3 # Enable or disable session authentication
5 require './usermin-lib.pl';
6 $access{'session'} || &error($text{'acl_ecannot'});
8 &error_setup($text{'session_err'});
9 $ver = &get_usermin_version();
11 &lock_file($usermin_miniserv_config);
12 &get_usermin_miniserv_config(\%miniserv);
13 $miniserv{'passdelay'} = $in{'passdelay'};
16 if ($in{'blockhost_on'}) {
17 $in{'blockhost_time'} =~ /^\d+$/ && $in{'blockhost_time'} > 0 ||
18 &error($text{'session_eblockhost_time'});
19 $in{'blockhost_failures'} =~ /^\d+$/ && $in{'blockhost_failures'} > 0 ||
20 &error($text{'session_eblockhost_failures'});
21 $miniserv{'blockhost_time'} = $in{'blockhost_time'};
22 $miniserv{'blockhost_failures'} = $in{'blockhost_failures'};
25 $miniserv{'blockhost_time'} = $miniserv{'blockhost_failures'} = undef;
29 if ($in{'blockuser_on'}) {
30 $in{'blockuser_time'} =~ /^\d+$/ && $in{'blockuser_time'} > 0 ||
31 &error($text{'session_eblockuser_time'});
32 $in{'blockuser_failures'} =~ /^\d+$/ && $in{'blockuser_failures'} > 0 ||
33 &error($text{'session_eblockuser_failures'});
34 $miniserv{'blockuser_time'} = $in{'blockuser_time'};
35 $miniserv{'blockuser_failures'} = $in{'blockuser_failures'};
38 $miniserv{'blockuser_time'} = $miniserv{'blockuser_failures'} = undef;
41 $miniserv{'syslog'} = $in{'syslog'};
42 if ($in{'session'} && $ENV{'HTTP_COOKIE'} !~ /sessiontest=1/i) {
43 &error($text{'session_ecookie'});
45 $miniserv{'session'} = $in{'session'};
46 if ($in{'logouttime_on'}) {
47 $in{'logouttime'} =~ /^\d+$/ && $in{'logouttime'} > 0 ||
48 &error($text{'session_elogouttime'});
50 $miniserv{'logouttime'} = $in{'logouttime_on'} ? $in{'logouttime'} : undef;
51 if ($in{'localauth'}) {
52 $lsof = &has_command("lsof");
53 &error($text{'session_elsof'}) if (!$lsof);
54 $miniserv{'localauth'} = $lsof;
57 delete($miniserv{'localauth'});
59 if ($in{'passwd_file'}) {
60 $in{'passwd_file'} =~ /\|$/ || -r $in{'passwd_file'} ||
61 &error($text{'session_epasswd_file'});
62 $in{'passwd_uindex'} =~ /^\d+$/ ||
63 &error($text{'session_epasswd_uindex'});
64 $in{'passwd_pindex'} =~ /^\d+$/ ||
65 &error($text{'session_epasswd_pindex'});
66 $miniserv{'passwd_file'} = $in{'passwd_file'};
67 $miniserv{'passwd_uindex'} = $in{'passwd_uindex'};
68 $miniserv{'passwd_pindex'} = $in{'passwd_pindex'};
71 delete($miniserv{'passwd_file'});
72 delete($miniserv{'passwd_uindex'});
73 delete($miniserv{'passwd_pindex'});
76 $in{'extauth'} =~ /^(\S+)/ && -x $1 ||
77 &error($text{'session_eextauth'});
78 $miniserv{'extauth'} = $in{'extauth'};
81 delete($miniserv{'extauth'});
84 if ($ver >= 1.047 && defined($in{'passwd_mode'})) {
85 $miniserv{'passwd_mode'} = $in{'passwd_mode'};
88 $miniserv{'passwd_blank'} = $in{'passwd_blank'};
92 $miniserv{'domainuser'} = $in{'domainuser'};
95 $miniserv{'domainstrip'} = $in{'domainstrip'};
96 if ($in{'user_mapping_on'}) {
97 -r $in{'user_mapping'} || $in{'user_mapping'} =~ /\|$/ ||
98 &error($text{'session_eusermap'});
99 $miniserv{'user_mapping'} = $in{'user_mapping'};
102 delete($miniserv{'user_mapping'});
104 $miniserv{'user_mapping_reverse'} = $in{'user_mapping_reverse'};
106 &lock_file($miniserv{'userfile'});
107 @users = &get_usermin_miniserv_users();
108 if ($in{'authmode'} == 0) {
109 delete($miniserv{'no_pam'});
110 $users[0]->{'pass'} = 'x';
112 elsif ($in{'authmode'} == 1) {
113 $in{'passwd_file'} || &error($text{'session_eauthmode1'});
114 $miniserv{'no_pam'} = 1;
115 $users[0]->{'pass'} = 'x';
118 $in{'extauth'} || &error($text{'session_eauthmode2'});
119 $users[0]->{'pass'} = 'e';
121 $miniserv{'pam_conv'} = $in{'pam_conv'};
122 if ($in{'cmd_def'}) {
123 delete($gconfig{'passwd_cmd'});
126 $in{'cmd'} =~ /\S/ && &has_command($in{'cmd'}) ||
127 &error($text{'session_ecmd'});
128 $gconfig{'passwd_cmd'} = $in{'cmd'};
131 $miniserv{'utmp'} = $in{'utmp'};
133 &save_usermin_miniserv_users(@users);
134 &unlock_file($miniserv{'userfile'});
135 &put_usermin_miniserv_config(\%miniserv);
136 &unlock_file($usermin_miniserv_config);
138 &lock_file($usermin_config);
139 &get_usermin_config(\%uconfig);
140 #$uconfig{'locking'} = $in{'locking'};
141 $uconfig{'noremember'} = !$in{'remember'};
142 $uconfig{'realname'} = $in{'realname'};
143 if ($in{'passwd_file'}) {
144 $uconfig{'passwd_file'} = $in{'passwd_file'};
145 $uconfig{'passwd_uindex'} = $in{'passwd_uindex'};
146 $uconfig{'passwd_pindex'} = $in{'passwd_pindex'};
149 delete($uconfig{'passwd_file'});
150 delete($uconfig{'passwd_uindex'});
151 delete($uconfig{'passwd_pindex'});
153 if ($in{'banner_def'}) {
154 delete($uconfig{'loginbanner'});
157 -r $in{'banner'} || &error($text{'session_ebanner'});
158 $uconfig{'loginbanner'} = $in{'banner'};
160 $uconfig{'create_homedir'} = $in{'create_homedir'};
161 if ($in{'create_homedir_perms_def'}) {
162 delete($uconfig{'create_homedir_perms'});
165 $in{'create_homedir_perms'} =~ /^[0-7]{3,4}$/ ||
166 &error($text{'session_ehomedir_perms'});
167 $uconfig{'create_homedir_perms'} = $in{'create_homedir_perms'};
169 &put_usermin_config(\%uconfig);
170 &unlock_file($usermin_config);
172 &restart_usermin_miniserv();
173 &webmin_log("session", undef, undef, \%in);