defs.php3.in 8.41 KB
Newer Older
1 2
<?php
#
3
# Standard definitions! 
4
#
5
$TBDIR          = "@prefix@/";
6
$OURDOMAIN      = "@OURDOMAIN@";
7
$BOSSNODE       = "@BOSSNODE@";
8
$USERNODE       = "@USERNODE@";
9
$TBADMINGROUP   = "@TBADMINGROUP@";
10 11 12 13 14 15 16
$WWWHOST	= "@WWWHOST@";
$WWW		= "@WWW@";
$TBAUTHDOMAIN	= "@TBAUTHDOMAIN@";
$TBBASE		= "@TBBASE@";
$TBDOCBASE	= "@TBDOCBASE@";
$TBWWW		= "@TBWWW@";
$THISHOMEBASE	= "@THISHOMEBASE@";
17

18 19 20 21 22 23
$TBMAILADDR_OPS		= "@TBOPSEMAIL_NOSLASH@";
$TBMAILADDR_WWW		= "@TBWWWEMAIL_NOSLASH@";
$TBMAILADDR_APPROVAL	= "@TBAPPROVALEMAIL_NOSLASH@";
$TBMAILADDR_LOGS	= "@TBLOGSEMAIL_NOSLASH@";
$TBMAILADDR_AUDIT	= "@TBAUDITEMAIL_NOSLASH@";

24 25 26 27 28
# Can override this in the defs file. 
$TBAUTHTIMEOUT  = "@TBAUTHTIMEOUT@";
$TBMAINSITE     = "@TBMAINSITE@";
$TBSECURECOOKIES= "@TBSECURECOOKIES@";
$TBCOOKIESUFFIX = "@TBCOOKIESUFFIX@";
29

Leigh B. Stoller's avatar
Leigh B. Stoller committed
30 31
$TBWWW_DIR	= "$TBDIR"."www/";
$TBBIN_DIR	= "$TBDIR"."bin/";
32
$TBETC_DIR	= "$TBDIR"."etc/";
33 34 35
$TBLIBEXEC_DIR	= "$TBDIR"."libexec/";
$TBSUEXEC_PATH  = "$TBLIBEXEC_DIR/suexec";
$TBCHKPASS_PATH = "$TBLIBEXEC_DIR/checkpass";
36
$TBCSLOGINS     = "$TBETC_DIR/cslogins";
37

38 39
#
# Hardcoded check against $WWWHOST, to prevent anyone from accidentally setting
40
# $TBMAINSITE when it should not be
41 42 43 44 45
#
if ($WWWHOST != "www.emulab.net") {
    $TBMAINSITE = 0;
}

46
$TBPROJ_DIR     = "/proj";
47
$TBUSER_DIR	= "/users";
48
$TBGROUP_DIR	= "/groups";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
49
$TBNSSUBDIR     = "nsdir";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
50

51 52
$TBAUTHCOOKIE   = "HashCookie" . $TBCOOKIESUFFIX;
$TBNAMECOOKIE   = "MyUidCookie" . $TBCOOKIESUFFIX;
53
$TBLOGINCOOKIE  = "LoginCookie" . $TBCOOKIESUFFIX;
54

55 56
$HTTPTAG        = "http://";

57 58 59 60 61 62
$TBMAIL_OPS		= "Testbed Ops <$TBMAILADDR_OPS>";
$TBMAIL_WWW		= "Testbed WWW <$TBMAILADDR_WWW>";
$TBMAIL_APPROVAL	= "Testbed Approval <$TBMAILADDR_APPROVAL>";
$TBMAIL_LOGS		= "Testbed Logs <$TBMAILADDR_LOGS>";
$TBMAIL_AUDIT		= "Testbed Audit <$TBMAILADDR_AUDIT>";

63
#
64 65 66
# This just spits out an email address in a page, so it does not need
# to be configured per development tree. It could be though ...
# 
67 68
$TBMAILADDR     = "<a href=\"mailto:$TBMAILADDR_OPS\">
                      Testbed Operations ($TBMAILADDR_OPS)</a>";
69

70 71 72
# So subscripts always know ...
putenv("HTTP_SCRIPT=1");

73 74 75 76 77
#
# Database constants and the like.
#
include("dbdefs.php3");

78 79 80 81 82 83 84 85 86
#
# Wrap up the mail function so we can prepend a tag to the subject
# line that indicates what testbed. Useful when multiple testbed
# email to the same list.
#
# 
function TBMAIL($to, $subject, $message, $headers = 0)
{
    global $THISHOMEBASE;
87
    global $SCRIPT_NAME;
88 89 90

    $subject = strtoupper($THISHOMEBASE) . ": $subject";

91 92 93 94 95 96 97 98 99
    $tag = "X-NetBed: " . basename($SCRIPT_NAME);
    
    if ($headers) {
	$headers = "$headers\n" . $tag;
    }
    else {
	$headers = $tag;
    }
    return mail($to, $subject, $message, $headers);
100 101
}

102 103 104 105 106
#
# Internal errors should be reported back to the user simply. The actual 
# error information should be emailed to the list for action. The script
# should then terminate if required to do so.
#
107
function TBERROR ($message, $death, $xmp = 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
108
    global $TBMAIL_WWW, $TBMAIL_OPS, $TBMAILADDR;
109
    $script = $_SERVER['REQUEST_URI'];
110

111 112
    TBMAIL($TBMAIL_OPS,
         "WEB ERROR REPORT",
113
         "\n".
114
	 "In $script\n\n".
115 116 117
         "$message\n\n".
         "Thanks,\n".
         "Testbed WWW\n",
118
         "From: $TBMAIL_OPS\n".
119
         "Errors-To: $TBMAIL_WWW");
120

121
    if ($death) {
122 123 124
	if ($xmp)
	    $message = "<XMP>$message</XMP>\n";
	
125 126 127 128 129 130
	$msg = "<blockquote><pre>
                $message
        	</pre></blockquote>
		Could not continue. Please contact $TBMAILADDR\n";

	PAGEERROR($msg);
131 132 133
    }
    return 0;
}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
134 135 136 137 138

#
# General user errors should print something warm and fuzzy
#
function USERERROR($message, $death) {
139 140
    global $TBMAILADDR;

141
    $msg = "<font size=+1><br>
142
            $message
143
      	    </font>
144
            <br><br><br>
145 146 147
            <font size=-1>
            Please contact $TBMAILADDR if you feel this message is an error.
            </font>\n";
148

Leigh B. Stoller's avatar
Leigh B. Stoller committed
149
    if ($death) {
150
	PAGEERROR($msg);
Leigh B. Stoller's avatar
Leigh B. Stoller committed
151
    }
152 153
    else
        echo "$msg\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
154 155
}

156 157 158 159 160 161 162 163
#
# A form error.
#
function FORMERROR($field) {
    USERERROR("Missing field; ".
              "Please go back and fill out the \"$field\" field!", 1);
}

164 165 166
#
# A page argument error. 
# 
167 168 169 170 171 172 173
function PAGEARGERROR($msg = 0) {
    $default = "Invalid page arguments: " . $_SERVER['REQUEST_URI'];

    if ($msg) {
	$default = "$default<br><br>$msg";
    }
    USERERROR($default, 1);
174 175
}

176
#
177
# SUEXEC stuff.
178
#
179 180 181 182
# Save this stuff so we can generate better error messages and such.
# 
$suexec_cmdandargs = "";
$suexec_retval     = 0;
183 184
$suexec_output     = "";
$suexec_output_array;
185

186 187 188 189 190 191 192
#
# Actions for suexec. 
#
define("SUEXEC_ACTION_CONTINUE",	0);
define("SUEXEC_ACTION_DIE",		1);
define("SUEXEC_ACTION_USERERROR",	2);
define("SUEXEC_ACTION_IGNORE",		3);
193

194 195 196 197 198
#
# An suexec error.
#
function SUEXECERROR($action)
{
199 200
    global $suexec_cmdandargs, $suexec_retval;
    global $suexec_output, $suexec_output_array;
201

202 203
    $foo  = "Shell Program Error. Exit status: $suexec_retval\n";
    $foo .= "  '$suexec_cmdandargs'\n";
204 205 206
    $foo .= "\n";
    $foo .= $suexec_output;

207 208
    switch ($action) {
    case SUEXEC_ACTION_CONTINUE:
209
	TBERROR($foo, 0, 1);
210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228
        break;
    case SUEXEC_ACTION_DIE:
	TBERROR($foo, 1, 1);
        break;
    case SUEXEC_ACTION_USERERROR:
	USERERROR("<XMP>$foo</XMP>", 1);
        break;
    case SUEXEC_ACTION_IGNORE:
	break;
    default:
	TBERROR($foo, 1, 1);
    }
}

#
# Run a program as a user.
#
function SUEXEC($uid, $gid, $cmdandargs, $action) {
    global $TBSUEXEC_PATH;
229 230
    global $suexec_cmdandargs, $suexec_retval;
    global $suexec_output, $suexec_output_array;
231 232 233

    ignore_user_abort(1);

234 235 236 237
    $suexec_cmdandargs   = "$uid $gid $cmdandargs";
    $suexec_output_array = array();
    $suexec_output       = "";
    $suexec_retval       = 0;
238
    
239 240 241 242 243 244 245 246 247 248 249 250 251
    exec("$TBSUEXEC_PATH $suexec_cmdandargs",
	 $suexec_output_array, $suexec_retval);

    # Yikes! Something is not doing integer conversion properly!
    if ($suexec_retval == 255) {
	$suexec_retval = -1;
    }

    if (count($suexec_output_array)) {
	for ($i = 0; $i < count($suexec_output_array); $i++) {
	    $suexec_output .= "$suexec_output_array[$i]\n";
	}
    }
252 253 254 255 256 257 258 259

    #
    # The output is still available of course, via $suexec_output.
    # 
    if ($suexec_retval == 0 || $action == SUEXEC_ACTION_IGNORE) {
	return $suexec_retval;
    }
    SUEXECERROR($action);
260 261
}

262 263 264
function ADDPUBKEY($uid, $cmdandargs) {
    global $TBSUEXEC_PATH;

265 266 267 268 269 270 271 272 273 274
    #
    # Complication. User might not have an actual account if setting or
    # changing his own pubkeys. webonly, unapproved, and unverified users
    # can still muck with their personal info. So, just invoke as user
    # nobody. We will get audit email in case we need to track what has
    # happened. 
    #
    if (! HASREALACCOUNT($uid)) {
	$uid = "nobody";
    }
275
    return SUEXEC($uid, "nobody", $cmdandargs, 0);
276 277
}

278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293
#
# Verify a URL.
#
function CHECKURL($url, &$error) {
    global $HTTPTAG;

    if (strlen($url)) {
	if (strstr($url, " ")) {
	    $error = "URL is malformed; spaces are not allowed!";
	    return 0;
	}
	
	if (strcmp($HTTPTAG, substr($url, 0, strlen($HTTPTAG)))) {
	    $error = "URL is malformed; must begin with $HTTPTAG!";
	    return 0;
	}
294

295 296
	$fp = @fopen($url, "r");
	if (! $fp) {
297
	    # Check to see if it was a redirect, in which case its OK
298 299 300 301 302 303 304 305 306 307 308
	    for ($i = 0; $i < count($http_response_header); $i++) {
		if (!strcmp("Location:", substr($http_response_header[$i],0,9))) {
		    $is_redirect = 1;
		}
	    }
	    if (!$is_redirect) {
		$error = "URL is not valid; Cannot be accessed!";
		return 0;
	    }
	} else {
	    fclose($fp);
309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336
	}
    }
    return 1;
}

#
# Check a password.
#
function CHECKPASSWORD($uid, $password, $name, $email, &$error)
{
    global $TBCHKPASS_PATH;
    
    $mypipe =
	popen(escapeshellcmd("$TBCHKPASS_PATH $password $uid '$name:$email'"),
	      "w+");
    
    if ($mypipe) { 
        $retval=fgets($mypipe, 1024);
        if (strcmp($retval,"ok\n") != 0) {
	    $error = "$retval";
	    return 0;
	}
	return 1;
    }
    TBERROR("Checkpass Failure! Returned '$mypipe'.\n\n".
	    "$TBCHKPASS_PATH $password $uid '$name:$email'", 1);
}

337 338 339 340
function LASTNODELOGIN($node)
{
}

341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356
#
# A function to print the contents of an array (recursively).
# Mostly useful for debugging.
#
function ARRAY_PRINT($arr) {
  if (!is_array($arr)) { echo "non-array '$arr'\n"; }
  foreach ($arr as $i => $val) {
    echo("'$i' - '$val'\n");
    if (is_array($val)) {
      echo "Sub-array $i:\n";
      array_print($val);
      echo "End Sub-array $i.\n";
    }
  }
}

357 358 359 360
#
# Beware empty spaces (cookies)!
# 
require("tbauth.php3");
361 362 363 364 365

#
# Okay, this is what checks the login and spits out the menu.
#
require("menu.php3");
366
?>