search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3: Add a suicide mode to smbd
[Samba/id10ts.git] / source3 / web / swat.c
blob3d6aaf4ca7010028ef632f709f9cf69c73fce5ac
1 /*
2 Unix SMB/CIFS implementation.
3 Samba Web Administration Tool
4 Version 3.0.0
5 Copyright (C) Andrew Tridgell 1997-2002
6 Copyright (C) John H Terpstra 2002
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 3 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program. If not, see <http://www.gnu.org/licenses/>.
20 */
21
22 /**
23 * @defgroup swat SWAT - Samba Web Administration Tool
24 * @{
25 * @file swat.c
26 *
27 * @brief Samba Web Administration Tool.
28 **/
29
30 #include "includes.h"
31 #include "system/filesys.h"
32 #include "popt_common.h"
33 #include "web/swat_proto.h"
34 #include "printing/pcap.h"
35 #include "printing/load.h"
36 #include "passdb.h"
37 #include "intl/lang_tdb.h"
38 #include "../lib/crypto/md5.h"
39 #include "lib/param/loadparm.h"
40 #include "messages.h"
41
42 static int demo_mode = False;
43 static int passwd_only = False;
44 static bool have_write_access = False;
45 static bool have_read_access = False;
46 static int iNumNonAutoPrintServices = 0;
47
48 /*
49 * Password Management Globals
50 */
51 #define SWAT_USER "username"
52 #define OLD_PSWD "old_passwd"
53 #define NEW_PSWD "new_passwd"
54 #define NEW2_PSWD "new2_passwd"
55 #define CHG_S_PASSWD_FLAG "chg_s_passwd_flag"
56 #define CHG_R_PASSWD_FLAG "chg_r_passwd_flag"
57 #define ADD_USER_FLAG "add_user_flag"
58 #define DELETE_USER_FLAG "delete_user_flag"
59 #define DISABLE_USER_FLAG "disable_user_flag"
60 #define ENABLE_USER_FLAG "enable_user_flag"
61 #define RHOST "remote_host"
62 #define XSRF_TOKEN "xsrf"
63 #define XSRF_TIME "xsrf_time"
64 #define XSRF_TIMEOUT 300
65
66 #define _(x) lang_msg_rotate(talloc_tos(),x)
67
68 /****************************************************************************
69 ****************************************************************************/
70 static int enum_index(int value, const struct enum_list *enumlist)
71 {
72 int i;
73 for (i=0;enumlist[i].name;i++)
74 if (value == enumlist[i].value) break;
75 return(i);
76 }
77
78 static char *fix_backslash(const char *str)
79 {
80 static char newstring[1024];
81 char *p = newstring;
82
83 while (*str) {
84 if (*str == '\\') {*p++ = '\\';*p++ = '\\';}
85 else *p++ = *str;
86 ++str;
87 }
88 *p = '\0';
89 return newstring;
90 }
91
92 static const char *fix_quotes(TALLOC_CTX *ctx, char *str)
93 {
94 char *newstring = NULL;
95 char *p = NULL;
96 size_t newstring_len;
97 int quote_len = strlen("&quot;");
98
99 /* Count the number of quotes. */
100 newstring_len = 1;
101 p = (char *) str;
102 while (*p) {
103 if ( *p == '\"') {
104 newstring_len += quote_len;
105 } else {
106 newstring_len++;
107 }
108 ++p;
109 }
110 newstring = talloc_array(ctx, char, newstring_len);
111 if (!newstring) {
112 return "";
113 }
114 for (p = newstring; *str; str++) {
115 if ( *str == '\"') {
116 strncpy( p, "&quot;", quote_len);
117 p += quote_len;
118 } else {
119 *p++ = *str;
120 }
121 }
122 *p = '\0';
123 return newstring;
124 }
125
126 static char *stripspaceupper(const char *str)
127 {
128 static char newstring[1024];
129 char *p = newstring;
130
131 while (*str) {
132 if (*str != ' ') *p++ = toupper_m(*str);
133 ++str;
134 }
135 *p = '\0';
136 return newstring;
137 }
138
139 static char *make_parm_name(const char *label)
140 {
141 static char parmname[1024];
142 char *p = parmname;
143
144 while (*label) {
145 if (*label == ' ') *p++ = '_';
146 else *p++ = *label;
147 ++label;
148 }
149 *p = '\0';
150 return parmname;
151 }
152
153 void get_xsrf_token(const char *username, const char *pass,
154 const char *formname, time_t xsrf_time, char token_str[33])
155 {
156 struct MD5Context md5_ctx;
157 uint8_t token[16];
158 int i;
159
160 token_str[0] = '\0';
161 ZERO_STRUCT(md5_ctx);
162 MD5Init(&md5_ctx);
163
164 MD5Update(&md5_ctx, (uint8_t *)formname, strlen(formname));
165 MD5Update(&md5_ctx, (uint8_t *)&xsrf_time, sizeof(time_t));
166 if (username != NULL) {
167 MD5Update(&md5_ctx, (uint8_t *)username, strlen(username));
168 }
169 if (pass != NULL) {
170 MD5Update(&md5_ctx, (uint8_t *)pass, strlen(pass));
171 }
172
173 MD5Final(token, &md5_ctx);
174
175 for(i = 0; i < sizeof(token); i++) {
176 char tmp[3];
177
178 snprintf(tmp, sizeof(tmp), "%02x", token[i]);
179 strlcat(token_str, tmp, sizeof(tmp));
180 }
181 }
182
183 void print_xsrf_token(const char *username, const char *pass,
184 const char *formname)
185 {
186 char token[33];
187 time_t xsrf_time = time(NULL);
188
189 get_xsrf_token(username, pass, formname, xsrf_time, token);
190 printf("<input type=\"hidden\" name=\"%s\" value=\"%s\">\n",
191 XSRF_TOKEN, token);
192 printf("<input type=\"hidden\" name=\"%s\" value=\"%lld\">\n",
193 XSRF_TIME, (long long int)xsrf_time);
194 }
195
196 bool verify_xsrf_token(const char *formname)
197 {
198 char expected[33];
199 const char *username = cgi_user_name();
200 const char *pass = cgi_user_pass();
201 const char *token = cgi_variable_nonull(XSRF_TOKEN);
202 const char *time_str = cgi_variable_nonull(XSRF_TIME);
203 char *p = NULL;
204 long long xsrf_time_ll = 0;
205 time_t xsrf_time = 0;
206 time_t now = time(NULL);
207
208 errno = 0;
209 xsrf_time_ll = strtoll(time_str, &p, 10);
210 if (errno != 0) {
211 return false;
212 }
213 if (p == NULL) {
214 return false;
215 }
216 if (PTR_DIFF(p, time_str) > strlen(time_str)) {
217 return false;
218 }
219 if (xsrf_time_ll > _TYPE_MAXIMUM(time_t)) {
220 return false;
221 }
222 if (xsrf_time_ll < _TYPE_MINIMUM(time_t)) {
223 return false;
224 }
225 xsrf_time = xsrf_time_ll;
226
227 if (abs(now - xsrf_time) > XSRF_TIMEOUT) {
228 return false;
229 }
230
231 get_xsrf_token(username, pass, formname, xsrf_time, expected);
232 return (strncmp(expected, token, sizeof(expected)) == 0);
233 }
234
235
236 /****************************************************************************
237 include a lump of html in a page
238 ****************************************************************************/
239 static int include_html(const char *fname)
240 {
241 int fd;
242 char buf[1024];
243 int ret;
244
245 fd = web_open(fname, O_RDONLY, 0);
246
247 if (fd == -1) {
248 printf(_("ERROR: Can't open %s"), fname);
249 printf("\n");
250 return 0;
251 }
252
253 while ((ret = read(fd, buf, sizeof(buf))) > 0) {
254 if (write(1, buf, ret) == -1) {
255 break;
256 }
257 }
258
259 close(fd);
260 return 1;
261 }
262
263 /****************************************************************************
264 start the page with standard stuff
265 ****************************************************************************/
266 static void print_header(void)
267 {
268 if (!cgi_waspost()) {
269 printf("Expires: 0\r\n");
270 }
271 printf("Content-type: text/html\r\n\r\n");
272
273 if (!include_html("include/header.html")) {
274 printf("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2//EN\">\n");
275 printf("<HTML>\n<HEAD>\n<TITLE>Samba Web Administration Tool</TITLE>\n</HEAD>\n<BODY background=\"/swat/images/background.jpg\">\n\n");
276 }
277 }
278
279 /* *******************************************************************
280 show parameter label with translated name in the following form
281 because showing original and translated label in one line looks
282 too long, and showing translated label only is unusable for
283 heavy users.
284 -------------------------------
285 HELP security [combo box][button]
286 SECURITY
287 -------------------------------
288 (capital words are translated by gettext.)
289 if no translation is available, then same form as original is
290 used.
291 "i18n_translated_parm" class is used to change the color of the
292 translated parameter with CSS.
293 **************************************************************** */
294 static const char *get_parm_translated(TALLOC_CTX *ctx,
295 const char* pAnchor, const char* pHelp, const char* pLabel)
296 {
297 const char *pTranslated = _(pLabel);
298 char *output;
299 if(strcmp(pLabel, pTranslated) != 0) {
300 output = talloc_asprintf(ctx,
301 "<A HREF=\"/swat/help/manpages/smb.conf.5.html#%s\" target=\"docs\"> %s</A>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; %s <br><span class=\"i18n_translated_parm\">%s</span>",
302 pAnchor, pHelp, pLabel, pTranslated);
303 return output;
304 }
305 output = talloc_asprintf(ctx,
306 "<A HREF=\"/swat/help/manpages/smb.conf.5.html#%s\" target=\"docs\"> %s</A>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; %s",
307 pAnchor, pHelp, pLabel);
308 return output;
309 }
310 /****************************************************************************
311 finish off the page
312 ****************************************************************************/
313 static void print_footer(void)
314 {
315 if (!include_html("include/footer.html")) {
316 printf("\n</BODY>\n</HTML>\n");
317 }
318 }
319
320 /****************************************************************************
321 display one editable parameter in a form
322 ****************************************************************************/
323 static void show_parameter(int snum, struct parm_struct *parm)
324 {
325 int i;
326 void *ptr;
327 char *utf8_s1, *utf8_s2;
328 size_t converted_size;
329 TALLOC_CTX *ctx = talloc_stackframe();
330
331 if (parm->p_class == P_LOCAL && snum >= 0) {
332 ptr = lp_local_ptr_by_snum(snum, parm);
333 } else {
334 ptr = lp_parm_ptr(NULL, parm);
335 }
336
337 printf("<tr><td>%s</td><td>", get_parm_translated(ctx,
338 stripspaceupper(parm->label), _("Help"), parm->label));
339 switch (parm->type) {
340 case P_CHAR:
341 printf("<input type=text size=2 name=\"parm_%s\" value=\"%c\">",
342 make_parm_name(parm->label), *(char *)ptr);
343 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%c\'\">",
344 _("Set Default"), make_parm_name(parm->label),(char)(parm->def.cvalue));
345 break;
346
347 case P_LIST:
348 printf("<input type=text size=40 name=\"parm_%s\" value=\"",
349 make_parm_name(parm->label));
350 if ((char ***)ptr && *(char ***)ptr && **(char ***)ptr) {
351 char **list = *(char ***)ptr;
352 for (;*list;list++) {
353 /* enclose in HTML encoded quotes if the string contains a space */
354 if ( strchr_m(*list, ' ') ) {
355 push_utf8_talloc(talloc_tos(), &utf8_s1, *list, &converted_size);
356 push_utf8_talloc(talloc_tos(), &utf8_s2, ((*(list+1))?", ":""), &converted_size);
357 printf("&quot;%s&quot;%s", utf8_s1, utf8_s2);
358 } else {
359 push_utf8_talloc(talloc_tos(), &utf8_s1, *list, &converted_size);
360 push_utf8_talloc(talloc_tos(), &utf8_s2, ((*(list+1))?", ":""), &converted_size);
361 printf("%s%s", utf8_s1, utf8_s2);
362 }
363 TALLOC_FREE(utf8_s1);
364 TALLOC_FREE(utf8_s2);
365 }
366 }
367 printf("\">");
368 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'",
369 _("Set Default"), make_parm_name(parm->label));
370 if (parm->def.lvalue) {
371 char **list = (char **)(parm->def.lvalue);
372 for (; *list; list++) {
373 /* enclose in HTML encoded quotes if the string contains a space */
374 if ( strchr_m(*list, ' ') )
375 printf("&quot;%s&quot;%s", *list, ((*(list+1))?", ":""));
376 else
377 printf("%s%s", *list, ((*(list+1))?", ":""));
378 }
379 }
380 printf("\'\">");
381 break;
382
383 case P_STRING:
384 case P_USTRING:
385 push_utf8_talloc(talloc_tos(), &utf8_s1, *(char **)ptr, &converted_size);
386 printf("<input type=text size=40 name=\"parm_%s\" value=\"%s\">",
387 make_parm_name(parm->label), fix_quotes(ctx, utf8_s1));
388 TALLOC_FREE(utf8_s1);
389 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">",
390 _("Set Default"), make_parm_name(parm->label),fix_backslash((char *)(parm->def.svalue)));
391 break;
392
393 case P_BOOL:
394 printf("<select name=\"parm_%s\">",make_parm_name(parm->label));
395 printf("<option %s>Yes", (*(bool *)ptr)?"selected":"");
396 printf("<option %s>No", (*(bool *)ptr)?"":"selected");
397 printf("</select>");
398 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.selectedIndex=\'%d\'\">",
399 _("Set Default"), make_parm_name(parm->label),(bool)(parm->def.bvalue)?0:1);
400 break;
401
402 case P_BOOLREV:
403 printf("<select name=\"parm_%s\">",make_parm_name(parm->label));
404 printf("<option %s>Yes", (*(bool *)ptr)?"":"selected");
405 printf("<option %s>No", (*(bool *)ptr)?"selected":"");
406 printf("</select>");
407 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.selectedIndex=\'%d\'\">",
408 _("Set Default"), make_parm_name(parm->label),(bool)(parm->def.bvalue)?1:0);
409 break;
410
411 case P_INTEGER:
412 printf("<input type=text size=8 name=\"parm_%s\" value=\"%d\">", make_parm_name(parm->label), *(int *)ptr);
413 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%d\'\">",
414 _("Set Default"), make_parm_name(parm->label),(int)(parm->def.ivalue));
415 break;
416
417 case P_OCTAL: {
418 char *o;
419 o = octal_string(*(int *)ptr);
420 printf("<input type=text size=8 name=\"parm_%s\" value=%s>",
421 make_parm_name(parm->label), o);
422 TALLOC_FREE(o);
423 o = octal_string((int)(parm->def.ivalue));
424 printf("<input type=button value=\"%s\" "
425 "onClick=\"swatform.parm_%s.value=\'%s\'\">",
426 _("Set Default"), make_parm_name(parm->label), o);
427 TALLOC_FREE(o);
428 break;
429 }
430
431 case P_ENUM:
432 printf("<select name=\"parm_%s\">",make_parm_name(parm->label));
433 for (i=0;parm->enum_list[i].name;i++) {
434 if (i == 0 || parm->enum_list[i].value != parm->enum_list[i-1].value) {
435 printf("<option %s>%s",(*(int *)ptr)==parm->enum_list[i].value?"selected":"",parm->enum_list[i].name);
436 }
437 }
438 printf("</select>");
439 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.selectedIndex=\'%d\'\">",
440 _("Set Default"), make_parm_name(parm->label),enum_index((int)(parm->def.ivalue),parm->enum_list));
441 break;
442 case P_SEP:
443 break;
444 }
445 printf("</td></tr>\n");
446 TALLOC_FREE(ctx);
447 }
448
449 /****************************************************************************
450 display a set of parameters for a service
451 ****************************************************************************/
452 static void show_parameters(int snum, int allparameters, unsigned int parm_filter, int printers)
453 {
454 int i = 0;
455 struct parm_struct *parm;
456 const char *heading = NULL;
457 const char *last_heading = NULL;
458
459 while ((parm = lp_next_parameter(snum, &i, allparameters))) {
460 if (snum < 0 && parm->p_class == P_LOCAL && !(parm->flags & FLAG_GLOBAL))
461 continue;
462 if (parm->p_class == P_SEPARATOR) {
463 heading = parm->label;
464 continue;
465 }
466 if (parm->flags & FLAG_HIDE) continue;
467 if (snum >= 0) {
468 if (printers & !(parm->flags & FLAG_PRINT)) continue;
469 if (!printers & !(parm->flags & FLAG_SHARE)) continue;
470 }
471
472 if (!( parm_filter & FLAG_ADVANCED )) {
473 if (!(parm->flags & FLAG_BASIC)) {
474 void *ptr;
475 if (parm->p_class == P_LOCAL && snum >= 0) {
476 ptr = lp_local_ptr_by_snum(snum, parm);
477 } else {
478 ptr = lp_parm_ptr(NULL, parm);
479 }
480
481 switch (parm->type) {
482 case P_CHAR:
483 if (*(char *)ptr == (char)(parm->def.cvalue)) continue;
484 break;
485
486 case P_LIST:
487 if (!str_list_equal(*(const char ***)ptr,
488 (const char **)(parm->def.lvalue))) continue;
489 break;
490
491 case P_STRING:
492 case P_USTRING:
493 if (!strcmp(*(char **)ptr,(char *)(parm->def.svalue))) continue;
494 break;
495
496 case P_BOOL:
497 case P_BOOLREV:
498 if (*(bool *)ptr == (bool)(parm->def.bvalue)) continue;
499 break;
500
501 case P_INTEGER:
502 case P_OCTAL:
503 if (*(int *)ptr == (int)(parm->def.ivalue)) continue;
504 break;
505
506
507 case P_ENUM:
508 if (*(int *)ptr == (int)(parm->def.ivalue)) continue;
509 break;
510 case P_SEP:
511 continue;
512 }
513 }
514 if (printers && !(parm->flags & FLAG_PRINT)) continue;
515 }
516
517 if ((parm_filter & FLAG_WIZARD) && !(parm->flags & FLAG_WIZARD)) continue;
518
519 if ((parm_filter & FLAG_ADVANCED) && !(parm->flags & FLAG_ADVANCED)) continue;
520
521 if (heading && heading != last_heading) {
522 printf("<tr><td></td></tr><tr><td><b><u>%s</u></b></td></tr>\n", _(heading));
523 last_heading = heading;
524 }
525 show_parameter(snum, parm);
526 }
527 }
528
529 /****************************************************************************
530 load the smb.conf file into loadparm.
531 ****************************************************************************/
532 static bool load_config(bool save_def)
533 {
534 return lp_load(get_dyn_CONFIGFILE(),False,save_def,False,True);
535 }
536
537 /****************************************************************************
538 write a config file
539 ****************************************************************************/
540 static void write_config(FILE *f, bool show_defaults)
541 {
542 TALLOC_CTX *ctx = talloc_stackframe();
543
544 fprintf(f, "# Samba config file created using SWAT\n");
545 fprintf(f, "# from %s (%s)\n", cgi_remote_host(), cgi_remote_addr());
546 fprintf(f, "# Date: %s\n\n", current_timestring(ctx, False));
547
548 lp_dump(f, show_defaults, iNumNonAutoPrintServices);
549
550 TALLOC_FREE(ctx);
551 }
552
553 /****************************************************************************
554 save and reload the smb.conf config file
555 ****************************************************************************/
556 static int save_reload(int snum)
557 {
558 FILE *f;
559 struct stat st;
560
561 f = sys_fopen(get_dyn_CONFIGFILE(),"w");
562 if (!f) {
563 printf(_("failed to open %s for writing"), get_dyn_CONFIGFILE());
564 printf("\n");
565 return 0;
566 }
567
568 /* just in case they have used the buggy xinetd to create the file */
569 if (fstat(fileno(f), &st) == 0 &&
570 (st.st_mode & S_IWOTH)) {
571 #if defined HAVE_FCHMOD
572 fchmod(fileno(f), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH);
573 #else
574 chmod(get_dyn_CONFIGFILE(), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH);
575 #endif
576 }
577
578 write_config(f, False);
579 if (snum >= 0)
580 lp_dump_one(f, False, snum);
581 fclose(f);
582
583 lp_kill_all_services();
584
585 if (!load_config(False)) {
586 printf(_("Can't reload %s"), get_dyn_CONFIGFILE());
587 printf("\n");
588 return 0;
589 }
590 iNumNonAutoPrintServices = lp_numservices();
591 if (pcap_cache_loaded()) {
592 struct tevent_context *ev_ctx;
593 struct messaging_context *msg_ctx;
594
595 ev_ctx = s3_tevent_context_init(NULL);
596 if (ev_ctx == NULL) {
597 printf("s3_tevent_context_init() failed\n");
598 return 0;
599 }
600 msg_ctx = messaging_init(ev_ctx, ev_ctx);
601 if (msg_ctx == NULL) {
602 printf("messaging_init() failed\n");
603 return 0;
604 }
605
606 load_printers(ev_ctx, msg_ctx);
607
608 talloc_free(ev_ctx);
609 }
610
611 return 1;
612 }
613
614 /****************************************************************************
615 commit one parameter
616 ****************************************************************************/
617 static void commit_parameter(int snum, struct parm_struct *parm, const char *v)
618 {
619 int i;
620 char *s;
621
622 if (snum < 0 && parm->p_class == P_LOCAL) {
623 /* this handles the case where we are changing a local
624 variable globally. We need to change the parameter in
625 all shares where it is currently set to the default */
626 for (i=0;i<lp_numservices();i++) {
627 s = lp_servicename(i);
628 if (s && (*s) && lp_is_default(i, parm)) {
629 lp_do_parameter(i, parm->label, v);
630 }
631 }
632 }
633
634 lp_do_parameter(snum, parm->label, v);
635 }
636
637 /****************************************************************************
638 commit a set of parameters for a service
639 ****************************************************************************/
640 static void commit_parameters(int snum)
641 {
642 int i = 0;
643 struct parm_struct *parm;
644 char *label;
645 const char *v;
646
647 while ((parm = lp_next_parameter(snum, &i, 1))) {
648 if (asprintf(&label, "parm_%s", make_parm_name(parm->label)) > 0) {
649 if ((v = cgi_variable(label)) != NULL) {
650 if (parm->flags & FLAG_HIDE)
651 continue;
652 commit_parameter(snum, parm, v);
653 }
654 SAFE_FREE(label);
655 }
656 }
657 }
658
659 /****************************************************************************
660 spit out the html for a link with an image
661 ****************************************************************************/
662 static void image_link(const char *name, const char *hlink, const char *src)
663 {
664 printf("<A HREF=\"%s/%s\"><img border=\"0\" src=\"/swat/%s\" alt=\"%s\"></A>\n",
665 cgi_baseurl(), hlink, src, name);
666 }
667
668 /****************************************************************************
669 display the main navigation controls at the top of each page along
670 with a title
671 ****************************************************************************/
672 static void show_main_buttons(void)
673 {
674 char *p;
675
676 if ((p = cgi_user_name()) && strcmp(p, "root")) {
677 printf(_("Logged in as <b>%s</b>"), p);
678 printf("<p>\n");
679 }
680
681 image_link(_("Home"), "", "images/home.gif");
682 if (have_write_access) {
683 image_link(_("Globals"), "globals", "images/globals.gif");
684 image_link(_("Shares"), "shares", "images/shares.gif");
685 image_link(_("Printers"), "printers", "images/printers.gif");
686 image_link(_("Wizard"), "wizard", "images/wizard.gif");
687 }
688 /* root always gets all buttons, otherwise look for -P */
689 if ( have_write_access || (!passwd_only && have_read_access) ) {
690 image_link(_("Status"), "status", "images/status.gif");
691 image_link(_("View Config"), "viewconfig", "images/viewconfig.gif");
692 }
693 image_link(_("Password Management"), "passwd", "images/passwd.gif");
694
695 printf("<HR>\n");
696 }
697
698 /****************************************************************************
699 * Handle Display/Edit Mode CGI
700 ****************************************************************************/
701 static void ViewModeBoxes(int mode)
702 {
703 printf("<p>%s:&nbsp;\n", _("Current View Is"));
704 printf("<input type=radio name=\"ViewMode\" value=0 %s>%s\n", ((mode == 0) ? "checked" : ""), _("Basic"));
705 printf("<input type=radio name=\"ViewMode\" value=1 %s>%s\n", ((mode == 1) ? "checked" : ""), _("Advanced"));
706 printf("<br>%s:&nbsp;\n", _("Change View To"));
707 printf("<input type=submit name=\"BasicMode\" value=\"%s\">\n", _("Basic"));
708 printf("<input type=submit name=\"AdvMode\" value=\"%s\">\n", _("Advanced"));
709 printf("</p><br>\n");
710 }
711
712 /****************************************************************************
713 display a welcome page
714 ****************************************************************************/
715 static void welcome_page(void)
716 {
717 if (file_exist("help/welcome.html")) {
718 include_html("help/welcome.html");
719 } else {
720 include_html("help/welcome-no-samba-doc.html");
721 }
722 }
723
724 /****************************************************************************
725 display the current smb.conf
726 ****************************************************************************/
727 static void viewconfig_page(void)
728 {
729 int full_view=0;
730 const char form_name[] = "viewconfig";
731
732 if (!verify_xsrf_token(form_name)) {
733 goto output_page;
734 }
735
736 if (cgi_variable("full_view")) {
737 full_view = 1;
738 }
739
740 output_page:
741 printf("<H2>%s</H2>\n", _("Current Config"));
742 printf("<form method=post>\n");
743 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
744
745 if (full_view) {
746 printf("<input type=submit name=\"normal_view\" value=\"%s\">\n", _("Normal View"));
747 } else {
748 printf("<input type=submit name=\"full_view\" value=\"%s\">\n", _("Full View"));
749 }
750
751 printf("<p><pre>");
752 write_config(stdout, full_view);
753 printf("</pre>");
754 printf("</form>\n");
755 }
756
757 /****************************************************************************
758 second screen of the wizard ... Fetch Configuration Parameters
759 ****************************************************************************/
760 static void wizard_params_page(void)
761 {
762 unsigned int parm_filter = FLAG_WIZARD;
763 const char form_name[] = "wizard_params";
764
765 /* Here we first set and commit all the parameters that were selected
766 in the previous screen. */
767
768 printf("<H2>%s</H2>\n", _("Wizard Parameter Edit Page"));
769
770 if (!verify_xsrf_token(form_name)) {
771 goto output_page;
772 }
773
774 if (cgi_variable("Commit")) {
775 commit_parameters(GLOBAL_SECTION_SNUM);
776 save_reload(-1);
777 }
778
779 output_page:
780 printf("<form name=\"swatform\" method=post action=wizard_params>\n");
781 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
782
783 if (have_write_access) {
784 printf("<input type=submit name=\"Commit\" value=\"Commit Changes\">\n");
785 }
786
787 printf("<input type=reset name=\"Reset Values\" value=\"Reset\">\n");
788 printf("<p>\n");
789
790 printf("<table>\n");
791 show_parameters(GLOBAL_SECTION_SNUM, 1, parm_filter, 0);
792 printf("</table>\n");
793 printf("</form>\n");
794 }
795
796 /****************************************************************************
797 Utility to just rewrite the smb.conf file - effectively just cleans it up
798 ****************************************************************************/
799 static void rewritecfg_file(void)
800 {
801 commit_parameters(GLOBAL_SECTION_SNUM);
802 save_reload(-1);
803 printf("<H2>%s</H2>\n", _("Note: smb.conf file has been read and rewritten"));
804 }
805
806 /****************************************************************************
807 wizard to create/modify the smb.conf file
808 ****************************************************************************/
809 static void wizard_page(void)
810 {
811 /* Set some variables to collect data from smb.conf */
812 int role = 0;
813 int winstype = 0;
814 int have_home = -1;
815 int HomeExpo = 0;
816 int SerType = 0;
817 const char form_name[] = "wizard";
818
819 if (!verify_xsrf_token(form_name)) {
820 goto output_page;
821 }
822
823 if (cgi_variable("Rewrite")) {
824 (void) rewritecfg_file();
825 return;
826 }
827
828 if (cgi_variable("GetWizardParams")){
829 (void) wizard_params_page();
830 return;
831 }
832
833 if (cgi_variable("Commit")){
834 SerType = atoi(cgi_variable_nonull("ServerType"));
835 winstype = atoi(cgi_variable_nonull("WINSType"));
836 have_home = lp_servicenumber(HOMES_NAME);
837 HomeExpo = atoi(cgi_variable_nonull("HomeExpo"));
838
839 /* Plain text passwords are too badly broken - use encrypted passwords only */
840 lp_do_parameter( GLOBAL_SECTION_SNUM, "encrypt passwords", "Yes");
841
842 switch ( SerType ){
843 case 0:
844 /* Stand-alone Server */
845 lp_do_parameter( GLOBAL_SECTION_SNUM, "security", "USER" );
846 lp_do_parameter( GLOBAL_SECTION_SNUM, "domain logons", "No" );
847 break;
848 case 1:
849 /* Domain Member */
850 lp_do_parameter( GLOBAL_SECTION_SNUM, "security", "DOMAIN" );
851 lp_do_parameter( GLOBAL_SECTION_SNUM, "domain logons", "No" );
852 break;
853 case 2:
854 /* Domain Controller */
855 lp_do_parameter( GLOBAL_SECTION_SNUM, "security", "USER" );
856 lp_do_parameter( GLOBAL_SECTION_SNUM, "domain logons", "Yes" );
857 break;
858 }
859 switch ( winstype ) {
860 case 0:
861 lp_do_parameter( GLOBAL_SECTION_SNUM, "wins support", "No" );
862 lp_do_parameter( GLOBAL_SECTION_SNUM, "wins server", "" );
863 break;
864 case 1:
865 lp_do_parameter( GLOBAL_SECTION_SNUM, "wins support", "Yes" );
866 lp_do_parameter( GLOBAL_SECTION_SNUM, "wins server", "" );
867 break;
868 case 2:
869 lp_do_parameter( GLOBAL_SECTION_SNUM, "wins support", "No" );
870 lp_do_parameter( GLOBAL_SECTION_SNUM, "wins server", cgi_variable_nonull("WINSAddr"));
871 break;
872 }
873
874 /* Have to create Homes share? */
875 if ((HomeExpo == 1) && (have_home == -1)) {
876 const char *unix_share = HOMES_NAME;
877
878 load_config(False);
879 lp_copy_service(GLOBAL_SECTION_SNUM, unix_share);
880 have_home = lp_servicenumber(HOMES_NAME);
881 lp_do_parameter( have_home, "read only", "No");
882 lp_do_parameter( have_home, "valid users", "%S");
883 lp_do_parameter( have_home, "browseable", "No");
884 commit_parameters(have_home);
885 save_reload(have_home);
886 }
887
888 /* Need to Delete Homes share? */
889 if ((HomeExpo == 0) && (have_home != -1)) {
890 lp_remove_service(have_home);
891 have_home = -1;
892 }
893
894 commit_parameters(GLOBAL_SECTION_SNUM);
895 save_reload(-1);
896 }
897 else
898 {
899 /* Now determine smb.conf WINS settings */
900 if (lp_we_are_a_wins_server())
901 winstype = 1;
902 if (lp_wins_server_list() && strlen(*lp_wins_server_list()))
903 winstype = 2;
904
905 /* Do we have a homes share? */
906 have_home = lp_servicenumber(HOMES_NAME);
907 }
908 if ((winstype == 2) && lp_we_are_a_wins_server())
909 winstype = 3;
910
911 role = lp_server_role();
912
913 output_page:
914 /* Here we go ... */
915 printf("<H2>%s</H2>\n", _("Samba Configuration Wizard"));
916 printf("<form method=post action=wizard>\n");
917 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
918
919 if (have_write_access) {
920 printf("%s\n", _("The \"Rewrite smb.conf file\" button will clear the smb.conf file of all default values and of comments."));
921 printf("%s", _("The same will happen if you press the commit button."));
922 printf("<br><br>\n");
923 printf("<center>");
924 printf("<input type=submit name=\"Rewrite\" value=\"%s\"> &nbsp;&nbsp;",_("Rewrite smb.conf file"));
925 printf("<input type=submit name=\"Commit\" value=\"%s\"> &nbsp;&nbsp;",_("Commit"));
926 printf("<input type=submit name=\"GetWizardParams\" value=\"%s\">", _("Edit Parameter Values"));
927 printf("</center>\n");
928 }
929
930 printf("<hr>");
931 printf("<center><table border=0>");
932 printf("<tr><td><b>%s:&nbsp;</b></td>\n", _("Server Type"));
933 printf("<td><input type=radio name=\"ServerType\" value=\"0\" %s> %s&nbsp;</td>", ((role == ROLE_STANDALONE) ? "checked" : ""), _("Stand Alone"));
934 printf("<td><input type=radio name=\"ServerType\" value=\"1\" %s> %s&nbsp;</td>", ((role == ROLE_DOMAIN_MEMBER) ? "checked" : ""), _("Domain Member"));
935 printf("<td><input type=radio name=\"ServerType\" value=\"2\" %s> %s&nbsp;</td>", ((role == ROLE_DOMAIN_PDC) ? "checked" : ""), _("Domain Controller"));
936 printf("</tr>\n");
937 if (role == ROLE_DOMAIN_BDC) {
938 printf("<tr><td></td><td colspan=3><font color=\"#ff0000\">%s</font></td></tr>\n", _("Unusual Type in smb.conf - Please Select New Mode"));
939 }
940 printf("<tr><td><b>%s:&nbsp;</b></td>\n", _("Configure WINS As"));
941 printf("<td><input type=radio name=\"WINSType\" value=\"0\" %s> %s&nbsp;</td>", ((winstype == 0) ? "checked" : ""), _("Not Used"));
942 printf("<td><input type=radio name=\"WINSType\" value=\"1\" %s> %s&nbsp;</td>", ((winstype == 1) ? "checked" : ""), _("Server for client use"));
943 printf("<td><input type=radio name=\"WINSType\" value=\"2\" %s> %s&nbsp;</td>", ((winstype == 2) ? "checked" : ""), _("Client of another WINS server"));
944 printf("</tr>\n");
945 printf("<tr><td></td><td></td><td></td><td>%s&nbsp;<input type=text size=\"16\" name=\"WINSAddr\" value=\"", _("Remote WINS Server"));
946
947 /* Print out the list of wins servers */
948 if(lp_wins_server_list()) {
949 int i;
950 const char **wins_servers = lp_wins_server_list();
951 for(i = 0; wins_servers[i]; i++) printf("%s ", wins_servers[i]);
952 }
953
954 printf("\"></td></tr>\n");
955 if (winstype == 3) {
956 printf("<tr><td></td><td colspan=3><font color=\"#ff0000\">%s</font></td></tr>\n", _("Error: WINS Server Mode and WINS Support both set in smb.conf"));
957 printf("<tr><td></td><td colspan=3><font color=\"#ff0000\">%s</font></td></tr>\n", _("Please Select desired WINS mode above."));
958 }
959 printf("<tr><td><b>%s:&nbsp;</b></td>\n", _("Expose Home Directories"));
960 printf("<td><input type=radio name=\"HomeExpo\" value=\"1\" %s> Yes</td>", (have_home == -1) ? "" : "checked ");
961 printf("<td><input type=radio name=\"HomeExpo\" value=\"0\" %s> No</td>", (have_home == -1 ) ? "checked" : "");
962 printf("<td></td></tr>\n");
963
964 /* Enable this when we are ready ....
965 * printf("<tr><td><b>%s:&nbsp;</b></td>\n", _("Is Print Server"));
966 * printf("<td><input type=radio name=\"PtrSvr\" value=\"1\" %s> Yes</td>");
967 * printf("<td><input type=radio name=\"PtrSvr\" value=\"0\" %s> No</td>");
968 * printf("<td></td></tr>\n");
969 */
970
971 printf("</table></center>");
972 printf("<hr>");
973
974 printf("%s\n", _("The above configuration options will set multiple parameters and will generally assist with rapid Samba deployment."));
975 printf("</form>\n");
976 }
977
978
979 /****************************************************************************
980 display a globals editing page
981 ****************************************************************************/
982 static void globals_page(void)
983 {
984 unsigned int parm_filter = FLAG_BASIC;
985 int mode = 0;
986 const char form_name[] = "globals";
987
988 printf("<H2>%s</H2>\n", _("Global Parameters"));
989
990 if (!verify_xsrf_token(form_name)) {
991 goto output_page;
992 }
993
994 if (cgi_variable("Commit")) {
995 commit_parameters(GLOBAL_SECTION_SNUM);
996 save_reload(-1);
997 }
998
999 if ( cgi_variable("ViewMode") )
1000 mode = atoi(cgi_variable_nonull("ViewMode"));
1001 if ( cgi_variable("BasicMode"))
1002 mode = 0;
1003 if ( cgi_variable("AdvMode"))
1004 mode = 1;
1005
1006 output_page:
1007 printf("<form name=\"swatform\" method=post action=globals>\n");
1008 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
1009
1010 ViewModeBoxes( mode );
1011 switch ( mode ) {
1012 case 0:
1013 parm_filter = FLAG_BASIC;
1014 break;
1015 case 1:
1016 parm_filter = FLAG_ADVANCED;
1017 break;
1018 }
1019 printf("<br>\n");
1020 if (have_write_access) {
1021 printf("<input type=submit name=\"Commit\" value=\"%s\">\n",
1022 _("Commit Changes"));
1023 }
1024
1025 printf("<input type=reset name=\"Reset Values\" value=\"%s\">\n",
1026 _("Reset Values"));
1027
1028 printf("<p>\n");
1029 printf("<table>\n");
1030 show_parameters(GLOBAL_SECTION_SNUM, 1, parm_filter, 0);
1031 printf("</table>\n");
1032 printf("</form>\n");
1033 }
1034
1035 /****************************************************************************
1036 display a shares editing page. share is in unix codepage,
1037 ****************************************************************************/
1038 static void shares_page(void)
1039 {
1040 const char *share = cgi_variable("share");
1041 char *s;
1042 char *utf8_s;
1043 int snum = -1;
1044 int i;
1045 int mode = 0;
1046 unsigned int parm_filter = FLAG_BASIC;
1047 size_t converted_size;
1048 const char form_name[] = "shares";
1049
1050 printf("<H2>%s</H2>\n", _("Share Parameters"));
1051
1052 if (!verify_xsrf_token(form_name)) {
1053 goto output_page;
1054 }
1055
1056 if (share)
1057 snum = lp_servicenumber(share);
1058
1059
1060 if (cgi_variable("Commit") && snum >= 0) {
1061 commit_parameters(snum);
1062 save_reload(-1);
1063 snum = lp_servicenumber(share);
1064 }
1065
1066 if (cgi_variable("Delete") && snum >= 0) {
1067 lp_remove_service(snum);
1068 save_reload(-1);
1069 share = NULL;
1070 snum = -1;
1071 }
1072
1073 if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) {
1074 snum = lp_servicenumber(share);
1075 if (snum < 0) {
1076 load_config(False);
1077 lp_copy_service(GLOBAL_SECTION_SNUM, share);
1078 snum = lp_servicenumber(share);
1079 save_reload(snum);
1080 snum = lp_servicenumber(share);
1081 }
1082 }
1083
1084 if ( cgi_variable("ViewMode") )
1085 mode = atoi(cgi_variable_nonull("ViewMode"));
1086 if ( cgi_variable("BasicMode"))
1087 mode = 0;
1088 if ( cgi_variable("AdvMode"))
1089 mode = 1;
1090
1091 output_page:
1092 printf("<FORM name=\"swatform\" method=post>\n");
1093 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
1094
1095 printf("<table>\n");
1096
1097 ViewModeBoxes( mode );
1098 switch ( mode ) {
1099 case 0:
1100 parm_filter = FLAG_BASIC;
1101 break;
1102 case 1:
1103 parm_filter = FLAG_ADVANCED;
1104 break;
1105 }
1106 printf("<br><tr>\n");
1107 printf("<td><input type=submit name=selectshare value=\"%s\"></td>\n", _("Choose Share"));
1108 printf("<td><select name=share>\n");
1109 if (snum < 0)
1110 printf("<option value=\" \"> \n");
1111 for (i=0;i<lp_numservices();i++) {
1112 s = lp_servicename(i);
1113 if (s && (*s) && strcmp(s,"IPC$") && !lp_print_ok(i)) {
1114 push_utf8_talloc(talloc_tos(), &utf8_s, s, &converted_size);
1115 printf("<option %s value=\"%s\">%s\n",
1116 (share && strcmp(share,s)==0)?"SELECTED":"",
1117 utf8_s, utf8_s);
1118 TALLOC_FREE(utf8_s);
1119 }
1120 }
1121 printf("</select></td>\n");
1122 if (have_write_access) {
1123 printf("<td><input type=submit name=\"Delete\" value=\"%s\"></td>\n", _("Delete Share"));
1124 }
1125 printf("</tr>\n");
1126 printf("</table>");
1127 printf("<table>");
1128 if (have_write_access) {
1129 printf("<tr>\n");
1130 printf("<td><input type=submit name=createshare value=\"%s\"></td>\n", _("Create Share"));
1131 printf("<td><input type=text size=30 name=newshare></td></tr>\n");
1132 }
1133 printf("</table>");
1134
1135
1136 if (snum >= 0) {
1137 if (have_write_access) {
1138 printf("<input type=submit name=\"Commit\" value=\"%s\">\n", _("Commit Changes"));
1139 }
1140
1141 printf("<input type=reset name=\"Reset Values\" value=\"%s\">\n", _("Reset Values"));
1142 printf("<p>\n");
1143 }
1144
1145 if (snum >= 0) {
1146 printf("<table>\n");
1147 show_parameters(snum, 1, parm_filter, 0);
1148 printf("</table>\n");
1149 }
1150
1151 printf("</FORM>\n");
1152 }
1153
1154 /*************************************************************
1155 change a password either locally or remotely
1156 *************************************************************/
1157 static bool change_password(const char *remote_machine, const char *user_name,
1158 const char *old_passwd, const char *new_passwd,
1159 int local_flags)
1160 {
1161 NTSTATUS ret;
1162 char *err_str = NULL;
1163 char *msg_str = NULL;
1164
1165 if (demo_mode) {
1166 printf("%s\n<p>", _("password change in demo mode rejected"));
1167 return False;
1168 }
1169
1170 if (remote_machine != NULL) {
1171 ret = remote_password_change(remote_machine, user_name,
1172 old_passwd, new_passwd, &err_str);
1173 if (err_str != NULL)
1174 printf("%s\n<p>", err_str);
1175 SAFE_FREE(err_str);
1176 return NT_STATUS_IS_OK(ret);
1177 }
1178
1179 if(!initialize_password_db(True, NULL)) {
1180 printf("%s\n<p>", _("Can't setup password database vectors."));
1181 return False;
1182 }
1183
1184 ret = local_password_change(user_name, local_flags, new_passwd,
1185 &err_str, &msg_str);
1186
1187 if(msg_str)
1188 printf("%s\n<p>", msg_str);
1189 if(err_str)
1190 printf("%s\n<p>", err_str);
1191
1192 SAFE_FREE(msg_str);
1193 SAFE_FREE(err_str);
1194 return NT_STATUS_IS_OK(ret);
1195 }
1196
1197 /****************************************************************************
1198 do the stuff required to add or change a password
1199 ****************************************************************************/
1200 static void chg_passwd(void)
1201 {
1202 const char *host;
1203 bool rslt;
1204 int local_flags = 0;
1205
1206 /* Make sure users name has been specified */
1207 if (strlen(cgi_variable_nonull(SWAT_USER)) == 0) {
1208 printf("<p>%s\n", _(" Must specify \"User Name\" "));
1209 return;
1210 }
1211
1212 /*
1213 * smbpasswd doesn't require anything but the users name to delete, disable or enable the user,
1214 * so if that's what we're doing, skip the rest of the checks
1215 */
1216 if (!cgi_variable(DISABLE_USER_FLAG) && !cgi_variable(ENABLE_USER_FLAG) && !cgi_variable(DELETE_USER_FLAG)) {
1217
1218 /*
1219 * If current user is not root, make sure old password has been specified
1220 * If REMOTE change, even root must provide old password
1221 */
1222 if (((!am_root()) && (strlen( cgi_variable_nonull(OLD_PSWD)) <= 0)) ||
1223 ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable_nonull(OLD_PSWD)) <= 0))) {
1224 printf("<p>%s\n", _(" Must specify \"Old Password\" "));
1225 return;
1226 }
1227
1228 /* If changing a users password on a remote hosts we have to know what host */
1229 if ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable_nonull(RHOST)) <= 0)) {
1230 printf("<p>%s\n", _(" Must specify \"Remote Machine\" "));
1231 return;
1232 }
1233
1234 /* Make sure new passwords have been specified */
1235 if ((strlen( cgi_variable_nonull(NEW_PSWD)) <= 0) ||
1236 (strlen( cgi_variable_nonull(NEW2_PSWD)) <= 0)) {
1237 printf("<p>%s\n", _(" Must specify \"New, and Re-typed Passwords\" "));
1238 return;
1239 }
1240
1241 /* Make sure new passwords was typed correctly twice */
1242 if (strcmp(cgi_variable_nonull(NEW_PSWD), cgi_variable_nonull(NEW2_PSWD)) != 0) {
1243 printf("<p>%s\n", _(" Re-typed password didn't match new password "));
1244 return;
1245 }
1246 }
1247
1248 if (cgi_variable(CHG_R_PASSWD_FLAG)) {
1249 host = cgi_variable(RHOST);
1250 } else if (am_root()) {
1251 host = NULL;
1252 } else {
1253 host = "127.0.0.1";
1254 }
1255
1256 /*
1257 * Set up the local flags.
1258 */
1259
1260 local_flags |= (cgi_variable(ADD_USER_FLAG) ? LOCAL_ADD_USER : 0);
1261 local_flags |= (cgi_variable(ADD_USER_FLAG) ? LOCAL_SET_PASSWORD : 0);
1262 local_flags |= (cgi_variable(CHG_S_PASSWD_FLAG) ? LOCAL_SET_PASSWORD : 0);
1263 local_flags |= (cgi_variable(DELETE_USER_FLAG) ? LOCAL_DELETE_USER : 0);
1264 local_flags |= (cgi_variable(ENABLE_USER_FLAG) ? LOCAL_ENABLE_USER : 0);
1265 local_flags |= (cgi_variable(DISABLE_USER_FLAG) ? LOCAL_DISABLE_USER : 0);
1266
1267 rslt = change_password(host,
1268 cgi_variable_nonull(SWAT_USER),
1269 cgi_variable_nonull(OLD_PSWD), cgi_variable_nonull(NEW_PSWD),
1270 local_flags);
1271
1272 if(cgi_variable(CHG_S_PASSWD_FLAG)) {
1273 printf("<p>");
1274 if (rslt == True) {
1275 printf("%s\n", _(" The passwd has been changed."));
1276 } else {
1277 printf("%s\n", _(" The passwd has NOT been changed."));
1278 }
1279 }
1280
1281 return;
1282 }
1283
1284 /****************************************************************************
1285 display a password editing page
1286 ****************************************************************************/
1287 static void passwd_page(void)
1288 {
1289 const char *new_name = cgi_user_name();
1290 const char passwd_form[] = "passwd";
1291 const char rpasswd_form[] = "rpasswd";
1292
1293 if (!new_name) new_name = "";
1294
1295 printf("<H2>%s</H2>\n", _("Server Password Management"));
1296
1297 printf("<FORM name=\"swatform\" method=post>\n");
1298 print_xsrf_token(cgi_user_name(), cgi_user_pass(), passwd_form);
1299
1300 printf("<table>\n");
1301
1302 /*
1303 * Create all the dialog boxes for data collection
1304 */
1305 printf("<tr><td> %s : </td>\n", _("User Name"));
1306 printf("<td><input type=text size=30 name=%s value=%s></td></tr> \n", SWAT_USER, new_name);
1307 if (!am_root()) {
1308 printf("<tr><td> %s : </td>\n", _("Old Password"));
1309 printf("<td><input type=password size=30 name=%s></td></tr> \n",OLD_PSWD);
1310 }
1311 printf("<tr><td> %s : </td>\n", _("New Password"));
1312 printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW_PSWD);
1313 printf("<tr><td> %s : </td>\n", _("Re-type New Password"));
1314 printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW2_PSWD);
1315 printf("</table>\n");
1316
1317 /*
1318 * Create all the control buttons for requesting action
1319 */
1320 printf("<input type=submit name=%s value=\"%s\">\n",
1321 CHG_S_PASSWD_FLAG, _("Change Password"));
1322 if (demo_mode || am_root()) {
1323 printf("<input type=submit name=%s value=\"%s\">\n",
1324 ADD_USER_FLAG, _("Add New User"));
1325 printf("<input type=submit name=%s value=\"%s\">\n",
1326 DELETE_USER_FLAG, _("Delete User"));
1327 printf("<input type=submit name=%s value=\"%s\">\n",
1328 DISABLE_USER_FLAG, _("Disable User"));
1329 printf("<input type=submit name=%s value=\"%s\">\n",
1330 ENABLE_USER_FLAG, _("Enable User"));
1331 }
1332 printf("<p></FORM>\n");
1333
1334 /*
1335 * Do some work if change, add, disable or enable was
1336 * requested. It could be this is the first time through this
1337 * code, so there isn't anything to do. */
1338 if (verify_xsrf_token(passwd_form) &&
1339 ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) ||
1340 (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG)))) {
1341 chg_passwd();
1342 }
1343
1344 printf("<H2>%s</H2>\n", _("Client/Server Password Management"));
1345
1346 printf("<FORM name=\"swatform\" method=post>\n");
1347 print_xsrf_token(cgi_user_name(), cgi_user_pass(), rpasswd_form);
1348
1349 printf("<table>\n");
1350
1351 /*
1352 * Create all the dialog boxes for data collection
1353 */
1354 printf("<tr><td> %s : </td>\n", _("User Name"));
1355 printf("<td><input type=text size=30 name=%s value=%s></td></tr>\n",SWAT_USER, new_name);
1356 printf("<tr><td> %s : </td>\n", _("Old Password"));
1357 printf("<td><input type=password size=30 name=%s></td></tr>\n",OLD_PSWD);
1358 printf("<tr><td> %s : </td>\n", _("New Password"));
1359 printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW_PSWD);
1360 printf("<tr><td> %s : </td>\n", _("Re-type New Password"));
1361 printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW2_PSWD);
1362 printf("<tr><td> %s : </td>\n", _("Remote Machine"));
1363 printf("<td><input type=text size=30 name=%s></td></tr>\n",RHOST);
1364
1365 printf("</table>");
1366
1367 /*
1368 * Create all the control buttons for requesting action
1369 */
1370 printf("<input type=submit name=%s value=\"%s\">",
1371 CHG_R_PASSWD_FLAG, _("Change Password"));
1372
1373 printf("<p></FORM>\n");
1374
1375 /*
1376 * Do some work if a request has been made to change the
1377 * password somewhere other than the server. It could be this
1378 * is the first time through this code, so there isn't
1379 * anything to do. */
1380 if (verify_xsrf_token(passwd_form) && cgi_variable(CHG_R_PASSWD_FLAG)) {
1381 chg_passwd();
1382 }
1383
1384 }
1385
1386 /****************************************************************************
1387 display a printers editing page
1388 ****************************************************************************/
1389 static void printers_page(void)
1390 {
1391 const char *share = cgi_variable("share");
1392 char *s;
1393 int snum=-1;
1394 int i;
1395 int mode = 0;
1396 unsigned int parm_filter = FLAG_BASIC;
1397 const char form_name[] = "printers";
1398
1399 if (!verify_xsrf_token(form_name)) {
1400 goto output_page;
1401 }
1402
1403 if (share)
1404 snum = lp_servicenumber(share);
1405
1406 if (cgi_variable("Commit") && snum >= 0) {
1407 commit_parameters(snum);
1408 if (snum >= iNumNonAutoPrintServices)
1409 save_reload(snum);
1410 else
1411 save_reload(-1);
1412 snum = lp_servicenumber(share);
1413 }
1414
1415 if (cgi_variable("Delete") && snum >= 0) {
1416 lp_remove_service(snum);
1417 save_reload(-1);
1418 share = NULL;
1419 snum = -1;
1420 }
1421
1422 if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) {
1423 snum = lp_servicenumber(share);
1424 if (snum < 0 || snum >= iNumNonAutoPrintServices) {
1425 load_config(False);
1426 lp_copy_service(GLOBAL_SECTION_SNUM, share);
1427 snum = lp_servicenumber(share);
1428 lp_do_parameter(snum, "print ok", "Yes");
1429 save_reload(snum);
1430 snum = lp_servicenumber(share);
1431 }
1432 }
1433
1434 if ( cgi_variable("ViewMode") )
1435 mode = atoi(cgi_variable_nonull("ViewMode"));
1436 if ( cgi_variable("BasicMode"))
1437 mode = 0;
1438 if ( cgi_variable("AdvMode"))
1439 mode = 1;
1440
1441 output_page:
1442 printf("<H2>%s</H2>\n", _("Printer Parameters"));
1443
1444 printf("<H3>%s</H3>\n", _("Important Note:"));
1445 printf("%s",_("Printer names marked with [*] in the Choose Printer drop-down box "));
1446 printf("%s",_("are autoloaded printers from "));
1447 printf("<A HREF=\"/swat/help/smb.conf.5.html#printcapname\" target=\"docs\">%s</A>\n", _("Printcap Name"));
1448 printf("%s\n", _("Attempting to delete these printers from SWAT will have no effect."));
1449
1450
1451 printf("<FORM name=\"swatform\" method=post>\n");
1452 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
1453
1454 ViewModeBoxes( mode );
1455 switch ( mode ) {
1456 case 0:
1457 parm_filter = FLAG_BASIC;
1458 break;
1459 case 1:
1460 parm_filter = FLAG_ADVANCED;
1461 break;
1462 }
1463 printf("<table>\n");
1464 printf("<tr><td><input type=submit name=\"selectshare\" value=\"%s\"></td>\n", _("Choose Printer"));
1465 printf("<td><select name=\"share\">\n");
1466 if (snum < 0 || !lp_print_ok(snum))
1467 printf("<option value=\" \"> \n");
1468 for (i=0;i<lp_numservices();i++) {
1469 s = lp_servicename(i);
1470 if (s && (*s) && strcmp(s,"IPC$") && lp_print_ok(i)) {
1471 if (i >= iNumNonAutoPrintServices)
1472 printf("<option %s value=\"%s\">[*]%s\n",
1473 (share && strcmp(share,s)==0)?"SELECTED":"",
1474 s, s);
1475 else
1476 printf("<option %s value=\"%s\">%s\n",
1477 (share && strcmp(share,s)==0)?"SELECTED":"",
1478 s, s);
1479 }
1480 }
1481 printf("</select></td>");
1482 if (have_write_access) {
1483 printf("<td><input type=submit name=\"Delete\" value=\"%s\"></td>\n", _("Delete Printer"));
1484 }
1485 printf("</tr>");
1486 printf("</table>\n");
1487
1488 if (have_write_access) {
1489 printf("<table>\n");
1490 printf("<tr><td><input type=submit name=\"createshare\" value=\"%s\"></td>\n", _("Create Printer"));
1491 printf("<td><input type=text size=30 name=\"newshare\"></td></tr>\n");
1492 printf("</table>");
1493 }
1494
1495
1496 if (snum >= 0) {
1497 if (have_write_access) {
1498 printf("<input type=submit name=\"Commit\" value=\"%s\">\n", _("Commit Changes"));
1499 }
1500 printf("<input type=reset name=\"Reset Values\" value=\"%s\">\n", _("Reset Values"));
1501 printf("<p>\n");
1502 }
1503
1504 if (snum >= 0) {
1505 printf("<table>\n");
1506 show_parameters(snum, 1, parm_filter, 1);
1507 printf("</table>\n");
1508 }
1509 printf("</FORM>\n");
1510 }
1511
1512 /*
1513 when the _() translation macro is used there is no obvious place to free
1514 the resulting string and there is no easy way to give a static pointer.
1515 All we can do is rotate between some static buffers and hope a single d_printf()
1516 doesn't have more calls to _() than the number of buffers
1517 */
1518
1519 const char *lang_msg_rotate(TALLOC_CTX *ctx, const char *msgid)
1520 {
1521 const char *msgstr;
1522 const char *ret;
1523
1524 msgstr = lang_msg(msgid);
1525 if (!msgstr) {
1526 return msgid;
1527 }
1528
1529 ret = talloc_strdup(ctx, msgstr);
1530
1531 lang_msg_free(msgstr);
1532 if (!ret) {
1533 return msgid;
1534 }
1535
1536 return ret;
1537 }
1538
1539 /**
1540 * main function for SWAT.
1541 **/
1542 int main(int argc, char *argv[])
1543 {
1544 const char *page;
1545 poptContext pc;
1546 struct poptOption long_options[] = {
1547 POPT_AUTOHELP
1548 { "disable-authentication", 'a', POPT_ARG_VAL, &demo_mode, True, "Disable authentication (demo mode)" },
1549 { "password-menu-only", 'P', POPT_ARG_VAL, &passwd_only, True, "Show only change password menu" },
1550 POPT_COMMON_SAMBA
1551 POPT_TABLEEND
1552 };
1553 TALLOC_CTX *frame = talloc_stackframe();
1554
1555 fault_setup();
1556 umask(S_IWGRP | S_IWOTH);
1557
1558 #if defined(HAVE_SET_AUTH_PARAMETERS)
1559 set_auth_parameters(argc, argv);
1560 #endif /* HAVE_SET_AUTH_PARAMETERS */
1561
1562 /* just in case it goes wild ... */
1563 alarm(300);
1564
1565 setlinebuf(stdout);
1566
1567 /* we don't want any SIGPIPE messages */
1568 BlockSignals(True,SIGPIPE);
1569
1570 debug_set_logfile("/dev/null");
1571
1572 /* we don't want stderr screwing us up */
1573 close(2);
1574 open("/dev/null", O_WRONLY);
1575 setup_logging("swat", DEBUG_FILE);
1576
1577 load_case_tables();
1578
1579 pc = poptGetContext("swat", argc, (const char **) argv, long_options, 0);
1580
1581 /* Parse command line options */
1582
1583 while(poptGetNextOpt(pc) != -1) { }
1584
1585 poptFreeContext(pc);
1586
1587 /* This should set a more apporiate log file */
1588 load_config(True);
1589 reopen_logs();
1590 load_interfaces();
1591 iNumNonAutoPrintServices = lp_numservices();
1592 if (pcap_cache_loaded()) {
1593 struct tevent_context *ev_ctx;
1594 struct messaging_context *msg_ctx;
1595
1596 ev_ctx = s3_tevent_context_init(NULL);
1597 if (ev_ctx == NULL) {
1598 printf("s3_tevent_context_init() failed\n");
1599 return 0;
1600 }
1601 msg_ctx = messaging_init(ev_ctx, ev_ctx);
1602 if (msg_ctx == NULL) {
1603 printf("messaging_init() failed\n");
1604 return 0;
1605 }
1606
1607 load_printers(ev_ctx, msg_ctx);
1608
1609 talloc_free(ev_ctx);
1610 }
1611
1612 cgi_setup(get_dyn_SWATDIR(), !demo_mode);
1613
1614 print_header();
1615
1616 cgi_load_variables();
1617
1618 if (!file_exist(get_dyn_CONFIGFILE())) {
1619 have_read_access = True;
1620 have_write_access = True;
1621 } else {
1622 /* check if the authenticated user has write access - if not then
1623 don't show write options */
1624 have_write_access = (access(get_dyn_CONFIGFILE(),W_OK) == 0);
1625
1626 /* if the user doesn't have read access to smb.conf then
1627 don't let them view it */
1628 have_read_access = (access(get_dyn_CONFIGFILE(),R_OK) == 0);
1629 }
1630
1631 show_main_buttons();
1632
1633 page = cgi_pathinfo();
1634
1635 /* Root gets full functionality */
1636 if (have_read_access && strcmp(page, "globals")==0) {
1637 globals_page();
1638 } else if (have_read_access && strcmp(page,"shares")==0) {
1639 shares_page();
1640 } else if (have_read_access && strcmp(page,"printers")==0) {
1641 printers_page();
1642 } else if (have_read_access && strcmp(page,"status")==0) {
1643 status_page();
1644 } else if (have_read_access && strcmp(page,"viewconfig")==0) {
1645 viewconfig_page();
1646 } else if (strcmp(page,"passwd")==0) {
1647 passwd_page();
1648 } else if (have_read_access && strcmp(page,"wizard")==0) {
1649 wizard_page();
1650 } else if (have_read_access && strcmp(page,"wizard_params")==0) {
1651 wizard_params_page();
1652 } else if (have_read_access && strcmp(page,"rewritecfg")==0) {
1653 rewritecfg_file();
1654 } else {
1655 welcome_page();
1656 }
1657
1658 print_footer();
1659
1660 TALLOC_FREE(frame);
1661 return 0;
1662 }
1663
1664 /** @} **/
Working branch of Samba for id10ts