defs.php3.in 6.49 KB
Newer Older
1 2
<?php
#
3
# Standard definitions! 
4
#
5 6
$TBDIR          = "@prefix@/";
$WWWDEFS        = "@WWWDEFS@";
7
$OURDOMAIN      = "@OURDOMAIN@";
8
$BOSSNODE       = "@BOSSNODE@";
9
$TBADMINGROUP   = "@TBADMINGROUP@";
10

11 12 13 14 15 16
$TBMAILADDR_OPS		= "@TBOPSEMAIL_NOSLASH@";
$TBMAILADDR_WWW		= "@TBWWWEMAIL_NOSLASH@";
$TBMAILADDR_APPROVAL	= "@TBAPPROVALEMAIL_NOSLASH@";
$TBMAILADDR_LOGS	= "@TBLOGSEMAIL_NOSLASH@";
$TBMAILADDR_AUDIT	= "@TBAUDITEMAIL_NOSLASH@";

17 18 19
# Overridden by the defs file!
$TBMAINSITE     = 0;

20 21 22 23 24
#
# Include configure selected definitions.
#
include("$WWWDEFS"."-defs.php3");

Leigh B. Stoller's avatar
Leigh B. Stoller committed
25 26
$TBWWW_DIR	= "$TBDIR"."www/";
$TBBIN_DIR	= "$TBDIR"."bin/";
27
$TBETC_DIR	= "$TBDIR"."etc/";
28 29 30
$TBLIBEXEC_DIR	= "$TBDIR"."libexec/";
$TBSUEXEC_PATH  = "$TBLIBEXEC_DIR/suexec";
$TBCHKPASS_PATH = "$TBLIBEXEC_DIR/checkpass";
31
$TBCSLOGINS     = "$TBETC_DIR/cslogins";
32

33 34
#
# Hardcoded check against $WWWHOST, to prevent anyone from accidentally setting
35
# $TBMAINSITE when it should not be
36 37 38 39 40
#
if ($WWWHOST != "www.emulab.net") {
    $TBMAINSITE = 0;
}

41
$TBPROJ_DIR     = "/proj";
42
$TBUSER_DIR	= "/users";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
43
$TBNSSUBDIR     = "nsdir";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
44

45 46
$TBAUTHCOOKIE   = "HashCookie" . $TBCOOKIESUFFIX;
$TBNAMECOOKIE   = "MyUidCookie" . $TBCOOKIESUFFIX;
47
$TBAUTHTIMEOUT  = 21600;
48

49 50
$HTTPTAG        = "http://";

51 52 53 54 55 56
$TBMAIL_OPS		= "Testbed Ops <$TBMAILADDR_OPS>";
$TBMAIL_WWW		= "Testbed WWW <$TBMAILADDR_WWW>";
$TBMAIL_APPROVAL	= "Testbed Approval <$TBMAILADDR_APPROVAL>";
$TBMAIL_LOGS		= "Testbed Logs <$TBMAILADDR_LOGS>";
$TBMAIL_AUDIT		= "Testbed Audit <$TBMAILADDR_AUDIT>";

57
#
58 59 60
# This just spits out an email address in a page, so it does not need
# to be configured per development tree. It could be though ...
# 
61 62
$TBMAILADDR     = "<a href=\"mailto:$TBMAILADDR_OPS\">
                      Testbed Operations ($TBMAILADDR_OPS)</a>";
63

64 65 66 67 68
#
# Database constants and the like.
#
include("dbdefs.php3");

69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86
#
# Wrap up the mail function so we can prepend a tag to the subject
# line that indicates what testbed. Useful when multiple testbed
# email to the same list.
#
# 
function TBMAIL($to, $subject, $message, $headers = 0)
{
    global $THISHOMEBASE;

    $subject = strtoupper($THISHOMEBASE) . ": $subject";

    if ($headers)
	    return mail($to, $subject, $message, $headers);
    else
	    return mail($to, $subject, $message);
}

87 88 89 90 91
#
# Internal errors should be reported back to the user simply. The actual 
# error information should be emailed to the list for action. The script
# should then terminate if required to do so.
#
92
function TBERROR ($message, $death, $xmp = 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
93
    global $TBMAIL_WWW, $TBMAIL_OPS, $TBMAILADDR;
94

95 96
    TBMAIL($TBMAIL_OPS,
         "WEB ERROR REPORT",
97 98 99 100
         "\n".
         "$message\n\n".
         "Thanks,\n".
         "Testbed WWW\n",
101
         "From: $TBMAIL_OPS\n".
102
         "Errors-To: $TBMAIL_WWW");
103

104
    if ($death) {
105 106 107
	# Allow sendmail to run.
	sleep(1);
    
108 109 110
	if ($xmp)
	    $message = "<XMP>$message</XMP>\n";
	
111
            $msg = "<font size=+1><br>
112 113
                    $message
	            <br>	
114
        	    </font>
115 116 117 118
                    <p><p>
		    Could not continue. Please contact $TBMAILADDR\n";

	    PAGEERROR($msg);
119 120 121
    }
    return 0;
}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
122 123 124 125 126

#
# General user errors should print something warm and fuzzy
#
function USERERROR($message, $death) {
127 128
    global $TBMAILADDR;

129
    $msg = "<font size=+1><br>
130 131
            $message
            <br>	
132
      	    </font>
133 134
            <p><p>
            Please contact $TBMAILADDR if you feel this message is an error.";
135

Leigh B. Stoller's avatar
Leigh B. Stoller committed
136
    if ($death) {
137
	PAGEERROR($msg);
Leigh B. Stoller's avatar
Leigh B. Stoller committed
138
    }
139 140
    else
        echo "$msg\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
141 142
}

143 144 145 146 147 148 149 150
#
# A form error.
#
function FORMERROR($field) {
    USERERROR("Missing field; ".
              "Please go back and fill out the \"$field\" field!", 1);
}

151 152 153 154
#
# Run a program as a user.
#
function SUEXEC($uid, $gid, $cmdandargs, $die) {
155
    global $TBSUEXEC_PATH;
156

157 158
    ignore_user_abort(1);

159 160
    $output = array();
    $retval = 0;
161
    $result = exec("$TBSUEXEC_PATH $uid $gid $cmdandargs",
162 163 164
		   $output, $retval);

    if ($retval) {
165
	$foo = "";
166
        for ($i = 0; $i < count($output); $i++) {
167
	    $foo .= "$output[$i]\n";
168 169
	}
	
170
	TBERROR("SUEXEC failure: '$uid/$gid $cmdandargs'\n".
171 172
		"Error output:\n\n".
                "$foo", $die, 1);
173 174 175 176
    }
    return $retval;
}

177 178 179
function ADDPUBKEY($uid, $cmdandargs) {
    global $TBSUEXEC_PATH;

180 181 182 183 184 185 186 187 188 189 190 191
    #
    # Complication. User might not have an actual account if setting or
    # changing his own pubkeys. webonly, unapproved, and unverified users
    # can still muck with their personal info. So, just invoke as user
    # nobody. We will get audit email in case we need to track what has
    # happened. 
    #
    if (! HASREALACCOUNT($uid)) {
	$uid = "nobody";
    }
    return SUEXEC($uid, nobody, $cmdandargs, 0);
}
192

193 194
function MKACCT($uid, $cmdandargs) {
    global $TBSUEXEC_PATH;
195

196 197 198 199 200 201 202 203 204 205 206
    #
    # Complication. User might not have an actual account if operating on
    # his own personal info. webonly, unapproved, and unverified users
    # can still muck with their personal info. But, no point in running
    # mkacct since by definition there is no real accounts locally to
    # mess with. Just silently do nothing.
    #
    if (! HASREALACCOUNT($uid)) {
	return 0;
    }
    return SUEXEC($uid, nobody, $cmdandargs, 0);
207 208
}

209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224
#
# Verify a URL.
#
function CHECKURL($url, &$error) {
    global $HTTPTAG;

    if (strlen($url)) {
	if (strstr($url, " ")) {
	    $error = "URL is malformed; spaces are not allowed!";
	    return 0;
	}
	
	if (strcmp($HTTPTAG, substr($url, 0, strlen($HTTPTAG)))) {
	    $error = "URL is malformed; must begin with $HTTPTAG!";
	    return 0;
	}
225

226 227
	$fp = @fopen($url, "r");
	if (! $fp) {
228
	    # Check to see if it was a redirect, in which case its OK
229 230 231 232 233 234 235 236 237 238 239
	    for ($i = 0; $i < count($http_response_header); $i++) {
		if (!strcmp("Location:", substr($http_response_header[$i],0,9))) {
		    $is_redirect = 1;
		}
	    }
	    if (!$is_redirect) {
		$error = "URL is not valid; Cannot be accessed!";
		return 0;
	    }
	} else {
	    fclose($fp);
240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267
	}
    }
    return 1;
}

#
# Check a password.
#
function CHECKPASSWORD($uid, $password, $name, $email, &$error)
{
    global $TBCHKPASS_PATH;
    
    $mypipe =
	popen(escapeshellcmd("$TBCHKPASS_PATH $password $uid '$name:$email'"),
	      "w+");
    
    if ($mypipe) { 
        $retval=fgets($mypipe, 1024);
        if (strcmp($retval,"ok\n") != 0) {
	    $error = "$retval";
	    return 0;
	}
	return 1;
    }
    TBERROR("Checkpass Failure! Returned '$mypipe'.\n\n".
	    "$TBCHKPASS_PATH $password $uid '$name:$email'", 1);
}

268 269 270 271
function LASTNODELOGIN($node)
{
}

272 273 274 275
#
# Beware empty spaces (cookies)!
# 
require("tbauth.php3");
276 277 278 279 280

#
# Okay, this is what checks the login and spits out the menu.
#
require("menu.php3");
281
?>