From ef2e26c91b80556af033d3335e55f5dfa6fff31d Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Wed, 13 Aug 2003 01:53:07 +0000 Subject: first public release of samba4 code (This used to be commit b0510b5428b3461aeb9bbe3cc95f62fc73e2b97f) --- source4/web/.cvsignore | 1 + source4/web/cgi.c | 604 +++++++++++++++++++++ source4/web/diagnose.c | 83 +++ source4/web/neg_lang.c | 117 ++++ source4/web/startstop.c | 137 +++++ source4/web/statuspage.c | 406 ++++++++++++++ source4/web/swat.c | 1344 ++++++++++++++++++++++++++++++++++++++++++++++ 7 files changed, 2692 insertions(+) create mode 100644 source4/web/.cvsignore create mode 100644 source4/web/cgi.c create mode 100644 source4/web/diagnose.c create mode 100644 source4/web/neg_lang.c create mode 100644 source4/web/startstop.c create mode 100644 source4/web/statuspage.c create mode 100644 source4/web/swat.c (limited to 'source4/web') diff --git a/source4/web/.cvsignore b/source4/web/.cvsignore new file mode 100644 index 0000000000..ed29eafc6b --- /dev/null +++ b/source4/web/.cvsignore @@ -0,0 +1 @@ +swat_proto.h \ No newline at end of file diff --git a/source4/web/cgi.c b/source4/web/cgi.c new file mode 100644 index 0000000000..212c2884b6 --- /dev/null +++ b/source4/web/cgi.c @@ -0,0 +1,604 @@ +/* + some simple CGI helper routines + Copyright (C) Andrew Tridgell 1997-1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + + +#include "includes.h" +#include "../web/swat_proto.h" + +#define MAX_VARIABLES 10000 + +/* set the expiry on fixed pages */ +#define EXPIRY_TIME (60*60*24*7) + +#ifdef DEBUG_COMMENTS +extern void print_title(char *fmt, ...); +#endif + +struct var { + char *name; + char *value; +}; + +static struct var variables[MAX_VARIABLES]; +static int num_variables; +static int content_length; +static int request_post; +static char *query_string; +static const char *baseurl; +static char *pathinfo; +static char *C_user; +static BOOL inetd_server; +static BOOL got_request; + +static char *grab_line(FILE *f, int *cl) +{ + char *ret = NULL; + int i = 0; + int len = 0; + + while ((*cl)) { + int c; + + if (i == len) { + char *ret2; + if (len == 0) len = 1024; + else len *= 2; + ret2 = (char *)Realloc(ret, len); + if (!ret2) return ret; + ret = ret2; + } + + c = fgetc(f); + (*cl)--; + + if (c == EOF) { + (*cl) = 0; + break; + } + + if (c == '\r') continue; + + if (strchr_m("\n&", c)) break; + + ret[i++] = c; + + } + + + ret[i] = 0; + return ret; +} + +/*************************************************************************** + load all the variables passed to the CGI program. May have multiple variables + with the same name and the same or different values. Takes a file parameter + for simulating CGI invocation eg loading saved preferences. + ***************************************************************************/ +void cgi_load_variables(void) +{ + static char *line; + char *p, *s, *tok; + int len, i; + FILE *f = stdin; + +#ifdef DEBUG_COMMENTS + char dummy[100]=""; + print_title(dummy); + d_printf("\n",__FILE__); +#endif + + if (!content_length) { + p = getenv("CONTENT_LENGTH"); + len = p?atoi(p):0; + } else { + len = content_length; + } + + + if (len > 0 && + (request_post || + ((s=getenv("REQUEST_METHOD")) && + strcasecmp(s,"POST")==0))) { + while (len && (line=grab_line(f, &len))) { + p = strchr_m(line,'='); + if (!p) continue; + + *p = 0; + + variables[num_variables].name = strdup(line); + variables[num_variables].value = strdup(p+1); + + SAFE_FREE(line); + + if (!variables[num_variables].name || + !variables[num_variables].value) + continue; + + rfc1738_unescape(variables[num_variables].value); + rfc1738_unescape(variables[num_variables].name); + +#ifdef DEBUG_COMMENTS + printf("\n", + variables[num_variables].name, + variables[num_variables].value); +#endif + + num_variables++; + if (num_variables == MAX_VARIABLES) break; + } + } + + fclose(stdin); + open("/dev/null", O_RDWR); + + if ((s=query_string) || (s=getenv("QUERY_STRING"))) { + for (tok=strtok(s,"&;");tok;tok=strtok(NULL,"&;")) { + p = strchr_m(tok,'='); + if (!p) continue; + + *p = 0; + + variables[num_variables].name = strdup(tok); + variables[num_variables].value = strdup(p+1); + + if (!variables[num_variables].name || + !variables[num_variables].value) + continue; + + rfc1738_unescape(variables[num_variables].value); + rfc1738_unescape(variables[num_variables].name); + +#ifdef DEBUG_COMMENTS + printf("\n", + variables[num_variables].name, + variables[num_variables].value); +#endif + num_variables++; + if (num_variables == MAX_VARIABLES) break; + } + + } +#ifdef DEBUG_COMMENTS + printf("\n"); +#endif + + /* variables from the client are in display charset - convert them + to our internal charset before use */ + for (i=0;i%s

%s

%s

\r\n\r\n", err, header, err, err, info); + fclose(stdin); + fclose(stdout); + exit(0); +} + + +/*************************************************************************** +tell a browser about a fatal authentication error + ***************************************************************************/ +static void cgi_auth_error(void) +{ + if (inetd_server) { + cgi_setup_error("401 Authorization Required", + "WWW-Authenticate: Basic realm=\"SWAT\"\r\n", + "You must be authenticated to use this service"); + } else { + printf("Content-Type: text/html\r\n"); + + printf("\r\nSWAT\n"); + printf("

Installation Error

\n"); + printf("SWAT must be installed via inetd. It cannot be run as a CGI script

\n"); + printf("\r\n"); + } + exit(0); +} + +/*************************************************************************** +authenticate when we are running as a CGI + ***************************************************************************/ +static void cgi_web_auth(void) +{ + const char *user = getenv("REMOTE_USER"); + struct passwd *pwd; + const char *head = "Content-Type: text/html\r\n\r\n

SWAT installation Error

\n"; + const char *tail = "\r\n"; + + if (!user) { + printf("%sREMOTE_USER not set. Not authenticated by web server.
%s\n", + head, tail); + exit(0); + } + + pwd = getpwnam_alloc(user); + if (!pwd) { + printf("%sCannot find user %s
%s\n", head, user, tail); + exit(0); + } + + setuid(0); + setuid(pwd->pw_uid); + if (geteuid() != pwd->pw_uid || getuid() != pwd->pw_uid) { + printf("%sFailed to become user %s - uid=%d/%d
%s\n", + head, user, (int)geteuid(), (int)getuid(), tail); + exit(0); + } + passwd_free(&pwd); +} + + +/*************************************************************************** +handle a http authentication line + ***************************************************************************/ +static BOOL cgi_handle_authorization(char *line) +{ + char *p; + fstring user, user_pass; + struct passwd *pass = NULL; + + if (strncasecmp(line,"Basic ", 6)) { + goto err; + } + line += 6; + while (line[0] == ' ') line++; + base64_decode_inplace(line); + if (!(p=strchr_m(line,':'))) { + /* + * Always give the same error so a cracker + * cannot tell why we fail. + */ + goto err; + } + *p = 0; + + convert_string(CH_DISPLAY, CH_UNIX, + line, -1, + user, sizeof(user)); + + convert_string(CH_DISPLAY, CH_UNIX, + p+1, -1, + user_pass, sizeof(user_pass)); + + /* + * Try and get the user from the UNIX password file. + */ + + pass = getpwnam_alloc(user); + + /* + * Validate the password they have given. + */ + + if NT_STATUS_IS_OK(pass_check(pass, user, user_pass, + strlen(user_pass), NULL, False)) { + + if (pass) { + /* + * Password was ok. + */ + + become_user_permanently(pass->pw_uid, pass->pw_gid); + + /* Save the users name */ + C_user = strdup(user); + passwd_free(&pass); + return True; + } + } + +err: + cgi_setup_error("401 Bad Authorization", "", + "username or password incorrect"); + + passwd_free(&pass); + return False; +} + +/*************************************************************************** +is this root? + ***************************************************************************/ +BOOL am_root(void) +{ + if (geteuid() == 0) { + return( True); + } else { + return( False); + } +} + +/*************************************************************************** +return a ptr to the users name + ***************************************************************************/ +char *cgi_user_name(void) +{ + return(C_user); +} + + +/*************************************************************************** +handle a file download + ***************************************************************************/ +static void cgi_download(char *file) +{ + SMB_STRUCT_STAT st; + char buf[1024]; + int fd, l, i; + char *p; + char *lang; + + /* sanitise the filename */ + for (i=0;file[i];i++) { + if (!isalnum((int)file[i]) && !strchr_m("/.-_", file[i])) { + cgi_setup_error("404 File Not Found","", + "Illegal character in filename"); + } + } + + if (!file_exist(file, &st)) { + cgi_setup_error("404 File Not Found","", + "The requested file was not found"); + } + + fd = web_open(file,O_RDONLY,0); + if (fd == -1) { + cgi_setup_error("404 File Not Found","", + "The requested file was not found"); + } + printf("HTTP/1.0 200 OK\r\n"); + if ((p=strrchr_m(file,'.'))) { + if (strcmp(p,".gif")==0) { + printf("Content-Type: image/gif\r\n"); + } else if (strcmp(p,".jpg")==0) { + printf("Content-Type: image/jpeg\r\n"); + } else if (strcmp(p,".txt")==0) { + printf("Content-Type: text/plain\r\n"); + } else { + printf("Content-Type: text/html\r\n"); + } + } + printf("Expires: %s\r\n", http_timestring(time(NULL)+EXPIRY_TIME)); + + lang = lang_tdb_current(); + if (lang) { + printf("Content-Language: %s\r\n", lang); + } + + printf("Content-Length: %d\r\n\r\n", (int)st.st_size); + while ((l=read(fd,buf,sizeof(buf)))>0) { + fwrite(buf, 1, l, stdout); + } + close(fd); + exit(0); +} + + + + +/** + * @brief Setup the CGI framework. + * + * Setup the cgi framework, handling the possibility that this program + * is either run as a true CGI program with a gateway to a web server, or + * is itself a mini web server. + **/ +void cgi_setup(const char *rootdir, int auth_required) +{ + BOOL authenticated = False; + char line[1024]; + char *url=NULL; + char *p; + char *lang; + + if (chdir(rootdir)) { + cgi_setup_error("500 Server Error", "", + "chdir failed - the server is not configured correctly"); + } + + /* Handle the possibility we might be running as non-root */ + sec_init(); + + if ((lang=getenv("HTTP_ACCEPT_LANGUAGE"))) { + /* if running as a cgi program */ + web_set_lang(lang); + } + + /* maybe we are running under a web server */ + if (getenv("CONTENT_LENGTH") || getenv("REQUEST_METHOD")) { + if (auth_required) { + cgi_web_auth(); + } + return; + } + + inetd_server = True; + + if (!check_access(1, lp_hostsallow(-1), lp_hostsdeny(-1))) { + cgi_setup_error("403 Forbidden", "", + "Samba is configured to deny access from this client\n
Check your \"hosts allow\" and \"hosts deny\" options in smb.conf "); + } + + /* we are a mini-web server. We need to read the request from stdin + and handle authentication etc */ + while (fgets(line, sizeof(line)-1, stdin)) { + if (line[0] == '\r' || line[0] == '\n') break; + if (strncasecmp(line,"GET ", 4)==0) { + got_request = True; + url = strdup(&line[4]); + } else if (strncasecmp(line,"POST ", 5)==0) { + got_request = True; + request_post = 1; + url = strdup(&line[5]); + } else if (strncasecmp(line,"PUT ", 4)==0) { + got_request = True; + cgi_setup_error("400 Bad Request", "", + "This server does not accept PUT requests"); + } else if (strncasecmp(line,"Authorization: ", 15)==0) { + authenticated = cgi_handle_authorization(&line[15]); + } else if (strncasecmp(line,"Content-Length: ", 16)==0) { + content_length = atoi(&line[16]); + } else if (strncasecmp(line,"Accept-Language: ", 17)==0) { + web_set_lang(&line[17]); + } + /* ignore all other requests! */ + } + + if (auth_required && !authenticated) { + cgi_auth_error(); + } + + if (!url) { + cgi_setup_error("400 Bad Request", "", + "You must specify a GET or POST request"); + } + + /* trim the URL */ + if ((p = strchr_m(url,' ')) || (p=strchr_m(url,'\t'))) { + *p = 0; + } + while (*url && strchr_m("\r\n",url[strlen(url)-1])) { + url[strlen(url)-1] = 0; + } + + /* anything following a ? in the URL is part of the query string */ + if ((p=strchr_m(url,'?'))) { + query_string = p+1; + *p = 0; + } + + string_sub(url, "/swat/", "", 0); + + if (url[0] != '/' && strstr(url,"..")==0 && file_exist(url, NULL)) { + cgi_download(url); + } + + printf("HTTP/1.0 200 OK\r\nConnection: close\r\n"); + printf("Date: %s\r\n", http_timestring(time(NULL))); + baseurl = ""; + pathinfo = url+1; +} + + +/*************************************************************************** +return the current pages URL + ***************************************************************************/ +const char *cgi_baseurl(void) +{ + if (inetd_server) { + return baseurl; + } + return getenv("SCRIPT_NAME"); +} + +/*************************************************************************** +return the current pages path info + ***************************************************************************/ +const char *cgi_pathinfo(void) +{ + char *r; + if (inetd_server) { + return pathinfo; + } + r = getenv("PATH_INFO"); + if (!r) return ""; + if (*r == '/') r++; + return r; +} + +/*************************************************************************** +return the hostname of the client + ***************************************************************************/ +char *cgi_remote_host(void) +{ + if (inetd_server) { + return get_socket_name(1,False); + } + return getenv("REMOTE_HOST"); +} + +/*************************************************************************** +return the hostname of the client + ***************************************************************************/ +char *cgi_remote_addr(void) +{ + if (inetd_server) { + return get_socket_addr(1); + } + return getenv("REMOTE_ADDR"); +} + + +/*************************************************************************** +return True if the request was a POST + ***************************************************************************/ +BOOL cgi_waspost(void) +{ + if (inetd_server) { + return request_post; + } + return strequal(getenv("REQUEST_METHOD"), "POST"); +} diff --git a/source4/web/diagnose.c b/source4/web/diagnose.c new file mode 100644 index 0000000000..f9a70d1505 --- /dev/null +++ b/source4/web/diagnose.c @@ -0,0 +1,83 @@ +/* + Unix SMB/CIFS implementation. + diagnosis tools for web admin + Copyright (C) Andrew Tridgell 1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" +#include "../web/swat_proto.h" + +#ifdef WITH_WINBIND + +NSS_STATUS winbindd_request(int req_type, + struct winbindd_request *request, + struct winbindd_response *response); + +/* check to see if winbind is running by pinging it */ + +BOOL winbindd_running(void) +{ + + if (winbindd_request(WINBINDD_PING, NULL, NULL)) + return False; + + return True; +} +#endif + +/* check to see if nmbd is running on localhost by looking for a __SAMBA__ + response */ +BOOL nmbd_running(void) +{ + extern struct in_addr loopback_ip; + int fd, count, flags; + struct in_addr *ip_list; + + if ((fd = open_socket_in(SOCK_DGRAM, 0, 3, + interpret_addr("127.0.0.1"), True)) != -1) { + if ((ip_list = name_query(fd, "__SAMBA__", 0, + True, True, loopback_ip, + &count, &flags, NULL)) != NULL) { + SAFE_FREE(ip_list); + close(fd); + return True; + } + close (fd); + } + + return False; +} + + +/* check to see if smbd is running on localhost by trying to open a connection + then closing it */ +BOOL smbd_running(void) +{ + static struct cli_state cli; + extern struct in_addr loopback_ip; + + if (!cli_initialise(&cli)) + return False; + + if (!cli_connect(&cli, lp_netbios_name(), &loopback_ip)) { + cli_shutdown(&cli); + return False; + } + + cli_shutdown(&cli); + return True; +} diff --git a/source4/web/neg_lang.c b/source4/web/neg_lang.c new file mode 100644 index 0000000000..da974f78a4 --- /dev/null +++ b/source4/web/neg_lang.c @@ -0,0 +1,117 @@ +/* + Unix SMB/CIFS implementation. + SWAT language handling + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + + Created by Ryo Kawahara +*/ + +#include "includes.h" +#include "../web/swat_proto.h" + +/* + during a file download we first check to see if there is a language + specific file available. If there is then use that, otherwise + just open the specified file +*/ +int web_open(const char *fname, int flags, mode_t mode) +{ + char *p = NULL; + char *lang = lang_tdb_current(); + int fd; + if (lang) { + asprintf(&p, "lang/%s/%s", lang, fname); + if (p) { + fd = sys_open(p, flags, mode); + free(p); + if (fd != -1) { + return fd; + } + } + } + + /* fall through to default name */ + return sys_open(fname, flags, mode); +} + + +struct pri_list { + float pri; + char *string; +}; + +static int qsort_cmp_list(const void *x, const void *y) { + struct pri_list *a = (struct pri_list *)x; + struct pri_list *b = (struct pri_list *)y; + if (a->pri > b->pri) return -1; + if (a->pri == b->pri) return 0; + return 1; +} + +/* + choose from a list of languages. The list can be comma or space + separated + Keep choosing until we get a hit + Changed to habdle priority -- Simo +*/ + +void web_set_lang(const char *lang_string) +{ + char **lang_list, **count; + struct pri_list *pl; + int lang_num, i; + + /* build the lang list */ + lang_list = str_list_make(lang_string, ", \t\r\n"); + if (!lang_list) return; + + /* sort the list by priority */ + lang_num = 0; + count = lang_list; + while (*count && **count) { + count++; + lang_num++; + } + pl = (struct pri_list *)malloc(sizeof(struct pri_list) * lang_num); + for (i = 0; i < lang_num; i++) { + char *pri_code; + if ((pri_code=strstr(lang_list[i], ";q="))) { + *pri_code = '\0'; + pri_code += 3; + sscanf(pri_code, "%f", &(pl[i].pri)); + } else { + pl[i].pri = 1; + } + pl[i].string = strdup(lang_list[i]); + } + str_list_free(&lang_list); + + qsort(pl, lang_num, sizeof(struct pri_list), &qsort_cmp_list); + + /* it's not an error to not initialise - we just fall back to + the default */ + + for (i = 0; i < lang_num; i++) { + if (lang_tdb_init(pl[i].string)) break; + } + + for (i = 0; i < lang_num; i++) { + SAFE_FREE(pl[i].string); + } + SAFE_FREE(pl); + + return; +} diff --git a/source4/web/startstop.c b/source4/web/startstop.c new file mode 100644 index 0000000000..c6babff954 --- /dev/null +++ b/source4/web/startstop.c @@ -0,0 +1,137 @@ +/* + Unix SMB/CIFS implementation. + start/stop nmbd and smbd + Copyright (C) Andrew Tridgell 1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" +#include "../web/swat_proto.h" +#include "dynconfig.h" + +/** Need to wait for daemons to startup */ +#define SLEEP_TIME 3 + +/** Startup smbd from web interface. */ +void start_smbd(void) +{ + pstring binfile; + + if (geteuid() != 0) return; + + if (fork()) { + sleep(SLEEP_TIME); + return; + } + + slprintf(binfile, sizeof(pstring) - 1, "%s/smbd", dyn_SBINDIR); + + become_daemon(True); + + execl(binfile, binfile, "-D", NULL); + + exit(0); +} + +/* startup nmbd */ +void start_nmbd(void) +{ + pstring binfile; + + if (geteuid() != 0) return; + + if (fork()) { + sleep(SLEEP_TIME); + return; + } + + slprintf(binfile, sizeof(pstring) - 1, "%s/nmbd", dyn_SBINDIR); + + become_daemon(True); + + execl(binfile, binfile, "-D", NULL); + + exit(0); +} + +/** Startup winbindd from web interface. */ +void start_winbindd(void) +{ + pstring binfile; + + if (geteuid() != 0) return; + + if (fork()) { + sleep(SLEEP_TIME); + return; + } + + slprintf(binfile, sizeof(pstring) - 1, "%s/winbindd", dyn_SBINDIR); + + become_daemon(True); + + execl(binfile, binfile, NULL); + + exit(0); +} + + +/* stop smbd */ +void stop_smbd(void) +{ + pid_t pid = pidfile_pid("smbd"); + + if (geteuid() != 0) return; + + if (pid <= 0) return; + + kill(pid, SIGTERM); +} + +/* stop nmbd */ +void stop_nmbd(void) +{ + pid_t pid = pidfile_pid("nmbd"); + + if (geteuid() != 0) return; + + if (pid <= 0) return; + + kill(pid, SIGTERM); +} +#ifdef WITH_WINBIND +/* stop winbindd */ +void stop_winbindd(void) +{ + pid_t pid = pidfile_pid("winbindd"); + + if (geteuid() != 0) return; + + if (pid <= 0) return; + + kill(pid, SIGTERM); +} +#endif +/* kill a specified process */ +void kill_pid(pid_t pid) +{ + if (geteuid() != 0) return; + + if (pid <= 0) return; + + kill(pid, SIGTERM); + sleep(SLEEP_TIME); +} diff --git a/source4/web/statuspage.c b/source4/web/statuspage.c new file mode 100644 index 0000000000..5dadb99125 --- /dev/null +++ b/source4/web/statuspage.c @@ -0,0 +1,406 @@ +/* + Unix SMB/CIFS implementation. + web status page + Copyright (C) Andrew Tridgell 1997-1998 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" +#include "../web/swat_proto.h" + +#define PIDMAP struct PidMap + +PIDMAP { + PIDMAP *next, *prev; + pid_t pid; + char *machine; +}; + +static PIDMAP *pidmap; +static int PID_or_Machine; /* 0 = show PID, else show Machine name */ + +static pid_t smbd_pid; + +/* from 2nd call on, remove old list */ +static void initPid2Machine (void) +{ + /* show machine name rather PID on table "Open Files"? */ + if (PID_or_Machine) { + PIDMAP *p; + + for (p = pidmap; p != NULL; ) { + DLIST_REMOVE(pidmap, p); + SAFE_FREE(p->machine); + SAFE_FREE(p); + } + + pidmap = NULL; + } +} + +/* add new PID <-> Machine name mapping */ +static void addPid2Machine (pid_t pid, char *machine) +{ + /* show machine name rather PID on table "Open Files"? */ + if (PID_or_Machine) { + PIDMAP *newmap; + + if ((newmap = (PIDMAP *) malloc (sizeof (PIDMAP))) == NULL) { + /* XXX need error message for this? + if malloc fails, PID is always shown */ + return; + } + + newmap->pid = pid; + newmap->machine = strdup (machine); + + DLIST_ADD(pidmap, newmap); + } +} + +/* lookup PID <-> Machine name mapping */ +static char *mapPid2Machine (pid_t pid) +{ + static char pidbuf [64]; + PIDMAP *map; + + /* show machine name rather PID on table "Open Files"? */ + if (PID_or_Machine) { + for (map = pidmap; map != NULL; map = map->next) { + if (pid == map->pid) { + if (map->machine == NULL) /* no machine name */ + break; /* show PID */ + + return map->machine; + } + } + } + + /* PID not in list or machine name NULL? return pid as string */ + snprintf (pidbuf, sizeof (pidbuf) - 1, "%d", pid); + return pidbuf; +} + +static char *tstring(time_t t) +{ + static pstring buf; + pstrcpy(buf, asctime(LocalTime(&t))); + all_string_sub(buf," "," ",sizeof(buf)); + return buf; +} + +static void print_share_mode(share_mode_entry *e, char *fname) +{ + d_printf("%s",_(mapPid2Machine(e->pid))); + d_printf(""); + switch ((e->share_mode>>4)&0xF) { + case DENY_NONE: d_printf("DENY_NONE"); break; + case DENY_ALL: d_printf("DENY_ALL "); break; + case DENY_DOS: d_printf("DENY_DOS "); break; + case DENY_READ: d_printf("DENY_READ "); break; + case DENY_WRITE:d_printf("DENY_WRITE "); break; + } + d_printf(""); + + d_printf(""); + switch (e->share_mode&0xF) { + case 0: d_printf("RDONLY "); break; + case 1: d_printf("WRONLY "); break; + case 2: d_printf("RDWR "); break; + } + d_printf(""); + + d_printf(""); + if((e->op_type & + (EXCLUSIVE_OPLOCK|BATCH_OPLOCK)) == + (EXCLUSIVE_OPLOCK|BATCH_OPLOCK)) + d_printf("EXCLUSIVE+BATCH "); + else if (e->op_type & EXCLUSIVE_OPLOCK) + d_printf("EXCLUSIVE "); + else if (e->op_type & BATCH_OPLOCK) + d_printf("BATCH "); + else if (e->op_type & LEVEL_II_OPLOCK) + d_printf("LEVEL_II "); + else + d_printf("NONE "); + d_printf(""); + + d_printf("%s%s\n", + fname,tstring(e->time.tv_sec)); +} + + +/* kill off any connections chosen by the user */ +static int traverse_fn1(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, void* state) +{ + struct connections_data crec; + + if (dbuf.dsize != sizeof(crec)) + return 0; + + memcpy(&crec, dbuf.dptr, sizeof(crec)); + + if (crec.cnum == -1 && process_exists(crec.pid)) { + char buf[30]; + slprintf(buf,sizeof(buf)-1,"kill_%d", (int)crec.pid); + if (cgi_variable(buf)) { + kill_pid(crec.pid); + } + } + return 0; +} + +/* traversal fn for showing machine connections */ +static int traverse_fn2(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, void* state) +{ + struct connections_data crec; + + if (dbuf.dsize != sizeof(crec)) + return 0; + + memcpy(&crec, dbuf.dptr, sizeof(crec)); + + if (crec.cnum != -1 || !process_exists(crec.pid) || (crec.pid == smbd_pid)) + return 0; + + addPid2Machine (crec.pid, crec.machine); + + d_printf("%d%s%s%s\n", + (int)crec.pid, + crec.machine,crec.addr, + tstring(crec.start)); + if (geteuid() == 0) { + d_printf("\n", + (int)crec.pid); + } + d_printf("\n"); + + return 0; +} + +/* traversal fn for showing share connections */ +static int traverse_fn3(TDB_CONTEXT *tdb, TDB_DATA kbuf, TDB_DATA dbuf, void* state) +{ + struct connections_data crec; + TALLOC_CTX *mem_ctx; + + if (dbuf.dsize != sizeof(crec)) + return 0; + + memcpy(&crec, dbuf.dptr, sizeof(crec)); + + if (crec.cnum == -1 || !process_exists(crec.pid)) + return 0; + + mem_ctx = talloc_init("smbgroupedit talloc"); + if (!mem_ctx) return -1; + d_printf("%s%s%s%d%s%s\n", + crec.name,uidtoname(crec.uid), + gidtoname(mem_ctx, crec.gid),(int)crec.pid, + crec.machine, + tstring(crec.start)); + talloc_destroy(mem_ctx); + return 0; +} + + +/* show the current server status */ +void status_page(void) +{ + const char *v; + int autorefresh=0; + int refresh_interval=30; + TDB_CONTEXT *tdb; + + smbd_pid = pidfile_pid("smbd"); + + if (cgi_variable("smbd_restart")) { + stop_smbd(); + start_smbd(); + } + + if (cgi_variable("smbd_start")) { + start_smbd(); + } + + if (cgi_variable("smbd_stop")) { + stop_smbd(); + } + + if (cgi_variable("nmbd_restart")) { + stop_nmbd(); + start_nmbd(); + } + if (cgi_variable("nmbd_start")) { + start_nmbd(); + } + + if (cgi_variable("nmbd_stop")) { + stop_nmbd(); + } + +#ifdef WITH_WINBIND + if (cgi_variable("winbindd_restart")) { + stop_winbindd(); + start_winbindd(); + } + + if (cgi_variable("winbindd_start")) { + start_winbindd(); + } + + if (cgi_variable("winbindd_stop")) { + stop_winbindd(); + } +#endif + if (cgi_variable("autorefresh")) { + autorefresh = 1; + } else if (cgi_variable("norefresh")) { + autorefresh = 0; + } else if (cgi_variable("refresh")) { + autorefresh = 1; + } + + if ((v=cgi_variable("refresh_interval"))) { + refresh_interval = atoi(v); + } + + if (cgi_variable("show_client_in_col_1")) { + PID_or_Machine = 1; + } + + tdb = tdb_open_log(lock_path("connections.tdb"), 0, TDB_DEFAULT, O_RDONLY, 0); + if (tdb) tdb_traverse(tdb, traverse_fn1, NULL); + + initPid2Machine (); + + d_printf("

%s

\n", _("Server Status")); + + d_printf("
\n"); + + if (!autorefresh) { + d_printf("\n", _("Auto Refresh")); + d_printf("
%s", _("Refresh Interval: ")); + d_printf("\n", + refresh_interval); + } else { + d_printf("\n", _("Stop Refreshing")); + d_printf("
%s%d\n", _("Refresh Interval: "), refresh_interval); + d_printf("\n"); + } + + d_printf("

\n"); + + if (!tdb) { + /* open failure either means no connections have been + made */ + } + + + d_printf("\n"); + + d_printf("", _("version:"), VERSION); + + fflush(stdout); + d_printf("\n", _("smbd:"), smbd_running()?_("running"):_("not running")); + if (geteuid() == 0) { + if (smbd_running()) { + d_printf("\n", _("Stop smbd")); + } else { + d_printf("\n", _("Start smbd")); + } + d_printf("\n", _("Restart smbd")); + } + d_printf("\n"); + + fflush(stdout); + d_printf("\n", _("nmbd:"), nmbd_running()?_("running"):_("not running")); + if (geteuid() == 0) { + if (nmbd_running()) { + d_printf("\n", _("Stop nmbd")); + } else { + d_printf("\n", _("Start nmbd")); + } + d_printf("\n", _("Restart nmbd")); + } + d_printf("\n"); + +#ifdef WITH_WINBIND + fflush(stdout); + d_printf("\n", _("winbindd:"), winbindd_running()?_("running"):_("not running")); + if (geteuid() == 0) { + if (winbindd_running()) { + d_printf("\n", _("Stop winbindd")); + } else { + d_printf("\n", _("Start winbindd")); + } + d_printf("\n", _("Restart winbindd")); + } + d_printf("\n"); +#endif + + d_printf("
%s%s
%s%s
%s%s
%s%s
\n"); + fflush(stdout); + + d_printf("

%s

\n", _("Active Connections")); + d_printf("\n"); + d_printf("\n", _("PID"), _("Client"), _("IP address"), _("Date")); + if (geteuid() == 0) { + d_printf("\n", _("Kill")); + } + d_printf("\n"); + + if (tdb) tdb_traverse(tdb, traverse_fn2, NULL); + + d_printf("
%s%s%s%s%s

\n"); + + d_printf("

%s

\n", _("Active Shares")); + d_printf("\n"); + d_printf("\n\n", + _("Share"), _("User"), _("Group"), _("PID"), _("Client"), _("Date")); + + if (tdb) tdb_traverse(tdb, traverse_fn3, NULL); + + d_printf("
%s%s%s%s%s%s

\n"); + + d_printf("

%s

\n", _("Open Files")); + d_printf("\n"); + d_printf("\n", _("PID"), _("Sharing"), _("R/W"), _("Oplock"), _("File"), _("Date")); + + locking_init(1); + share_mode_forall(print_share_mode); + locking_end(); + d_printf("
%s%s%s%s%s%s
\n"); + + if (tdb) tdb_close(tdb); + + d_printf("
\n"); + d_printf("\n"); + + d_printf("
\n"); + + if (autorefresh) { + /* this little JavaScript allows for automatic refresh + of the page. There are other methods but this seems + to be the best alternative */ + d_printf("\n"); + } +} diff --git a/source4/web/swat.c b/source4/web/swat.c new file mode 100644 index 0000000000..db48cbbb54 --- /dev/null +++ b/source4/web/swat.c @@ -0,0 +1,1344 @@ +/* + Unix SMB/CIFS implementation. + Samba Web Administration Tool + Version 3.0.0 + Copyright (C) Andrew Tridgell 1997-2002 + Copyright (C) John H Terpstra 2002 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +/** + * @defgroup swat SWAT - Samba Web Administration Tool + * @{ + * @file swat.c + * + * @brief Samba Web Administration Tool. + **/ + +#include "includes.h" +#include "../web/swat_proto.h" + +#define GLOBALS_SNUM -1 + +static BOOL demo_mode = False; +static BOOL have_write_access = False; +static BOOL have_read_access = False; +static int iNumNonAutoPrintServices = 0; + +/* + * Password Management Globals + */ +#define SWAT_USER "username" +#define OLD_PSWD "old_passwd" +#define NEW_PSWD "new_passwd" +#define NEW2_PSWD "new2_passwd" +#define CHG_S_PASSWD_FLAG "chg_s_passwd_flag" +#define CHG_R_PASSWD_FLAG "chg_r_passwd_flag" +#define ADD_USER_FLAG "add_user_flag" +#define DELETE_USER_FLAG "delete_user_flag" +#define DISABLE_USER_FLAG "disable_user_flag" +#define ENABLE_USER_FLAG "enable_user_flag" +#define RHOST "remote_host" + +/* we need these because we link to locking*.o */ + void become_root(void) {} + void unbecome_root(void) {} + +/**************************************************************************** +****************************************************************************/ +static int enum_index(int value, const struct enum_list *enumlist) +{ + int i; + for (i=0;enumlist[i].name;i++) + if (value == enumlist[i].value) break; + return(i); +} + +static char *fix_backslash(const char *str) +{ + static char newstring[1024]; + char *p = newstring; + + while (*str) { + if (*str == '\\') {*p++ = '\\';*p++ = '\\';} + else *p++ = *str; + ++str; + } + *p = '\0'; + return newstring; +} + +static char *stripspaceupper(const char *str) +{ + static char newstring[1024]; + char *p = newstring; + + while (*str) { + if (*str != ' ') *p++ = toupper(*str); + ++str; + } + *p = '\0'; + return newstring; +} + +static char *make_parm_name(const char *label) +{ + static char parmname[1024]; + char *p = parmname; + + while (*label) { + if (*label == ' ') *p++ = '_'; + else *p++ = *label; + ++label; + } + *p = '\0'; + return parmname; +} + +/**************************************************************************** + include a lump of html in a page +****************************************************************************/ +static int include_html(const char *fname) +{ + int fd; + char buf[1024]; + int ret; + + fd = web_open(fname, O_RDONLY, 0); + + if (fd == -1) { + d_printf("ERROR: Can't open %s\n", fname); + return 0; + } + + while ((ret = read(fd, buf, sizeof(buf))) > 0) { + write(1, buf, ret); + } + + close(fd); + return 1; +} + +/**************************************************************************** + start the page with standard stuff +****************************************************************************/ +static void print_header(void) +{ + if (!cgi_waspost()) { + d_printf("Expires: 0\r\n"); + } + d_printf("Content-type: text/html\r\n\r\n"); + + if (!include_html("include/header.html")) { + d_printf("\n"); + d_printf("\n\nSamba Web Administration Tool\n\n\n\n"); + } +} + +/* ******************************************************************* + show parameter label with translated name in the following form + because showing original and translated label in one line looks + too long, and showing translated label only is unusable for + heavy users. + ------------------------------- + HELP security [combo box][button] + SECURITY + ------------------------------- + (capital words are translated by gettext.) + if no translation is available, then same form as original is + used. + "i18n_translated_parm" class is used to change the color of the + translated parameter with CSS. + **************************************************************** */ +static const char* get_parm_translated( + const char* pAnchor, const char* pHelp, const char* pLabel) +{ + const char* pTranslated = _(pLabel); + static pstring output; + if(strcmp(pLabel, pTranslated) != 0) + { + snprintf(output, sizeof(output), + " %s       %s
%s", + pAnchor, pHelp, pLabel, pTranslated); + return output; + } + snprintf(output, sizeof(output), + " %s       %s", + pAnchor, pHelp, pLabel); + return output; +} +/**************************************************************************** + finish off the page +****************************************************************************/ +static void print_footer(void) +{ + if (!include_html("include/footer.html")) { + d_printf("\n\n\n"); + } +} + +/**************************************************************************** + display one editable parameter in a form +****************************************************************************/ +static void show_parameter(int snum, struct parm_struct *parm) +{ + int i; + void *ptr = parm->ptr; + + if (parm->class == P_LOCAL && snum >= 0) { + ptr = lp_local_ptr(snum, ptr); + } + + printf("%s", get_parm_translated(stripspaceupper(parm->label), _("Help"), parm->label)); + switch (parm->type) { + case P_CHAR: + d_printf("", + make_parm_name(parm->label), *(char *)ptr); + d_printf("", + _("Set Default"), make_parm_name(parm->label),(char)(parm->def.cvalue)); + break; + + case P_LIST: + d_printf("label)); + if ((char ***)ptr && *(char ***)ptr && **(char ***)ptr) { + char **list = *(char ***)ptr; + for (;*list;list++) { + d_printf("%s%s", *list, ((*(list+1))?" ":"")); + } + } + d_printf("\">"); + d_printf("label)); + if (parm->def.lvalue) { + char **list = (char **)(parm->def.lvalue); + for (; *list; list++) { + d_printf("%s%s", *list, ((*(list+1))?" ":"")); + } + } + d_printf("\'\">"); + break; + + case P_STRING: + case P_USTRING: + d_printf("", + make_parm_name(parm->label), *(char **)ptr); + d_printf("", + _("Set Default"), make_parm_name(parm->label),fix_backslash((char *)(parm->def.svalue))); + break; + + case P_BOOL: + d_printf(""); + d_printf("", + _("Set Default"), make_parm_name(parm->label),(BOOL)(parm->def.bvalue)?0:1); + break; + + case P_BOOLREV: + d_printf(""); + d_printf("", + _("Set Default"), make_parm_name(parm->label),(BOOL)(parm->def.bvalue)?1:0); + break; + + case P_INTEGER: + d_printf("", make_parm_name(parm->label), *(int *)ptr); + d_printf("", + _("Set Default"), make_parm_name(parm->label),(int)(parm->def.ivalue)); + break; + + case P_OCTAL: + d_printf("", make_parm_name(parm->label), octal_string(*(int *)ptr)); + d_printf("", + _("Set Default"), make_parm_name(parm->label), + octal_string((int)(parm->def.ivalue))); + break; + + case P_ENUM: + d_printf(""); + d_printf("", + _("Set Default"), make_parm_name(parm->label),enum_index((int)(parm->def.ivalue),parm->enum_list)); + break; + case P_SEP: + break; + } + d_printf("\n"); +} + +/**************************************************************************** + display a set of parameters for a service +****************************************************************************/ +static void show_parameters(int snum, int allparameters, unsigned int parm_filter, int printers) +{ + int i = 0; + struct parm_struct *parm; + const char *heading = NULL; + const char *last_heading = NULL; + + while ((parm = lp_next_parameter(snum, &i, allparameters))) { + if (snum < 0 && parm->class == P_LOCAL && !(parm->flags & FLAG_GLOBAL)) + continue; + if (parm->class == P_SEPARATOR) { + heading = parm->label; + continue; + } + if (parm->flags & FLAG_HIDE) continue; + if (snum >= 0) { + if (printers & !(parm->flags & FLAG_PRINT)) continue; + if (!printers & !(parm->flags & FLAG_SHARE)) continue; + } + if (parm_filter == FLAG_BASIC) { + if (!(parm->flags & FLAG_BASIC)) { + void *ptr = parm->ptr; + + if (parm->class == P_LOCAL && snum >= 0) { + ptr = lp_local_ptr(snum, ptr); + } + + switch (parm->type) { + case P_CHAR: + if (*(char *)ptr == (char)(parm->def.cvalue)) continue; + break; + + case P_LIST: + if (!str_list_compare(*(char ***)ptr, (char **)(parm->def.lvalue))) continue; + break; + + case P_STRING: + case P_USTRING: + if (!strcmp(*(char **)ptr,(char *)(parm->def.svalue))) continue; + break; + + case P_BOOL: + case P_BOOLREV: + if (*(BOOL *)ptr == (BOOL)(parm->def.bvalue)) continue; + break; + + case P_INTEGER: + case P_OCTAL: + if (*(int *)ptr == (int)(parm->def.ivalue)) continue; + break; + + + case P_ENUM: + if (*(int *)ptr == (int)(parm->def.ivalue)) continue; + break; + case P_SEP: + continue; + } + } + if (printers && !(parm->flags & FLAG_PRINT)) continue; + } + if (parm_filter == FLAG_WIZARD) { + if (!((parm->flags & FLAG_WIZARD))) continue; + } + if (parm_filter == FLAG_ADVANCED) { + if (!((parm->flags & FLAG_ADVANCED))) continue; + } + if (heading && heading != last_heading) { + d_printf("%s\n", _(heading)); + last_heading = heading; + } + show_parameter(snum, parm); + } +} + +/**************************************************************************** + load the smb.conf file into loadparm. +****************************************************************************/ +static BOOL load_config(BOOL save_def) +{ + lp_resetnumservices(); + return lp_load(dyn_CONFIGFILE,False,save_def,False); +} + +/**************************************************************************** + write a config file +****************************************************************************/ +static void write_config(FILE *f, BOOL show_defaults) +{ + fprintf(f, "# Samba config file created using SWAT\n"); + fprintf(f, "# from %s (%s)\n", cgi_remote_host(), cgi_remote_addr()); + fprintf(f, "# Date: %s\n\n", timestring(False)); + + lp_dump(f, show_defaults, iNumNonAutoPrintServices); +} + +/**************************************************************************** + save and reload the smb.conf config file +****************************************************************************/ +static int save_reload(int snum) +{ + FILE *f; + struct stat st; + + f = sys_fopen(dyn_CONFIGFILE,"w"); + if (!f) { + d_printf("failed to open %s for writing\n", dyn_CONFIGFILE); + return 0; + } + + /* just in case they have used the buggy xinetd to create the file */ + if (fstat(fileno(f), &st) == 0 && + (st.st_mode & S_IWOTH)) { + fchmod(fileno(f), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH); + } + + write_config(f, False); + if (snum) + lp_dump_one(f, False, snum); + fclose(f); + + lp_killunused(NULL); + + if (!load_config(False)) { + d_printf("Can't reload %s\n", dyn_CONFIGFILE); + return 0; + } + iNumNonAutoPrintServices = lp_numservices(); + load_printers(); + + return 1; +} + +/**************************************************************************** + commit one parameter +****************************************************************************/ +static void commit_parameter(int snum, struct parm_struct *parm, const char *v) +{ + int i; + char *s; + + if (snum < 0 && parm->class == P_LOCAL) { + /* this handles the case where we are changing a local + variable globally. We need to change the parameter in + all shares where it is currently set to the default */ + for (i=0;ilabel, v); + } + } + } + + lp_do_parameter(snum, parm->label, v); +} + +/**************************************************************************** + commit a set of parameters for a service +****************************************************************************/ +static void commit_parameters(int snum) +{ + int i = 0; + struct parm_struct *parm; + pstring label; + const char *v; + + while ((parm = lp_next_parameter(snum, &i, 1))) { + slprintf(label, sizeof(label)-1, "parm_%s", make_parm_name(parm->label)); + if ((v = cgi_variable(label))) { + if (parm->flags & FLAG_HIDE) continue; + commit_parameter(snum, parm, v); + } + } +} + +/**************************************************************************** + spit out the html for a link with an image +****************************************************************************/ +static void image_link(const char *name, const char *hlink, const char *src) +{ + d_printf("\"%s\"\n", + cgi_baseurl(), hlink, src, name); +} + +/**************************************************************************** + display the main navigation controls at the top of each page along + with a title +****************************************************************************/ +static void show_main_buttons(void) +{ + char *p; + + if ((p = cgi_user_name()) && strcmp(p, "root")) { + d_printf(_("Logged in as %s

\n"), p); + } + + image_link(_("Home"), "", "images/home.gif"); + if (have_write_access) { + image_link(_("Globals"), "globals", "images/globals.gif"); + image_link(_("Shares"), "shares", "images/shares.gif"); + image_link(_("Printers"), "printers", "images/printers.gif"); + image_link(_("Wizard"), "wizard", "images/wizard.gif"); + } + if (have_read_access) { + image_link(_("Status"), "status", "images/status.gif"); + image_link(_("View Config"), "viewconfig", "images/viewconfig.gif"); + } + image_link(_("Password Management"), "passwd", "images/passwd.gif"); + + d_printf("

\n"); +} + +/**************************************************************************** + * Handle Display/Edit Mode CGI + ****************************************************************************/ +static void ViewModeBoxes(int mode) +{ + d_printf("

%s\n", _("Configuration View: ")); + d_printf("Basic\n", (mode == 0) ? "checked" : ""); + d_printf("Advanced\n", (mode == 1) ? "checked" : ""); + d_printf("Developer\n", (mode == 2) ? "checked" : ""); + d_printf("


\n"); +} + +/**************************************************************************** + display a welcome page +****************************************************************************/ +static void welcome_page(void) +{ + include_html("help/welcome.html"); +} + +/**************************************************************************** + display the current smb.conf +****************************************************************************/ +static void viewconfig_page(void) +{ + int full_view=0; + + if (cgi_variable("full_view")) { + full_view = 1; + } + + d_printf("

%s

\n", _("Current Config")); + d_printf("
\n"); + + if (full_view) { + d_printf("\n", _("Normal View")); + } else { + d_printf("\n", _("Full View")); + } + + d_printf("

");
+	write_config(stdout, full_view);
+	d_printf("
"); + d_printf("
\n"); +} + +/**************************************************************************** + second screen of the wizard ... Fetch Configuration Parameters +****************************************************************************/ +static void wizard_params_page(void) +{ + unsigned int parm_filter = FLAG_WIZARD; + + /* Here we first set and commit all the parameters that were selected + in the previous screen. */ + + d_printf("

Wizard Parameter Edit Page

\n"); + + if (cgi_variable("Commit")) { + commit_parameters(GLOBALS_SNUM); + save_reload(0); + } + + d_printf("
\n"); + + if (have_write_access) { + d_printf("\n"); + } + + d_printf("\n"); + d_printf("

\n"); + + d_printf("\n"); + show_parameters(GLOBALS_SNUM, 1, parm_filter, 0); + d_printf("
\n"); + d_printf("

\n"); +} + +/**************************************************************************** + Utility to just rewrite the smb.conf file - effectively just cleans it up +****************************************************************************/ +static void rewritecfg_file(void) +{ + commit_parameters(GLOBALS_SNUM); + save_reload(0); + d_printf("

Note: smb.conf %s

\n", _("file has been read and rewritten")); +} + +/**************************************************************************** + wizard to create/modify the smb.conf file +****************************************************************************/ +static void wizard_page(void) +{ + /* Set some variables to collect data from smb.conf */ + int role = 0; + int winstype = 0; + int have_home = -1; + int HomeExpo = 0; + int SerType = 0; + + if (cgi_variable("Rewrite")) { + (void) rewritecfg_file(); + return; + } + + if (cgi_variable("GetWizardParams")){ + (void) wizard_params_page(); + return; + } + + if (cgi_variable("Commit")){ + SerType = atoi(cgi_variable("ServerType")); + winstype = atoi(cgi_variable("WINSType")); + have_home = lp_servicenumber(HOMES_NAME); + HomeExpo = atoi(cgi_variable("HomeExpo")); + + /* Plain text passwords are too badly broken - use encrypted passwords only */ + lp_do_parameter( GLOBALS_SNUM, "encrypt passwords", "Yes"); + + switch ( SerType ){ + case 0: + /* Stand-alone Server */ + lp_do_parameter( GLOBALS_SNUM, "security", "USER" ); + lp_do_parameter( GLOBALS_SNUM, "domain logons", "No" ); + break; + case 1: + /* Domain Member */ + lp_do_parameter( GLOBALS_SNUM, "security", "DOMAIN" ); + lp_do_parameter( GLOBALS_SNUM, "domain logons", "No" ); + break; + case 2: + /* Domain Controller */ + lp_do_parameter( GLOBALS_SNUM, "security", "USER" ); + lp_do_parameter( GLOBALS_SNUM, "domain logons", "Yes" ); + break; + } + switch ( winstype ) { + case 0: + lp_do_parameter( GLOBALS_SNUM, "wins support", "No" ); + lp_do_parameter( GLOBALS_SNUM, "wins server", "" ); + break; + case 1: + lp_do_parameter( GLOBALS_SNUM, "wins support", "Yes" ); + lp_do_parameter( GLOBALS_SNUM, "wins server", "" ); + break; + case 2: + lp_do_parameter( GLOBALS_SNUM, "wins support", "No" ); + lp_do_parameter( GLOBALS_SNUM, "wins server", cgi_variable("WINSAddr")); + break; + } + + /* Have to create Homes share? */ + if ((HomeExpo == 1) && (have_home == -1)) { + pstring unix_share; + + pstrcpy(unix_share,HOMES_NAME); + load_config(False); + lp_copy_service(GLOBALS_SNUM, unix_share); + iNumNonAutoPrintServices = lp_numservices(); + have_home = lp_servicenumber(HOMES_NAME); + lp_do_parameter( have_home, "read only", "No"); + lp_do_parameter( have_home, "valid users", "%S"); + lp_do_parameter( have_home, "browseable", "No"); + commit_parameters(have_home); + } + + /* Need to Delete Homes share? */ + if ((HomeExpo == 0) && (have_home != -1)) { + lp_remove_service(have_home); + have_home = -1; + } + + commit_parameters(GLOBALS_SNUM); + save_reload(0); + } + else + { + /* Now determine smb.conf WINS settings */ + if (lp_wins_support()) + winstype = 1; + if (lp_wins_server_list() && strlen(*lp_wins_server_list())) + winstype = 2; + + + /* Do we have a homes share? */ + have_home = lp_servicenumber(HOMES_NAME); + } + if ((winstype == 2) && lp_wins_support()) + winstype = 3; + + role = lp_server_role(); + + /* Here we go ... */ + d_printf("

Samba Configuration Wizard

\n"); + d_printf("
\n"); + + if (have_write_access) { + d_printf(_("The \"Rewrite smb.conf file\" button will clear the smb.conf file of all default values and of comments.\n")); + d_printf(_("The same will happen if you press the commit button.")); + d_printf("

"); + d_printf("
"); + d_printf("   ",_("Rewrite smb.conf file")); + d_printf("   ",_("Commit")); + d_printf("", _("Edit Parameter Values")); + d_printf("
"); + } + + d_printf("
"); + d_printf("
"); + d_printf("\n", "Server Type: "); + d_printf("", (role == ROLE_STANDALONE) ? "checked" : ""); + d_printf("", (role == ROLE_DOMAIN_MEMBER) ? "checked" : ""); + d_printf("", (role == ROLE_DOMAIN_PDC) ? "checked" : ""); + d_printf(""); + if (role == ROLE_DOMAIN_BDC) { + d_printf(""); + } + d_printf("\n", "Configure WINS As: "); + d_printf("", (winstype == 0) ? "checked" : ""); + d_printf("", (winstype == 1) ? "checked" : ""); + d_printf("", (winstype == 2) ? "checked" : ""); + d_printf("",lp_wins_server_list()); + if (winstype == 3) { + d_printf(""); + d_printf(""); + } + d_printf(""); + d_printf("\n","Expose Home Directories: "); + d_printf("", (have_home == -1) ? "" : "checked "); + d_printf("", (have_home == -1 ) ? "checked" : ""); + d_printf(""); + + /* Enable this when we are ready .... + * d_printf("\n","Is Print Server: "); + * d_printf(""); + * d_printf(""); + * d_printf(""); + */ + + d_printf("
%s Stand Alone  Domain Member  Domain Controller 
Unusual Type in smb.conf - Please Select New Mode
%s Not Used  Server for client use  Client of another WINS server 
Remote WINS Server 
Error: WINS Server Mode and WINS Support both set in smb.conf
Please Select desired WINS mode above.
%s Yes No
%s Yes No
"); + d_printf("
"); + + d_printf(_("The above configuration options will set multiple parameters and will generally assist with rapid Samba deployment.\n")); + d_printf("
\n"); +} + + +/**************************************************************************** + display a globals editing page +****************************************************************************/ +static void globals_page(void) +{ + unsigned int parm_filter = FLAG_BASIC; + int mode = 0; + + d_printf("

%s

\n", _("Global Variables")); + + if (cgi_variable("Commit")) { + commit_parameters(GLOBALS_SNUM); + save_reload(0); + } + + if ( cgi_variable("ViewMode") ) + mode = atoi(cgi_variable("ViewMode")); + + d_printf("
\n"); + + ViewModeBoxes( mode ); + switch ( mode ) { + case 0: + parm_filter = FLAG_BASIC; + break; + case 1: + parm_filter = FLAG_ADVANCED; + break; + case 2: + parm_filter = FLAG_DEVELOPER; + break; + } + d_printf("
\n"); + if (have_write_access) { + d_printf("\n", + _("Commit Changes")); + } + + d_printf("\n", + _("Reset Values")); + + d_printf("

\n"); + d_printf("\n"); + show_parameters(GLOBALS_SNUM, 1, parm_filter, 0); + d_printf("
\n"); + d_printf("

\n"); +} + +/**************************************************************************** + display a shares editing page. share is in unix codepage, and must be in + dos codepage. FIXME !!! JRA. +****************************************************************************/ +static void shares_page(void) +{ + const char *share = cgi_variable("share"); + char *s; + int snum = -1; + int i; + int mode = 0; + unsigned int parm_filter = FLAG_BASIC; + + if (share) + snum = lp_servicenumber(share); + + d_printf("

%s

\n", _("Share Parameters")); + + if (cgi_variable("Commit") && snum >= 0) { + commit_parameters(snum); + save_reload(0); + } + + if (cgi_variable("Delete") && snum >= 0) { + lp_remove_service(snum); + save_reload(0); + share = NULL; + snum = -1; + } + + if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) { + load_config(False); + lp_copy_service(GLOBALS_SNUM, share); + iNumNonAutoPrintServices = lp_numservices(); + save_reload(0); + snum = lp_servicenumber(share); + } + + d_printf("
\n"); + + d_printf("\n"); + if ( cgi_variable("ViewMode") ) + mode = atoi(cgi_variable("ViewMode")); + ViewModeBoxes( mode ); + switch ( mode ) { + case 0: + parm_filter = FLAG_BASIC; + break; + case 1: + parm_filter = FLAG_ADVANCED; + break; + case 2: + parm_filter = FLAG_DEVELOPER; + break; + } + d_printf("
\n"); + d_printf("\n", _("Choose Share")); + d_printf("\n"); + if (have_write_access) { + d_printf("\n", _("Delete Share")); + } + d_printf("\n"); + d_printf("
"); + d_printf(""); + if (have_write_access) { + d_printf("\n"); + d_printf("\n", _("Create Share")); + d_printf("\n"); + } + d_printf("
"); + + + if (snum >= 0) { + if (have_write_access) { + d_printf("\n", _("Commit Changes")); + } + + d_printf("\n", _("Reset Values")); + d_printf("

\n"); + } + + if (snum >= 0) { + d_printf("\n"); + show_parameters(snum, 1, parm_filter, 0); + d_printf("
\n"); + } + + d_printf("

\n"); +} + +/************************************************************* +change a password either locally or remotely +*************************************************************/ +static BOOL change_password(const char *remote_machine, const char *user_name, + const char *old_passwd, const char *new_passwd, + int local_flags) +{ + BOOL ret = False; + pstring err_str; + pstring msg_str; + + if (demo_mode) { + d_printf("%s

", _("password change in demo mode rejected\n")); + return False; + } + + if (remote_machine != NULL) { + ret = remote_password_change(remote_machine, user_name, old_passwd, + new_passwd, err_str, sizeof(err_str)); + if(*err_str) + d_printf("%s\n

", err_str); + return ret; + } + + if(!initialize_password_db(True)) { + d_printf("Can't setup password database vectors.\n

"); + return False; + } + + ret = local_password_change(user_name, local_flags, new_passwd, err_str, sizeof(err_str), + msg_str, sizeof(msg_str)); + + if(*msg_str) + d_printf("%s\n

", msg_str); + if(*err_str) + d_printf("%s\n

", err_str); + + return ret; +} + +/**************************************************************************** + do the stuff required to add or change a password +****************************************************************************/ +static void chg_passwd(void) +{ + const char *host; + BOOL rslt; + int local_flags = 0; + + /* Make sure users name has been specified */ + if (strlen(cgi_variable(SWAT_USER)) == 0) { + d_printf("

%s", _(" Must specify \"User Name\" \n")); + return; + } + + /* + * smbpasswd doesn't require anything but the users name to delete, disable or enable the user, + * so if that's what we're doing, skip the rest of the checks + */ + if (!cgi_variable(DISABLE_USER_FLAG) && !cgi_variable(ENABLE_USER_FLAG) && !cgi_variable(DELETE_USER_FLAG)) { + + /* + * If current user is not root, make sure old password has been specified + * If REMOTE change, even root must provide old password + */ + if (((!am_root()) && (strlen( cgi_variable(OLD_PSWD)) <= 0)) || + ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable(OLD_PSWD)) <= 0))) { + d_printf("

%s", _(" Must specify \"Old Password\" \n")); + return; + } + + /* If changing a users password on a remote hosts we have to know what host */ + if ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable(RHOST)) <= 0)) { + d_printf("

%s", _(" Must specify \"Remote Machine\" \n")); + return; + } + + /* Make sure new passwords have been specified */ + if ((strlen( cgi_variable(NEW_PSWD)) <= 0) || + (strlen( cgi_variable(NEW2_PSWD)) <= 0)) { + d_printf("

%s", _(" Must specify \"New, and Re-typed Passwords\" \n")); + return; + } + + /* Make sure new passwords was typed correctly twice */ + if (strcmp(cgi_variable(NEW_PSWD), cgi_variable(NEW2_PSWD)) != 0) { + d_printf("

%s", _(" Re-typed password didn't match new password\n")); + return; + } + } + + if (cgi_variable(CHG_R_PASSWD_FLAG)) { + host = cgi_variable(RHOST); + } else if (am_root()) { + host = NULL; + } else { + host = "127.0.0.1"; + } + + /* + * Set up the local flags. + */ + + local_flags |= (cgi_variable(ADD_USER_FLAG) ? LOCAL_ADD_USER : 0); + local_flags |= (cgi_variable(DELETE_USER_FLAG) ? LOCAL_DELETE_USER : 0); + local_flags |= (cgi_variable(ENABLE_USER_FLAG) ? LOCAL_ENABLE_USER : 0); + local_flags |= (cgi_variable(DISABLE_USER_FLAG) ? LOCAL_DISABLE_USER : 0); + + rslt = change_password(host, + cgi_variable(SWAT_USER), + cgi_variable(OLD_PSWD), cgi_variable(NEW_PSWD), + local_flags); + + if(local_flags == 0) { + d_printf("

"); + if (rslt == True) { + d_printf(_(" The passwd for '%s' has been changed. \n"), cgi_variable(SWAT_USER)); + } else { + d_printf(_(" The passwd for '%s' has NOT been changed. \n"), cgi_variable(SWAT_USER)); + } + } + + return; +} + +/**************************************************************************** + display a password editing page +****************************************************************************/ +static void passwd_page(void) +{ + const char *new_name = cgi_user_name(); + + /* + * After the first time through here be nice. If the user + * changed the User box text to another users name, remember it. + */ + if (cgi_variable(SWAT_USER)) { + new_name = cgi_variable(SWAT_USER); + } + + if (!new_name) new_name = ""; + + d_printf("

%s

\n", _("Server Password Management")); + + d_printf("
\n"); + + d_printf("\n"); + + /* + * Create all the dialog boxes for data collection + */ + d_printf("\n", _(" User Name : ")); + d_printf(" \n", SWAT_USER, new_name); + if (!am_root()) { + d_printf("\n", _(" Old Password : ")); + d_printf(" \n",OLD_PSWD); + } + d_printf("\n", _(" New Password : ")); + d_printf("\n",NEW_PSWD); + d_printf("\n", _(" Re-type New Password : ")); + d_printf("\n",NEW2_PSWD); + d_printf("
%s
%s
%s
%s
\n"); + + /* + * Create all the control buttons for requesting action + */ + d_printf("\n", + CHG_S_PASSWD_FLAG, _("Change Password")); + if (demo_mode || am_root()) { + d_printf("\n", + ADD_USER_FLAG, _("Add New User")); + d_printf("\n", + DELETE_USER_FLAG, _("Delete User")); + d_printf("\n", + DISABLE_USER_FLAG, _("Disable User")); + d_printf("\n", + ENABLE_USER_FLAG, _("Enable User")); + } + d_printf("

\n"); + + /* + * Do some work if change, add, disable or enable was + * requested. It could be this is the first time through this + * code, so there isn't anything to do. */ + if ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) || + (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG))) { + chg_passwd(); + } + + d_printf("

%s

\n", _("Client/Server Password Management")); + + d_printf("
\n"); + + d_printf("\n"); + + /* + * Create all the dialog boxes for data collection + */ + d_printf("\n", _(" User Name : ")); + d_printf("\n",SWAT_USER, new_name); + d_printf("\n", _(" Old Password : ")); + d_printf("\n",OLD_PSWD); + d_printf("\n", _(" New Password : ")); + d_printf("\n",NEW_PSWD); + d_printf("\n", _(" Re-type New Password : ")); + d_printf("\n",NEW2_PSWD); + d_printf("\n", _(" Remote Machine : ")); + d_printf("\n",RHOST); + + d_printf("
%s
%s
%s
%s
%s
"); + + /* + * Create all the control buttons for requesting action + */ + d_printf("", + CHG_R_PASSWD_FLAG, _("Change Password")); + + d_printf("

\n"); + + /* + * Do some work if a request has been made to change the + * password somewhere other than the server. It could be this + * is the first time through this code, so there isn't + * anything to do. */ + if (cgi_variable(CHG_R_PASSWD_FLAG)) { + chg_passwd(); + } + +} + +/**************************************************************************** + display a printers editing page +****************************************************************************/ +static void printers_page(void) +{ + const char *share = cgi_variable("share"); + char *s; + int snum=-1; + int i; + int mode = 0; + unsigned int parm_filter = FLAG_BASIC; + + if (share) + snum = lp_servicenumber(share); + + d_printf("

%s

\n", _("Printer Parameters")); + + d_printf("

%s

\n", _("Important Note:")); + d_printf(_("Printer names marked with [*] in the Choose Printer drop-down box ")); + d_printf(_("are autoloaded printers from ")); + d_printf("%s\n", _("Printcap Name")); + d_printf(_("Attempting to delete these printers from SWAT will have no effect.\n")); + + if (cgi_variable("Commit") && snum >= 0) { + commit_parameters(snum); + if (snum >= iNumNonAutoPrintServices) + save_reload(snum); + else + save_reload(0); + } + + if (cgi_variable("Delete") && snum >= 0) { + lp_remove_service(snum); + save_reload(0); + share = NULL; + snum = -1; + } + + if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) { + load_config(False); + lp_copy_service(GLOBALS_SNUM, share); + iNumNonAutoPrintServices = lp_numservices(); + snum = lp_servicenumber(share); + lp_do_parameter(snum, "print ok", "Yes"); + save_reload(0); + snum = lp_servicenumber(share); + } + + d_printf("
\n"); + + if ( cgi_variable("ViewMode") ) + mode = atoi(cgi_variable("ViewMode")); + ViewModeBoxes( mode ); + switch ( mode ) { + case 0: + parm_filter = FLAG_BASIC; + break; + case 1: + parm_filter = FLAG_ADVANCED; + break; + case 2: + parm_filter = FLAG_DEVELOPER; + break; + } + d_printf("\n"); + d_printf("\n", _("Choose Printer")); + d_printf(""); + if (have_write_access) { + d_printf("\n", _("Delete Printer")); + } + d_printf(""); + d_printf("
\n"); + + if (have_write_access) { + d_printf("\n"); + d_printf("\n", _("Create Printer")); + d_printf("\n"); + d_printf("
"); + } + + + if (snum >= 0) { + if (have_write_access) { + d_printf("\n", _("Commit Changes")); + } + d_printf("\n", _("Reset Values")); + d_printf("

\n"); + } + + if (snum >= 0) { + d_printf("\n"); + show_parameters(snum, 1, parm_filter, 1); + d_printf("
\n"); + } + d_printf("

\n"); +} + + +/** + * main function for SWAT. + **/ + int main(int argc, char *argv[]) +{ + extern char *optarg; + extern int optind; + int opt; + char *page; + + fault_setup(NULL); + umask(S_IWGRP | S_IWOTH); + +#if defined(HAVE_SET_AUTH_PARAMETERS) + set_auth_parameters(argc, argv); +#endif /* HAVE_SET_AUTH_PARAMETERS */ + + /* just in case it goes wild ... */ + alarm(300); + + setlinebuf(stdout); + + /* we don't want any SIGPIPE messages */ + BlockSignals(True,SIGPIPE); + + dbf = x_fopen("/dev/null", O_WRONLY, 0); + if (!dbf) dbf = x_stderr; + + /* we don't want stderr screwing us up */ + close(2); + open("/dev/null", O_WRONLY); + + while ((opt = getopt(argc, argv,"s:a")) != EOF) { + switch (opt) { + case 's': + pstrcpy(dyn_CONFIGFILE,optarg); + break; + case 'a': + demo_mode = True; + break; + } + } + + setup_logging(argv[0],False); + load_config(True); + iNumNonAutoPrintServices = lp_numservices(); + load_printers(); + + cgi_setup(dyn_SWATDIR, !demo_mode); + + print_header(); + + cgi_load_variables(); + + if (!file_exist(dyn_CONFIGFILE, NULL)) { + have_read_access = True; + have_write_access = True; + } else { + /* check if the authenticated user has write access - if not then + don't show write options */ + have_write_access = (access(dyn_CONFIGFILE,W_OK) == 0); + + /* if the user doesn't have read access to smb.conf then + don't let them view it */ + have_read_access = (access(dyn_CONFIGFILE,R_OK) == 0); + } + + show_main_buttons(); + + page = cgi_pathinfo(); + + /* Root gets full functionality */ + if (have_read_access && strcmp(page, "globals")==0) { + globals_page(); + } else if (have_read_access && strcmp(page,"shares")==0) { + shares_page(); + } else if (have_read_access && strcmp(page,"printers")==0) { + printers_page(); + } else if (have_read_access && strcmp(page,"status")==0) { + status_page(); + } else if (have_read_access && strcmp(page,"viewconfig")==0) { + viewconfig_page(); + } else if (strcmp(page,"passwd")==0) { + passwd_page(); + } else if (have_read_access && strcmp(page,"wizard")==0) { + wizard_page(); + } else if (have_read_access && strcmp(page,"wizard_params")==0) { + wizard_params_page(); + } else if (have_read_access && strcmp(page,"rewritecfg")==0) { + rewritecfg_file(); + } else { + welcome_page(); + } + + print_footer(); + return 0; +} + +/** @} **/ -- cgit