git.samba.org / amitay / samba.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
More strlcat/strlcpy truncate checks.
[amitay/samba.git] / source3 / web / swat.c
diff --git a/source3/web/swat.c b/source3/web/swat.c
index 1250204d03e837eb98b2cc9261de24ed9b0ba882..0e17b015e949ee56aca0d30c167f6c0ea1567c1a 100644 (file)
--- a/source3/web/swat.c
+++ b/source3/web/swat.c
@@ -28,8 +28,16 @@
  **/
 
 #include "includes.h"
+#include "system/filesys.h"
 #include "popt_common.h"
 #include "web/swat_proto.h"
+#include "printing/pcap.h"
+#include "printing/load.h"
+#include "passdb.h"
+#include "intl/lang_tdb.h"
+#include "../lib/crypto/md5.h"
+#include "lib/param/loadparm.h"
+#include "messages.h"
 
 static int demo_mode = False;
 static int passwd_only = False;
@@ -51,6 +59,9 @@ static int iNumNonAutoPrintServices = 0;
 #define DISABLE_USER_FLAG "disable_user_flag"
 #define ENABLE_USER_FLAG "enable_user_flag"
 #define RHOST "remote_host"
+#define XSRF_TOKEN "xsrf"
+#define XSRF_TIME "xsrf_time"
+#define XSRF_TIMEOUT 300
 
 #define _(x) lang_msg_rotate(talloc_tos(),x)
 
@@ -78,7 +89,7 @@ static char *fix_backslash(const char *str)
        return newstring;
 }
 
-static const char *fix_quotes(TALLOC_CTX *ctx, const char *str)
+static const char *fix_quotes(TALLOC_CTX *ctx, char *str)
 {
        char *newstring = NULL;
        char *p = NULL;
@@ -96,7 +107,7 @@ static const char *fix_quotes(TALLOC_CTX *ctx, const char *str)
                }
                ++p;
        }
-       newstring = TALLOC_ARRAY(ctx, char, newstring_len);
+       newstring = talloc_array(ctx, char, newstring_len);
        if (!newstring) {
                return "";
        }
@@ -118,7 +129,7 @@ static char *stripspaceupper(const char *str)
        char *p = newstring;
 
        while (*str) {
-               if (*str != ' ') *p++ = toupper_ascii(*str);
+               if (*str != ' ') *p++ = toupper_m(*str);
                ++str;
        }
        *p = '\0';
@@ -139,6 +150,90 @@ static char *make_parm_name(const char *label)
        return parmname;
 }
 
+void get_xsrf_token(const char *username, const char *pass,
+                   const char *formname, time_t xsrf_time, char token_str[33])
+{
+       struct MD5Context md5_ctx;
+       uint8_t token[16];
+       int i;
+
+       token_str[0] = '\0';
+       ZERO_STRUCT(md5_ctx);
+       MD5Init(&md5_ctx);
+
+       MD5Update(&md5_ctx, (uint8_t *)formname, strlen(formname));
+       MD5Update(&md5_ctx, (uint8_t *)&xsrf_time, sizeof(time_t));
+       if (username != NULL) {
+               MD5Update(&md5_ctx, (uint8_t *)username, strlen(username));
+       }
+       if (pass != NULL) {
+               MD5Update(&md5_ctx, (uint8_t *)pass, strlen(pass));
+       }
+
+       MD5Final(token, &md5_ctx);
+
+       for(i = 0; i < sizeof(token); i++) {
+               char tmp[3];
+
+               snprintf(tmp, sizeof(tmp), "%02x", token[i]);
+               /* FIXME ! Truncate check. JRA. */
+               (void)strlcat(token_str, tmp, sizeof(tmp));
+       }
+}
+
+void print_xsrf_token(const char *username, const char *pass,
+                     const char *formname)
+{
+       char token[33];
+       time_t xsrf_time = time(NULL);
+
+       get_xsrf_token(username, pass, formname, xsrf_time, token);
+       printf("<input type=\"hidden\" name=\"%s\" value=\"%s\">\n",
+              XSRF_TOKEN, token);
+       printf("<input type=\"hidden\" name=\"%s\" value=\"%lld\">\n",
+              XSRF_TIME, (long long int)xsrf_time);
+}
+
+bool verify_xsrf_token(const char *formname)
+{
+       char expected[33];
+       const char *username = cgi_user_name();
+       const char *pass = cgi_user_pass();
+       const char *token = cgi_variable_nonull(XSRF_TOKEN);
+       const char *time_str = cgi_variable_nonull(XSRF_TIME);
+       char *p = NULL;
+       long long xsrf_time_ll = 0;
+       time_t xsrf_time = 0;
+       time_t now = time(NULL);
+
+       errno = 0;
+       xsrf_time_ll = strtoll(time_str, &p, 10);
+       if (errno != 0) {
+               return false;
+       }
+       if (p == NULL) {
+               return false;
+       }
+       if (PTR_DIFF(p, time_str) > strlen(time_str)) {
+               return false;
+       }
+       if (xsrf_time_ll > _TYPE_MAXIMUM(time_t)) {
+               return false;
+       }
+       if (xsrf_time_ll < _TYPE_MINIMUM(time_t)) {
+               return false;
+       }
+       xsrf_time = xsrf_time_ll;
+
+       if (abs(now - xsrf_time) > XSRF_TIMEOUT) {
+               return false;
+       }
+
+       get_xsrf_token(username, pass, formname, xsrf_time, expected);
+       return (strncmp(expected, token, sizeof(expected)) == 0);
+}
+
+
 /****************************************************************************
   include a lump of html in a page 
 ****************************************************************************/
@@ -229,13 +324,15 @@ static void print_footer(void)
 static void show_parameter(int snum, struct parm_struct *parm)
 {
        int i;
-       void *ptr = parm->ptr;
+       void *ptr;
        char *utf8_s1, *utf8_s2;
        size_t converted_size;
        TALLOC_CTX *ctx = talloc_stackframe();
 
        if (parm->p_class == P_LOCAL && snum >= 0) {
-               ptr = lp_local_ptr_by_snum(snum, ptr);
+               ptr = lp_local_ptr_by_snum(snum, parm);
+       } else {
+               ptr = lp_parm_ptr(NULL, parm);
        }
 
        printf("<tr><td>%s</td><td>", get_parm_translated(ctx,
@@ -313,6 +410,7 @@ static void show_parameter(int snum, struct parm_struct *parm)
                break;
 
        case P_INTEGER:
+       case P_BYTES:
                printf("<input type=text size=8 name=\"parm_%s\" value=\"%d\">", make_parm_name(parm->label), *(int *)ptr);
                printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%d\'\">",
                        _("Set Default"), make_parm_name(parm->label),(int)(parm->def.ivalue));
@@ -375,10 +473,11 @@ static void show_parameters(int snum, int allparameters, unsigned int parm_filte
 
                if (!( parm_filter & FLAG_ADVANCED )) {
                        if (!(parm->flags & FLAG_BASIC)) {
-                                       void *ptr = parm->ptr;
-
+                               void *ptr;
                                if (parm->p_class == P_LOCAL && snum >= 0) {
-                                       ptr = lp_local_ptr_by_snum(snum, ptr);
+                                       ptr = lp_local_ptr_by_snum(snum, parm);
+                               } else {
+                                       ptr = lp_parm_ptr(NULL, parm);
                                }
 
                                switch (parm->type) {
@@ -402,6 +501,7 @@ static void show_parameters(int snum, int allparameters, unsigned int parm_filte
                                        break;
 
                                case P_INTEGER:
+                               case P_BYTES:
                                case P_OCTAL:
                                        if (*(int *)ptr == (int)(parm->def.ivalue)) continue;
                                        break;
@@ -491,7 +591,25 @@ static int save_reload(int snum)
                 return 0;
         }
        iNumNonAutoPrintServices = lp_numservices();
-       load_printers(server_event_context(), server_messaging_context());
+       if (pcap_cache_loaded()) {
+               struct tevent_context *ev_ctx;
+               struct messaging_context *msg_ctx;
+
+               ev_ctx = s3_tevent_context_init(NULL);
+               if (ev_ctx == NULL) {
+                       printf("s3_tevent_context_init() failed\n");
+                       return 0;
+               }
+               msg_ctx = messaging_init(ev_ctx, ev_ctx);
+               if (msg_ctx == NULL) {
+                       printf("messaging_init() failed\n");
+                       return 0;
+               }
+
+               load_printers(ev_ctx, msg_ctx);
+
+               talloc_free(ev_ctx);
+       }
 
        return 1;
 }
@@ -612,13 +730,20 @@ static void welcome_page(void)
 static void viewconfig_page(void)
 {
        int full_view=0;
+       const char form_name[] = "viewconfig";
+
+       if (!verify_xsrf_token(form_name)) {
+               goto output_page;
+       }
 
        if (cgi_variable("full_view")) {
                full_view = 1;
        }
 
+output_page:
        printf("<H2>%s</H2>\n", _("Current Config"));
        printf("<form method=post>\n");
+       print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
 
        if (full_view) {
                printf("<input type=submit name=\"normal_view\" value=\"%s\">\n", _("Normal View"));
@@ -638,18 +763,25 @@ static void viewconfig_page(void)
 static void wizard_params_page(void)
 {
        unsigned int parm_filter = FLAG_WIZARD;
+       const char form_name[] = "wizard_params";
 
        /* Here we first set and commit all the parameters that were selected
           in the previous screen. */
 
        printf("<H2>%s</H2>\n", _("Wizard Parameter Edit Page"));
 
+       if (!verify_xsrf_token(form_name)) {
+               goto output_page;
+       }
+
        if (cgi_variable("Commit")) {
                commit_parameters(GLOBAL_SECTION_SNUM);
                save_reload(-1);
        }
 
+output_page:
        printf("<form name=\"swatform\" method=post action=wizard_params>\n");
+       print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
 
        if (have_write_access) {
                printf("<input type=submit name=\"Commit\" value=\"Commit Changes\">\n");
@@ -685,6 +817,11 @@ static void wizard_page(void)
        int have_home = -1;
        int HomeExpo = 0;
        int SerType = 0;
+       const char form_name[] = "wizard";
+
+       if (!verify_xsrf_token(form_name)) {
+               goto output_page;
+       }
 
        if (cgi_variable("Rewrite")) {
                (void) rewritecfg_file();
@@ -763,7 +900,7 @@ static void wizard_page(void)
        else
        {
                /* Now determine smb.conf WINS settings */
-               if (lp_wins_support())
+               if (lp_we_are_a_wins_server())
                        winstype = 1;
                if (lp_wins_server_list() && strlen(*lp_wins_server_list()))
                        winstype = 2;
@@ -771,14 +908,16 @@ static void wizard_page(void)
                /* Do we have a homes share? */
                have_home = lp_servicenumber(HOMES_NAME);
        }
-       if ((winstype == 2) && lp_wins_support())
+       if ((winstype == 2) && lp_we_are_a_wins_server())
                winstype = 3;
 
        role = lp_server_role();
 
+output_page:
        /* Here we go ... */
        printf("<H2>%s</H2>\n", _("Samba Configuration Wizard"));
        printf("<form method=post action=wizard>\n");
+       print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
 
        if (have_write_access) {
                printf("%s\n", _("The \"Rewrite smb.conf file\" button will clear the smb.conf file of all default values and of comments."));
@@ -847,9 +986,14 @@ static void globals_page(void)
 {
        unsigned int parm_filter = FLAG_BASIC;
        int mode = 0;
+       const char form_name[] = "globals";
 
        printf("<H2>%s</H2>\n", _("Global Parameters"));
 
+       if (!verify_xsrf_token(form_name)) {
+               goto output_page;
+       }
+
        if (cgi_variable("Commit")) {
                commit_parameters(GLOBAL_SECTION_SNUM);
                save_reload(-1);
@@ -862,7 +1006,9 @@ static void globals_page(void)
        if ( cgi_variable("AdvMode"))
                mode = 1;
 
+output_page:
        printf("<form name=\"swatform\" method=post action=globals>\n");
+       print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
 
        ViewModeBoxes( mode );
        switch ( mode ) {
@@ -902,11 +1048,17 @@ static void shares_page(void)
        int mode = 0;
        unsigned int parm_filter = FLAG_BASIC;
        size_t converted_size;
+       const char form_name[] = "shares";
+
+       printf("<H2>%s</H2>\n", _("Share Parameters"));
+
+       if (!verify_xsrf_token(form_name)) {
+               goto output_page;
+       }
 
        if (share)
                snum = lp_servicenumber(share);
 
-       printf("<H2>%s</H2>\n", _("Share Parameters"));
 
        if (cgi_variable("Commit") && snum >= 0) {
                commit_parameters(snum);
@@ -932,10 +1084,6 @@ static void shares_page(void)
                }
        }
 
-       printf("<FORM name=\"swatform\" method=post>\n");
-
-       printf("<table>\n");
-
        if ( cgi_variable("ViewMode") )
                mode = atoi(cgi_variable_nonull("ViewMode"));
        if ( cgi_variable("BasicMode"))
@@ -943,6 +1091,12 @@ static void shares_page(void)
        if ( cgi_variable("AdvMode"))
                mode = 1;
 
+output_page:
+       printf("<FORM name=\"swatform\" method=post>\n");
+       print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
+
+       printf("<table>\n");
+
        ViewModeBoxes( mode );
        switch ( mode ) {
                case 0:
@@ -1121,11 +1275,9 @@ static void chg_passwd(void)
        if(cgi_variable(CHG_S_PASSWD_FLAG)) {
                printf("<p>");
                if (rslt == True) {
-                       printf(_(" The passwd for '%s' has been changed."), cgi_variable_nonull(SWAT_USER));
-                       printf("\n");
+                       printf("%s\n", _(" The passwd has been changed."));
                } else {
-                       printf(_(" The passwd for '%s' has NOT been changed."), cgi_variable_nonull(SWAT_USER));
-                       printf("\n");
+                       printf("%s\n", _(" The passwd has NOT been changed."));
                }
        }
 
@@ -1138,20 +1290,15 @@ static void chg_passwd(void)
 static void passwd_page(void)
 {
        const char *new_name = cgi_user_name();
-
-       /* 
-        * After the first time through here be nice. If the user
-        * changed the User box text to another users name, remember it.
-        */
-       if (cgi_variable(SWAT_USER)) {
-               new_name = cgi_variable_nonull(SWAT_USER);
-       } 
+       const char passwd_form[] = "passwd";
+       const char rpasswd_form[] = "rpasswd";
 
        if (!new_name) new_name = "";
 
        printf("<H2>%s</H2>\n", _("Server Password Management"));
 
        printf("<FORM name=\"swatform\" method=post>\n");
+       print_xsrf_token(cgi_user_name(), cgi_user_pass(), passwd_form);
 
        printf("<table>\n");
 
@@ -1191,14 +1338,16 @@ static void passwd_page(void)
         * Do some work if change, add, disable or enable was
         * requested. It could be this is the first time through this
         * code, so there isn't anything to do.  */
-       if ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) ||
-           (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG))) {
+       if (verify_xsrf_token(passwd_form) &&
+          ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) ||
+           (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG)))) {
                chg_passwd();           
        }
 
        printf("<H2>%s</H2>\n", _("Client/Server Password Management"));
 
        printf("<FORM name=\"swatform\" method=post>\n");
+       print_xsrf_token(cgi_user_name(), cgi_user_pass(), rpasswd_form);
 
        printf("<table>\n");
 
@@ -1231,7 +1380,7 @@ static void passwd_page(void)
         * password somewhere other than the server. It could be this
         * is the first time through this code, so there isn't
         * anything to do.  */
-       if (cgi_variable(CHG_R_PASSWD_FLAG)) {
+       if (verify_xsrf_token(passwd_form) && cgi_variable(CHG_R_PASSWD_FLAG)) {
                chg_passwd();           
        }
 
@@ -1248,18 +1397,15 @@ static void printers_page(void)
        int i;
        int mode = 0;
        unsigned int parm_filter = FLAG_BASIC;
+       const char form_name[] = "printers";
+
+       if (!verify_xsrf_token(form_name)) {
+               goto output_page;
+       }
 
        if (share)
                snum = lp_servicenumber(share);
 
-        printf("<H2>%s</H2>\n", _("Printer Parameters"));
-        printf("<H3>%s</H3>\n", _("Important Note:"));
-        printf("%s",_("Printer names marked with [*] in the Choose Printer drop-down box "));
-        printf("%s",_("are autoloaded printers from "));
-        printf("<A HREF=\"/swat/help/smb.conf.5.html#printcapname\" target=\"docs\">%s</A>\n", _("Printcap Name"));
-        printf("%s\n", _("Attempting to delete these printers from SWAT will have no effect."));
-
        if (cgi_variable("Commit") && snum >= 0) {
                commit_parameters(snum);
                if (snum >= iNumNonAutoPrintServices)
@@ -1288,8 +1434,6 @@ static void printers_page(void)
                }
        }
 
-       printf("<FORM name=\"swatform\" method=post>\n");
-
        if ( cgi_variable("ViewMode") )
                mode = atoi(cgi_variable_nonull("ViewMode"));
         if ( cgi_variable("BasicMode"))
@@ -1297,6 +1441,19 @@ static void printers_page(void)
         if ( cgi_variable("AdvMode"))
                 mode = 1;
 
+output_page:
+        printf("<H2>%s</H2>\n", _("Printer Parameters"));
+
+        printf("<H3>%s</H3>\n", _("Important Note:"));
+        printf("%s",_("Printer names marked with [*] in the Choose Printer drop-down box "));
+        printf("%s",_("are autoloaded printers from "));
+        printf("<A HREF=\"/swat/help/smb.conf.5.html#printcapname\" target=\"docs\">%s</A>\n", _("Printcap Name"));
+        printf("%s\n", _("Attempting to delete these printers from SWAT will have no effect."));
+
+
+       printf("<FORM name=\"swatform\" method=post>\n");
+       print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
+
        ViewModeBoxes( mode );
        switch ( mode ) {
                case 0:
@@ -1398,7 +1555,7 @@ const char *lang_msg_rotate(TALLOC_CTX *ctx, const char *msgid)
        };
        TALLOC_CTX *frame = talloc_stackframe();
 
-       fault_setup(NULL);
+       fault_setup();
        umask(S_IWGRP | S_IWOTH);
 
 #if defined(HAVE_SET_AUTH_PARAMETERS)
@@ -1413,13 +1570,15 @@ const char *lang_msg_rotate(TALLOC_CTX *ctx, const char *msgid)
        /* we don't want any SIGPIPE messages */
        BlockSignals(True,SIGPIPE);
 
-       dbf = x_fopen("/dev/null", O_WRONLY, 0);
-       if (!dbf) dbf = x_stderr;
+       debug_set_logfile("/dev/null");
 
        /* we don't want stderr screwing us up */
        close(2);
        open("/dev/null", O_WRONLY);
+       setup_logging("swat", DEBUG_FILE);
 
+       load_case_tables();
+       
        pc = poptGetContext("swat", argc, (const char **) argv, long_options, 0);
 
        /* Parse command line options */
@@ -1428,13 +1587,30 @@ const char *lang_msg_rotate(TALLOC_CTX *ctx, const char *msgid)
 
        poptFreeContext(pc);
 
-       load_case_tables();
-
-       setup_logging(argv[0],False);
+       /* This should set a more apporiate log file */
        load_config(True);
+       reopen_logs();
        load_interfaces();
        iNumNonAutoPrintServices = lp_numservices();
-       load_printers(server_event_context(), server_messaging_context());
+       if (pcap_cache_loaded()) {
+               struct tevent_context *ev_ctx;
+               struct messaging_context *msg_ctx;
+
+               ev_ctx = s3_tevent_context_init(NULL);
+               if (ev_ctx == NULL) {
+                       printf("s3_tevent_context_init() failed\n");
+                       return 0;
+               }
+               msg_ctx = messaging_init(ev_ctx, ev_ctx);
+               if (msg_ctx == NULL) {
+                       printf("messaging_init() failed\n");
+                       return 0;
+               }
+
+               load_printers(ev_ctx, msg_ctx);
+
+               talloc_free(ev_ctx);
+       }
 
        cgi_setup(get_dyn_SWATDIR(), !demo_mode);
 
Amitay's Samba development tree