X-Git-Url: http://git.samba.org/samba.git/?p=kai%2Fsamba.git;a=blobdiff_plain;f=source3%2Fweb%2Fswat.c;h=1e676a5aecc90b2da8c9e42258506b975cb13df8;hp=d1fd0b4f9bc702d6128e23e84a0517d71903d84d;hb=666dba33531c7e7d391318c915fb393ec5b1da36;hpb=4340b7cea74203799f7cd5d2457cbe062b42425c

diff --git a/source3/web/swat.c b/source3/web/swat.c
index d1fd0b4f9bc..1e676a5aecc 100644
--- a/source3/web/swat.c
+++ b/source3/web/swat.c
@@ -4,20 +4,19 @@
    Version 3.0.0
    Copyright (C) Andrew Tridgell 1997-2002
    Copyright (C) John H Terpstra 2002
-   
+
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 2 of the License, or
+   the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
-   
+
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-   
+
    You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+   along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
 
 /**
@@ -29,12 +28,21 @@
  **/
 
 #include "includes.h"
+#include "system/filesys.h"
+#include "popt_common.h"
 #include "web/swat_proto.h"
-
-static BOOL demo_mode = False;
-static BOOL passwd_only = False;
-static BOOL have_write_access = False;
-static BOOL have_read_access = False;
+#include "printing/pcap.h"
+#include "printing/load.h"
+#include "passdb.h"
+#include "intl/lang_tdb.h"
+#include "../lib/crypto/md5.h"
+#include "lib/param/loadparm.h"
+#include "messages.h"
+
+static int demo_mode = False;
+static int passwd_only = False;
+static bool have_write_access = False;
+static bool have_read_access = False;
 static int iNumNonAutoPrintServices = 0;
 
 /*
@@ -51,7 +59,11 @@ static int iNumNonAutoPrintServices = 0;
 #define DISABLE_USER_FLAG "disable_user_flag"
 #define ENABLE_USER_FLAG "enable_user_flag"
 #define RHOST "remote_host"
+#define XSRF_TOKEN "xsrf"
+#define XSRF_TIME "xsrf_time"
+#define XSRF_TIMEOUT 300
 
+#define _(x) lang_msg_rotate(talloc_tos(),x)
 
 /****************************************************************************
 ****************************************************************************/
@@ -77,21 +89,35 @@ static char *fix_backslash(const char *str)
 	return newstring;
 }
 
-static char *fix_quotes(const char *str)
+static const char *fix_quotes(TALLOC_CTX *ctx, char *str)
 {
-	static pstring newstring;
-	char *p = newstring;
-	size_t newstring_len = sizeof(newstring);
+	char *newstring = NULL;
+	char *p = NULL;
+	size_t newstring_len;
 	int quote_len = strlen("&quot;");
 
-	while (*str) {
-		if ( *str == '\"' && (newstring_len - PTR_DIFF(p, newstring) - 1) > quote_len ) {
-			strncpy( p, "&quot;", quote_len); 
+	/* Count the number of quotes. */
+	newstring_len = 1;
+	p = (char *) str;
+	while (*p) {
+		if ( *p == '\"') {
+			newstring_len += quote_len;
+		} else {
+			newstring_len++;
+		}
+		++p;
+	}
+	newstring = talloc_array(ctx, char, newstring_len);
+	if (!newstring) {
+		return "";
+	}
+	for (p = newstring; *str; str++) {
+		if ( *str == '\"') {
+			strncpy( p, "&quot;", quote_len);
 			p += quote_len;
 		} else {
 			*p++ = *str;
 		}
-		++str;
 	}
 	*p = '\0';
 	return newstring;
@@ -103,7 +129,7 @@ static char *stripspaceupper(const char *str)
 	char *p = newstring;
 
 	while (*str) {
-		if (*str != ' ') *p++ = toupper_ascii(*str);
+		if (*str != ' ') *p++ = toupper_m(*str);
 		++str;
 	}
 	*p = '\0';
@@ -124,6 +150,90 @@ static char *make_parm_name(const char *label)
 	return parmname;
 }
 
+void get_xsrf_token(const char *username, const char *pass,
+		    const char *formname, time_t xsrf_time, char token_str[33])
+{
+	struct MD5Context md5_ctx;
+	uint8_t token[16];
+	int i;
+
+	token_str[0] = '\0';
+	ZERO_STRUCT(md5_ctx);
+	MD5Init(&md5_ctx);
+
+	MD5Update(&md5_ctx, (uint8_t *)formname, strlen(formname));
+	MD5Update(&md5_ctx, (uint8_t *)&xsrf_time, sizeof(time_t));
+	if (username != NULL) {
+		MD5Update(&md5_ctx, (uint8_t *)username, strlen(username));
+	}
+	if (pass != NULL) {
+		MD5Update(&md5_ctx, (uint8_t *)pass, strlen(pass));
+	}
+
+	MD5Final(token, &md5_ctx);
+
+	for(i = 0; i < sizeof(token); i++) {
+		char tmp[3];
+
+		snprintf(tmp, sizeof(tmp), "%02x", token[i]);
+		/* FIXME ! Truncate check. JRA. */
+		(void)strlcat(token_str, tmp, sizeof(tmp));
+	}
+}
+
+void print_xsrf_token(const char *username, const char *pass,
+		      const char *formname)
+{
+	char token[33];
+	time_t xsrf_time = time(NULL);
+
+	get_xsrf_token(username, pass, formname, xsrf_time, token);
+	printf("<input type=\"hidden\" name=\"%s\" value=\"%s\">\n",
+	       XSRF_TOKEN, token);
+	printf("<input type=\"hidden\" name=\"%s\" value=\"%lld\">\n",
+	       XSRF_TIME, (long long int)xsrf_time);
+}
+
+bool verify_xsrf_token(const char *formname)
+{
+	char expected[33];
+	const char *username = cgi_user_name();
+	const char *pass = cgi_user_pass();
+	const char *token = cgi_variable_nonull(XSRF_TOKEN);
+	const char *time_str = cgi_variable_nonull(XSRF_TIME);
+	char *p = NULL;
+	long long xsrf_time_ll = 0;
+	time_t xsrf_time = 0;
+	time_t now = time(NULL);
+
+	errno = 0;
+	xsrf_time_ll = strtoll(time_str, &p, 10);
+	if (errno != 0) {
+		return false;
+	}
+	if (p == NULL) {
+		return false;
+	}
+	if (PTR_DIFF(p, time_str) > strlen(time_str)) {
+		return false;
+	}
+	if (xsrf_time_ll > _TYPE_MAXIMUM(time_t)) {
+		return false;
+	}
+	if (xsrf_time_ll < _TYPE_MINIMUM(time_t)) {
+		return false;
+	}
+	xsrf_time = xsrf_time_ll;
+
+	if (abs(now - xsrf_time) > XSRF_TIMEOUT) {
+		return false;
+	}
+
+	get_xsrf_token(username, pass, formname, xsrf_time, expected);
+	return (strncmp(expected, token, sizeof(expected)) == 0);
+}
+
+
 /****************************************************************************
   include a lump of html in a page 
 ****************************************************************************/
@@ -142,7 +252,9 @@ static int include_html(const char *fname)
 	}
 
 	while ((ret = read(fd, buf, sizeof(buf))) > 0) {
-		write(1, buf, ret);
+		if (write(1, buf, ret) == -1) {
+			break;
+		}
 	}
 
 	close(fd);
@@ -180,25 +292,24 @@ static void print_header(void)
    "i18n_translated_parm" class is used to change the color of the
    translated parameter with CSS.
    **************************************************************** */
-static const char* get_parm_translated(
+static const char *get_parm_translated(TALLOC_CTX *ctx,
 	const char* pAnchor, const char* pHelp, const char* pLabel)
 {
-	const char* pTranslated = _(pLabel);
-	static pstring output;
-	if(strcmp(pLabel, pTranslated) != 0)
-	{
-		pstr_sprintf(output,
+	const char *pTranslated = _(pLabel);
+	char *output;
+	if(strcmp(pLabel, pTranslated) != 0) {
+		output = talloc_asprintf(ctx,
 		  "<A HREF=\"/swat/help/manpages/smb.conf.5.html#%s\" target=\"docs\"> %s</A>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; %s <br><span class=\"i18n_translated_parm\">%s</span>",
 		   pAnchor, pHelp, pLabel, pTranslated);
 		return output;
 	}
-	pstr_sprintf(output, 
+	output = talloc_asprintf(ctx,
 	  "<A HREF=\"/swat/help/manpages/smb.conf.5.html#%s\" target=\"docs\"> %s</A>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; %s",
 	  pAnchor, pHelp, pLabel);
 	return output;
 }
 /****************************************************************************
- finish off the page 
+ finish off the page
 ****************************************************************************/
 static void print_footer(void)
 {
@@ -208,19 +319,24 @@ static void print_footer(void)
 }
 
 /****************************************************************************
-  display one editable parameter in a form 
+  display one editable parameter in a form
 ****************************************************************************/
 static void show_parameter(int snum, struct parm_struct *parm)
 {
 	int i;
-	void *ptr = parm->ptr;
+	void *ptr;
 	char *utf8_s1, *utf8_s2;
+	size_t converted_size;
+	TALLOC_CTX *ctx = talloc_stackframe();
 
 	if (parm->p_class == P_LOCAL && snum >= 0) {
-		ptr = lp_local_ptr(snum, ptr);
+		ptr = lp_local_ptr_by_snum(snum, parm);
+	} else {
+		ptr = lp_parm_ptr(NULL, parm);
 	}
 
-	printf("<tr><td>%s</td><td>", get_parm_translated(stripspaceupper(parm->label), _("Help"), parm->label));
+	printf("<tr><td>%s</td><td>", get_parm_translated(ctx,
+				stripspaceupper(parm->label), _("Help"), parm->label));
 	switch (parm->type) {
 	case P_CHAR:
 		printf("<input type=text size=2 name=\"parm_%s\" value=\"%c\">",
@@ -237,16 +353,16 @@ static void show_parameter(int snum, struct parm_struct *parm)
 			for (;*list;list++) {
 				/* enclose in HTML encoded quotes if the string contains a space */
 				if ( strchr_m(*list, ' ') ) {
-					push_utf8_allocate(&utf8_s1, *list);
-					push_utf8_allocate(&utf8_s2, ((*(list+1))?", ":""));
+					push_utf8_talloc(talloc_tos(), &utf8_s1, *list, &converted_size);
+					push_utf8_talloc(talloc_tos(), &utf8_s2, ((*(list+1))?", ":""), &converted_size);
 					printf("&quot;%s&quot;%s", utf8_s1, utf8_s2);
 				} else {
-					push_utf8_allocate(&utf8_s1, *list);
-					push_utf8_allocate(&utf8_s2, ((*(list+1))?", ":""));
+					push_utf8_talloc(talloc_tos(), &utf8_s1, *list, &converted_size);
+					push_utf8_talloc(talloc_tos(), &utf8_s2, ((*(list+1))?", ":""), &converted_size);
 					printf("%s%s", utf8_s1, utf8_s2);
 				}
-				SAFE_FREE(utf8_s1);
-				SAFE_FREE(utf8_s2);
+				TALLOC_FREE(utf8_s1);
+				TALLOC_FREE(utf8_s2);
 			}
 		}
 		printf("\">");
@@ -256,7 +372,7 @@ static void show_parameter(int snum, struct parm_struct *parm)
 			char **list = (char **)(parm->def.lvalue);
 			for (; *list; list++) {
 				/* enclose in HTML encoded quotes if the string contains a space */
-				if ( strchr_m(*list, ' ') ) 
+				if ( strchr_m(*list, ' ') )
 					printf("&quot;%s&quot;%s", *list, ((*(list+1))?", ":""));
 				else
 					printf("%s%s", *list, ((*(list+1))?", ":""));
@@ -267,54 +383,52 @@ static void show_parameter(int snum, struct parm_struct *parm)
 
 	case P_STRING:
 	case P_USTRING:
-		push_utf8_allocate(&utf8_s1, *(char **)ptr);
-		printf("<input type=text size=40 name=\"parm_%s\" value=\"%s\">",
-		       make_parm_name(parm->label), fix_quotes(utf8_s1));
-		SAFE_FREE(utf8_s1);
-		printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">",
-			_("Set Default"), make_parm_name(parm->label),fix_backslash((char *)(parm->def.svalue)));
-		break;
-
-	case P_GSTRING:
-	case P_UGSTRING:
-		push_utf8_allocate(&utf8_s1, (char *)ptr);
+		push_utf8_talloc(talloc_tos(), &utf8_s1, *(char **)ptr, &converted_size);
 		printf("<input type=text size=40 name=\"parm_%s\" value=\"%s\">",
-		       make_parm_name(parm->label), fix_quotes(utf8_s1));
-		SAFE_FREE(utf8_s1);
+		       make_parm_name(parm->label), fix_quotes(ctx, utf8_s1));
+		TALLOC_FREE(utf8_s1);
 		printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">",
 			_("Set Default"), make_parm_name(parm->label),fix_backslash((char *)(parm->def.svalue)));
 		break;
 
 	case P_BOOL:
 		printf("<select name=\"parm_%s\">",make_parm_name(parm->label)); 
-		printf("<option %s>Yes", (*(BOOL *)ptr)?"selected":"");
-		printf("<option %s>No", (*(BOOL *)ptr)?"":"selected");
+		printf("<option %s>Yes", (*(bool *)ptr)?"selected":"");
+		printf("<option %s>No", (*(bool *)ptr)?"":"selected");
 		printf("</select>");
 		printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.selectedIndex=\'%d\'\">",
-			_("Set Default"), make_parm_name(parm->label),(BOOL)(parm->def.bvalue)?0:1);
+			_("Set Default"), make_parm_name(parm->label),(bool)(parm->def.bvalue)?0:1);
 		break;
 
 	case P_BOOLREV:
 		printf("<select name=\"parm_%s\">",make_parm_name(parm->label)); 
-		printf("<option %s>Yes", (*(BOOL *)ptr)?"":"selected");
-		printf("<option %s>No", (*(BOOL *)ptr)?"selected":"");
+		printf("<option %s>Yes", (*(bool *)ptr)?"":"selected");
+		printf("<option %s>No", (*(bool *)ptr)?"selected":"");
 		printf("</select>");
 		printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.selectedIndex=\'%d\'\">",
-			_("Set Default"), make_parm_name(parm->label),(BOOL)(parm->def.bvalue)?1:0);
+			_("Set Default"), make_parm_name(parm->label),(bool)(parm->def.bvalue)?1:0);
 		break;
 
 	case P_INTEGER:
+	case P_BYTES:
 		printf("<input type=text size=8 name=\"parm_%s\" value=\"%d\">", make_parm_name(parm->label), *(int *)ptr);
 		printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%d\'\">",
 			_("Set Default"), make_parm_name(parm->label),(int)(parm->def.ivalue));
 		break;
 
-	case P_OCTAL:
-		printf("<input type=text size=8 name=\"parm_%s\" value=%s>", make_parm_name(parm->label), octal_string(*(int *)ptr));
-		printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">",
-		       _("Set Default"), make_parm_name(parm->label),
-		       octal_string((int)(parm->def.ivalue)));
+	case P_OCTAL: {
+		char *o;
+		o = octal_string(*(int *)ptr);
+		printf("<input type=text size=8 name=\"parm_%s\" value=%s>",
+		       make_parm_name(parm->label), o);
+		TALLOC_FREE(o);
+		o = octal_string((int)(parm->def.ivalue));
+		printf("<input type=button value=\"%s\" "
+		       "onClick=\"swatform.parm_%s.value=\'%s\'\">",
+		       _("Set Default"), make_parm_name(parm->label), o);
+		TALLOC_FREE(o);
 		break;
+	}
 
 	case P_ENUM:
 		printf("<select name=\"parm_%s\">",make_parm_name(parm->label)); 
@@ -331,6 +445,7 @@ static void show_parameter(int snum, struct parm_struct *parm)
 		break;
 	}
 	printf("</td></tr>\n");
+	TALLOC_FREE(ctx);
 }
 
 /****************************************************************************
@@ -358,10 +473,11 @@ static void show_parameters(int snum, int allparameters, unsigned int parm_filte
 
 		if (!( parm_filter & FLAG_ADVANCED )) {
 			if (!(parm->flags & FLAG_BASIC)) {
-					void *ptr = parm->ptr;
-
+				void *ptr;
 				if (parm->p_class == P_LOCAL && snum >= 0) {
-					ptr = lp_local_ptr(snum, ptr);
+					ptr = lp_local_ptr_by_snum(snum, parm);
+				} else {
+					ptr = lp_parm_ptr(NULL, parm);
 				}
 
 				switch (parm->type) {
@@ -370,7 +486,8 @@ static void show_parameters(int snum, int allparameters, unsigned int parm_filte
 					break;
 
 				case P_LIST:
-					if (!str_list_compare(*(char ***)ptr, (char **)(parm->def.lvalue))) continue;
+					if (!str_list_equal(*(const char ***)ptr, 
+							    (const char **)(parm->def.lvalue))) continue;
 					break;
 
 				case P_STRING:
@@ -378,17 +495,13 @@ static void show_parameters(int snum, int allparameters, unsigned int parm_filte
 					if (!strcmp(*(char **)ptr,(char *)(parm->def.svalue))) continue;
 					break;
 
-				case P_GSTRING:
-				case P_UGSTRING:
-					if (!strcmp((char *)ptr,(char *)(parm->def.svalue))) continue;
-					break;
-
 				case P_BOOL:
 				case P_BOOLREV:
-					if (*(BOOL *)ptr == (BOOL)(parm->def.bvalue)) continue;
+					if (*(bool *)ptr == (bool)(parm->def.bvalue)) continue;
 					break;
 
 				case P_INTEGER:
+				case P_BYTES:
 				case P_OCTAL:
 					if (*(int *)ptr == (int)(parm->def.ivalue)) continue;
 					break;
@@ -405,9 +518,9 @@ static void show_parameters(int snum, int allparameters, unsigned int parm_filte
 		}
 
 		if ((parm_filter & FLAG_WIZARD) && !(parm->flags & FLAG_WIZARD)) continue;
-		
+
 		if ((parm_filter & FLAG_ADVANCED) && !(parm->flags & FLAG_ADVANCED)) continue;
-		
+
 		if (heading && heading != last_heading) {
 			printf("<tr><td></td></tr><tr><td><b><u>%s</u></b></td></tr>\n", _(heading));
 			last_heading = heading;
@@ -419,22 +532,25 @@ static void show_parameters(int snum, int allparameters, unsigned int parm_filte
 /****************************************************************************
   load the smb.conf file into loadparm.
 ****************************************************************************/
-static BOOL load_config(BOOL save_def)
+static bool load_config(bool save_def)
 {
-	lp_resetnumservices();
-	return lp_load(dyn_CONFIGFILE,False,save_def,False,True);
+	return lp_load(get_dyn_CONFIGFILE(),False,save_def,False,True);
 }
 
 /****************************************************************************
   write a config file 
 ****************************************************************************/
-static void write_config(FILE *f, BOOL show_defaults)
+static void write_config(FILE *f, bool show_defaults)
 {
+	TALLOC_CTX *ctx = talloc_stackframe();
+
 	fprintf(f, "# Samba config file created using SWAT\n");
 	fprintf(f, "# from %s (%s)\n", cgi_remote_host(), cgi_remote_addr());
-	fprintf(f, "# Date: %s\n\n", timestring(False));
-	
+	fprintf(f, "# Date: %s\n\n", current_timestring(ctx, False));
+
 	lp_dump(f, show_defaults, iNumNonAutoPrintServices);
+
+	TALLOC_FREE(ctx);
 }
 
 /****************************************************************************
@@ -445,9 +561,9 @@ static int save_reload(int snum)
 	FILE *f;
 	struct stat st;
 
-	f = sys_fopen(dyn_CONFIGFILE,"w");
+	f = fopen(get_dyn_CONFIGFILE(),"w");
 	if (!f) {
-		printf(_("failed to open %s for writing"), dyn_CONFIGFILE);
+		printf(_("failed to open %s for writing"), get_dyn_CONFIGFILE());
 		printf("\n");
 		return 0;
 	}
@@ -458,24 +574,42 @@ static int save_reload(int snum)
 #if defined HAVE_FCHMOD
 		fchmod(fileno(f), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH);
 #else
-		chmod(dyn_CONFIGFILE, S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH);
+		chmod(get_dyn_CONFIGFILE(), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH);
 #endif
 	}
 
 	write_config(f, False);
-	if (snum)
+	if (snum >= 0)
 		lp_dump_one(f, False, snum);
 	fclose(f);
 
-	lp_killunused(NULL);
+	lp_kill_all_services();
 
 	if (!load_config(False)) {
-                printf(_("Can't reload %s"), dyn_CONFIGFILE);
+                printf(_("Can't reload %s"), get_dyn_CONFIGFILE());
 		printf("\n");
                 return 0;
         }
 	iNumNonAutoPrintServices = lp_numservices();
-	load_printers();
+	if (pcap_cache_loaded()) {
+		struct tevent_context *ev_ctx;
+		struct messaging_context *msg_ctx;
+
+		ev_ctx = s3_tevent_context_init(NULL);
+		if (ev_ctx == NULL) {
+			printf("s3_tevent_context_init() failed\n");
+			return 0;
+		}
+		msg_ctx = messaging_init(ev_ctx, ev_ctx);
+		if (msg_ctx == NULL) {
+			printf("messaging_init() failed\n");
+			return 0;
+		}
+
+		load_printers(ev_ctx, msg_ctx);
+
+		talloc_free(ev_ctx);
+	}
 
 	return 1;
 }
@@ -510,14 +644,17 @@ static void commit_parameters(int snum)
 {
 	int i = 0;
 	struct parm_struct *parm;
-	pstring label;
+	char *label;
 	const char *v;
 
 	while ((parm = lp_next_parameter(snum, &i, 1))) {
-		slprintf(label, sizeof(label)-1, "parm_%s", make_parm_name(parm->label));
-		if ((v = cgi_variable(label)) != NULL) {
-			if (parm->flags & FLAG_HIDE) continue;
-			commit_parameter(snum, parm, v); 
+		if (asprintf(&label, "parm_%s", make_parm_name(parm->label)) > 0) {
+			if ((v = cgi_variable(label)) != NULL) {
+				if (parm->flags & FLAG_HIDE)
+					continue;
+				commit_parameter(snum, parm, v);
+			}
+			SAFE_FREE(label);
 		}
 	}
 }
@@ -538,7 +675,7 @@ static void image_link(const char *name, const char *hlink, const char *src)
 static void show_main_buttons(void)
 {
 	char *p;
-	
+
 	if ((p = cgi_user_name()) && strcmp(p, "root")) {
 		printf(_("Logged in as <b>%s</b>"), p);
 		printf("<p>\n");
@@ -580,7 +717,7 @@ static void ViewModeBoxes(int mode)
 ****************************************************************************/
 static void welcome_page(void)
 {
-	if (file_exist("help/welcome.html", NULL)) {
+	if (file_exist("help/welcome.html")) {
 		include_html("help/welcome.html");
 	} else {
 		include_html("help/welcome-no-samba-doc.html");
@@ -593,13 +730,20 @@ static void welcome_page(void)
 static void viewconfig_page(void)
 {
 	int full_view=0;
+	const char form_name[] = "viewconfig";
+
+	if (!verify_xsrf_token(form_name)) {
+		goto output_page;
+	}
 
 	if (cgi_variable("full_view")) {
 		full_view = 1;
 	}
 
+output_page:
 	printf("<H2>%s</H2>\n", _("Current Config"));
 	printf("<form method=post>\n");
+	print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
 
 	if (full_view) {
 		printf("<input type=submit name=\"normal_view\" value=\"%s\">\n", _("Normal View"));
@@ -619,18 +763,25 @@ static void viewconfig_page(void)
 static void wizard_params_page(void)
 {
 	unsigned int parm_filter = FLAG_WIZARD;
+	const char form_name[] = "wizard_params";
 
 	/* Here we first set and commit all the parameters that were selected
  	   in the previous screen. */
 
 	printf("<H2>%s</H2>\n", _("Wizard Parameter Edit Page"));
 
+	if (!verify_xsrf_token(form_name)) {
+		goto output_page;
+	}
+
 	if (cgi_variable("Commit")) {
 		commit_parameters(GLOBAL_SECTION_SNUM);
-		save_reload(0);
+		save_reload(-1);
 	}
 
+output_page:
 	printf("<form name=\"swatform\" method=post action=wizard_params>\n");
+	print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
 
 	if (have_write_access) {
 		printf("<input type=submit name=\"Commit\" value=\"Commit Changes\">\n");
@@ -638,7 +789,7 @@ static void wizard_params_page(void)
 
 	printf("<input type=reset name=\"Reset Values\" value=\"Reset\">\n");
 	printf("<p>\n");
-	
+
 	printf("<table>\n");
 	show_parameters(GLOBAL_SECTION_SNUM, 1, parm_filter, 0);
 	printf("</table>\n");
@@ -651,7 +802,7 @@ static void wizard_params_page(void)
 static void rewritecfg_file(void)
 {
 	commit_parameters(GLOBAL_SECTION_SNUM);
-	save_reload(0);
+	save_reload(-1);
 	printf("<H2>%s</H2>\n", _("Note: smb.conf file has been read and rewritten"));
 }
 
@@ -666,6 +817,11 @@ static void wizard_page(void)
 	int have_home = -1;
 	int HomeExpo = 0;
 	int SerType = 0;
+	const char form_name[] = "wizard";
+
+	if (!verify_xsrf_token(form_name)) {
+		goto output_page;
+	}
 
 	if (cgi_variable("Rewrite")) {
 		(void) rewritecfg_file();
@@ -685,7 +841,7 @@ static void wizard_page(void)
 
 		/* Plain text passwords are too badly broken - use encrypted passwords only */
 		lp_do_parameter( GLOBAL_SECTION_SNUM, "encrypt passwords", "Yes");
-		
+
 		switch ( SerType ){
 			case 0:
 				/* Stand-alone Server */
@@ -720,17 +876,16 @@ static void wizard_page(void)
 
 		/* Have to create Homes share? */
 		if ((HomeExpo == 1) && (have_home == -1)) {
-			pstring unix_share;
-			
-			pstrcpy(unix_share,HOMES_NAME);
+			const char *unix_share = HOMES_NAME;
+
 			load_config(False);
 			lp_copy_service(GLOBAL_SECTION_SNUM, unix_share);
-			iNumNonAutoPrintServices = lp_numservices();
 			have_home = lp_servicenumber(HOMES_NAME);
 			lp_do_parameter( have_home, "read only", "No");
 			lp_do_parameter( have_home, "valid users", "%S");
 			lp_do_parameter( have_home, "browseable", "No");
 			commit_parameters(have_home);
+			save_reload(have_home);
 		}
 
 		/* Need to Delete Homes share? */
@@ -740,28 +895,29 @@ static void wizard_page(void)
 		}
 
 		commit_parameters(GLOBAL_SECTION_SNUM);
-		save_reload(0);
+		save_reload(-1);
 	}
 	else
 	{
 		/* Now determine smb.conf WINS settings */
-		if (lp_wins_support())
+		if (lp_we_are_a_wins_server())
 			winstype = 1;
 		if (lp_wins_server_list() && strlen(*lp_wins_server_list()))
  		        winstype = 2;
- 		
 
 		/* Do we have a homes share? */
 		have_home = lp_servicenumber(HOMES_NAME);
 	}
-	if ((winstype == 2) && lp_wins_support())
+	if ((winstype == 2) && lp_we_are_a_wins_server())
 		winstype = 3;
 
 	role = lp_server_role();
-	
+
+output_page:
 	/* Here we go ... */
 	printf("<H2>%s</H2>\n", _("Samba Configuration Wizard"));
 	printf("<form method=post action=wizard>\n");
+	print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
 
 	if (have_write_access) {
 		printf("%s\n", _("The \"Rewrite smb.conf file\" button will clear the smb.conf file of all default values and of comments."));
@@ -797,7 +953,7 @@ static void wizard_page(void)
 		const char **wins_servers = lp_wins_server_list();
 		for(i = 0; wins_servers[i]; i++) printf("%s ", wins_servers[i]);
 	}
-	
+
 	printf("\"></td></tr>\n");
 	if (winstype == 3) {
 		printf("<tr><td></td><td colspan=3><font color=\"#ff0000\">%s</font></td></tr>\n", _("Error: WINS Server Mode and WINS Support both set in smb.conf"));
@@ -807,14 +963,14 @@ static void wizard_page(void)
 	printf("<td><input type=radio name=\"HomeExpo\" value=\"1\" %s> Yes</td>", (have_home == -1) ? "" : "checked ");
 	printf("<td><input type=radio name=\"HomeExpo\" value=\"0\" %s> No</td>", (have_home == -1 ) ? "checked" : "");
 	printf("<td></td></tr>\n");
-	
+
 	/* Enable this when we are ready ....
 	 * printf("<tr><td><b>%s:&nbsp;</b></td>\n", _("Is Print Server"));
 	 * printf("<td><input type=radio name=\"PtrSvr\" value=\"1\" %s> Yes</td>");
 	 * printf("<td><input type=radio name=\"PtrSvr\" value=\"0\" %s> No</td>");
 	 * printf("<td></td></tr>\n");
 	 */
-	
+
 	printf("</table></center>");
 	printf("<hr>");
 
@@ -830,12 +986,17 @@ static void globals_page(void)
 {
 	unsigned int parm_filter = FLAG_BASIC;
 	int mode = 0;
+	const char form_name[] = "globals";
 
 	printf("<H2>%s</H2>\n", _("Global Parameters"));
 
+	if (!verify_xsrf_token(form_name)) {
+		goto output_page;
+	}
+
 	if (cgi_variable("Commit")) {
 		commit_parameters(GLOBAL_SECTION_SNUM);
-		save_reload(0);
+		save_reload(-1);
 	}
 
 	if ( cgi_variable("ViewMode") )
@@ -845,7 +1006,9 @@ static void globals_page(void)
 	if ( cgi_variable("AdvMode"))
 		mode = 1;
 
+output_page:
 	printf("<form name=\"swatform\" method=post action=globals>\n");
+	print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
 
 	ViewModeBoxes( mode );
 	switch ( mode ) {
@@ -884,36 +1047,43 @@ static void shares_page(void)
 	int i;
 	int mode = 0;
 	unsigned int parm_filter = FLAG_BASIC;
+	size_t converted_size;
+	const char form_name[] = "shares";
+
+	printf("<H2>%s</H2>\n", _("Share Parameters"));
+
+	if (!verify_xsrf_token(form_name)) {
+		goto output_page;
+	}
 
 	if (share)
 		snum = lp_servicenumber(share);
 
-	printf("<H2>%s</H2>\n", _("Share Parameters"));
 
 	if (cgi_variable("Commit") && snum >= 0) {
 		commit_parameters(snum);
-		save_reload(0);
+		save_reload(-1);
+		snum = lp_servicenumber(share);
 	}
 
 	if (cgi_variable("Delete") && snum >= 0) {
 		lp_remove_service(snum);
-		save_reload(0);
+		save_reload(-1);
 		share = NULL;
 		snum = -1;
 	}
 
 	if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) {
-		load_config(False);
-		lp_copy_service(GLOBAL_SECTION_SNUM, share);
-		iNumNonAutoPrintServices = lp_numservices();
-		save_reload(0);
 		snum = lp_servicenumber(share);
+		if (snum < 0) {
+			load_config(False);
+			lp_copy_service(GLOBAL_SECTION_SNUM, share);
+			snum = lp_servicenumber(share);
+			save_reload(snum);
+			snum = lp_servicenumber(share);
+		}
 	}
 
-	printf("<FORM name=\"swatform\" method=post>\n");
-
-	printf("<table>\n");
-
 	if ( cgi_variable("ViewMode") )
 		mode = atoi(cgi_variable_nonull("ViewMode"));
 	if ( cgi_variable("BasicMode"))
@@ -921,6 +1091,12 @@ static void shares_page(void)
 	if ( cgi_variable("AdvMode"))
 		mode = 1;
 
+output_page:
+	printf("<FORM name=\"swatform\" method=post>\n");
+	print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
+
+	printf("<table>\n");
+
 	ViewModeBoxes( mode );
 	switch ( mode ) {
 		case 0:
@@ -938,12 +1114,11 @@ static void shares_page(void)
 	for (i=0;i<lp_numservices();i++) {
 		s = lp_servicename(i);
 		if (s && (*s) && strcmp(s,"IPC$") && !lp_print_ok(i)) {
-			push_utf8_allocate(&utf8_s, s);
+			push_utf8_talloc(talloc_tos(), &utf8_s, s, &converted_size);
 			printf("<option %s value=\"%s\">%s\n", 
 			       (share && strcmp(share,s)==0)?"SELECTED":"",
 			       utf8_s, utf8_s);
-			SAFE_FREE(utf8_s);
-			
+			TALLOC_FREE(utf8_s);
 		}
 	}
 	printf("</select></td>\n");
@@ -982,40 +1157,43 @@ static void shares_page(void)
 /*************************************************************
 change a password either locally or remotely
 *************************************************************/
-static BOOL change_password(const char *remote_machine, const char *user_name, 
+static bool change_password(const char *remote_machine, const char *user_name, 
 			    const char *old_passwd, const char *new_passwd, 
 				int local_flags)
 {
 	NTSTATUS ret;
-	pstring err_str;
-	pstring msg_str;
+	char *err_str = NULL;
+	char *msg_str = NULL;
 
 	if (demo_mode) {
 		printf("%s\n<p>", _("password change in demo mode rejected"));
 		return False;
 	}
-	
+
 	if (remote_machine != NULL) {
-		ret = remote_password_change(remote_machine, user_name, old_passwd, 
-									 new_passwd, err_str, sizeof(err_str));
-		if(*err_str)
+		ret = remote_password_change(remote_machine, user_name,
+					     old_passwd, new_passwd, &err_str);
+		if (err_str != NULL)
 			printf("%s\n<p>", err_str);
+		SAFE_FREE(err_str);
 		return NT_STATUS_IS_OK(ret);
 	}
 
-	if(!initialize_password_db(True)) {
+	if(!initialize_password_db(True, NULL)) {
 		printf("%s\n<p>", _("Can't setup password database vectors."));
 		return False;
 	}
-	
-	ret = local_password_change(user_name, local_flags, new_passwd, err_str, sizeof(err_str),
-					 msg_str, sizeof(msg_str));
 
-	if(*msg_str)
+	ret = local_password_change(user_name, local_flags, new_passwd,
+					&err_str, &msg_str);
+
+	if(msg_str)
 		printf("%s\n<p>", msg_str);
-	if(*err_str)
+	if(err_str)
 		printf("%s\n<p>", err_str);
 
+	SAFE_FREE(msg_str);
+	SAFE_FREE(err_str);
 	return NT_STATUS_IS_OK(ret);
 }
 
@@ -1025,7 +1203,7 @@ static BOOL change_password(const char *remote_machine, const char *user_name,
 static void chg_passwd(void)
 {
 	const char *host;
-	BOOL rslt;
+	bool rslt;
 	int local_flags = 0;
 
 	/* Make sure users name has been specified */
@@ -1088,7 +1266,6 @@ static void chg_passwd(void)
 	local_flags |= (cgi_variable(DELETE_USER_FLAG) ? LOCAL_DELETE_USER : 0);
 	local_flags |= (cgi_variable(ENABLE_USER_FLAG) ? LOCAL_ENABLE_USER : 0);
 	local_flags |= (cgi_variable(DISABLE_USER_FLAG) ? LOCAL_DISABLE_USER : 0);
-	
 
 	rslt = change_password(host,
 			       cgi_variable_nonull(SWAT_USER),
@@ -1098,14 +1275,12 @@ static void chg_passwd(void)
 	if(cgi_variable(CHG_S_PASSWD_FLAG)) {
 		printf("<p>");
 		if (rslt == True) {
-			printf(_(" The passwd for '%s' has been changed."), cgi_variable_nonull(SWAT_USER));
-			printf("\n");
+			printf("%s\n", _(" The passwd has been changed."));
 		} else {
-			printf(_(" The passwd for '%s' has NOT been changed."), cgi_variable_nonull(SWAT_USER));
-			printf("\n");
+			printf("%s\n", _(" The passwd has NOT been changed."));
 		}
 	}
-	
+
 	return;
 }
 
@@ -1115,20 +1290,15 @@ static void chg_passwd(void)
 static void passwd_page(void)
 {
 	const char *new_name = cgi_user_name();
-
-	/* 
-	 * After the first time through here be nice. If the user
-	 * changed the User box text to another users name, remember it.
-	 */
-	if (cgi_variable(SWAT_USER)) {
-		new_name = cgi_variable_nonull(SWAT_USER);
-	} 
+	const char passwd_form[] = "passwd";
+	const char rpasswd_form[] = "rpasswd";
 
 	if (!new_name) new_name = "";
 
 	printf("<H2>%s</H2>\n", _("Server Password Management"));
 
 	printf("<FORM name=\"swatform\" method=post>\n");
+	print_xsrf_token(cgi_user_name(), cgi_user_pass(), passwd_form);
 
 	printf("<table>\n");
 
@@ -1168,14 +1338,16 @@ static void passwd_page(void)
 	 * Do some work if change, add, disable or enable was
 	 * requested. It could be this is the first time through this
 	 * code, so there isn't anything to do.  */
-	if ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) ||
-	    (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG))) {
+	if (verify_xsrf_token(passwd_form) &&
+	   ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) ||
+	    (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG)))) {
 		chg_passwd();		
 	}
 
 	printf("<H2>%s</H2>\n", _("Client/Server Password Management"));
 
 	printf("<FORM name=\"swatform\" method=post>\n");
+	print_xsrf_token(cgi_user_name(), cgi_user_pass(), rpasswd_form);
 
 	printf("<table>\n");
 
@@ -1208,7 +1380,7 @@ static void passwd_page(void)
 	 * password somewhere other than the server. It could be this
 	 * is the first time through this code, so there isn't
 	 * anything to do.  */
-	if (cgi_variable(CHG_R_PASSWD_FLAG)) {
+	if (verify_xsrf_token(passwd_form) && cgi_variable(CHG_R_PASSWD_FLAG)) {
 		chg_passwd();		
 	}
 
@@ -1225,45 +1397,43 @@ static void printers_page(void)
 	int i;
 	int mode = 0;
 	unsigned int parm_filter = FLAG_BASIC;
+	const char form_name[] = "printers";
+
+	if (!verify_xsrf_token(form_name)) {
+		goto output_page;
+	}
 
 	if (share)
 		snum = lp_servicenumber(share);
 
-        printf("<H2>%s</H2>\n", _("Printer Parameters"));
- 
-        printf("<H3>%s</H3>\n", _("Important Note:"));
-        printf(_("Printer names marked with [*] in the Choose Printer drop-down box "));
-        printf(_("are autoloaded printers from "));
-        printf("<A HREF=\"/swat/help/smb.conf.5.html#printcapname\" target=\"docs\">%s</A>\n", _("Printcap Name"));
-        printf("%s\n", _("Attempting to delete these printers from SWAT will have no effect."));
-
 	if (cgi_variable("Commit") && snum >= 0) {
 		commit_parameters(snum);
 		if (snum >= iNumNonAutoPrintServices)
 		    save_reload(snum);
 		else
-		    save_reload(0);
+		    save_reload(-1);
+		snum = lp_servicenumber(share);
 	}
 
 	if (cgi_variable("Delete") && snum >= 0) {
 		lp_remove_service(snum);
-		save_reload(0);
+		save_reload(-1);
 		share = NULL;
 		snum = -1;
 	}
 
 	if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) {
-		load_config(False);
-		lp_copy_service(GLOBAL_SECTION_SNUM, share);
-		iNumNonAutoPrintServices = lp_numservices();
-		snum = lp_servicenumber(share);
-		lp_do_parameter(snum, "print ok", "Yes");
-		save_reload(0);
 		snum = lp_servicenumber(share);
+		if (snum < 0 || snum >= iNumNonAutoPrintServices) {
+			load_config(False);
+			lp_copy_service(GLOBAL_SECTION_SNUM, share);
+			snum = lp_servicenumber(share);
+			lp_do_parameter(snum, "print ok", "Yes");
+			save_reload(snum);
+			snum = lp_servicenumber(share);
+		}
 	}
 
-	printf("<FORM name=\"swatform\" method=post>\n");
-
 	if ( cgi_variable("ViewMode") )
 		mode = atoi(cgi_variable_nonull("ViewMode"));
         if ( cgi_variable("BasicMode"))
@@ -1271,6 +1441,19 @@ static void printers_page(void)
         if ( cgi_variable("AdvMode"))
                 mode = 1;
 
+output_page:
+        printf("<H2>%s</H2>\n", _("Printer Parameters"));
+
+        printf("<H3>%s</H3>\n", _("Important Note:"));
+        printf("%s",_("Printer names marked with [*] in the Choose Printer drop-down box "));
+        printf("%s",_("are autoloaded printers from "));
+        printf("<A HREF=\"/swat/help/smb.conf.5.html#printcapname\" target=\"docs\">%s</A>\n", _("Printcap Name"));
+        printf("%s\n", _("Attempting to delete these printers from SWAT will have no effect."));
+
+
+	printf("<FORM name=\"swatform\" method=post>\n");
+	print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
+
 	ViewModeBoxes( mode );
 	switch ( mode ) {
 		case 0:
@@ -1329,6 +1512,32 @@ static void printers_page(void)
 	printf("</FORM>\n");
 }
 
+/*
+  when the _() translation macro is used there is no obvious place to free
+  the resulting string and there is no easy way to give a static pointer.
+  All we can do is rotate between some static buffers and hope a single d_printf()
+  doesn't have more calls to _() than the number of buffers
+*/
+
+const char *lang_msg_rotate(TALLOC_CTX *ctx, const char *msgid)
+{
+	const char *msgstr;
+	const char *ret;
+
+	msgstr = lang_msg(msgid);
+	if (!msgstr) {
+		return msgid;
+	}
+
+	ret = talloc_strdup(ctx, msgstr);
+
+	lang_msg_free(msgstr);
+	if (!ret) {
+		return msgid;
+	}
+
+	return ret;
+}
 
 /**
  * main function for SWAT.
@@ -1344,8 +1553,9 @@ static void printers_page(void)
 		POPT_COMMON_SAMBA
 		POPT_TABLEEND
 	};
+	TALLOC_CTX *frame = talloc_stackframe();
 
-	fault_setup(NULL);
+	fault_setup();
 	umask(S_IWGRP | S_IWOTH);
 
 #if defined(HAVE_SET_AUTH_PARAMETERS)
@@ -1360,13 +1570,15 @@ static void printers_page(void)
 	/* we don't want any SIGPIPE messages */
 	BlockSignals(True,SIGPIPE);
 
-	dbf = x_fopen("/dev/null", O_WRONLY, 0);
-	if (!dbf) dbf = x_stderr;
+	debug_set_logfile("/dev/null");
 
 	/* we don't want stderr screwing us up */
 	close(2);
 	open("/dev/null", O_WRONLY);
+	setup_logging("swat", DEBUG_FILE);
 
+	load_case_tables();
+	
 	pc = poptGetContext("swat", argc, (const char **) argv, long_options, 0);
 
 	/* Parse command line options */
@@ -1375,31 +1587,48 @@ static void printers_page(void)
 
 	poptFreeContext(pc);
 
-	load_case_tables();
-
-	setup_logging(argv[0],False);
+	/* This should set a more apporiate log file */
 	load_config(True);
+	reopen_logs();
 	load_interfaces();
 	iNumNonAutoPrintServices = lp_numservices();
-	load_printers();
+	if (pcap_cache_loaded()) {
+		struct tevent_context *ev_ctx;
+		struct messaging_context *msg_ctx;
+
+		ev_ctx = s3_tevent_context_init(NULL);
+		if (ev_ctx == NULL) {
+			printf("s3_tevent_context_init() failed\n");
+			return 0;
+		}
+		msg_ctx = messaging_init(ev_ctx, ev_ctx);
+		if (msg_ctx == NULL) {
+			printf("messaging_init() failed\n");
+			return 0;
+		}
 
-	cgi_setup(dyn_SWATDIR, !demo_mode);
+		load_printers(ev_ctx, msg_ctx);
+
+		talloc_free(ev_ctx);
+	}
+
+	cgi_setup(get_dyn_SWATDIR(), !demo_mode);
 
 	print_header();
 
 	cgi_load_variables();
 
-	if (!file_exist(dyn_CONFIGFILE, NULL)) {
+	if (!file_exist(get_dyn_CONFIGFILE())) {
 		have_read_access = True;
 		have_write_access = True;
 	} else {
 		/* check if the authenticated user has write access - if not then
 		   don't show write options */
-		have_write_access = (access(dyn_CONFIGFILE,W_OK) == 0);
+		have_write_access = (access(get_dyn_CONFIGFILE(),W_OK) == 0);
 
 		/* if the user doesn't have read access to smb.conf then
 		   don't let them view it */
-		have_read_access = (access(dyn_CONFIGFILE,R_OK) == 0);
+		have_read_access = (access(get_dyn_CONFIGFILE(),R_OK) == 0);
 	}
 
 	show_main_buttons();
@@ -1430,6 +1659,8 @@ static void printers_page(void)
 	}
 
 	print_footer();
+
+	TALLOC_FREE(frame);
 	return 0;
 }