defs.php3.in 12 KB
Newer Older
1 2
<?php
#
3
# EMULAB-COPYRIGHT
4
# Copyright (c) 2000-2007 University of Utah and the Flux Group.
5 6
# All rights reserved.
#
7 8 9 10 11
# Lets emulate register_globals=off for a while.
include("unregister_globals.php");

#
# Standard definitions.
12
#
13
$TBDIR          = "@prefix@/";
14
$OURDOMAIN      = "@OURDOMAIN@";
15
$BOSSNODE       = "@BOSSNODE@";
16
$USERNODE       = "@USERNODE@";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
17
$CVSNODE	= "cvs.${OURDOMAIN}";
18
$TBADMINGROUP   = "@TBADMINGROUP@";
19 20 21 22 23 24 25
$WWWHOST	= "@WWWHOST@";
$WWW		= "@WWW@";
$TBAUTHDOMAIN	= "@TBAUTHDOMAIN@";
$TBBASE		= "@TBBASE@";
$TBDOCBASE	= "@TBDOCBASE@";
$TBWWW		= "@TBWWW@";
$THISHOMEBASE	= "@THISHOMEBASE@";
26
$ELABINELAB     = @ELABINELAB@;
27
$WIKISUPPORT    = @WIKISUPPORT@;
28
$BUGDBSUPPORT   = @BUGDBSUPPORT@;
29
$CVSSUPPORT     = @CVSSUPPORT@;
30
$MAILMANSUPPORT = @MAILMANSUPPORT@;
31
$CHATSUPPORT    = @CHATSUPPORT@;
32
$CONTROL_NETWORK= "@CONTROL_NETWORK@";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
33 34
$WIKIHOME       = "https://${USERNODE}/twiki";
$WIKIURL        = "${WIKIHOME}/bin/newlogon";
35
$WIKICOOKIENAME = "WikiCookie";
36 37
$BUGDBURL       = "https://${USERNODE}/flyspray";
$BUGDBCOOKIENAME= "FlysprayCookie";
38
$MAILMANURL     = "http://${USERNODE}/mailman";
39
$OPSCVSURL      = "http://${USERNODE}/cvsweb/cvsweb.cgi";
40
$OPSJETIURL     = "http://${USERNODE}/jabber/jeti.php";
41 42
$MIN_UNIX_UID   = @MIN_UNIX_UID@;
$MIN_UNIX_GID   = @MIN_UNIX_GID@;
Leigh B. Stoller's avatar
Leigh B. Stoller committed
43
$EXPOSELINKTEST = 1;
44
$EXPOSESTATESAVE= 0;
45
$EXPOSEARCHIVE  = 0;
46
$EXPOSETEMPLATES= 0;
47
$USERSELECTUIDS = 1;
48

49 50 51 52 53 54
$TBMAILADDR_OPS		= "@TBOPSEMAIL_NOSLASH@";
$TBMAILADDR_WWW		= "@TBWWWEMAIL_NOSLASH@";
$TBMAILADDR_APPROVAL	= "@TBAPPROVALEMAIL_NOSLASH@";
$TBMAILADDR_LOGS	= "@TBLOGSEMAIL_NOSLASH@";
$TBMAILADDR_AUDIT	= "@TBAUDITEMAIL_NOSLASH@";

55 56 57 58 59
# Can override this in the defs file. 
$TBAUTHTIMEOUT  = "@TBAUTHTIMEOUT@";
$TBMAINSITE     = "@TBMAINSITE@";
$TBSECURECOOKIES= "@TBSECURECOOKIES@";
$TBCOOKIESUFFIX = "@TBCOOKIESUFFIX@";
60
$FANCYBANNER    = "@FANCYBANNER@";
61

Leigh B. Stoller's avatar
Leigh B. Stoller committed
62 63
$TBWWW_DIR	= "$TBDIR"."www/";
$TBBIN_DIR	= "$TBDIR"."bin/";
64
$TBETC_DIR	= "$TBDIR"."etc/";
65 66 67
$TBLIBEXEC_DIR	= "$TBDIR"."libexec/";
$TBSUEXEC_PATH  = "$TBLIBEXEC_DIR/suexec";
$TBCHKPASS_PATH = "$TBLIBEXEC_DIR/checkpass";
68
$TBCSLOGINS     = "$TBETC_DIR/cslogins";
69
$UUIDGEN_PATH   = "/usr/bin/uuidgen";
70

71 72
#
# Hardcoded check against $WWWHOST, to prevent anyone from accidentally setting
73
# $TBMAINSITE when it should not be
74 75 76 77 78
#
if ($WWWHOST != "www.emulab.net") {
    $TBMAINSITE = 0;
}

79 80 81 82
$TBPROJ_DIR     = "@PROJROOT_DIR@";
$TBUSER_DIR	= "@USERSROOT_DIR@";
$TBGROUP_DIR	= "@GROUPSROOT_DIR@";
$TBSCRATCH_DIR	= "@SCRATCHROOT_DIR@";
83
$TBCVSREPO_DIR  = "$TBPROJ_DIR/cvsrepos";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
84
$TBNSSUBDIR     = "nsdir";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
85

86 87 88 89 90 91 92
$TBVALIDDIRS	  = "$TBPROJ_DIR, $TBUSER_DIR, $TBGROUP_DIR";
$TBVALIDDIRS_HTML = "<code>$TBPROJ_DIR</code>, <code>$TBUSER_DIR</code>, <code>$TBGROUP_DIR</code>";
if ($TBSCRATCH_DIR) {
    $TBVALIDDIRS .= ", $TBSCRATCH_DIR";
    $TBVALIDDIRS_HTML .= ", <code>$TBSCRATCH_DIR</code>";
}

93 94
$TBAUTHCOOKIE   = "NewHashCookie" . $TBCOOKIESUFFIX;
$TBNAMECOOKIE   = "NewMyUidCookie" . $TBCOOKIESUFFIX;
95
$TBEMAILCOOKIE  = "MyEmailCookie" . $TBCOOKIESUFFIX;
96
$TBLOGINCOOKIE  = "NewLoginCookie" . $TBCOOKIESUFFIX;
97

98 99
$HTTPTAG        = "http://";

100 101 102 103 104 105
$TBMAIL_OPS		= "Testbed Ops <$TBMAILADDR_OPS>";
$TBMAIL_WWW		= "Testbed WWW <$TBMAILADDR_WWW>";
$TBMAIL_APPROVAL	= "Testbed Approval <$TBMAILADDR_APPROVAL>";
$TBMAIL_LOGS		= "Testbed Logs <$TBMAILADDR_LOGS>";
$TBMAIL_AUDIT		= "Testbed Audit <$TBMAILADDR_AUDIT>";

106
#
107 108 109
# This just spits out an email address in a page, so it does not need
# to be configured per development tree. It could be though ...
# 
110 111
$TBMAILADDR     = "<a href=\"mailto:$TBMAILADDR_OPS\">
                      Testbed Operations ($TBMAILADDR_OPS)</a>";
112

113 114 115
# So subscripts always know ...
putenv("HTTP_SCRIPT=1");

116 117 118 119 120 121 122 123 124
#
# Special headers alterting browsers to the fact that there's an RSS feed
# available for the page. Intended to be passed as an $extra_headers argument
# to PAGEHEADER
#
$RSS_HEADER_NEWS = "<link rel=\"alternate\" type=\"application/rss+xml\" " .
           "title=\"Emulab News\" href=\"$TBDOCBASE/news-rss.php3\" />";


125 126 127 128
#
# Database constants and the like.
#
include("dbdefs.php3");
129
include("url_defs.php");
130 131 132
include("user_defs.php");
include("group_defs.php");
include("project_defs.php");
133
include("experiment_defs.php");
134

135 136 137 138 139 140 141 142
#
# Control how error messages are returned to the user. If the session is
# not actually "interactive" then do not send any output to the browser.
# Just save it up and let the page deal with it. 
#
$session_interactive  = 1;
$session_errorhandler = 0;

143 144 145 146 147 148 149 150 151
#
# Wrap up the mail function so we can prepend a tag to the subject
# line that indicates what testbed. Useful when multiple testbed
# email to the same list.
#
# 
function TBMAIL($to, $subject, $message, $headers = 0)
{
    global $THISHOMEBASE;
152
    global $SCRIPT_NAME;
153 154 155

    $subject = strtoupper($THISHOMEBASE) . ": $subject";

156 157 158 159 160 161 162 163 164
    $tag = "X-NetBed: " . basename($SCRIPT_NAME);
    
    if ($headers) {
	$headers = "$headers\n" . $tag;
    }
    else {
	$headers = $tag;
    }
    return mail($to, $subject, $message, $headers);
165 166
}

167 168 169 170 171
#
# Internal errors should be reported back to the user simply. The actual 
# error information should be emailed to the list for action. The script
# should then terminate if required to do so.
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
172
function TBERROR ($message, $death, $xmp = 0) {
173 174 175
    global $TBMAIL_WWW, $TBMAIL_OPS, $TBMAILADDR, $TBMAILADDR_OPS;
    global $session_interactive, $session_errorhandler;
    $script = urldecode($_SERVER['REQUEST_URI']);
176

177 178
    CLEARBUSY();

179 180
    TBMAIL($TBMAIL_OPS,
         "WEB ERROR REPORT",
181
         "\n".
182
	 "In $script\n\n".
183 184 185
         "$message\n\n".
         "Thanks,\n".
         "Testbed WWW\n",
186
         "From: $TBMAIL_OPS\n".
187
         "Errors-To: $TBMAIL_WWW");
188

189
    if ($death) {
190 191 192 193 194 195 196
	if ($session_interactive)
	    PAGEERROR("Could not continue. Please contact $TBMAILADDR");
	elseif ($session_errorhandler) {
	    $session_errorhandler("Could not continue. ".
				  "Please contact $TBMAILADDR_OPS", $death);
	}
	exit(1);
197 198 199
    }
    return 0;
}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
200 201 202 203 204

#
# General user errors should print something warm and fuzzy
#
function USERERROR($message, $death) {
205
    global $TBMAILADDR;
206 207
    global $session_interactive, $session_errorhandler;

208 209
    CLEARBUSY();

210 211 212 213 214 215 216 217 218 219
    if (! $session_interactive) {
	if ($session_errorhandler)
	    $session_errorhandler($message, $death);
	else
	    echo "$message";

	if ($death)
	    exit(1);
	return;
    }
220

221
    $msg = "<font size=+1><br>
222
            $message
223
      	    </font>
224
            <br><br><br>
225 226 227
            <font size=-1>
            Please contact $TBMAILADDR if you feel this message is an error.
            </font>\n";
228

Leigh B. Stoller's avatar
Leigh B. Stoller committed
229
    if ($death) {
230
	PAGEERROR($msg);
Leigh B. Stoller's avatar
Leigh B. Stoller committed
231
    }
232 233
    else
        echo "$msg\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
234 235
}

236 237 238 239 240 241 242 243
#
# A form error.
#
function FORMERROR($field) {
    USERERROR("Missing field; ".
              "Please go back and fill out the \"$field\" field!", 1);
}

244 245 246
#
# A page argument error. 
# 
247 248 249 250 251 252 253
function PAGEARGERROR($msg = 0) {
    $default = "Invalid page arguments: " . $_SERVER['REQUEST_URI'];

    if ($msg) {
	$default = "$default<br><br>$msg";
    }
    USERERROR($default, 1);
254 255
}

256
#
257
# SUEXEC stuff.
258
#
259 260
# Save this stuff so we can generate better error messages and such.
# 
261 262 263 264
$suexec_cmdandargs   = "";
$suexec_retval       = 0;
$suexec_output       = "";
$suexec_output_array = null;
265

266 267 268 269 270 271 272
#
# Actions for suexec. 
#
define("SUEXEC_ACTION_CONTINUE",	0);
define("SUEXEC_ACTION_DIE",		1);
define("SUEXEC_ACTION_USERERROR",	2);
define("SUEXEC_ACTION_IGNORE",		3);
273
define("SUEXEC_ACTION_DUPDIE",		4);
274

275 276 277 278 279
#
# An suexec error.
#
function SUEXECERROR($action)
{
280
    global $suexec_cmdandargs, $suexec_retval;
281
    global $suexec_output;
282

283 284
    $foo  = "Shell Program Error. Exit status: $suexec_retval\n";
    $foo .= "  '$suexec_cmdandargs'\n";
285 286 287
    $foo .= "\n";
    $foo .= $suexec_output;

288 289
    switch ($action) {
    case SUEXEC_ACTION_CONTINUE:
290
	TBERROR($foo, 0, 1);
291 292 293 294 295 296 297 298 299
        break;
    case SUEXEC_ACTION_DIE:
	TBERROR($foo, 1, 1);
        break;
    case SUEXEC_ACTION_USERERROR:
	USERERROR("<XMP>$foo</XMP>", 1);
        break;
    case SUEXEC_ACTION_IGNORE:
	break;
300 301 302 303
    case SUEXEC_ACTION_DUPDIE:
	TBERROR($foo, 0, 1);
	USERERROR("<XMP>$foo</XMP>", 1);
        break;
304 305 306 307 308 309 310 311 312 313
    default:
	TBERROR($foo, 1, 1);
    }
}

#
# Run a program as a user.
#
function SUEXEC($uid, $gid, $cmdandargs, $action) {
    global $TBSUEXEC_PATH;
314 315
    global $suexec_cmdandargs, $suexec_retval;
    global $suexec_output, $suexec_output_array;
316 317 318

    ignore_user_abort(1);

319 320 321 322
    $suexec_cmdandargs   = "$uid $gid $cmdandargs";
    $suexec_output_array = array();
    $suexec_output       = "";
    $suexec_retval       = 0;
323
    
324 325 326 327 328 329 330 331 332 333 334 335 336
    exec("$TBSUEXEC_PATH $suexec_cmdandargs",
	 $suexec_output_array, $suexec_retval);

    # Yikes! Something is not doing integer conversion properly!
    if ($suexec_retval == 255) {
	$suexec_retval = -1;
    }

    if (count($suexec_output_array)) {
	for ($i = 0; $i < count($suexec_output_array); $i++) {
	    $suexec_output .= "$suexec_output_array[$i]\n";
	}
    }
337 338 339 340 341 342 343 344

    #
    # The output is still available of course, via $suexec_output.
    # 
    if ($suexec_retval == 0 || $action == SUEXEC_ACTION_IGNORE) {
	return $suexec_retval;
    }
    SUEXECERROR($action);
345 346
    # Must return the shell value!
    return $suexec_retval;
347 348
}

349 350 351 352 353 354
#
# We invoke addpubkey as user nobody all the time. The implied user is passed
# along in an HTTP_ variable (see tbauth). This avoids a bunch of confusion
# that results from new users who do not have a context yet. 
#
function ADDPUBKEY($cmdandargs) {
355 356
    global $TBSUEXEC_PATH;

357 358
    return SUEXEC("nobody", "nobody", "webaddpubkey $cmdandargs",
		  SUEXEC_ACTION_CONTINUE);
359 360
}

Leigh B. Stoller's avatar
Leigh B. Stoller committed
361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376
#
# Verify a URL.
#
function CHECKURL($url, &$error) {
    global $HTTPTAG;

    if (strlen($url)) {
	if (strstr($url, " ")) {
	    $error = "URL is malformed; spaces are not allowed!";
	    return 0;
	}
	
	if (strcmp($HTTPTAG, substr($url, 0, strlen($HTTPTAG)))) {
	    $error = "URL is malformed; must begin with $HTTPTAG!";
	    return 0;
	}
377

378
	$fp = @fopen($url, "r");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
379 380 381
	if (!$fp) {
	    $error = "URL is not valid; Cannot be accessed!";
	    return 0;
Leigh B. Stoller's avatar
Leigh B. Stoller committed
382
	}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
383
	fclose($fp);
Leigh B. Stoller's avatar
Leigh B. Stoller committed
384 385 386 387 388 389 390 391 392 393
    }
    return 1;
}

#
# Check a password.
#
function CHECKPASSWORD($uid, $password, $name, $email, &$error)
{
    global $TBCHKPASS_PATH;
394

395 396 397 398 399 400
    # Watch for caller errors since this calls to the shell.
    if (empty($uid) || empty($password) || empty($name) || empty($email)) {
	$error = "";
	return 0;
    }

401 402 403
    $uid      = escapeshellarg($uid);
    $password = escapeshellarg($password);
    $stuff    = escapeshellarg("$name:$email");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
404
    
405
    $mypipe = popen("$TBCHKPASS_PATH $password $uid $stuff", "w+");
Leigh B. Stoller's avatar
Leigh B. Stoller committed
406 407 408 409 410 411 412 413 414 415 416 417 418
    
    if ($mypipe) { 
        $retval=fgets($mypipe, 1024);
        if (strcmp($retval,"ok\n") != 0) {
	    $error = "$retval";
	    return 0;
	}
	return 1;
    }
    TBERROR("Checkpass Failure! Returned '$mypipe'.\n\n".
	    "$TBCHKPASS_PATH $password $uid '$name:$email'", 1);
}

419 420 421 422 423 424 425 426 427 428 429 430 431 432 433
#
# Grab a UUID (universally unique identifier).
#
function NewUUID()
{
    global $UUIDGEN_PATH;

    $uuid = shell_exec($UUIDGEN_PATH);
    
    if (isset($uuid) && $uuid != "") {
	return rtrim($uuid);
    }
    TBERROR("$UUIDGEN_PATH Failure", 1);
}

434 435 436 437
function LASTNODELOGIN($node)
{
}

438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460
function VALIDUSERPATH($path, $uid="", $pid="", $gid="", $eid="")
{
    global $TBPROJ_DIR, $TBUSER_DIR, $TBGROUP_DIR, $TBSCRATCH_DIR;

    #
    # No ids specified, just make sure it starts with an appropriate prefix.
    #
    if (!$uid && !$pid && !$gid && !$eid) {
	if (ereg("^$TBPROJ_DIR/.*", $path) ||
	    ereg("^$TBUSER_DIR/.*", $path) ||
	    ereg("^$TBGROUP_DIR/.*", $path)) {
	    return 1;
	}
	if ($TBSCRATCH_DIR && ereg("^$TBSCRATCH_DIR/.*", $path)) {
	    return 1;
	}
	return 0;
    }

    # XXX for now, see tbsetup/libtestbed.pm for what should happen
    return 0;
}

461 462 463 464 465 466 467 468 469 470 471 472 473 474 475 476
#
# A function to print the contents of an array (recursively).
# Mostly useful for debugging.
#
function ARRAY_PRINT($arr) {
  if (!is_array($arr)) { echo "non-array '$arr'\n"; }
  foreach ($arr as $i => $val) {
    echo("'$i' - '$val'\n");
    if (is_array($val)) {
      echo "Sub-array $i:\n";
      array_print($val);
      echo "End Sub-array $i.\n";
    }
  }
}

477 478 479 480 481 482 483
#
# Return Yes or No given boolean
#
function YesNo($bool) {
    return ($bool ? "Yes" : "No");
}

484 485 486 487
#
# Beware empty spaces (cookies)!
# 
require("tbauth.php3");
488 489 490 491 492

#
# Okay, this is what checks the login and spits out the menu.
#
require("menu.php3");
493
?>