if (parm->def.lvalue) { - char **list = (char **)(parm->def.lvalue); - for (; *list; list++) { - /* enclose in HTML encoded quotes if the string contains a space */ - if ( strchr_m(*list, ' ') ) - printf(""%s"%s", *list, ((*(list+1))?", ":"")); - else - printf("%s%s", *list, ((*(list+1))?", ":"")); - } - } - printf("\'\">"); - break; - - case P_STRING: - case P_USTRING: - push_utf8_talloc(talloc_tos(), &utf8_s1, *(char **)ptr, &converted_size); - printf("", - make_parm_name(parm->label), fix_quotes(ctx, utf8_s1)); - TALLOC_FREE(utf8_s1); - printf("", - _("Set Default"), make_parm_name(parm->label),fix_backslash((char *)(parm->def.svalue))); - break; - - case P_BOOL: - printf(""); - printf("", - _("Set Default"), make_parm_name(parm->label),(bool)(parm->def.bvalue)?0:1); - break; - - case P_BOOLREV: - printf(""); - printf("", - _("Set Default"), make_parm_name(parm->label),(bool)(parm->def.bvalue)?1:0); - break; - - case P_INTEGER: - case P_BYTES: - printf("", make_parm_name(parm->label), *(int *)ptr); - printf("", - _("Set Default"), make_parm_name(parm->label),(int)(parm->def.ivalue)); - break; - - case P_OCTAL: { - char *o; - o = octal_string(*(int *)ptr); - printf("", - make_parm_name(parm->label), o); - TALLOC_FREE(o); - o = octal_string((int)(parm->def.ivalue)); - printf("", - _("Set Default"), make_parm_name(parm->label), o); - TALLOC_FREE(o); - break; - } - - case P_ENUM: - printf(""); - printf("", - _("Set Default"), make_parm_name(parm->label),enum_index((int)(parm->def.ivalue),parm->enum_list)); - break; - case P_SEP: - break; - } - printf("\n"); - TALLOC_FREE(ctx); -} - -/**************************************************************************** - display a set of parameters for a service -****************************************************************************/ -static void show_parameters(int snum, int allparameters, unsigned int parm_filter, int printers) -{ - int i = 0; - struct parm_struct *parm; - const char *heading = NULL; - const char *last_heading = NULL; - - while ((parm = lp_next_parameter(snum, &i, allparameters))) { - if (snum < 0 && parm->p_class == P_LOCAL && !(parm->flags & FLAG_GLOBAL)) - continue; - if (parm->p_class == P_SEPARATOR) { - heading = parm->label; - continue; - } - if (parm->flags & FLAG_HIDE) continue; - if (snum >= 0) { - if (printers & !(parm->flags & FLAG_PRINT)) continue; - if (!printers & !(parm->flags & FLAG_SHARE)) continue; - } - - if (!( parm_filter & FLAG_ADVANCED )) { - if (!(parm->flags & FLAG_BASIC)) { - void *ptr; - if (parm->p_class == P_LOCAL && snum >= 0) { - ptr = lp_local_ptr_by_snum(snum, parm); - } else { - ptr = lp_parm_ptr(NULL, parm); - } - - switch (parm->type) { - case P_CHAR: - if (*(char *)ptr == (char)(parm->def.cvalue)) continue; - break; - - case P_LIST: - if (!str_list_equal(*(const char ***)ptr, - (const char **)(parm->def.lvalue))) continue; - break; - - case P_STRING: - case P_USTRING: - if (!strcmp(*(char **)ptr,(char *)(parm->def.svalue))) continue; - break; - - case P_BOOL: - case P_BOOLREV: - if (*(bool *)ptr == (bool)(parm->def.bvalue)) continue; - break; - - case P_INTEGER: - case P_BYTES: - case P_OCTAL: - if (*(int *)ptr == (int)(parm->def.ivalue)) continue; - break; - - - case P_ENUM: - if (*(int *)ptr == (int)(parm->def.ivalue)) continue; - break; - case P_SEP: - continue; - } - } - if (printers && !(parm->flags & FLAG_PRINT)) continue; - } - - if ((parm_filter & FLAG_WIZARD) && !(parm->flags & FLAG_WIZARD)) continue; - - if ((parm_filter & FLAG_ADVANCED) && !(parm->flags & FLAG_ADVANCED)) continue; - - if (heading && heading != last_heading) { - printf("%s\n", _(heading)); - last_heading = heading; - } - show_parameter(snum, parm); - } -} - -/**************************************************************************** - load the smb.conf file into loadparm. -****************************************************************************/ -static bool load_config(bool save_def) -{ - return lp_load(get_dyn_CONFIGFILE(),False,save_def,False,True); -} - -/**************************************************************************** - write a config file -****************************************************************************/ -static void write_config(FILE *f, bool show_defaults) -{ - TALLOC_CTX *ctx = talloc_stackframe(); - - fprintf(f, "# Samba config file created using SWAT\n"); - fprintf(f, "# from %s (%s)\n", cgi_remote_host(), cgi_remote_addr()); - fprintf(f, "# Date: %s\n\n", current_timestring(ctx, False)); - - lp_dump(f, show_defaults, iNumNonAutoPrintServices); - - TALLOC_FREE(ctx); -} - -/**************************************************************************** - save and reload the smb.conf config file -****************************************************************************/ -static int save_reload(int snum) -{ - FILE *f; - struct stat st; - - f = fopen(get_dyn_CONFIGFILE(),"w"); - if (!f) { - printf(_("failed to open %s for writing"), get_dyn_CONFIGFILE()); - printf("\n"); - return 0; - } - - /* just in case they have used the buggy xinetd to create the file */ - if (fstat(fileno(f), &st) == 0 && - (st.st_mode & S_IWOTH)) { -#if defined HAVE_FCHMOD - fchmod(fileno(f), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH); -#else - chmod(get_dyn_CONFIGFILE(), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH); -#endif - } - - write_config(f, False); - if (snum >= 0) - lp_dump_one(f, False, snum); - fclose(f); - - lp_kill_all_services(); - - if (!load_config(False)) { - printf(_("Can't reload %s"), get_dyn_CONFIGFILE()); - printf("\n"); - return 0; - } - iNumNonAutoPrintServices = lp_numservices(); - if (pcap_cache_loaded()) { - struct tevent_context *ev_ctx; - struct messaging_context *msg_ctx; - - ev_ctx = s3_tevent_context_init(NULL); - if (ev_ctx == NULL) { - printf("s3_tevent_context_init() failed\n"); - return 0; - } - msg_ctx = messaging_init(ev_ctx, ev_ctx); - if (msg_ctx == NULL) { - printf("messaging_init() failed\n"); - return 0; - } - - load_printers(ev_ctx, msg_ctx); - - talloc_free(ev_ctx); - } - - return 1; -} - -/**************************************************************************** - commit one parameter -****************************************************************************/ -static void commit_parameter(int snum, struct parm_struct *parm, const char *v) -{ - int i; - char *s; - - if (snum < 0 && parm->p_class == P_LOCAL) { - /* this handles the case where we are changing a local - variable globally. We need to change the parameter in - all shares where it is currently set to the default */ - for (i=0;ilabel, v); - } - } - } - - lp_do_parameter(snum, parm->label, v); -} - -/**************************************************************************** - commit a set of parameters for a service -****************************************************************************/ -static void commit_parameters(int snum) -{ - int i = 0; - struct parm_struct *parm; - char *label; - const char *v; - - while ((parm = lp_next_parameter(snum, &i, 1))) { - if (asprintf(&label, "parm_%s", make_parm_name(parm->label)) > 0) { - if ((v = cgi_variable(label)) != NULL) { - if (parm->flags & FLAG_HIDE) - continue; - commit_parameter(snum, parm, v); - } - SAFE_FREE(label); - } - } -} - -/**************************************************************************** - spit out the html for a link with an image -****************************************************************************/ -static void image_link(const char *name, const char *hlink, const char *src) -{ - printf("\"%s\"\n", - cgi_baseurl(), hlink, src, name); -} - -/**************************************************************************** - display the main navigation controls at the top of each page along - with a title -****************************************************************************/ -static void show_main_buttons(void) -{ - char *p; - - if ((p = cgi_user_name()) && strcmp(p, "root")) { - printf(_("Logged in as %s"), p); - printf("

\n"); - } - - image_link(_("Home"), "", "images/home.gif"); - if (have_write_access) { - image_link(_("Globals"), "globals", "images/globals.gif"); - image_link(_("Shares"), "shares", "images/shares.gif"); - image_link(_("Printers"), "printers", "images/printers.gif"); - image_link(_("Wizard"), "wizard", "images/wizard.gif"); - } - /* root always gets all buttons, otherwise look for -P */ - if ( have_write_access || (!passwd_only && have_read_access) ) { - image_link(_("Status"), "status", "images/status.gif"); - image_link(_("View Config"), "viewconfig", "images/viewconfig.gif"); - } - image_link(_("Password Management"), "passwd", "images/passwd.gif"); - - printf("

\n"); -} - -/**************************************************************************** - * Handle Display/Edit Mode CGI - ****************************************************************************/ -static void ViewModeBoxes(int mode) -{ - printf("

%s: \n", _("Current View Is")); - printf("%s\n", ((mode == 0) ? "checked" : ""), _("Basic")); - printf("%s\n", ((mode == 1) ? "checked" : ""), _("Advanced")); - printf("
%s: \n", _("Change View To")); - printf("\n", _("Basic")); - printf("\n", _("Advanced")); - printf("


\n"); -} - -/**************************************************************************** - display a welcome page -****************************************************************************/ -static void welcome_page(void) -{ - if (file_exist("help/welcome.html")) { - include_html("help/welcome.html"); - } else { - include_html("help/welcome-no-samba-doc.html"); - } -} - -/**************************************************************************** - display the current smb.conf -****************************************************************************/ -static void viewconfig_page(void) -{ - int full_view=0; - const char form_name[] = "viewconfig"; - - if (!verify_xsrf_token(form_name)) { - goto output_page; - } - - if (cgi_variable("full_view")) { - full_view = 1; - } - -output_page: - printf("

%s

\n", _("Current Config")); - printf("
\n"); - print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name); - - if (full_view) { - printf("\n", _("Normal View")); - } else { - printf("\n", _("Full View")); - } - - printf("

");
-	write_config(stdout, full_view);
-	printf("
"); - printf("
\n"); -} - -/**************************************************************************** - second screen of the wizard ... Fetch Configuration Parameters -****************************************************************************/ -static void wizard_params_page(void) -{ - unsigned int parm_filter = FLAG_WIZARD; - const char form_name[] = "wizard_params"; - - /* Here we first set and commit all the parameters that were selected - in the previous screen. */ - - printf("

%s

\n", _("Wizard Parameter Edit Page")); - - if (!verify_xsrf_token(form_name)) { - goto output_page; - } - - if (cgi_variable("Commit")) { - commit_parameters(GLOBAL_SECTION_SNUM); - save_reload(-1); - } - -output_page: - printf("
\n"); - print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name); - - if (have_write_access) { - printf("\n"); - } - - printf("\n"); - printf("

\n"); - - printf("\n"); - show_parameters(GLOBAL_SECTION_SNUM, 1, parm_filter, 0); - printf("
\n"); - printf("

\n"); -} - -/**************************************************************************** - Utility to just rewrite the smb.conf file - effectively just cleans it up -****************************************************************************/ -static void rewritecfg_file(void) -{ - commit_parameters(GLOBAL_SECTION_SNUM); - save_reload(-1); - printf("

%s

\n", _("Note: smb.conf file has been read and rewritten")); -} - -/**************************************************************************** - wizard to create/modify the smb.conf file -****************************************************************************/ -static void wizard_page(void) -{ - /* Set some variables to collect data from smb.conf */ - int role = 0; - int winstype = 0; - int have_home = -1; - int HomeExpo = 0; - int SerType = 0; - const char form_name[] = "wizard"; - - if (!verify_xsrf_token(form_name)) { - goto output_page; - } - - if (cgi_variable("Rewrite")) { - (void) rewritecfg_file(); - return; - } - - if (cgi_variable("GetWizardParams")){ - (void) wizard_params_page(); - return; - } - - if (cgi_variable("Commit")){ - SerType = atoi(cgi_variable_nonull("ServerType")); - winstype = atoi(cgi_variable_nonull("WINSType")); - have_home = lp_servicenumber(HOMES_NAME); - HomeExpo = atoi(cgi_variable_nonull("HomeExpo")); - - /* Plain text passwords are too badly broken - use encrypted passwords only */ - lp_do_parameter( GLOBAL_SECTION_SNUM, "encrypt passwords", "Yes"); - - switch ( SerType ){ - case 0: - /* Stand-alone Server */ - lp_do_parameter( GLOBAL_SECTION_SNUM, "security", "USER" ); - lp_do_parameter( GLOBAL_SECTION_SNUM, "domain logons", "No" ); - break; - case 1: - /* Domain Member */ - lp_do_parameter( GLOBAL_SECTION_SNUM, "security", "DOMAIN" ); - lp_do_parameter( GLOBAL_SECTION_SNUM, "domain logons", "No" ); - break; - case 2: - /* Domain Controller */ - lp_do_parameter( GLOBAL_SECTION_SNUM, "security", "USER" ); - lp_do_parameter( GLOBAL_SECTION_SNUM, "domain logons", "Yes" ); - break; - } - switch ( winstype ) { - case 0: - lp_do_parameter( GLOBAL_SECTION_SNUM, "wins support", "No" ); - lp_do_parameter( GLOBAL_SECTION_SNUM, "wins server", "" ); - break; - case 1: - lp_do_parameter( GLOBAL_SECTION_SNUM, "wins support", "Yes" ); - lp_do_parameter( GLOBAL_SECTION_SNUM, "wins server", "" ); - break; - case 2: - lp_do_parameter( GLOBAL_SECTION_SNUM, "wins support", "No" ); - lp_do_parameter( GLOBAL_SECTION_SNUM, "wins server", cgi_variable_nonull("WINSAddr")); - break; - } - - /* Have to create Homes share? */ - if ((HomeExpo == 1) && (have_home == -1)) { - const char *unix_share = HOMES_NAME; - - load_config(False); - lp_copy_service(GLOBAL_SECTION_SNUM, unix_share); - have_home = lp_servicenumber(HOMES_NAME); - lp_do_parameter( have_home, "read only", "No"); - lp_do_parameter( have_home, "valid users", "%S"); - lp_do_parameter( have_home, "browseable", "No"); - commit_parameters(have_home); - save_reload(have_home); - } - - /* Need to Delete Homes share? */ - if ((HomeExpo == 0) && (have_home != -1)) { - lp_remove_service(have_home); - have_home = -1; - } - - commit_parameters(GLOBAL_SECTION_SNUM); - save_reload(-1); - } - else - { - /* Now determine smb.conf WINS settings */ - if (lp_we_are_a_wins_server()) - winstype = 1; - if (lp_wins_server_list() && strlen(*lp_wins_server_list())) - winstype = 2; - - /* Do we have a homes share? */ - have_home = lp_servicenumber(HOMES_NAME); - } - if ((winstype == 2) && lp_we_are_a_wins_server()) - winstype = 3; - - role = lp_server_role(); - -output_page: - /* Here we go ... */ - printf("

%s

\n", _("Samba Configuration Wizard")); - printf("
\n"); - print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name); - - if (have_write_access) { - printf("%s\n", _("The \"Rewrite smb.conf file\" button will clear the smb.conf file of all default values and of comments.")); - printf("%s", _("The same will happen if you press the commit button.")); - printf("

\n"); - printf("
"); - printf("   ",_("Rewrite smb.conf file")); - printf("   ",_("Commit")); - printf("", _("Edit Parameter Values")); - printf("
\n"); - } - - printf("
"); - printf("
"); - printf("\n", _("Server Type")); - printf("", ((role == ROLE_STANDALONE) ? "checked" : ""), _("Stand Alone")); - printf("", ((role == ROLE_DOMAIN_MEMBER) ? "checked" : ""), _("Domain Member")); - printf("", ((role == ROLE_DOMAIN_PDC) ? "checked" : ""), _("Domain Controller")); - printf("\n"); - if (role == ROLE_DOMAIN_BDC) { - printf("\n", _("Unusual Type in smb.conf - Please Select New Mode")); - } - printf("\n", _("Configure WINS As")); - printf("", ((winstype == 0) ? "checked" : ""), _("Not Used")); - printf("", ((winstype == 1) ? "checked" : ""), _("Server for client use")); - printf("", ((winstype == 2) ? "checked" : ""), _("Client of another WINS server")); - printf("\n"); - printf("\n"); - if (winstype == 3) { - printf("\n", _("Error: WINS Server Mode and WINS Support both set in smb.conf")); - printf("\n", _("Please Select desired WINS mode above.")); - } - printf("\n", _("Expose Home Directories")); - printf("", (have_home == -1) ? "" : "checked "); - printf("", (have_home == -1 ) ? "checked" : ""); - printf("\n"); - - /* Enable this when we are ready .... - * printf("\n", _("Is Print Server")); - * printf(""); - * printf(""); - * printf("\n"); - */ - - printf("
%s:  %s  %s  %s 
%s
%s:  %s  %s  %s 
%s 
%s
%s
%s:  Yes No
%s:  Yes No
"); - printf("
"); - - printf("%s\n", _("The above configuration options will set multiple parameters and will generally assist with rapid Samba deployment.")); - printf("
\n"); -} - - -/**************************************************************************** - display a globals editing page -****************************************************************************/ -static void globals_page(void) -{ - unsigned int parm_filter = FLAG_BASIC; - int mode = 0; - const char form_name[] = "globals"; - - printf("

%s

\n", _("Global Parameters")); - - if (!verify_xsrf_token(form_name)) { - goto output_page; - } - - if (cgi_variable("Commit")) { - commit_parameters(GLOBAL_SECTION_SNUM); - save_reload(-1); - } - - if ( cgi_variable("ViewMode") ) - mode = atoi(cgi_variable_nonull("ViewMode")); - if ( cgi_variable("BasicMode")) - mode = 0; - if ( cgi_variable("AdvMode")) - mode = 1; - -output_page: - printf("
\n"); - print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name); - - ViewModeBoxes( mode ); - switch ( mode ) { - case 0: - parm_filter = FLAG_BASIC; - break; - case 1: - parm_filter = FLAG_ADVANCED; - break; - } - printf("
\n"); - if (have_write_access) { - printf("\n", - _("Commit Changes")); - } - - printf("\n", - _("Reset Values")); - - printf("

\n"); - printf("\n"); - show_parameters(GLOBAL_SECTION_SNUM, 1, parm_filter, 0); - printf("
\n"); - printf("

\n"); -} - -/**************************************************************************** - display a shares editing page. share is in unix codepage, -****************************************************************************/ -static void shares_page(void) -{ - const char *share = cgi_variable("share"); - char *s; - char *utf8_s; - int snum = -1; - int i; - int mode = 0; - unsigned int parm_filter = FLAG_BASIC; - size_t converted_size; - const char form_name[] = "shares"; - - printf("

%s

\n", _("Share Parameters")); - - if (!verify_xsrf_token(form_name)) { - goto output_page; - } - - if (share) - snum = lp_servicenumber(share); - - - if (cgi_variable("Commit") && snum >= 0) { - commit_parameters(snum); - save_reload(-1); - snum = lp_servicenumber(share); - } - - if (cgi_variable("Delete") && snum >= 0) { - lp_remove_service(snum); - save_reload(-1); - share = NULL; - snum = -1; - } - - if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) { - snum = lp_servicenumber(share); - if (snum < 0) { - load_config(False); - lp_copy_service(GLOBAL_SECTION_SNUM, share); - snum = lp_servicenumber(share); - save_reload(snum); - snum = lp_servicenumber(share); - } - } - - if ( cgi_variable("ViewMode") ) - mode = atoi(cgi_variable_nonull("ViewMode")); - if ( cgi_variable("BasicMode")) - mode = 0; - if ( cgi_variable("AdvMode")) - mode = 1; - -output_page: - printf("
\n"); - print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name); - - printf("\n"); - - ViewModeBoxes( mode ); - switch ( mode ) { - case 0: - parm_filter = FLAG_BASIC; - break; - case 1: - parm_filter = FLAG_ADVANCED; - break; - } - printf("
\n"); - printf("\n", _("Choose Share")); - printf("\n"); - if (have_write_access) { - printf("\n", _("Delete Share")); - } - printf("\n"); - printf("
"); - printf(""); - if (have_write_access) { - printf("\n"); - printf("\n", _("Create Share")); - printf("\n"); - } - printf("
"); - - - if (snum >= 0) { - if (have_write_access) { - printf("\n", _("Commit Changes")); - } - - printf("\n", _("Reset Values")); - printf("

\n"); - } - - if (snum >= 0) { - printf("\n"); - show_parameters(snum, 1, parm_filter, 0); - printf("
\n"); - } - - printf("

\n"); -} - -/************************************************************* -change a password either locally or remotely -*************************************************************/ -static bool change_password(const char *remote_machine, const char *user_name, - const char *old_passwd, const char *new_passwd, - int local_flags) -{ - NTSTATUS ret; - char *err_str = NULL; - char *msg_str = NULL; - - if (demo_mode) { - printf("%s\n

", _("password change in demo mode rejected")); - return False; - } - - if (remote_machine != NULL) { - ret = remote_password_change(remote_machine, user_name, - old_passwd, new_passwd, &err_str); - if (err_str != NULL) - printf("%s\n

", err_str); - SAFE_FREE(err_str); - return NT_STATUS_IS_OK(ret); - } - - if(!initialize_password_db(True, NULL)) { - printf("%s\n

", _("Can't setup password database vectors.")); - return False; - } - - ret = local_password_change(user_name, local_flags, new_passwd, - &err_str, &msg_str); - - if(msg_str) - printf("%s\n

", msg_str); - if(err_str) - printf("%s\n

", err_str); - - SAFE_FREE(msg_str); - SAFE_FREE(err_str); - return NT_STATUS_IS_OK(ret); -} - -/**************************************************************************** - do the stuff required to add or change a password -****************************************************************************/ -static void chg_passwd(void) -{ - const char *host; - bool rslt; - int local_flags = 0; - - /* Make sure users name has been specified */ - if (strlen(cgi_variable_nonull(SWAT_USER)) == 0) { - printf("

%s\n", _(" Must specify \"User Name\" ")); - return; - } - - /* - * smbpasswd doesn't require anything but the users name to delete, disable or enable the user, - * so if that's what we're doing, skip the rest of the checks - */ - if (!cgi_variable(DISABLE_USER_FLAG) && !cgi_variable(ENABLE_USER_FLAG) && !cgi_variable(DELETE_USER_FLAG)) { - - /* - * If current user is not root, make sure old password has been specified - * If REMOTE change, even root must provide old password - */ - if (((!am_root()) && (strlen( cgi_variable_nonull(OLD_PSWD)) <= 0)) || - ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable_nonull(OLD_PSWD)) <= 0))) { - printf("

%s\n", _(" Must specify \"Old Password\" ")); - return; - } - - /* If changing a users password on a remote hosts we have to know what host */ - if ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable_nonull(RHOST)) <= 0)) { - printf("

%s\n", _(" Must specify \"Remote Machine\" ")); - return; - } - - /* Make sure new passwords have been specified */ - if ((strlen( cgi_variable_nonull(NEW_PSWD)) <= 0) || - (strlen( cgi_variable_nonull(NEW2_PSWD)) <= 0)) { - printf("

%s\n", _(" Must specify \"New, and Re-typed Passwords\" ")); - return; - } - - /* Make sure new passwords was typed correctly twice */ - if (strcmp(cgi_variable_nonull(NEW_PSWD), cgi_variable_nonull(NEW2_PSWD)) != 0) { - printf("

%s\n", _(" Re-typed password didn't match new password ")); - return; - } - } - - if (cgi_variable(CHG_R_PASSWD_FLAG)) { - host = cgi_variable(RHOST); - } else if (am_root()) { - host = NULL; - } else { - host = "127.0.0.1"; - } - - /* - * Set up the local flags. - */ - - local_flags |= (cgi_variable(ADD_USER_FLAG) ? LOCAL_ADD_USER : 0); - local_flags |= (cgi_variable(ADD_USER_FLAG) ? LOCAL_SET_PASSWORD : 0); - local_flags |= (cgi_variable(CHG_S_PASSWD_FLAG) ? LOCAL_SET_PASSWORD : 0); - local_flags |= (cgi_variable(DELETE_USER_FLAG) ? LOCAL_DELETE_USER : 0); - local_flags |= (cgi_variable(ENABLE_USER_FLAG) ? LOCAL_ENABLE_USER : 0); - local_flags |= (cgi_variable(DISABLE_USER_FLAG) ? LOCAL_DISABLE_USER : 0); - - rslt = change_password(host, - cgi_variable_nonull(SWAT_USER), - cgi_variable_nonull(OLD_PSWD), cgi_variable_nonull(NEW_PSWD), - local_flags); - - if(cgi_variable(CHG_S_PASSWD_FLAG)) { - printf("

"); - if (rslt == True) { - printf("%s\n", _(" The passwd has been changed.")); - } else { - printf("%s\n", _(" The passwd has NOT been changed.")); - } - } - - return; -} - -/**************************************************************************** - display a password editing page -****************************************************************************/ -static void passwd_page(void) -{ - const char *new_name = cgi_user_name(); - const char passwd_form[] = "passwd"; - const char rpasswd_form[] = "rpasswd"; - - if (!new_name) new_name = ""; - - printf("

%s

\n", _("Server Password Management")); - - printf("
\n"); - print_xsrf_token(cgi_user_name(), cgi_user_pass(), passwd_form); - - printf("\n"); - - /* - * Create all the dialog boxes for data collection - */ - printf("\n", _("User Name")); - printf(" \n", SWAT_USER, new_name); - if (!am_root()) { - printf("\n", _("Old Password")); - printf(" \n",OLD_PSWD); - } - printf("\n", _("New Password")); - printf("\n",NEW_PSWD); - printf("\n", _("Re-type New Password")); - printf("\n",NEW2_PSWD); - printf("
%s :
%s :
%s :
%s :
\n"); - - /* - * Create all the control buttons for requesting action - */ - printf("\n", - CHG_S_PASSWD_FLAG, _("Change Password")); - if (demo_mode || am_root()) { - printf("\n", - ADD_USER_FLAG, _("Add New User")); - printf("\n", - DELETE_USER_FLAG, _("Delete User")); - printf("\n", - DISABLE_USER_FLAG, _("Disable User")); - printf("\n", - ENABLE_USER_FLAG, _("Enable User")); - } - printf("

\n"); - - /* - * Do some work if change, add, disable or enable was - * requested. It could be this is the first time through this - * code, so there isn't anything to do. */ - if (verify_xsrf_token(passwd_form) && - ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) || - (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG)))) { - chg_passwd(); - } - - printf("

%s

\n", _("Client/Server Password Management")); - - printf("
\n"); - print_xsrf_token(cgi_user_name(), cgi_user_pass(), rpasswd_form); - - printf("\n"); - - /* - * Create all the dialog boxes for data collection - */ - printf("\n", _("User Name")); - printf("\n",SWAT_USER, new_name); - printf("\n", _("Old Password")); - printf("\n",OLD_PSWD); - printf("\n", _("New Password")); - printf("\n",NEW_PSWD); - printf("\n", _("Re-type New Password")); - printf("\n",NEW2_PSWD); - printf("\n", _("Remote Machine")); - printf("\n",RHOST); - - printf("
%s :
%s :
%s :
%s :
%s :
"); - - /* - * Create all the control buttons for requesting action - */ - printf("", - CHG_R_PASSWD_FLAG, _("Change Password")); - - printf("

\n"); - - /* - * Do some work if a request has been made to change the - * password somewhere other than the server. It could be this - * is the first time through this code, so there isn't - * anything to do. */ - if (verify_xsrf_token(passwd_form) && cgi_variable(CHG_R_PASSWD_FLAG)) { - chg_passwd(); - } - -} - -/**************************************************************************** - display a printers editing page -****************************************************************************/ -static void printers_page(void) -{ - const char *share = cgi_variable("share"); - char *s; - int snum=-1; - int i; - int mode = 0; - unsigned int parm_filter = FLAG_BASIC; - const char form_name[] = "printers"; - - if (!verify_xsrf_token(form_name)) { - goto output_page; - } - - if (share) - snum = lp_servicenumber(share); - - if (cgi_variable("Commit") && snum >= 0) { - commit_parameters(snum); - if (snum >= iNumNonAutoPrintServices) - save_reload(snum); - else - save_reload(-1); - snum = lp_servicenumber(share); - } - - if (cgi_variable("Delete") && snum >= 0) { - lp_remove_service(snum); - save_reload(-1); - share = NULL; - snum = -1; - } - - if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) { - snum = lp_servicenumber(share); - if (snum < 0 || snum >= iNumNonAutoPrintServices) { - load_config(False); - lp_copy_service(GLOBAL_SECTION_SNUM, share); - snum = lp_servicenumber(share); - lp_do_parameter(snum, "print ok", "Yes"); - save_reload(snum); - snum = lp_servicenumber(share); - } - } - - if ( cgi_variable("ViewMode") ) - mode = atoi(cgi_variable_nonull("ViewMode")); - if ( cgi_variable("BasicMode")) - mode = 0; - if ( cgi_variable("AdvMode")) - mode = 1; - -output_page: - printf("

%s

\n", _("Printer Parameters")); - - printf("

%s

\n", _("Important Note:")); - printf("%s",_("Printer names marked with [*] in the Choose Printer drop-down box ")); - printf("%s",_("are autoloaded printers from ")); - printf("%s\n", _("Printcap Name")); - printf("%s\n", _("Attempting to delete these printers from SWAT will have no effect.")); - - - printf("
\n"); - print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name); - - ViewModeBoxes( mode ); - switch ( mode ) { - case 0: - parm_filter = FLAG_BASIC; - break; - case 1: - parm_filter = FLAG_ADVANCED; - break; - } - printf("\n"); - printf("\n", _("Choose Printer")); - printf(""); - if (have_write_access) { - printf("\n", _("Delete Printer")); - } - printf(""); - printf("
\n"); - - if (have_write_access) { - printf("\n"); - printf("\n", _("Create Printer")); - printf("\n"); - printf("
"); - } - - - if (snum >= 0) { - if (have_write_access) { - printf("\n", _("Commit Changes")); - } - printf("\n", _("Reset Values")); - printf("

\n"); - } - - if (snum >= 0) { - printf("\n"); - show_parameters(snum, 1, parm_filter, 1); - printf("
\n"); - } - printf("

\n"); -} - -/* - when the _() translation macro is used there is no obvious place to free - the resulting string and there is no easy way to give a static pointer. - All we can do is rotate between some static buffers and hope a single d_printf() - doesn't have more calls to _() than the number of buffers -*/ - -const char *lang_msg_rotate(TALLOC_CTX *ctx, const char *msgid) -{ - const char *msgstr; - const char *ret; - - msgstr = lang_msg(msgid); - if (!msgstr) { - return msgid; - } - - ret = talloc_strdup(ctx, msgstr); - - lang_msg_free(msgstr); - if (!ret) { - return msgid; - } - - return ret; -} - -/** - * main function for SWAT. - **/ - int main(int argc, char *argv[]) -{ - const char *page; - poptContext pc; - struct poptOption long_options[] = { - POPT_AUTOHELP - { "disable-authentication", 'a', POPT_ARG_VAL, &demo_mode, True, "Disable authentication (demo mode)" }, - { "password-menu-only", 'P', POPT_ARG_VAL, &passwd_only, True, "Show only change password menu" }, - POPT_COMMON_SAMBA - POPT_TABLEEND - }; - TALLOC_CTX *frame = talloc_stackframe(); - - fault_setup(); - umask(S_IWGRP | S_IWOTH); - -#if defined(HAVE_SET_AUTH_PARAMETERS) - set_auth_parameters(argc, argv); -#endif /* HAVE_SET_AUTH_PARAMETERS */ - - /* just in case it goes wild ... */ - alarm(300); - - setlinebuf(stdout); - - /* we don't want any SIGPIPE messages */ - BlockSignals(True,SIGPIPE); - - debug_set_logfile("/dev/null"); - - /* we don't want stderr screwing us up */ - close(2); - open("/dev/null", O_WRONLY); - setup_logging("swat", DEBUG_FILE); - - load_case_tables(); - - pc = poptGetContext("swat", argc, (const char **) argv, long_options, 0); - - /* Parse command line options */ - - while(poptGetNextOpt(pc) != -1) { } - - poptFreeContext(pc); - - /* This should set a more apporiate log file */ - load_config(True); - reopen_logs(); - load_interfaces(); - iNumNonAutoPrintServices = lp_numservices(); - if (pcap_cache_loaded()) { - struct tevent_context *ev_ctx; - struct messaging_context *msg_ctx; - - ev_ctx = s3_tevent_context_init(NULL); - if (ev_ctx == NULL) { - printf("s3_tevent_context_init() failed\n"); - return 0; - } - msg_ctx = messaging_init(ev_ctx, ev_ctx); - if (msg_ctx == NULL) { - printf("messaging_init() failed\n"); - return 0; - } - - load_printers(ev_ctx, msg_ctx); - - talloc_free(ev_ctx); - } - - cgi_setup(get_dyn_SWATDIR(), !demo_mode); - - print_header(); - - cgi_load_variables(); - - if (!file_exist(get_dyn_CONFIGFILE())) { - have_read_access = True; - have_write_access = True; - } else { - /* check if the authenticated user has write access - if not then - don't show write options */ - have_write_access = (access(get_dyn_CONFIGFILE(),W_OK) == 0); - - /* if the user doesn't have read access to smb.conf then - don't let them view it */ - have_read_access = (access(get_dyn_CONFIGFILE(),R_OK) == 0); - } - - show_main_buttons(); - - page = cgi_pathinfo(); - - /* Root gets full functionality */ - if (have_read_access && strcmp(page, "globals")==0) { - globals_page(); - } else if (have_read_access && strcmp(page,"shares")==0) { - shares_page(); - } else if (have_read_access && strcmp(page,"printers")==0) { - printers_page(); - } else if (have_read_access && strcmp(page,"status")==0) { - status_page(); - } else if (have_read_access && strcmp(page,"viewconfig")==0) { - viewconfig_page(); - } else if (strcmp(page,"passwd")==0) { - passwd_page(); - } else if (have_read_access && strcmp(page,"wizard")==0) { - wizard_page(); - } else if (have_read_access && strcmp(page,"wizard_params")==0) { - wizard_params_page(); - } else if (have_read_access && strcmp(page,"rewritecfg")==0) { - rewritecfg_file(); - } else { - welcome_page(); - } - - print_footer(); - - TALLOC_FREE(frame); - return 0; -} - -/** @} **/ diff --git a/source3/web/swat_proto.h b/source3/web/swat_proto.h deleted file mode 100644 index 424a3af545..0000000000 --- a/source3/web/swat_proto.h +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Unix SMB/CIFS implementation. - * collected prototypes header - * - * frozen from "make proto" in May 2008 - * - * Copyright (C) Michael Adam 2008 - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, see . - */ - -#ifndef _SWAT_PROTO_H_ -#define _SWAT_PROTO_H_ - - -/* The following definitions come from web/cgi.c */ - -void cgi_load_variables(void); -const char *cgi_variable(const char *name); -const char *cgi_variable_nonull(const char *name); -bool am_root(void); -char *cgi_user_name(void); -char *cgi_user_pass(void); -void cgi_setup(const char *rootdir, int auth_required); -const char *cgi_baseurl(void); -const char *cgi_pathinfo(void); -const char *cgi_remote_host(void); -const char *cgi_remote_addr(void); -bool cgi_waspost(void); - -/* The following definitions come from web/diagnose.c */ - -bool winbindd_running(void); -bool nmbd_running(void); -bool smbd_running(void); - -/* The following definitions come from web/neg_lang.c */ - -int web_open(const char *fname, int flags, mode_t mode); -void web_set_lang(const char *lang_string); - -/* The following definitions come from web/startstop.c */ - -void start_smbd(void); -void start_nmbd(void); -void start_winbindd(void); -void stop_smbd(void); -void stop_nmbd(void); -void stop_winbindd(void); -void kill_pid(struct server_id pid); - -/* The following definitions come from web/statuspage.c */ - -void status_page(void); - -/* The following definitions come from web/swat.c */ - -const char *lang_msg_rotate(TALLOC_CTX *ctx, const char *msgid); -void get_xsrf_token(const char *username, const char *pass, - const char *formname, time_t xsrf_time, char token_str[33]); -void print_xsrf_token(const char *username, const char *pass, - const char *formname); -bool verify_xsrf_token(const char *formname); - -#endif /* _SWAT_PROTO_H_ */ -- cgit