usermin/change_session.cgi

   1 #!/usr/local/bin/perl
   2 # change_session.cgi
   3 # Enable or disable session authentication
   4
   5 require './usermin-lib.pl';
   6 $access{'session'} || &error($text{'acl_ecannot'});
   7 &ReadParse();
   8 &error_setup($text{'session_err'});
   9 $ver = &get_usermin_version();
  10
  11 &lock_file($usermin_miniserv_config);
  12 &get_usermin_miniserv_config(\%miniserv);
  13 $miniserv{'passdelay'} = $in{'passdelay'};
  14
  15 # Save blocked hosts
  16 if ($in{'blockhost_on'}) {
  17         $in{'blockhost_time'} =~ /^\d+$/ && $in{'blockhost_time'} > 0 ||
  18                 &error($text{'session_eblockhost_time'});
  19         $in{'blockhost_failures'} =~ /^\d+$/ && $in{'blockhost_failures'} > 0 ||
  20                 &error($text{'session_eblockhost_failures'});
  21         $miniserv{'blockhost_time'} = $in{'blockhost_time'};
  22         $miniserv{'blockhost_failures'} = $in{'blockhost_failures'};
  23         }
  24 else {
  25         $miniserv{'blockhost_time'} = $miniserv{'blockhost_failures'} = undef;
  26         }
  27
  28 # Save blocked users
  29 if ($in{'blockuser_on'}) {
  30         $in{'blockuser_time'} =~ /^\d+$/ && $in{'blockuser_time'} > 0 ||
  31                 &error($text{'session_eblockuser_time'});
  32         $in{'blockuser_failures'} =~ /^\d+$/ && $in{'blockuser_failures'} > 0 ||
  33                 &error($text{'session_eblockuser_failures'});
  34         $miniserv{'blockuser_time'} = $in{'blockuser_time'};
  35         $miniserv{'blockuser_failures'} = $in{'blockuser_failures'};
  36         }
  37 else {
  38         $miniserv{'blockuser_time'} = $miniserv{'blockuser_failures'} = undef;
  39         }
  40
  41 $miniserv{'syslog'} = $in{'syslog'};
  42 if ($in{'session'} && $ENV{'HTTP_COOKIE'} !~ /sessiontest=1/i) {
  43         &error($text{'session_ecookie'});
  44         }
  45 $miniserv{'session'} = $in{'session'};
  46 if ($in{'logouttime_on'}) {
  47         $in{'logouttime'} =~ /^\d+$/ && $in{'logouttime'} > 0 ||
  48                 &error($text{'session_elogouttime'});
  49         }
  50 $miniserv{'logouttime'} = $in{'logouttime_on'} ? $in{'logouttime'} : undef;
  51 if ($in{'localauth'}) {
  52         $lsof = &has_command("lsof");
  53         &error($text{'session_elsof'}) if (!$lsof);
  54         $miniserv{'localauth'} = $lsof;
  55         }
  56 else {
  57         delete($miniserv{'localauth'});
  58         }
  59 if ($in{'passwd_file'}) {
  60         $in{'passwd_file'} =~ /\|$/ || -r $in{'passwd_file'} ||
  61                 &error($text{'session_epasswd_file'});
  62         $in{'passwd_uindex'} =~ /^\d+$/ ||
  63                 &error($text{'session_epasswd_uindex'});
  64         $in{'passwd_pindex'} =~ /^\d+$/ ||
  65                 &error($text{'session_epasswd_pindex'});
  66         $miniserv{'passwd_file'} = $in{'passwd_file'};
  67         $miniserv{'passwd_uindex'} = $in{'passwd_uindex'};
  68         $miniserv{'passwd_pindex'} = $in{'passwd_pindex'};
  69         }
  70 else {
  71         delete($miniserv{'passwd_file'});
  72         delete($miniserv{'passwd_uindex'});
  73         delete($miniserv{'passwd_pindex'});
  74         }
  75 if ($in{'extauth'}) {
  76         $in{'extauth'} =~ /^(\S+)/ && -x $1 ||
  77                 &error($text{'session_eextauth'});
  78         $miniserv{'extauth'} = $in{'extauth'};
  79         }
  80 else {
  81         delete($miniserv{'extauth'});
  82         }
  83
  84 if ($ver >= 1.047 && defined($in{'passwd_mode'})) {
  85         $miniserv{'passwd_mode'} = $in{'passwd_mode'};
  86         }
  87 if ($ver >= 1.087) {
  88         $miniserv{'passwd_blank'} = $in{'passwd_blank'};
  89         }
  90
  91 if ($ver >= 1.003) {
  92         $miniserv{'domainuser'} = $in{'domainuser'};
  93         }
  94 if ($ver >= 1.021) {
  95         $miniserv{'domainstrip'} = $in{'domainstrip'};
  96         if ($in{'user_mapping_on'}) {
  97                 -r $in{'user_mapping'} || $in{'user_mapping'} =~ /\|$/ ||
  98                         &error($text{'session_eusermap'});
  99                 $miniserv{'user_mapping'} = $in{'user_mapping'};
 100                 }
 101         else {
 102                 delete($miniserv{'user_mapping'});
 103                 }
 104         $miniserv{'user_mapping_reverse'} = $in{'user_mapping_reverse'};
 105         }
 106 &lock_file($miniserv{'userfile'});
 107 @users = &get_usermin_miniserv_users();
 108 if ($in{'authmode'} == 0) {
 109         delete($miniserv{'no_pam'});
 110         $users[0]->{'pass'} = 'x';
 111         }
 112 elsif ($in{'authmode'} == 1) {
 113         $in{'passwd_file'} || &error($text{'session_eauthmode1'});
 114         $miniserv{'no_pam'} = 1;
 115         $users[0]->{'pass'} = 'x';
 116         }
 117 else {
 118         $in{'extauth'} || &error($text{'session_eauthmode2'});
 119         $users[0]->{'pass'} = 'e';
 120         }
 121 $miniserv{'pam_conv'} = $in{'pam_conv'};
 122 if ($in{'cmd_def'}) {
 123         delete($gconfig{'passwd_cmd'});
 124         }
 125 else {
 126         $in{'cmd'} =~ /\S/ && &has_command($in{'cmd'}) ||
 127                 &error($text{'session_ecmd'});
 128         $gconfig{'passwd_cmd'} = $in{'cmd'};
 129         }
 130 if ($ver >= 1.153) {
 131         $miniserv{'utmp'} = $in{'utmp'};
 132         }
 133 &save_usermin_miniserv_users(@users);
 134 &unlock_file($miniserv{'userfile'});
 135 &put_usermin_miniserv_config(\%miniserv);
 136 &unlock_file($usermin_miniserv_config);
 137
 138 &lock_file($usermin_config);
 139 &get_usermin_config(\%uconfig);
 140 #$uconfig{'locking'} = $in{'locking'};
 141 $uconfig{'noremember'} = !$in{'remember'};
 142 $uconfig{'realname'} = $in{'realname'};
 143 if ($in{'passwd_file'}) {
 144         $uconfig{'passwd_file'} = $in{'passwd_file'};
 145         $uconfig{'passwd_uindex'} = $in{'passwd_uindex'};
 146         $uconfig{'passwd_pindex'} = $in{'passwd_pindex'};
 147         }
 148 else {
 149         delete($uconfig{'passwd_file'});
 150         delete($uconfig{'passwd_uindex'});
 151         delete($uconfig{'passwd_pindex'});
 152         }
 153 if ($in{'banner_def'}) {
 154         delete($uconfig{'loginbanner'});
 155         }
 156 else {
 157         -r $in{'banner'} || &error($text{'session_ebanner'});
 158         $uconfig{'loginbanner'} = $in{'banner'};
 159         }
 160 $uconfig{'create_homedir'} = $in{'create_homedir'};
 161 if ($in{'create_homedir_perms_def'}) {
 162         delete($uconfig{'create_homedir_perms'});
 163         }
 164 else {
 165         $in{'create_homedir_perms'} =~ /^[0-7]{3,4}$/ ||
 166                 &error($text{'session_ehomedir_perms'});
 167         $uconfig{'create_homedir_perms'} = $in{'create_homedir_perms'};
 168         }
 169 &put_usermin_config(\%uconfig);
 170 &unlock_file($usermin_config);
 171
 172 &restart_usermin_miniserv();
 173 &webmin_log("session", undef, undef, \%in);
 174 &redirect("");
 175