defs.php3.in 8.09 KB
Newer Older
1 2
<?php
#
3
# Standard definitions! 
4
#
5
$TBDIR          = "@prefix@/";
6
$OURDOMAIN      = "@OURDOMAIN@";
7
$BOSSNODE       = "@BOSSNODE@";
8
$USERNODE       = "@USERNODE@";
9
$TBADMINGROUP   = "@TBADMINGROUP@";
10 11 12 13 14 15 16
$WWWHOST	= "@WWWHOST@";
$WWW		= "@WWW@";
$TBAUTHDOMAIN	= "@TBAUTHDOMAIN@";
$TBBASE		= "@TBBASE@";
$TBDOCBASE	= "@TBDOCBASE@";
$TBWWW		= "@TBWWW@";
$THISHOMEBASE	= "@THISHOMEBASE@";
17

18 19 20 21 22 23
$TBMAILADDR_OPS		= "@TBOPSEMAIL_NOSLASH@";
$TBMAILADDR_WWW		= "@TBWWWEMAIL_NOSLASH@";
$TBMAILADDR_APPROVAL	= "@TBAPPROVALEMAIL_NOSLASH@";
$TBMAILADDR_LOGS	= "@TBLOGSEMAIL_NOSLASH@";
$TBMAILADDR_AUDIT	= "@TBAUDITEMAIL_NOSLASH@";

24 25 26 27 28
# Can override this in the defs file. 
$TBAUTHTIMEOUT  = "@TBAUTHTIMEOUT@";
$TBMAINSITE     = "@TBMAINSITE@";
$TBSECURECOOKIES= "@TBSECURECOOKIES@";
$TBCOOKIESUFFIX = "@TBCOOKIESUFFIX@";
29

Leigh B. Stoller's avatar
Leigh B. Stoller committed
30 31
$TBWWW_DIR	= "$TBDIR"."www/";
$TBBIN_DIR	= "$TBDIR"."bin/";
32
$TBETC_DIR	= "$TBDIR"."etc/";
33 34 35
$TBLIBEXEC_DIR	= "$TBDIR"."libexec/";
$TBSUEXEC_PATH  = "$TBLIBEXEC_DIR/suexec";
$TBCHKPASS_PATH = "$TBLIBEXEC_DIR/checkpass";
36
$TBCSLOGINS     = "$TBETC_DIR/cslogins";
37

38 39
#
# Hardcoded check against $WWWHOST, to prevent anyone from accidentally setting
40
# $TBMAINSITE when it should not be
41 42 43 44 45
#
if ($WWWHOST != "www.emulab.net") {
    $TBMAINSITE = 0;
}

46
$TBPROJ_DIR     = "/proj";
47
$TBUSER_DIR	= "/users";
48
$TBGROUP_DIR	= "/groups";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
49
$TBNSSUBDIR     = "nsdir";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
50

51 52
$TBAUTHCOOKIE   = "HashCookie" . $TBCOOKIESUFFIX;
$TBNAMECOOKIE   = "MyUidCookie" . $TBCOOKIESUFFIX;
53

54 55
$HTTPTAG        = "http://";

56 57 58 59 60 61
$TBMAIL_OPS		= "Testbed Ops <$TBMAILADDR_OPS>";
$TBMAIL_WWW		= "Testbed WWW <$TBMAILADDR_WWW>";
$TBMAIL_APPROVAL	= "Testbed Approval <$TBMAILADDR_APPROVAL>";
$TBMAIL_LOGS		= "Testbed Logs <$TBMAILADDR_LOGS>";
$TBMAIL_AUDIT		= "Testbed Audit <$TBMAILADDR_AUDIT>";

62
#
63 64 65
# This just spits out an email address in a page, so it does not need
# to be configured per development tree. It could be though ...
# 
66 67
$TBMAILADDR     = "<a href=\"mailto:$TBMAILADDR_OPS\">
                      Testbed Operations ($TBMAILADDR_OPS)</a>";
68

69 70 71
# So subscripts always know ...
putenv("HTTP_SCRIPT=1");

72 73 74 75 76
#
# Database constants and the like.
#
include("dbdefs.php3");

77 78 79 80 81 82 83 84 85
#
# Wrap up the mail function so we can prepend a tag to the subject
# line that indicates what testbed. Useful when multiple testbed
# email to the same list.
#
# 
function TBMAIL($to, $subject, $message, $headers = 0)
{
    global $THISHOMEBASE;
86
    global $SCRIPT_NAME;
87 88 89

    $subject = strtoupper($THISHOMEBASE) . ": $subject";

90 91 92 93 94 95 96 97 98
    $tag = "X-NetBed: " . basename($SCRIPT_NAME);
    
    if ($headers) {
	$headers = "$headers\n" . $tag;
    }
    else {
	$headers = $tag;
    }
    return mail($to, $subject, $message, $headers);
99 100
}

101 102 103 104 105
#
# Internal errors should be reported back to the user simply. The actual 
# error information should be emailed to the list for action. The script
# should then terminate if required to do so.
#
106
function TBERROR ($message, $death, $xmp = 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
107
    global $TBMAIL_WWW, $TBMAIL_OPS, $TBMAILADDR;
108

109 110
    TBMAIL($TBMAIL_OPS,
         "WEB ERROR REPORT",
111 112 113 114
         "\n".
         "$message\n\n".
         "Thanks,\n".
         "Testbed WWW\n",
115
         "From: $TBMAIL_OPS\n".
116
         "Errors-To: $TBMAIL_WWW");
117

118
    if ($death) {
119 120 121
	if ($xmp)
	    $message = "<XMP>$message</XMP>\n";
	
122 123 124 125 126 127
	$msg = "<blockquote><pre>
                $message
        	</pre></blockquote>
		Could not continue. Please contact $TBMAILADDR\n";

	PAGEERROR($msg);
128 129 130
    }
    return 0;
}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
131 132 133 134 135

#
# General user errors should print something warm and fuzzy
#
function USERERROR($message, $death) {
136 137
    global $TBMAILADDR;

138
    $msg = "<font size=+1><br>
139
            $message
140
      	    </font>
141
            <br><br><br>
142 143 144
            <font size=-1>
            Please contact $TBMAILADDR if you feel this message is an error.
            </font>\n";
145

Leigh B. Stoller's avatar
Leigh B. Stoller committed
146
    if ($death) {
147
	PAGEERROR($msg);
Leigh B. Stoller's avatar
Leigh B. Stoller committed
148
    }
149 150
    else
        echo "$msg\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
151 152
}

153 154 155 156 157 158 159 160
#
# A form error.
#
function FORMERROR($field) {
    USERERROR("Missing field; ".
              "Please go back and fill out the \"$field\" field!", 1);
}

161
#
162
# SUEXEC stuff.
163
#
164 165 166 167
# Save this stuff so we can generate better error messages and such.
# 
$suexec_cmdandargs = "";
$suexec_retval     = 0;
168 169
$suexec_output     = "";
$suexec_output_array;
170

171 172 173 174 175 176 177
#
# Actions for suexec. 
#
define("SUEXEC_ACTION_CONTINUE",	0);
define("SUEXEC_ACTION_DIE",		1);
define("SUEXEC_ACTION_USERERROR",	2);
define("SUEXEC_ACTION_IGNORE",		3);
178

179 180 181 182 183
#
# An suexec error.
#
function SUEXECERROR($action)
{
184 185
    global $suexec_cmdandargs, $suexec_retval;
    global $suexec_output, $suexec_output_array;
186

187 188
    $foo  = "Shell Program Error. Exit status: $suexec_retval\n";
    $foo .= "  '$suexec_cmdandargs'\n";
189 190 191
    $foo .= "\n";
    $foo .= $suexec_output;

192 193
    switch ($action) {
    case SUEXEC_ACTION_CONTINUE:
194
	TBERROR($foo, 0, 1);
195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213
        break;
    case SUEXEC_ACTION_DIE:
	TBERROR($foo, 1, 1);
        break;
    case SUEXEC_ACTION_USERERROR:
	USERERROR("<XMP>$foo</XMP>", 1);
        break;
    case SUEXEC_ACTION_IGNORE:
	break;
    default:
	TBERROR($foo, 1, 1);
    }
}

#
# Run a program as a user.
#
function SUEXEC($uid, $gid, $cmdandargs, $action) {
    global $TBSUEXEC_PATH;
214 215
    global $suexec_cmdandargs, $suexec_retval;
    global $suexec_output, $suexec_output_array;
216 217 218

    ignore_user_abort(1);

219 220 221 222
    $suexec_cmdandargs   = "$uid $gid $cmdandargs";
    $suexec_output_array = array();
    $suexec_output       = "";
    $suexec_retval       = 0;
223
    
224 225 226 227 228 229 230 231 232 233 234 235 236
    exec("$TBSUEXEC_PATH $suexec_cmdandargs",
	 $suexec_output_array, $suexec_retval);

    # Yikes! Something is not doing integer conversion properly!
    if ($suexec_retval == 255) {
	$suexec_retval = -1;
    }

    if (count($suexec_output_array)) {
	for ($i = 0; $i < count($suexec_output_array); $i++) {
	    $suexec_output .= "$suexec_output_array[$i]\n";
	}
    }
237 238 239 240 241 242 243 244

    #
    # The output is still available of course, via $suexec_output.
    # 
    if ($suexec_retval == 0 || $action == SUEXEC_ACTION_IGNORE) {
	return $suexec_retval;
    }
    SUEXECERROR($action);
245 246
}

247 248 249
function ADDPUBKEY($uid, $cmdandargs) {
    global $TBSUEXEC_PATH;

250 251 252 253 254 255 256 257 258 259
    #
    # Complication. User might not have an actual account if setting or
    # changing his own pubkeys. webonly, unapproved, and unverified users
    # can still muck with their personal info. So, just invoke as user
    # nobody. We will get audit email in case we need to track what has
    # happened. 
    #
    if (! HASREALACCOUNT($uid)) {
	$uid = "nobody";
    }
260
    return SUEXEC($uid, "nobody", $cmdandargs, 0);
261 262
}

263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278
#
# Verify a URL.
#
function CHECKURL($url, &$error) {
    global $HTTPTAG;

    if (strlen($url)) {
	if (strstr($url, " ")) {
	    $error = "URL is malformed; spaces are not allowed!";
	    return 0;
	}
	
	if (strcmp($HTTPTAG, substr($url, 0, strlen($HTTPTAG)))) {
	    $error = "URL is malformed; must begin with $HTTPTAG!";
	    return 0;
	}
279

280 281
	$fp = @fopen($url, "r");
	if (! $fp) {
282
	    # Check to see if it was a redirect, in which case its OK
283 284 285 286 287 288 289 290 291 292 293
	    for ($i = 0; $i < count($http_response_header); $i++) {
		if (!strcmp("Location:", substr($http_response_header[$i],0,9))) {
		    $is_redirect = 1;
		}
	    }
	    if (!$is_redirect) {
		$error = "URL is not valid; Cannot be accessed!";
		return 0;
	    }
	} else {
	    fclose($fp);
294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321
	}
    }
    return 1;
}

#
# Check a password.
#
function CHECKPASSWORD($uid, $password, $name, $email, &$error)
{
    global $TBCHKPASS_PATH;
    
    $mypipe =
	popen(escapeshellcmd("$TBCHKPASS_PATH $password $uid '$name:$email'"),
	      "w+");
    
    if ($mypipe) { 
        $retval=fgets($mypipe, 1024);
        if (strcmp($retval,"ok\n") != 0) {
	    $error = "$retval";
	    return 0;
	}
	return 1;
    }
    TBERROR("Checkpass Failure! Returned '$mypipe'.\n\n".
	    "$TBCHKPASS_PATH $password $uid '$name:$email'", 1);
}

322 323 324 325
function LASTNODELOGIN($node)
{
}

326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341
#
# A function to print the contents of an array (recursively).
# Mostly useful for debugging.
#
function ARRAY_PRINT($arr) {
  if (!is_array($arr)) { echo "non-array '$arr'\n"; }
  foreach ($arr as $i => $val) {
    echo("'$i' - '$val'\n");
    if (is_array($val)) {
      echo "Sub-array $i:\n";
      array_print($val);
      echo "End Sub-array $i.\n";
    }
  }
}

342 343 344 345
#
# Beware empty spaces (cookies)!
# 
require("tbauth.php3");
346 347 348 349 350

#
# Okay, this is what checks the login and spits out the menu.
#
require("menu.php3");
351
?>