search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Samba 3: security updates CVE-2011-2522 and CVE-2011-2694 (unused in Tomato)
[tomato.git] / release / src / router / samba3 / source / web / swat.c
blob425f864900067e849b79e08b72ea9818408b87b8
1 /*
2 Unix SMB/CIFS implementation.
3 Samba Web Administration Tool
4 Version 3.0.0
5 Copyright (C) Andrew Tridgell 1997-2002
6 Copyright (C) John H Terpstra 2002
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
12
13 This program is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
17
18 You should have received a copy of the GNU General Public License
19 along with this program; if not, write to the Free Software
20 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
21 */
22
23 /**
24 * @defgroup swat SWAT - Samba Web Administration Tool
25 * @{
26 * @file swat.c
27 *
28 * @brief Samba Web Administration Tool.
29 **/
30
31 #include "includes.h"
32 #include "web/swat_proto.h"
33
34 static BOOL demo_mode = False;
35 static BOOL passwd_only = False;
36 static BOOL have_write_access = False;
37 static BOOL have_read_access = False;
38 static int iNumNonAutoPrintServices = 0;
39
40 /*
41 * Password Management Globals
42 */
43 #define SWAT_USER "username"
44 #define OLD_PSWD "old_passwd"
45 #define NEW_PSWD "new_passwd"
46 #define NEW2_PSWD "new2_passwd"
47 #define CHG_S_PASSWD_FLAG "chg_s_passwd_flag"
48 #define CHG_R_PASSWD_FLAG "chg_r_passwd_flag"
49 #define ADD_USER_FLAG "add_user_flag"
50 #define DELETE_USER_FLAG "delete_user_flag"
51 #define DISABLE_USER_FLAG "disable_user_flag"
52 #define ENABLE_USER_FLAG "enable_user_flag"
53 #define RHOST "remote_host"
54 #define XSRF_TOKEN "xsrf"
55 #define XSRF_TIME "xsrf_time"
56 #define XSRF_TIMEOUT 300
57
58
59 /****************************************************************************
60 ****************************************************************************/
61 static int enum_index(int value, const struct enum_list *enumlist)
62 {
63 int i;
64 for (i=0;enumlist[i].name;i++)
65 if (value == enumlist[i].value) break;
66 return(i);
67 }
68
69 static char *fix_backslash(const char *str)
70 {
71 static char newstring[1024];
72 char *p = newstring;
73
74 while (*str) {
75 if (*str == '\\') {*p++ = '\\';*p++ = '\\';}
76 else *p++ = *str;
77 ++str;
78 }
79 *p = '\0';
80 return newstring;
81 }
82
83 static char *fix_quotes(const char *str)
84 {
85 static pstring newstring;
86 char *p = newstring;
87 size_t newstring_len = sizeof(newstring);
88 int quote_len = strlen(""");
89
90 while (*str) {
91 if ( *str == '\"' && (newstring_len - PTR_DIFF(p, newstring) - 1) > quote_len ) {
92 strncpy( p, """, quote_len);
93 p += quote_len;
94 } else {
95 *p++ = *str;
96 }
97 ++str;
98 }
99 *p = '\0';
100 return newstring;
101 }
102
103 static char *stripspaceupper(const char *str)
104 {
105 static char newstring[1024];
106 char *p = newstring;
107
108 while (*str) {
109 if (*str != ' ') *p++ = toupper_ascii(*str);
110 ++str;
111 }
112 *p = '\0';
113 return newstring;
114 }
115
116 static char *make_parm_name(const char *label)
117 {
118 static char parmname[1024];
119 char *p = parmname;
120
121 while (*label) {
122 if (*label == ' ') *p++ = '_';
123 else *p++ = *label;
124 ++label;
125 }
126 *p = '\0';
127 return parmname;
128 }
129
130 void get_xsrf_token(const char *username, const char *pass,
131 const char *formname, time_t xsrf_time, char token_str[33])
132 {
133 struct MD5Context md5_ctx;
134 uint8_t token[16];
135 int i;
136
137 token_str[0] = '\0';
138 ZERO_STRUCT(md5_ctx);
139 MD5Init(&md5_ctx);
140
141 MD5Update(&md5_ctx, (uint8_t *)formname, strlen(formname));
142 MD5Update(&md5_ctx, (uint8_t *)&xsrf_time, sizeof(time_t));
143 if (username != NULL) {
144 MD5Update(&md5_ctx, (uint8_t *)username, strlen(username));
145 }
146 if (pass != NULL) {
147 MD5Update(&md5_ctx, (uint8_t *)pass, strlen(pass));
148 }
149
150 MD5Final(token, &md5_ctx);
151
152 for(i = 0; i < sizeof(token); i++) {
153 char tmp[3];
154
155 snprintf(tmp, sizeof(tmp), "%02x", token[i]);
156 strncat(token_str, tmp, sizeof(tmp));
157 }
158 }
159
160 void print_xsrf_token(const char *username, const char *pass,
161 const char *formname)
162 {
163 char token[33];
164 time_t xsrf_time = time(NULL);
165
166 get_xsrf_token(username, pass, formname, xsrf_time, token);
167 printf("<input type=\"hidden\" name=\"%s\" value=\"%s\">\n",
168 XSRF_TOKEN, token);
169 printf("<input type=\"hidden\" name=\"%s\" value=\"%lld\">\n",
170 XSRF_TIME, (long long int)xsrf_time);
171 }
172
173 BOOL verify_xsrf_token(const char *formname)
174 {
175 char expected[33];
176 const char *username = cgi_user_name();
177 const char *pass = cgi_user_pass();
178 const char *token = cgi_variable_nonull(XSRF_TOKEN);
179 const char *time_str = cgi_variable_nonull(XSRF_TIME);
180 time_t xsrf_time = 0;
181 time_t now = time(NULL);
182
183 if (sizeof(time_t) == sizeof(int)) {
184 xsrf_time = atoi(time_str);
185 } else if (sizeof(time_t) == sizeof(long)) {
186 xsrf_time = atol(time_str);
187 } else if (sizeof(time_t) == sizeof(long long)) {
188 xsrf_time = atoll(time_str);
189 }
190
191 if (abs(now - xsrf_time) > XSRF_TIMEOUT) {
192 return false;
193 }
194
195 get_xsrf_token(username, pass, formname, xsrf_time, expected);
196 return (strncmp(expected, token, sizeof(expected)) == 0);
197 }
198
199
200 /****************************************************************************
201 include a lump of html in a page
202 ****************************************************************************/
203 static int include_html(const char *fname)
204 {
205 int fd;
206 char buf[1024];
207 int ret;
208
209 fd = web_open(fname, O_RDONLY, 0);
210
211 if (fd == -1) {
212 printf(_("ERROR: Can't open %s"), fname);
213 printf("\n");
214 return 0;
215 }
216
217 while ((ret = read(fd, buf, sizeof(buf))) > 0) {
218 write(1, buf, ret);
219 }
220
221 close(fd);
222 return 1;
223 }
224
225 /****************************************************************************
226 start the page with standard stuff
227 ****************************************************************************/
228 static void print_header(void)
229 {
230 if (!cgi_waspost()) {
231 printf("Expires: 0\r\n");
232 }
233 printf("Content-type: text/html\r\n\r\n");
234
235 if (!include_html("include/header.html")) {
236 printf("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 3.2//EN\">\n");
237 printf("<HTML>\n<HEAD>\n<TITLE>Samba Web Administration Tool</TITLE>\n</HEAD>\n<BODY background=\"/swat/images/background.jpg\">\n\n");
238 }
239 }
240
241 /* *******************************************************************
242 show parameter label with translated name in the following form
243 because showing original and translated label in one line looks
244 too long, and showing translated label only is unusable for
245 heavy users.
246 -------------------------------
247 HELP security [combo box][button]
248 SECURITY
249 -------------------------------
250 (capital words are translated by gettext.)
251 if no translation is available, then same form as original is
252 used.
253 "i18n_translated_parm" class is used to change the color of the
254 translated parameter with CSS.
255 **************************************************************** */
256 static const char* get_parm_translated(
257 const char* pAnchor, const char* pHelp, const char* pLabel)
258 {
259 const char* pTranslated = _(pLabel);
260 static pstring output;
261 if(strcmp(pLabel, pTranslated) != 0)
262 {
263 pstr_sprintf(output,
264 "<A HREF=\"/swat/help/manpages/smb.conf.5.html#%s\" target=\"docs\"> %s</A>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; %s <br><span class=\"i18n_translated_parm\">%s</span>",
265 pAnchor, pHelp, pLabel, pTranslated);
266 return output;
267 }
268 pstr_sprintf(output,
269 "<A HREF=\"/swat/help/manpages/smb.conf.5.html#%s\" target=\"docs\"> %s</A>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; %s",
270 pAnchor, pHelp, pLabel);
271 return output;
272 }
273 /****************************************************************************
274 finish off the page
275 ****************************************************************************/
276 static void print_footer(void)
277 {
278 if (!include_html("include/footer.html")) {
279 printf("\n</BODY>\n</HTML>\n");
280 }
281 }
282
283 /****************************************************************************
284 display one editable parameter in a form
285 ****************************************************************************/
286 static void show_parameter(int snum, struct parm_struct *parm)
287 {
288 int i;
289 void *ptr = parm->ptr;
290 char *utf8_s1, *utf8_s2;
291
292 if (parm->p_class == P_LOCAL && snum >= 0) {
293 ptr = lp_local_ptr(snum, ptr);
294 }
295
296 printf("<tr><td>%s</td><td>", get_parm_translated(stripspaceupper(parm->label), _("Help"), parm->label));
297 switch (parm->type) {
298 case P_CHAR:
299 printf("<input type=text size=2 name=\"parm_%s\" value=\"%c\">",
300 make_parm_name(parm->label), *(char *)ptr);
301 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%c\'\">",
302 _("Set Default"), make_parm_name(parm->label),(char)(parm->def.cvalue));
303 break;
304
305 case P_LIST:
306 printf("<input type=text size=40 name=\"parm_%s\" value=\"",
307 make_parm_name(parm->label));
308 if ((char ***)ptr && *(char ***)ptr && **(char ***)ptr) {
309 char **list = *(char ***)ptr;
310 for (;*list;list++) {
311 /* enclose in HTML encoded quotes if the string contains a space */
312 if ( strchr_m(*list, ' ') ) {
313 push_utf8_allocate(&utf8_s1, *list);
314 push_utf8_allocate(&utf8_s2, ((*(list+1))?", ":""));
315 printf("&quot;%s&quot;%s", utf8_s1, utf8_s2);
316 } else {
317 push_utf8_allocate(&utf8_s1, *list);
318 push_utf8_allocate(&utf8_s2, ((*(list+1))?", ":""));
319 printf("%s%s", utf8_s1, utf8_s2);
320 }
321 SAFE_FREE(utf8_s1);
322 SAFE_FREE(utf8_s2);
323 }
324 }
325 printf("\">");
326 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'",
327 _("Set Default"), make_parm_name(parm->label));
328 if (parm->def.lvalue) {
329 char **list = (char **)(parm->def.lvalue);
330 for (; *list; list++) {
331 /* enclose in HTML encoded quotes if the string contains a space */
332 if ( strchr_m(*list, ' ') )
333 printf("&quot;%s&quot;%s", *list, ((*(list+1))?", ":""));
334 else
335 printf("%s%s", *list, ((*(list+1))?", ":""));
336 }
337 }
338 printf("\'\">");
339 break;
340
341 case P_STRING:
342 case P_USTRING:
343 push_utf8_allocate(&utf8_s1, *(char **)ptr);
344 printf("<input type=text size=40 name=\"parm_%s\" value=\"%s\">",
345 make_parm_name(parm->label), fix_quotes(utf8_s1));
346 SAFE_FREE(utf8_s1);
347 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">",
348 _("Set Default"), make_parm_name(parm->label),fix_backslash((char *)(parm->def.svalue)));
349 break;
350
351 case P_GSTRING:
352 case P_UGSTRING:
353 push_utf8_allocate(&utf8_s1, (char *)ptr);
354 printf("<input type=text size=40 name=\"parm_%s\" value=\"%s\">",
355 make_parm_name(parm->label), fix_quotes(utf8_s1));
356 SAFE_FREE(utf8_s1);
357 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">",
358 _("Set Default"), make_parm_name(parm->label),fix_backslash((char *)(parm->def.svalue)));
359 break;
360
361 case P_BOOL:
362 printf("<select name=\"parm_%s\">",make_parm_name(parm->label));
363 printf("<option %s>Yes", (*(BOOL *)ptr)?"selected":"");
364 printf("<option %s>No", (*(BOOL *)ptr)?"":"selected");
365 printf("</select>");
366 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.selectedIndex=\'%d\'\">",
367 _("Set Default"), make_parm_name(parm->label),(BOOL)(parm->def.bvalue)?0:1);
368 break;
369
370 case P_BOOLREV:
371 printf("<select name=\"parm_%s\">",make_parm_name(parm->label));
372 printf("<option %s>Yes", (*(BOOL *)ptr)?"":"selected");
373 printf("<option %s>No", (*(BOOL *)ptr)?"selected":"");
374 printf("</select>");
375 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.selectedIndex=\'%d\'\">",
376 _("Set Default"), make_parm_name(parm->label),(BOOL)(parm->def.bvalue)?1:0);
377 break;
378
379 case P_INTEGER:
380 printf("<input type=text size=8 name=\"parm_%s\" value=\"%d\">", make_parm_name(parm->label), *(int *)ptr);
381 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%d\'\">",
382 _("Set Default"), make_parm_name(parm->label),(int)(parm->def.ivalue));
383 break;
384
385 case P_OCTAL:
386 printf("<input type=text size=8 name=\"parm_%s\" value=%s>", make_parm_name(parm->label), octal_string(*(int *)ptr));
387 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.value=\'%s\'\">",
388 _("Set Default"), make_parm_name(parm->label),
389 octal_string((int)(parm->def.ivalue)));
390 break;
391
392 case P_ENUM:
393 printf("<select name=\"parm_%s\">",make_parm_name(parm->label));
394 for (i=0;parm->enum_list[i].name;i++) {
395 if (i == 0 || parm->enum_list[i].value != parm->enum_list[i-1].value) {
396 printf("<option %s>%s",(*(int *)ptr)==parm->enum_list[i].value?"selected":"",parm->enum_list[i].name);
397 }
398 }
399 printf("</select>");
400 printf("<input type=button value=\"%s\" onClick=\"swatform.parm_%s.selectedIndex=\'%d\'\">",
401 _("Set Default"), make_parm_name(parm->label),enum_index((int)(parm->def.ivalue),parm->enum_list));
402 break;
403 case P_SEP:
404 break;
405 }
406 printf("</td></tr>\n");
407 }
408
409 /****************************************************************************
410 display a set of parameters for a service
411 ****************************************************************************/
412 static void show_parameters(int snum, int allparameters, unsigned int parm_filter, int printers)
413 {
414 int i = 0;
415 struct parm_struct *parm;
416 const char *heading = NULL;
417 const char *last_heading = NULL;
418
419 while ((parm = lp_next_parameter(snum, &i, allparameters))) {
420 if (snum < 0 && parm->p_class == P_LOCAL && !(parm->flags & FLAG_GLOBAL))
421 continue;
422 if (parm->p_class == P_SEPARATOR) {
423 heading = parm->label;
424 continue;
425 }
426 if (parm->flags & FLAG_HIDE) continue;
427 if (snum >= 0) {
428 if (printers & !(parm->flags & FLAG_PRINT)) continue;
429 if (!printers & !(parm->flags & FLAG_SHARE)) continue;
430 }
431
432 if (!( parm_filter & FLAG_ADVANCED )) {
433 if (!(parm->flags & FLAG_BASIC)) {
434 void *ptr = parm->ptr;
435
436 if (parm->p_class == P_LOCAL && snum >= 0) {
437 ptr = lp_local_ptr(snum, ptr);
438 }
439
440 switch (parm->type) {
441 case P_CHAR:
442 if (*(char *)ptr == (char)(parm->def.cvalue)) continue;
443 break;
444
445 case P_LIST:
446 if (!str_list_compare(*(char ***)ptr, (char **)(parm->def.lvalue))) continue;
447 break;
448
449 case P_STRING:
450 case P_USTRING:
451 if (!strcmp(*(char **)ptr,(char *)(parm->def.svalue))) continue;
452 break;
453
454 case P_GSTRING:
455 case P_UGSTRING:
456 if (!strcmp((char *)ptr,(char *)(parm->def.svalue))) continue;
457 break;
458
459 case P_BOOL:
460 case P_BOOLREV:
461 if (*(BOOL *)ptr == (BOOL)(parm->def.bvalue)) continue;
462 break;
463
464 case P_INTEGER:
465 case P_OCTAL:
466 if (*(int *)ptr == (int)(parm->def.ivalue)) continue;
467 break;
468
469
470 case P_ENUM:
471 if (*(int *)ptr == (int)(parm->def.ivalue)) continue;
472 break;
473 case P_SEP:
474 continue;
475 }
476 }
477 if (printers && !(parm->flags & FLAG_PRINT)) continue;
478 }
479
480 if ((parm_filter & FLAG_WIZARD) && !(parm->flags & FLAG_WIZARD)) continue;
481
482 if ((parm_filter & FLAG_ADVANCED) && !(parm->flags & FLAG_ADVANCED)) continue;
483
484 if (heading && heading != last_heading) {
485 printf("<tr><td></td></tr><tr><td><b><u>%s</u></b></td></tr>\n", _(heading));
486 last_heading = heading;
487 }
488 show_parameter(snum, parm);
489 }
490 }
491
492 /****************************************************************************
493 load the smb.conf file into loadparm.
494 ****************************************************************************/
495 static BOOL load_config(BOOL save_def)
496 {
497 lp_resetnumservices();
498 return lp_load(dyn_CONFIGFILE,False,save_def,False,True);
499 }
500
501 /****************************************************************************
502 write a config file
503 ****************************************************************************/
504 static void write_config(FILE *f, BOOL show_defaults)
505 {
506 fprintf(f, "# Samba config file created using SWAT\n");
507 fprintf(f, "# from %s (%s)\n", cgi_remote_host(), cgi_remote_addr());
508 fprintf(f, "# Date: %s\n\n", current_timestring(False));
509
510 lp_dump(f, show_defaults, iNumNonAutoPrintServices);
511 }
512
513 /****************************************************************************
514 save and reload the smb.conf config file
515 ****************************************************************************/
516 static int save_reload(int snum)
517 {
518 FILE *f;
519 struct stat st;
520
521 f = sys_fopen(dyn_CONFIGFILE,"w");
522 if (!f) {
523 printf(_("failed to open %s for writing"), dyn_CONFIGFILE);
524 printf("\n");
525 return 0;
526 }
527
528 /* just in case they have used the buggy xinetd to create the file */
529 if (fstat(fileno(f), &st) == 0 &&
530 (st.st_mode & S_IWOTH)) {
531 #if defined HAVE_FCHMOD
532 fchmod(fileno(f), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH);
533 #else
534 chmod(dyn_CONFIGFILE, S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH);
535 #endif
536 }
537
538 write_config(f, False);
539 if (snum >= 0)
540 lp_dump_one(f, False, snum);
541 fclose(f);
542
543 lp_killunused(NULL);
544
545 if (!load_config(False)) {
546 printf(_("Can't reload %s"), dyn_CONFIGFILE);
547 printf("\n");
548 return 0;
549 }
550 iNumNonAutoPrintServices = lp_numservices();
551 load_printers();
552
553 return 1;
554 }
555
556 /****************************************************************************
557 commit one parameter
558 ****************************************************************************/
559 static void commit_parameter(int snum, struct parm_struct *parm, const char *v)
560 {
561 int i;
562 char *s;
563
564 if (snum < 0 && parm->p_class == P_LOCAL) {
565 /* this handles the case where we are changing a local
566 variable globally. We need to change the parameter in
567 all shares where it is currently set to the default */
568 for (i=0;i<lp_numservices();i++) {
569 s = lp_servicename(i);
570 if (s && (*s) && lp_is_default(i, parm)) {
571 lp_do_parameter(i, parm->label, v);
572 }
573 }
574 }
575
576 lp_do_parameter(snum, parm->label, v);
577 }
578
579 /****************************************************************************
580 commit a set of parameters for a service
581 ****************************************************************************/
582 static void commit_parameters(int snum)
583 {
584 int i = 0;
585 struct parm_struct *parm;
586 pstring label;
587 const char *v;
588
589 while ((parm = lp_next_parameter(snum, &i, 1))) {
590 slprintf(label, sizeof(label)-1, "parm_%s", make_parm_name(parm->label));
591 if ((v = cgi_variable(label)) != NULL) {
592 if (parm->flags & FLAG_HIDE) continue;
593 commit_parameter(snum, parm, v);
594 }
595 }
596 }
597
598 /****************************************************************************
599 spit out the html for a link with an image
600 ****************************************************************************/
601 static void image_link(const char *name, const char *hlink, const char *src)
602 {
603 printf("<A HREF=\"%s/%s\"><img border=\"0\" src=\"/swat/%s\" alt=\"%s\"></A>\n",
604 cgi_baseurl(), hlink, src, name);
605 }
606
607 /****************************************************************************
608 display the main navigation controls at the top of each page along
609 with a title
610 ****************************************************************************/
611 static void show_main_buttons(void)
612 {
613 char *p;
614
615 if ((p = cgi_user_name()) && strcmp(p, "root")) {
616 printf(_("Logged in as <b>%s</b>"), p);
617 printf("<p>\n");
618 }
619
620 image_link(_("Home"), "", "images/home.gif");
621 if (have_write_access) {
622 image_link(_("Globals"), "globals", "images/globals.gif");
623 image_link(_("Shares"), "shares", "images/shares.gif");
624 image_link(_("Printers"), "printers", "images/printers.gif");
625 image_link(_("Wizard"), "wizard", "images/wizard.gif");
626 }
627 /* root always gets all buttons, otherwise look for -P */
628 if ( have_write_access || (!passwd_only && have_read_access) ) {
629 image_link(_("Status"), "status", "images/status.gif");
630 image_link(_("View Config"), "viewconfig", "images/viewconfig.gif");
631 }
632 image_link(_("Password Management"), "passwd", "images/passwd.gif");
633
634 printf("<HR>\n");
635 }
636
637 /****************************************************************************
638 * Handle Display/Edit Mode CGI
639 ****************************************************************************/
640 static void ViewModeBoxes(int mode)
641 {
642 printf("<p>%s:&nbsp;\n", _("Current View Is"));
643 printf("<input type=radio name=\"ViewMode\" value=0 %s>%s\n", ((mode == 0) ? "checked" : ""), _("Basic"));
644 printf("<input type=radio name=\"ViewMode\" value=1 %s>%s\n", ((mode == 1) ? "checked" : ""), _("Advanced"));
645 printf("<br>%s:&nbsp;\n", _("Change View To"));
646 printf("<input type=submit name=\"BasicMode\" value=\"%s\">\n", _("Basic"));
647 printf("<input type=submit name=\"AdvMode\" value=\"%s\">\n", _("Advanced"));
648 printf("</p><br>\n");
649 }
650
651 /****************************************************************************
652 display a welcome page
653 ****************************************************************************/
654 static void welcome_page(void)
655 {
656 if (file_exist("help/welcome.html", NULL)) {
657 include_html("help/welcome.html");
658 } else {
659 include_html("help/welcome-no-samba-doc.html");
660 }
661 }
662
663 /****************************************************************************
664 display the current smb.conf
665 ****************************************************************************/
666 static void viewconfig_page(void)
667 {
668 int full_view=0;
669 const char form_name[] = "viewconfig";
670
671 if (!verify_xsrf_token(form_name)) {
672 goto output_page;
673 }
674
675 if (cgi_variable("full_view")) {
676 full_view = 1;
677 }
678
679 output_page:
680 printf("<H2>%s</H2>\n", _("Current Config"));
681 printf("<form method=post>\n");
682 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
683
684 if (full_view) {
685 printf("<input type=submit name=\"normal_view\" value=\"%s\">\n", _("Normal View"));
686 } else {
687 printf("<input type=submit name=\"full_view\" value=\"%s\">\n", _("Full View"));
688 }
689
690 printf("<p><pre>");
691 write_config(stdout, full_view);
692 printf("</pre>");
693 printf("</form>\n");
694 }
695
696 /****************************************************************************
697 second screen of the wizard ... Fetch Configuration Parameters
698 ****************************************************************************/
699 static void wizard_params_page(void)
700 {
701 unsigned int parm_filter = FLAG_WIZARD;
702 const char form_name[] = "wizard_params";
703
704 /* Here we first set and commit all the parameters that were selected
705 in the previous screen. */
706
707 printf("<H2>%s</H2>\n", _("Wizard Parameter Edit Page"));
708
709 if (!verify_xsrf_token(form_name)) {
710 goto output_page;
711 }
712
713 if (cgi_variable("Commit")) {
714 commit_parameters(GLOBAL_SECTION_SNUM);
715 save_reload(0);
716 }
717
718 output_page:
719 printf("<form name=\"swatform\" method=post action=wizard_params>\n");
720 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
721
722 if (have_write_access) {
723 printf("<input type=submit name=\"Commit\" value=\"Commit Changes\">\n");
724 }
725
726 printf("<input type=reset name=\"Reset Values\" value=\"Reset\">\n");
727 printf("<p>\n");
728
729 printf("<table>\n");
730 show_parameters(GLOBAL_SECTION_SNUM, 1, parm_filter, 0);
731 printf("</table>\n");
732 printf("</form>\n");
733 }
734
735 /****************************************************************************
736 Utility to just rewrite the smb.conf file - effectively just cleans it up
737 ****************************************************************************/
738 static void rewritecfg_file(void)
739 {
740 commit_parameters(GLOBAL_SECTION_SNUM);
741 save_reload(0);
742 printf("<H2>%s</H2>\n", _("Note: smb.conf file has been read and rewritten"));
743 }
744
745 /****************************************************************************
746 wizard to create/modify the smb.conf file
747 ****************************************************************************/
748 static void wizard_page(void)
749 {
750 /* Set some variables to collect data from smb.conf */
751 int role = 0;
752 int winstype = 0;
753 int have_home = -1;
754 int HomeExpo = 0;
755 int SerType = 0;
756 const char form_name[] = "wizard";
757
758 if (!verify_xsrf_token(form_name)) {
759 goto output_page;
760 }
761
762 if (cgi_variable("Rewrite")) {
763 (void) rewritecfg_file();
764 return;
765 }
766
767 if (cgi_variable("GetWizardParams")){
768 (void) wizard_params_page();
769 return;
770 }
771
772 if (cgi_variable("Commit")){
773 SerType = atoi(cgi_variable_nonull("ServerType"));
774 winstype = atoi(cgi_variable_nonull("WINSType"));
775 have_home = lp_servicenumber(HOMES_NAME);
776 HomeExpo = atoi(cgi_variable_nonull("HomeExpo"));
777
778 /* Plain text passwords are too badly broken - use encrypted passwords only */
779 lp_do_parameter( GLOBAL_SECTION_SNUM, "encrypt passwords", "Yes");
780
781 switch ( SerType ){
782 case 0:
783 /* Stand-alone Server */
784 lp_do_parameter( GLOBAL_SECTION_SNUM, "security", "USER" );
785 lp_do_parameter( GLOBAL_SECTION_SNUM, "domain logons", "No" );
786 break;
787 case 1:
788 /* Domain Member */
789 lp_do_parameter( GLOBAL_SECTION_SNUM, "security", "DOMAIN" );
790 lp_do_parameter( GLOBAL_SECTION_SNUM, "domain logons", "No" );
791 break;
792 case 2:
793 /* Domain Controller */
794 lp_do_parameter( GLOBAL_SECTION_SNUM, "security", "USER" );
795 lp_do_parameter( GLOBAL_SECTION_SNUM, "domain logons", "Yes" );
796 break;
797 }
798 switch ( winstype ) {
799 case 0:
800 lp_do_parameter( GLOBAL_SECTION_SNUM, "wins support", "No" );
801 lp_do_parameter( GLOBAL_SECTION_SNUM, "wins server", "" );
802 break;
803 case 1:
804 lp_do_parameter( GLOBAL_SECTION_SNUM, "wins support", "Yes" );
805 lp_do_parameter( GLOBAL_SECTION_SNUM, "wins server", "" );
806 break;
807 case 2:
808 lp_do_parameter( GLOBAL_SECTION_SNUM, "wins support", "No" );
809 lp_do_parameter( GLOBAL_SECTION_SNUM, "wins server", cgi_variable_nonull("WINSAddr"));
810 break;
811 }
812
813 /* Have to create Homes share? */
814 if ((HomeExpo == 1) && (have_home == -1)) {
815 pstring unix_share;
816
817 pstrcpy(unix_share,HOMES_NAME);
818 load_config(False);
819 lp_copy_service(GLOBAL_SECTION_SNUM, unix_share);
820 iNumNonAutoPrintServices = lp_numservices();
821 have_home = lp_servicenumber(HOMES_NAME);
822 lp_do_parameter( have_home, "read only", "No");
823 lp_do_parameter( have_home, "valid users", "%S");
824 lp_do_parameter( have_home, "browseable", "No");
825 commit_parameters(have_home);
826 }
827
828 /* Need to Delete Homes share? */
829 if ((HomeExpo == 0) && (have_home != -1)) {
830 lp_remove_service(have_home);
831 have_home = -1;
832 }
833
834 commit_parameters(GLOBAL_SECTION_SNUM);
835 save_reload(0);
836 }
837 else
838 {
839 /* Now determine smb.conf WINS settings */
840 if (lp_wins_support())
841 winstype = 1;
842 if (lp_wins_server_list() && strlen(*lp_wins_server_list()))
843 winstype = 2;
844
845
846 /* Do we have a homes share? */
847 have_home = lp_servicenumber(HOMES_NAME);
848 }
849 if ((winstype == 2) && lp_wins_support())
850 winstype = 3;
851
852 role = lp_server_role();
853
854 output_page:
855 /* Here we go ... */
856 printf("<H2>%s</H2>\n", _("Samba Configuration Wizard"));
857 printf("<form method=post action=wizard>\n");
858 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
859
860 if (have_write_access) {
861 printf("%s\n", _("The \"Rewrite smb.conf file\" button will clear the smb.conf file of all default values and of comments."));
862 printf("%s", _("The same will happen if you press the commit button."));
863 printf("<br><br>\n");
864 printf("<center>");
865 printf("<input type=submit name=\"Rewrite\" value=\"%s\"> &nbsp;&nbsp;",_("Rewrite smb.conf file"));
866 printf("<input type=submit name=\"Commit\" value=\"%s\"> &nbsp;&nbsp;",_("Commit"));
867 printf("<input type=submit name=\"GetWizardParams\" value=\"%s\">", _("Edit Parameter Values"));
868 printf("</center>\n");
869 }
870
871 printf("<hr>");
872 printf("<center><table border=0>");
873 printf("<tr><td><b>%s:&nbsp;</b></td>\n", _("Server Type"));
874 printf("<td><input type=radio name=\"ServerType\" value=\"0\" %s> %s&nbsp;</td>", ((role == ROLE_STANDALONE) ? "checked" : ""), _("Stand Alone"));
875 printf("<td><input type=radio name=\"ServerType\" value=\"1\" %s> %s&nbsp;</td>", ((role == ROLE_DOMAIN_MEMBER) ? "checked" : ""), _("Domain Member"));
876 printf("<td><input type=radio name=\"ServerType\" value=\"2\" %s> %s&nbsp;</td>", ((role == ROLE_DOMAIN_PDC) ? "checked" : ""), _("Domain Controller"));
877 printf("</tr>\n");
878 if (role == ROLE_DOMAIN_BDC) {
879 printf("<tr><td></td><td colspan=3><font color=\"#ff0000\">%s</font></td></tr>\n", _("Unusual Type in smb.conf - Please Select New Mode"));
880 }
881 printf("<tr><td><b>%s:&nbsp;</b></td>\n", _("Configure WINS As"));
882 printf("<td><input type=radio name=\"WINSType\" value=\"0\" %s> %s&nbsp;</td>", ((winstype == 0) ? "checked" : ""), _("Not Used"));
883 printf("<td><input type=radio name=\"WINSType\" value=\"1\" %s> %s&nbsp;</td>", ((winstype == 1) ? "checked" : ""), _("Server for client use"));
884 printf("<td><input type=radio name=\"WINSType\" value=\"2\" %s> %s&nbsp;</td>", ((winstype == 2) ? "checked" : ""), _("Client of another WINS server"));
885 printf("</tr>\n");
886 printf("<tr><td></td><td></td><td></td><td>%s&nbsp;<input type=text size=\"16\" name=\"WINSAddr\" value=\"", _("Remote WINS Server"));
887
888 /* Print out the list of wins servers */
889 if(lp_wins_server_list()) {
890 int i;
891 const char **wins_servers = lp_wins_server_list();
892 for(i = 0; wins_servers[i]; i++) printf("%s ", wins_servers[i]);
893 }
894
895 printf("\"></td></tr>\n");
896 if (winstype == 3) {
897 printf("<tr><td></td><td colspan=3><font color=\"#ff0000\">%s</font></td></tr>\n", _("Error: WINS Server Mode and WINS Support both set in smb.conf"));
898 printf("<tr><td></td><td colspan=3><font color=\"#ff0000\">%s</font></td></tr>\n", _("Please Select desired WINS mode above."));
899 }
900 printf("<tr><td><b>%s:&nbsp;</b></td>\n", _("Expose Home Directories"));
901 printf("<td><input type=radio name=\"HomeExpo\" value=\"1\" %s> Yes</td>", (have_home == -1) ? "" : "checked ");
902 printf("<td><input type=radio name=\"HomeExpo\" value=\"0\" %s> No</td>", (have_home == -1 ) ? "checked" : "");
903 printf("<td></td></tr>\n");
904
905 /* Enable this when we are ready ....
906 * printf("<tr><td><b>%s:&nbsp;</b></td>\n", _("Is Print Server"));
907 * printf("<td><input type=radio name=\"PtrSvr\" value=\"1\" %s> Yes</td>");
908 * printf("<td><input type=radio name=\"PtrSvr\" value=\"0\" %s> No</td>");
909 * printf("<td></td></tr>\n");
910 */
911
912 printf("</table></center>");
913 printf("<hr>");
914
915 printf("%s\n", _("The above configuration options will set multiple parameters and will generally assist with rapid Samba deployment."));
916 printf("</form>\n");
917 }
918
919
920 /****************************************************************************
921 display a globals editing page
922 ****************************************************************************/
923 static void globals_page(void)
924 {
925 unsigned int parm_filter = FLAG_BASIC;
926 int mode = 0;
927 const char form_name[] = "globals";
928
929 printf("<H2>%s</H2>\n", _("Global Parameters"));
930
931 if (!verify_xsrf_token(form_name)) {
932 goto output_page;
933 }
934
935 if (cgi_variable("Commit")) {
936 commit_parameters(GLOBAL_SECTION_SNUM);
937 save_reload(0);
938 }
939
940 if ( cgi_variable("ViewMode") )
941 mode = atoi(cgi_variable_nonull("ViewMode"));
942 if ( cgi_variable("BasicMode"))
943 mode = 0;
944 if ( cgi_variable("AdvMode"))
945 mode = 1;
946
947 output_page:
948 printf("<form name=\"swatform\" method=post action=globals>\n");
949 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
950
951 ViewModeBoxes( mode );
952 switch ( mode ) {
953 case 0:
954 parm_filter = FLAG_BASIC;
955 break;
956 case 1:
957 parm_filter = FLAG_ADVANCED;
958 break;
959 }
960 printf("<br>\n");
961 if (have_write_access) {
962 printf("<input type=submit name=\"Commit\" value=\"%s\">\n",
963 _("Commit Changes"));
964 }
965
966 printf("<input type=reset name=\"Reset Values\" value=\"%s\">\n",
967 _("Reset Values"));
968
969 printf("<p>\n");
970 printf("<table>\n");
971 show_parameters(GLOBAL_SECTION_SNUM, 1, parm_filter, 0);
972 printf("</table>\n");
973 printf("</form>\n");
974 }
975
976 /****************************************************************************
977 display a shares editing page. share is in unix codepage,
978 ****************************************************************************/
979 static void shares_page(void)
980 {
981 const char *share = cgi_variable("share");
982 char *s;
983 char *utf8_s;
984 int snum = -1;
985 int i;
986 int mode = 0;
987 unsigned int parm_filter = FLAG_BASIC;
988 const char form_name[] = "shares";
989
990 printf("<H2>%s</H2>\n", _("Share Parameters"));
991
992 if (!verify_xsrf_token(form_name)) {
993 goto output_page;
994 }
995
996 if (share)
997 snum = lp_servicenumber(share);
998
999 if (cgi_variable("Commit") && snum >= 0) {
1000 commit_parameters(snum);
1001 save_reload(0);
1002 }
1003
1004 if (cgi_variable("Delete") && snum >= 0) {
1005 lp_remove_service(snum);
1006 save_reload(0);
1007 share = NULL;
1008 snum = -1;
1009 }
1010
1011 if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) {
1012 load_config(False);
1013 lp_copy_service(GLOBAL_SECTION_SNUM, share);
1014 iNumNonAutoPrintServices = lp_numservices();
1015 save_reload(0);
1016 snum = lp_servicenumber(share);
1017 }
1018
1019 if ( cgi_variable("ViewMode") )
1020 mode = atoi(cgi_variable_nonull("ViewMode"));
1021 if ( cgi_variable("BasicMode"))
1022 mode = 0;
1023 if ( cgi_variable("AdvMode"))
1024 mode = 1;
1025
1026 output_page:
1027 printf("<FORM name=\"swatform\" method=post>\n");
1028 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
1029
1030 printf("<table>\n");
1031
1032 ViewModeBoxes( mode );
1033 switch ( mode ) {
1034 case 0:
1035 parm_filter = FLAG_BASIC;
1036 break;
1037 case 1:
1038 parm_filter = FLAG_ADVANCED;
1039 break;
1040 }
1041 printf("<br><tr>\n");
1042 printf("<td><input type=submit name=selectshare value=\"%s\"></td>\n", _("Choose Share"));
1043 printf("<td><select name=share>\n");
1044 if (snum < 0)
1045 printf("<option value=\" \"> \n");
1046 for (i=0;i<lp_numservices();i++) {
1047 s = lp_servicename(i);
1048 if (s && (*s) && strcmp(s,"IPC$") && !lp_print_ok(i)) {
1049 push_utf8_allocate(&utf8_s, s);
1050 printf("<option %s value=\"%s\">%s\n",
1051 (share && strcmp(share,s)==0)?"SELECTED":"",
1052 utf8_s, utf8_s);
1053 SAFE_FREE(utf8_s);
1054
1055 }
1056 }
1057 printf("</select></td>\n");
1058 if (have_write_access) {
1059 printf("<td><input type=submit name=\"Delete\" value=\"%s\"></td>\n", _("Delete Share"));
1060 }
1061 printf("</tr>\n");
1062 printf("</table>");
1063 printf("<table>");
1064 if (have_write_access) {
1065 printf("<tr>\n");
1066 printf("<td><input type=submit name=createshare value=\"%s\"></td>\n", _("Create Share"));
1067 printf("<td><input type=text size=30 name=newshare></td></tr>\n");
1068 }
1069 printf("</table>");
1070
1071
1072 if (snum >= 0) {
1073 if (have_write_access) {
1074 printf("<input type=submit name=\"Commit\" value=\"%s\">\n", _("Commit Changes"));
1075 }
1076
1077 printf("<input type=reset name=\"Reset Values\" value=\"%s\">\n", _("Reset Values"));
1078 printf("<p>\n");
1079 }
1080
1081 if (snum >= 0) {
1082 printf("<table>\n");
1083 show_parameters(snum, 1, parm_filter, 0);
1084 printf("</table>\n");
1085 }
1086
1087 printf("</FORM>\n");
1088 }
1089
1090 /*************************************************************
1091 change a password either locally or remotely
1092 *************************************************************/
1093 static BOOL change_password(const char *remote_machine, const char *user_name,
1094 const char *old_passwd, const char *new_passwd,
1095 int local_flags)
1096 {
1097 NTSTATUS ret;
1098 pstring err_str;
1099 pstring msg_str;
1100
1101 if (demo_mode) {
1102 printf("%s\n<p>", _("password change in demo mode rejected"));
1103 return False;
1104 }
1105
1106 if (remote_machine != NULL) {
1107 ret = remote_password_change(remote_machine, user_name, old_passwd,
1108 new_passwd, err_str, sizeof(err_str));
1109 if(*err_str)
1110 printf("%s\n<p>", err_str);
1111 return NT_STATUS_IS_OK(ret);
1112 }
1113
1114 if(!initialize_password_db(True)) {
1115 printf("%s\n<p>", _("Can't setup password database vectors."));
1116 return False;
1117 }
1118
1119 ret = local_password_change(user_name, local_flags, new_passwd, err_str, sizeof(err_str),
1120 msg_str, sizeof(msg_str));
1121
1122 if(*msg_str)
1123 printf("%s\n<p>", msg_str);
1124 if(*err_str)
1125 printf("%s\n<p>", err_str);
1126
1127 return NT_STATUS_IS_OK(ret);
1128 }
1129
1130 /****************************************************************************
1131 do the stuff required to add or change a password
1132 ****************************************************************************/
1133 static void chg_passwd(void)
1134 {
1135 const char *host;
1136 BOOL rslt;
1137 int local_flags = 0;
1138
1139 /* Make sure users name has been specified */
1140 if (strlen(cgi_variable_nonull(SWAT_USER)) == 0) {
1141 printf("<p>%s\n", _(" Must specify \"User Name\" "));
1142 return;
1143 }
1144
1145 /*
1146 * smbpasswd doesn't require anything but the users name to delete, disable or enable the user,
1147 * so if that's what we're doing, skip the rest of the checks
1148 */
1149 if (!cgi_variable(DISABLE_USER_FLAG) && !cgi_variable(ENABLE_USER_FLAG) && !cgi_variable(DELETE_USER_FLAG)) {
1150
1151 /*
1152 * If current user is not root, make sure old password has been specified
1153 * If REMOTE change, even root must provide old password
1154 */
1155 if (((!am_root()) && (strlen( cgi_variable_nonull(OLD_PSWD)) <= 0)) ||
1156 ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable_nonull(OLD_PSWD)) <= 0))) {
1157 printf("<p>%s\n", _(" Must specify \"Old Password\" "));
1158 return;
1159 }
1160
1161 /* If changing a users password on a remote hosts we have to know what host */
1162 if ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable_nonull(RHOST)) <= 0)) {
1163 printf("<p>%s\n", _(" Must specify \"Remote Machine\" "));
1164 return;
1165 }
1166
1167 /* Make sure new passwords have been specified */
1168 if ((strlen( cgi_variable_nonull(NEW_PSWD)) <= 0) ||
1169 (strlen( cgi_variable_nonull(NEW2_PSWD)) <= 0)) {
1170 printf("<p>%s\n", _(" Must specify \"New, and Re-typed Passwords\" "));
1171 return;
1172 }
1173
1174 /* Make sure new passwords was typed correctly twice */
1175 if (strcmp(cgi_variable_nonull(NEW_PSWD), cgi_variable_nonull(NEW2_PSWD)) != 0) {
1176 printf("<p>%s\n", _(" Re-typed password didn't match new password "));
1177 return;
1178 }
1179 }
1180
1181 if (cgi_variable(CHG_R_PASSWD_FLAG)) {
1182 host = cgi_variable(RHOST);
1183 } else if (am_root()) {
1184 host = NULL;
1185 } else {
1186 host = "127.0.0.1";
1187 }
1188
1189 /*
1190 * Set up the local flags.
1191 */
1192
1193 local_flags |= (cgi_variable(ADD_USER_FLAG) ? LOCAL_ADD_USER : 0);
1194 local_flags |= (cgi_variable(ADD_USER_FLAG) ? LOCAL_SET_PASSWORD : 0);
1195 local_flags |= (cgi_variable(CHG_S_PASSWD_FLAG) ? LOCAL_SET_PASSWORD : 0);
1196 local_flags |= (cgi_variable(DELETE_USER_FLAG) ? LOCAL_DELETE_USER : 0);
1197 local_flags |= (cgi_variable(ENABLE_USER_FLAG) ? LOCAL_ENABLE_USER : 0);
1198 local_flags |= (cgi_variable(DISABLE_USER_FLAG) ? LOCAL_DISABLE_USER : 0);
1199
1200
1201 rslt = change_password(host,
1202 cgi_variable_nonull(SWAT_USER),
1203 cgi_variable_nonull(OLD_PSWD), cgi_variable_nonull(NEW_PSWD),
1204 local_flags);
1205
1206 if(cgi_variable(CHG_S_PASSWD_FLAG)) {
1207 printf("<p>");
1208 if (rslt == True) {
1209 printf("%s\n", _(" The passwd has been changed."));
1210 } else {
1211 printf("%s\n", _(" The passwd has NOT been changed."));
1212 }
1213 }
1214
1215 return;
1216 }
1217
1218 /****************************************************************************
1219 display a password editing page
1220 ****************************************************************************/
1221 static void passwd_page(void)
1222 {
1223 const char *new_name = cgi_user_name();
1224 const char passwd_form[] = "passwd";
1225 const char rpasswd_form[] = "rpasswd";
1226
1227 if (!new_name) new_name = "";
1228
1229 printf("<H2>%s</H2>\n", _("Server Password Management"));
1230
1231 printf("<FORM name=\"swatform\" method=post>\n");
1232 print_xsrf_token(cgi_user_name(), cgi_user_pass(), passwd_form);
1233
1234 printf("<table>\n");
1235
1236 /*
1237 * Create all the dialog boxes for data collection
1238 */
1239 printf("<tr><td> %s : </td>\n", _("User Name"));
1240 printf("<td><input type=text size=30 name=%s value=%s></td></tr> \n", SWAT_USER, new_name);
1241 if (!am_root()) {
1242 printf("<tr><td> %s : </td>\n", _("Old Password"));
1243 printf("<td><input type=password size=30 name=%s></td></tr> \n",OLD_PSWD);
1244 }
1245 printf("<tr><td> %s : </td>\n", _("New Password"));
1246 printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW_PSWD);
1247 printf("<tr><td> %s : </td>\n", _("Re-type New Password"));
1248 printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW2_PSWD);
1249 printf("</table>\n");
1250
1251 /*
1252 * Create all the control buttons for requesting action
1253 */
1254 printf("<input type=submit name=%s value=\"%s\">\n",
1255 CHG_S_PASSWD_FLAG, _("Change Password"));
1256 if (demo_mode || am_root()) {
1257 printf("<input type=submit name=%s value=\"%s\">\n",
1258 ADD_USER_FLAG, _("Add New User"));
1259 printf("<input type=submit name=%s value=\"%s\">\n",
1260 DELETE_USER_FLAG, _("Delete User"));
1261 printf("<input type=submit name=%s value=\"%s\">\n",
1262 DISABLE_USER_FLAG, _("Disable User"));
1263 printf("<input type=submit name=%s value=\"%s\">\n",
1264 ENABLE_USER_FLAG, _("Enable User"));
1265 }
1266 printf("<p></FORM>\n");
1267
1268 /*
1269 * Do some work if change, add, disable or enable was
1270 * requested. It could be this is the first time through this
1271 * code, so there isn't anything to do. */
1272 if (verify_xsrf_token(passwd_form) &&
1273 ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) ||
1274 (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG)))) {
1275 chg_passwd();
1276 }
1277
1278 printf("<H2>%s</H2>\n", _("Client/Server Password Management"));
1279
1280 printf("<FORM name=\"swatform\" method=post>\n");
1281 print_xsrf_token(cgi_user_name(), cgi_user_pass(), rpasswd_form);
1282
1283 printf("<table>\n");
1284
1285 /*
1286 * Create all the dialog boxes for data collection
1287 */
1288 printf("<tr><td> %s : </td>\n", _("User Name"));
1289 printf("<td><input type=text size=30 name=%s value=%s></td></tr>\n",SWAT_USER, new_name);
1290 printf("<tr><td> %s : </td>\n", _("Old Password"));
1291 printf("<td><input type=password size=30 name=%s></td></tr>\n",OLD_PSWD);
1292 printf("<tr><td> %s : </td>\n", _("New Password"));
1293 printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW_PSWD);
1294 printf("<tr><td> %s : </td>\n", _("Re-type New Password"));
1295 printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW2_PSWD);
1296 printf("<tr><td> %s : </td>\n", _("Remote Machine"));
1297 printf("<td><input type=text size=30 name=%s></td></tr>\n",RHOST);
1298
1299 printf("</table>");
1300
1301 /*
1302 * Create all the control buttons for requesting action
1303 */
1304 printf("<input type=submit name=%s value=\"%s\">",
1305 CHG_R_PASSWD_FLAG, _("Change Password"));
1306
1307 printf("<p></FORM>\n");
1308
1309 /*
1310 * Do some work if a request has been made to change the
1311 * password somewhere other than the server. It could be this
1312 * is the first time through this code, so there isn't
1313 * anything to do. */
1314 if (verify_xsrf_token(passwd_form) && cgi_variable(CHG_R_PASSWD_FLAG)) {
1315 chg_passwd();
1316 }
1317
1318 }
1319
1320 /****************************************************************************
1321 display a printers editing page
1322 ****************************************************************************/
1323 static void printers_page(void)
1324 {
1325 const char *share = cgi_variable("share");
1326 char *s;
1327 int snum=-1;
1328 int i;
1329 int mode = 0;
1330 unsigned int parm_filter = FLAG_BASIC;
1331 const char form_name[] = "printers";
1332
1333 if (!verify_xsrf_token(form_name)) {
1334 goto output_page;
1335 }
1336
1337 if (share)
1338 snum = lp_servicenumber(share);
1339
1340 if (cgi_variable("Commit") && snum >= 0) {
1341 commit_parameters(snum);
1342 if (snum >= iNumNonAutoPrintServices)
1343 save_reload(snum);
1344 else
1345 save_reload(0);
1346 }
1347
1348 if (cgi_variable("Delete") && snum >= 0) {
1349 lp_remove_service(snum);
1350 save_reload(0);
1351 share = NULL;
1352 snum = -1;
1353 }
1354
1355 if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) {
1356 load_config(False);
1357 lp_copy_service(GLOBAL_SECTION_SNUM, share);
1358 iNumNonAutoPrintServices = lp_numservices();
1359 snum = lp_servicenumber(share);
1360 lp_do_parameter(snum, "print ok", "Yes");
1361 save_reload(0);
1362 snum = lp_servicenumber(share);
1363 }
1364
1365 if ( cgi_variable("ViewMode") )
1366 mode = atoi(cgi_variable_nonull("ViewMode"));
1367 if ( cgi_variable("BasicMode"))
1368 mode = 0;
1369 if ( cgi_variable("AdvMode"))
1370 mode = 1;
1371
1372 output_page:
1373 printf("<H2>%s</H2>\n", _("Printer Parameters"));
1374
1375 printf("<H3>%s</H3>\n", _("Important Note:"));
1376 printf("%s",_("Printer names marked with [*] in the Choose Printer drop-down box "));
1377 printf("%s",_("are autoloaded printers from "));
1378 printf("<A HREF=\"/swat/help/smb.conf.5.html#printcapname\" target=\"docs\">%s</A>\n", _("Printcap Name"));
1379 printf("%s\n", _("Attempting to delete these printers from SWAT will have no effect."));
1380
1381
1382 printf("<FORM name=\"swatform\" method=post>\n");
1383 print_xsrf_token(cgi_user_name(), cgi_user_pass(), form_name);
1384
1385 ViewModeBoxes( mode );
1386 switch ( mode ) {
1387 case 0:
1388 parm_filter = FLAG_BASIC;
1389 break;
1390 case 1:
1391 parm_filter = FLAG_ADVANCED;
1392 break;
1393 }
1394 printf("<table>\n");
1395 printf("<tr><td><input type=submit name=\"selectshare\" value=\"%s\"></td>\n", _("Choose Printer"));
1396 printf("<td><select name=\"share\">\n");
1397 if (snum < 0 || !lp_print_ok(snum))
1398 printf("<option value=\" \"> \n");
1399 for (i=0;i<lp_numservices();i++) {
1400 s = lp_servicename(i);
1401 if (s && (*s) && strcmp(s,"IPC$") && lp_print_ok(i)) {
1402 if (i >= iNumNonAutoPrintServices)
1403 printf("<option %s value=\"%s\">[*]%s\n",
1404 (share && strcmp(share,s)==0)?"SELECTED":"",
1405 s, s);
1406 else
1407 printf("<option %s value=\"%s\">%s\n",
1408 (share && strcmp(share,s)==0)?"SELECTED":"",
1409 s, s);
1410 }
1411 }
1412 printf("</select></td>");
1413 if (have_write_access) {
1414 printf("<td><input type=submit name=\"Delete\" value=\"%s\"></td>\n", _("Delete Printer"));
1415 }
1416 printf("</tr>");
1417 printf("</table>\n");
1418
1419 if (have_write_access) {
1420 printf("<table>\n");
1421 printf("<tr><td><input type=submit name=\"createshare\" value=\"%s\"></td>\n", _("Create Printer"));
1422 printf("<td><input type=text size=30 name=\"newshare\"></td></tr>\n");
1423 printf("</table>");
1424 }
1425
1426
1427 if (snum >= 0) {
1428 if (have_write_access) {
1429 printf("<input type=submit name=\"Commit\" value=\"%s\">\n", _("Commit Changes"));
1430 }
1431 printf("<input type=reset name=\"Reset Values\" value=\"%s\">\n", _("Reset Values"));
1432 printf("<p>\n");
1433 }
1434
1435 if (snum >= 0) {
1436 printf("<table>\n");
1437 show_parameters(snum, 1, parm_filter, 1);
1438 printf("</table>\n");
1439 }
1440 printf("</FORM>\n");
1441 }
1442
1443
1444 /**
1445 * main function for SWAT.
1446 **/
1447 int main(int argc, char *argv[])
1448 {
1449 const char *page;
1450 poptContext pc;
1451 struct poptOption long_options[] = {
1452 POPT_AUTOHELP
1453 { "disable-authentication", 'a', POPT_ARG_VAL, &demo_mode, True, "Disable authentication (demo mode)" },
1454 { "password-menu-only", 'P', POPT_ARG_VAL, &passwd_only, True, "Show only change password menu" },
1455 POPT_COMMON_SAMBA
1456 POPT_TABLEEND
1457 };
1458
1459 fault_setup(NULL);
1460 umask(S_IWGRP | S_IWOTH);
1461
1462 #if defined(HAVE_SET_AUTH_PARAMETERS)
1463 set_auth_parameters(argc, argv);
1464 #endif /* HAVE_SET_AUTH_PARAMETERS */
1465
1466 /* just in case it goes wild ... */
1467 alarm(300);
1468
1469 setlinebuf(stdout);
1470
1471 /* we don't want any SIGPIPE messages */
1472 BlockSignals(True,SIGPIPE);
1473
1474 dbf = x_fopen("/dev/null", O_WRONLY, 0);
1475 if (!dbf) dbf = x_stderr;
1476
1477 /* we don't want stderr screwing us up */
1478 close(2);
1479 open("/dev/null", O_WRONLY);
1480
1481 pc = poptGetContext("swat", argc, (const char **) argv, long_options, 0);
1482
1483 /* Parse command line options */
1484
1485 while(poptGetNextOpt(pc) != -1) { }
1486
1487 poptFreeContext(pc);
1488
1489 load_case_tables();
1490
1491 setup_logging(argv[0],False);
1492 load_config(True);
1493 load_interfaces();
1494 iNumNonAutoPrintServices = lp_numservices();
1495 load_printers();
1496
1497 cgi_setup(dyn_SWATDIR, !demo_mode);
1498
1499 print_header();
1500
1501 cgi_load_variables();
1502
1503 if (!file_exist(dyn_CONFIGFILE, NULL)) {
1504 have_read_access = True;
1505 have_write_access = True;
1506 } else {
1507 /* check if the authenticated user has write access - if not then
1508 don't show write options */
1509 have_write_access = (access(dyn_CONFIGFILE,W_OK) == 0);
1510
1511 /* if the user doesn't have read access to smb.conf then
1512 don't let them view it */
1513 have_read_access = (access(dyn_CONFIGFILE,R_OK) == 0);
1514 }
1515
1516 show_main_buttons();
1517
1518 page = cgi_pathinfo();
1519
1520 /* Root gets full functionality */
1521 if (have_read_access && strcmp(page, "globals")==0) {
1522 globals_page();
1523 } else if (have_read_access && strcmp(page,"shares")==0) {
1524 shares_page();
1525 } else if (have_read_access && strcmp(page,"printers")==0) {
1526 printers_page();
1527 } else if (have_read_access && strcmp(page,"status")==0) {
1528 status_page();
1529 } else if (have_read_access && strcmp(page,"viewconfig")==0) {
1530 viewconfig_page();
1531 } else if (strcmp(page,"passwd")==0) {
1532 passwd_page();
1533 } else if (have_read_access && strcmp(page,"wizard")==0) {
1534 wizard_page();
1535 } else if (have_read_access && strcmp(page,"wizard_params")==0) {
1536 wizard_params_page();
1537 } else if (have_read_access && strcmp(page,"rewritecfg")==0) {
1538 rewritecfg_file();
1539 } else {
1540 welcome_page();
1541 }
1542
1543 print_footer();
1544 return 0;
1545 }
1546
1547 /** @} **/
Tomato firmware and modifications.