defs.php3.in 6 KB
Newer Older
1 2
<?php
#
3
# Standard definitions! 
4
#
5 6
$TBDIR          = "@prefix@/";
$WWWDEFS        = "@WWWDEFS@";
7
$OURDOMAIN      = "@OURDOMAIN@";
8
$BOSSNODE       = "@BOSSNODE@";
9
$TBADMINGROUP   = "@TBADMINGROUP@";
10

11 12 13
# Overridden by the defs file!
$TBMAINSITE     = 0;

14 15 16 17 18
#
# Include configure selected definitions.
#
include("$WWWDEFS"."-defs.php3");

Leigh B. Stoller's avatar
Leigh B. Stoller committed
19 20
$TBWWW_DIR	= "$TBDIR"."www/";
$TBBIN_DIR	= "$TBDIR"."bin/";
21
$TBETC_DIR	= "$TBDIR"."etc/";
22 23 24
$TBLIBEXEC_DIR	= "$TBDIR"."libexec/";
$TBSUEXEC_PATH  = "$TBLIBEXEC_DIR/suexec";
$TBCHKPASS_PATH = "$TBLIBEXEC_DIR/checkpass";
25
$TBCSLOGINS     = "$TBETC_DIR/cslogins";
26

27 28
#
# Hardcoded check against $WWWHOST, to prevent anyone from accidentally setting
29
# $TBMAINSITE when it should not be
30 31 32 33 34
#
if ($WWWHOST != "www.emulab.net") {
    $TBMAINSITE = 0;
}

35
$TBPROJ_DIR     = "/proj";
36
$TBUSER_DIR	= "/users";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
37
$TBNSSUBDIR     = "nsdir";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
38

39 40
$TBAUTHCOOKIE   = "HashCookie" . $TBCOOKIESUFFIX;
$TBNAMECOOKIE   = "MyUidCookie" . $TBCOOKIESUFFIX;
41
$TBAUTHTIMEOUT  = 21600;
42

43 44
$HTTPTAG        = "http://";

45
#
46 47 48
# This just spits out an email address in a page, so it does not need
# to be configured per development tree. It could be though ...
# 
49 50
$TBMAILADDR     = "<a href=\"mailto:$TBMAILADDR_OPS\">
                      Testbed Operations ($TBMAILADDR_OPS)</a>";
51

52 53 54 55 56
#
# Database constants and the like.
#
include("dbdefs.php3");

57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74
#
# Wrap up the mail function so we can prepend a tag to the subject
# line that indicates what testbed. Useful when multiple testbed
# email to the same list.
#
# 
function TBMAIL($to, $subject, $message, $headers = 0)
{
    global $THISHOMEBASE;

    $subject = strtoupper($THISHOMEBASE) . ": $subject";

    if ($headers)
	    return mail($to, $subject, $message, $headers);
    else
	    return mail($to, $subject, $message);
}

75 76 77 78 79
#
# Internal errors should be reported back to the user simply. The actual 
# error information should be emailed to the list for action. The script
# should then terminate if required to do so.
#
80
function TBERROR ($message, $death, $xmp = 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
81
    global $TBMAIL_WWW, $TBMAIL_OPS, $TBMAILADDR;
82

83 84
    TBMAIL($TBMAIL_OPS,
         "WEB ERROR REPORT",
85 86 87 88
         "\n".
         "$message\n\n".
         "Thanks,\n".
         "Testbed WWW\n",
89
         "From: $TBMAIL_OPS\n".
90
         "Errors-To: $TBMAIL_WWW");
91

92
    if ($death) {
93 94 95
	# Allow sendmail to run.
	sleep(1);
    
96 97 98
	if ($xmp)
	    $message = "<XMP>$message</XMP>\n";
	
99
            $msg = "<font size=+1><br>
100 101
                    $message
	            <br>	
102
        	    </font>
103 104 105 106
                    <p><p>
		    Could not continue. Please contact $TBMAILADDR\n";

	    PAGEERROR($msg);
107 108 109
    }
    return 0;
}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
110 111 112 113 114

#
# General user errors should print something warm and fuzzy
#
function USERERROR($message, $death) {
115 116
    global $TBMAILADDR;

117
    $msg = "<font size=+1><br>
118 119
            $message
            <br>	
120
      	    </font>
121 122
            <p><p>
            Please contact $TBMAILADDR if you feel this message is an error.";
123

Leigh B. Stoller's avatar
Leigh B. Stoller committed
124
    if ($death) {
125
	PAGEERROR($msg);
Leigh B. Stoller's avatar
Leigh B. Stoller committed
126
    }
127 128
    else
        echo "$msg\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
129 130
}

131 132 133 134 135 136 137 138
#
# A form error.
#
function FORMERROR($field) {
    USERERROR("Missing field; ".
              "Please go back and fill out the \"$field\" field!", 1);
}

139 140 141 142
#
# Run a program as a user.
#
function SUEXEC($uid, $gid, $cmdandargs, $die) {
143
    global $TBSUEXEC_PATH;
144

145 146
    ignore_user_abort(1);

147 148
    $output = array();
    $retval = 0;
149
    $result = exec("$TBSUEXEC_PATH $uid $gid $cmdandargs",
150 151 152
		   $output, $retval);

    if ($retval) {
153
	$foo = "";
154
        for ($i = 0; $i < count($output); $i++) {
155
	    $foo .= "$output[$i]\n";
156 157
	}
	
158 159 160
	TBERROR("SUEXEC failure: '$cmdandargs'\n".
		"Error output:\n\n".
                "$foo", $die, 1);
161 162 163 164
    }
    return $retval;
}

165 166 167
function ADDPUBKEY($uid, $cmdandargs) {
    global $TBSUEXEC_PATH;

168 169 170 171 172 173 174 175 176 177 178 179
    #
    # Complication. User might not have an actual account if setting or
    # changing his own pubkeys. webonly, unapproved, and unverified users
    # can still muck with their personal info. So, just invoke as user
    # nobody. We will get audit email in case we need to track what has
    # happened. 
    #
    if (! HASREALACCOUNT($uid)) {
	$uid = "nobody";
    }
    return SUEXEC($uid, nobody, $cmdandargs, 0);
}
180

181 182
function MKACCT($uid, $cmdandargs) {
    global $TBSUEXEC_PATH;
183

184 185 186 187 188 189 190 191 192 193 194
    #
    # Complication. User might not have an actual account if operating on
    # his own personal info. webonly, unapproved, and unverified users
    # can still muck with their personal info. But, no point in running
    # mkacct since by definition there is no real accounts locally to
    # mess with. Just silently do nothing.
    #
    if (! HASREALACCOUNT($uid)) {
	return 0;
    }
    return SUEXEC($uid, nobody, $cmdandargs, 0);
195 196
}

197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212
#
# Verify a URL.
#
function CHECKURL($url, &$error) {
    global $HTTPTAG;

    if (strlen($url)) {
	if (strstr($url, " ")) {
	    $error = "URL is malformed; spaces are not allowed!";
	    return 0;
	}
	
	if (strcmp($HTTPTAG, substr($url, 0, strlen($HTTPTAG)))) {
	    $error = "URL is malformed; must begin with $HTTPTAG!";
	    return 0;
	}
213

214 215
	$fp = @fopen($url, "r");
	if (! $fp) {
216
	    # Check to see if it was a redirect, in which case its OK
217 218 219 220 221 222 223 224 225 226 227
	    for ($i = 0; $i < count($http_response_header); $i++) {
		if (!strcmp("Location:", substr($http_response_header[$i],0,9))) {
		    $is_redirect = 1;
		}
	    }
	    if (!$is_redirect) {
		$error = "URL is not valid; Cannot be accessed!";
		return 0;
	    }
	} else {
	    fclose($fp);
228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255
	}
    }
    return 1;
}

#
# Check a password.
#
function CHECKPASSWORD($uid, $password, $name, $email, &$error)
{
    global $TBCHKPASS_PATH;
    
    $mypipe =
	popen(escapeshellcmd("$TBCHKPASS_PATH $password $uid '$name:$email'"),
	      "w+");
    
    if ($mypipe) { 
        $retval=fgets($mypipe, 1024);
        if (strcmp($retval,"ok\n") != 0) {
	    $error = "$retval";
	    return 0;
	}
	return 1;
    }
    TBERROR("Checkpass Failure! Returned '$mypipe'.\n\n".
	    "$TBCHKPASS_PATH $password $uid '$name:$email'", 1);
}

256 257 258 259
function LASTNODELOGIN($node)
{
}

260 261 262 263
#
# Beware empty spaces (cookies)!
# 
require("tbauth.php3");
264 265 266 267 268

#
# Okay, this is what checks the login and spits out the menu.
#
require("menu.php3");
269
?>