diff options
author | Andrew Tridgell <tridge@samba.org> | 1998-11-14 02:10:55 +0000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 1998-11-14 02:10:55 +0000 |
commit | 55377e3cdd5d8428e89b40946f0535b8cf5247ae (patch) | |
tree | b3d9b5520b041dfe140729f0fd7a79ebd151ae49 | |
parent | 08fd7032584bf93a92b71ea7d5f73d2da75c8bb0 (diff) | |
download | samba-55377e3cdd5d8428e89b40946f0535b8cf5247ae.tar.gz samba-55377e3cdd5d8428e89b40946f0535b8cf5247ae.tar.xz samba-55377e3cdd5d8428e89b40946f0535b8cf5247ae.zip |
remove code that allows installation via cgi
swat will now give an error message if run via cgi
-rw-r--r-- | source/web/cgi.c | 55 | ||||
-rw-r--r-- | source/web/swat.c | 2 |
2 files changed, 36 insertions, 21 deletions
diff --git a/source/web/cgi.c b/source/web/cgi.c index 9b5cf2158cc..db2cfb4555a 100644 --- a/source/web/cgi.c +++ b/source/web/cgi.c @@ -45,6 +45,7 @@ static char *query_string; static char *baseurl; static char *pathinfo; static char *C_user; +static BOOL inetd_server; static void unescape(char *buf) { @@ -258,6 +259,27 @@ static void cgi_setup_error(char *err, char *header, char *info) /*************************************************************************** +tell a browser about a fatal authentication error + ***************************************************************************/ +static void cgi_auth_error(void) +{ + if (inetd_server) { + cgi_setup_error("401 Authorization Required", + "WWW-Authenticate: Basic realm=\"SWAT\"\r\n", + "You must be authenticated to use this service"); + } else { + printf("Content-Type: text/html\r\n"); + + printf("\r\n<HTML><HEAD><TITLE>SWAT</TITLE></HEAD>\n"); + printf("<BODY><H1>Installation Error</H1>\n"); + printf("SWAT must be installed via inetd. It cannot be run as a CGI script<p>\n"); + printf("</BODY></HTML>\r\n"); + } + exit(0); +} + + +/*************************************************************************** decode a base64 string in-place - simple and slow algorithm ***************************************************************************/ static void base64_decode(char *s) @@ -297,7 +319,7 @@ static BOOL cgi_handle_authorization(char *line) { char *p, *user, *user_pass; struct passwd *pass = NULL; - int ret = False; + BOOL ret = False; if (strncasecmp(line,"Basic ", 6)) { cgi_setup_error("401 Bad Authorization", "", @@ -387,7 +409,7 @@ BOOL am_root(void) /*************************************************************************** return a ptr to the users name ***************************************************************************/ -char *get_user_name(void) +char *cgi_user_name(void) { return(C_user); } @@ -460,21 +482,16 @@ void cgi_setup(char *rootdir, int auth_required) "chdir failed - the server is not configured correctly"); } + /* maybe we are running under a web server */ if (getenv("CONTENT_LENGTH") || getenv("REQUEST_METHOD")) { - - char *x; - - /* Save the users name if available */ - if ((x = getenv("REMOTE_USER"))) { - C_user = strdup(x); - } else { - C_user = ""; + if (auth_required) { + cgi_auth_error(); } - - /* assume we are running under a real web server */ return; } + inetd_server = True; + #if CGI_LOGGING f = fopen("/tmp/cgi.log", "a"); if (f) fprintf(f,"\n[Date: %s %s (%s)]\n", @@ -509,9 +526,7 @@ void cgi_setup(char *rootdir, int auth_required) #endif if (auth_required && !authenticated) { - cgi_setup_error("401 Authorization Required", - "WWW-Authenticate: Basic realm=\"root\"\r\n", - "You must be authenticated to use this service"); + cgi_auth_error(); } if (!url) { @@ -551,7 +566,7 @@ return the current pages URL ***************************************************************************/ char *cgi_baseurl(void) { - if (baseurl) { + if (inetd_server) { return baseurl; } return getenv("SCRIPT_NAME"); @@ -563,7 +578,7 @@ return the current pages path info char *cgi_pathinfo(void) { char *r; - if (pathinfo) { + if (inetd_server) { return pathinfo; } r = getenv("PATH_INFO"); @@ -577,7 +592,7 @@ return the hostname of the client ***************************************************************************/ char *cgi_remote_host(void) { - if (baseurl) { + if (inetd_server) { return client_name(1); } return getenv("REMOTE_HOST"); @@ -588,7 +603,7 @@ return the hostname of the client ***************************************************************************/ char *cgi_remote_addr(void) { - if (baseurl) { + if (inetd_server) { return client_addr(1); } return getenv("REMOTE_ADDR"); @@ -600,7 +615,7 @@ return True if the request was a POST ***************************************************************************/ BOOL cgi_waspost(void) { - if (baseurl) { + if (inetd_server) { return request_post; } return strequal(getenv("REQUEST_METHOD"), "POST"); diff --git a/source/web/swat.c b/source/web/swat.c index ad98b7b96e6..4d12e4b2f41 100644 --- a/source/web/swat.c +++ b/source/web/swat.c @@ -697,7 +697,7 @@ static void chg_passwd(void) ****************************************************************************/ static void passwd_page(void) { - char *new_name = get_user_name(); + char *new_name = cgi_user_name(); /* * After the first time through here be nice. If the user |