#include "includes.h"
#include "web/swat_proto.h"
+#include "../lib/crypto/md5.h"
static int demo_mode = False;
static int passwd_only = False;
#define DISABLE_USER_FLAG "disable_user_flag"
#define ENABLE_USER_FLAG "enable_user_flag"
#define RHOST "remote_host"
+#define XSRF_TOKEN "xsrf"
#define _(x) lang_msg_rotate(talloc_tos(),x)
/* Count the number of quotes. */
newstring_len = 1;
- while (*str) {
- if ( *str == '\"') {
+ p = (char *) str;
+ while (*p) {
+ if ( *p == '\"') {
newstring_len += quote_len;
} else {
newstring_len++;
}
- ++str;
+ ++p;
}
newstring = TALLOC_ARRAY(ctx, char, newstring_len);
if (!newstring) {
} else {
*p++ = *str;
}
- ++str;
}
*p = '\0';
return newstring;
return parmname;
}
+void get_xsrf_token(const char *username, const char *pass,
+ const char *formname, char token_str[33])
+{
+ struct MD5Context md5_ctx;
+ uint8_t token[16];
+ int i;
+
+ token_str[0] = '\0';
+ ZERO_STRUCT(md5_ctx);
+ MD5Init(&md5_ctx);
+
+ MD5Update(&md5_ctx, (uint8_t *)formname, strlen(formname));
+ if (username != NULL) {
+ MD5Update(&md5_ctx, (uint8_t *)username, strlen(username));
+ }
+ if (pass != NULL) {
+ MD5Update(&md5_ctx, (uint8_t *)pass, strlen(pass));
+ }
+
+ MD5Final(token, &md5_ctx);
+
+ for(i = 0; i < sizeof(token); i++) {
+ char tmp[3];
+
+ snprintf(tmp, sizeof(tmp), "%02x", token[i]);
+ strncat(token_str, tmp, sizeof(tmp));
+ }
+}
+
+void print_xsrf_token(const char *username, const char *pass,
+ const char *formname)
+{
+ char token[33];
+
+ get_xsrf_token(username, pass, formname, token);
+ printf("<input type=\"hidden\" name=\"%s\" value=\"%s\">\n",
+ XSRF_TOKEN, token);
+
+}
+
+bool verify_xsrf_token(const char *formname)
+{
+ char expected[33];
+ const char *username = cgi_user_name();
+ const char *pass = cgi_user_pass();
+ const char *token = cgi_variable_nonull(XSRF_TOKEN);
+
+ get_xsrf_token(username, pass, formname, expected);
+ return (strncmp(expected, token, sizeof(expected)) == 0);
+}
+
+
/****************************************************************************
include a lump of html in a page
****************************************************************************/
}
while ((ret = read(fd, buf, sizeof(buf))) > 0) {
- write(1, buf, ret);
+ if (write(1, buf, ret) == -1) {
+ break;
+ }
}
close(fd);
int i;
void *ptr = parm->ptr;
char *utf8_s1, *utf8_s2;
+ size_t converted_size;
TALLOC_CTX *ctx = talloc_stackframe();
if (parm->p_class == P_LOCAL && snum >= 0) {
- ptr = lp_local_ptr(snum, ptr);
+ ptr = lp_local_ptr_by_snum(snum, ptr);
}
printf("<tr><td>%s</td><td>", get_parm_translated(ctx,
for (;*list;list++) {
/* enclose in HTML encoded quotes if the string contains a space */
if ( strchr_m(*list, ' ') ) {
- push_utf8_allocate(&utf8_s1, *list);
- push_utf8_allocate(&utf8_s2, ((*(list+1))?", ":""));
+ push_utf8_allocate(&utf8_s1, *list, &converted_size);
+ push_utf8_allocate(&utf8_s2, ((*(list+1))?", ":""), &converted_size);
printf(""%s"%s", utf8_s1, utf8_s2);
} else {
- push_utf8_allocate(&utf8_s1, *list);
- push_utf8_allocate(&utf8_s2, ((*(list+1))?", ":""));
+ push_utf8_allocate(&utf8_s1, *list, &converted_size);
+ push_utf8_allocate(&utf8_s2, ((*(list+1))?", ":""), &converted_size);
printf("%s%s", utf8_s1, utf8_s2);
}
SAFE_FREE(utf8_s1);
case P_STRING:
case P_USTRING:
- push_utf8_allocate(&utf8_s1, *(char **)ptr);
+ push_utf8_allocate(&utf8_s1, *(char **)ptr, &converted_size);
printf("<input type=text size=40 name=\"parm_%s\" value=\"%s\">",
make_parm_name(parm->label), fix_quotes(ctx, utf8_s1));
SAFE_FREE(utf8_s1);
void *ptr = parm->ptr;
if (parm->p_class == P_LOCAL && snum >= 0) {
- ptr = lp_local_ptr(snum, ptr);
+ ptr = lp_local_ptr_by_snum(snum, ptr);
}
switch (parm->type) {
break;
case P_LIST:
- if (!str_list_compare(*(char ***)ptr, (char **)(parm->def.lvalue))) continue;
+ if (!str_list_equal(*(const char ***)ptr,
+ (const char **)(parm->def.lvalue))) continue;
break;
case P_STRING:
****************************************************************************/
static bool load_config(bool save_def)
{
- lp_resetnumservices();
return lp_load(get_dyn_CONFIGFILE(),False,save_def,False,True);
}
****************************************************************************/
static void write_config(FILE *f, bool show_defaults)
{
+ TALLOC_CTX *ctx = talloc_stackframe();
+
fprintf(f, "# Samba config file created using SWAT\n");
fprintf(f, "# from %s (%s)\n", cgi_remote_host(), cgi_remote_addr());
- fprintf(f, "# Date: %s\n\n", current_timestring(False));
+ fprintf(f, "# Date: %s\n\n", current_timestring(ctx, False));
lp_dump(f, show_defaults, iNumNonAutoPrintServices);
+
+ TALLOC_FREE(ctx);
}
/****************************************************************************
}
write_config(f, False);
- if (snum)
+ if (snum >= 0)
lp_dump_one(f, False, snum);
fclose(f);
- lp_killunused(NULL);
+ lp_kill_all_services();
if (!load_config(False)) {
printf(_("Can't reload %s"), get_dyn_CONFIGFILE());
****************************************************************************/
static void welcome_page(void)
{
- if (file_exist("help/welcome.html", NULL)) {
+ if (file_exist("help/welcome.html")) {
include_html("help/welcome.html");
} else {
include_html("help/welcome-no-samba-doc.html");
static void viewconfig_page(void)
{
int full_view=0;
+ const char form_name[] = "viewconfig";
+
+ if (!verify_xsrf_token(form_name)) {
+ goto output_page;
+ }
if (cgi_variable("full_view")) {
full_view = 1;
}
+output_page:
printf("<H2>%s</H2>\n", _("Current Config"));
printf("<form method=post>\n");
+ print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
if (full_view) {
printf("<input type=submit name=\"normal_view\" value=\"%s\">\n", _("Normal View"));
load_config(False);
lp_copy_service(GLOBAL_SECTION_SNUM, unix_share);
- iNumNonAutoPrintServices = lp_numservices();
have_home = lp_servicenumber(HOMES_NAME);
lp_do_parameter( have_home, "read only", "No");
lp_do_parameter( have_home, "valid users", "%S");
lp_do_parameter( have_home, "browseable", "No");
commit_parameters(have_home);
+ save_reload(have_home);
}
/* Need to Delete Homes share? */
int i;
int mode = 0;
unsigned int parm_filter = FLAG_BASIC;
+ size_t converted_size;
if (share)
snum = lp_servicenumber(share);
if (cgi_variable("Commit") && snum >= 0) {
commit_parameters(snum);
save_reload(0);
+ snum = lp_servicenumber(share);
}
if (cgi_variable("Delete") && snum >= 0) {
}
if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) {
- load_config(False);
- lp_copy_service(GLOBAL_SECTION_SNUM, share);
- iNumNonAutoPrintServices = lp_numservices();
- save_reload(0);
snum = lp_servicenumber(share);
+ if (snum < 0) {
+ load_config(False);
+ lp_copy_service(GLOBAL_SECTION_SNUM, share);
+ snum = lp_servicenumber(share);
+ save_reload(snum);
+ snum = lp_servicenumber(share);
+ }
}
printf("<FORM name=\"swatform\" method=post>\n");
for (i=0;i<lp_numservices();i++) {
s = lp_servicename(i);
if (s && (*s) && strcmp(s,"IPC$") && !lp_print_ok(i)) {
- push_utf8_allocate(&utf8_s, s);
+ push_utf8_allocate(&utf8_s, s, &converted_size);
printf("<option %s value=\"%s\">%s\n",
(share && strcmp(share,s)==0)?"SELECTED":"",
utf8_s, utf8_s);
SAFE_FREE(utf8_s);
-
}
}
printf("</select></td>\n");
if(cgi_variable(CHG_S_PASSWD_FLAG)) {
printf("<p>");
if (rslt == True) {
- printf(_(" The passwd for '%s' has been changed."), cgi_variable_nonull(SWAT_USER));
- printf("\n");
+ printf("%s\n", _(" The passwd has been changed."));
} else {
- printf(_(" The passwd for '%s' has NOT been changed."), cgi_variable_nonull(SWAT_USER));
- printf("\n");
+ printf("%s\n", _(" The passwd for has NOT been changed."));
}
}
{
const char *new_name = cgi_user_name();
- /*
- * After the first time through here be nice. If the user
- * changed the User box text to another users name, remember it.
- */
- if (cgi_variable(SWAT_USER)) {
- new_name = cgi_variable_nonull(SWAT_USER);
- }
-
if (!new_name) new_name = "";
printf("<H2>%s</H2>\n", _("Server Password Management"));
printf("<H2>%s</H2>\n", _("Printer Parameters"));
printf("<H3>%s</H3>\n", _("Important Note:"));
- printf(_("Printer names marked with [*] in the Choose Printer drop-down box "));
- printf(_("are autoloaded printers from "));
+ printf("%s",_("Printer names marked with [*] in the Choose Printer drop-down box "));
+ printf("%s",_("are autoloaded printers from "));
printf("<A HREF=\"/swat/help/smb.conf.5.html#printcapname\" target=\"docs\">%s</A>\n", _("Printcap Name"));
printf("%s\n", _("Attempting to delete these printers from SWAT will have no effect."));
save_reload(snum);
else
save_reload(0);
+ snum = lp_servicenumber(share);
}
if (cgi_variable("Delete") && snum >= 0) {
}
if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) {
- load_config(False);
- lp_copy_service(GLOBAL_SECTION_SNUM, share);
- iNumNonAutoPrintServices = lp_numservices();
- snum = lp_servicenumber(share);
- lp_do_parameter(snum, "print ok", "Yes");
- save_reload(0);
snum = lp_servicenumber(share);
+ if (snum < 0 || snum >= iNumNonAutoPrintServices) {
+ load_config(False);
+ lp_copy_service(GLOBAL_SECTION_SNUM, share);
+ snum = lp_servicenumber(share);
+ lp_do_parameter(snum, "print ok", "Yes");
+ save_reload(snum);
+ snum = lp_servicenumber(share);
+ }
}
printf("<FORM name=\"swatform\" method=post>\n");
cgi_load_variables();
- if (!file_exist(get_dyn_CONFIGFILE(), NULL)) {
+ if (!file_exist(get_dyn_CONFIGFILE())) {
have_read_access = True;
have_write_access = True;
} else {