defs.php3.in 8.41 KB
Newer Older
1
2
<?php
#
3
# Standard definitions! 
4
#
5
$TBDIR          = "@prefix@/";
6
$OURDOMAIN      = "@OURDOMAIN@";
7
$BOSSNODE       = "@BOSSNODE@";
8
$USERNODE       = "@USERNODE@";
9
$TBADMINGROUP   = "@TBADMINGROUP@";
10
11
12
13
14
15
16
$WWWHOST	= "@WWWHOST@";
$WWW		= "@WWW@";
$TBAUTHDOMAIN	= "@TBAUTHDOMAIN@";
$TBBASE		= "@TBBASE@";
$TBDOCBASE	= "@TBDOCBASE@";
$TBWWW		= "@TBWWW@";
$THISHOMEBASE	= "@THISHOMEBASE@";
17

18
19
20
21
22
23
$TBMAILADDR_OPS		= "@TBOPSEMAIL_NOSLASH@";
$TBMAILADDR_WWW		= "@TBWWWEMAIL_NOSLASH@";
$TBMAILADDR_APPROVAL	= "@TBAPPROVALEMAIL_NOSLASH@";
$TBMAILADDR_LOGS	= "@TBLOGSEMAIL_NOSLASH@";
$TBMAILADDR_AUDIT	= "@TBAUDITEMAIL_NOSLASH@";

24
25
26
27
28
# Can override this in the defs file. 
$TBAUTHTIMEOUT  = "@TBAUTHTIMEOUT@";
$TBMAINSITE     = "@TBMAINSITE@";
$TBSECURECOOKIES= "@TBSECURECOOKIES@";
$TBCOOKIESUFFIX = "@TBCOOKIESUFFIX@";
29

Leigh B. Stoller's avatar
Leigh B. Stoller committed
30
31
$TBWWW_DIR	= "$TBDIR"."www/";
$TBBIN_DIR	= "$TBDIR"."bin/";
32
$TBETC_DIR	= "$TBDIR"."etc/";
33
34
35
$TBLIBEXEC_DIR	= "$TBDIR"."libexec/";
$TBSUEXEC_PATH  = "$TBLIBEXEC_DIR/suexec";
$TBCHKPASS_PATH = "$TBLIBEXEC_DIR/checkpass";
36
$TBCSLOGINS     = "$TBETC_DIR/cslogins";
37

38
39
#
# Hardcoded check against $WWWHOST, to prevent anyone from accidentally setting
40
# $TBMAINSITE when it should not be
41
42
43
44
45
#
if ($WWWHOST != "www.emulab.net") {
    $TBMAINSITE = 0;
}

46
$TBPROJ_DIR     = "/proj";
47
$TBUSER_DIR	= "/users";
48
$TBGROUP_DIR	= "/groups";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
49
$TBNSSUBDIR     = "nsdir";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
50

51
52
$TBAUTHCOOKIE   = "HashCookie" . $TBCOOKIESUFFIX;
$TBNAMECOOKIE   = "MyUidCookie" . $TBCOOKIESUFFIX;
53
$TBLOGINCOOKIE  = "LoginCookie" . $TBCOOKIESUFFIX;
54

55
56
$HTTPTAG        = "http://";

57
58
59
60
61
62
$TBMAIL_OPS		= "Testbed Ops <$TBMAILADDR_OPS>";
$TBMAIL_WWW		= "Testbed WWW <$TBMAILADDR_WWW>";
$TBMAIL_APPROVAL	= "Testbed Approval <$TBMAILADDR_APPROVAL>";
$TBMAIL_LOGS		= "Testbed Logs <$TBMAILADDR_LOGS>";
$TBMAIL_AUDIT		= "Testbed Audit <$TBMAILADDR_AUDIT>";

63
#
64
65
66
# This just spits out an email address in a page, so it does not need
# to be configured per development tree. It could be though ...
# 
67
68
$TBMAILADDR     = "<a href=\"mailto:$TBMAILADDR_OPS\">
                      Testbed Operations ($TBMAILADDR_OPS)</a>";
69

70
71
72
# So subscripts always know ...
putenv("HTTP_SCRIPT=1");

73
74
75
76
77
#
# Database constants and the like.
#
include("dbdefs.php3");

78
79
80
81
82
83
84
85
86
#
# Wrap up the mail function so we can prepend a tag to the subject
# line that indicates what testbed. Useful when multiple testbed
# email to the same list.
#
# 
function TBMAIL($to, $subject, $message, $headers = 0)
{
    global $THISHOMEBASE;
87
    global $SCRIPT_NAME;
88
89
90

    $subject = strtoupper($THISHOMEBASE) . ": $subject";

91
92
93
94
95
96
97
98
99
    $tag = "X-NetBed: " . basename($SCRIPT_NAME);
    
    if ($headers) {
	$headers = "$headers\n" . $tag;
    }
    else {
	$headers = $tag;
    }
    return mail($to, $subject, $message, $headers);
100
101
}

102
103
104
105
106
#
# Internal errors should be reported back to the user simply. The actual 
# error information should be emailed to the list for action. The script
# should then terminate if required to do so.
#
Leigh B. Stoller's avatar
Leigh B. Stoller committed
107
function TBERROR ($message, $death, $xmp = 0) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
108
    global $TBMAIL_WWW, $TBMAIL_OPS, $TBMAILADDR;
109
    $script = $_SERVER['REQUEST_URI'];
110

111
112
    TBMAIL($TBMAIL_OPS,
         "WEB ERROR REPORT",
113
         "\n".
114
	 "In $script\n\n".
115
116
117
         "$message\n\n".
         "Thanks,\n".
         "Testbed WWW\n",
118
         "From: $TBMAIL_OPS\n".
119
         "Errors-To: $TBMAIL_WWW");
120

121
    if ($death) {
Leigh B. Stoller's avatar
Leigh B. Stoller committed
122
123
124
	if ($xmp)
	    $message = "<XMP>$message</XMP>\n";
	
125
126
127
128
129
130
	$msg = "<blockquote><pre>
                $message
        	</pre></blockquote>
		Could not continue. Please contact $TBMAILADDR\n";

	PAGEERROR($msg);
131
132
133
    }
    return 0;
}
Leigh B. Stoller's avatar
Leigh B. Stoller committed
134
135
136
137
138

#
# General user errors should print something warm and fuzzy
#
function USERERROR($message, $death) {
139
140
    global $TBMAILADDR;

141
    $msg = "<font size=+1><br>
142
            $message
143
      	    </font>
144
            <br><br><br>
145
146
147
            <font size=-1>
            Please contact $TBMAILADDR if you feel this message is an error.
            </font>\n";
148

Leigh B. Stoller's avatar
Leigh B. Stoller committed
149
    if ($death) {
150
	PAGEERROR($msg);
Leigh B. Stoller's avatar
Leigh B. Stoller committed
151
    }
152
153
    else
        echo "$msg\n";
Leigh B. Stoller's avatar
Leigh B. Stoller committed
154
155
}

156
157
158
159
160
161
162
163
#
# A form error.
#
function FORMERROR($field) {
    USERERROR("Missing field; ".
              "Please go back and fill out the \"$field\" field!", 1);
}

164
165
166
#
# A page argument error. 
# 
167
168
169
170
171
172
173
function PAGEARGERROR($msg = 0) {
    $default = "Invalid page arguments: " . $_SERVER['REQUEST_URI'];

    if ($msg) {
	$default = "$default<br><br>$msg";
    }
    USERERROR($default, 1);
174
175
}

176
#
177
# SUEXEC stuff.
178
#
179
180
181
182
# Save this stuff so we can generate better error messages and such.
# 
$suexec_cmdandargs = "";
$suexec_retval     = 0;
183
184
$suexec_output     = "";
$suexec_output_array;
185

186
187
188
189
190
191
192
#
# Actions for suexec. 
#
define("SUEXEC_ACTION_CONTINUE",	0);
define("SUEXEC_ACTION_DIE",		1);
define("SUEXEC_ACTION_USERERROR",	2);
define("SUEXEC_ACTION_IGNORE",		3);
193

194
195
196
197
198
#
# An suexec error.
#
function SUEXECERROR($action)
{
199
200
    global $suexec_cmdandargs, $suexec_retval;
    global $suexec_output, $suexec_output_array;
201

202
203
    $foo  = "Shell Program Error. Exit status: $suexec_retval\n";
    $foo .= "  '$suexec_cmdandargs'\n";
204
205
206
    $foo .= "\n";
    $foo .= $suexec_output;

207
208
    switch ($action) {
    case SUEXEC_ACTION_CONTINUE:
209
	TBERROR($foo, 0, 1);
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
        break;
    case SUEXEC_ACTION_DIE:
	TBERROR($foo, 1, 1);
        break;
    case SUEXEC_ACTION_USERERROR:
	USERERROR("<XMP>$foo</XMP>", 1);
        break;
    case SUEXEC_ACTION_IGNORE:
	break;
    default:
	TBERROR($foo, 1, 1);
    }
}

#
# Run a program as a user.
#
function SUEXEC($uid, $gid, $cmdandargs, $action) {
    global $TBSUEXEC_PATH;
229
230
    global $suexec_cmdandargs, $suexec_retval;
    global $suexec_output, $suexec_output_array;
231
232
233

    ignore_user_abort(1);

234
235
236
237
    $suexec_cmdandargs   = "$uid $gid $cmdandargs";
    $suexec_output_array = array();
    $suexec_output       = "";
    $suexec_retval       = 0;
238
    
239
240
241
242
243
244
245
246
247
248
249
250
251
    exec("$TBSUEXEC_PATH $suexec_cmdandargs",
	 $suexec_output_array, $suexec_retval);

    # Yikes! Something is not doing integer conversion properly!
    if ($suexec_retval == 255) {
	$suexec_retval = -1;
    }

    if (count($suexec_output_array)) {
	for ($i = 0; $i < count($suexec_output_array); $i++) {
	    $suexec_output .= "$suexec_output_array[$i]\n";
	}
    }
252
253
254
255
256
257
258
259

    #
    # The output is still available of course, via $suexec_output.
    # 
    if ($suexec_retval == 0 || $action == SUEXEC_ACTION_IGNORE) {
	return $suexec_retval;
    }
    SUEXECERROR($action);
260
261
}

262
263
264
function ADDPUBKEY($uid, $cmdandargs) {
    global $TBSUEXEC_PATH;

265
266
267
268
269
270
271
272
273
274
    #
    # Complication. User might not have an actual account if setting or
    # changing his own pubkeys. webonly, unapproved, and unverified users
    # can still muck with their personal info. So, just invoke as user
    # nobody. We will get audit email in case we need to track what has
    # happened. 
    #
    if (! HASREALACCOUNT($uid)) {
	$uid = "nobody";
    }
275
    return SUEXEC($uid, "nobody", $cmdandargs, 0);
276
277
}

Leigh B. Stoller's avatar
Leigh B. Stoller committed
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
#
# Verify a URL.
#
function CHECKURL($url, &$error) {
    global $HTTPTAG;

    if (strlen($url)) {
	if (strstr($url, " ")) {
	    $error = "URL is malformed; spaces are not allowed!";
	    return 0;
	}
	
	if (strcmp($HTTPTAG, substr($url, 0, strlen($HTTPTAG)))) {
	    $error = "URL is malformed; must begin with $HTTPTAG!";
	    return 0;
	}
294

Leigh B. Stoller's avatar
Leigh B. Stoller committed
295
296
	$fp = @fopen($url, "r");
	if (! $fp) {
297
	    # Check to see if it was a redirect, in which case its OK
298
299
300
301
302
303
304
305
306
307
308
	    for ($i = 0; $i < count($http_response_header); $i++) {
		if (!strcmp("Location:", substr($http_response_header[$i],0,9))) {
		    $is_redirect = 1;
		}
	    }
	    if (!$is_redirect) {
		$error = "URL is not valid; Cannot be accessed!";
		return 0;
	    }
	} else {
	    fclose($fp);
Leigh B. Stoller's avatar
Leigh B. Stoller committed
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
	}
    }
    return 1;
}

#
# Check a password.
#
function CHECKPASSWORD($uid, $password, $name, $email, &$error)
{
    global $TBCHKPASS_PATH;
    
    $mypipe =
	popen(escapeshellcmd("$TBCHKPASS_PATH $password $uid '$name:$email'"),
	      "w+");
    
    if ($mypipe) { 
        $retval=fgets($mypipe, 1024);
        if (strcmp($retval,"ok\n") != 0) {
	    $error = "$retval";
	    return 0;
	}
	return 1;
    }
    TBERROR("Checkpass Failure! Returned '$mypipe'.\n\n".
	    "$TBCHKPASS_PATH $password $uid '$name:$email'", 1);
}

337
338
339
340
function LASTNODELOGIN($node)
{
}

341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
#
# A function to print the contents of an array (recursively).
# Mostly useful for debugging.
#
function ARRAY_PRINT($arr) {
  if (!is_array($arr)) { echo "non-array '$arr'\n"; }
  foreach ($arr as $i => $val) {
    echo("'$i' - '$val'\n");
    if (is_array($val)) {
      echo "Sub-array $i:\n";
      array_print($val);
      echo "End Sub-array $i.\n";
    }
  }
}

357
358
359
360
#
# Beware empty spaces (cookies)!
# 
require("tbauth.php3");
361
362
363
364
365

#
# Okay, this is what checks the login and spits out the menu.
#
require("menu.php3");
366
?>