defs.php3.in

<?php
#
# EMULAB-COPYRIGHT
# Copyright (c) 2000-2007 University of Utah and the Flux Group.
# All rights reserved.
#
# Lets emulate register_globals=off for a while.
include("unregister_globals.php");

#
# Standard definitions.
#
$TBDIR          = "@prefix@/";
$OURDOMAIN      = "@OURDOMAIN@";
$BOSSNODE       = "@BOSSNODE@";
$USERNODE       = "@USERNODE@";
$CVSNODE	= "cvs.${OURDOMAIN}";
$TBADMINGROUP   = "@TBADMINGROUP@";
$WWWHOST	= "@WWWHOST@";
$WWW		= "@WWW@";
$TBAUTHDOMAIN	= "@TBAUTHDOMAIN@";
$TBBASE		= "@TBBASE@";
$TBDOCBASE	= "@TBDOCBASE@";
$TBWWW		= "@TBWWW@";
$THISHOMEBASE	= "@THISHOMEBASE@";
$ELABINELAB     = @ELABINELAB@;
$WIKISUPPORT    = @WIKISUPPORT@;
$BUGDBSUPPORT   = @BUGDBSUPPORT@;
$CVSSUPPORT     = @CVSSUPPORT@;
$MAILMANSUPPORT = @MAILMANSUPPORT@;
$CHATSUPPORT    = @CHATSUPPORT@;
$CONTROL_NETWORK= "@CONTROL_NETWORK@";
$WIKIHOME       = "https://${USERNODE}/twiki";
$WIKIURL        = "${WIKIHOME}/bin/newlogon";
$WIKICOOKIENAME = "WikiCookie";
$BUGDBURL       = "https://${USERNODE}/flyspray";
$BUGDBCOOKIENAME= "FlysprayCookie";
$MAILMANURL     = "http://${USERNODE}/mailman";
$OPSCVSURL      = "http://${USERNODE}/cvsweb/cvsweb.cgi";
$OPSJETIURL     = "http://${USERNODE}/jabber/jeti.php";
$MIN_UNIX_UID   = @MIN_UNIX_UID@;
$MIN_UNIX_GID   = @MIN_UNIX_GID@;
$EXPOSELINKTEST = 1;
$EXPOSESTATESAVE= 0;
$EXPOSEARCHIVE  = 0;
$EXPOSETEMPLATES= 0;
$USERSELECTUIDS = 1;

$TBMAILADDR_OPS		= "@TBOPSEMAIL_NOSLASH@";
$TBMAILADDR_WWW		= "@TBWWWEMAIL_NOSLASH@";
$TBMAILADDR_APPROVAL	= "@TBAPPROVALEMAIL_NOSLASH@";
$TBMAILADDR_LOGS	= "@TBLOGSEMAIL_NOSLASH@";
$TBMAILADDR_AUDIT	= "@TBAUDITEMAIL_NOSLASH@";

# Can override this in the defs file. 
$TBAUTHTIMEOUT  = "@TBAUTHTIMEOUT@";
$TBMAINSITE     = "@TBMAINSITE@";
$TBSECURECOOKIES= "@TBSECURECOOKIES@";
$TBCOOKIESUFFIX = "@TBCOOKIESUFFIX@";
$FANCYBANNER    = "@FANCYBANNER@";

$TBWWW_DIR	= "$TBDIR"."www/";
$TBBIN_DIR	= "$TBDIR"."bin/";
$TBETC_DIR	= "$TBDIR"."etc/";
$TBLIBEXEC_DIR	= "$TBDIR"."libexec/";
$TBSUEXEC_PATH  = "$TBLIBEXEC_DIR/suexec";
$TBCHKPASS_PATH = "$TBLIBEXEC_DIR/checkpass";
$TBCSLOGINS     = "$TBETC_DIR/cslogins";
$UUIDGEN_PATH   = "/usr/bin/uuidgen";

#
# Hardcoded check against $WWWHOST, to prevent anyone from accidentally setting
# $TBMAINSITE when it should not be
#
if ($WWWHOST != "www.emulab.net") {
    $TBMAINSITE = 0;
}

$TBPROJ_DIR     = "@PROJROOT_DIR@";
$TBUSER_DIR	= "@USERSROOT_DIR@";
$TBGROUP_DIR	= "@GROUPSROOT_DIR@";
$TBSCRATCH_DIR	= "@SCRATCHROOT_DIR@";
$TBCVSREPO_DIR  = "$TBPROJ_DIR/cvsrepos";
$TBNSSUBDIR     = "nsdir";

$TBVALIDDIRS	  = "$TBPROJ_DIR, $TBUSER_DIR, $TBGROUP_DIR";
$TBVALIDDIRS_HTML = "<code>$TBPROJ_DIR</code>, <code>$TBUSER_DIR</code>, <code>$TBGROUP_DIR</code>";
if ($TBSCRATCH_DIR) {
    $TBVALIDDIRS .= ", $TBSCRATCH_DIR";
    $TBVALIDDIRS_HTML .= ", <code>$TBSCRATCH_DIR</code>";
}

$TBAUTHCOOKIE   = "NewHashCookie" . $TBCOOKIESUFFIX;
$TBNAMECOOKIE   = "NewMyUidCookie" . $TBCOOKIESUFFIX;
$TBEMAILCOOKIE  = "MyEmailCookie" . $TBCOOKIESUFFIX;
$TBLOGINCOOKIE  = "NewLoginCookie" . $TBCOOKIESUFFIX;

$HTTPTAG        = "http://";

$TBMAIL_OPS		= "Testbed Ops <$TBMAILADDR_OPS>";
$TBMAIL_WWW		= "Testbed WWW <$TBMAILADDR_WWW>";
$TBMAIL_APPROVAL	= "Testbed Approval <$TBMAILADDR_APPROVAL>";
$TBMAIL_LOGS		= "Testbed Logs <$TBMAILADDR_LOGS>";
$TBMAIL_AUDIT		= "Testbed Audit <$TBMAILADDR_AUDIT>";

#
# This just spits out an email address in a page, so it does not need
# to be configured per development tree. It could be though ...
# 
$TBMAILADDR     = "<a href=\"mailto:$TBMAILADDR_OPS\">
                      Testbed Operations ($TBMAILADDR_OPS)</a>";

# So subscripts always know ...
putenv("HTTP_SCRIPT=1");

#
# Special headers alterting browsers to the fact that there's an RSS feed
# available for the page. Intended to be passed as an $extra_headers argument
# to PAGEHEADER
#
$RSS_HEADER_NEWS = "<link rel=\"alternate\" type=\"application/rss+xml\" " .
           "title=\"Emulab News\" href=\"$TBDOCBASE/news-rss.php3\" />";


#
# Database constants and the like.
#
include("dbdefs.php3");
include("url_defs.php");
include("user_defs.php");
include("group_defs.php");
include("project_defs.php");
include("experiment_defs.php");

#
# Control how error messages are returned to the user. If the session is
# not actually "interactive" then do not send any output to the browser.
# Just save it up and let the page deal with it. 
#
$session_interactive  = 1;
$session_errorhandler = 0;

#
# Wrap up the mail function so we can prepend a tag to the subject
# line that indicates what testbed. Useful when multiple testbed
# email to the same list.
#
# 
function TBMAIL($to, $subject, $message, $headers = 0)
{
    global $THISHOMEBASE;
    global $SCRIPT_NAME;

    $subject = strtoupper($THISHOMEBASE) . ": $subject";

    $tag = "X-NetBed: " . basename($SCRIPT_NAME);
    
    if ($headers) {
	$headers = "$headers\n" . $tag;
    }
    else {
	$headers = $tag;
    }
    return mail($to, $subject, $message, $headers);
}

#
# Internal errors should be reported back to the user simply. The actual 
# error information should be emailed to the list for action. The script
# should then terminate if required to do so.
#
function TBERROR ($message, $death, $xmp = 0) {
    global $TBMAIL_WWW, $TBMAIL_OPS, $TBMAILADDR, $TBMAILADDR_OPS;
    global $session_interactive, $session_errorhandler;
    $script = urldecode($_SERVER['REQUEST_URI']);

    CLEARBUSY();

    TBMAIL($TBMAIL_OPS,
         "WEB ERROR REPORT",
         "\n".
	 "In $script\n\n".
         "$message\n\n".
         "Thanks,\n".
         "Testbed WWW\n",
         "From: $TBMAIL_OPS\n".
         "Errors-To: $TBMAIL_WWW");

    if ($death) {
	if ($session_interactive)
	    PAGEERROR("Could not continue. Please contact $TBMAILADDR");
	elseif ($session_errorhandler) {
	    $session_errorhandler("Could not continue. ".
				  "Please contact $TBMAILADDR_OPS", $death);
	}
	exit(1);
    }
    return 0;
}

#
# General user errors should print something warm and fuzzy
#
function USERERROR($message, $death) {
    global $TBMAILADDR;
    global $session_interactive, $session_errorhandler;

    CLEARBUSY();

    if (! $session_interactive) {
	if ($session_errorhandler)
	    $session_errorhandler($message, $death);
	else
	    echo "$message";

	if ($death)
	    exit(1);
	return;
    }

    $msg = "<font size=+1><br>
            $message
      	    </font>
            <br><br><br>
            <font size=-1>
            Please contact $TBMAILADDR if you feel this message is an error.
            </font>\n";

    if ($death) {
	PAGEERROR($msg);
    }
    else
        echo "$msg\n";
}

#
# A form error.
#
function FORMERROR($field) {
    USERERROR("Missing field; ".
              "Please go back and fill out the \"$field\" field!", 1);
}

#
# A page argument error. 
# 
function PAGEARGERROR($msg = 0) {
    $default = "Invalid page arguments: " . $_SERVER['REQUEST_URI'];

    if ($msg) {
	$default = "$default<br><br>$msg";
    }
    USERERROR($default, 1);
}

#
# SUEXEC stuff.
#
# Save this stuff so we can generate better error messages and such.
# 
$suexec_cmdandargs   = "";
$suexec_retval       = 0;
$suexec_output       = "";
$suexec_output_array = null;

#
# Actions for suexec. 
#
define("SUEXEC_ACTION_CONTINUE",	0);
define("SUEXEC_ACTION_DIE",		1);
define("SUEXEC_ACTION_USERERROR",	2);
define("SUEXEC_ACTION_IGNORE",		3);
define("SUEXEC_ACTION_DUPDIE",		4);

#
# An suexec error.
#
function SUEXECERROR($action)
{
    global $suexec_cmdandargs, $suexec_retval;
    global $suexec_output;

    $foo  = "Shell Program Error. Exit status: $suexec_retval\n";
    $foo .= "  '$suexec_cmdandargs'\n";
    $foo .= "\n";
    $foo .= $suexec_output;

    switch ($action) {
    case SUEXEC_ACTION_CONTINUE:
	TBERROR($foo, 0, 1);
        break;
    case SUEXEC_ACTION_DIE:
	TBERROR($foo, 1, 1);
        break;
    case SUEXEC_ACTION_USERERROR:
	USERERROR("<XMP>$foo</XMP>", 1);
        break;
    case SUEXEC_ACTION_IGNORE:
	break;
    case SUEXEC_ACTION_DUPDIE:
	TBERROR($foo, 0, 1);
	USERERROR("<XMP>$foo</XMP>", 1);
        break;
    default:
	TBERROR($foo, 1, 1);
    }
}

#
# Run a program as a user.
#
function SUEXEC($uid, $gid, $cmdandargs, $action) {
    global $TBSUEXEC_PATH;
    global $suexec_cmdandargs, $suexec_retval;
    global $suexec_output, $suexec_output_array;

    ignore_user_abort(1);

    $suexec_cmdandargs   = "$uid $gid $cmdandargs";
    $suexec_output_array = array();
    $suexec_output       = "";
    $suexec_retval       = 0;
    
    exec("$TBSUEXEC_PATH $suexec_cmdandargs",
	 $suexec_output_array, $suexec_retval);

    # Yikes! Something is not doing integer conversion properly!
    if ($suexec_retval == 255) {
	$suexec_retval = -1;
    }

    if (count($suexec_output_array)) {
	for ($i = 0; $i < count($suexec_output_array); $i++) {
	    $suexec_output .= "$suexec_output_array[$i]\n";
	}
    }

    #
    # The output is still available of course, via $suexec_output.
    # 
    if ($suexec_retval == 0 || $action == SUEXEC_ACTION_IGNORE) {
	return $suexec_retval;
    }
    SUEXECERROR($action);
    # Must return the shell value!
    return $suexec_retval;
}

#
# We invoke addpubkey as user nobody all the time. The implied user is passed
# along in an HTTP_ variable (see tbauth). This avoids a bunch of confusion
# that results from new users who do not have a context yet. 
#
function ADDPUBKEY($cmdandargs) {
    global $TBSUEXEC_PATH;

    return SUEXEC("nobody", "nobody", "webaddpubkey $cmdandargs",
		  SUEXEC_ACTION_CONTINUE);
}

#
# Verify a URL.
#
function CHECKURL($url, &$error) {
    global $HTTPTAG;

    if (strlen($url)) {
	if (strstr($url, " ")) {
	    $error = "URL is malformed; spaces are not allowed!";
	    return 0;
	}
	
	if (strcmp($HTTPTAG, substr($url, 0, strlen($HTTPTAG)))) {
	    $error = "URL is malformed; must begin with $HTTPTAG!";
	    return 0;
	}

	$fp = @fopen($url, "r");
	if (!$fp) {
	    $error = "URL is not valid; Cannot be accessed!";
	    return 0;
	}
	fclose($fp);
    }
    return 1;
}

#
# Check a password.
#
function CHECKPASSWORD($uid, $password, $name, $email, &$error)
{
    global $TBCHKPASS_PATH;

    # Watch for caller errors since this calls to the shell.
    if (empty($uid) || empty($password) || empty($name) || empty($email)) {
	$error = "";
	return 0;
    }

    $uid      = escapeshellarg($uid);
    $password = escapeshellarg($password);
    $stuff    = escapeshellarg("$name:$email");
    
    $mypipe = popen("$TBCHKPASS_PATH $password $uid $stuff", "w+");
    
    if ($mypipe) { 
        $retval=fgets($mypipe, 1024);
        if (strcmp($retval,"ok\n") != 0) {
	    $error = "$retval";
	    return 0;
	}
	return 1;
    }
    TBERROR("Checkpass Failure! Returned '$mypipe'.\n\n".
	    "$TBCHKPASS_PATH $password $uid '$name:$email'", 1);
}

#
# Grab a UUID (universally unique identifier).
#
function NewUUID()
{
    global $UUIDGEN_PATH;

    $uuid = shell_exec($UUIDGEN_PATH);
    
    if (isset($uuid) && $uuid != "") {
	return rtrim($uuid);
    }
    TBERROR("$UUIDGEN_PATH Failure", 1);
}

function LASTNODELOGIN($node)
{
}

function VALIDUSERPATH($path, $uid="", $pid="", $gid="", $eid="")
{
    global $TBPROJ_DIR, $TBUSER_DIR, $TBGROUP_DIR, $TBSCRATCH_DIR;

    #
    # No ids specified, just make sure it starts with an appropriate prefix.
    #
    if (!$uid && !$pid && !$gid && !$eid) {
	if (ereg("^$TBPROJ_DIR/.*", $path) ||
	    ereg("^$TBUSER_DIR/.*", $path) ||
	    ereg("^$TBGROUP_DIR/.*", $path)) {
	    return 1;
	}
	if ($TBSCRATCH_DIR && ereg("^$TBSCRATCH_DIR/.*", $path)) {
	    return 1;
	}
	return 0;
    }

    # XXX for now, see tbsetup/libtestbed.pm for what should happen
    return 0;
}

#
# A function to print the contents of an array (recursively).
# Mostly useful for debugging.
#
function ARRAY_PRINT($arr) {
  if (!is_array($arr)) { echo "non-array '$arr'\n"; }
  foreach ($arr as $i => $val) {
    echo("'$i' - '$val'\n");
    if (is_array($val)) {
      echo "Sub-array $i:\n";
      array_print($val);
      echo "End Sub-array $i.\n";
    }
  }
}

#
# Return Yes or No given boolean
#
function YesNo($bool) {
    return ($bool ? "Yes" : "No");
}

#
# Beware empty spaces (cookies)!
# 
require("tbauth.php3");

#
# Okay, this is what checks the login and spits out the menu.
#
require("menu.php3");
?>