Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
emulab-devel
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
143
Issues
143
List
Boards
Labels
Service Desk
Milestones
Merge Requests
6
Merge Requests
6
Operations
Operations
Incidents
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
emulab
emulab-devel
Commits
0e17f951
Commit
0e17f951
authored
Dec 14, 2014
by
Leigh B Stoller
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Minor refactoring to allow easier login checks from APT login path.
Add check for pswd_expires=null setting; never expires.
parent
25d378be
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
36 additions
and
17 deletions
+36
-17
www/aptui/quickvm_sup.php
www/aptui/quickvm_sup.php
+4
-3
www/tbauth.php3
www/tbauth.php3
+32
-14
No files found.
www/aptui/quickvm_sup.php
View file @
0e17f951
...
...
@@ -35,6 +35,8 @@ $ISAPT = 1;
$ISCLOUD
=
0
;
$ISVSERVER
=
0
;
$GOOGLEUA
=
'UA-45161989-1'
;
# See tbauth.php3
$CHANGEPSWD_PAGE
=
"changepswd.php"
;
#
# Global flag to disable accounts. We do this on some pages which
...
...
@@ -741,7 +743,7 @@ function RedirectLoginPage()
#
# Check the login and redirect to login page.
#
function
CheckLoginOrRedirect
()
function
CheckLoginOrRedirect
(
$modifier
=
0
)
{
RedirectSecure
();
...
...
@@ -750,8 +752,7 @@ function CheckLoginOrRedirect()
if
(
!
(
$check_status
&
CHECKLOGIN_LOGGEDIN
))
{
RedirectLoginPage
();
}
# Catch other illegal login issues.
CheckLoginOrDie
();
CheckLoginConditions
(
$check_status
&
~
$modifier
);
return
$this_user
;
}
...
...
www/tbauth.php3
View file @
0e17f951
...
...
@@ -67,8 +67,8 @@ define("CHECKLOGIN_WEBONLY", 0x040000);
define
(
"CHECKLOGIN_PLABUSER"
,
0x080000
);
define
(
"CHECKLOGIN_STUDLY"
,
0x100000
);
define
(
"CHECKLOGIN_WIKIONLY"
,
0x200000
);
define
(
"CHECKLOGIN_OPSGUY"
,
0x400000
);
# Member of emulab-ops.
define
(
"CHECKLOGIN_ISFOREIGN_ADMIN"
,
0x800000
);
# Admin of another Emulab.
define
(
"CHECKLOGIN_OPSGUY"
,
0x400000
);
# Member of emulab-ops.
define
(
"CHECKLOGIN_ISFOREIGN_ADMIN"
,
0x800000
);
# Admin of another Emulab.
#
# Constants for tracking possible login attacks.
...
...
@@ -83,6 +83,9 @@ define("DOLOGIN_STATUS_ERROR", -1);
define
(
"DOLOGIN_STATUS_IPFREEZE"
,
-
2
);
define
(
"DOLOGIN_STATUS_WEBFREEZE"
,
-
3
);
# So we can redefine this in the APT pages.
$CHANGEPSWD_PAGE
=
"moduserinfo.php3"
;
#
# Generate a hash value suitable for authorization. We use the results of
# microtime, combined with a random number.
...
...
@@ -417,7 +420,7 @@ function LoginStatus() {
# Now add in the modifiers.
#
# Do not expire passwords for admin users.
if
(
$expired
&&
!
$admin
)
if
(
!
is_null
(
$expired
)
&&
$expired
&&
!
$admin
)
$CHECKLOGIN_STATUS
|=
CHECKLOGIN_PSWDEXPIRED
;
if
(
$admin
)
$CHECKLOGIN_STATUS
|=
CHECKLOGIN_ISADMIN
;
...
...
@@ -554,14 +557,22 @@ function LOGGEDINORDIE($uid, $modifier = 0, $login_url = NULL) {
TBERROR
(
"LOGGEDINORDIE failed mysteriously"
,
1
);
}
$status
=
$status
&
~
$modifier
;
CheckLoginConditions
(
$status
&
~
$modifier
)
;
#
# Check other conditions.
#
# No one should ever look at the return value of this function.
return
null
;
}
#
# Check other conditions.
#
function
CheckLoginConditions
(
$status
)
{
global
$CHANGEPSWD_PAGE
;
if
(
$status
&
CHECKLOGIN_PSWDEXPIRED
)
USERERROR
(
"Your password has expired. "
.
"<a href=
moduserinfo.php3>Please change it now!
</a>"
,
"<a href=
'
$CHANGEPSWD_PAGE
'>Please change it now.
</a>"
,
1
,
HTTP_403_FORBIDDEN
);
if
(
$status
&
CHECKLOGIN_FROZEN
)
USERERROR
(
"Your account has been frozen!"
,
...
...
@@ -585,10 +596,7 @@ function LOGGEDINORDIE($uid, $modifier = 0, $login_url = NULL) {
#
if
(
NOLOGINS
()
&&
!
ISADMIN
())
USERERROR
(
"Sorry. The Web Interface is "
.
"<a href=nologins.php3>Temporarily Unavailable!</a>"
,
1
);
# No one should ever look at the return value of this function.
return
null
;
"temporarily unavailable. Please check back later."
,
1
);
}
#
...
...
@@ -612,12 +620,22 @@ function CheckLoginOrDie($modifier = 0, $login_url = NULL)
#
function
CheckLogin
(
&
$status
)
{
global
$CHECKLOGIN_USER
;
global
$CHECKLOGIN_USER
,
$CHECKLOGIN_STATUS
;
$status
=
LoginStatus
();
# If login looks valid, return the user.
if
(
$status
&
(
CHECKLOGIN_LOGGEDIN
|
CHECKLOGIN_MAYBEVALID
))
{
if
(
$status
&
(
CHECKLOGIN_LOGGEDIN
|
CHECKLOGIN_MAYBEVALID
))
{
#
# Check for NOLOGINS.
# We want to allow admin types to continue using the web interface,
# and logout anyone else that is currently logged in!
#
if
(
NOLOGINS
()
&&
!
ISADMIN
())
{
DOLOGOUT
(
$CHECKLOGIN_USER
);
$status
=
$CHECKLOGIN_STATUS
;
return
null
;
}
if
(
$status
&
CHECKLOGIN_LOGGEDIN
)
{
BumpLogoutTime
();
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment