Version 3.0.0
Copyright (C) Andrew Tridgell 1997-2002
Copyright (C) John H Terpstra 2002
-
+
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
-
+
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
-
+
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
**/
#include "includes.h"
+#include "system/filesys.h"
+#include "popt_common.h"
#include "web/swat_proto.h"
+#include "printing/pcap.h"
+#include "printing/load.h"
+#include "passdb.h"
+#include "intl/lang_tdb.h"
+#include "../lib/crypto/md5.h"
+#include "lib/param/loadparm.h"
+#include "messages.h"
static int demo_mode = False;
static int passwd_only = False;
#define DISABLE_USER_FLAG "disable_user_flag"
#define ENABLE_USER_FLAG "enable_user_flag"
#define RHOST "remote_host"
+#define XSRF_TOKEN "xsrf"
+#define XSRF_TIME "xsrf_time"
+#define XSRF_TIMEOUT 300
#define _(x) lang_msg_rotate(talloc_tos(),x)
return newstring;
}
-static const char *fix_quotes(TALLOC_CTX *ctx, const char *str)
+static const char *fix_quotes(TALLOC_CTX *ctx, char *str)
{
char *newstring = NULL;
char *p = NULL;
/* Count the number of quotes. */
newstring_len = 1;
- while (*str) {
- if ( *str == '\"') {
+ p = (char *) str;
+ while (*p) {
+ if ( *p == '\"') {
newstring_len += quote_len;
} else {
newstring_len++;
}
- ++str;
+ ++p;
}
- newstring = TALLOC_ARRAY(ctx, char, newstring_len);
+ newstring = talloc_array(ctx, char, newstring_len);
if (!newstring) {
return "";
}
} else {
*p++ = *str;
}
- ++str;
}
*p = '\0';
return newstring;
char *p = newstring;
while (*str) {
- if (*str != ' ') *p++ = toupper_ascii(*str);
+ if (*str != ' ') *p++ = toupper_m(*str);
++str;
}
*p = '\0';
return parmname;
}
+void get_xsrf_token(const char *username, const char *pass,
+ const char *formname, time_t xsrf_time, char token_str[33])
+{
+ struct MD5Context md5_ctx;
+ uint8_t token[16];
+ int i;
+
+ token_str[0] = '\0';
+ ZERO_STRUCT(md5_ctx);
+ MD5Init(&md5_ctx);
+
+ MD5Update(&md5_ctx, (uint8_t *)formname, strlen(formname));
+ MD5Update(&md5_ctx, (uint8_t *)&xsrf_time, sizeof(time_t));
+ if (username != NULL) {
+ MD5Update(&md5_ctx, (uint8_t *)username, strlen(username));
+ }
+ if (pass != NULL) {
+ MD5Update(&md5_ctx, (uint8_t *)pass, strlen(pass));
+ }
+
+ MD5Final(token, &md5_ctx);
+
+ for(i = 0; i < sizeof(token); i++) {
+ char tmp[3];
+
+ snprintf(tmp, sizeof(tmp), "%02x", token[i]);
+ strlcat(token_str, tmp, sizeof(tmp));
+ }
+}
+
+void print_xsrf_token(const char *username, const char *pass,
+ const char *formname)
+{
+ char token[33];
+ time_t xsrf_time = time(NULL);
+
+ get_xsrf_token(username, pass, formname, xsrf_time, token);
+ printf("<input type=\"hidden\" name=\"%s\" value=\"%s\">\n",
+ XSRF_TOKEN, token);
+ printf("<input type=\"hidden\" name=\"%s\" value=\"%lld\">\n",
+ XSRF_TIME, (long long int)xsrf_time);
+}
+
+bool verify_xsrf_token(const char *formname)
+{
+ char expected[33];
+ const char *username = cgi_user_name();
+ const char *pass = cgi_user_pass();
+ const char *token = cgi_variable_nonull(XSRF_TOKEN);
+ const char *time_str = cgi_variable_nonull(XSRF_TIME);
+ char *p = NULL;
+ long long xsrf_time_ll = 0;
+ time_t xsrf_time = 0;
+ time_t now = time(NULL);
+
+ errno = 0;
+ xsrf_time_ll = strtoll(time_str, &p, 10);
+ if (errno != 0) {
+ return false;
+ }
+ if (p == NULL) {
+ return false;
+ }
+ if (PTR_DIFF(p, time_str) > strlen(time_str)) {
+ return false;
+ }
+ if (xsrf_time_ll > _TYPE_MAXIMUM(time_t)) {
+ return false;
+ }
+ if (xsrf_time_ll < _TYPE_MINIMUM(time_t)) {
+ return false;
+ }
+ xsrf_time = xsrf_time_ll;
+
+ if (abs(now - xsrf_time) > XSRF_TIMEOUT) {
+ return false;
+ }
+
+ get_xsrf_token(username, pass, formname, xsrf_time, expected);
+ return (strncmp(expected, token, sizeof(expected)) == 0);
+}
+
+
/****************************************************************************
include a lump of html in a page
****************************************************************************/
}
while ((ret = read(fd, buf, sizeof(buf))) > 0) {
- write(1, buf, ret);
+ if (write(1, buf, ret) == -1) {
+ break;
+ }
}
close(fd);
static void show_parameter(int snum, struct parm_struct *parm)
{
int i;
- void *ptr = parm->ptr;
+ void *ptr;
char *utf8_s1, *utf8_s2;
+ size_t converted_size;
TALLOC_CTX *ctx = talloc_stackframe();
if (parm->p_class == P_LOCAL && snum >= 0) {
- ptr = lp_local_ptr(snum, ptr);
+ ptr = lp_local_ptr_by_snum(snum, parm);
+ } else {
+ ptr = lp_parm_ptr(NULL, parm);
}
printf("<tr><td>%s</td><td>", get_parm_translated(ctx,
for (;*list;list++) {
/* enclose in HTML encoded quotes if the string contains a space */
if ( strchr_m(*list, ' ') ) {
- push_utf8_allocate(&utf8_s1, *list);
- push_utf8_allocate(&utf8_s2, ((*(list+1))?", ":""));
+ push_utf8_talloc(talloc_tos(), &utf8_s1, *list, &converted_size);
+ push_utf8_talloc(talloc_tos(), &utf8_s2, ((*(list+1))?", ":""), &converted_size);
printf(""%s"%s", utf8_s1, utf8_s2);
} else {
- push_utf8_allocate(&utf8_s1, *list);
- push_utf8_allocate(&utf8_s2, ((*(list+1))?", ":""));
+ push_utf8_talloc(talloc_tos(), &utf8_s1, *list, &converted_size);
+ push_utf8_talloc(talloc_tos(), &utf8_s2, ((*(list+1))?", ":""), &converted_size);
printf("%s%s", utf8_s1, utf8_s2);
}
- SAFE_FREE(utf8_s1);
- SAFE_FREE(utf8_s2);
+ TALLOC_FREE(utf8_s1);
+ TALLOC_FREE(utf8_s2);
}
}
printf("\">");
case P_STRING:
case P_USTRING:
- push_utf8_allocate(&utf8_s1, *(char **)ptr);
- printf("<input type=text size=40 name=\"parm_%s\" value=\"%s\">",
- make_parm_name(parm->label), fix_quotes(ctx, utf8_s1));
- SAFE_FREE(utf8_s1);
- printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">",
- _("Set Default"), make_parm_name(parm->label),fix_backslash((char *)(parm->def.svalue)));
- break;
-
- case P_GSTRING:
- case P_UGSTRING:
- push_utf8_allocate(&utf8_s1, (char *)ptr);
+ push_utf8_talloc(talloc_tos(), &utf8_s1, *(char **)ptr, &converted_size);
printf("<input type=text size=40 name=\"parm_%s\" value=\"%s\">",
make_parm_name(parm->label), fix_quotes(ctx, utf8_s1));
- SAFE_FREE(utf8_s1);
+ TALLOC_FREE(utf8_s1);
printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">",
_("Set Default"), make_parm_name(parm->label),fix_backslash((char *)(parm->def.svalue)));
break;
break;
case P_INTEGER:
+ case P_BYTES:
printf("<input type=text size=8 name=\"parm_%s\" value=\"%d\">", make_parm_name(parm->label), *(int *)ptr);
printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%d\'\">",
_("Set Default"), make_parm_name(parm->label),(int)(parm->def.ivalue));
break;
- case P_OCTAL:
- printf("<input type=text size=8 name=\"parm_%s\" value=%s>", make_parm_name(parm->label), octal_string(*(int *)ptr));
- printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">",
- _("Set Default"), make_parm_name(parm->label),
- octal_string((int)(parm->def.ivalue)));
+ case P_OCTAL: {
+ char *o;
+ o = octal_string(*(int *)ptr);
+ printf("<input type=text size=8 name=\"parm_%s\" value=%s>",
+ make_parm_name(parm->label), o);
+ TALLOC_FREE(o);
+ o = octal_string((int)(parm->def.ivalue));
+ printf("<input type=button value=\"%s\" "
+ "onClick=\"swatform.parm_%s.value=\'%s\'\">",
+ _("Set Default"), make_parm_name(parm->label), o);
+ TALLOC_FREE(o);
break;
+ }
case P_ENUM:
printf("<select name=\"parm_%s\">",make_parm_name(parm->label));
if (!( parm_filter & FLAG_ADVANCED )) {
if (!(parm->flags & FLAG_BASIC)) {
- void *ptr = parm->ptr;
-
+ void *ptr;
if (parm->p_class == P_LOCAL && snum >= 0) {
- ptr = lp_local_ptr(snum, ptr);
+ ptr = lp_local_ptr_by_snum(snum, parm);
+ } else {
+ ptr = lp_parm_ptr(NULL, parm);
}
switch (parm->type) {
break;
case P_LIST:
- if (!str_list_compare(*(char ***)ptr, (char **)(parm->def.lvalue))) continue;
+ if (!str_list_equal(*(const char ***)ptr,
+ (const char **)(parm->def.lvalue))) continue;
break;
case P_STRING:
if (!strcmp(*(char **)ptr,(char *)(parm->def.svalue))) continue;
break;
- case P_GSTRING:
- case P_UGSTRING:
- if (!strcmp((char *)ptr,(char *)(parm->def.svalue))) continue;
- break;
-
case P_BOOL:
case P_BOOLREV:
if (*(bool *)ptr == (bool)(parm->def.bvalue)) continue;
break;
case P_INTEGER:
+ case P_BYTES:
case P_OCTAL:
if (*(int *)ptr == (int)(parm->def.ivalue)) continue;
break;
}
if ((parm_filter & FLAG_WIZARD) && !(parm->flags & FLAG_WIZARD)) continue;
-
+
if ((parm_filter & FLAG_ADVANCED) && !(parm->flags & FLAG_ADVANCED)) continue;
-
+
if (heading && heading != last_heading) {
printf("<tr><td></td></tr><tr><td><b><u>%s</u></b></td></tr>\n", _(heading));
last_heading = heading;
****************************************************************************/
static bool load_config(bool save_def)
{
- lp_resetnumservices();
- return lp_load(dyn_CONFIGFILE,False,save_def,False,True);
+ return lp_load(get_dyn_CONFIGFILE(),False,save_def,False,True);
}
/****************************************************************************
****************************************************************************/
static void write_config(FILE *f, bool show_defaults)
{
+ TALLOC_CTX *ctx = talloc_stackframe();
+
fprintf(f, "# Samba config file created using SWAT\n");
fprintf(f, "# from %s (%s)\n", cgi_remote_host(), cgi_remote_addr());
- fprintf(f, "# Date: %s\n\n", current_timestring(False));
-
+ fprintf(f, "# Date: %s\n\n", current_timestring(ctx, False));
+
lp_dump(f, show_defaults, iNumNonAutoPrintServices);
+
+ TALLOC_FREE(ctx);
}
/****************************************************************************
FILE *f;
struct stat st;
- f = sys_fopen(dyn_CONFIGFILE,"w");
+ f = sys_fopen(get_dyn_CONFIGFILE(),"w");
if (!f) {
- printf(_("failed to open %s for writing"), dyn_CONFIGFILE);
+ printf(_("failed to open %s for writing"), get_dyn_CONFIGFILE());
printf("\n");
return 0;
}
#if defined HAVE_FCHMOD
fchmod(fileno(f), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH);
#else
- chmod(dyn_CONFIGFILE, S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH);
+ chmod(get_dyn_CONFIGFILE(), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH);
#endif
}
write_config(f, False);
- if (snum)
+ if (snum >= 0)
lp_dump_one(f, False, snum);
fclose(f);
- lp_killunused(NULL);
+ lp_kill_all_services();
if (!load_config(False)) {
- printf(_("Can't reload %s"), dyn_CONFIGFILE);
+ printf(_("Can't reload %s"), get_dyn_CONFIGFILE());
printf("\n");
return 0;
}
iNumNonAutoPrintServices = lp_numservices();
- load_printers();
+ if (pcap_cache_loaded()) {
+ struct tevent_context *ev_ctx;
+ struct messaging_context *msg_ctx;
+
+ ev_ctx = s3_tevent_context_init(NULL);
+ if (ev_ctx == NULL) {
+ printf("s3_tevent_context_init() failed\n");
+ return 0;
+ }
+ msg_ctx = messaging_init(ev_ctx, ev_ctx);
+ if (msg_ctx == NULL) {
+ printf("messaging_init() failed\n");
+ return 0;
+ }
+
+ load_printers(ev_ctx, msg_ctx);
+
+ talloc_free(ev_ctx);
+ }
return 1;
}
static void show_main_buttons(void)
{
char *p;
-
+
if ((p = cgi_user_name()) && strcmp(p, "root")) {
printf(_("Logged in as <b>%s</b>"), p);
printf("<p>\n");
****************************************************************************/
static void welcome_page(void)
{
- if (file_exist("help/welcome.html", NULL)) {
+ if (file_exist("help/welcome.html")) {
include_html("help/welcome.html");
} else {
include_html("help/welcome-no-samba-doc.html");
static void viewconfig_page(void)
{
int full_view=0;
+ const char form_name[] = "viewconfig";
+
+ if (!verify_xsrf_token(form_name)) {
+ goto output_page;
+ }
if (cgi_variable("full_view")) {
full_view = 1;
}
+output_page:
printf("<H2>%s</H2>\n", _("Current Config"));
printf("<form method=post>\n");
+ print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
if (full_view) {
printf("<input type=submit name=\"normal_view\" value=\"%s\">\n", _("Normal View"));
static void wizard_params_page(void)
{
unsigned int parm_filter = FLAG_WIZARD;
+ const char form_name[] = "wizard_params";
/* Here we first set and commit all the parameters that were selected
in the previous screen. */
printf("<H2>%s</H2>\n", _("Wizard Parameter Edit Page"));
+ if (!verify_xsrf_token(form_name)) {
+ goto output_page;
+ }
+
if (cgi_variable("Commit")) {
commit_parameters(GLOBAL_SECTION_SNUM);
- save_reload(0);
+ save_reload(-1);
}
+output_page:
printf("<form name=\"swatform\" method=post action=wizard_params>\n");
+ print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
if (have_write_access) {
printf("<input type=submit name=\"Commit\" value=\"Commit Changes\">\n");
printf("<input type=reset name=\"Reset Values\" value=\"Reset\">\n");
printf("<p>\n");
-
+
printf("<table>\n");
show_parameters(GLOBAL_SECTION_SNUM, 1, parm_filter, 0);
printf("</table>\n");
static void rewritecfg_file(void)
{
commit_parameters(GLOBAL_SECTION_SNUM);
- save_reload(0);
+ save_reload(-1);
printf("<H2>%s</H2>\n", _("Note: smb.conf file has been read and rewritten"));
}
int have_home = -1;
int HomeExpo = 0;
int SerType = 0;
+ const char form_name[] = "wizard";
+
+ if (!verify_xsrf_token(form_name)) {
+ goto output_page;
+ }
if (cgi_variable("Rewrite")) {
(void) rewritecfg_file();
/* Plain text passwords are too badly broken - use encrypted passwords only */
lp_do_parameter( GLOBAL_SECTION_SNUM, "encrypt passwords", "Yes");
-
+
switch ( SerType ){
case 0:
/* Stand-alone Server */
load_config(False);
lp_copy_service(GLOBAL_SECTION_SNUM, unix_share);
- iNumNonAutoPrintServices = lp_numservices();
have_home = lp_servicenumber(HOMES_NAME);
lp_do_parameter( have_home, "read only", "No");
lp_do_parameter( have_home, "valid users", "%S");
lp_do_parameter( have_home, "browseable", "No");
commit_parameters(have_home);
+ save_reload(have_home);
}
/* Need to Delete Homes share? */
}
commit_parameters(GLOBAL_SECTION_SNUM);
- save_reload(0);
+ save_reload(-1);
}
else
{
/* Now determine smb.conf WINS settings */
- if (lp_wins_support())
+ if (lp_we_are_a_wins_server())
winstype = 1;
if (lp_wins_server_list() && strlen(*lp_wins_server_list()))
winstype = 2;
/* Do we have a homes share? */
have_home = lp_servicenumber(HOMES_NAME);
}
- if ((winstype == 2) && lp_wins_support())
+ if ((winstype == 2) && lp_we_are_a_wins_server())
winstype = 3;
role = lp_server_role();
-
+
+output_page:
/* Here we go ... */
printf("<H2>%s</H2>\n", _("Samba Configuration Wizard"));
printf("<form method=post action=wizard>\n");
+ print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
if (have_write_access) {
printf("%s\n", _("The \"Rewrite smb.conf file\" button will clear the smb.conf file of all default values and of comments."));
const char **wins_servers = lp_wins_server_list();
for(i = 0; wins_servers[i]; i++) printf("%s ", wins_servers[i]);
}
-
+
printf("\"></td></tr>\n");
if (winstype == 3) {
printf("<tr><td></td><td colspan=3><font color=\"#ff0000\">%s</font></td></tr>\n", _("Error: WINS Server Mode and WINS Support both set in smb.conf"));
printf("<td><input type=radio name=\"HomeExpo\" value=\"1\" %s> Yes</td>", (have_home == -1) ? "" : "checked ");
printf("<td><input type=radio name=\"HomeExpo\" value=\"0\" %s> No</td>", (have_home == -1 ) ? "checked" : "");
printf("<td></td></tr>\n");
-
+
/* Enable this when we are ready ....
* printf("<tr><td><b>%s: </b></td>\n", _("Is Print Server"));
* printf("<td><input type=radio name=\"PtrSvr\" value=\"1\" %s> Yes</td>");
* printf("<td><input type=radio name=\"PtrSvr\" value=\"0\" %s> No</td>");
* printf("<td></td></tr>\n");
*/
-
+
printf("</table></center>");
printf("<hr>");
{
unsigned int parm_filter = FLAG_BASIC;
int mode = 0;
+ const char form_name[] = "globals";
printf("<H2>%s</H2>\n", _("Global Parameters"));
+ if (!verify_xsrf_token(form_name)) {
+ goto output_page;
+ }
+
if (cgi_variable("Commit")) {
commit_parameters(GLOBAL_SECTION_SNUM);
- save_reload(0);
+ save_reload(-1);
}
if ( cgi_variable("ViewMode") )
if ( cgi_variable("AdvMode"))
mode = 1;
+output_page:
printf("<form name=\"swatform\" method=post action=globals>\n");
+ print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
ViewModeBoxes( mode );
switch ( mode ) {
int i;
int mode = 0;
unsigned int parm_filter = FLAG_BASIC;
+ size_t converted_size;
+ const char form_name[] = "shares";
+
+ printf("<H2>%s</H2>\n", _("Share Parameters"));
+
+ if (!verify_xsrf_token(form_name)) {
+ goto output_page;
+ }
if (share)
snum = lp_servicenumber(share);
- printf("<H2>%s</H2>\n", _("Share Parameters"));
if (cgi_variable("Commit") && snum >= 0) {
commit_parameters(snum);
- save_reload(0);
+ save_reload(-1);
+ snum = lp_servicenumber(share);
}
if (cgi_variable("Delete") && snum >= 0) {
lp_remove_service(snum);
- save_reload(0);
+ save_reload(-1);
share = NULL;
snum = -1;
}
if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) {
- load_config(False);
- lp_copy_service(GLOBAL_SECTION_SNUM, share);
- iNumNonAutoPrintServices = lp_numservices();
- save_reload(0);
snum = lp_servicenumber(share);
+ if (snum < 0) {
+ load_config(False);
+ lp_copy_service(GLOBAL_SECTION_SNUM, share);
+ snum = lp_servicenumber(share);
+ save_reload(snum);
+ snum = lp_servicenumber(share);
+ }
}
- printf("<FORM name=\"swatform\" method=post>\n");
-
- printf("<table>\n");
-
if ( cgi_variable("ViewMode") )
mode = atoi(cgi_variable_nonull("ViewMode"));
if ( cgi_variable("BasicMode"))
if ( cgi_variable("AdvMode"))
mode = 1;
+output_page:
+ printf("<FORM name=\"swatform\" method=post>\n");
+ print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
+
+ printf("<table>\n");
+
ViewModeBoxes( mode );
switch ( mode ) {
case 0:
for (i=0;i<lp_numservices();i++) {
s = lp_servicename(i);
if (s && (*s) && strcmp(s,"IPC$") && !lp_print_ok(i)) {
- push_utf8_allocate(&utf8_s, s);
+ push_utf8_talloc(talloc_tos(), &utf8_s, s, &converted_size);
printf("<option %s value=\"%s\">%s\n",
(share && strcmp(share,s)==0)?"SELECTED":"",
utf8_s, utf8_s);
- SAFE_FREE(utf8_s);
-
+ TALLOC_FREE(utf8_s);
}
}
printf("</select></td>\n");
printf("%s\n<p>", _("password change in demo mode rejected"));
return False;
}
-
+
if (remote_machine != NULL) {
ret = remote_password_change(remote_machine, user_name,
old_passwd, new_passwd, &err_str);
printf("%s\n<p>", _("Can't setup password database vectors."));
return False;
}
-
+
ret = local_password_change(user_name, local_flags, new_passwd,
&err_str, &msg_str);
local_flags |= (cgi_variable(DELETE_USER_FLAG) ? LOCAL_DELETE_USER : 0);
local_flags |= (cgi_variable(ENABLE_USER_FLAG) ? LOCAL_ENABLE_USER : 0);
local_flags |= (cgi_variable(DISABLE_USER_FLAG) ? LOCAL_DISABLE_USER : 0);
-
rslt = change_password(host,
cgi_variable_nonull(SWAT_USER),
if(cgi_variable(CHG_S_PASSWD_FLAG)) {
printf("<p>");
if (rslt == True) {
- printf(_(" The passwd for '%s' has been changed."), cgi_variable_nonull(SWAT_USER));
- printf("\n");
+ printf("%s\n", _(" The passwd has been changed."));
} else {
- printf(_(" The passwd for '%s' has NOT been changed."), cgi_variable_nonull(SWAT_USER));
- printf("\n");
+ printf("%s\n", _(" The passwd has NOT been changed."));
}
}
-
+
return;
}
static void passwd_page(void)
{
const char *new_name = cgi_user_name();
-
- /*
- * After the first time through here be nice. If the user
- * changed the User box text to another users name, remember it.
- */
- if (cgi_variable(SWAT_USER)) {
- new_name = cgi_variable_nonull(SWAT_USER);
- }
+ const char passwd_form[] = "passwd";
+ const char rpasswd_form[] = "rpasswd";
if (!new_name) new_name = "";
printf("<H2>%s</H2>\n", _("Server Password Management"));
printf("<FORM name=\"swatform\" method=post>\n");
+ print_xsrf_token(cgi_user_name(), cgi_user_pass(), passwd_form);
printf("<table>\n");
* Do some work if change, add, disable or enable was
* requested. It could be this is the first time through this
* code, so there isn't anything to do. */
- if ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) ||
- (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG))) {
+ if (verify_xsrf_token(passwd_form) &&
+ ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) ||
+ (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG)))) {
chg_passwd();
}
printf("<H2>%s</H2>\n", _("Client/Server Password Management"));
printf("<FORM name=\"swatform\" method=post>\n");
+ print_xsrf_token(cgi_user_name(), cgi_user_pass(), rpasswd_form);
printf("<table>\n");
* password somewhere other than the server. It could be this
* is the first time through this code, so there isn't
* anything to do. */
- if (cgi_variable(CHG_R_PASSWD_FLAG)) {
+ if (verify_xsrf_token(passwd_form) && cgi_variable(CHG_R_PASSWD_FLAG)) {
chg_passwd();
}
int i;
int mode = 0;
unsigned int parm_filter = FLAG_BASIC;
+ const char form_name[] = "printers";
+
+ if (!verify_xsrf_token(form_name)) {
+ goto output_page;
+ }
if (share)
snum = lp_servicenumber(share);
- printf("<H2>%s</H2>\n", _("Printer Parameters"));
-
- printf("<H3>%s</H3>\n", _("Important Note:"));
- printf(_("Printer names marked with [*] in the Choose Printer drop-down box "));
- printf(_("are autoloaded printers from "));
- printf("<A HREF=\"/swat/help/smb.conf.5.html#printcapname\" target=\"docs\">%s</A>\n", _("Printcap Name"));
- printf("%s\n", _("Attempting to delete these printers from SWAT will have no effect."));
-
if (cgi_variable("Commit") && snum >= 0) {
commit_parameters(snum);
if (snum >= iNumNonAutoPrintServices)
save_reload(snum);
else
- save_reload(0);
+ save_reload(-1);
+ snum = lp_servicenumber(share);
}
if (cgi_variable("Delete") && snum >= 0) {
lp_remove_service(snum);
- save_reload(0);
+ save_reload(-1);
share = NULL;
snum = -1;
}
if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) {
- load_config(False);
- lp_copy_service(GLOBAL_SECTION_SNUM, share);
- iNumNonAutoPrintServices = lp_numservices();
- snum = lp_servicenumber(share);
- lp_do_parameter(snum, "print ok", "Yes");
- save_reload(0);
snum = lp_servicenumber(share);
+ if (snum < 0 || snum >= iNumNonAutoPrintServices) {
+ load_config(False);
+ lp_copy_service(GLOBAL_SECTION_SNUM, share);
+ snum = lp_servicenumber(share);
+ lp_do_parameter(snum, "print ok", "Yes");
+ save_reload(snum);
+ snum = lp_servicenumber(share);
+ }
}
- printf("<FORM name=\"swatform\" method=post>\n");
-
if ( cgi_variable("ViewMode") )
mode = atoi(cgi_variable_nonull("ViewMode"));
if ( cgi_variable("BasicMode"))
if ( cgi_variable("AdvMode"))
mode = 1;
+output_page:
+ printf("<H2>%s</H2>\n", _("Printer Parameters"));
+
+ printf("<H3>%s</H3>\n", _("Important Note:"));
+ printf("%s",_("Printer names marked with [*] in the Choose Printer drop-down box "));
+ printf("%s",_("are autoloaded printers from "));
+ printf("<A HREF=\"/swat/help/smb.conf.5.html#printcapname\" target=\"docs\">%s</A>\n", _("Printcap Name"));
+ printf("%s\n", _("Attempting to delete these printers from SWAT will have no effect."));
+
+
+ printf("<FORM name=\"swatform\" method=post>\n");
+ print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
+
ViewModeBoxes( mode );
switch ( mode ) {
case 0:
};
TALLOC_CTX *frame = talloc_stackframe();
- fault_setup(NULL);
+ fault_setup();
umask(S_IWGRP | S_IWOTH);
#if defined(HAVE_SET_AUTH_PARAMETERS)
/* we don't want any SIGPIPE messages */
BlockSignals(True,SIGPIPE);
- dbf = x_fopen("/dev/null", O_WRONLY, 0);
- if (!dbf) dbf = x_stderr;
+ debug_set_logfile("/dev/null");
/* we don't want stderr screwing us up */
close(2);
open("/dev/null", O_WRONLY);
+ setup_logging("swat", DEBUG_FILE);
+ load_case_tables();
+
pc = poptGetContext("swat", argc, (const char **) argv, long_options, 0);
/* Parse command line options */
poptFreeContext(pc);
- load_case_tables();
-
- setup_logging(argv[0],False);
+ /* This should set a more apporiate log file */
load_config(True);
+ reopen_logs();
load_interfaces();
iNumNonAutoPrintServices = lp_numservices();
- load_printers();
+ if (pcap_cache_loaded()) {
+ struct tevent_context *ev_ctx;
+ struct messaging_context *msg_ctx;
+
+ ev_ctx = s3_tevent_context_init(NULL);
+ if (ev_ctx == NULL) {
+ printf("s3_tevent_context_init() failed\n");
+ return 0;
+ }
+ msg_ctx = messaging_init(ev_ctx, ev_ctx);
+ if (msg_ctx == NULL) {
+ printf("messaging_init() failed\n");
+ return 0;
+ }
+
+ load_printers(ev_ctx, msg_ctx);
+
+ talloc_free(ev_ctx);
+ }
- cgi_setup(dyn_SWATDIR, !demo_mode);
+ cgi_setup(get_dyn_SWATDIR(), !demo_mode);
print_header();
cgi_load_variables();
- if (!file_exist(dyn_CONFIGFILE, NULL)) {
+ if (!file_exist(get_dyn_CONFIGFILE())) {
have_read_access = True;
have_write_access = True;
} else {
/* check if the authenticated user has write access - if not then
don't show write options */
- have_write_access = (access(dyn_CONFIGFILE,W_OK) == 0);
+ have_write_access = (access(get_dyn_CONFIGFILE(),W_OK) == 0);
/* if the user doesn't have read access to smb.conf then
don't let them view it */
- have_read_access = (access(dyn_CONFIGFILE,R_OK) == 0);
+ have_read_access = (access(get_dyn_CONFIGFILE(),R_OK) == 0);
}
show_main_buttons();
git.samba.org / kai / samba.git / blobdiff