[Fedora-directory-commits] adminserver/admserv/cgi-src40 cgicommon.h, NONE, 1.1 cgicommon.properties, NONE, 1.1 Makefile, 1.12, 1.13 ReadLog.c, 1.5, 1.6 admpw.c, 1.7, 1.8 config.c, 1.6, 1.7 download.c, 1.6, 1.7 dsconfig.c, 1.6, 1.7 dsconfig.properties, 1.3, 1.4 getport.c, 1.4, 1.5 help.c, 1.7, 1.8 htmladmin.c, 1.7, 1.8 htmladmin.properties, 1.5, 1.6 mergeConfig.cpp, 1.5, 1.6 migrateConfig.c, 1.5, 1.6 monreplication.c, 1.5, 1.6 restartsrv.c, 1.5, 1.6 sec-activate.c, 1.7, 1.8 sec-activate.properties, 1.3, 1.4 security.c, 1.8, 1.9 security.properties, 1.3, 1.4 setport.c, 1.4, 1.5 snmpconf.c, 1.6, 1.7 snmpmctl.c, 1.6, 1.7 start_config_ds.c, 1.5, 1.6 statpingserv.c, 1.5, 1.6 statusping.c, 1.3, 1.4 stopsrv.c, 1.5, 1.6 ugdsconfig.c, 1.6, 1.7 viewdata.c, 1.6, 1.7 viewlog.c, 1.5, 1.6 viewlog.properties, 1.3, 1.4 listOldSrvs.c, 1.6, NONE listOldSrvs.properties, 1.3, NONE
Richard Allen Megginson (rmeggins)
fedora-directory-commits at redhat.com
Wed May 9 00:26:33 UTC 2007
Author: rmeggins
Update of /cvs/dirsec/adminserver/admserv/cgi-src40
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32253/adminserver/admserv/cgi-src40
Modified Files:
Makefile ReadLog.c admpw.c config.c download.c dsconfig.c
dsconfig.properties getport.c help.c htmladmin.c
htmladmin.properties mergeConfig.cpp migrateConfig.c
monreplication.c restartsrv.c sec-activate.c
sec-activate.properties security.c security.properties
setport.c snmpconf.c snmpmctl.c start_config_ds.c
statpingserv.c statusping.c stopsrv.c ugdsconfig.c viewdata.c
viewlog.c viewlog.properties
Added Files:
cgicommon.h cgicommon.properties
Removed Files:
listOldSrvs.c listOldSrvs.properties
Log Message:
Resolves: bug 239502, bug 186280
Description: adminserver: autotools, FHS, clean up CGI parameters
Fix Description: Too numerous to mention
--- NEW FILE cgicommon.h ---
/** BEGIN COPYRIGHT BLOCK
* Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
* Copyright (C) 2005 Red Hat, Inc.
* All rights reserved.
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*
* END COPYRIGHT BLOCK **/
#ifndef CGICOMMON_H
#define CGICOMMON_H
#define COMMON_RESOURCE_FILE "cgicommon"
#define resource_key(a,b) a b
/* These are the defines to use in C code for localized messages */
#define CMN_CONFIGPROBLEM resource_key(COMMON_RESOURCE_FILE, "1")
#define CMN_SSL_INIT_ERROR resource_key(COMMON_RESOURCE_FILE, "2")
/* These are other properties */
#define DSOBJECTCLASS "nsdirectoryserver" /* name of table in cgicommon */
#define DSCONFIGENTRY "cn=config"
#define DSSECURITYDIR "nsslapd-certdir"
#endif /* CGICOMMON_H */
--- NEW FILE cgicommon.properties ---
//# BEGIN COPYRIGHT BLOCK
//# Copyright (C) 2001 Sun Microsystems, Inc. Used by permission.
//# Copyright (C) 2005 Red Hat, Inc.
//# All rights reserved.
//#
//# This program is free software; you can redistribute it and/or
//# modify it under the terms of the GNU General Public License
//# as published by the Free Software Foundation; either version 2
//# of the License, or (at your option) any later version.
//#
//# This program is distributed in the hope that it will be useful,
//# but WITHOUT ANY WARRANTY; without even the implied warranty of
//# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
//# GNU General Public License for more details.
//#
//# You should have received a copy of the GNU General Public License
//# along with this program; if not, write to the Free Software
//# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
//#
//# END COPYRIGHT BLOCK
// ICU resource file
// This file contains resources common to all CGI programs
// see cgicommon.h
root {
// messages displayed to user - these can be localized
cgicommon1 { "Could not read the Admin Server CGI config file %s/adm.conf: error code %d" }
cgicommon2 { "SSL related initialization failed" }
}
Index: Makefile
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/Makefile,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- Makefile 13 Oct 2006 22:59:04 -0000 1.12
+++ Makefile 9 May 2007 00:26:30 -0000 1.13
@@ -52,6 +52,11 @@
LIBNT=$(OBJDIR)/lib/libnt.$(LIB_SUFFIX)
endif
+LIBADMIN=$(OBJDIR)/lib/libadmin.a
+LIBBASE=$(OBJDIR)/lib/libbase.a
+LIBSI18N=$(OBJDIR)/lib/libsi18n.a
+#LIBLDAPU=$(OBJDIR)/lib/libldapu.a
+
# Resource Bundle Compiler
ifeq ($(ARCH), WINNT)
ICU_GENRB = $(ICU_BINPATH)/genrb.exe
@@ -406,34 +411,34 @@
cd $(BINDIR); \
$(CCC) $(NONSHARED) $(CFLAGS) $(MCC_INCLUDE) -o admpw \
$(SRCDIR)/admpw.c \
- $(OBJDIR)/lib/libadmin.a \
+ $(LIBADMIN) \
$(ADMINSERVERLINKS)
$(BINDIR)/config: config.c $(GLUEOBJS)
cd $(BINDIR); \
$(CCC) $(NONSHARED) $(CFLAGS) $(MCC_INCLUDE) -o config \
$(SRCDIR)/config.c \
- $(OBJDIR)/lib/libadmin.a \
- $(OBJDIR)/lib/libbase.a \
- $(OBJDIR)/lib/libsi18n.a \
- $(OBJDIR)/lib/libldapu.a \
+ $(LIBADMIN) \
+ $(LIBBASE) \
+ $(LIBSI18N) \
+ $(LIBLDAPU) \
$(ADMINSERVERLINKS)
$(BINDIR)/dsconfig: dsconfig.c $(GLUEOBJS)
cd $(BINDIR); \
$(CCC) $(NONSHARED) $(CFLAGS) $(MCC_INCLUDE) -o dsconfig \
$(SRCDIR)/dsconfig.c \
- $(OBJDIR)/lib/libbase.a \
- $(OBJDIR)/lib/libsi18n.a \
- $(OBJDIR)/lib/libldapu.a \
+ $(LIBBASE) \
+ $(LIBSI18N) \
+ $(LIBLDAPU) \
$(ADMINSERVERLINKS)
$(BINDIR)/ugdsconfig: ugdsconfig.c $(GLUEOBJS)
cd $(BINDIR); \
$(CCC) $(NONSHARED) $(CFLAGS) $(MCC_INCLUDE) -I$(SETUPUTIL_INCLUDE) -o ugdsconfig \
$(SRCDIR)/ugdsconfig.c \
- $(OBJDIR)/lib/libbase.a \
- $(OBJDIR)/lib/libsi18n.a \
+ $(LIBBASE) \
+ $(LIBSI18N) \
$(SETUPADMINSERVERLINKS)
$(BINDIR)/mergeConfig: mergeConfig.cpp $(GLUEOBJS)
@@ -446,20 +451,20 @@
cd $(BINDIR); \
$(CCC) $(NONSHARED) $(CFLAGS) $(MCC_INCLUDE) -o monreplication \
$(SRCDIR)/monreplication.c \
- $(OBJDIR)/lib/libadmin.a \
- $(OBJDIR)/lib/libbase.a \
- $(OBJDIR)/lib/libsi18n.a \
- $(OBJDIR)/lib/libldapu.a \
+ $(LIBADMIN) \
+ $(LIBBASE) \
+ $(LIBSI18N) \
+ $(LIBLDAPU) \
$(ADMINSERVERLINKS)
$(BINDIR)/viewlog: viewlog.c $(GLUEOBJS)
cd $(BINDIR); \
$(CCC) $(NONSHARED) $(CFLAGS) $(MCC_INCLUDE) -o viewlog \
$(SRCDIR)/viewlog.c \
- $(OBJDIR)/lib/libadmin.a \
- $(OBJDIR)/lib/libbase.a \
- $(OBJDIR)/lib/libsi18n.a \
- $(OBJDIR)/lib/libldapu.a \
+ $(LIBADMIN) \
+ $(LIBBASE) \
+ $(LIBSI18N) \
+ $(LIBLDAPU) \
$(ADMINSERVERLINKS)
@@ -467,10 +472,10 @@
cd $(BINDIR); \
$(CCC) $(NONSHARED) $(CFLAGS) $(MCC_INCLUDE) -I$(SETUPUTIL_INCLUDE) -o viewdata \
$(SRCDIR)/viewdata.c \
- $(OBJDIR)/lib/libadmin.a \
- $(OBJDIR)/lib/libbase.a \
- $(OBJDIR)/lib/libsi18n.a \
- $(OBJDIR)/lib/libldapu.a \
+ $(LIBADMIN) \
+ $(LIBBASE) \
+ $(LIBSI18N) \
+ $(LIBLDAPU) \
$(SETUPADMINSERVERLINKS)
$(BINDIR)/statpingserv: statpingserv.c $(GLUEOBJS)
@@ -483,10 +488,10 @@
cd $(BINDIR); \
$(CCC) $(NONSHARED) $(CFLAGS) $(MCC_INCLUDE) -I$(SETUPUTIL_INCLUDE) -o htmladmin \
$(SRCDIR)/htmladmin.c \
- $(OBJDIR)/lib/libadmin.a \
- $(OBJDIR)/lib/libbase.a \
- $(OBJDIR)/lib/libsi18n.a \
- $(OBJDIR)/lib/libldapu.a \
+ $(LIBADMIN) \
+ $(LIBBASE) \
+ $(LIBSI18N) \
+ $(LIBLDAPU) \
$(SETUPADMINSERVERLINKS)
$(BINDIR)/%: %.c $(GLUEOBJS)
Index: ReadLog.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/ReadLog.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- ReadLog.c 11 May 2006 14:29:30 -0000 1.5
+++ ReadLog.c 9 May 2007 00:26:30 -0000 1.6
@@ -88,35 +88,35 @@
int getLogNames()
{
char line[BIG_LINE];
- char *admroot = getenv("ADMSERV_ROOT");
- char *serverroot = getenv("NETSITE_ROOT");
+ const char *logdir = util_get_log_dir();
char filename[BIG_LINE];
FILE *f;
- char *c;
- PR_snprintf(filename, sizeof(filename), "%s/local.conf", admroot);
- if((f = fopen(filename, "r" )) != NULL)
+ if (!logdir) {
+ return 0;
+ }
+
+ if (!util_find_file_in_paths(filename, sizeof(filename), "local.conf",
+ CONFIGDIR, "", "admin-serv/config")) {
+ return 0;
+ }
+
+ f = fopen(filename, "r");
+
+ if(f)
{
while(!feof(f))
{
fgets(line, sizeof(line), f);
- /*
- Convert config attr ids to lowercase for case
- insensitive comparison. Line is in the format:
- "configuration.nsErrorLog: admin-serv/logs/error"
- */
- for(c=line; *c && *c != ':'; c++) {
- *c = tolower(*c);
- }
- if(strstr(line, "nserrorlog"))
+ if(PL_strcasestr(line, "nserrorlog"))
{
- PR_snprintf(errorlog, sizeof(errorlog), "%s/%s", serverroot, getLogName(line));
+ PR_snprintf(errorlog, sizeof(errorlog), "%s/%s", logdir, getLogName(line));
}
else
- if(strstr(line, "nsaccesslog"))
+ if(PL_strcasestr(line, "nsaccesslog"))
{
- PR_snprintf(accesslog, sizeof(accesslog), "%s/%s", serverroot, getLogName(line));
+ PR_snprintf(accesslog, sizeof(accesslog), "%s/%s", logdir, getLogName(line));
}
}
fclose(f);
Index: admpw.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/admpw.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- admpw.c 10 Oct 2006 19:56:29 -0000 1.7
+++ admpw.c 9 May 2007 00:26:30 -0000 1.8
@@ -31,15 +31,19 @@
* If admpw.uid is found in cgi parameters, update uid in the config/admpw file
* If admpw.pw is found in cgi parameters, update password in:
* 1) "userPassword" attribute in the SIE on the DS
- * 2) siepid: parameter in config/adm.conf
- * 3) config/admpw file. The password is stored in encrypted form
+ * 2) config/admpw file. The password is stored in encrypted form
*/
-#include "libadmin/libadmin.h"
#include <stdio.h>
#include <stdarg.h> /* for vsprintf */
#include <stdlib.h>
#include <string.h>
+#include <unistd.h>
+
+/* NSS - for password hashing */
+#include <pk11func.h>
+#include <pk11pqg.h>
+#include <base64.h>
/* NSS - for password hashing */
#include <pk11func.h>
@@ -52,14 +56,15 @@
#include "libadmsslutil/psetcssl.h"
#include "libadmsslutil/admsslutil.h"
-static void output_admuid(char *file);
+#include "libadmin/libadmin.h"
+
+#include "config.h"
+
+static void output_admuid(AdmldapInfo admInfo);
static void update_uidpwd();
-static void update_admpwd(char *newuid, char *newpw);
-static void update_adm_conf(char *newpw);
+static void update_admpwd(char *newuid, char *newpw, const char *filename);
static void update_ds(char *newpw);
-#define SHA1_LENGTH 20
-
static char *
sha1_pw_enc(const char *pwd)
{
@@ -67,20 +72,16 @@
char *enc;
char *retval;
SECStatus rc;
+ int32 pwdlen = strlen(pwd);
/* SHA1 hash the user's key */
- rc = PK11_HashBuf(SEC_OID_SHA1, hash, (unsigned char *)pwd, strlen(pwd));
+ rc = PK11_HashBuf(SEC_OID_SHA1, hash, (unsigned char *)pwd, pwdlen);
/* convert to base64 */
if (!(enc = BTOA_DataToAscii(hash, sizeof(hash)))) {
return NULL;
}
/* add "{SHA}" in front of string */
- if ((retval = (char *) malloc(strlen(enc) + 5)) == NULL)
- {
- PORT_Free(enc);
- return (NULL);
- }
- sprintf(retval, "{SHA}%s", enc);
+ retval = PR_smprintf("{SHA}%s", enc);
PORT_Free(enc);
return retval;
@@ -97,8 +98,11 @@
if (!log_enabled) return;
if (logfp==NULL) {
- PR_snprintf(logfile, sizeof(logfile), "%s/../logs/admpw.dbg", getenv("ADMSERV_ROOT"));
- logfp = fopen(logfile, "w");
+ const char *logdir = util_get_log_dir();
+ if (logdir) {
+ PR_snprintf(logfile, sizeof(logfile), "%s/admpw.dbg", logdir);
+ logfp = fopen(logfile, "w");
+ }
}
if (logfp != NULL) {
@@ -142,13 +146,8 @@
static Resource *i18nResource = NULL;
static void i18nInit() {
- char resPath[256], *execPath;
- execPath = getcwd(resPath, 256);
- if (execPath) {
- PL_strncpyz(resPath, execPath, sizeof(resPath));
- PL_strcatn(resPath, sizeof(resPath), "/property");
- i18nResource = res_init_resource(resPath, RESOURCE_FILE);
- }
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
+
if (getenv("HTTP_ACCEPT_LANGUAGE")) {
acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE");
}
@@ -160,9 +159,10 @@
}
static const char *i18nMsg(char *msgid, char *defaultMsg) {
const char *msg=NULL;
+ static char buf[BUFSIZ]; /* ok - not threaded code */
if (i18nResource) {
- msg = res_getstring(i18nResource, msgid, acceptLanguage);
+ msg = res_getstring(i18nResource, msgid, acceptLanguage, buf, sizeof(buf), NULL);
}
if (msg == NULL) {
msg = (const char*)defaultMsg;
@@ -178,17 +178,20 @@
int _ai=ADMUTIL_Init();
char *method = getenv("REQUEST_METHOD");
- char *root = getenv("NETSITE_ROOT");
char *qs = 0, *op=0;
char error_info[128];
- char filename[BIG_LINE];
+ AdmldapInfo admInfo;
+ int errorcode = 0;
logMsg(" In %s\n", argv[0]);
- i18nInit();
- PR_snprintf(filename, sizeof(filename), "%s/admpw", getenv("ADMSERV_ROOT"));
+ i18nInit();
+ admInfo = admldapBuildInfoOnly(CONFIGDIR, &errorcode);
+ if (!admInfo || errorcode) {
+ rpt_err(SYSTEM_ERROR, i18nMsg(DBT_OPEN_ADMPW, "Can not open admpw file"), NULL, NULL);
+ }
- /* GET or POST method */
+ /* GET or POST method */
if (!method || !*method) {
/* non UI CGI */
rpt_err(SYSTEM_ERROR, i18nMsg(DBT_NO_METHOD,"No method is specified"), NULL, NULL);
@@ -212,26 +215,27 @@
rpt_err(INCORRECT_USAGE, error_info, NULL, NULL);
}
- logMsg("method=%s\n", method);
+ logMsg("method=%s\n", method);
op=get_cgi_var("op", NULL, NULL);
- logMsg("op=%s\n", op);
+ logMsg("op=%s\n", op);
- if (op == NULL) {
+ if (op == NULL) {
rpt_err(INCORRECT_USAGE, i18nMsg(DBT_NO_OPERATION, "No operation defined"), NULL, NULL);
}
- else if (strcmp(op,"get")==0) {
- output_admuid(filename);
- }
- else if (strcmp(op,"set")==0) {
- update_uidpwd();
- }
- else {
+ else if (strcmp(op,"get")==0) {
+ output_admuid(admInfo);
+ }
+ else if (strcmp(op,"set")==0) {
+ update_uidpwd(admInfo);
+ }
+ else {
PR_snprintf(error_info, sizeof(error_info), i18nMsg(DBT_UNKNOWN_OPERATION, "Unknown Operation (%s)"), op);
rpt_err(INCORRECT_USAGE, error_info, NULL, NULL);
}
-
+
+ destroyAdmldap(admInfo);
exit(0);
return 0;
}
@@ -242,46 +246,36 @@
* Output user name from the admpwd. The password does not need to be sent
*/
-static void output_admuid(char *filename) {
- FILE *f = fopen(filename, "r");
- char *uid=NULL ,*pw=NULL, *col=NULL;
- static char inbuf[BIG_LINE];
-
- if (f==NULL) {
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_OPEN_ADMPW, "Can not open admpw file"), NULL, NULL);
- }
- if (fgets(inbuf, sizeof(inbuf), f) == NULL) {
- fclose(f);
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_READ_ADMPW, "Can not read admpw file"), NULL, NULL);
- }
- logMsg("line=%s@\n", inbuf);
- fclose(f);
+static void output_admuid(AdmldapInfo admInfo) {
+ char *uid=admldapGetLocalAdminName(admInfo);
- col = strchr(inbuf, ':');
- if (col == NULL) {
+ if (uid == NULL) {
rpt_err(SYSTEM_ERROR, i18nMsg(DBT_ADMPW_CORRUPTED, "admpw file corrupted"), NULL, NULL);
}
- uid = inbuf; *col=0; pw=col+1;
- logMsg("uid=%s, pw=%s\n", uid, pw);
+ logMsg("uid=%s, pw=%s\n", uid, "(secret)");
fprintf(stdout, "Content-type: text/html\n\n");
- fprintf(stdout, "admpw.uid: %s\n", uid);
+ fprintf(stdout, "admpw.uid: %s\n", uid);
+ PL_strfree(uid);
}
/*
* Modify local superuser username and password
*/
-static void update_uidpwd() {
+static void update_uidpwd(AdmldapInfo admInfo) {
FILE *f;
char *uid=NULL ,*pw=NULL, *col=NULL;
char *newuid=NULL, *newpw=NULL;
static char filename[BIG_LINE];
static char inbuf[BIG_LINE];
+ char *tmpfile = admldapGetAdmpwFilePath(admInfo);
- PR_snprintf(filename, sizeof(filename), "%s/admpw", getenv("ADMSERV_ROOT"));
+ PR_snprintf(filename, sizeof(filename), tmpfile);
+ PL_strfree(tmpfile);
+ uid = admldapGetLocalAdminName(admInfo);
newuid = get_cgi_var("admpw.uid",NULL, NULL);
newpw = get_cgi_var("admpw.pw",NULL, NULL);
if (newuid==NULL && newpw==NULL) {
@@ -313,12 +307,18 @@
}
if (newpw != NULL) {
+ int errorCode = ADMSSL_InitSimple(CONFIGDIR, SECURITYDIR, 1 /* force to use hashing */);
+ if (errorCode) {
+ rpt_err(APP_ERROR,
+ i18nMsg(DBT_SECURITY_INIT, "Security Initialization Failed"),
+ NULL, NULL);
+ }
+
update_ds(newpw);
- update_adm_conf(newpw);
- update_admpwd(newuid, sha1_pw_enc(newpw));
+ update_admpwd(newuid, sha1_pw_enc(newpw), filename);
}
else {
- update_admpwd(newuid, pw);
+ update_admpwd(newuid, pw, filename);
}
rpt_success(NULL);
@@ -327,15 +327,12 @@
/*
* Modify admpw.
*/
-static void update_admpwd(char *newuid, char *newpw) {
+static void update_admpwd(char *newuid, char *newpw, const char *filename) {
FILE *f;
int cnt;
- static char filename[BIG_LINE];
static char outbuf[BIG_LINE];
- PR_snprintf(filename, sizeof(filename), "%s/admpw", getenv("ADMSERV_ROOT"));
-
f = fopen(filename, "w");
if (f==NULL) {
rpt_err(SYSTEM_ERROR, i18nMsg(DBT_OPEN_ADMPW_WR, "Can not open admpw file for writing"), NULL, NULL);
@@ -354,56 +351,6 @@
}
/*
- * Modify adm.conf
- */
-static void update_adm_conf(char *newpw) {
-
- FILE *f;
- int i, modified=0;
- static char filename[BIG_LINE];
- char buf[80];
- int linecnt=0;
- char *lines[50];
- static char inbuf[BIG_LINE];
-
-
- PR_snprintf(filename, sizeof(filename), "%s/adm.conf", getenv("ADMSERV_ROOT"));
-
- f = fopen(filename, "r");
- if (f==NULL) {
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_OPEN_ADMCONF_RD, "Can not open adm.conf for reading"), NULL, NULL);
- }
-
- while(fgets(inbuf, sizeof(inbuf), f) != NULL) {
- if (strstr(inbuf,"siepid:") == inbuf) { /* Line starts with "Password:" */
- PR_snprintf(buf, sizeof(buf), "siepid: %s\n", newpw);
- lines[linecnt++] = strdup(buf);
- modified=1;
- }
- else {
- lines[linecnt++] = strdup(inbuf);
- }
- }
- fclose(f);
-
- if (!modified) {
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_NO_SIEPID, "Parameter siepid: not found in adm.conf"), NULL, NULL);
- }
-
- f = fopen(filename, "w");
- if (f==NULL) {
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_OPEN_ADMCONF_WR, "Can not open adm.conf for writing"), NULL, NULL);
- }
-
- for (i=0; i < linecnt; i++) {
- fprintf(f, "%s", lines[i]);
- }
-
- fclose(f);
-
-}
-
-/*
* Modify userpassword in the DS
*/
static void update_ds(char *pwd) {
@@ -446,13 +393,8 @@
/* Initialize the pset */
- errorCode = ADMSSL_InitSimple();
- if (errorCode) {
- rpt_err(APP_ERROR, i18nMsg(DBT_SECURITY_INIT, "Security Initialization Failed"), NULL, NULL);
- }
-
pset = psetCreateSSL("admin-serv",
- /* configRoot */ NULL,
+ /* configRoot */ CONFIGDIR,
/* userDN */ binddn,
/* passwd */ bindpw,
/* errorcode */ &rv);
Index: config.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/config.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- config.c 31 Mar 2006 22:58:20 -0000 1.6
+++ config.c 9 May 2007 00:26:30 -0000 1.7
@@ -37,18 +37,23 @@
#include <errno.h>
#endif
#include <string.h>
-#include "libadmin/libadmin.h"
-#include "libadmin/install.h"
+
#include "libadminutil/resource.h"
#include "libadminutil/distadm.h"
#include "libadminutil/admutil.h"
#include "libadmsslutil/psetcssl.h"
#include "libadmsslutil/admsslutil.h"
+#include "libadmin/install.h"
+
+#include "config.h"
+
#ifdef XP_WIN32
#define EADDRINUSE WSAEADDRINUSE
#endif
+static char msgbuf[BUFSIZ]; /* ok - not threaded code */
+
/*
properties file name = "config.properties"
*/
@@ -81,12 +86,10 @@
#define DBT_ACCESSLOG_INVALID resource_key(RESOURCE_FILE, "23")
#define DBT_ERRORLOG_INVALID resource_key(RESOURCE_FILE, "24")
-static int update_adm_conf(char *newport);
-static int read_adm_conf();
+static char * read_conf(char *file, char *name);
static int update_conf(char *file, char *name, char *val);
static int validate_addr(char* ip);
static int validate_logfile(char* name);
-static int get_logfile_path(char *name, char *buf, size_t bufsize);
#ifdef XP_UNIX
static int rename_pidlog_file(PsetHndl pset, char* newname);
static int change_uid_all(char *dir, int curuid, int newuid);
@@ -100,7 +103,6 @@
int _ai = ADMUTIL_Init();
PsetHndl pset;
char *method;
- char *admroot = getenv("ADMSERV_ROOT");
int rv, cnt, i, j, x, errorCode;
int err;
int *errp = &err;
@@ -120,7 +122,6 @@
AttributeList resultList, updateList, addList, nvl;
AttrNameList nl;
AttributePtr nv;
- char resPath[256], *execPath;
char *acceptLanguage = (char*)"en";
Resource *i18nResource = NULL;
AdmldapInfo adminfo = NULL;
@@ -130,12 +131,8 @@
while (waitforever);
#endif
- execPath = getcwd(resPath, 256);
- if (execPath) {
- PL_strncpyz(resPath, execPath, sizeof(resPath));
- PL_strcatn(resPath, sizeof(resPath), "/property");
- i18nResource = res_init_resource(resPath, RESOURCE_FILE);
- }
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
+
valsbuf[0] = NULL;
valsbuf[1] = NULL;
@@ -147,7 +144,8 @@
/* non UI CGI */
if (i18nResource)
rpt_err(SYSTEM_ERROR,
- res_getstring(i18nResource, DBT_NO_METHOD, acceptLanguage),
+ res_getstring(i18nResource, DBT_NO_METHOD, acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
else rpt_err(SYSTEM_ERROR, "No method is specified", NULL, NULL);
}
@@ -159,7 +157,7 @@
if (i18nResource)
rpt_err(INCORRECT_USAGE,
res_getstring(i18nResource, DBT_NO_QUERY_STRING,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
else rpt_err(INCORRECT_USAGE, "NO QUERY_STRING DATA", NULL, NULL);
}
@@ -173,7 +171,8 @@
else {
if (i18nResource)
PR_snprintf(error_info, sizeof(error_info),
- res_getstring(i18nResource, DBT_UNKNOWN_METHOD, acceptLanguage),
+ res_getstring(i18nResource, DBT_UNKNOWN_METHOD, acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL),
method);
else PR_snprintf(error_info, sizeof(error_info), "Unknown Method (%s)", method);
rpt_err(INCORRECT_USAGE, error_info, NULL, NULL);
@@ -188,7 +187,7 @@
if (i18nResource)
rpt_err(ELEM_MISSING,
res_getstring(i18nResource, DBT_NO_USER_NAME,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
else rpt_err(ELEM_MISSING, "NO USER NAME", NULL, NULL);
}
@@ -200,7 +199,7 @@
if (i18nResource)
rpt_err(ELEM_MISSING,
res_getstring(i18nResource, DBT_NO_USER_DN,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
else rpt_err(ELEM_MISSING, "NO USER DN!", NULL, NULL);
}
@@ -213,7 +212,7 @@
if (i18nResource)
rpt_err(ELEM_MISSING,
res_getstring(i18nResource, DBT_NO_USER_DN,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
else rpt_err(ELEM_MISSING, "NO USER DN!", NULL, NULL);
}
@@ -222,28 +221,26 @@
if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw);
- if (admroot) {
- adminfo = admldapBuildInfo(admroot, &rv);
- if (adminfo) {
- binddn = admldapGetSIEDN(adminfo);
- bindpw = admldapGetSIEPWD(adminfo);
- }
+ adminfo = admldapBuildInfo(CONFIGDIR, &rv);
+ if (adminfo) {
+ binddn = admldapGetSIEDN(adminfo);
+ bindpw = admldapGetSIEPWD(adminfo);
}
- errorCode = ADMSSL_InitSimple();
+ errorCode = ADMSSL_InitSimple(CONFIGDIR, SECURITYDIR, 0);
if (errorCode) {
if (i18nResource)
rpt_err(APP_ERROR,
res_getstring(i18nResource,
DBT_SSL_INIT_ERROR,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
else rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL);
}
/* Initialize the pset */
pset = psetCreateSSL("admin-serv",
- /* configRoot */ NULL,
+ /* configRoot */ CONFIGDIR,
/* userDN */ binddn,
/* passwd */ bindpw,
/* errorcode */ &rv);
@@ -252,11 +249,11 @@
PR_snprintf(error_info, sizeof(error_info),
"PSET_ERROR_NUMBER: %d\nPSET_ERROR_INFO: %s",
rv,
- psetErrorString(rv, NULL));
+ psetErrorString(rv, NULL, msgbuf, sizeof(msgbuf), NULL));
if (i18nResource)
rpt_err(APP_ERROR,
res_getstring(i18nResource, DBT_PSET_CREATE_ERROR,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, error_info);
else rpt_err(APP_ERROR, "PSET Creation Failed", NULL, error_info);
}
@@ -271,7 +268,8 @@
psetDelete(pset);
if (i18nResource)
rpt_err(INCORRECT_USAGE,
- res_getstring(i18nResource, DBT_NO_OP, acceptLanguage),
+ res_getstring(i18nResource, DBT_NO_OP, acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
else rpt_err(INCORRECT_USAGE, "No operation defined", NULL, NULL);
}
@@ -285,7 +283,8 @@
else {
if (i18nResource)
PR_snprintf(error_info, sizeof(error_info),
- res_getstring(i18nResource, DBT_ILLEGAL_OP, acceptLanguage),
+ res_getstring(i18nResource, DBT_ILLEGAL_OP, acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL),
operation);
else PR_snprintf(error_info, sizeof(error_info), "Illegal operation defined (%s)", operation);
rpt_err(INCORRECT_USAGE, error_info, NULL, NULL);
@@ -299,7 +298,8 @@
psetDelete(pset);
if (i18nResource)
rpt_err(INCORRECT_USAGE,
- res_getstring(i18nResource, DBT_NO_ATTRS, acceptLanguage),
+ res_getstring(i18nResource, DBT_NO_ATTRS, acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
else rpt_err(INCORRECT_USAGE, "No attribute specified ", NULL, NULL);
}
@@ -328,11 +328,11 @@
PR_snprintf(error_info, sizeof(error_info),
"PSET_ERROR_NUMBER: %d\nPSET_ERROR_INFO: %s",
errorCode,
- psetErrorString(errorCode, NULL));
+ psetErrorString(errorCode, NULL, msgbuf, sizeof(msgbuf), NULL));
if (i18nResource)
rpt_err(APP_ERROR,
res_getstring(i18nResource, DBT_PSET_GET_ERROR,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, error_info);
else rpt_err(APP_ERROR, "PSET Get Failed", NULL, error_info);
}
@@ -343,29 +343,32 @@
if (i18nResource)
rpt_warning(WARNING,
res_getstring(i18nResource, DBT_PSET_PARTIAL_GET,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
else rpt_warning(WARNING, "Partial Get\n", NULL, NULL);
}
else {
psetDelete(pset);
+ pset = NULL;
if (i18nResource)
rpt_warning(APP_ERROR,
res_getstring(i18nResource, DBT_ATTR_NOT_EXIST,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
else rpt_err(APP_ERROR, "Attribute(s) does not exist", NULL, NULL);
}
}
else rpt_success(NULL);
- nvl = resultList;
- while (nv = *nvl++) {
- fprintf(stdout, "%s: %s\n",
- nv->attrName,
- nv->attrVal ? (nv->attrVal[0] ? nv->attrVal[0] : "") : "");
+ if (resultList) {
+ nvl = resultList;
+ while (nv = *nvl++) {
+ fprintf(stdout, "%s: %s\n",
+ nv->attrName,
+ nv->attrVal ? (nv->attrVal[0] ? nv->attrVal[0] : "") : "");
+ }
+ deleteAttributeList(resultList);
}
- deleteAttributeList(resultList);
#if 0
if (execPath) fprintf(stdout, "execPath: %s\n", execPath);
else fprintf(stdout, "execPath: EMPTY\n");
@@ -399,7 +402,7 @@
if (i18nResource)
PR_snprintf(error_info, sizeof(error_info),
res_getstring(i18nResource, DBT_ATTR_NO_VALUE,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
inputs[x]);
else PR_snprintf(error_info, sizeof(error_info), "Attribute[%s] does not have value",
inputs[x]);
@@ -412,7 +415,7 @@
if (i18nResource)
PR_snprintf(error_info, sizeof(error_info),
res_getstring(i18nResource, DBT_ATTR_NO_VALUE,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
inputs[x]);
else PR_snprintf(error_info, sizeof(error_info), "Attribute[%s] does not have value",
inputs[x]);
@@ -448,23 +451,23 @@
err = update_conf("console.conf", "Listen", valptr);
}
- if(err == 0) {
- err = update_adm_conf(valptr);
- }
-
if (err < 0)
{
psetDelete(pset);
if (i18nResource)
{
if (err == -1)
- PR_snprintf(error_info, sizeof(error_info), res_getstring(i18nResource, DBT_PORT_INVALID, acceptLanguage));
+ PR_snprintf(error_info, sizeof(error_info), res_getstring(i18nResource, DBT_PORT_INVALID, acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL));
else if (err == -2)
- PR_snprintf(error_info, sizeof(error_info), res_getstring(i18nResource, DBT_PORT_INUSE, acceptLanguage));
+ PR_snprintf(error_info, sizeof(error_info), res_getstring(i18nResource, DBT_PORT_INUSE, acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL));
else if (err == -3)
- PR_snprintf(error_info, sizeof(error_info), res_getstring(i18nResource, DBT_PORT_EACCESS, acceptLanguage));
+ PR_snprintf(error_info, sizeof(error_info), res_getstring(i18nResource, DBT_PORT_EACCESS, acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL));
else
- PR_snprintf(error_info, sizeof(error_info), res_getstring(i18nResource, DBT_PORT_NOT_AVAIL, acceptLanguage));
+ PR_snprintf(error_info, sizeof(error_info), res_getstring(i18nResource, DBT_PORT_NOT_AVAIL, acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL));
}
else
{
@@ -482,29 +485,41 @@
if (i18nResource)
PR_snprintf(error_info, sizeof(error_info),
res_getstring(i18nResource, DBT_ATTR_INVALID_VALUE,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
nameptr);
else PR_snprintf(error_info, sizeof(error_info), "Attribute[%s] has invalid value",
nameptr);
rpt_err(APP_ERROR, error_info, NULL, NULL);
}
else {
+ char line[BIG_LINE];
+ char *val = read_conf("console.conf", "Listen");
+ char *ptr = NULL;
+
+ if (val) {
+ ptr = strchr(val, ':');
+ }
+
+ if (ptr) {
+ ++ptr; /* ptr points to the start of the port number in host:port */
+ } else if (val) {
+ ptr = val; /* Listen only specifies the port number */
+ } else {
+ /* console.conf should always have Listen with the server port */
+ ptr = "80"; /* default httpd port? */
+ }
/*
If ip address is not defined, it means that server should
listen on all interfaces. This is dependant upon console
to always include the port string first.
*/
if (valptr && valptr[0] ) {
- char line[BIG_LINE];
- int port = read_adm_conf();
- PR_snprintf(line, sizeof(line), "%s:%d", valptr, port);
- err = update_conf("console.conf", "Listen", line);
+ PR_snprintf(line, sizeof(line), "%s:%s", valptr, ptr);
} else {
- char line[BIG_LINE];
- int port = read_adm_conf();
- PR_snprintf(line, sizeof(line), "%d", port);
- err = update_conf("console.conf", "Listen", line);
+ PR_snprintf(line, sizeof(line), "%s", ptr);
}
+ err = update_conf("console.conf", "Listen", line);
+ PL_strfree(val);
}
}
@@ -516,17 +531,15 @@
if (i18nResource)
PR_snprintf(error_info, sizeof(error_info),
res_getstring(i18nResource, DBT_ACCESSLOG_INVALID,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
nameptr);
else PR_snprintf(error_info, sizeof(error_info), "Invalid access log file specified");
rpt_err(APP_ERROR, error_info, NULL, NULL);
}
else {
- char newpath[BIG_LINE];
- char pathline[BIG_LINE];
- get_logfile_path(valptr, newpath, sizeof(newpath));
- PR_snprintf(pathline, sizeof(pathline), "%s %s", newpath, "common");
+ char *pathline = PR_smprintf("%s/%s %s", LOGDIR, valptr, "common");
err = update_conf("console.conf", "CustomLog", pathline);
+ PR_smprintf_free(pathline);
}
}
@@ -538,14 +551,13 @@
if (i18nResource)
PR_snprintf(error_info, sizeof(error_info),
res_getstring(i18nResource, DBT_ERRORLOG_INVALID,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
nameptr);
else PR_snprintf(error_info, sizeof(error_info), "Invalid error log file specified");
rpt_err(APP_ERROR, error_info, NULL, NULL);
}
else {
- char newpath[BIG_LINE];
- get_logfile_path(valptr, newpath, sizeof(newpath));
+ char *newpath = PR_smprintf("%s/%s", LOGDIR, valptr);
err = update_conf("console.conf", "ErrorLog", newpath);
}
}
@@ -588,11 +600,11 @@
PR_snprintf(error_info, sizeof(error_info),
"PSET_ERROR_NUMBER: %d\nPSET_ERROR_INFO: %s\n",
errorCode,
- psetErrorString(errorCode, NULL));
+ psetErrorString(errorCode, NULL, msgbuf, sizeof(msgbuf), NULL));
if (i18nResource)
rpt_err(APP_ERROR,
res_getstring(i18nResource, DBT_PSET_SET_ERROR,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, error_info);
else rpt_err(APP_ERROR, "PSET Set Failed", NULL, error_info);
}
@@ -605,14 +617,15 @@
addList[i]->attrVal);
if (errorCode) {
psetDelete(pset);
+ pset = NULL;
PR_snprintf(error_info, sizeof(error_info),
"PSET_ERROR_NUMBER: %d\nPSET_ERROR_INFO: %s\n",
errorCode,
- psetErrorString(errorCode, NULL));
+ psetErrorString(errorCode, NULL, msgbuf, sizeof(msgbuf), NULL));
if (i18nResource)
rpt_err(APP_ERROR,
res_getstring(i18nResource, DBT_PSET_ADD_ERROR,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, error_info);
else rpt_err(APP_ERROR, "PSET Add Failed", NULL, error_info);
}
@@ -622,10 +635,11 @@
else {
if (j) {
psetDelete(pset);
+ pset = NULL;
if (i18nResource)
rpt_err(APP_ERROR,
res_getstring(i18nResource, DBT_PSET_SET_NOT_EXIST,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
else rpt_err(APP_ERROR,
"PSET SET OP Failed for setting non-existing attribute",
@@ -648,85 +662,34 @@
/*
- * Modify Port in adm.conf
- */
-static int update_adm_conf(char *newport) {
-
- FILE *f;
- int i, modified=0;
- static char filename[BIG_LINE];
- static char inbuf[BIG_LINE];
- static char buf[BIG_LINE];
- int linecnt=0;
- char *lines[50];
-
- PR_snprintf(filename, sizeof(filename), "%s/adm.conf", getenv("ADMSERV_ROOT"));
-
- f = fopen(filename, "r");
- if (f==NULL) {
- rpt_err(SYSTEM_ERROR, "Can not open adm.conf for reading", NULL, NULL);
- }
-
- while(fgets(inbuf, sizeof(inbuf), f) != NULL) {
- if (strncasecmp(inbuf,"port:",5) == 0) { /* Line starts with "Port:" */
- PR_snprintf(buf, sizeof(buf), "port: %s\n", newport);
- lines[linecnt++] = strdup(buf);
- modified=1;
- }
- else {
- lines[linecnt++] = strdup(inbuf);
- }
- }
- fclose(f);
-
- if (!modified) { /* Add the Port attribute */
- PR_snprintf(buf, sizeof(buf), "Port: %s\n", newport);
- lines[linecnt++] = strdup(buf);
- }
-
- f = fopen(filename, "w");
- if (f==NULL) {
- fclose(f);
- rpt_err(SYSTEM_ERROR, "Can not open adm.conf for writing", NULL, NULL);
- }
-
- for (i=0; i < linecnt; i++) {
- fprintf(f, "%s", lines[i]);
- }
-
- fclose(f);
-
- return 0;
-
-}
-
-/*
- * Get Port from adm.conf
+ * Get Val from the specified conf file
+ * The returned value is allocated - caller must free
*/
-static int read_adm_conf() {
-
+static char * read_conf(char *file, char *name) {
FILE *f;
static char filename[BIG_LINE];
static char inbuf[BIG_LINE];
- static int port = -1;
+ char * retval = NULL;
- PR_snprintf(filename, sizeof(filename), "%s/adm.conf", getenv("ADMSERV_ROOT"));
+ util_find_file_in_paths(filename, sizeof(filename), file, CONFIGDIR, "", "admin-serv/config");
f = fopen(filename, "r");
if (f==NULL) {
- rpt_err(SYSTEM_ERROR, "Can not open adm.conf for reading", NULL, NULL);
+ char msg[BIG_LINE];
+ PR_snprintf(msg, BIG_LINE, "Cannot open file %s for reading", filename);
+ rpt_err(SYSTEM_ERROR, msg, NULL, NULL);
}
while(fgets(inbuf, sizeof(inbuf), f) != NULL) {
- if (strncasecmp(inbuf,"port:",5) == 0) { /* Line starts with "Port:" */
- char *p = strtok(inbuf, ":");
- p = strtok(NULL, ":");
- port = atoi(p);
+ if (strncasecmp(inbuf,name,strlen(name)) == 0) { /* Line starts with name */
+ char *p = strtok(inbuf, " ");
+ p = strtok(NULL, " ");
+ retval = PL_strdup(p);
}
}
fclose(f);
- return port;
+ return retval;
}
#define CONF_LINES 16*1024
@@ -743,12 +706,8 @@
static char buf[BIG_LINE];
int linecnt=0;
char *lines[CONF_LINES];
- char *admserv = getenv("ADMSERV_ROOT");
-
- if (!admserv)
- return 1;
- PR_snprintf(filename, sizeof(filename), "%s/%s", admserv, file);
+ util_find_file_in_paths(filename, sizeof(filename), file, CONFIGDIR, "", "admin-serv/config");
f = fopen(filename, "r");
if (f==NULL) {
@@ -805,18 +764,22 @@
static int rename_pidlog_file(PsetHndl pset, char* newname) {
char oldpath[BIG_LINE];
char newpath[BIG_LINE];
- char *sroot = getenv("NETSITE_ROOT");
int errorCode;
+ if (!newname || !*newname ||
+ !util_is_valid_path_string(newname)) {
+ return 0;
+ }
+
char *oldname = psetGetAttrSingleValue(pset,
"configuration.nsPidLog",
&errorCode);
if (oldname != NULL && strcmp(oldname, newname) != 0) {
- PR_snprintf(oldpath, sizeof(oldpath), "%s/%s", sroot, oldname);
- PR_snprintf(newpath, sizeof(newpath), "%s/%s", sroot, newname);
- if(rename (oldpath, newpath) == 0)
- return 1;
- return update_conf("console.conf", "PidFile", newname);
+ PR_snprintf(oldpath, sizeof(oldpath), "%s/%s", PIDDIR, oldname);
+ PR_snprintf(newpath, sizeof(newpath), "%s/%s", PIDDIR, newname);
+ if(rename (oldpath, newpath) != 0)
+ return 0;
+ return !update_conf("console.conf", "PidFile", newname);
}
else return 1;
}
@@ -864,77 +827,53 @@
/*
* Verify if newuname can be used as the admin server uid. The new uid must
- * belong to the SuiteSpot administrator group (recorded in ssusers.conf)
+ * belong to the sysgroup (recorded in adm.conf)
*
* Returns error : -1
* ok : uid for the newuname
*/
#ifdef XP_UNIX
static int verify_server_uname(char *newuname) {
-
- FILE *f;
- int i=0, ssgrp_found=0, grmem_found=0;
- static char filename[BIG_LINE];
- static char linebuf[BIG_LINE];
- static char buf[BIG_LINE];
+ AdmldapInfo admInfo = NULL;
char *grpname;
struct group *grp;
struct passwd *pwd;
+ int errorcode = 0;
+ int i = 0;
+ int grmem_found = 0;
+ char buf[BUFSIZ];
- /*
- * Read 'SuiteSpotGroup' attribute from
- * <server-root>/shared/config/ssusers.conf
- */
- PR_snprintf(filename, sizeof(filename), "%s/shared/config/ssusers.conf", getenv("NETSITE_ROOT"));
-
- f = fopen(filename, "r");
- if (f==NULL) {
- rpt_err(SYSTEM_ERROR, "Can not open ssusers.conf for reading", NULL, NULL);
+ admInfo = admldapBuildInfoOnly(CONFIGDIR, &errorcode);
+ if (!admInfo || errorcode) {
+ rpt_err(SYSTEM_ERROR, "Can not open adm.conf for reading", NULL, NULL);
return -1;
}
- while(fgets(linebuf, sizeof(linebuf), f) != NULL) {
-
- /* Remove newline ch */
- if (linebuf[strlen(linebuf)-1] == '\n') {
- linebuf[strlen(linebuf)-1]=0;
- }
-
- if ( (grpname = strchr(linebuf, '\t')) == NULL) {
- fclose(f);
- rpt_err(SYSTEM_ERROR, "Bad format for ssusers.conf entries", NULL, NULL);
- return -1;
- }
-
- *grpname++=0;
-
- if (strcasecmp(linebuf,"SuiteSpotGroup") == 0) {
- ssgrp_found=1;
- break;
- }
- }
- fclose(f);
+ grpname = admldapGetSysGroup(admInfo); /* makes a copy */
+ destroyAdmldap(admInfo);
- if (!ssgrp_found) {
- rpt_err(SYSTEM_ERROR, "SuiteSpotGroup not found in ssusers.conf", NULL, NULL);
+ if (!grpname) {
+ rpt_err(SYSTEM_ERROR, "sysgropup not found in adm.conf", NULL, NULL);
return -1;
}
grp = getgrnam(grpname);
if (grp == NULL) {
- PR_snprintf(buf, sizeof(buf), "SuiteSpotGroup '%s' does not exist", grpname);
+ PR_snprintf(buf, sizeof(buf), "sysgroup '%s' does not exist", grpname);
rpt_err(SYSTEM_ERROR, buf, NULL, NULL);
+ PL_strfree(grpname);
return -1;
}
/*
- * newuname must belong to the SuiteSpot group
+ * newuname must belong to the admin server group
*/
pwd = getpwnam(newuname);
if (pwd == NULL) {
PR_snprintf(buf, sizeof(buf), "Can not change Server UID, "
"User '%s' does not exist", newuname);
rpt_err(INCORRECT_USAGE, buf, NULL, NULL);
+ PL_strfree(grpname);
return -1;
}
@@ -948,13 +887,14 @@
if (!grmem_found && pwd->pw_gid != grp->gr_gid) {
PR_snprintf(buf, sizeof(buf), "Can not change Server UID, "
- "User '%s' does not belong to the SuiteSpot Group '%s'", newuname, grpname);
+ "User '%s' does not belong to the group '%s'", newuname, grpname);
rpt_err(INCORRECT_USAGE, buf, NULL, NULL);
+ PL_strfree(grpname);
return -1;
}
+ PL_strfree(grpname);
return pwd->pw_uid;
-
}
#endif
@@ -1081,26 +1021,21 @@
*/
static int validate_logfile(char *name) {
FILE *f;
- char fullname[BIG_LINE];
+ char *fullname;
+
+ if (!name || !*name ||
+ !util_is_valid_path_string(name)) {
+ return 0; /* error */
+ }
- get_logfile_path(name, fullname, sizeof(fullname));
+ fullname = PR_smprintf("%s/%s", LOGDIR, name);
f = fopen(fullname, "a+");
+ PR_smprintf_free(fullname);
if (f != NULL) {
fclose(f);
return 1; /* ok*/
}
- return 0; /* error */
-}
-
-static int get_logfile_path(char *name, char *buf, size_t bufsize) {
-
- if (name[0] == '/') {
- PR_snprintf(buf, bufsize,"%s",name);
- }
- else {
- PR_snprintf(buf, bufsize,"%s/%s", getenv("NETSITE_ROOT"), name);
- }
- return 0;
+ return 0; /* error */
}
Index: download.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/download.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- download.c 12 May 2006 00:41:29 -0000 1.6
+++ download.c 9 May 2007 00:26:30 -0000 1.7
@@ -65,12 +65,11 @@
# define STRDUP strdup
#endif
+#include "config.h"
+
#define PATH_LENGTH 1024
-#define MAX_NUM_DOWNLOADS 32
-#define MENU_BLOCK "<download_menu_block>"
-#define MENU_BLOCK_CLOSE "</download_menu_block>"
-#define MENU_OPTIONS_BLOCK "<download_menu_options>"
+#define MYHTMLFILE "admserv.html"
#define DSGW_BLOCK "<dsgw_menu_block>"
#define DSGW_BLOCK_CLOSE "</dsgw_menu_block>"
@@ -95,100 +94,16 @@
exit(0);
}
-static int
-dsgw_exists ()
-{
- char *serverroot = NULL;
- char path[PATH_LENGTH];
- SYS_DIR *dp1;
-
- if (!(serverroot = getenv("NETSITE_ROOT")))
- error_exit("NETSITE_ROOT not found");
-
- /* Check whether dsgw is installed */
- safe_snprintf(path, sizeof(path), "%s%cdsgw", serverroot, FILE_SEP);
-
- if (!(dp1 = dir_open(path)))
- {
- return 0;
- }
-
- dir_close(dp1);
- return 1;
-}
-
-static int
-populate_download_menu(char *platforms[], char *paths[])
-{
- int baselen;
- char path[PATH_LENGTH];
- char line[PATH_LENGTH];
- char *serverroot = NULL;
- SYS_DIR *dp1, *dp2;
- SYS_DIRENT *ep1, *ep2;
- int count = 0;
-
- if (!(serverroot = getenv("NETSITE_ROOT")))
- error_exit("NETSITE_ROOT not found");
-
- /* build list of supported downloads of the form <sr>/dist/<OSname>/n*.zip */
-
- safe_snprintf(path, sizeof(path), "%s%cdist", serverroot, FILE_SEP);
-
- baselen = strlen(path);
-
- if (!(dp1 = dir_open(path)))
- error_exit("Unable to open NETSITE_ROOT/dist");
-
- while ((ep1 = dir_read(dp1)))
- {
- /* don't check anything starting with . */
- if (dir_name(ep1)[0] == '.')
- continue;
-
- /* check if this is a dir and has an executable */
- safe_snprintf(&(path[baselen]), sizeof(path) - baselen, "%c%s", FILE_SEP, dir_name(ep1));
- if (!(dp2 = dir_open(path)))
- continue;
-
- while ((ep2 = dir_read(dp2)))
- {
- if (dir_name(ep2)[0] == '.')
- continue;
-
- if (!STRNCASECMP(dir_name(ep2), "uxmcc", 5) ||
- !STRNCASECMP(dir_name(ep2), "ntmcc", 5) ||
- !STRNCASECMP(dir_name(ep2), "winmcc", 6))
- {
- platforms[count] = STRDUP(dir_name(ep1));
- safe_snprintf(line, sizeof(line), "%s:%s", dir_name(ep1), dir_name(ep2));
- paths[count++] = STRDUP(line);
- }
- }
-
- dir_close(dp2);
- }
-
- dir_close(dp1);
-
- return (count);
-}
-
int
main(int argc, char *argv[])
{
- char *platforms[MAX_NUM_DOWNLOADS];
- char *paths[MAX_NUM_DOWNLOADS];
char line[PATH_LENGTH];
FILE *html;
- int count, i, menublock, dsgwblock, has_dsgw;
+ int i, dsgwblock, has_dsgw;
char *acceptLanguage = NULL;
char *loc;
- memset(platforms, 0, MAX_NUM_DOWNLOADS * sizeof(char *));
- memset(paths, 0, MAX_NUM_DOWNLOADS * sizeof(char *));
- count = populate_download_menu(platforms, paths);
- has_dsgw = dsgw_exists();
+ has_dsgw = 1; /* hardcoded for now until we can figure out a better mechanism */
acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE");
if (acceptLanguage == NULL)
@@ -202,7 +117,8 @@
loc = strtok(strdup(acceptLanguage), ",");
while (1)
{
- safe_snprintf(line, sizeof(line), "..%cjava%chtml%c%c%c%cstart-console.html", FILE_SEP, FILE_SEP, FILE_SEP, loc[0],loc[1],FILE_SEP);
+ safe_snprintf(line, sizeof(line), "%s%c%c%c%c%s",
+ HTMLDIR, FILE_SEP, loc[0],loc[1], FILE_SEP, MYHTMLFILE);
if ((html = fopen(line, "r")) != NULL)
{
break;
@@ -212,10 +128,11 @@
loc = strtok(NULL, ", ");
if (loc == NULL)
{
- safe_snprintf(line, sizeof(line), "..%cjava%chtml%cstart-console.html", FILE_SEP, FILE_SEP, FILE_SEP);
+ safe_snprintf(line, sizeof(line), "%s%c%s",
+ HTMLDIR, FILE_SEP, MYHTMLFILE);
if ((html = fopen(line, "r")) == NULL)
{
- error_exit("start-console.html not found");
+ error_exit(MYHTMLFILE " not found");
}
break;
}
@@ -224,47 +141,29 @@
printf("Content-type: text/html\n\n");
- menublock = 0;
dsgwblock = 0;
while (fgets(line, PATH_LENGTH, html))
{
- if (!STRNCASECMP(line, MENU_BLOCK, strlen(MENU_BLOCK)))
- {
- menublock = 1;
- continue;
- }
- else if (!STRNCASECMP(line, DSGW_BLOCK, strlen(DSGW_BLOCK)))
+ if (!STRNCASECMP(line, DSGW_BLOCK, strlen(DSGW_BLOCK)))
{
dsgwblock = 1;
continue;
}
- if (!STRNCASECMP(line, MENU_BLOCK_CLOSE, strlen(MENU_BLOCK_CLOSE)))
- {
- menublock = 0;
- continue;
- }
- else if (!STRNCASECMP(line, DSGW_BLOCK_CLOSE, strlen(DSGW_BLOCK_CLOSE)))
+ if (!STRNCASECMP(line, DSGW_BLOCK_CLOSE, strlen(DSGW_BLOCK_CLOSE)))
{
dsgwblock =0;
continue;
}
- if (!STRNCASECMP(line, MENU_OPTIONS_BLOCK, strlen(MENU_OPTIONS_BLOCK)))
- {
- for (i = 0 ; i < count ; i++)
- printf("<option value='%s'>%s\n", paths[i], platforms[i]);
- continue;
- }
-
- if (!menublock && !dsgwblock)
+ if (!dsgwblock)
{
printf("%s", line);
continue;
}
- if ((menublock && count > 0) || (dsgwblock && has_dsgw))
+ if (dsgwblock && has_dsgw)
printf("%s", line);
}
Index: dsconfig.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/dsconfig.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- dsconfig.c 11 May 2006 14:29:30 -0000 1.6
+++ dsconfig.c 9 May 2007 00:26:30 -0000 1.7
@@ -26,20 +26,19 @@
*/
/*
- * Default Directory Server setting get/set. Read/modify DS ldap url from dbswitch.conf
+ * Default Directory Server setting get/set. Read/modify DS ldap url from adm.conf
*
* Get Operation
* in: op=getconfig
* out: dsconfig.host=<host from DS ldap url>
* out: dsconfig.port=<port from DS ldap url>
* out: dsconfig.basedn=<dn from DS ldap url>
- * out: dsconfig.sll= 'true' if ldaps used, 'false' if ldap used
+ * out: dsconfig.ssl= 'true' if ldaps used, 'false' if ldap used
*
* Set Operation
* in:op=setconfig&dsconfig.host=<host>&dsconfig.port=<port>&
- * dsconfig.basedn=<basedn>&dsconfig.ssl=<true|false>
- * 1) modify DS ldap url in dbswitch.conf with supplied parameters
- * 2) modify ldapHost: and ldapPort: in adm.conf
+ * dsconfig.ssl=<true|false>
+ * 1) modify DS ldap url in adm.conf with supplied parameters
*/
#include "libadmin/libadmin.h"
@@ -58,6 +57,8 @@
#include "libadmsslutil/certmgt.h"
#include "cert.h"
+#include "config.h"
+
/*#ifdef XP_WIN32
#define strcasecmp stricmp
#define strncasecmp _strnicmp
@@ -66,8 +67,7 @@
static void handle_getconfig();
static void handle_setconfig();
static char *create_new_ldapurl(char *new_host, int new_port, char *new_basedn, int new_ssl);
-static void update_adm_conf(char *ldapHost, int ldapPort, char *sieDN, char *isieDN);
-static void update_dbswitch_conf(char *ldapURL);
+static void update_adm_conf(char *ldapURL, char *sieDN, char *isieDN);
static char *nonull_value(char *str);
@@ -81,8 +81,12 @@
if (!log_enabled) return;
+ if (!util_get_log_dir()) {
+ return;
+ }
+
if (logfp==NULL) {
- PR_snprintf(logfile, sizeof(logfile), "%s/../logs/dsconfig.dbg", getenv("ADMSERV_ROOT"));
+ PR_snprintf(logfile, sizeof(logfile), "%s/dsconfig.dbg", util_get_log_dir());
logfp = fopen(logfile, "w");
}
@@ -107,19 +111,13 @@
#define DBT_NO_QUERY_STRING resource_key(RESOURCE_FILE, "3")
#define DBT_NO_OPERATION resource_key(RESOURCE_FILE, "4")
#define DBT_UNKNOWN_OPERATION resource_key(RESOURCE_FILE, "5")
-#define DBT_RD_DBSWITCH resource_key(RESOURCE_FILE, "6")
-#define DBT_BAD_DBSWITCH resource_key(RESOURCE_FILE, "7")
-#define DBT_BAD_LDAPURL resource_key(RESOURCE_FILE, "8")
#define DBT_BAD_PORT resource_key(RESOURCE_FILE, "9")
#define DBT_NO_CERTDB resource_key(RESOURCE_FILE, "10")
#define DBT_OPEN_CERTDB resource_key(RESOURCE_FILE, "11")
#define DBT_BAD_SSL resource_key(RESOURCE_FILE, "12")
-#define DBT_OPEN_DBSWITCH_RD resource_key(RESOURCE_FILE, "13")
-#define DBT_NO_DBHANDLE resource_key(RESOURCE_FILE, "14")
-#define DBT_OPEN_DBSWITCH_WR resource_key(RESOURCE_FILE, "15")
#define DBT_OPEN_ADM_RD resource_key(RESOURCE_FILE, "16")
-#define DBT_NO_LDAPHOST resource_key(RESOURCE_FILE, "17")
-#define DBT_NO_LDAPPORT resource_key(RESOURCE_FILE, "18")
+#define DBT_NO_LDAPURL resource_key(RESOURCE_FILE, "17")
+#define DBT_BAD_LDAPURL resource_key(RESOURCE_FILE, "18")
#define DBT_OPEN_ADM_WR resource_key(RESOURCE_FILE, "19")
#define DBT_NO_SIE resource_key(RESOURCE_FILE, "20")
#define DBT_NO_ISIE resource_key(RESOURCE_FILE, "21")
@@ -129,13 +127,8 @@
static Resource *i18nResource = NULL;
static void i18nInit() {
- char resPath[256], *execPath;
- execPath = getcwd(resPath, 256);
- if (execPath) {
- PL_strncpyz(resPath, execPath, sizeof(resPath));
- PL_strcatn(resPath, sizeof(resPath), "/property");
- i18nResource = res_init_resource(resPath, RESOURCE_FILE);
- }
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
+
if (getenv("HTTP_ACCEPT_LANGUAGE")) {
acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE");
}
@@ -147,9 +140,10 @@
}
static const char *i18nMsg(char *msgid, char *defaultMsg) {
const char *msg=NULL;
+ static char msgbuf[BUFSIZ]; /* ok - not threaded code */
if (i18nResource) {
- msg = res_getstring(i18nResource, msgid, acceptLanguage);
+ msg = res_getstring(i18nResource, msgid, acceptLanguage, msgbuf, sizeof(msgbuf), NULL);
}
if (msg == NULL) {
msg = (const char*)defaultMsg;
@@ -169,7 +163,6 @@
int _ai=ADMUTIL_Init();
char *method = getenv("REQUEST_METHOD");
- char *root = getenv("NETSITE_ROOT");
char *qs = 0, *op=0;
char error_info[128];
@@ -224,41 +217,47 @@
return 0;
}
+static char *
+get_ldap_url()
+{
+ char *ldapurl = NULL;
+ int errorcode = 0;
+ AdmldapInfo admInfo = NULL;
+
+ logMsg("In get_ldap_url\n");
+ admInfo = admldapBuildInfoOnly(CONFIGDIR, &errorcode);
+ if (!admInfo || errorcode) {
+ logMsg("Could not get ldap info from config - %d", errorcode);
+ return NULL;
+ }
+ ldapurl = admldapGetDirectoryURL(admInfo); /* returns a copy */
+ destroyAdmldap(admInfo);
+
+ logMsg("Finished get_ldap_url, url is %s\n", ldapurl);
+
+ return ldapurl;
+}
/*
* Return current ldap url setting
*/
static void handle_getconfig()
{
- DBConfDBInfo_t *db_info;
int rc;
LDAPURLDesc *ludp;
- char dbswitch_file[BIG_LINE];
+ char *ldapurl = NULL;
logMsg("In handle_getconfig\n");
- PR_snprintf(dbswitch_file, sizeof(dbswitch_file), "%s/shared/config/dbswitch.conf", getenv("NETSITE_ROOT"));
-
- logMsg("dbswitch=%s\n", dbswitch_file);
-
- if (( rc = dbconf_read_default_dbinfo(dbswitch_file, &db_info ))!= LDAPU_SUCCESS ) {
- logMsg("dbconf_read_default_dbinfo(%s), rc=%d\n", dbswitch_file, rc);
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_RD_DBSWITCH, "Failed to read dbswitch.conf"), NULL, NULL);
- }
- if ( db_info == NULL ) {
- logMsg("dbconf_read_default_dbinfo(), returned db_info=NULL\n");
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_RD_DBSWITCH, "Failed to read dbswitch.conf"), NULL, NULL);
- }
+ ldapurl = get_ldap_url();
+ logMsg("baseurl=%s\n", ldapurl);
- if ( strcasecmp( db_info->dbname, DBCONF_DEFAULT_DBNAME ) != 0 ) {
- logMsg("db_info->dbname is '%s', expecting '%s'\n", db_info->dbname, DBCONF_DEFAULT_DBNAME);
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_BAD_DBSWITCH, "Bad content/format of dbswitch.conf"), NULL, NULL);
- }
- logMsg("baseurl=%s\n", db_info->url);
-
- if (( rc = ldap_url_parse( db_info->url, &ludp )) != 0 ) {
- logMsg("ldap_url_parse(%s) failed, rc=%d\n", db_info->url, rc);
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_BAD_LDAPURL,"Bad ldap url in dbswitch.conf"), NULL, NULL);
+ if (( rc = ldap_url_parse( ldapurl, &ludp )) != 0 ) {
+ char error_info[128];
+ PR_snprintf(error_info, sizeof(error_info),
+ i18nMsg(DBT_BAD_LDAPURL, "LDAP URL (%s) is invalid"), ldapurl);
+ logMsg("ldap_url_parse(%s) failed, rc=%d\n", ldapurl, rc);
+ rpt_err(SYSTEM_ERROR, error_info, NULL, NULL);
}
else {
int ssl;
@@ -282,46 +281,22 @@
fprintf(stdout, "NMC_Status: 0\n");
}
-}
-
-/* return true if all of the chars in s are valid chars for use in
- file and directory names, and false otherwise. This means that
- the string must begin with a letter or number, and must contain
- letters, numbers, '-' and '_'.
-*/
-static int
-is_valid_path_string(const char *s)
-{
- int ret = 0;
- if (s) {
- if (isalnum(*s)) {
- ret = 1;
- for(; ret && *s; ++s) {
- ret = isalnum(*s) || (*s == '-') || (*s == '_');
- }
- }
- }
- return ret;
+ PL_strfree(ldapurl);
}
/*
* Modify ldap url setting
*/
static void handle_setconfig() {
- char *sieDN=NULL, *isieDN=NULL, *host=NULL, *basedn=NULL, *ldapURL=NULL, *port_s=NULL, *ssl_s=NULL, *alias=NULL;
+ char *sieDN=NULL, *isieDN=NULL, *host=NULL, *basedn=NULL, *ldapURL=NULL, *port_s=NULL, *ssl_s=NULL;
int ssl=-1, port=-1;
- char keyfile[512], certfile[512];
- /* basedn can not be changed any more Miodrag 08/21/98
- basedn = get_cgi_var( "dsconfig.basedn", NULL, NULL );
- */
sieDN = get_cgi_var( "dsconfig.sieDN", NULL, NULL );
isieDN = get_cgi_var( "dsconfig.isieDN", NULL, NULL );
host = get_cgi_var( "dsconfig.host", NULL, NULL );
port_s = get_cgi_var( "dsconfig.port", NULL, NULL );
ssl_s = get_cgi_var( "dsconfig.ssl", NULL, NULL );
- alias = get_cgi_var( "dsconfig.alias", NULL, NULL );
if (port_s != NULL) {
port = atoi( port_s);
@@ -331,19 +306,7 @@
}
if (ssl_s != NULL) {
if (strcasecmp(ssl_s, "true") == 0) {
- if(!alias)
- rpt_err(INCORRECT_USAGE, i18nMsg(DBT_NO_CERTDB,"No certificate database specified for LDAP/SSL usage!"), NULL, NULL);
- if (!is_valid_path_string(alias)) {
- rpt_err(INCORRECT_USAGE, i18nMsg(DBT_NO_CERTDB,"Invalid alias prefix for certificate database specified for LDAP/SSL usage!"), NULL, NULL);
- }
ssl = 1;
- PR_snprintf(keyfile, sizeof(keyfile), "alias%c%s-key3.db",
- FILE_PATHSEP,
- alias);
- PR_snprintf(certfile, sizeof(certfile), "alias%c%s-cert8.db",
- FILE_PATHSEP,
- alias);
- set_security(NULL, getenv("NETSITE_ROOT"), NULL, certfile, keyfile);
}
else if (strcasecmp(ssl_s, "false") == 0) {
ssl = 0;
@@ -358,8 +321,7 @@
logMsg("new ldap url = %s", nonull_value(ldapURL));
if (ldapURL != NULL) {
- update_dbswitch_conf(ldapURL);
- update_adm_conf(host, port, sieDN, isieDN);
+ update_adm_conf(ldapURL, sieDN, isieDN);
fprintf(stdout, "Content-type: text/html\n\n");
fprintf(stdout, "NMC_Status: 0\n");
@@ -372,35 +334,20 @@
*/
static char* create_new_ldapurl(char *new_host, int new_port, char *new_basedn, int new_ssl)
{
- DBConfDBInfo_t *db_info;
int rc;
LDAPURLDesc *ludp;
int sslflag;
char url[BIG_LINE];
+ char *curldapurl = NULL;
char *host, *basedn, *ssl;
int port;
- char dbswitch_file[BIG_LINE];
- PR_snprintf(dbswitch_file, sizeof(dbswitch_file), "%s/shared/config/dbswitch.conf", getenv("NETSITE_ROOT"));
+ curldapurl = get_ldap_url();
+ logMsg("baseurl=%s\n", curldapurl);
- if (( rc = dbconf_read_default_dbinfo(dbswitch_file, &db_info ))!= LDAPU_SUCCESS ) {
- logMsg("dbconf_read_default_dbinfo(%s), rc=%d\n", dbswitch_file, rc);
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_RD_DBSWITCH,"Failed to read dbswitch.conf"), NULL, NULL);
- }
- if ( db_info == NULL ) {
- logMsg("dbconf_read_default_dbinfo(), returned db_info=NULL\n");
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_RD_DBSWITCH,"Failed to read dbswitch.conf"), NULL, NULL);
- }
-
- if ( strcasecmp( db_info->dbname, DBCONF_DEFAULT_DBNAME ) != 0 ) {
- logMsg("db_info->dbname is '%s', expecting '%s'\n", db_info->dbname, DBCONF_DEFAULT_DBNAME);
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_BAD_DBSWITCH,"Bad content/format of dbswitch.conf"), NULL, NULL);
- }
- logMsg("baseurl=%s\n", db_info->url);
-
- if (( rc = ldap_url_parse( db_info->url, &ludp )) != 0 ) {
- logMsg("ldap_url_parse(%s) failed, rc=%d\n", db_info->url, rc);
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_BAD_LDAPURL,"Bad ldap url in dbswitch.conf"), NULL, NULL);
+ if (( rc = ldap_url_parse( curldapurl, &ludp )) != 0 ) {
+ logMsg("ldap_url_parse(%s) failed, rc=%d\n", curldapurl, rc);
+ rpt_err(SYSTEM_ERROR, i18nMsg(DBT_BAD_LDAPURL,"Bad ldap url in adm.conf"), NULL, NULL);
}
else {
@@ -413,136 +360,42 @@
PR_snprintf(url, sizeof(url), "ldap%s://%s:%d/%s", ssl, host, port, basedn);
}
+ PL_strfree(curldapurl);
return strdup(url);
}
-static char inbuf[BIG_LINE];
-
-/*
- * Modify dbswitch.conf
- */
-static void update_dbswitch_conf(char *ldapURL) {
-
- FILE *f;
- int i, modified=0;
- static char filename[BIG_LINE];
- char buf[80];
- int linecnt=0;
- char *lines[100];
-
-
- PR_snprintf(filename, sizeof(filename), "%s/shared/config/dbswitch.conf", getenv("NETSITE_ROOT"));
-
- f = fopen(filename, "r");
- if (f==NULL) {
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_OPEN_DBSWITCH_RD,"Can not open dbswitch.conf for reading"), NULL, NULL);
- }
-
- while(fgets(inbuf, sizeof(inbuf), f) != NULL) {
- if (strncasecmp(inbuf,"directory default ", strlen("directory default ")) == 0) {
- PR_snprintf(buf, sizeof(buf), "directory default %s\n", ldapURL);
- lines[linecnt++] = strdup(buf);
- modified=1;
- }
- else {
- lines[linecnt++] = strdup(inbuf);
- }
-
- }
- fclose(f);
-
- if (!modified) {
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_NO_DBHANDLE,"Dbhandle 'default' not found in dbswitch.conf"), NULL, NULL);
- }
-
-
- f = fopen(filename, "w");
- if (f==NULL) {
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_OPEN_DBSWITCH_WR,"Can not open dbswitch.conf for writing"), NULL, NULL);
- return;
- }
-
- for (i=0; i < linecnt; i++) {
- fprintf(f, "%s", lines[i]);
- }
-
- fclose(f);
-
-}
-
/*
* Modify adm.conf
*/
-static void update_adm_conf(char *ldapHost, int ldapPort, char *sieDN, char *isieDN) {
-
- FILE *f;
- int i, modifiedHost=0, modifiedPort=0, modifiedSIE=0, modifiedISIE=0;
- static char filename[BIG_LINE];
- char buf[500];
- int linecnt=0;
- char *lines[50];
-
- PR_snprintf(filename, sizeof(filename), "%s/adm.conf", getenv("ADMSERV_ROOT"));
-
- f = fopen(filename, "r");
- if (f==NULL) {
+static void update_adm_conf(char *ldapURL, char *sieDN, char *isieDN) {
+ AdmldapInfo admInfo = NULL;
+ int errorcode = 0;
+
+ /* get a handle to the current one */
+ admInfo = admldapBuildInfoOnly(CONFIGDIR, &errorcode);
+ if (!admInfo || errorcode) {
rpt_err(SYSTEM_ERROR, i18nMsg(DBT_OPEN_ADM_RD, "Can not open adm.conf for reading"), NULL, NULL);
}
- while(fgets(inbuf, sizeof(inbuf), f) != NULL) {
- if (strstr(inbuf,"ldapHost:") == inbuf) { /* Line starts with "ldapHost:" */
- PR_snprintf(buf, sizeof(buf), "ldapHost: %s\n", ldapHost);
- lines[linecnt++] = strdup(buf);
- modifiedHost=1;
- }
- else if (strstr(inbuf,"ldapPort:") == inbuf) { /* Line starts with "ldapPort:" */
- PR_snprintf(buf, sizeof(buf), "ldapPort: %d\n", ldapPort);
- lines[linecnt++] = strdup(buf);
- modifiedPort=1;
- }
- else if ((strncasecmp(inbuf, "sie:", strlen("sie:")) == 0) &&
- (sieDN)) { /* Line starts with "sie:" */
- PR_snprintf(buf, sizeof(buf), "sie: %s\n", sieDN);
- lines[linecnt++] = strdup(buf);
- modifiedSIE=1;
- }
- else if ((strncasecmp(inbuf, "isie:", strlen("isie:")) == 0) &&
- (isieDN)) { /* Line starts with "isie:" */
- PR_snprintf(buf, sizeof(buf), "isie: %s\n", isieDN);
- lines[linecnt++] = strdup(buf);
- modifiedISIE=1;
- }
- else {
- lines[linecnt++] = strdup(inbuf);
- }
-
- }
- fclose(f);
-
- if (!modifiedHost) {
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_NO_LDAPHOST, "Parameter ldapHost: not found in adm.conf"), NULL, NULL);
- }
-
- if (!modifiedPort) {
- rpt_err(SYSTEM_ERROR, i18nMsg(DBT_NO_LDAPPORT, "Parameter ldapPort: not found in adm.conf"), NULL, NULL);
+ if (ldapURL) {
+ if (admldapSetDirectoryURL(admInfo, ldapURL)) {
+ char error_info[128];
+ PR_snprintf(error_info, sizeof(error_info),
+ i18nMsg(DBT_BAD_LDAPURL, "LDAP URL (%s) is invalid"), ldapURL);
+ rpt_err(SYSTEM_ERROR, error_info, NULL, NULL);
+ }
}
- if ((sieDN) && (!modifiedSIE)) {
+ if (sieDN && admldapSetSIEDN(admInfo, sieDN)) {
rpt_err(SYSTEM_ERROR, i18nMsg(DBT_NO_SIE, "Parameter sie: not found in adm.conf"), NULL, NULL);
}
- if ((isieDN) && (!modifiedISIE)) {
+ if (isieDN && admldapSetISIEDN(admInfo, isieDN)) {
rpt_err(SYSTEM_ERROR, i18nMsg(DBT_NO_ISIE, "Parameter isie: not found in adm.conf"), NULL, NULL);
}
- f = fopen(filename, "w");
- if (f==NULL) {
+ if (admldapWriteInfoFile(admInfo)) {
rpt_err(SYSTEM_ERROR, i18nMsg(DBT_OPEN_ADM_WR, "Can not open adm.conf for writing"), NULL, NULL);
}
-
- for (i=0; i < linecnt; i++) {
- fprintf(f, "%s", lines[i]);
- }
-
- fclose(f);
+ destroyAdmldap(admInfo);
}
Index: dsconfig.properties
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/dsconfig.properties,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- dsconfig.properties 18 Aug 2005 18:59:03 -0000 1.3
+++ dsconfig.properties 9 May 2007 00:26:30 -0000 1.4
@@ -29,19 +29,13 @@
dsconfig3 { "No data in QUERY_STRING environment variable" }
dsconfig4 { "No operation is defined" }
dsconfig5 { "Unknown Operation (%s)" }
-dsconfig6 { "Failed to read dbswitch.conf" }
-dsconfig7 { "Bad content/format of dbswitch.conf" }
-dsconfig8 { "Bad ldap url in dbswitch.conf" }
dsconfig9 { "Bad value for dsconfig.port" }
dsconfig10 { "No certificate database specified for LDAP/SSL usage!" }
dsconfig11 { "Cannot open certificate database for LDAP/SSL usage!" }
dsconfig12 { "Bad value for dsconfig.ssl" }
-dsconfig13 { "Can not open dbswitch.conf for reading" }
-dsconfig14 { "Dbhandle 'default' not found in dbswitch.conf" }
-dsconfig15 { "Can not open dbswitch.conf for writing" }
dsconfig16 { "Can not open adm.conf for reading" }
-dsconfig17 { "Parameter ldapHost: not found in adm.conf" }
-dsconfig18 { "Parameter ldapPort: not found in adm.conf" }
+dsconfig17 { "Parameter ldapurl: not found in adm.conf" }
+dsconfig18 { "LDAP URL (%s) is invalid" }
dsconfig19 { "Can not open adm.conf for writing" }
dsconfig20 { "Parameter sie: not found in adm.conf" }
dsconfig21 { "Parameter isie: not found in adm.conf" }
Index: getport.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/getport.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- getport.c 18 Aug 2005 18:59:03 -0000 1.4
+++ getport.c 9 May 2007 00:26:30 -0000 1.5
@@ -83,7 +83,7 @@
if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw);
/* Initialize the pset */
- rv = ADMSSL_InitSimple();
+ rv = ADMSSL_InitSimple(CONFIGDIR, SECURITYDIR);
if (rv) {
rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL);
}
Index: help.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/help.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- help.c 11 May 2006 14:29:30 -0000 1.7
+++ help.c 9 May 2007 00:26:30 -0000 1.8
@@ -32,6 +32,7 @@
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
+#include <unistd.h>
#ifdef XP_UNIX
# include <dirent.h>
@@ -57,6 +58,8 @@
# define STRCASECMP _stricmp
#endif
+#include "config.h"
+
#define PATH_LENGTH 1024
#define DIR_ARG "helpdir"
#define TOKEN_ARG "token"
@@ -77,7 +80,8 @@
#define DOC_BLOCK "<document>"
#define DOCLIST_EBLOCK "</doclist>"
#define COMMENT_CHAR ';'
-#define BASE_DIR ".."
+#define BASE_DIR ".." /* for relative URLs */
+#define HELPSUBDIR "help" /* subdirectory of MANUALDIR */
#define TEST_DEPTH 10
#define DEFAULT_LANG "en"
@@ -237,6 +241,7 @@
char *getLocale() {
char *loc;
char path[PATH_LENGTH];
+ SYS_DIR *dir = NULL;
/* Go through the list of locales in the HTTP_ACCEPT_LANGUAGE
env var and check if at least one of them is available
@@ -244,21 +249,24 @@
loc = strtok(strdup(localeList), ",");
while (1){
if (loc) {
- safe_snprintf(path, sizeof(path), "%s%c%c%c", BASE_DIR, FILE_SEP, loc[0], loc[1]);
- if (dir_open(path)) {
+ safe_snprintf(path, sizeof(path), "%s%c%c%c", MANUALDIR, FILE_SEP, loc[0], loc[1]);
+ if ((dir = dir_open(path))) {
/* return only the first 2 characters of the language code e.g. return en for en-US */
loc[2] = '\0';
+ dir_close(dir);
return loc;
}
}
loc = strtok(NULL, ",");
if (!loc) {
/* default to English (en) */
- safe_snprintf(path, sizeof(path), "%s%c%s", BASE_DIR, FILE_SEP, DEFAULT_LANG);
- if (dir_open(path))
+ safe_snprintf(path, sizeof(path), "%s%c%s", MANUALDIR, FILE_SEP, DEFAULT_LANG);
+ if ((dir = dir_open(path))) {
+ dir_close(dir);
return DEFAULT_LANG;
- else
+ } else {
error_exit("No help available for any of the languages set for the browser");
+ }
}
}
}
@@ -280,17 +288,17 @@
/* Open the target file and return the contents */
- safe_snprintf(path, sizeof(path), "%s%c%s%c%s%c%s", BASE_DIR, FILE_SEP, locale, FILE_SEP,
+ safe_snprintf(path, sizeof(path), "%s%c%s%c%s%c%s", MANUALDIR, FILE_SEP, locale, FILE_SEP,
product, FILE_SEP, content);
if (!(file = fopen(path, "r")))
{
- safe_snprintf(path, sizeof(path), "unable to open file: %s", path);
+ safe_snprintf(base, sizeof(base), "unable to open file: %s", path);
if (debugPrintout)
{
- printf("%s<P>\n", path);
+ printf("%s<P>\n", base);
fflush( stdout );
}
- return error_exit(path);
+ return error_exit(base);
}
if (debugPrintout)
{
@@ -337,7 +345,7 @@
/* open a frameset file, either from the product dir, or the master file
* in the help dir. */
- safe_snprintf(path, sizeof(path), "%s%c%s%c%s%c%s", BASE_DIR, FILE_SEP, locale, FILE_SEP, product, FILE_SEP, FRAMESET_FILE);
+ safe_snprintf(path, sizeof(path), "%s%c%s%c%s%c%s", MANUALDIR, FILE_SEP, locale, FILE_SEP, product, FILE_SEP, FRAMESET_FILE);
if (debugPrintout)
{
printf("opening frameset file: %s<P>\n", path);
@@ -345,7 +353,7 @@
if (!(frameset = fopen(path, "r")))
{
/* product frameset failed, so try global one */
- safe_snprintf(path, sizeof(path), "%s", FRAMESET_FILE);
+ safe_snprintf(path, sizeof(path), "%s%c%s%c%s%c%s", MANUALDIR, FILE_SEP, HELPSUBDIR, FILE_SEP, FRAMESET_FILE);
if (!(frameset = fopen(path, "r")))
{
if (debugPrintout)
@@ -506,7 +514,7 @@
}
/* first, see if locale directory exists in its parent */
- safe_snprintf(path, sizeof(path), "%s", BASE_DIR);
+ safe_snprintf(path, sizeof(path), "%s", MANUALDIR);
if (!file_or_dir_exists(path, locale)) {
if (debugPrintout) {
printf( "No help files for locale [%s]<P>\n", locale?locale:"");
@@ -515,7 +523,7 @@
return error_exit("Failed to open help for locale.");
}
/* ok, locale directory is good, check product directory */
- safe_snprintf(path, sizeof(path), "%s%c%s", BASE_DIR, FILE_SEP, locale);
+ safe_snprintf(path, sizeof(path), "%s%c%s", MANUALDIR, FILE_SEP, locale);
if (!file_or_dir_exists(path, product)) {
if (debugPrintout) {
printf( "No help files for product [%s] in locale [%s]<P>\n", product?product:"", locale);
@@ -524,7 +532,7 @@
return error_exit("Failed to open help for given product.");
}
/* Ok, product directory exists, check for the mapfile */
- safe_snprintf(path, sizeof(path), "%s%c%s%c%s", BASE_DIR, FILE_SEP, locale,
+ safe_snprintf(path, sizeof(path), "%s%c%s%c%s", MANUALDIR, FILE_SEP, locale,
FILE_SEP, product);
if (!file_or_dir_exists(path, mapfile)) {
if (debugPrintout) {
@@ -533,7 +541,7 @@
}
return error_exit("Failed to open help for given product.");
}
- safe_snprintf(path, sizeof(path), "%s%c%s%c%s%c%s", BASE_DIR, FILE_SEP, locale,
+ safe_snprintf(path, sizeof(path), "%s%c%s%c%s%c%s", MANUALDIR, FILE_SEP, locale,
FILE_SEP, product?product:"", FILE_SEP, mapfile);
if (debugPrintout)
{
@@ -692,12 +700,15 @@
{
FILE *template;
char line[PATH_LENGTH];
- char base[50];
+ char base[PATH_MAX];
+ char library_file[PATH_MAX];
printf("Content-type: text/html\n\n");
/* open the library template file from the help dir. */
- if (!(template = fopen(LIBRARY_FILE, "r")))
+ safe_snprintf(library_file, sizeof(library_file), "%s%c%s%c%s", MANUALDIR, FILE_SEP,
+ HELPSUBDIR, FILE_SEP, LIBRARY_FILE);
+ if (!(template = fopen(library_file, "r")))
return error_exit("unable to open a valid library template file");
/* Spit the template file back out, except substitute the generate
@@ -735,7 +746,7 @@
*endp = '\0';
- safe_snprintf(base, sizeof(base), "%s%c%s", BASE_DIR, FILE_SEP, locale);
+ safe_snprintf(base, sizeof(base), "%s%c%s", MANUALDIR, FILE_SEP, locale);
check_directory(base, prefix, suffix, 0);
}
Index: htmladmin.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/htmladmin.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- htmladmin.c 11 May 2006 14:29:30 -0000 1.7
+++ htmladmin.c 9 May 2007 00:26:30 -0000 1.8
@@ -36,10 +36,11 @@
#include "libadmsslutil/admsslutil.h"
#include "libadmin/cluster.h"
#include "ldap.h"
-#include "ldapu.h"
#include <ldap_ssl.h>
#include "prnetdb.h"
#include "plstr.h"
+
+#include "config.h"
/*
properties file name = "htmladmin.properties"
@@ -139,7 +140,7 @@
char*
getResourceString(char *key) {
- return (char *)(res_getstring(i18nResource, key, acceptLanguage));
+ return (char *)(res_getstring(i18nResource, key, acceptLanguage, NULL, 0, NULL));
}
/*
@@ -156,7 +157,6 @@
#define SERVERGROUP_OBJTYPE "(|(objectclass=nsadmingroup)(objectclass=nslegacyadmingroup))"
#define SERVERGROUP_ATTR "nsadmingroupname"
-#define SERVERGROUP_SERVERROOT_ATTR "nsconfigroot"
#define ISIE_OBJTYPE "(|(objectclass=nsapplication)(objectclass=nslegacyapplication))"
#define ISIE_PRODNAME_ATTR "nsproductname"
@@ -164,7 +164,6 @@
#define SIE_OBJTYPE "(|(objectclass=netscapeserver)(objectclass=nslegacyserver))"
#define SIE_SERVERID_ATTR "nsserverid"
-#define SIE_SERVERROOT_ATTR "serverroot"
#define ADMIN_OBJTYPE "(|(objectclass=nsadminserver)(objectclass=nslegacyadminserver))"
#define ADMIN_HOST "serverhostname"
@@ -317,22 +316,16 @@
* Get the AdmldapInfo struct for ldap SDK API.
*/
-AdmldapInfo get_adm_ldapinfo() {
+AdmldapInfo get_adm_ldapinfo(const char *configdir, const char *securitydir) {
AdmldapInfo ldapInfo = NULL;
int rv;
- char admroot[BIG_LINE];
-
- PR_snprintf(admroot, BIG_LINE, "%s%cadmin-serv%cconfig",
- getenv("NETSITE_ROOT"),
- FILE_PATHSEP,
- FILE_PATHSEP);
- ldapInfo = admldapBuildInfo(admroot, &rv);
+ ldapInfo = admldapBuildInfo((char *)configdir, &rv);
if(!ldapInfo)
exit(0);
- rv = ADMSSL_InitSimple();
+ rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0);
if(rv)
exit(0);
@@ -810,109 +803,34 @@
return server;
}
-
-/* NT ONLY
- for some reason admin server on NT has a thread pool of 1
- for cgi execution. This will cause the server to hang if
- a cgi tries to contect another cgi locate on the same server.
-
- This hack is added to resolve this problem for NT ONLY.
- Returns 1 if the host and port given belongs to the Admin Server spawning this CGI,
- 0 otherwise.
- */
-
-int is_local_admin(char *host, int port) {
-
- char localhost[NBUF_SIZE];
- int localport, is_local=0;
- char *endptr;
-
- FILE *f;
- char *admConf = PR_smprintf("%s%cadm.conf", getenv("ADMSERV_ROOT"), FILE_PATHSEP);
- localhost[0] = 0;
-
- /* get host name(FQDN) and port number from config file */
- f = fopen(admConf, "r");
- if (f!=NULL) {
- int lineno = 1;
- char *line = (char *)malloc(MAX_LEN);
- while (!admutil_getline(f, MAX_LEN, lineno, line)) {
- if (strstr(line,"port:") == line) {
- localport = strtol(strstr(line, " "), &endptr, 10);
- }
- if (strstr(line,"host:") == line) {
- PR_snprintf(localhost, sizeof(localhost), "%s", (strstr(line, " ")+1));
- }
- lineno++;
- }
- free(line);
- fclose(f);
- }
-
- is_local = ((localport == port) && !strcmp(localhost, host));
-
- PR_smprintf_free(admConf);
-
- return is_local;
-}
-
-
/* rate is specified in seconds */
-int get_topology_refresh_rate() {
+static int get_topology_refresh_rate(AdmldapInfo admInfo) {
- char *endptr;
+ char *val = NULL;
+ char *endptr = NULL;
int rate = 300;
-
- FILE *f;
- char *admConf = PR_smprintf("%s%cadm.conf", getenv("ADMSERV_ROOT"), FILE_PATHSEP);
-
- /* get host name(FQDN) and port number from config file */
- f = fopen(admConf, "r");
- if (f!=NULL) {
- int lineno = 1;
- char *line = (char *)malloc(MAX_LEN);
- while (!admutil_getline(f, MAX_LEN, lineno, line)) {
- if (strstr(line,"ExpressRefreshRate:") == line) {
- rate = strtol(strstr(line, " "), &endptr, 10);
- }
- lineno++;
- }
- free(line);
- fclose(f);
- }
- PR_smprintf_free(admConf);
+ if (val = admldapGetExpressRefreshRate(admInfo)) {
+ rate = strtol(val, &endptr, 10);
+ PL_strfree(val);
+ }
return rate;
}
/* rate is specified in seconds */
-int get_cgi_timeout_rate() {
+static int get_cgi_timeout_rate(AdmldapInfo admInfo) {
- char *endptr;
+ char *endptr = NULL;
+ char *val = NULL;
int rate = 60;
- FILE *f;
- char *admConf = PR_smprintf("%s%cadm.conf", getenv("ADMSERV_ROOT"), FILE_PATHSEP);
-
- /* get host name(FQDN) and port number from config file */
- f = fopen(admConf, "r");
- if (f!=NULL) {
- int lineno = 1;
- char *line = (char *)malloc(MAX_LEN);
- while (!admutil_getline(f, MAX_LEN, lineno, line)) {
- if (strstr(line,"ExpressCGITimeout:") == line) {
- rate = strtol(strstr(line, " "), &endptr, 10);
- }
- lineno++;
- }
- free(line);
- fclose(f);
+ if (val = admldapGetExpressCGITimeout(admInfo)) {
+ rate = strtol(val, &endptr, 10);
+ PL_strfree(val);
}
- PR_smprintf_free(admConf);
-
return rate;
}
@@ -961,92 +879,6 @@
}
-
-char *AS_dirs(LDAP *server, LDAPMessage *sie_entry) {
-
- char *ptr, *accesslog, *errorlog;
- char dirs[BIG_LINE];
- int ldapError;
-
- char **vals;
-
- LDAPMessage *sieconf_entry, *sieconf_result;
-
- if((ldapError = ldap_search_s(server, ldap_get_dn(server, sie_entry), LDAP_SCOPE_SUBTREE,
- ADMINCONF_OBJTYPE, NULL, 0, &sieconf_result)) != LDAP_SUCCESS)
- return NULL;
- sieconf_entry = ldap_first_entry(server, sieconf_result);
-
- if((vals = ldap_get_values(server, sieconf_entry, ADMINCONF_ACCESSLOG)) != NULL) {
- accesslog = strdup(vals[0]);
- ptr = strrchr(accesslog, FILE_PATHSEP);
- ptr[0] = '\0';
- ldap_value_free(vals);
- }
-
- if((vals = ldap_get_values(server, sieconf_entry, ADMINCONF_ERRORLOG)) != NULL) {
- errorlog = strdup(vals[0]);
- ptr = strrchr(errorlog, FILE_PATHSEP);
- ptr[0] = '\0';
- ldap_value_free(vals);
- }
-
- if(accesslog && errorlog && strcmp(accesslog, errorlog))
- PR_snprintf(dirs, sizeof(dirs), "%s|%s", accesslog, errorlog);
- else if(accesslog)
- PL_strncpyz(dirs, accesslog, sizeof(dirs));
- else if(errorlog)
- PL_strncpyz(dirs, errorlog, sizeof(dirs));
- else
- PR_snprintf(dirs, sizeof(dirs), "admin-serv%clogs", FILE_PATHSEP);
-
- return strdup(dirs);
-}
-
-
-
-char *MS_dirs(LDAP *server, LDAPMessage *sie_entry, char *serverroot) {
-
- char *ptr;
- char *dirs = NULL;
- int ldapError;
-
- char **vals;
-
- LDAPMessage *sieconf_entry, *sieconf_result;
-
- if(!serverroot)
- return NULL;
-
- if((ldapError = ldap_search_s(server, ldap_get_dn(server, sie_entry), LDAP_SCOPE_SUBTREE,
- MSGCONF_OBJTYPE, NULL, 0, &sieconf_result)) != LDAP_SUCCESS)
- return NULL;
-
- for(sieconf_entry = ldap_first_entry(server, sieconf_result);
- sieconf_entry != NULL;
- sieconf_entry = ldap_next_entry(server, sieconf_entry)) {
-
- if((vals = ldap_get_values(server, sieconf_entry, MSGCONF_LOGDIR)) != NULL) {
- ptr = strstr(vals[0], serverroot);
- ptr = &(ptr[strlen(serverroot)+1]);
-
- if(!dirs)
- dirs = strdup(ptr);
- else {
- dirs = (char *)realloc(dirs, (strlen(dirs) + strlen(ptr) + 1));
- sprintf(dirs, "%s|%s", dirs, ptr);
- }
- ldap_value_free(vals);
- }
- }
-
- if(dirs)
- return strdup(dirs);
- else
- return NULL;
-}
-
-
int output_topology(AdmldapInfo ldapInfo,
char *binddn,
char *bindpw,
@@ -1069,7 +901,6 @@
char viewparam[BIG_LINE];
char **view_list;
- char *serverroot = NULL;
int first_servergroup;
int legacy;
@@ -1177,16 +1008,6 @@
}
else
return -1;
-
- /* get the server root (might be needed for log viewer CGI) */
-
- if(serverroot)
- free(serverroot);
- serverroot = NULL;
- if((vals = ldap_get_values(server, servergroup_entry, SERVERGROUP_SERVERROOT_ATTR)) != NULL) {
- serverroot = strdup(vals[0]);
- ldap_value_free(vals);
- }
/* ISIE */
@@ -1301,36 +1122,18 @@
/* directories to pass info log CGI based on product */
if(strstr(ldap_get_dn(server, sie_entry), "Administration")) {
- /* Admin Server - get from DS */
- char *dirs = AS_dirs(server, sie_entry);
- if(dirs) {
-
-
-
- running = server_status(server_host, server_port[0]);
- if(running == 1) {
- if(is_local_admin(server_host, server_port[0])) {
-
- /* if this ever changes, use PR_smprintf instead of malloc + sprintf */
- href = (char *)malloc(strlen(getResourceString(DBT_OUTPUT_TOPOLOGY_LOCAL_SERVER_ENTRY)) +
- strlen(admin_url) + 1);
- sprintf(href,
- (const char*)getResourceString(DBT_OUTPUT_TOPOLOGY_LOCAL_SERVER_ENTRY),
- admin_url);
- }
- else {
-
- /* if this ever changes, use PR_smprintf instead of malloc + sprintf */
- href = (char *)malloc(strlen(getResourceString(DBT_OUTPUT_TOPOLOGY_SERVER_ENTRY)) +
- strlen(htmladmin_strdup_escaped(ldap_get_dn(server, sie_entry))) +
- (view ? strlen(viewparam) : 0) +
- 1);
- sprintf(href,
- getResourceString(DBT_OUTPUT_TOPOLOGY_SERVER_ENTRY),
- htmladmin_strdup_escaped(ldap_get_dn(server, sie_entry)),
- view ? viewparam : "");
- }
- }
+ running = server_status(server_host, server_port[0]);
+ if(running == 1) {
+ /* if this ever changes, use PR_smprintf instead of malloc + sprintf */
+ href = (char *)malloc(strlen(getResourceString(DBT_OUTPUT_TOPOLOGY_SERVER_ENTRY)) +
+ strlen(htmladmin_strdup_escaped(ldap_get_dn(server, sie_entry))) +
+ (view ? strlen(viewparam) : 0) +
+ 1);
+ sprintf(href,
+ getResourceString(DBT_OUTPUT_TOPOLOGY_SERVER_ENTRY),
+ htmladmin_strdup_escaped(ldap_get_dn(server, sie_entry)),
+ view ? viewparam : "");
+ }
/* if this ever changes, use PR_smprintf instead of malloc + sprintf */
@@ -1342,12 +1145,11 @@
/* if this ever changes, use PR_smprintf instead of malloc + sprintf */
- log_link = (char *)malloc(strlen(getResourceString(DBT_OUTPUT_TOPOLOGY_ADMIN_LOG_LINK)) + strlen(admin_url) + strlen(htmladmin_strdup_escaped(vals[0])) + strlen(htmladmin_strdup_escaped(dirs)) + 2);
+ log_link = (char *)malloc(strlen(getResourceString(DBT_OUTPUT_TOPOLOGY_ADMIN_LOG_LINK)) + strlen(admin_url) + strlen(htmladmin_strdup_escaped(vals[0])) + 2);
sprintf(log_link,
(const char*)getResourceString(DBT_OUTPUT_TOPOLOGY_ADMIN_LOG_LINK),
admin_url,
- htmladmin_strdup_escaped(vals[0]),
- htmladmin_strdup_escaped(dirs));
+ htmladmin_strdup_escaped(vals[0]));
fprintf(stdout,
(const char*)getResourceString(DBT_OUTPUT_TOPOLOGY_STATUS),
@@ -1356,7 +1158,6 @@
(running == 1) ? getResourceString(DBT_OUTPUT_TOPOLOGY_ON) : ((running == -1) ? getResourceString(DBT_OUTPUT_TOPOLOGY_UNKNOWN) : getResourceString(DBT_OUTPUT_TOPOLOGY_OFF)),
(running == 1) ? href : "");
- }
}
else if(strstr(ldap_get_dn(server, sie_entry), "Directory")) {
char *repl_link;
@@ -1403,13 +1204,12 @@
htmladmin_strdup_escaped(vals[0]));
/* if this ever changes, use PR_smprintf instead of malloc + sprintf */
- repl_link = (char *)malloc(strlen(getResourceString(DBT_OUTPUT_TOPOLOGY_DIRECTORY_REPL_LINK)) + strlen(admin_url)*2 + strlen(htmladmin_strdup_escaped(host)) + strlen(getenv("NETSITE_ROOT")) + /*space for port num*/ 12);
+ repl_link = (char *)malloc(strlen(getResourceString(DBT_OUTPUT_TOPOLOGY_DIRECTORY_REPL_LINK)) + strlen(admin_url)*2 + strlen(htmladmin_strdup_escaped(host)) + /*space for port num*/ 12);
sprintf(repl_link, (const char*)getResourceString(DBT_OUTPUT_TOPOLOGY_DIRECTORY_REPL_LINK),
admin_url,
htmladmin_strdup_escaped(host),
server_port[0],
- admin_url,
- getenv("NETSITE_ROOT"));
+ admin_url);
fprintf(stdout,
(const char*)getResourceString(DBT_OUTPUT_TOPOLOGY_STATUS_WITH_REPL),
@@ -1501,7 +1301,7 @@
admin_url,
htmladmin_strdup_escaped(ldap_get_dn(server, sie_entry)));
- log_link = (char *)malloc(strlen(getResourceString(DBT_OUTPUT_TOPOLOGY_CMS_LOG_LINK)) + strlen(admin_url) + strlen(htmladmin_strdup_escaped(ldap_get_dn(server, sie_entry))) + 2);
+ log_link = (char *)malloc(strlen(getResourceString(DBT_OUTPUT_TOPOLOGY_CMS_LOG_LINK)) + strlen(admin_url) + strlen(htmladmin_strdup_escaped(vals[0])) + 2);
sprintf(log_link, (const char*)getResourceString(DBT_OUTPUT_TOPOLOGY_CMS_LOG_LINK),
admin_url,
htmladmin_strdup_escaped(vals[0]));
@@ -1544,7 +1344,7 @@
char *bindpw,
char *serverid,
char *service,
- char *serverroot) {
+ AdmldapInfo ldapInfo) {
PRFileDesc *sockd;
char *admin_host = NULL;
@@ -1593,10 +1393,7 @@
if(!strncmp(serverid, "cert-", 5)) {
int content_length;
- if(!serverroot)
- return;
-
- content_length = strlen("serverRoot=&instanceID=") + strlen(serverroot) + strlen(serverid) - 5;
+ content_length = strlen("instanceID=") + strlen(serverid) - 5;
/* minus "cert-" */
/* start a CMS server - why the heck does it need all these parameters ?!?! */
@@ -1607,7 +1404,6 @@
strlen(admin_port) +
strlen((char *)auth) +
5 + /* can't be >5 digits for content length */
- strlen(htmladmin_strdup_escaped(serverroot)) +
strlen(htmladmin_strdup_escaped(serverid)) +
3); /* space + 2 newline characters */
@@ -1617,7 +1413,6 @@
atoi(admin_port),
(char *)auth,
content_length,
- htmladmin_strdup_escaped(serverroot),
htmladmin_strdup_escaped(&(serverid[5]))); /* takes everything after "cert-" */
}
else {
@@ -1634,9 +1429,9 @@
}
if(strstr(admin_url, "https")) {
- sockd = make_http_request("https", admin_host, atoi(admin_port), request, get_cgi_timeout_rate(), &errorcode);
+ sockd = make_http_request("https", admin_host, atoi(admin_port), request, get_cgi_timeout_rate(ldapInfo), &errorcode);
} else {
- sockd = make_http_request("http", admin_host, atoi(admin_port), request, get_cgi_timeout_rate(), &errorcode);
+ sockd = make_http_request("http", admin_host, atoi(admin_port), request, get_cgi_timeout_rate(ldapInfo), &errorcode);
}
@@ -1658,7 +1453,7 @@
char *bindpw,
char *serverid,
char *service,
- char *serverroot) {
+ AdmldapInfo ldapInfo) {
PRFileDesc *sockd;
char *admin_host = NULL;
@@ -1708,10 +1503,7 @@
if(!strncmp(serverid, "cert-", 5)) {
int content_length;
- if(!serverroot)
- return;
-
- content_length = strlen("serverRoot=&instanceID=") + strlen(serverroot) + strlen(serverid) - 5;
+ content_length = strlen("instanceID=") + strlen(serverid) - 5;
/* minus "cert-" */
/* stop a CMS server - why the heck does it need all these parameters ?!?! */
@@ -1722,7 +1514,6 @@
strlen(admin_port) +
strlen((char *)auth) +
5 + /* can't be >10 digits for content length */
- strlen(htmladmin_strdup_escaped(serverroot)) +
strlen(htmladmin_strdup_escaped(serverid)) +
3); /* space + 2 newline characters */
@@ -1733,7 +1524,6 @@
atoi(admin_port),
(char *)auth,
content_length,
- htmladmin_strdup_escaped(serverroot),
htmladmin_strdup_escaped(&(serverid[5]))); /* takes everything after "cert-" */
}
else {
@@ -1751,9 +1541,9 @@
}
if(strstr(admin_url, "https")) {
- sockd = make_http_request("https", admin_host, atoi(admin_port), request, get_cgi_timeout_rate(), &errorcode);
+ sockd = make_http_request("https", admin_host, atoi(admin_port), request, get_cgi_timeout_rate(ldapInfo), &errorcode);
} else {
- sockd = make_http_request("http", admin_host, atoi(admin_port), request, get_cgi_timeout_rate(), &errorcode);
+ sockd = make_http_request("http", admin_host, atoi(admin_port), request, get_cgi_timeout_rate(ldapInfo), &errorcode);
}
if (sockd == NULL) {
@@ -1788,8 +1578,7 @@
int rv;
- PR_snprintf(line, sizeof(line), "%s%cbin/admin/admin/bin/property", getenv("NETSITE_ROOT"), FILE_PATHSEP);
- i18nResource = res_init_resource(line, RESOURCE_FILE);
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
acceptLanguage = "en";
if (lang) acceptLanguage = strdup(lang);
@@ -1798,7 +1587,7 @@
fprintf(stdout, getResourceString(DBT_MAIN_CONTENT_TYPE));
- if(!strcmp(m, "GET")) {
+ if(m && !strcmp(m, "GET")) {
get_begin(qs);
@@ -1854,7 +1643,7 @@
int i;
int found;
- ldapInfo = get_adm_ldapinfo();
+ ldapInfo = get_adm_ldapinfo(CONFIGDIR, SECURITYDIR);
if(!get_bindinfo(&binddn, &bindpw))
exit(0);
@@ -1898,10 +1687,11 @@
*/
+ ldapInfo = get_adm_ldapinfo(CONFIGDIR, SECURITYDIR);
+
fprintf(stdout, getResourceString(DBT_MAIN_TOPOLOGY_HEADER),
- get_topology_refresh_rate(), view ? viewparam : "");
+ get_topology_refresh_rate(ldapInfo), view ? viewparam : "");
- ldapInfo = get_adm_ldapinfo();
if(!get_bindinfo(&binddn, &bindpw))
exit(0);
@@ -1918,7 +1708,6 @@
char *service = NULL;
char *admin_url;
char **serverid;
- char **serverroot;
char *sie;
int count, max_count;
@@ -1947,8 +1736,6 @@
if((serverid = ldap_get_values(server, sie_entry, SIE_SERVERID_ATTR)) == NULL)
goto output_topology;
- serverroot = ldap_get_values(server, sie_entry, SIE_SERVERROOT_ATTR);
-
if(!get_host_and_port(server, sie, sie_entry, &host, &ports))
goto output_topology;
@@ -1958,12 +1745,12 @@
goto output_topology;
count=0;
- max_count=get_cgi_timeout_rate()/SERVER_PING_RATE;
+ max_count=get_cgi_timeout_rate(ldapInfo)/SERVER_PING_RATE;
rv = server_status(host, active_port);
if(rv == 1) {
/* Server's running, shut it down */
- stop_server(admin_url, binddn, bindpw, serverid[0], service, serverroot ? serverroot[0] : NULL);
+ stop_server(admin_url, binddn, bindpw, serverid[0], service, ldapInfo);
while((server_status(host, active_port) == 1) && (count < max_count)) {
sleep(SERVER_PING_RATE);
count++;
@@ -1978,7 +1765,8 @@
}
else if((rv == 0) && (!strstr(sie, "Administration"))) {
/* Server's down, start it up (except for Admin Servers) */
- start_server(admin_url, binddn, bindpw, serverid[0], service, serverroot ? serverroot[0] : NULL);
+ start_server(admin_url, binddn, bindpw, serverid[0], service,
+ ldapInfo);
while((server_status(host, active_port) == 0) && (count < max_count)) {
sleep(SERVER_PING_RATE);
count++;
Index: htmladmin.properties
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/htmladmin.properties,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- htmladmin.properties 2 Nov 2005 01:15:17 -0000 1.5
+++ htmladmin.properties 9 May 2007 00:26:30 -0000 1.6
@@ -53,12 +53,12 @@
htmladmin31 { "</HTML>\n" }
//#/* html resource string - stop_server()*/
htmladmin40 { "GET /%s/tasks/operation/cgi_service?cmd=stop&object=|service|%s HTTP/1.0\nAuthorization: Basic %s\n\n" }
-htmladmin41 { "POST /%s/tasks/operation/Stop HTTP/1.0\nHost: %s:%d\nAuthorization: Basic %s\nContent-length: %d\nContent-Type: application/x-www-form-urlencoded\n\nserverRoot=%s&instanceID=%s\n\n" }
+htmladmin41 { "POST /%s/tasks/operation/Stop HTTP/1.0\nHost: %s:%d\nAuthorization: Basic %s\nContent-length: %d\nContent-Type: application/x-www-form-urlencoded\n\ninstanceID=%s\n\n" }
htmladmin42 { "GET /%s/tasks/operation/Stop HTTP/1.0\nAuthorization: Basic %s\n\n" }
htmladmin43 { "<H2>Server Error</H2>\n<p>The server could not be stopped. Please reload the page and check the error logs for more details." }
//#/* html resource string - start_server()*/
htmladmin50 { "GET /%s/tasks/operation/cgi_service?cmd=start&object=|service|%s HTTP/1.0\nAuthorization: Basic %s\n\n" }
-htmladmin51 { "POST /%s/tasks/operation/Start HTTP/1.0\nHost: %s:%d\nAuthorization: Basic %s\nContent-length: %d\nContent-Type: application/x-www-form-urlencoded\n\nserverRoot=%s&instanceID=%s\n\n" }
+htmladmin51 { "POST /%s/tasks/operation/Start HTTP/1.0\nHost: %s:%d\nAuthorization: Basic %s\nContent-length: %d\nContent-Type: application/x-www-form-urlencoded\n\ninstanceID=%s\n\n" }
htmladmin52 { "GET /%s/tasks/operation/Start HTTP/1.0\nAuthorization: Basic %s\n\n" }
htmladmin53 { "<H2>Server Error</H2>\n<p>The server could not be started. Please reload the page and check the error logs for more details." }
//#/* html resource string - output_topology() */
@@ -73,7 +73,7 @@
htmladmin68 { " <A HREF=\"%s/admin-serv/tasks/operation/Stop?return_format=html\" onclick=\"return confirm_admin_stop()\"><IMG SRC=\"../icons/togon.gif\" border=0 align=ABSCENTER></A>" }
htmladmin69 { " <A HREF=\"HTMLAdmin?op=serveractivate&obj=%s%s\" onclick=\"return confirm_admin_stop()\"><IMG SRC=\"../icons/togon.gif\" border=0 align=ABSCENTER></A>" }
htmladmin70 { "<A HREF=\"%s/admin-serv/tasks/configuration/ViewData?sie=%s\" target=\"main\">Server Info</A> <font color=\"#FFFFFF\">|</font>\n" }
-htmladmin71 { "<A HREF=\"%s/admin-serv/tasks/configuration/ViewLog?id=%s&directories=%s\" target=\"main\">Logs</A> <font color=\"#FFFFFF\">|</font>\n" }
+htmladmin71 { "<A HREF=\"%s/admin-serv/tasks/configuration/ViewLog?id=%s\" target=\"main\">Logs</A> <font color=\"#FFFFFF\">|</font>\n" }
htmladmin72 { "<font face=\"Helvetica, Arial, Sans-serif\"><font size=-1>%s%s Status=<b>%s</b>%s</font></font>\n\n" }
htmladmin73 { "On" }
htmladmin74 { "Off" }
@@ -83,7 +83,7 @@
htmladmin78 { "<A HREF=\"%s/admin-serv/tasks/configuration/ViewData?sie=%s\" target=\"main\">Server Info</A> <font color=\"#FFFFFF\">|</font>\n" }
htmladmin79 { "<A HREF=\"%s/admin-serv/tasks/configuration/ViewLog?id=%s\" target=\"main\">Logs</A> <font color=\"#FFFFFF\">|</font>\n" }
htmladmin80 { "<A HREF=\"%s/admin-serv/tasks/configuration/ViewData?sie=%s\" target=\"main\">Server Info</A> <font color=\"#FFFFFF\">|</font>\n" }
-htmladmin81 { "<A HREF=\"%s/admin-serv/tasks/configuration/ViewLog?id=%s&directories=%s\" target=\"main\">Logs</A>\n" }
+htmladmin81 { "<A HREF=\"%s/admin-serv/tasks/configuration/ViewLog?id=%s\" target=\"main\">Logs</A>\n" }
htmladmin82 { "<font face=\"Helvetica, Arial, Sans-serif\"><font size=-1>%s%s</font></font>\n\n" }
htmladmin83 { "<tr>\n<td>\n<table BORDER=0 CELLSPACING=0 CELLPADDING=0>\n<tr>\n<td><img src=\"../icons/16space.gif\" BORDER=0 height=16 width=64></td>\n\n<td>\n<table BORDER=0 CELLSPACING=0 CELLPADDING=0 COLS=1 WIDTH=\"100%%\">\n<tr>\n<td><font face=\"Helvetica, Arial, Sans-serif\"><font size=-1><b><font color=\"#666699\">*</font></b>b <b>%s</b></font></font></td>\n</tr>\n</table>\n</td>\n\n" }
htmladmin84 { " <A HREF=\"HTMLAdmin?op=serveractivate&obj=%s%s\" onclick=\"return confirm_stop()\"><IMG SRC=\"../icons/togon.gif\" border=0 align=ABSCENTER></A>" }
@@ -100,9 +100,9 @@
htmladmin95 { " <A HREF=\"HTMLAdmin?op=serveractivate&obj=%s%s\" onclick=\"return confirm_stop()\"><IMG SRC=\"../icons/togon.gif\" border=0 align=ABSCENTER></A>" }
htmladmin96 { " <A HREF=\"HTMLAdmin?op=serveractivate&obj=%s%s\"><IMG SRC=\"../icons/togoff.gif\" border=0 align=ABSCENTER></A>" }
htmladmin97 { "<td><font face=\"Helvetica, Arial, Sans-serif\"><font size=-1><A HREF=\"%s/admin-serv/tasks/configuration/ViewData?sie=%s\" target=\"main\">Server Info</A> <font color=\"#FFFFFF\">|</font></font></font></td>\n" }
-htmladmin98 { "<td><font face=\"Helvetica, Arial, Sans-serif\"><font size=-1><A HREF=\"%s/admin-serv/tasks/configuration/ViewLog?id=%s&directories=%s%clogs\" target=\"main\">Logs</A> <font color=\"#FFFFFF\">|</font></font></font></td>\n" }
+htmladmin98 { "<td><font face=\"Helvetica, Arial, Sans-serif\"><font size=-1><A HREF=\"%s/admin-serv/tasks/configuration/ViewLog?id=%s\" target=\"main\">Logs</A> <font color=\"#FFFFFF\">|</font></font></font></td>\n" }
htmladmin99 { "</p>\n</td>\n</tr>\n\n" }
htmladmin100 { "<font face=\"Helvetica, Arial, Sans-serif\"><font size=-1>%s%s%s Status=<b>%s</b>%s</font></font>\n\n" }
-htmladmin101 { "<A HREF=\"%s/admin-serv/tasks/configuration/MonReplication?servhost=%s&servport=%d&admurl=%s&siteroot=%s\" target=\"main\">Replication Status</A> <font color=\"#FFFFFF\">|</font>\n" }
+htmladmin101 { "<A HREF=\"%s/admin-serv/tasks/configuration/MonReplication?servhost=%s&servport=%d&admurl=%s\" target=\"main\">Replication Status</A> <font color=\"#FFFFFF\">|</font>\n" }
}
Index: mergeConfig.cpp
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/mergeConfig.cpp,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- mergeConfig.cpp 31 Mar 2006 22:58:20 -0000 1.5
+++ mergeConfig.cpp 9 May 2007 00:26:30 -0000 1.6
@@ -35,9 +35,10 @@
#include "libadmsslutil/psetcssl.h"
#include "libadmsslutil/admsslutil.h"
#include "libadminutil/resource.h"
-#include "ldapu.h"
+#include "setuputil/ldapu.h"
#include <ldap_ssl.h>
+#include "config.h"
/*
properties file name = "mergeConfig.properties"
@@ -74,7 +75,8 @@
char*
getResourceString(char *key) {
- return (char *)(res_getstring(i18nResource, key, acceptLanguage));
+ static char buf[BUFSIZ]; /* ok - not threaded code */
+ return (char *)(res_getstring(i18nResource, key, acceptLanguage, buf, sizeof(buf), NULL));
}
@@ -774,8 +776,6 @@
char *method;
int rv;
- char admroot[BIG_LINE];
- char *server_root = NULL;
char error_info[BIG_LINE];
AdmldapInfo ldapInfo = NULL;
char line[BIG_LINE];
@@ -811,13 +811,10 @@
return 1;
if(!strcmp(method, "GET")) {
- server_root = getenv("NETSITE_ROOT");
-
/* ---------------------- INIT i18n ---------------------------------------- */
char *lang=getenv("HTTP_ACCEPT_LANGUAGE");
- PR_snprintf(line, sizeof(line), "%s%cbin/admin/admin/bin/property", server_root, FILE_PATHSEP);
- i18nResource = res_init_resource(line, RESOURCE_FILE);
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
acceptLanguage = "en";
if (lang) acceptLanguage = strdup(lang);
@@ -848,18 +845,13 @@
if (source_binddn) rv = ADM_GetCurrentPassword(&err, &source_bindpw);
- PR_snprintf(admroot, sizeof(admroot), "%s%cadmin-serv%cconfig",
- server_root,
- FILE_PATHSEP,
- FILE_PATHSEP);
-
- ldapInfo = admldapBuildInfo(admroot, &rv);
+ ldapInfo = admldapBuildInfo(CONFIGDIR, &rv);
if (!ldapInfo) {
rpt_err(INCORRECT_USAGE, getResourceString(DBT_INVALID_SOURCE_SR), NULL, NULL);
}
- rv = ADMSSL_InitSimple();
+ rv = ADMSSL_InitSimple(CONFIGDIR, SECURITYDIR, 0);
if (rv) {
PR_snprintf(error_info, sizeof(error_info), getResourceString(DBT_ADMSSL_INITFAIL), rv);
rpt_err(APP_ERROR, error_info, NULL, NULL);
Index: migrateConfig.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/migrateConfig.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- migrateConfig.c 31 Mar 2006 22:58:20 -0000 1.5
+++ migrateConfig.c 9 May 2007 00:26:30 -0000 1.6
@@ -60,8 +60,10 @@
#include "libadminutil/resource.h"
-static int update_adm_conf(char *newport);
-static int update_magnus_conf(char *newport);
+#include "config.h"
+
+static char msgbuf[BUFSIZ]; /* ok - not threaded code */
+
/*
properties file name = "config.properties"
*/
@@ -108,7 +110,6 @@
int stop;
int t;
char *oldSR = 0;
- char *newSR = getenv("NETSITE_ROOT");
char error_info[128];
PsetHndl pset;
char *method;
@@ -129,7 +130,7 @@
AttributeList resultList, updateList=NULL, addList=NULL;
AttrNameList nl;
AttributePtr nv;
- char resPath[256], buf[1024], cpcmd[1024], *execPath, *tmpptr;
+ char buf[1024], cpcmd[1024], *tmpptr;
const char *errMsg = NULL;
PRFileInfo fileInfo;
#if 0
@@ -138,12 +139,7 @@
while (waitforever);
#endif
- execPath = getcwd(resPath, 256);
- if (execPath) {
- PL_strncpyz(resPath, execPath, sizeof(resPath));
- PL_strcatn(resPath, sizeof(resPath), "/property");
- i18nResource = res_init_resource(resPath, RESOURCE_FILE);
- }
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
if (lang) acceptLanguage = strdup(lang);
@@ -154,7 +150,8 @@
if (!method || !*method) {
/* non UI CGI */
if (i18nResource &&
- (errMsg = res_getstring(i18nResource, DBT_NO_METHOD, acceptLanguage)))
+ (errMsg = res_getstring(i18nResource, DBT_NO_METHOD, acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL)))
rpt_err(SYSTEM_ERROR, errMsg, NULL, NULL);
else rpt_err(SYSTEM_ERROR, "No method is specified", NULL, NULL);
}
@@ -166,7 +163,7 @@
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
DBT_NO_QUERY_STRING,
- acceptLanguage)))
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL)))
rpt_err(INCORRECT_USAGE, errMsg, NULL, NULL);
else rpt_err(INCORRECT_USAGE, "NO QUERY_STRING DATA", NULL, NULL);
}
@@ -181,7 +178,7 @@
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
DBT_UNKNOWN_METHOD,
- acceptLanguage)))
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL)))
PR_snprintf(error_info, sizeof(error_info), errMsg, method);
else PR_snprintf(error_info, sizeof(error_info), "Unknown Method (%s)", method);
rpt_err(INCORRECT_USAGE, error_info, NULL, NULL);
@@ -196,7 +193,7 @@
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
DBT_NO_USER_NAME,
- acceptLanguage)))
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL)))
rpt_err(ELEM_MISSING, errMsg, NULL, NULL);
else rpt_err(ELEM_MISSING, "NO USER NAME", NULL, NULL);
}
@@ -208,7 +205,7 @@
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
DBT_NO_USER_DN,
- acceptLanguage)))
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL)))
rpt_err(ELEM_MISSING,errMsg, NULL, NULL);
else rpt_err(ELEM_MISSING, "NO USER DN!", NULL, NULL);
}
@@ -221,7 +218,7 @@
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
DBT_NO_USER_DN,
- acceptLanguage)))
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL)))
rpt_err(ELEM_MISSING, errMsg, NULL, NULL);
else rpt_err(ELEM_MISSING, "NO USER DN!", NULL, NULL);
}
@@ -229,12 +226,12 @@
}
if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw);
- rv = ADMSSL_InitSimple();
+ rv = ADMSSL_InitSimple(CONFIGDIR, SECURITYDIR);
if (rv) {
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
DBT_SSL_INIT_ERROR,
- acceptLanguage)))
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL)))
rpt_err(APP_ERROR, errMsg, NULL, NULL);
else rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL);
}
@@ -242,7 +239,7 @@
/* Initialize the pset */
pset = psetCreateSSL("admin-serv",
- /* configRoot */ NULL,
+ /* configRoot */ CONFIGDIR,
/* userDN */ binddn,
/* passwd */ bindpw,
/* errorcode */ &rv);
@@ -251,11 +248,11 @@
PR_snprintf(error_info, sizeof(error_info),
"PSET_ERROR_NUMBER: %d\nPSET_ERROR_INFO: %s",
rv,
- psetErrorString(rv, NULL));
+ psetErrorString(rv, NULL, msgbuf, sizeof(msgbuf), NULL));
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
DBT_PSET_CREATE_ERROR,
- acceptLanguage)))
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL)))
rpt_err(APP_ERROR, errMsg, NULL, error_info);
else rpt_err(APP_ERROR, "PSET Creation Failed", NULL, error_info);
}
@@ -270,7 +267,7 @@
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
DBT_NO_OLD_SERVER_ROOT,
- acceptLanguage)))
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL)))
rpt_err(INCORRECT_USAGE, errMsg, NULL, NULL);
else rpt_err(INCORRECT_USAGE, "No old server root specified", NULL, NULL);
}
@@ -282,7 +279,7 @@
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
DBT_ERROR_OPEN_FILE,
- acceptLanguage)))
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL)))
PR_snprintf(error_info, sizeof(error_info), errMsg, fileName);
else PR_snprintf(error_info, sizeof(error_info), "Error open file: %s", fileName);
rpt_err(SYSTEM_ERROR, error_info, NULL, NULL);
@@ -302,7 +299,7 @@
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
DBT_ERROR_OPEN_FILE,
- acceptLanguage)))
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL)))
PR_snprintf(error_info, sizeof(error_info), errMsg, fileName);
else PR_snprintf(error_info, sizeof(error_info), "Error reading file: %s", fileName);
rpt_err(SYSTEM_ERROR, error_info, NULL, NULL);
@@ -332,19 +329,6 @@
addSingleValueAttribute(updateList, i++, nameptr, valptr);
}
if (!PL_strcmp(nameptr, "configuration.nsServerPort")) {
- err = update_adm_conf(valptr);
- if(err >= 0)
- err = update_magnus_conf(valptr);
- if (err < 0) {
- psetDelete(pset);
- if (i18nResource &&
- (errMsg = res_getstring(i18nResource,
- DBT_ERROR_OPEN_FILE,
- acceptLanguage)))
- PR_snprintf(error_info, sizeof(error_info), errMsg, "adm.conf");
- else PR_snprintf(error_info, sizeof(error_info), "Error open file: adm.conf");
- rpt_err(SYSTEM_ERROR, error_info, NULL, NULL);
- }
val = psetGetAttrSingleValue(pset, "adminurl", &errorCode);
if (val) {
char urlBuf[256];
@@ -371,11 +355,11 @@
PR_snprintf(error_info, sizeof(error_info),
"PSET_ERROR_NUMBER: %d\nPSET_ERROR_INFO: %s\n",
errorCode,
- psetErrorString(errorCode, NULL));
+ psetErrorString(errorCode, NULL, msgbuf, sizeof(msgbuf), NULL));
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
DBT_PSET_SET_ERROR,
- acceptLanguage)))
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL)))
rpt_err(APP_ERROR, errMsg, NULL, error_info);
else rpt_err(APP_ERROR, "PSET Set Failed", NULL, error_info);
}
@@ -390,11 +374,11 @@
PR_snprintf(error_info, sizeof(error_info),
"PSET_ERROR_NUMBER: %d\nPSET_ERROR_INFO: %s\n",
errorCode,
- psetErrorString(errorCode, NULL));
+ psetErrorString(errorCode, NULL, msgbuf, sizeof(msgbuf), NULL));
if (i18nResource &&
(errMsg = res_getstring(i18nResource,
DBT_PSET_ADD_ERROR,
- acceptLanguage)))
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL)))
rpt_err(APP_ERROR, errMsg, NULL, error_info);
else rpt_err(APP_ERROR, "PSET Add Failed", NULL, error_info);
}
@@ -402,114 +386,8 @@
}
rpt_success(NULL);
- PR_snprintf(fileName, sizeof(fileName), "%s/userdb/certmap.conf", oldSR);
- if (PR_GetFileInfo(fileName, &fileInfo) == PR_SUCCESS) {
- if ((fileInfo.type == PR_FILE_FILE) && newSR) {
- PR_snprintf(cpcmd, sizeof(cpcmd), "cp %s %s/shared/config/certmap.conf", fileName, newSR);
- system(cpcmd);
- }
- }
if (updateList) deleteAttributeList(updateList);
if (addList) deleteAttributeList(addList);
psetDelete(pset);
if (i18nResource) res_destroy_resource(i18nResource);
}
-
-
-/*
- * Modify Port in adm.conf
- */
-static int update_adm_conf(char *newport) {
-
- FILE *f;
- int i, modified=0;
- static char filename[BIG_LINE];
- static char inbuf[BIG_LINE];
- static char buf[BIG_LINE];
- int linecnt=0;
- char *lines[50];
- int port;
- const char *errMsg = NULL;
-
- PR_snprintf(filename, sizeof(filename), "%s/adm.conf", getenv("ADMSERV_ROOT"));
-
- f = fopen(filename, "r");
- if (f==NULL) return -1;
-
- while(fgets(inbuf, sizeof(inbuf), f) != NULL) {
- if (STRNCASECMP(inbuf,"port:",5) == 0) { /* Line starts with "Port:" */
- PR_snprintf(buf, sizeof(buf), "port: %s\n", newport);
- lines[linecnt++] = strdup(buf);
- modified=1;
- }
- else {
- lines[linecnt++] = strdup(inbuf);
- }
- }
- fclose(f);
-
- if (!modified) { /* Add the Port attribute */
- PR_snprintf(buf, sizeof(buf), "Port: %s\n", newport);
- lines[linecnt++] = strdup(buf);
- }
-
- f = fopen(filename, "w");
- if (f==NULL) return -1;
-
- for (i=0; i < linecnt; i++) {
- fprintf(f, "%s", lines[i]);
- }
-
- fclose(f);
-
- return 0;
-}
-
-
-/*
- * Modify Port in magnus.conf
- */
-static int update_magnus_conf(char *newport) {
-
- FILE *f;
- int i, modified=0;
- static char filename[BIG_LINE];
- static char inbuf[BIG_LINE];
- static char buf[BIG_LINE];
- int linecnt=0;
- char *lines[50];
- int port;
-
- PR_snprintf(filename, sizeof(filename), "%s/magnus.conf", getenv("ADMSERV_ROOT"));
-
- f = fopen(filename, "r");
- if (f==NULL) return -1;
-
- while(fgets(inbuf, sizeof(inbuf), f) != NULL) {
- if (STRNCASECMP(inbuf,"Port",4) == 0) { /* Line starts with "Port:" */
- PR_snprintf(buf, sizeof(buf), "Port %s\n", newport);
- lines[linecnt++] = strdup(buf);
- modified=1;
- }
- else {
- lines[linecnt++] = strdup(inbuf);
- }
- }
- fclose(f);
-
- if (!modified) { /* Add the Port attribute */
- PR_snprintf(buf, sizeof(buf), "Port %s\n", newport);
- lines[linecnt++] = strdup(buf);
- }
-
- f = fopen(filename, "w");
- if (f==NULL) return -1;
-
- for (i=0; i < linecnt; i++) {
- fprintf(f, "%s", lines[i]);
- }
-
- fclose(f);
-
- return 0;
-}
Index: monreplication.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/monreplication.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- monreplication.c 31 Mar 2006 22:58:20 -0000 1.5
+++ monreplication.c 9 May 2007 00:26:30 -0000 1.6
@@ -32,6 +32,8 @@
#include <sys/types.h>
#include "libadmin/libadmin.h"
+#include "config.h"
+
#define MY_PAGE "monreplication.html"
#define DEF_SIZE "25"
@@ -51,17 +53,14 @@
char*
getResourceString(char *key) {
- return (char *)(res_getstring(i18nResource, key, acceptLanguage));
+ static char msgbuf[BUFSIZ]; /* ok - not threaded code */
+ return (char *)(res_getstring(i18nResource, key, acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL));
}
static void i18nInit() {
- char resPath[256], *execPath;
- execPath = getcwd(resPath, 256);
- if (execPath) {
- PL_strncpyz(resPath, execPath, sizeof(resPath));
- PL_strcatn(resPath, sizeof(resPath), "/property");
- i18nResource = res_init_resource(resPath, RESOURCE_FILE);
- }
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
+
if (getenv("HTTP_ACCEPT_LANGUAGE")) {
acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE");
}
@@ -77,7 +76,6 @@
char *host;
char *port;
char *admurl;
- char *siteroot;
char refreshurl[256] = {'\0'};
char refreshinterval[16];
char configfile[256] = {'\0'};
@@ -92,7 +90,6 @@
host = get_cgi_var("servhost", NULL, NULL);
port = get_cgi_var("servport", NULL, NULL);
admurl = get_cgi_var("admurl", NULL, NULL);
- siteroot = get_cgi_var("siteroot", NULL, NULL);
}
@@ -120,9 +117,6 @@
else if(directive_is(line, "ADMURL")) {
output_input("hidden", "admurl", refreshurl, NULL);
}
- else if(directive_is(line, "SITEROOT")) {
- output_input("hidden", "siteroot", siteroot, NULL);
- }
else if(directive_is(line, "CONFIGFILE")) {
output_input("text", "configfile", configfile, "size=80");
}
Index: restartsrv.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/restartsrv.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- restartsrv.c 31 Mar 2006 22:58:20 -0000 1.5
+++ restartsrv.c 9 May 2007 00:26:30 -0000 1.6
@@ -50,6 +50,9 @@
#endif
#include "libadminutil/resource.h"
+#include "libadmin/libadmin.h"
+
+#include "config.h"
#define RESOURCE_FILE "restartsrv"
@@ -113,18 +116,12 @@
#ifdef XP_UNIX
char line[BIG_LINE];
#endif
+ char msgbuf[BUFSIZ];
char *acceptLanguage = (char*)"en", *lang=getenv((char*)"HTTP_ACCEPT_LANGUAGE");
Resource *i18nResource = NULL;
- char resPath[256], *execPath;
-
- execPath = getcwd(resPath, 256);
- if (execPath) {
- PL_strncpyz(resPath, execPath, sizeof(resPath));
- PL_strcatn(resPath, sizeof(resPath), "/property");
- i18nResource = res_init_resource(resPath, RESOURCE_FILE);
- }
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
if (lang) acceptLanguage = strdup(lang);
@@ -174,15 +171,17 @@
rpt_err(SYSTEM_ERROR,
res_getstring(i18nResource,
DBT_NO_NEW_PROCESS,
- acceptLanguage),
+ acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
else rpt_err(SYSTEM_ERROR,
"Couldn't create a new process to stop admin server",
NULL, NULL);
break;
case 0:
- PR_snprintf(line, sizeof(line), "%s/restart-admin", getenv("NETSITE_ROOT"));
- restart(line);
+ if (util_find_file_in_paths(line, sizeof(line), "restart-admin", CMDBINDIR, "../..", "")) {
+ restart(line);
+ }
exit(0);
break;
default:
@@ -192,7 +191,8 @@
if (i18nResource)
rpt_unknown(res_getstring(i18nResource,
DBT_RESTART_ACK,
- acceptLanguage));
+ acceptLanguage,
+ msgbuf, sizeof(msgbuf), NULL));
else rpt_unknown("Admin server should restart on user request");
break;
}
@@ -294,16 +294,12 @@
static char filename[BIG_LINE];
static char buf[BIG_LINE];
char * p = NULL;
- char *admserv = getenv("ADMSERV_ROOT");
-
- if (!admserv)
- return NULL;
- PR_snprintf(filename, sizeof(filename), "%s/httpd.conf", admserv);
+ util_find_file_in_paths(filename, sizeof(filename), "console.conf", CONFIGDIR, "", "admin-serv/config");
f = fopen(filename, "r");
if (f==NULL) {
- rpt_err(SYSTEM_ERROR, "Can not open file httpd.conf for reading", NULL, NULL);
+ rpt_err(SYSTEM_ERROR, "Can not open file console.conf for reading", NULL, NULL);
}
while(fgets(inbuf, sizeof(inbuf), f) != NULL) {
@@ -322,7 +318,7 @@
PR_snprintf(buf, sizeof(buf),"%s",p);
}
else {
- PR_snprintf(buf, sizeof(buf),"%s/../%s", admserv, p);
+ util_find_file_in_paths(buf, sizeof(buf), p, LOGDIR, "..", "admin-serv");
}
free(p);
p = strdup(buf);
Index: sec-activate.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/sec-activate.c,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- sec-activate.c 12 May 2006 00:41:29 -0000 1.7
+++ sec-activate.c 9 May 2007 00:26:30 -0000 1.8
@@ -43,6 +43,10 @@
#include "libadmsslutil/psetcssl.h"
#include "libadmsslutil/admsslutil.h"
+#include "libadmin/libadmin.h"
+
+#include "config.h"
+
#ifdef __cplusplus
}
#endif
@@ -71,16 +75,16 @@
#define DBT_PSET_ATTR_CREATE resource_key(RESOURCE_FILE, "14")
#define DBT_PSET_ATTR_MODIFY resource_key(RESOURCE_FILE, "15")
#define DBT_PSET_INV_ATTR resource_key(RESOURCE_FILE, "16")
-#define DBT_SERVER_XML_MOD resource_key(RESOURCE_FILE, "17")
+#define DBT_ADMIN_CONF_MOD resource_key(RESOURCE_FILE, "17")
-static int update_conf(char *file, char *name, char *val);
+static int update_conf(char *configdir, char *file, char *name, char *val);
Resource *i18nResource;
char *acceptLanguage;
char*
getResourceString(char *key) {
- return (char *)(res_getstring(i18nResource, key, acceptLanguage));
+ return (char *)(res_getstring(i18nResource, key, acceptLanguage, NULL, 0, NULL));
}
typedef struct family_input_s family_input;
@@ -481,12 +485,9 @@
char *ssl3_act = NULL;
char *clientauth = NULL;
- char admroot[BIG_LINE];
- char *server_root = NULL;
+ char *configdir; /* where to find config files */
+ char *securitydir = NULL; /* where to find security files */
family_input *family_head = NULL;
- char *trustdb;
- char key_file[BIG_LINE]; /* parsing trustdb */
- char cert_file[BIG_LINE];
char error_info[BIG_LINE];
AdmldapInfo ldapInfo = NULL;
char *lang;
@@ -497,18 +498,16 @@
if(method && *method) {
lang=getenv("HTTP_ACCEPT_LANGUAGE");
- PR_snprintf(line, sizeof(line), "%s%cbin/admin/admin/bin/property", getenv("NETSITE_ROOT"), FILE_PATHSEP);
}
else {
if(!argv[1] || !argv[2]) {
- rpt_err(INCORRECT_USAGE, "Usage: sec-activate [server root] [SSL enabled]\n[server root] = The server root of the target Admin Server\n[SSL enabled] = 'on' or 'off'", NULL, NULL);
+ rpt_err(INCORRECT_USAGE, "Usage: sec-activate [configdir] [SSL enabled]\n[configdir] = The location of the config and security files of the target Admin Server\n[SSL enabled] = 'on' or 'off'", NULL, NULL);
}
lang = NULL;
- PR_snprintf(line, sizeof(line), "%s%cbin/admin/admin/bin/property", argv[1], FILE_PATHSEP);
}
- i18nResource = res_init_resource(line, RESOURCE_FILE);
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
if(!i18nResource)
- rpt_err(INCORRECT_USAGE, "Invalid server root specified.", NULL, NULL);
+ rpt_err(INCORRECT_USAGE, "Localized property files not found in " PROPERTYDIR, NULL, NULL);
acceptLanguage = "en";
if (lang) acceptLanguage = strdup(lang);
@@ -522,7 +521,7 @@
rpt_err(ELEM_MISSING, getResourceString(DBT_PSET_INIT_NO_USERNAME), NULL, NULL);
else {
/* No DN, maybe it is local super */
- localAdmin = admGetLocalAdmin(NULL, &rv);
+ localAdmin = admGetLocalAdmin(CONFIGDIR, &rv);
if (localAdmin) {
if (PORT_Strcmp(username, localAdmin))
rpt_err(ELEM_MISSING, getResourceString(DBT_PSET_INIT_NO_USERDN), NULL, NULL);
@@ -537,33 +536,24 @@
if(!method || !*method) {
/* non-UI CGI - can't call ADMSSL_InitSimple() */
- server_root = strdup(argv[1]);
- if(server_root[strlen(server_root)-1] == FILE_PATHSEP)
- server_root[strlen(server_root)-1] = '\0';
- PR_snprintf(admroot, sizeof(admroot), "%s%cadmin-serv%cconfig",
- server_root,
- FILE_PATHSEP,
- FILE_PATHSEP);
-
- ldapInfo = admldapBuildInfoCbk(admroot, pwdCbk, &rv);
+ securitydir = strdup(argv[1]);
+ configdir = strdup(argv[1]); /* same as securitydir */
+ ldapInfo = admldapBuildInfoCbk(configdir, pwdCbk, &rv);
if (!ldapInfo) {
rpt_err(INCORRECT_USAGE, getResourceString(DBT_INV_SR), NULL, NULL);
}
- rv = ADMSSL_Init(ldapInfo, admroot);
+ rv = ADMSSL_Init(ldapInfo, SECURITYDIR, 1);
if (rv) {
PR_snprintf(error_info, sizeof(error_info), getResourceString(DBT_PSET_INIT_FAILURE), rv);
rpt_err(APP_ERROR, error_info, NULL, NULL);
}
}
else {
- server_root = getenv("NETSITE_ROOT");
- PR_snprintf(admroot, sizeof(admroot), "%s%cadmin-serv%cconfig",
- server_root,
- FILE_PATHSEP,
- FILE_PATHSEP);
- rv = ADMSSL_InitSimple();
+ configdir = CONFIGDIR;
+ securitydir = SECURITYDIR;
+ rv = ADMSSL_InitSimple(configdir, securitydir, 1);
if (rv) {
rpt_err(APP_ERROR, getResourceString(DBT_ADMSSL_INIT_FAIL), NULL, NULL);
}
@@ -572,7 +562,7 @@
/* Initialize the pset */
pset = psetCreateSSL("admin-serv",
- admroot,
+ configdir,
/* userDN */ NULL,
/* passwd */ NULL,
/* errorcode */ &rv);
@@ -591,7 +581,7 @@
rpt_err(INCORRECT_USAGE, getResourceString(DBT_CMDLINE_STATUS_USAGE), NULL, NULL);
}
/* change "security" in LDAP and adm.conf to "on"/"off" */
- set_security(pset, server_root, security, NULL, NULL);
+ set_security(pset, configdir, security);
rpt_success(getResourceString(DBT_SUCCESS));
}
@@ -606,8 +596,6 @@
free(return_string);
}
else if (!PORT_Strcmp(method, "POST")) {
- char trustdbVN[] = "trustdb";
-
fprintf(stdout, "Content-type: text/html\n\n");
post_begin(stdin);
@@ -618,38 +606,24 @@
ssl3_act = get_cgi_var("ssl3-activated", "", "");
clientauth = get_cgi_var("clientauth", "", "");
- /* char *qs = getenv("QUERY_STRING");*/
-
/* Parse out complete family list */
get_family_input(&family_head);
- if((trustdb = get_cgi_var(trustdbVN, "", "")) == NULL) {
- char * scratch = PR_smprintf(getResourceString(DBT_CGI_MISSING_ARGS), trustdbVN);
- rpt_err(ELEM_MISSING, NULL, scratch, NULL);
- PR_smprintf_free(scratch); /* never executed */
- }
-
/* SET SSL VARIABLES via pset */
/* first, cipher family info */
SetSSLFamilyAttributes(pset, family_head, ssl2, ssl3, ssl2_act, ssl3_act);
- /* next, set keyfile and certfile (based on trust db) */
- PR_snprintf(key_file, sizeof(key_file), "alias/%s-key3.db", trustdb);
- PR_snprintf(cert_file, sizeof(cert_file), "alias/%s-cert8.db", trustdb);
-
- set_attribute(pset, "configuration.encryption.nsKeyfile", key_file);
- set_attribute(pset, "configuration.encryption.nsCertfile", cert_file);
set_attribute(pset, "configuration.encryption.nsSSLClientAuth", clientauth);
/* change "security" in LDAP and adm.conf to "on"/"off" */
- set_security(pset, server_root, security, cert_file, key_file);
+ set_security(pset, configdir, security);
- /* change security parameters in server.xml, new for iWS6 */
+ /* change security parameters in console.conf */
if (strcmp(security, "off")==0) {
- rv = update_conf("console.conf", "NSSEngine", "off");
+ rv = update_conf(configdir, "console.conf", "NSSEngine", "off");
if (rv < 0) {
- rpt_err(APP_ERROR, NULL, getResourceString(DBT_SERVER_XML_MOD), NULL);
+ rpt_err(APP_ERROR, NULL, getResourceString(DBT_ADMIN_CONF_MOD), NULL);
}
}
else if (strcmp(security, "on")==0) {
@@ -665,8 +639,8 @@
if (strlen(clientauth) == 0) {
clientauth = (char*)"off";
}
- rv = update_conf("console.conf", "NSSEngine", "on");
- rv = update_conf("console.conf", "NSSNickname", certnickname);
+ rv = update_conf(configdir, "console.conf", "NSSEngine", "on");
+ rv = update_conf(configdir, "console.conf", "NSSNickname", certnickname);
strcpy(protocols, "");
@@ -676,19 +650,19 @@
strcat(protocols, "SSLv3,TLSv1,");
protocols[strlen(protocols) - 1] = '\0'; /* remove trailing comma */
- rv = update_conf("console.conf", "NSSProtocol", protocols);
+ rv = update_conf(configdir, "console.conf", "NSSProtocol", protocols);
snprintf(ciphers, sizeof(ciphers), "%s,%s", ssl2, ssl3);
ciphers[sizeof(ciphers)-1] = 0;
- rv = update_conf("console.conf", "NSSCipherSuite", ciphers);
+ rv = update_conf(configdir, "console.conf", "NSSCipherSuite", ciphers);
if (!strcmp(clientauth, "on"))
- rv = update_conf("console.conf", "NSSVerifyClient", "require");
+ rv = update_conf(configdir, "console.conf", "NSSVerifyClient", "require");
else
- rv = update_conf("console.conf", "NSSVerifyClient", "none");
+ rv = update_conf(configdir, "console.conf", "NSSVerifyClient", "none");
if (rv < 0) {
- rpt_err(APP_ERROR, NULL, getResourceString(DBT_SERVER_XML_MOD), NULL);
+ rpt_err(APP_ERROR, NULL, getResourceString(DBT_ADMIN_CONF_MOD), NULL);
}
} else {
rpt_err(INCORRECT_USAGE, getResourceString(DBT_CGI_INVALID_ARGS), NULL, NULL);
@@ -709,7 +683,7 @@
* Modify any attribute in a configuration file with a name/value pair
* If the attribute value is NULL, remove it from the file completely.
*/
-static int update_conf(char *file, char *name, char *val) {
+static int update_conf(char *configdir, char *file, char *name, char *val) {
FILE *f;
int i, modified=0;
@@ -718,12 +692,11 @@
static char buf[BIG_LINE];
int linecnt=0;
char *lines[2048];
- char *admserv = getenv("ADMSERV_ROOT");
- if (!admserv)
+ if (!configdir)
return -1;
- PR_snprintf(filename, sizeof(filename), "%s/%s", admserv, file);
+ PR_snprintf(filename, sizeof(filename), "%s/%s", configdir, file);
f = fopen(filename, "r");
if (f==NULL) {
Index: sec-activate.properties
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/sec-activate.properties,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- sec-activate.properties 18 Aug 2005 18:59:03 -0000 1.3
+++ sec-activate.properties 9 May 2007 00:26:30 -0000 1.4
@@ -26,8 +26,8 @@
sec-activate1 { "NO USER NAME!" }
sec-activate2 { "NO USER DN!" }
-sec-activate3 { "Usage: sec-activate [server root] [SSL enabled]\n[server root] = The server root of the target Admin Server\n[SSL enabled] = 'on' or 'off'" }
-sec-activate4 { "ERROR: Invalid server root specified." }
+sec-activate3 { "Usage: sec-activate [configdir] [SSL enabled]\n[configdir] = The directory containing the configuration and security database files for the target Admin Server\n[SSL enabled] = 'on' or 'off'" }
+sec-activate4 { "ERROR: Invalid configdir specified." }
sec-activate5 { "ERROR: Failed to perform security initialization for communication with LDAP in SSL mode (error code = %d)" }
sec-activate6 { "SSL related initialization failed" }
sec-activate7 { "PSET Creation Failed" }
@@ -40,6 +40,6 @@
sec-activate14 { "PSET attribute creation or local cache update failed!" }
sec-activate15 { "PSET attribute modification failed!" }
sec-activate16 { "Invalid SIE attribute found!" }
-sec-activate17 { "Failed to modify configuration file server.xml!" }
+sec-activate17 { "Failed to modify admin server configuration!" }
}
Index: security.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/security.c,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- security.c 11 May 2006 14:29:30 -0000 1.8
+++ security.c 9 May 2007 00:26:30 -0000 1.9
@@ -55,6 +55,11 @@
#include "libadminutil/distadm.h"
#include "libadminutil/resource.h"
#include "libadmsslutil/certmgt.h"
+#include "libadmsslutil/psetcssl.h"
+
+#include "config.h"
+
+#include "cgicommon.h"
#ifdef __cplusplus
}
@@ -101,8 +106,6 @@
#define RESOURCE_FILE "security"
-#define resource_key(a,b) a b
-
/* main resource string */
#define DBT_PARAMETERMISSING resource_key(RESOURCE_FILE, "1")
#define DBT_MISSING_THIS resource_key(RESOURCE_FILE, "2")
@@ -182,21 +185,31 @@
#define DBT_DECODE_CRL_ERROR resource_key(RESOURCE_FILE, "110")
#define DBT_REMOVE_ERROR resource_key(RESOURCE_FILE, "111")
#define DBT_INSTALL_ERROR resource_key(RESOURCE_FILE, "112")
+#define DBT_INVALID_CRL resource_key(RESOURCE_FILE, "113")
/* key and certificate migration */
#define DBT_ALIAS resource_key(RESOURCE_FILE, "120")
#define DBT_KEY_OR_CERT_NOTFOUND resource_key(RESOURCE_FILE, "121")
#define DBT_UNABLE_TO_MIGRATE resource_key(RESOURCE_FILE, "122")
#define DBT_INVALID_SERVER_ROOT resource_key(RESOURCE_FILE, "123")
+#define DBT_MIGRATION_NOT_SUPPORTED resource_key(RESOURCE_FILE, "124")
+
+/* more module codes */
+#define DBT_INVALID_OP resource_key(RESOURCE_FILE, "150")
Resource *i18nResource;
+Resource *i18nResource_common;
char *acceptLanguage;
static char * cur_pwd = 0; /* for use in changePassword and getPassword_cb */
static char*
getResourceString(char *key) {
- return (char *)(res_getstring(i18nResource, key, acceptLanguage));
+ if (key && !strncmp(key, COMMON_RESOURCE_FILE, strlen(COMMON_RESOURCE_FILE))) {
+ return (char *)(res_getstring(i18nResource_common, key, acceptLanguage, NULL, 0, NULL));
+ } else {
+ return (char *)(res_getstring(i18nResource, key, acceptLanguage, NULL, 0, NULL));
+ }
}
static char * getParameter(char *key, char *keyName) {
@@ -206,13 +219,6 @@
return get_cgi_var(key, getResourceString(DBT_PARAMETERMISSING), line);
}
-static char ** getMultivaluedParam(char *key, char *keyName) {
-
- PR_snprintf(line, sizeof(line), getResourceString(DBT_MISSING_THIS), keyName);
-
- return get_cgi_multiple(key, getResourceString(DBT_PARAMETERMISSING), line);
-}
-
static void closeAllSecurityDB() {
/* close all db */
NSS_Shutdown();
@@ -241,162 +247,22 @@
extra);
}
-static int
-copyFile(const char *srcname, const char *destname)
-{
- PRFileDesc *srcp = NULL, *destp = NULL;
- PRInt32 bytes;
- char buf[BUFSIZ];
- int ret = 0;
-
- srcp = PR_Open(srcname, PR_RDONLY, 0);
- if(!srcp) {
- rpt_err(APP_ERROR, "Cannot open src file for copy!", NULL, NULL);
- goto cleanup_and_return;
- }
- destp = PR_Open(destname, PR_RDWR|PR_CREATE_FILE, PR_IRUSR|PR_IWUSR);
- if(!destp) {
- rpt_err(APP_ERROR, "Cannot open dest file for copy!", NULL, NULL);
- goto cleanup_and_return;
- }
- while (0 < (bytes = PR_Read(srcp, buf, sizeof(buf)))) {
- PRInt32 remaining = bytes;
- PRInt32 byteswritten = 0;
- while (((byteswritten = PR_Write(destp, buf+byteswritten, remaining)) != remaining) &&
- (byteswritten > 0)) {
- remaining -= byteswritten;
- }
- if (byteswritten < 0) {
- rpt_err(APP_ERROR, "Cannot write data to dest file for file copy!", NULL, NULL);
- goto cleanup_and_return;
- }
- }
- if (bytes < 0) {
- rpt_err(APP_ERROR, "Cannot read data from src for file copy!", NULL, NULL);
- } else if (bytes == 0) {
- ret = 1; /* success */
- }
-
-cleanup_and_return:
- if (destp) {
- PR_Close(destp);
- }
- if (srcp) {
- PR_Close(srcp);
- }
-
- return ret;
-}
-
/* return true if all of the chars in s are valid chars for use in
- file and directory names, and false otherwise. This means that
- the string must begin with a letter or number, and must contain
- letters, numbers, '-' and '_'.
+ a secmod module name. This string is passed to the shell in
+ double quotes, so the user should not have to pass in any odd
+ chars or quoting. Look for chars which would indicate someone
+ is attempting something fishy.
*/
static int
-is_valid_path_string(const char *s)
+is_valid_name_string(const char *s)
{
- int ret = 0;
- if (s) {
- if (isalnum(*s)) {
- ret = 1;
- for(; ret && *s; ++s) {
- ret = isalnum(*s) || (*s == '-') || (*s == '_');
- }
- }
- }
- return ret;
-}
-
-/* try various ways to determine if the given name is a valid
- file or directory - this value is passed in as a form
- parameter, and our motto is "Don't trust the user!"
- If the given filetype is directory, also check to see if the optional
- given filename (may be NULL) is in the given directory
-*/
-static int
-verify_file_or_dir(
- const char *name, /* name of file or directory to check */
- PRFileType filetype, /* type of name */
- const char *childname, /* optional child file/dir to check inside given parent name */
- size_t childlen, /* only compare first childlen chars of childname - use -1 for entire string */
- PRFileType childtype /* type of child */
-)
-{
- int ret = 0;
- PRFileInfo fileinfo;
- /* first, just a simple access check */
- PRStatus status = PR_GetFileInfo(name, &fileinfo);
- ret = ((status == PR_SUCCESS) && (fileinfo.type == filetype));
- if (ret) {
- /* checks out ok - let's split it into the base name and the parent dir,
- open the parent dir, and see if the base name exists in the parent dir
- */
- char *copy = PL_strdup(name);
- size_t len = strlen(copy);
- char *ptr = ©[len-1];
- /* get the basename - a really bad name may look like
- /path/foo/// or even ///////////////// */
- for (; (ptr > copy) && (*ptr == '/'); --ptr) {
- /* do nothing */
- }
- if ((ptr == copy) && (*ptr == '/')) {
- /* bad - string consists of nothing but '/' */
- ptr = NULL;
- ret = 0;
- } else {
- PRDir *pdir;
- PRDirEntry *pent;
-
- ret = 0;
- if (*ptr == '/') {
- *ptr = 0; /* terminate the string at the first trailing '/' */
- }
- ptr = strrchr(copy, '/');
- if (!ptr) {
- ptr = copy;
- copy = PL_strdup(".");
- } else {
- *ptr = 0;
- ++ptr;
- ptr = PL_strdup(ptr);
- }
- /* copy now points at the parent, ptr at the child */
- if (pdir = PR_OpenDir(copy)) {
- for(pent = PR_ReadDir(pdir, PR_SKIP_BOTH); pent && !ret;
- pent = PR_ReadDir(pdir, PR_SKIP_BOTH)) {
- ret = !strcmp(pent->name, ptr);
- }
- PR_CloseDir(pdir);
- }
- if (ret && childname && (filetype == PR_FILE_DIRECTORY)) {
- ret = 0;
- /* we've verified that name is a valid directory - see if
- the given filename exists in that directory */
- if (pdir = PR_OpenDir(name)) {
- for(pent = PR_ReadDir(pdir, PR_SKIP_BOTH); pent && !ret;
- pent = PR_ReadDir(pdir, PR_SKIP_BOTH)) {
- if (childlen > 0) {
- ret = !strncmp(pent->name, childname, childlen);
- } else {
- ret = !strcmp(pent->name, childname);
- }
- }
- PR_CloseDir(pdir);
- if (ret) {
- /* child exists - check type */
- char *fullname = PR_smprintf("%s%c%s", name, FILE_PATHSEP, childname);
- status = PR_GetFileInfo(fullname, &fileinfo);
- ret = ((status == PR_SUCCESS) && (fileinfo.type == childtype));
- PR_smprintf_free(fullname);
- }
- }
- }
- }
- PL_strfree(copy);
- PL_strfree(ptr);
- }
- return ret;
+ int isvalid = 1;
+ for(;isvalid && s && *s; ++s) {
+ isvalid = (isalnum(*s) || (*s == ' ') || (*s == '.') || (*s == ',') ||
+ (*s == '+') || (*s == '=') || (*s == '@') || (*s == '-') ||
+ (*s == '_'));
+ }
+ return isvalid;
}
/*
@@ -534,6 +400,100 @@
return (str==NULL?(char *)"(null)":str);
}
+static int
+psetHasObjectClass(PsetHndl pset, const char *ocname)
+{
+ int rval = 0;
+ char *val = NULL;
+ ValueType nodeObjectClass = psetGetObjectClass(pset, "" /* use root node */, &rval);
+ ValueType iter = nodeObjectClass;
+
+ rval = 0;
+ while ((!rval) && ((val = *iter++))) {
+ rval = !PL_strcasecmp(ocname, val);
+ }
+
+ deleteValue(nodeObjectClass);
+ return rval;
+}
+
+/*
+ * With the FHS work, plus the injunction against
+ * paths in CGI parameters, we should get the
+ * securitydir (key/cert db file dir) from the server config,
+ * using the pset interface
+ */
+static char *
+getSecurityDir(AdmldapInfo info, const char *sie)
+{
+ int rval = 0;
+ char *securitydir = NULL;
+ PsetHndl pset;
+
+ if (!PL_strncasecmp(sie, "admin-serv", strlen("admin-serv"))) {
+ return PL_strdup(SECURITYDIR); /* same as admin server security dir */
+ }
+
+ /* create pset with this dn */
+ pset = psetCreateSSL((char *)sie, CONFIGDIR, NULL, NULL, &rval);
+ if (pset && ((rval == PSET_OP_OK) || (rval == PSET_LOCAL_OPEN_FAIL))) { /* only admin-serv uses local file */
+ securitydir = psetGetAttrSingleValue(pset, "configuration.encryption.certdir", &rval);
+ if (!securitydir && psetHasObjectClass(pset, DSOBJECTCLASS)) {
+ char *host = psetGetAttrSingleValue(pset, "serverHostName", &rval);
+ char *sport = psetGetAttrSingleValue(pset, "nsServerPort", &rval);
+ char *ssecport = psetGetAttrSingleValue(pset, "nsSecureServerPort", &rval);
+ char *ssecurity = psetGetAttrSingleValue(pset, "nsServerSecurity", &rval);
+ int port, security;
+ char *user = NULL;
+ char *binddn = NULL;
+ char *bindpw = admldapGetSIEPWD(info);
+ int freebindpw = 1;
+
+ ADM_GetUserDNString(&rval, &user);
+ if (!user) {
+ ADM_GetCurrentUsername(&rval, &user);
+ }
+ /* if user is just attr val, get dn */
+ binddn = admldapGetUserDN(info, user);
+ if (!bindpw) {
+ freebindpw = 0;
+ ADM_GetCurrentPassword(&rval, &bindpw);
+ }
+ security = (ssecurity && !PL_strcasecmp(ssecurity, "on")) ? 1 : 0;
+ if (security) {
+ if (ssecport) {
+ port = atoi(ssecport);
+ } else {
+ port = 636;
+ }
+ } else {
+ if (sport) {
+ port = atoi(sport);
+ } else {
+ port = 389;
+ }
+ }
+
+ psetDelete(pset);
+ pset = psetRealCreateSSL(host, port, security, DSCONFIGENTRY,
+ binddn, bindpw, NULL, &rval);
+ securitydir = psetGetAttrSingleValue(pset, DSSECURITYDIR, &rval);
+ PL_strfree(host);
+ PL_strfree(sport);
+ PL_strfree(ssecport);
+ PL_strfree(ssecurity);
+ PL_strfree(binddn);
+ if (freebindpw) {
+ PL_strfree(bindpw);
+ }
+ }
+ }
+ psetDelete(pset);
+
+ return securitydir;
+}
+
+
/*
* Print cert attributes
*/
@@ -1003,12 +963,10 @@
/*
* Initialize NSS
*/
-static void securityInitialization(char* sie) {
+static void securityInitialization(char* securitydir) {
- char prefix[BIG_LINE];
PRUint32 flags = 0;
char *db_name;
- char configdir[BIG_LINE];
int const minPwdLen = 8;
int const pwdRequired = 1;
@@ -1017,12 +975,8 @@
PK11_ConfigurePKCS11(NULL,NULL,NULL,db_name,NULL,NULL,NULL,NULL,
minPwdLen, pwdRequired);
- PR_snprintf(configdir, sizeof(configdir), "%s%calias", getenv("NETSITE_ROOT"), FILE_PATHSEP);
-
- PR_snprintf(prefix, sizeof(prefix), "%s-", sie);
-
/* init NSS */
- if (NSS_Initialize(configdir, prefix, prefix, "secmod.db", flags)) {
+ if (NSS_Initialize(securitydir, NULL, NULL, SECMOD_DB, flags)) {
rpt_err(GENERAL_FAILURE,
getResourceString(DBT_INTERNAL_ERROR),
getResourceString(DBT_OPEN_CERTDB_FAIL),
@@ -1555,7 +1509,9 @@
char msg[BIG_LINE];
int list_type = (type && !PORT_Strcmp(type, "CKL"))? SEC_KRL_TYPE : SEC_CRL_TYPE;
- if (!verify_file_or_dir(filename, PR_FILE_FILE, NULL, 0, (PRFileType)0)) {
+ if (!filename || !*filename ||
+ !util_is_valid_path_string(filename) ||
+ !util_verify_file_or_dir(SECURITYDIR, PR_FILE_DIRECTORY, filename, -1, PR_FILE_FILE)) {
/* invalid file */
PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), filename);
errorRpt(FILE_ERROR, msg);
@@ -1615,6 +1571,9 @@
if ( SECFailure == ATOB_ConvertAsciiToItem(&derCrl, DERCert) ) {
errorRpt(SYSTEM_ERROR, getResourceString(DBT_DECODE_CRL_ERROR));
}
+ } else {
+ PR_snprintf(msg, sizeof(msg), getResourceString(DBT_INVALID_CRL), filename);
+ errorRpt(FILE_ERROR, msg);
}
}
@@ -1857,37 +1816,20 @@
* Add/remove pkcs 11 module from the secmod db
*/
static void moduleOperation(char* op) {
- char binary[BIG_LINE];
- char install_dir[BIG_LINE];
- char database_dir[BIG_LINE];
- char libpath[BIG_LINE];
+ const char *binary = "modutil"; /* PATH and LD_LIBRARY_PATH must already be set correctly */
+ const char *install_dir = LIBDIR;
+ const char *database_dir = SECURITYDIR;
char *filename, *filetype, *dllname;
char cmd[BIG_LINE];
char msg[BIG_LINE];
- PR_snprintf(binary, sizeof(binary), "%s%cshared%cbin%cmodutil",
- getenv("NETSITE_ROOT"),
- FILE_PATHSEP,
- FILE_PATHSEP,
- FILE_PATHSEP);
-
- PR_snprintf(install_dir, sizeof(install_dir), "%s%clib",
- getenv("NETSITE_ROOT"),
- FILE_PATHSEP);
-
- PR_snprintf(database_dir, sizeof(database_dir), "%s%calias",
- getenv("NETSITE_ROOT"),
- FILE_PATHSEP);
-
- PR_snprintf(libpath, sizeof(libpath), "%s/lib", getenv("NETSITE_ROOT"));
-
dllname = get_cgi_var("dllname", NULL, NULL);
if (!PORT_Strcmp(op, "remove")) {
- if (!dllname || !verify_file_or_dir(dllname, PR_FILE_FILE, NULL, 0, (PRFileType)0)) {
- PR_snprintf(msg, sizeof(msg), getResourceString(DBT_MISSING_MODULE_NAME));
- rpt_err(INCORRECT_USAGE, msg, NULL, NULL);
- }
+ if (!dllname || !*dllname || !is_valid_name_string(dllname)) {
+ PR_snprintf(msg, sizeof(msg), getResourceString(DBT_MISSING_MODULE_NAME));
+ rpt_err(INCORRECT_USAGE, msg, NULL, NULL);
+ }
PR_snprintf(cmd, sizeof(cmd), "%s -dbdir %s -force -nocertdb -delete \"%s\" 2>&1",
binary,
database_dir,
@@ -1898,15 +1840,17 @@
filename = getParameter("filename",getResourceString(DBT_MISSING_FILE));
filetype = getParameter("format",getResourceString(DBT_MISSING_FORMAT));
- if((PR_Access(filename, PR_ACCESS_EXISTS) == PR_FAILURE) ||
- !verify_file_or_dir(filename, PR_FILE_FILE, NULL, 0, (PRFileType)0)) {
+ /* see if filename exists in SECURITYDIR */
+ if(!util_is_valid_path_string(filename) ||
+ !util_verify_file_or_dir(SECURITYDIR, PR_FILE_DIRECTORY, filename, -1, PR_FILE_FILE)) {
PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), filename);
rpt_err(FILE_ERROR, msg, NULL, NULL);
}
+ /* dllname is the internal name of the module - the user must
+ have specified a valid name */
if((filetype && (!PORT_Strcmp(filetype, "dll"))) &&
- (!dllname || !PORT_Strcmp(dllname, "") ||
- !verify_file_or_dir(dllname, PR_FILE_FILE, NULL, 0, (PRFileType)0))) {
+ (!dllname || !PORT_Strcmp(dllname, "") || !is_valid_name_string(dllname))) {
PR_snprintf(msg, sizeof(msg), getResourceString(DBT_MISSING_MODULE_NAME));
rpt_err(INCORRECT_USAGE, msg, NULL, NULL);
}
@@ -1936,19 +1880,10 @@
rpt_err(INCORRECT_USAGE, msg, NULL, NULL);
}
- }
-
-/* 601256 Include <server-root>/lib into the shared libarary path on Unix */
-#if defined XP_UNIX
-#if defined HPUX
- extend_env("SHLIB_PATH", libpath);
-#elif defined AIX
- extend_env("LIBPATH", libpath);
- extend_env("LD_LIBRARY_PATH", libpath);
-#else
- extend_env("LD_LIBRARY_PATH", libpath);
-#endif
-#endif
+ } else { /* invalid op */
+ PR_snprintf(msg, sizeof(msg), getResourceString(DBT_INVALID_OP), op);
+ rpt_err(INCORRECT_USAGE, msg, NULL, NULL);
+ }
if(system(cmd) != 0) {
if (!PORT_Strcmp(op, "add")) {
@@ -1958,7 +1893,7 @@
}
rpt_err(APP_ERROR, msg, NULL, NULL);
- }
+ }
}
/*
@@ -1998,266 +1933,16 @@
}
}
-/* Lists all files in a directory. */
-static char **list_directory(char *path)
-{
- char **ar = NULL;
- PRDir *ds;
- PRDirEntry *d;
- int entryCount = 0;
-
- if(!(ds = PR_OpenDir(path))) {
- return NULL;
- }
-
- /* PR_SKIP_BOTH, to skip . and .. as file */
- while( (d = PR_ReadDir(ds, PR_SKIP_BOTH)) ) {
- ar = (char **) PORT_Realloc(ar, (entryCount+1)*sizeof(char *));
- ar[entryCount] = (char *) PORT_Alloc(PORT_Strlen(d->name) + 2);
- strcpy(ar[entryCount], d->name);
- entryCount++;
- }
- PR_CloseDir(ds);
-
- /*will have put the sort backin later
- qsort((void *)ar, p, sizeof(char *), _dumbsort);*/
- ar = (char **) PORT_Realloc(ar, (entryCount+1)*sizeof(char *));
- ar[entryCount] = NULL;
-
-
- return ar;
-}
-
/* Makes a list of the aliases installed on machine. */
static void listAlias()
{
- char *path = NULL;
- char *remstr;
- char *keystr = "-key";
- char **alist;
- int x;
- char * serverRoot = getParameter("old_server_root",getResourceString(DBT_OLD_SERVER_ROOT));
-
- /* see if serverRoot is legitimate, and also make sure it contains an "alias" directory */
- if (!verify_file_or_dir(serverRoot, PR_FILE_DIRECTORY, "alias", 0, PR_FILE_DIRECTORY)) {
- errorRpt(INCORRECT_USAGE, getResourceString(DBT_INVALID_SERVER_ROOT));
- }
-
- /* if we got here, serverRoot has passed our rigorous integrity checks and contains an alias directory */
- path = PR_smprintf("%s%calias", serverRoot, FILE_PATHSEP);
- alist = list_directory(path);
- if (alist == NULL) {
- errorRpt(INCORRECT_USAGE, getResourceString(DBT_READ_ALIAS));
- }
-
- fprintf(stdout, "<ALIAS>\n");
-
- for (x=0; alist[x]; x++) {
- if ((remstr = (PORT_Strstr(alist[x], keystr))) != NULL) {
- /* *(alist[x] + (PORT_Strlen(alist[x]) - PORT_Strlen(remstr))) = '\0'; */
- fprintf(stdout, "\t<%s></%s>\n", alist[x], alist[x]);
- }
- }
-
- fprintf(stdout, "</ALIAS>\n");
-}
-
-static char* normalizeCommandLine(char* cmd) {
- char* tmpcmd = PORT_Strdup(cmd);
- char sysDeptPathSep = PR_GetDirectorySeparator();
- int i;
-
- for (i=0; tmpcmd[i] != '\0'; i++) {
- if ((tmpcmd[i] == '/') ||
- (tmpcmd[i] == '\\')) {
- tmpcmd[i] = sysDeptPathSep;
- }
- }
-
- return tmpcmd;
-}
-
-static void keyCertMigrate(char* alias, char* sie) {
- int aliasLen;
- char cert7[] = "cert7";
- char key3[] = "key3";
- char const mask[] = "%s%calias%c%s-%s.db";
- char * newRoot;
- char * oldRoot;
- char msg[BIG_LINE];
-
-#if XP_UNIX
- char const cmd[] = "cp %s %s%calias%c%s-%s.db";
-#else
- char const cmd[] = "copy %s %s%calias%c%s-%s.db";
-#endif
-
- oldRoot = getParameter("old_server_root", getResourceString(DBT_OLD_SERVER_ROOT));
- if (!verify_file_or_dir(oldRoot, PR_FILE_DIRECTORY, "alias", 0, PR_FILE_DIRECTORY) ||
- !is_valid_path_string(alias))
- {
- PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), oldRoot);
- errorRpt(INCORRECT_USAGE, msg);
- }
- newRoot = getenv("NETSITE_ROOT");
-
- aliasLen = PORT_Strlen(alias);
-
- /*
- * Time to save any current cert7 or key3 file we currently have.
- */
- {
- char * backCertFile;
- char * backKeyFile;
- char const backupMask[] = "%s%calias%c%s-%s.db_bak%d";
- char * scratch;
- int i;
-
- i = PORT_Strlen(newRoot) + sizeof(backupMask) + aliasLen + 20; /* overkill but safe */
-
- backCertFile = (char *) PORT_Alloc(i);
- backKeyFile = (char *) PORT_Alloc(i);
- scratch = (char *) PORT_Alloc(i);
-
- i = 0;
-
- do {
- do {
- sprintf(backCertFile, backupMask, newRoot, FILE_PATHSEP, FILE_PATHSEP, alias, cert7, ++i);
- } while (PR_SUCCESS == PR_Access(backCertFile, PR_ACCESS_EXISTS));
- sprintf(backKeyFile, backupMask, newRoot, FILE_PATHSEP, FILE_PATHSEP, alias, key3, i);
- } while (PR_SUCCESS == PR_Access(backKeyFile, PR_ACCESS_EXISTS));
-
- sprintf(scratch, mask, newRoot, FILE_PATHSEP, FILE_PATHSEP, alias, cert7);
-
- if (PR_SUCCESS == PR_Access(scratch, PR_ACCESS_EXISTS)) {
- /* really make sure the file exists */
- char *dir = PR_smprintf("%s%calias", newRoot, FILE_PATHSEP);
- char *file = PR_smprintf("%s-%s.db", alias, cert7);
- if (verify_file_or_dir(dir, PR_FILE_DIRECTORY, file, 0, PR_FILE_FILE)) {
- PR_Rename(scratch, backCertFile);
- if (!verify_file_or_dir(backCertFile, PR_FILE_FILE, NULL, 0, (PRFileType)0)) {
- PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), backCertFile);
- errorRpt(INCORRECT_USAGE, msg);
- }
- } else {
- PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), scratch);
- errorRpt(INCORRECT_USAGE, msg);
- }
- PR_smprintf_free(dir);
- PR_smprintf_free(file);
- }
-
- sprintf(scratch, mask, newRoot, FILE_PATHSEP, FILE_PATHSEP, alias, key3);
-
- if (PR_SUCCESS == PR_Access(scratch, PR_ACCESS_EXISTS)) {
- /* really make sure the file exists */
- char *dir = PR_smprintf("%s%calias", newRoot, FILE_PATHSEP);
- char *file = PR_smprintf("%s-%s.db", alias, key3);
- if (verify_file_or_dir(dir, PR_FILE_DIRECTORY, file, 0, PR_FILE_FILE)) {
- PR_Rename(scratch, backKeyFile);
- if (!verify_file_or_dir(backKeyFile, PR_FILE_FILE, NULL, 0, (PRFileType)0)) {
- PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), backKeyFile);
- errorRpt(INCORRECT_USAGE, msg);
- }
- } else {
- PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), scratch);
- errorRpt(INCORRECT_USAGE, msg);
- }
- PR_smprintf_free(dir);
- PR_smprintf_free(file);
- }
-
- PORT_Free(backCertFile);
- PORT_Free(backKeyFile);
- PORT_Free(scratch);
- }
-
- /*
- * We now take a peek at the old environment and determine
- * if we can reuse the old cert and key files or if we
- * need to start from scratch.
- */
- {
- char cert[] = "cert";
- char * fileName;
- char key[] = "key";
- char * oldCert;
- int i;
-
- i = PORT_Strlen(oldRoot) + sizeof(mask) + aliasLen + 20; /* overkill but safe */
-
- fileName = (char *) PORT_Alloc(i);
-
- sprintf(fileName, mask, oldRoot, FILE_PATHSEP, FILE_PATHSEP, alias, cert);
- if ((PR_SUCCESS == PR_Access(fileName, PR_ACCESS_EXISTS)) &&
- verify_file_or_dir(fileName, PR_FILE_FILE, NULL, 0, (PRFileType)0)) {
- oldCert = PORT_Strdup(fileName);
- sprintf(fileName, mask, oldRoot, FILE_PATHSEP, FILE_PATHSEP, alias, key);
- if ((PR_SUCCESS == PR_Access(fileName, PR_ACCESS_EXISTS)) &&
- verify_file_or_dir(fileName, PR_FILE_FILE, NULL, 0, (PRFileType)0)) {
- } else {
- PORT_Free(oldCert);
- oldCert = 0;
- }
- } else {
- oldCert = 0;
- }
-
- if (oldCert) {
- securityInitialization(sie);
- closeAllSecurityDB();
- PORT_Free(oldCert);
- } else {
- sprintf(fileName, mask, oldRoot, FILE_PATHSEP, FILE_PATHSEP, alias, cert);
- if ((PR_SUCCESS == PR_Access(fileName, PR_ACCESS_EXISTS)) &&
- verify_file_or_dir(fileName, PR_FILE_FILE, NULL, 0, (PRFileType)0)) {
- } else {
- PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), fileName);
- errorRpt(INCORRECT_USAGE, msg);
- }
- oldCert = PORT_Strdup(fileName);
- sprintf(fileName, mask, oldRoot, FILE_PATHSEP, FILE_PATHSEP, alias, key);
- if ((PR_SUCCESS == PR_Access(fileName, PR_ACCESS_EXISTS)) &&
- verify_file_or_dir(fileName, PR_FILE_FILE, NULL, 0, (PRFileType)0)) {
- char *newfile = PR_smprintf("%s%calias%c%s-%s.db",
- newRoot, FILE_PATHSEP, FILE_PATHSEP,
- alias, cert7);
- if (!copyFile(oldCert, newfile) ||
- !verify_file_or_dir(newfile, PR_FILE_FILE, NULL, 0, (PRFileType)0)) {
- errorRpt(INCORRECT_USAGE, getResourceString(DBT_UNABLE_TO_MIGRATE));
- }
- PR_smprintf_free(newfile);
- newfile = PR_smprintf("%s%calias%c%s-%s.db",
- newRoot, FILE_PATHSEP, FILE_PATHSEP,
- alias, key3);
- if (!copyFile(fileName, newfile) ||
- !verify_file_or_dir(newfile, PR_FILE_FILE, NULL, 0, (PRFileType)0)) {
- errorRpt(INCORRECT_USAGE, getResourceString(DBT_UNABLE_TO_MIGRATE));
- }
- PR_smprintf_free(newfile);
- } else {
- PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), fileName);
- errorRpt(INCORRECT_USAGE, msg);
- }
- PORT_Free(oldCert);
- }
- PORT_Free(fileName);
- }
-
- PORT_Free(oldRoot);
- PORT_Free(newRoot);
+ errorRpt(INCORRECT_USAGE, getResourceString(DBT_MIGRATION_NOT_SUPPORTED));
}
-char* toLowerCase(char* str) {
- char* lowerCase = (char*)PORT_ZAlloc(PORT_Strlen(str)+1);
- int i;
-
- for(i=0; str[i] != '\0'; i++) {
- lowerCase[i] = PORT_Tolower(str[i]);
- }
-
- return lowerCase;
+/* migration via CGI is no longer supported - migration is performed
+ as part of install/upgrade or as a separate command line utility */
+static void keyCertMigrate() {
+ errorRpt(INCORRECT_USAGE, getResourceString(DBT_MIGRATION_NOT_SUPPORTED));
}
int main(int argc, char *argv[])
@@ -2266,8 +1951,11 @@
int _ai = ADMUTIL_Init();
char * m = getenv("REQUEST_METHOD");
char * qs = 0;
- char *sie;
+ char *securitydir = NULL; /* looked up via sie */
char msg[BIG_LINE];
+ AdmldapInfo ldapInfo; /* our config */
+ int rc = 0;
+ char *sie;
#if 0
CGI_Debug("security");
@@ -2276,8 +1964,8 @@
/*setup i18n stuff*/
{
char *lang=getenv("HTTP_ACCEPT_LANGUAGE");
- PR_snprintf(line, sizeof(line), "%s%cbin/admin/admin/bin/property", getenv("NETSITE_ROOT"), FILE_PATHSEP);
- i18nResource = res_init_resource(line, RESOURCE_FILE);
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
+ i18nResource_common = res_find_and_init_resource(PROPERTYDIR, COMMON_RESOURCE_FILE);
acceptLanguage = "en";
if (lang) acceptLanguage = strdup(lang);
@@ -2296,39 +1984,37 @@
post_begin(stdin);
- sie = toLowerCase(getParameter("sie", getResourceString(DBT_SIE)));
+ sie = getParameter("sie", getResourceString(DBT_SIE));
+ ldapInfo = admldapBuildInfoOnly(CONFIGDIR, &rc);
+ if (rc || !ldapInfo) {
+ PR_snprintf(line, sizeof(line), getResourceString(CMN_CONFIGPROBLEM), CONFIGDIR, rc);
+ errorRpt(FILE_ERROR, line);
+ }
+
+ securitydir = getSecurityDir(ldapInfo, sie);
{
char* operation = getParameter("formop",getResourceString(DBT_OP));
- if (!operation) {
- /* if we got here it means front end pass back
- a bogus operation string */
- PR_snprintf(line, sizeof(line), getResourceString(DBT_NO_OP), operation);
- errorRpt(INCORRECT_USAGE, line);
+ if (!operation) {
+ /* if we got here it means front end pass back
+ a bogus operation string */
+ PR_snprintf(line, sizeof(line), getResourceString(DBT_NO_OP), operation);
+ errorRpt(INCORRECT_USAGE, line);
} else if (!PORT_Strcmp(operation, "MIGRATE_DB")) {
- keyCertMigrate(getParameter("alias",getResourceString(DBT_ALIAS)),
- sie);
-
+ keyCertMigrate();
} else {
/*only initialize db when we are not trying to migrate
if we initialize db then we won't be able to migrate because
security library will hog up the file and we can not remove it.*/
- char *dbdir = PR_smprintf("%s%calias", getenv("NETSITE_ROOT"), FILE_PATHSEP);
- char *certdbname = PR_smprintf("%s-cert8.db", sie);
- char *keydbname = PR_smprintf("%s-key3.db", sie);
- if (!is_valid_path_string(sie) ||
- !verify_file_or_dir(dbdir, PR_FILE_DIRECTORY, certdbname, 0, PR_FILE_FILE) ||
- !verify_file_or_dir(dbdir, PR_FILE_DIRECTORY, keydbname, 0, PR_FILE_FILE)) {
- PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS), certdbname);
+ if (!util_verify_file_or_dir(securitydir, PR_FILE_DIRECTORY, NULL, 0, PR_FILE_FILE)) {
+ PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_FILE_EXISTS),
+ securitydir ? securitydir : "(null)");
errorRpt(INCORRECT_USAGE, msg);
- }
- PR_smprintf_free(dbdir);
- PR_smprintf_free(certdbname);
- PR_smprintf_free(keydbname);
+ }
/* we got here, we think sie is a valid prefix */
- securityInitialization(sie);
+ securityInitialization(securitydir);
if (!PORT_Strcmp(operation, "LIST_CERTIFICATE")) {
/* list cert */
Index: security.properties
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/security.properties,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- security.properties 18 Aug 2005 18:59:03 -0000 1.3
+++ security.properties 9 May 2007 00:26:30 -0000 1.4
@@ -58,13 +58,13 @@
security44 { "Unable to delete the CRL or CKL specified." }
security45 { "Unable to find the CRL or CKL specified." }
//#/* module operation */
-security50 { "Could not open file %s." }
+security50 { "Could not open file %s. File does not exist or filename is invalid." }
security51 { "Could not add module found in file %s." }
security52 { "The module has been successfully added. Please restart the console for changes to take effect." }
security53 { "No file specified. Enter the full path of a file." }
security54 { "No file format specified." }
security55 { "Invalid file format." }
-security56 { "No module name specified. Please enter the module name." }
+security56 { "No module name or incorrect module name specified. Please enter a valid module name." }
security57 { "The module has been successfully removed. Please restart the console for changes to take effect." }
security58 { "Module might not have been removed." }
security59 { "Additional information available in %s." }
@@ -96,10 +96,15 @@
security110 { "Error decoding the CRL/CKL file. Please make sure it is valid." }
security111 { "Error deleting the existing CRL/CKL in replacement process." }
security112 { "Error writing the new CRL/CKL into the certificate database." }
+security113 { "The file %s does not contain a valid CRL/CKL" }
//#/* key/cert migration */
security120 { "Alias" }
security121 { "Key or Certificate database doesn't exist in the old server root specified" }
security122 { "Unable to migrate old Key or certificate database to new server. Make sure there aren't any server using the key and certificate database." }
security123 { "Invalid server specified." }
-
+security124 { "Migration of old key and certificate databases is no longer supported."
+ " Migration will usually be performed as part of upgrade installation, or"
+ " as a separate migration command. Please refer to the Admin Server guide"
+ " for more information." }
+security150 { "The module operation code \"%s\" is not valid." }
}
Index: setport.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/setport.c,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- setport.c 18 Aug 2005 18:59:03 -0000 1.4
+++ setport.c 9 May 2007 00:26:30 -0000 1.5
@@ -112,7 +112,7 @@
if (binddn) rv = ADM_GetCurrentPassword(&err, &bindpw);
- rv = ADMSSL_InitSimple();
+ rv = ADMSSL_InitSimple(CONFIGDIR, SECURITYDIR);
if (rv) {
rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL);
}
Index: snmpconf.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/snmpconf.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- snmpconf.c 11 May 2006 14:29:30 -0000 1.6
+++ snmpconf.c 9 May 2007 00:26:30 -0000 1.7
@@ -33,6 +33,8 @@
#include "libadminutil/distadm.h"
#include "libadmin/sconf.h"
+#include "config.h"
+
#define INTsystem_free free
#define INTsystem_malloc malloc
#define INTsystem_realloc realloc
@@ -112,13 +114,8 @@
static Resource *i18nResource = NULL;
static void i18nInit() {
- char resPath[256], *execPath;
- execPath = getcwd(resPath, 256);
- if (execPath) {
- PL_strncpyz(resPath, execPath, sizeof(resPath));
- PL_strcatn(resPath, sizeof(resPath), "/property");
- i18nResource = res_init_resource(resPath, RESOURCE_FILE);
- }
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
+
if (getenv("HTTP_ACCEPT_LANGUAGE")) {
acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE");
}
Index: snmpmctl.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/snmpmctl.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- snmpmctl.c 11 May 2006 14:29:30 -0000 1.6
+++ snmpmctl.c 9 May 2007 00:26:30 -0000 1.7
@@ -55,6 +55,8 @@
#include "libadminutil/admutil.h"
#include "libadmin/sconf.h"
+#include "config.h"
+
#define MASTERAGT_PID "pid_masteragt"
#define MAGT_CONF "/plugins/snmp/magt/CONFIG"
#define SEPERATOR 0x1F
@@ -130,13 +132,8 @@
static Resource *i18nResource = NULL;
static void i18nInit() {
- char resPath[256], *execPath;
- execPath = getcwd(resPath, 256);
- if (execPath) {
- PL_strncpyz(resPath, execPath, sizeof(resPath));
- PL_strcatn(resPath, sizeof(resPath), "/property");
- i18nResource = res_init_resource(resPath, RESOURCE_FILE);
- }
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
+
if (getenv("HTTP_ACCEPT_LANGUAGE")) {
acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE");
}
Index: start_config_ds.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/start_config_ds.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- start_config_ds.c 31 Mar 2006 22:58:20 -0000 1.5
+++ start_config_ds.c 9 May 2007 00:26:30 -0000 1.6
@@ -32,27 +32,9 @@
#include <stdlib.h>
#include <string.h>
-#ifdef XP_UNIX
-# define FILE_SEP '/'
-# define STRNCASECMP strncasecmp
-# define SLEEP sleep
-# include <unistd.h>
-#else /* XP_WIN32 */
-# define FILE_SEP '/'
-# define STRNCASECMP _strnicmp
-# define SLEEP _sleep
-#endif
-
-#define PATH_LENGTH 1024
-#define ADMIN_CONFIG_FILE "adm.conf"
-#define COMMENT_CHAR '#'
-#define LDAP_START_KEY "ldapStart"
+#include <config.h>
-void
-error(char *msg)
-{
- printf("StartConfigDS Error: %s\n", msg);
-}
+#include <libadminutil/admutil.h>
int
error_exit(char *msg)
@@ -67,7 +49,7 @@
int
success_exit()
{
- SLEEP(10);
+ sleep(10);
printf("Content-type: text/html\n");
printf("Content-length: 13\n\n");
printf("NMC_Status: 0");
@@ -76,72 +58,23 @@
exit(0) ;
}
-static char *
-caseless_strstr(char *string, char *pattern)
-{
- char *p;
-
- if (!string || !pattern)
- return (NULL);
-
- for (p = string ; *p ; p++)
- {
- if (!STRNCASECMP(p, pattern, strlen(pattern)))
- return (p);
- }
-
- return (NULL);
-}
-
int
main(int argc, char *argv[])
{
- char path[PATH_LENGTH], line[PATH_LENGTH];
- char *admroot = NULL;
- char *srvroot = NULL;
- FILE *configfile = NULL;
- char *p;
- int ret_val;
+ int ret_val = 0;
+ char *startcmd = 0;
+ AdmldapInfo info;
/* find and open the AS config file adm.conf */
+ info = admldapBuildInfoOnly(CONFIGDIR, &ret_val);
- if (!(admroot = getenv("ADMSERV_ROOT")))
- return error_exit("ADMSERV_ROOT not found");
-
- if (!(srvroot = getenv("NETSITE_ROOT")))
- return error_exit("NETSITE_ROOT not found");
-
- snprintf(path, sizeof(path), "%s%c%s", admroot, FILE_SEP, ADMIN_CONFIG_FILE);
- path[sizeof(path)-1] = 0;
-
- if (!(configfile = fopen(path, "r")))
+ if (!info) {
return error_exit("Failed to open adm.conf");
+ }
- /* look for config DS start executable path */
-
- while (fgets(line, PATH_LENGTH, configfile))
- {
- if (line[0] == COMMENT_CHAR)
- continue;
-
- if (STRNCASECMP(line, LDAP_START_KEY, strlen(LDAP_START_KEY)))
- continue;
-
- /* found. chew whitespace, build full executable path and execute. */
-
- p = line;
- p += strlen(LDAP_START_KEY);
- while (*p != ':')
- p++;
- p++;
- while ((*p == ' ') || (*p == '\t'))
- p++;
-
- snprintf(path, sizeof(path), "%s%c%s", srvroot, FILE_SEP, p);
- path[sizeof(path)-1] = 0;
-
- /* this should probably be an explicit fork/exec, but I don't have the time... */
- if ((ret_val = system(path)) == -1)
+ startcmd = admldapGetLdapStart(info);
+ if (startcmd) {
+ if ((ret_val = system(startcmd)) == -1)
return error_exit("system() returned -1");
if (ret_val != 0)
Index: statpingserv.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/statpingserv.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- statpingserv.c 11 May 2006 14:29:30 -0000 1.5
+++ statpingserv.c 9 May 2007 00:26:30 -0000 1.6
@@ -129,7 +129,7 @@
rpt_success("The server is DOWN.");
return 1;
}
- file = strdup("../icons/togoff.gif");
+ file = PR_smprintf("%s/togoff.gif", ICONDIR);
}
else {
/* SERVER IS RUNNING - output of ON button */
@@ -137,7 +137,7 @@
rpt_success("The server is UP.");
return 1;
}
- file = strdup("../icons/togon.gif");
+ file = PR_smprintf("%s/togon.gif", ICONDIR);
}
PR_Close(req_socket);
@@ -152,6 +152,7 @@
PR_Sync(PR_STDOUT);
gif = PR_Open(file, PR_RDONLY, 0);
+ PR_smprintf_free(file);
if(!gif)
rpt_err(APP_ERROR, "Cannot open gif file!", NULL, NULL);
while (0 < (bytes = PR_Read(gif, gifbuf, sizeof(gifbuf)))) {
Index: statusping.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/statusping.c,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- statusping.c 18 Aug 2005 18:59:03 -0000 1.3
+++ statusping.c 9 May 2007 00:26:30 -0000 1.4
@@ -21,7 +21,7 @@
/*
* Server ping
*
- * This cgi provide a way for java front end to pin the server for status
+ * This cgi provide a way for java front end to ping the server for status
*
*/
Index: stopsrv.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/stopsrv.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- stopsrv.c 31 Mar 2006 22:58:20 -0000 1.5
+++ stopsrv.c 9 May 2007 00:26:30 -0000 1.6
@@ -38,6 +38,9 @@
#endif
#include "libadminutil/resource.h"
+#include "libadmin/libadmin.h"
+
+#include "config.h"
#define RESOURCE_FILE "stopsrv"
@@ -64,7 +67,7 @@
char*
getResourceString(char *key) {
- return (char *)(res_getstring(i18nResource, key, acceptLanguage));
+ return (char *)(res_getstring(i18nResource, key, acceptLanguage, NULL, 0, NULL));
}
/* html resource string */
@@ -72,19 +75,14 @@
{
int _ai=ADMUTIL_Init();
char *m = getenv("REQUEST_METHOD");
+ char msgbuf[BUFSIZ];
char line[BIG_LINE];
char *lang=getenv("HTTP_ACCEPT_LANGUAGE");
- char resPath[256], *execPath;
char *return_format = NULL;
char *qs = 0;
- execPath = getcwd(resPath, 256);
- if (execPath) {
- PL_strncpyz(resPath, execPath, sizeof(resPath));
- PL_strcatn(resPath, sizeof(resPath), "/property");
- i18nResource = res_init_resource(resPath, RESOURCE_FILE);
- }
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
if (lang) acceptLanguage = strdup(lang);
@@ -113,7 +111,7 @@
rpt_err(SYSTEM_ERROR,
res_getstring(i18nResource,
DBT_NO_NEW_PROCESS,
- acceptLanguage),
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL),
NULL, NULL);
}
}
@@ -142,8 +140,9 @@
#else
sleep(5);
#endif
- PR_snprintf(line, sizeof(line), "%s/stop-admin", getenv("NETSITE_ROOT"));
- system(line);
+ if (util_find_file_in_paths(line, sizeof(line), "stop-admin", CMDBINDIR, "../..", "")) {
+ system(line);
+ }
exit(0);
break;
default:
@@ -158,7 +157,7 @@
else {
rpt_unknown(res_getstring(i18nResource,
DBT_SHUTDOWN_ACK,
- acceptLanguage));
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL));
}
}
else {
@@ -181,7 +180,7 @@
else {
rpt_unknown(res_getstring(i18nResource,
DBT_SHUTDOWN_ACK,
- acceptLanguage));
+ acceptLanguage, msgbuf, sizeof(msgbuf), NULL));
}
}
else {
Index: ugdsconfig.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/ugdsconfig.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- ugdsconfig.c 31 Mar 2006 22:58:20 -0000 1.6
+++ ugdsconfig.c 9 May 2007 00:26:30 -0000 1.7
@@ -62,11 +62,15 @@
#include "libadmsslutil/psetcssl.h"
#include "libadmsslutil/admsslutil.h"
#include "libadmsslutil/certmgt.h"
-#include "utf8.h"
+#include "util.h"
#include "cert.h"
-static void handle_getconfig();
-static void handle_setconfig();
+#include "libadmin/libadmin.h"
+
+#include "config.h"
+
+static void handle_getconfig(const char *configdir, const char *securitydir);
+static void handle_setconfig(const char *configdir, const char *securitydir);
static char *getGlobalInfoDN(char *siedn);
static char *nonull_value(char *str);
@@ -83,19 +87,21 @@
/* Automatically enable logging if <cgi-name>.dbg file exists in the logs directory */
if (!log_enabled && !enable_verified) {
+ const char *logdir = util_get_log_dir();
enable_verified = 1;
- PR_snprintf(logfile, sizeof(logfile), "%s/../logs/ugdsconfig.dbg", getenv("ADMSERV_ROOT"));
- logfp = fopen(logfile, "r");
- if (logfp == NULL) {
- return;
- }
- log_enabled = 1;
- fclose(logfp);
- logfp=NULL;
- }
+ if (util_is_dir_ok(logdir)) {
+ PR_snprintf(logfile, sizeof(logfile), "%s/ugdsconfig.dbg", logdir);
+ logfp = fopen(logfile, "r");
+ if (logfp == NULL) {
+ return;
+ }
+ log_enabled = 1;
+ fclose(logfp);
+ logfp=NULL;
+ }
+ }
if (logfp==NULL) {
- PR_snprintf(logfile, sizeof(logfile), "%s/../logs/ugdsconfig.dbg", getenv("ADMSERV_ROOT"));
logfp = fopen(logfile, "w");
}
@@ -134,13 +140,8 @@
static Resource *i18nResource = NULL;
static void i18nInit() {
- char resPath[256], *execPath;
- execPath = getcwd(resPath, 256);
- if (execPath) {
- PL_strncpyz(resPath, execPath, sizeof(resPath));
- PL_strcatn(resPath, sizeof(resPath), "/property");
- i18nResource = res_init_resource(resPath, RESOURCE_FILE);
- }
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
+
if (getenv("HTTP_ACCEPT_LANGUAGE")) {
acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE");
}
@@ -152,9 +153,10 @@
}
static const char *i18nMsg(char *msgid, char *defaultMsg) {
const char *msg=NULL;
+ static char buf[BUFSIZ]; /* ok - not threaded code */
if (i18nResource) {
- msg = res_getstring(i18nResource, msgid, acceptLanguage);
+ msg = res_getstring(i18nResource, msgid, acceptLanguage, buf, sizeof(buf), NULL);
}
if (msg == NULL) {
msg = (const char*)defaultMsg;
@@ -176,7 +178,6 @@
int _ai=ADMUTIL_Init();
char *method = getenv("REQUEST_METHOD");
- char *root = getenv("NETSITE_ROOT");
char *qs = 0, *op=0;
logMsg(" In %s\n", argv[0]);
@@ -218,10 +219,10 @@
rpt_err(INCORRECT_USAGE, i18nMsg(DBT_NO_OPERATION,"No operation is defined"), NULL, NULL);
}
if (strcmp(op,"getconfig") == 0) {
- handle_getconfig();
+ handle_getconfig(CONFIGDIR, SECURITYDIR);
}
else if (strcmp(op,"setconfig") == 0) {
- handle_setconfig();
+ handle_setconfig(CONFIGDIR, SECURITYDIR);
}
else {
PR_snprintf(error_info, sizeof(error_info), i18nMsg(DBT_UNKNOWN_OPERATION,"Unknown Operation (%s)"), op);
@@ -235,29 +236,28 @@
/*
* Return current U/G directory setting
*/
-static void handle_getconfig()
+static void handle_getconfig(const char *configdir, const char *securitydir)
{
char *inforef=NULL, *globaldirurl=NULL, *dirurl=NULL, *binddn=NULL, *bindpw=NULL;
AdmldapInfo adminfo;
- char *admroot = getenv("ADMSERV_ROOT");
int rc;
logMsg("In handle_getconfig\n");
- if(ADMSSL_InitSimple()) {
+ if(ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0)) {
rpt_err(SYSTEM_ERROR, i18nMsg(DBT_ADMSSL_INIT_FAILED,"Cannot initialize SSL"), NULL, NULL);
}
- adminfo = admldapBuildInfo(admroot, &rc);
+ adminfo = admldapBuildInfo((char *)configdir, &rc);
if (adminfo == NULL) {
- logMsg("admldapBuildInfo failed, rc=%d, admroot=%s\n", rc, nonull_value(admroot));
+ logMsg("admldapBuildInfo failed, rc=%d, admroot=%s\n", rc, nonull_value((char *)configdir));
PR_snprintf(error_info, sizeof(error_info), i18nMsg(DBT_BUILD_LDAPINFO,"Failed to build ldap info (err=%d)"), rc);
rpt_err(SYSTEM_ERROR, error_info, NULL, NULL);
}
if (admldapGetSecurity(adminfo)) {
if (!admldapBuildInfoSSL(adminfo, &rc)) {
- logMsg("admldapBuildInfo failed, rc=%d, admroot=%s\n", rc, nonull_value(admroot));
+ logMsg("admldapBuildInfo failed, rc=%d, admroot=%s\n", rc, nonull_value((char *)configdir));
PR_snprintf(error_info, sizeof(error_info), i18nMsg(DBT_BUILD_LDAPINFO,"Failed to build ldap info (err=%d)"), rc);
rpt_err(SYSTEM_ERROR, error_info, NULL, NULL);
}
@@ -297,10 +297,9 @@
/*
* Modify U/G Directory setting
*/
-static void handle_setconfig() {
+static void handle_setconfig(const char *configdir, const char *securitydir) {
char *inforef=NULL, *dirurl=NULL, *binddn=NULL, *bindpw=NULL;
- char *admroot = getenv("ADMSERV_ROOT");
char *siedn;
AdmldapInfo adminfo;
LDAPURLDesc *url;
@@ -308,12 +307,12 @@
logMsg("In handle_setconfig\n");
- if(ADMSSL_InitSimple()) {
+ if(ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0)) {
rpt_err(SYSTEM_ERROR, i18nMsg(DBT_ADMSSL_INIT_FAILED,"Cannot initialize SSL"), NULL, NULL);
}
inforef = get_cgi_var( "ugdsconfig.inforef", NULL, NULL );
- dirurl = localToUTF8((const char*)get_cgi_var( "ugdsconfig.dirurl", NULL, NULL ));
+ dirurl = util_local_to_utf8((const char*)get_cgi_var( "ugdsconfig.dirurl", NULL, NULL ));
binddn = get_cgi_var( "ugdsconfig.binddn", NULL, NULL );
bindpw = get_cgi_var( "ugdsconfig.bindpw", NULL, NULL );
@@ -323,16 +322,16 @@
logMsg("bindpw size=%d\n", strlen(nonull_value(bindpw)));
- adminfo = admldapBuildInfo(admroot, &rc);
+ adminfo = admldapBuildInfo((char *)configdir, &rc);
if (adminfo == NULL) {
- logMsg("admldapBuildInfo failed, rc=%d, admroot=%s\n", rc, nonull_value(admroot));
+ logMsg("admldapBuildInfo failed, rc=%d, admroot=%s\n", rc, nonull_value((char *)configdir));
PR_snprintf(error_info, sizeof(error_info), i18nMsg(DBT_BUILD_LDAPINFO,"Failed to build ldap info (err=%d)"), rc);
rpt_err(SYSTEM_ERROR, error_info, NULL, NULL);
}
if (admldapGetSecurity(adminfo)) {
if (!admldapBuildInfoSSL(adminfo, &rc)) {
- logMsg("admldapBuildInfo failed, rc=%d, admroot=%s\n", rc, nonull_value(admroot));
+ logMsg("admldapBuildInfo failed, rc=%d, admroot=%s\n", rc, nonull_value((char *)configdir));
PR_snprintf(error_info, sizeof(error_info), i18nMsg(DBT_BUILD_LDAPINFO,"Failed to build ldap info (err=%d)"), rc);
rpt_err(SYSTEM_ERROR, error_info, NULL, NULL);
}
@@ -344,7 +343,8 @@
inforef = getGlobalInfoDN(siedn);
}
- if (!admldapSetAdmGrpUserDirectoryCGI(NULL, NULL, NULL, inforef, &rc)) {
+ if (!admldapSetAdmGrpUserDirectoryCGI(adminfo, NULL, NULL, NULL, inforef, &rc)) {
+ adminfo = NULL; /* gets destroyed upon failure */
logMsg("admldapSetAdmGrpDirectoryCGI failed, rc=%d, inforef=%s\n", rc, nonull_value(inforef));
PR_snprintf(error_info, sizeof(error_info), i18nMsg(DBT_GLOBAL_SETUSERDIR,"Failed to set link to the Domain User Directory Info (err=%d)"), rc);
rpt_err(SYSTEM_ERROR, error_info, NULL, NULL);
@@ -356,16 +356,6 @@
PR_snprintf(error_info, sizeof(error_info), i18nMsg(DBT_NO_SETPARAM,"Parameter %s missing"), "ugdsconfig.dirurl");
rpt_err(INCORRECT_USAGE, error_info, NULL, NULL);
}
- /*if (binddn==NULL) {
- logMsg("param ugdsconfig.binddn missing");
- PR_snprintf(error_info, sizeof(error_info), i18nMsg(DBT_NO_SETPARAM,"Parameter %s missing"), "ugdsconfig.binddn");
- rpt_err(INCORRECT_USAGE, error_info, NULL, NULL);
- }*/
- /*if (bindpw==NULL) {
- logMsg("param ugdsconfig.bindpw missing");
- PR_snprintf(error_info, sizeof(error_info), i18nMsg(DBT_NO_SETPARAM,"Parameter %s missing"), "ugdsconfig.bindpw");
- rpt_err(INCORRECT_USAGE, error_info, NULL, NULL);
- }*/
if ((rc = ldap_url_parse(dirurl, & url)) != 0) {
logMsg("Bad ugdsconfig.dirurl");
@@ -373,13 +363,18 @@
rpt_err(INCORRECT_USAGE, error_info, NULL, NULL);
}
- if (!admldapSetAdmGrpUserDirectoryCGI(dirurl, binddn, bindpw, NULL, &rc)) {
+ if (!admldapSetAdmGrpUserDirectoryCGI(adminfo, dirurl, binddn, bindpw, NULL, &rc)) {
+ adminfo = NULL; /* gets destroyed upon failure */
logMsg("admldapSetAdmGrpDirectoryCGI failed, rc=%d\n", rc);
PR_snprintf(error_info, sizeof(error_info), i18nMsg(DBT_LOCAL_SETUSERDIR,"Failed to set User Directory Parameters for the Admin Group (err=%d)"), rc);
rpt_err(SYSTEM_ERROR, error_info, NULL, NULL);
}
}
+ if (adminfo) {
+ destroyAdmldap(adminfo);
+ }
+
rpt_success(NULL);
}
Index: viewdata.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/viewdata.c,v
retrieving revision 1.6
retrieving revision 1.7
diff -u -r1.6 -r1.7
--- viewdata.c 11 May 2006 14:29:30 -0000 1.6
+++ viewdata.c 9 May 2007 00:26:30 -0000 1.7
@@ -36,9 +36,9 @@
#include "libadmsslutil/admsslutil.h"
#include "libadmin/libadmin.h"
#include "libadmin/cluster.h"
-#include "ldapu.h"
#include <ldap_ssl.h>
-#include "setupinst.h"
+
+#include "config.h"
#define MY_PAGE "viewdata.html"
@@ -88,17 +88,12 @@
char*
getResourceString(char *key) {
- return (char *)(res_getstring(i18nResource, key, acceptLanguage));
+ static char msgbuf[BUFSIZ]; /* ok - not threaded code */
+ return (char *)(res_getstring(i18nResource, key, acceptLanguage, msgbuf, sizeof(msgbuf), NULL));
}
static void i18nInit() {
- char resPath[256], *execPath;
- execPath = getcwd(resPath, 256);
- if (execPath) {
- PL_strncpyz(resPath, execPath, sizeof(resPath));
- PL_strcatn(resPath, sizeof(resPath), "/property");
- i18nResource = res_init_resource(resPath, RESOURCE_FILE);
- }
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
if (getenv("HTTP_ACCEPT_LANGUAGE")) {
acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE");
}
@@ -109,22 +104,16 @@
* Get the AdmldapInfo struct for ldap SDK API.
*/
-AdmldapInfo get_adm_ldapinfo() {
+AdmldapInfo get_adm_ldapinfo(const char *configdir, const char *securitydir) {
AdmldapInfo ldapInfo = NULL;
int rv;
- char admroot[BIG_LINE];
-
- PR_snprintf(admroot, sizeof(admroot), "%s%cadmin-serv%cconfig",
- getenv("NETSITE_ROOT"),
- FILE_PATHSEP,
- FILE_PATHSEP);
- ldapInfo = admldapBuildInfo(admroot, &rv);
+ ldapInfo = admldapBuildInfo((char *)configdir, &rv);
if(!ldapInfo)
exit(0);
- rv = ADMSSL_InitSimple();
+ rv = ADMSSL_InitSimple((char *)configdir, (char *)securitydir, 0);
if(rv)
exit(0);
@@ -413,7 +402,7 @@
char *qs = getenv("QUERY_STRING");
char line[BIG_LINE];
FILE *html = open_html_file(MY_PAGE);
- char *sie;
+ char *sie = NULL;
char *request;
int errorcode;
@@ -425,7 +414,7 @@
LDAPMessage *entry;
int ldapError;
- AdmldapInfo ldapInfo = get_adm_ldapinfo();
+ AdmldapInfo ldapInfo = get_adm_ldapinfo(CONFIGDIR, SECURITYDIR);
i18nInit();
@@ -445,6 +434,10 @@
sie=get_cgi_var("sie", NULL, NULL);
}
+ if (!sie) { /* error - incorrect usage */
+ rpt_err(INCORRECT_USAGE, "This program must be called as a GET CGI with the sie parameter", NULL, NULL);
+ }
+
while(next_html_line(html, line)) {
if(parse_line(line, NULL)) {
if(directive_is(line, "SHOW_DATA")) {
Index: viewlog.c
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/viewlog.c,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- viewlog.c 31 Mar 2006 22:58:20 -0000 1.5
+++ viewlog.c 9 May 2007 00:26:30 -0000 1.6
@@ -34,9 +34,21 @@
#include <sys/types.h>
#include "libadmin/libadmin.h"
+#include "config.h"
+#include "libadmsslutil/psetcssl.h"
+#include "libadmsslutil/admsslutil.h"
+
+#include "config.h"
+
+#include "cgicommon.h"
+
+
#define MY_PAGE "viewlog.html"
#define DEF_SIZE "25"
+#define LOGDIRATTR "nslogdir"
+#define ERRORLOGATTR "nserrorlog"
+
/*
* i18n conversions defines and function;
* properties file = "viewlog.properties"
@@ -70,10 +82,15 @@
static char *acceptLanguage = (char*)"en";
static Resource *i18nResource = NULL;
+static Resource *i18nResource_common = NULL;
-char*
+static char*
getResourceString(char *key) {
- return (char *)(res_getstring(i18nResource, key, acceptLanguage));
+ if (key && !strncmp(key, COMMON_RESOURCE_FILE, strlen(COMMON_RESOURCE_FILE))) {
+ return (char *)(res_getstring(i18nResource_common, key, acceptLanguage, NULL, 0, NULL));
+ } else {
+ return (char *)(res_getstring(i18nResource, key, acceptLanguage, NULL, 0, NULL));
+ }
}
void search_file(FILE *cmd, int num, char *str) {
@@ -126,32 +143,23 @@
}
static void i18nInit() {
- char resPath[256], *execPath;
- execPath = getcwd(resPath, 256);
- if (execPath) {
- PL_strncpyz(resPath, execPath, sizeof(resPath));
- PL_strcatn(resPath, sizeof(resPath), "/property");
- i18nResource = res_init_resource(resPath, RESOURCE_FILE);
- }
+ i18nResource = res_find_and_init_resource(PROPERTYDIR, RESOURCE_FILE);
+ i18nResource_common = res_find_and_init_resource(PROPERTYDIR, COMMON_RESOURCE_FILE);
+
if (getenv("HTTP_ACCEPT_LANGUAGE")) {
acceptLanguage = getenv("HTTP_ACCEPT_LANGUAGE");
}
}
-void display_logfiles(char *dirs, char *default_logfile)
+void display_logfiles(char *logdir, char *default_logfile)
{
int x;
int cnt=0;
- int remcnt=0;
char *seps = "/";
char *token;
char *curlog = NULL;
- char *keyword = NULL;
char **logfiles;
- char full_directory[PATH_MAX];
- char *current_dir;
- char temp_dirs[BIG_LINE];
int at_least_one=0;
if (default_logfile != NULL) {
@@ -163,30 +171,18 @@
}
fprintf(stdout, getResourceString(DBT_DISPLAY_LOGFILE_SELECT_BEGIN));
- PL_strncpyz(temp_dirs, dirs, sizeof(temp_dirs));
- current_dir = strtok(temp_dirs, "|");
-
- while(current_dir) {
- PR_snprintf(full_directory, sizeof(full_directory), "%s%c%s",
- getenv("NETSITE_ROOT"),
- FILE_PATHSEP,
- current_dir);
-
- logfiles = list_directory(full_directory, 0);
+ logfiles = list_directory(logdir, 0);
- for(x=0; logfiles && logfiles[x]; x++) {
- if (curlog && !strcmp(curlog, logfiles[x])) {
- fprintf(stdout, getResourceString(DBT_DISPLAY_LOGFILE_VALUE_SELECTED),
- logfiles[x], logfiles[x]);
- }
- else {
- fprintf(stdout, getResourceString(DBT_DISPLAY_LOGFILE_SELECT_VALUE),
- logfiles[x], logfiles[x]);
- }
- at_least_one = 1;
+ for(x=0; logfiles && logfiles[x]; x++) {
+ if (curlog && !strcmp(curlog, logfiles[x])) {
+ fprintf(stdout, getResourceString(DBT_DISPLAY_LOGFILE_VALUE_SELECTED),
+ logfiles[x], logfiles[x]);
}
-
- current_dir = strtok(NULL, "|");
+ else {
+ fprintf(stdout, getResourceString(DBT_DISPLAY_LOGFILE_SELECT_VALUE),
+ logfiles[x], logfiles[x]);
+ }
+ at_least_one = 1;
}
if(!at_least_one)
@@ -197,168 +193,62 @@
}
-int already_exists(char *list, char *element) {
- char *temp = strdup(list);
- char *ptr;
-
- ptr = strtok(temp, "|");
- while(ptr) {
- if(!strcmp(ptr, element))
- return 1;
- ptr = strtok(NULL, "|");
- }
- return 0;
-}
-
-
-/*
- * Given a list of log directories, find the one containing file.
- */
-
-char *get_current_dir(char *directories, char *file) {
-
- char temp[BIG_LINE];
- char path[PATH_MAX];
- char *ptr;
- char **list;
- int i;
-
- if(!file)
- return NULL;
-
- PL_strncpyz(temp, directories, sizeof(temp));
-
- ptr = strtok(temp, "|");
- while(ptr != NULL) {
- PR_snprintf(path, sizeof(path), "%s%c%s",
- getenv("NETSITE_ROOT"),
- FILE_PATHSEP,
- ptr);
- list = list_directory(path, 0);
- i=0;
- while(list && list[i] != NULL) {
- if(!strcmp(list[i], file))
- return strdup(ptr);
- i++;
- }
- ptr = strtok(NULL, "|");
- }
-
- return NULL;
-}
-
-
/*
- * Given the server's ID, find the directories containing all log files for that instance.
- * This is hardcoded for each 4.0/4.1 server product type.
+ * Given the server's ID, find the log directory for that instance.
+ * Note that the earlier version of the product supported having multiple log file
+ * directories. This version assumes all log files are in the same directory. This
+ * is a result of the FHS work which encourages the use of one log directory per
+ * product or instance.
*/
-char *guess_directories(char *id) {
+char *get_log_dir(char *id) {
- char config_file[PATH_MAX];
- FILE *file;
- char inbuf[BIG_LINE];
- char *return_dirs = NULL;
- char *ptr, *ptr2;
+ char *return_dir = NULL;
+ PsetHndl pset = NULL;
+ int rv = 0;
char *errorlog_attr = NULL;
char *accesslog_attr = NULL;
- if(!strncmp(id, "slapd-", 6)) {
- /* DIRECTORY SERVER */
- PR_snprintf(config_file, sizeof(config_file), "%s%c%s%cconfig%cslapd.conf",
- getenv("NETSITE_ROOT"),
- FILE_PATHSEP,
- id,
- FILE_PATHSEP,
- FILE_PATHSEP);
- file = fopen(config_file, "r");
- if(!file) {
- /* This might be a 5.0 version, get it from dse.ldif */
- PR_snprintf(config_file, sizeof(config_file), "%s%c%s%cconfig%cdse.ldif",
- getenv("NETSITE_ROOT"),
- FILE_PATHSEP,
- id,
- FILE_PATHSEP,
- FILE_PATHSEP);
- errorlog_attr = strdup("nsslapd-errorlog:");
- accesslog_attr = strdup("nsslapd-accesslog:");
- }
- else {
- errorlog_attr = strdup("errorlog\t");
- accesslog_attr = strdup("accesslog\t");
+ rv = ADMSSL_InitSimple(CONFIGDIR, SECURITYDIR, 0);
+ if (rv) {
+ if (i18nResource) {
+ char msgbuf[BUFSIZ];
+ rpt_err(APP_ERROR,
+ getResourceString(CMN_SSL_INIT_ERROR),
+ NULL, NULL);
+ } else {
+ rpt_err(APP_ERROR, "SSL related initialization failed", NULL, NULL);
}
}
- else if(!strncmp(id, "https-", 6)) {
- /* ENTERPRISE SERVER */
- PR_snprintf(config_file, sizeof(config_file), "%s%c%s%cconfig%cmagnus.conf",
- getenv("NETSITE_ROOT"),
- FILE_PATHSEP,
- id,
- FILE_PATHSEP,
- FILE_PATHSEP);
- errorlog_attr = strdup("ErrorLog\t");
- }
- else if(!strncmp(id, "cert-", 5)) {
- /* CERT SERVER */
- PR_snprintf(config_file, sizeof(config_file), "%s%c%s%cconfig%cCMS.cfg",
- getenv("NETSITE_ROOT"),
- FILE_PATHSEP,
- id,
- FILE_PATHSEP,
- FILE_PATHSEP);
- errorlog_attr = strdup("logError.fileName=");
- accesslog_attr = strdup("logAudit.fileName=");
- }
- file = fopen(config_file, "r");
- if(!file)
- return NULL;
- while(fgets(inbuf, sizeof(inbuf), file)) {
- if((accesslog_attr && strstr(inbuf, accesslog_attr)) ||
- (errorlog_attr && strstr(inbuf, errorlog_attr))) {
- int x;
- char *net_root = getenv("NETSITE_ROOT");
- if(strchr(net_root, '/')) {
- if(FILE_PATHSEP == '\\') {
- /* replace */
- x=0;
- while(net_root[x] != '\0') {
- if(net_root[x] == '/')
- net_root[x] = FILE_PATHSEP;
- x++;
- }
- }
- }
- else {
- if(FILE_PATHSEP == '/') {
- /* replace */
- x=0;
- while(net_root[x] != '\0') {
- if(net_root[x] == '\\')
- net_root[x] = FILE_PATHSEP;
- x++;
- }
- }
- }
+ pset = psetCreateSSL(id, CONFIGDIR, NULL, NULL, &rv);
- ptr = strstr(inbuf, net_root);
- ptr = &(ptr[strlen(net_root)+1]);
-
- ptr2 = strrchr(ptr, FILE_PATHSEP);
- ptr2[0] = '\0';
-
- if(!return_dirs)
- return_dirs = strdup(ptr);
- else {
- if(!already_exists(return_dirs, ptr)) {
- return_dirs = (char *)realloc(return_dirs, (strlen(return_dirs) + strlen(ptr) + 1));
- sprintf(return_dirs, "%s|%s", return_dirs, ptr);
+ if (pset) {
+ return_dir = psetGetAttrSingleValue(pset, LOGDIRATTR, &rv);
+ if (!return_dir) { /* no log dir - get dir from error log */
+ char *errorlog = psetGetAttrSingleValue(pset, ERRORLOGATTR, &rv);
+ if (errorlog) {
+ char *ptr = strrchr(errorlog, FILE_PATHSEP);
+ if (ptr) {
+ *ptr = '\0';
+ return_dir = errorlog;
}
}
}
+ psetDelete(pset);
+ }
+
+ if(!return_dir) {
+ if (!strncasecmp(id, "admin-", 6)) {
+ return PR_smprintf("%s%c%s", LOGDIR, FILE_PATHSEP, id); /* this is us */
+ } else if (!strncmp(id, "slapd-", 6)) {
+ /* DIRECTORY SERVER and admin server share the same log dir parent */
+ return_dir = PR_smprintf("%s%c%s", LOGDIR, FILE_PATHSEP, id);
+ }
}
- return return_dirs;
+
+ return return_dir;
}
@@ -372,11 +262,12 @@
char *num=NULL;
char *str=NULL;
char *file;
- char *directories;
+ char *logdir;
char *id;
char **logfiles = NULL;
char tmp[BIG_LINE];
int x;
+ char msg[BUFSIZ];
i18nInit();
@@ -388,7 +279,6 @@
num=get_cgi_var("num", NULL, NULL);
str=get_cgi_var("str", NULL, NULL);
file=get_cgi_var("file", NULL, NULL);
- directories=get_cgi_var("directories", NULL, NULL);
id=get_cgi_var("id", NULL, NULL);
if(!id)
@@ -396,11 +286,6 @@
getResourceString(DBT_NO_ID),
getResourceString(DBT_NO_ID_DESC), NULL);
- if((!directories) && (!id))
- rpt_err(INCORRECT_USAGE,
- getResourceString(DBT_NO_DIR),
- getResourceString(DBT_NO_DIR_DESC), NULL);
-
if(num) {
for(x=0; num[x]; x++) {
if(!isdigit(num[x]))
@@ -410,25 +295,25 @@
}
}
else
- /* need at least the directory to look in */
rpt_err(INCORRECT_USAGE,
- getResourceString(DBT_NO_DIR),
- getResourceString(DBT_NO_DIR_DESC), NULL);
+ getResourceString(DBT_NO_ID),
+ getResourceString(DBT_NO_ID_DESC), NULL);
if(!num) num=DEF_SIZE;
- if(!directories) {
- directories = guess_directories(id);
- if(!directories)
+ if(!logdir) {
+ logdir = get_log_dir(id);
+ if(!logdir) {
+ PR_snprintf(msg, sizeof(msg), getResourceString(DBT_NO_DIR_FOUND), id);
rpt_err(INCORRECT_USAGE,
- getResourceString(DBT_NO_DIR),
- getResourceString(DBT_NO_DIR_FOUND), NULL);
+ getResourceString(DBT_NO_DIR), msg, NULL);
+ }
}
while(next_html_line(html, line)) {
if(parse_line(line, NULL)) {
if(directive_is(line, "LOG_TO_VIEW")) {
- display_logfiles(directories, file);
+ display_logfiles(logdir, file);
}
else if(directive_is(line, "NUM_TO_VIEW")) {
output_input("text", "num", num, NULL);
@@ -436,9 +321,9 @@
else if(directive_is(line, "STRING_TO_VIEW")) {
output_input("text", "str", str, NULL);
}
- else if(directive_is(line, "HIDDEN_DIR")) {
- /* keep hidden track of what the current log directories and id are */
- fprintf(stdout, (const char*)getResourceString(DBT_MAIN_HIDDEN_TRACK), directories, id);
+ else if(directive_is(line, "HIDDEN_ID")) {
+ /* keep hidden track of what the current id are */
+ fprintf(stdout, (const char*)getResourceString(DBT_MAIN_HIDDEN_TRACK), id);
}
else if(directive_is(line, "ID_TITLE")) {
fprintf(stdout, (const char*)getResourceString(DBT_MAIN_ID_TITLE), id);
@@ -447,14 +332,16 @@
FILE *cmd;
char full_path[PATH_MAX];
- char *current_dir = get_current_dir(directories, file);
- if(!current_dir)
- continue;
#ifdef AIX
fflush(stdout);
#endif
+ if (!file || !*file ||
+ util_is_valid_path_string(file) ||
+ util_verify_file_or_dir(logdir, PR_FILE_DIRECTORY, file, -1, PR_FILE_FILE)) {
+ continue;
+ }
- PR_snprintf(full_path, sizeof(full_path), "%s%c%s%c%s", getenv("NETSITE_ROOT"), FILE_PATHSEP, current_dir, FILE_PATHSEP, file);
+ PR_snprintf(full_path, sizeof(full_path), "%s%c%s", logdir, FILE_PATHSEP, file);
form_unescape(full_path); /* bug 27409, 31807 */
cmd = fopen(full_path, "r");
fprintf(stdout, getResourceString(DBT_MAIN_WIDTH));
Index: viewlog.properties
===================================================================
RCS file: /cvs/dirsec/adminserver/admserv/cgi-src40/viewlog.properties,v
retrieving revision 1.3
retrieving revision 1.4
diff -u -r1.3 -r1.4
--- viewlog.properties 18 Aug 2005 18:59:03 -0000 1.3
+++ viewlog.properties 9 May 2007 00:26:30 -0000 1.4
@@ -28,11 +28,10 @@
viewlog2 { "The number of entries should be a number." }
viewlog3 { "Last %s accesses to %s%s%s:" }
viewlog4 { " with " }
-viewlog5 { "No directory found." }
-viewlog6 { "Please specify a directory to search for log files." }
+viewlog5 { "Log directory not found." }
viewlog7 { "Invalid file." }
viewlog8 { "Cannot find specified log file in directories chosen." }
-viewlog9 { "Cannot find directories based on server id." }
+viewlog9 { "Cannot find directories based on server id %s. You may need to start the configuration directory server." }
viewlog10 { "No server id specified." }
viewlog11 { "Please specify a server id." }
viewlog20 { "<select name=file>\n" }
@@ -40,7 +39,7 @@
viewlog22 { "<option value=%s>%s\n" }
viewlog23 { "<option value=No log files>No log files\n" }
viewlog24 { "</select>" }
-viewlog25 { "<input type=\"hidden\" name=\"directories\" value=\"%s\">\n<input type=\"hidden\" name=\"id\" value=\"%s\">\n" }
+viewlog25 { "<input type=\"hidden\" name=\"id\" value=\"%s\">\n" }
viewlog26 { "<table BORDER=0 CELLSPACING=2 CELLPADDING=2 WIDTH=\"100%%\">\n<tr>\n<td><font size=+1 font face=\"helvetica, arial, sans-serif\"><b>%s Logs</b></font></td>\n</tr>\n<tr>\n<td BACKGROUND=\"../icons/hr.gif\"> </td>\n</tr>\n<tr><td></table>\n" }
viewlog27 { "<hr width=50%%>\n" }
viewlog28 { "<table border=1 width=100%%><tr><th>%s</th></tr></table>\n" }
--- listOldSrvs.c DELETED ---
--- listOldSrvs.properties DELETED ---
More information about the Fedora-directory-commits
mailing list