search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3 swat: Add XSRF protection to status page
[Samba.git] / source / web / statuspage.c
blobfe545e4a28167d9e9ad9156812f08681aadc6614
1 /*
2 Unix SMB/CIFS implementation.
3 web status page
4 Copyright (C) Andrew Tridgell 1997-1998
5
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include "includes.h"
21 #include "web/swat_proto.h"
22
23 #define _(x) lang_msg_rotate(talloc_tos(),x)
24
25 #define PIDMAP struct PidMap
26
27 /* how long to wait for start/stops to take effect */
28 #define SLEEP_TIME 3
29
30 PIDMAP {
31 PIDMAP *next, *prev;
32 struct server_id pid;
33 char *machine;
34 };
35
36 static PIDMAP *pidmap;
37 static int PID_or_Machine; /* 0 = show PID, else show Machine name */
38
39 static struct server_id smbd_pid;
40
41 /* from 2nd call on, remove old list */
42 static void initPid2Machine (void)
43 {
44 /* show machine name rather PID on table "Open Files"? */
45 if (PID_or_Machine) {
46 PIDMAP *p, *next;
47
48 for (p = pidmap; p != NULL; p = next) {
49 next = p->next;
50 DLIST_REMOVE(pidmap, p);
51 SAFE_FREE(p->machine);
52 SAFE_FREE(p);
53 }
54
55 pidmap = NULL;
56 }
57 }
58
59 /* add new PID <-> Machine name mapping */
60 static void addPid2Machine (struct server_id pid, const char *machine)
61 {
62 /* show machine name rather PID on table "Open Files"? */
63 if (PID_or_Machine) {
64 PIDMAP *newmap;
65
66 if ((newmap = SMB_MALLOC_P(PIDMAP)) == NULL) {
67 /* XXX need error message for this?
68 if malloc fails, PID is always shown */
69 return;
70 }
71
72 newmap->pid = pid;
73 newmap->machine = SMB_STRDUP(machine);
74
75 DLIST_ADD(pidmap, newmap);
76 }
77 }
78
79 /* lookup PID <-> Machine name mapping */
80 static char *mapPid2Machine (struct server_id pid)
81 {
82 static char pidbuf [64];
83 PIDMAP *map;
84
85 /* show machine name rather PID on table "Open Files"? */
86 if (PID_or_Machine) {
87 for (map = pidmap; map != NULL; map = map->next) {
88 if (procid_equal(&pid, &map->pid)) {
89 if (map->machine == NULL) /* no machine name */
90 break; /* show PID */
91
92 return map->machine;
93 }
94 }
95 }
96
97 /* PID not in list or machine name NULL? return pid as string */
98 snprintf (pidbuf, sizeof (pidbuf) - 1, "%s",
99 procid_str_static(&pid));
100 return pidbuf;
101 }
102
103 static const char *tstring(TALLOC_CTX *ctx, time_t t)
104 {
105 char *buf;
106 buf = talloc_strdup(ctx, time_to_asc(t));
107 if (!buf) {
108 return "";
109 }
110 buf = talloc_all_string_sub(ctx,
111 buf,
112 " ",
113 "&nbsp;");
114 if (!buf) {
115 return "";
116 }
117 return buf;
118 }
119
120 static void print_share_mode(const struct share_mode_entry *e,
121 const char *sharepath,
122 const char *fname,
123 void *dummy)
124 {
125 char *utf8_fname;
126 int deny_mode;
127 size_t converted_size;
128
129 if (!is_valid_share_mode_entry(e)) {
130 return;
131 }
132
133 deny_mode = map_share_mode_to_deny_mode(e->share_access,
134 e->private_options);
135
136 printf("<tr><td>%s</td>",_(mapPid2Machine(e->pid)));
137 printf("<td>%u</td>",(unsigned int)e->uid);
138 printf("<td>");
139 switch ((deny_mode>>4)&0xF) {
140 case DENY_NONE: printf("DENY_NONE"); break;
141 case DENY_ALL: printf("DENY_ALL "); break;
142 case DENY_DOS: printf("DENY_DOS "); break;
143 case DENY_FCB: printf("DENY_FCB "); break;
144 case DENY_READ: printf("DENY_READ "); break;
145 case DENY_WRITE:printf("DENY_WRITE "); break;
146 }
147 printf("</td>");
148
149 printf("<td>");
150 if (e->access_mask & (FILE_READ_DATA|FILE_WRITE_DATA)) {
151 printf("%s", _("RDWR "));
152 } else if (e->access_mask & FILE_WRITE_DATA) {
153 printf("%s", _("WRONLY "));
154 } else {
155 printf("%s", _("RDONLY "));
156 }
157 printf("</td>");
158
159 printf("<td>");
160 if((e->op_type &
161 (EXCLUSIVE_OPLOCK|BATCH_OPLOCK)) ==
162 (EXCLUSIVE_OPLOCK|BATCH_OPLOCK))
163 printf("EXCLUSIVE+BATCH ");
164 else if (e->op_type & EXCLUSIVE_OPLOCK)
165 printf("EXCLUSIVE ");
166 else if (e->op_type & BATCH_OPLOCK)
167 printf("BATCH ");
168 else if (e->op_type & LEVEL_II_OPLOCK)
169 printf("LEVEL_II ");
170 else
171 printf("NONE ");
172 printf("</td>");
173
174 push_utf8_allocate(&utf8_fname, fname, &converted_size);
175 printf("<td>%s</td><td>%s</td></tr>\n",
176 utf8_fname,tstring(talloc_tos(),e->time.tv_sec));
177 SAFE_FREE(utf8_fname);
178 }
179
180
181 /* kill off any connections chosen by the user */
182 static int traverse_fn1(struct db_record *rec,
183 const struct connections_key *key,
184 const struct connections_data *crec,
185 void *private_data)
186 {
187 if (crec->cnum == -1 && process_exists(crec->pid)) {
188 char buf[30];
189 slprintf(buf,sizeof(buf)-1,"kill_%s", procid_str_static(&crec->pid));
190 if (cgi_variable(buf)) {
191 kill_pid(crec->pid);
192 sleep(SLEEP_TIME);
193 }
194 }
195 return 0;
196 }
197
198 /* traversal fn for showing machine connections */
199 static int traverse_fn2(struct db_record *rec,
200 const struct connections_key *key,
201 const struct connections_data *crec,
202 void *private_data)
203 {
204 if (crec->cnum == -1 || !process_exists(crec->pid) ||
205 procid_equal(&crec->pid, &smbd_pid))
206 return 0;
207
208 addPid2Machine (crec->pid, crec->machine);
209
210 printf("<tr><td>%s</td><td>%s</td><td>%s</td><td>%s</td>\n",
211 procid_str_static(&crec->pid),
212 crec->machine, crec->addr,
213 tstring(talloc_tos(),crec->start));
214 if (geteuid() == 0) {
215 printf("<td><input type=submit value=\"X\" name=\"kill_%s\"></td>\n",
216 procid_str_static(&crec->pid));
217 }
218 printf("</tr>\n");
219
220 return 0;
221 }
222
223 /* traversal fn for showing share connections */
224 static int traverse_fn3(struct db_record *rec,
225 const struct connections_key *key,
226 const struct connections_data *crec,
227 void *private_data)
228 {
229 if (crec->cnum == -1 || !process_exists(crec->pid))
230 return 0;
231
232 printf("<tr><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td><td>%s</td></tr>\n",
233 crec->servicename, uidtoname(crec->uid),
234 gidtoname(crec->gid),procid_str_static(&crec->pid),
235 crec->machine,
236 tstring(talloc_tos(),crec->start));
237 return 0;
238 }
239
240
241 /* show the current server status */
242 void status_page(void)
243 {
244 const char *v;
245 int autorefresh=0;
246 int refresh_interval=30;
247 int nr_running=0;
248 bool waitup = False;
249 TALLOC_CTX *ctx = talloc_stackframe();
250 const char form_name[] = "status";
251
252 smbd_pid = pid_to_procid(pidfile_pid("smbd"));
253
254 if (!verify_xsrf_token(form_name)) {
255 goto output_page;
256 }
257
258 if (cgi_variable("smbd_restart") || cgi_variable("all_restart")) {
259 stop_smbd();
260 start_smbd();
261 waitup=True;
262 }
263
264 if (cgi_variable("smbd_start") || cgi_variable("all_start")) {
265 start_smbd();
266 waitup=True;
267 }
268
269 if (cgi_variable("smbd_stop") || cgi_variable("all_stop")) {
270 stop_smbd();
271 waitup=True;
272 }
273
274 if (cgi_variable("nmbd_restart") || cgi_variable("all_restart")) {
275 stop_nmbd();
276 start_nmbd();
277 waitup=True;
278 }
279 if (cgi_variable("nmbd_start") || cgi_variable("all_start")) {
280 start_nmbd();
281 waitup=True;
282 }
283
284 if (cgi_variable("nmbd_stop")|| cgi_variable("all_stop")) {
285 stop_nmbd();
286 waitup=True;
287 }
288
289 #ifdef WITH_WINBIND
290 if (cgi_variable("winbindd_restart") || cgi_variable("all_restart")) {
291 stop_winbindd();
292 start_winbindd();
293 waitup=True;
294 }
295
296 if (cgi_variable("winbindd_start") || cgi_variable("all_start")) {
297 start_winbindd();
298 waitup=True;
299 }
300
301 if (cgi_variable("winbindd_stop") || cgi_variable("all_stop")) {
302 stop_winbindd();
303 waitup=True;
304 }
305 #endif
306 /* wait for daemons to start/stop */
307 if (waitup)
308 sleep(SLEEP_TIME);
309
310 if (cgi_variable("autorefresh")) {
311 autorefresh = 1;
312 } else if (cgi_variable("norefresh")) {
313 autorefresh = 0;
314 } else if (cgi_variable("refresh")) {
315 autorefresh = 1;
316 }
317
318 if ((v=cgi_variable("refresh_interval"))) {
319 refresh_interval = atoi(v);
320 }
321
322 if (cgi_variable("show_client_in_col_1")) {
323 PID_or_Machine = 1;
324 }
325
326 if (cgi_variable("show_pid_in_col_1")) {
327 PID_or_Machine = 0;
328 }
329
330 connections_forall(traverse_fn1, NULL);
331
332 initPid2Machine ();
333
334 output_page:
335 printf("<H2>%s</H2>\n", _("Server Status"));
336
337 printf("<FORM method=post>\n");
338 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
339
340 if (!autorefresh) {
341 printf("<input type=submit value=\"%s\" name=\"autorefresh\">\n", _("Auto Refresh"));
342 printf("<br>%s", _("Refresh Interval: "));
343 printf("<input type=text size=2 name=\"refresh_interval\" value=\"%d\">\n",
344 refresh_interval);
345 } else {
346 printf("<input type=submit value=\"%s\" name=\"norefresh\">\n", _("Stop Refreshing"));
347 printf("<br>%s%d\n", _("Refresh Interval: "), refresh_interval);
348 printf("<input type=hidden name=\"refresh\" value=\"1\">\n");
349 }
350
351 printf("<p>\n");
352
353 printf("<table>\n");
354
355 printf("<tr><td>%s</td><td>%s</td></tr>", _("version:"), SAMBA_VERSION_STRING);
356
357 fflush(stdout);
358 printf("<tr><td>%s</td><td>%s</td>\n", _("smbd:"), smbd_running()?_("running"):_("not running"));
359 if (geteuid() == 0) {
360 if (smbd_running()) {
361 nr_running++;
362 printf("<td><input type=submit name=\"smbd_stop\" value=\"%s\"></td>\n", _("Stop smbd"));
363 } else {
364 printf("<td><input type=submit name=\"smbd_start\" value=\"%s\"></td>\n", _("Start smbd"));
365 }
366 printf("<td><input type=submit name=\"smbd_restart\" value=\"%s\"></td>\n", _("Restart smbd"));
367 }
368 printf("</tr>\n");
369
370 fflush(stdout);
371 printf("<tr><td>%s</td><td>%s</td>\n", _("nmbd:"), nmbd_running()?_("running"):_("not running"));
372 if (geteuid() == 0) {
373 if (nmbd_running()) {
374 nr_running++;
375 printf("<td><input type=submit name=\"nmbd_stop\" value=\"%s\"></td>\n", _("Stop nmbd"));
376 } else {
377 printf("<td><input type=submit name=\"nmbd_start\" value=\"%s\"></td>\n", _("Start nmbd"));
378 }
379 printf("<td><input type=submit name=\"nmbd_restart\" value=\"%s\"></td>\n", _("Restart nmbd"));
380 }
381 printf("</tr>\n");
382
383 #ifdef WITH_WINBIND
384 fflush(stdout);
385 printf("<tr><td>%s</td><td>%s</td>\n", _("winbindd:"), winbindd_running()?_("running"):_("not running"));
386 if (geteuid() == 0) {
387 if (winbindd_running()) {
388 nr_running++;
389 printf("<td><input type=submit name=\"winbindd_stop\" value=\"%s\"></td>\n", _("Stop winbindd"));
390 } else {
391 printf("<td><input type=submit name=\"winbindd_start\" value=\"%s\"></td>\n", _("Start winbindd"));
392 }
393 printf("<td><input type=submit name=\"winbindd_restart\" value=\"%s\"></td>\n", _("Restart winbindd"));
394 }
395 printf("</tr>\n");
396 #endif
397
398 if (geteuid() == 0) {
399 printf("<tr><td></td><td></td>\n");
400 if (nr_running >= 1) {
401 /* stop, restart all */
402 printf("<td><input type=submit name=\"all_stop\" value=\"%s\"></td>\n", _("Stop All"));
403 printf("<td><input type=submit name=\"all_restart\" value=\"%s\"></td>\n", _("Restart All"));
404 }
405 else if (nr_running == 0) {
406 /* start all */
407 printf("<td><input type=submit name=\"all_start\" value=\"%s\"></td>\n", _("Start All"));
408 }
409 printf("</tr>\n");
410 }
411 printf("</table>\n");
412 fflush(stdout);
413
414 printf("<p><h3>%s</h3>\n", _("Active Connections"));
415 printf("<table border=1>\n");
416 printf("<tr><th>%s</th><th>%s</th><th>%s</th><th>%s</th>\n", _("PID"), _("Client"), _("IP address"), _("Date"));
417 if (geteuid() == 0) {
418 printf("<th>%s</th>\n", _("Kill"));
419 }
420 printf("</tr>\n");
421
422 connections_forall(traverse_fn2, NULL);
423
424 printf("</table><p>\n");
425
426 printf("<p><h3>%s</h3>\n", _("Active Shares"));
427 printf("<table border=1>\n");
428 printf("<tr><th>%s</th><th>%s</th><th>%s</th><th>%s</th><th>%s</th><th>%s</th></tr>\n\n",
429 _("Share"), _("User"), _("Group"), _("PID"), _("Client"), _("Date"));
430
431 connections_forall(traverse_fn3, NULL);
432
433 printf("</table><p>\n");
434
435 printf("<h3>%s</h3>\n", _("Open Files"));
436 printf("<table border=1>\n");
437 printf("<tr><th>%s</th><th>%s</th><th>%s</th><th>%s</th><th>%s</th><th>%s</th><th>%s</th></tr>\n",
438 _("PID"), _("UID"), _("Sharing"), _("R/W"), _("Oplock"), _("File"), _("Date"));
439
440 locking_init_readonly();
441 share_mode_forall(print_share_mode, NULL);
442 locking_end();
443 printf("</table>\n");
444
445 printf("<br><input type=submit name=\"show_client_in_col_1\" value=\"%s\">\n", _("Show Client in col 1"));
446 printf("<input type=submit name=\"show_pid_in_col_1\" value=\"%s\">\n", _("Show PID in col 1"));
447
448 printf("</FORM>\n");
449
450 if (autorefresh) {
451 /* this little JavaScript allows for automatic refresh
452 of the page. There are other methods but this seems
453 to be the best alternative */
454 printf("<script language=\"JavaScript\">\n");
455 printf("<!--\nsetTimeout('window.location.replace(\"%s/status?refresh_interval=%d&refresh=1\")', %d)\n",
456 cgi_baseurl(),
457 refresh_interval,
458 refresh_interval*1000);
459 printf("//-->\n</script>\n");
460 }
461 TALLOC_FREE(ctx);
462 }
Samba GIT mirror