VladPolskiy/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2025-07-20 16:48:46 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
webmin/samba/swat.cgi
Ilia Rostovtsev f69fa81e59 Fix to get safely using wrapper sub 2/2
2021-09-28 16:30:05 +03:00

123 lines
3.2 KiB
Perl
Executable File
Raw Permalink Blame History

#!/usr/local/bin/perl
# swat.cgi
# Pass everything to samba's SWAT tool
require './samba-lib.pl';
&ReadParse();
# check acls
&error_setup("$text{'eacl_aviol'}ask_epass.cgi");
&error("$text{'eacl_np'} $text{'eacl_pcswat'}") unless $access{'swat'};
# Check is hosts allow is in force
&get_share("global");
if (&getval('allow hosts')) {
&ui_print_header(undef, $text{'error'}, "");
print &text('swat_msg3', $text{'sec_onlyallow'}), "<p>\n";
&foreign_require("inetd", "inetd-lib.pl");
local @inets = &foreign_call("inetd", "list_inets");
foreach $i (@inets) {
if ($i->[3] eq 'swat' && $i->[1]) {
# swat is configured in inetd!
local $p = getservbyname('swat', 'tcp');
$url = "http://$ENV{'SERVER_NAME'}:$p/";
print &text('swat_msg4', "<a href='$url'>$url</a>"), "<p>\n";
}
}
&ui_print_footer("", $text{'index_sharelist'});
exit;
}
# Check if we have the password
&read_file("$module_config_directory/swat", \%swat) || &ask_password();
# Execute SWAT process
pipe(OUTr, OUTw);
pipe(INr, INw);
local $pid = fork();
if (!$pid) {
untie(*STDIN);
untie(*STDOUT);
untie(*STDERR);
open(STDIN, "<&INr");
open(STDOUT, ">&OUTw");
open(STDERR, ">&OUTw");
close(OUTr); close(INw);
undef %ENV;
exec($config{'swat_path'});
print "Exec failed : $!\n";
exit 1;
}
close(OUTw); close(INr);
# Feed HTTP request and read output
$auth = &encode_base64("$swat{'user'}:$swat{'pass'}");
$auth =~ s/\n//g;
select(INw); $| = 1; select(STDOUT);
$path = $ENV{'PATH_INFO'} || "/";
if ($ENV{'REQUEST_METHOD'} eq 'GET') {
print INw "GET $path?$in HTTP/1.0\n";
print INw "Authorization: basic $auth\n";
print INw "\n";
}
else {
print INw "POST $path HTTP/1.0\r\n";
print INw "Authorization: basic $auth\r\n";
print INw "Content-length: ",length($in),"\r\n";
print INw "Content-type: application/x-www-form-urlencoded\r\n";
print INw "\r\n",$in;
}
close(INw);
$reply = <OUTr>;
if ($reply =~ /\s401\s/) {
&ask_password();
}
if ($ENV{'PATH_INFO'} =~ /\.(gif|jpg|jpeg|png)$/i) {
# An image .. just output it
while(<OUTr>) { print; }
}
else {
# An HTML page .. fix up links
$url = "@{[&get_webprefix()]}/$module_name/swat.cgi";
while(<OUTr>) {
s/src="(\/[^"]*)"/src="$url$1"/gi;
s/href="(\/[^"]*)"/href="$url$1"/gi;
s/action="(\/[^"]*)"/action="$url$1"/gi;
s/"(\/status?[^"]*)"/"$url$1"/gi;
print $_ if (!/<\/body>/i && !/<\/html>/i);
}
print "<table width=100% cellpadding=0 cellspacing=0><tr><td>\n";
&ui_print_footer("/$module_name/", $text{'index_sharelist'}, 1);
print "</td> <td align=right><a href='/$module_name/logout.cgi'>",
"$text{'swat_logout'}</a></td> </tr></table></body></html>\n";
}
sub ask_password
{
&ui_print_header(undef, $text{'swat_title'}, "");
if (%swat) {
print $text{'swat_msg1'}, " <br>\n";
}
else {
print $text{'swat_msg2'}, " <br>\n";
}
print "<center>\n";
print &ui_form_start("swat_save.cgi");
print &ui_table_start($text{'swat_list'}, undef, 2);
print &ui_table_row($text{'swat_username'},
&ui_textbox("user", $swat{'user'}, 20));
print &ui_table_row($text{'swat_password'},
&ui_password("pass", undef, 20));
print &ui_table_end();
print &ui_form_end([ [ undef, $text{'swat_login'} ] ]);
print "</center>\n";
&ui_print_footer("", $text{'index_sharelist'});
exit;
}
Reference in New Issue View Git Blame Copy Permalink