Changeset 615 for vendor/current/source3/web/cgi.c
- Timestamp:
- Jul 28, 2011, 4:21:02 PM (14 years ago)
- File:
-
- 1 edited
-
vendor/current/source3/web/cgi.c (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
vendor/current/source3/web/cgi.c
r594 r615 20 20 #include "includes.h" 21 21 #include "web/swat_proto.h" 22 #include "secrets.h" 23 #include "../lib/util/util.h" 22 24 23 25 #define MAX_VARIABLES 10000 … … 43 45 static char *pathinfo; 44 46 static char *C_user; 47 static char *C_pass; 45 48 static bool inetd_server; 46 49 static bool got_request; … … 321 324 } 322 325 323 setuid(0); 326 C_user = SMB_STRDUP(user); 327 328 if (!setuid(0)) { 329 C_pass = secrets_fetch_generic("root", "SWAT"); 330 if (C_pass == NULL) { 331 char *tmp_pass = NULL; 332 tmp_pass = generate_random_str(talloc_tos(), 16); 333 if (tmp_pass == NULL) { 334 printf("%sFailed to create random nonce for " 335 "SWAT session\n<br>%s\n", head, tail); 336 exit(0); 337 } 338 secrets_store_generic("root", "SWAT", tmp_pass); 339 C_pass = SMB_STRDUP(tmp_pass); 340 TALLOC_FREE(tmp_pass); 341 } 342 } 324 343 setuid(pwd->pw_uid); 325 344 if (geteuid() != pwd->pw_uid || getuid() != pwd->pw_uid) { … … 389 408 /* Save the users name */ 390 409 C_user = SMB_STRDUP(user); 410 C_pass = SMB_STRDUP(user_pass); 391 411 TALLOC_FREE(pass); 392 412 return True; … … 423 443 } 424 444 445 /*************************************************************************** 446 return a ptr to the users password 447 ***************************************************************************/ 448 char *cgi_user_pass(void) 449 { 450 return(C_pass); 451 } 425 452 426 453 /***************************************************************************
Note:
See TracChangeset
for help on using the changeset viewer.
