Changeset 740 for vendor/current/source3/web/swat.c

Timestamp:

Nov 14, 2012, 12:59:34 PM (13 years ago)

Author:

Silvan Scherrer

Message:

Samba Server: update vendor to 3.6.0

File:

• vendor/current/source3/web/swat.c (modified) (20 diffs)

vendor/current/source3/web/swat.c

@@ -5 +5 @@
    Copyright (C) Andrew Tridgell 1997-2002
    Copyright (C) John H Terpstra 2002
-   
+
    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 3 of the License, or
    (at your option) any later version.
-   
+
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
-   
+
    You should have received a copy of the GNU General Public License
    along with this program.  If not, see <http://www.gnu.org/licenses/>.
@@ -29 +29 @@
 
 #include "includes.h"
+#include "system/filesys.h"
+#include "popt_common.h"
 #include "web/swat_proto.h"
+#include "printing/pcap.h"
+#include "printing/load.h"
+#include "passdb.h"
+#include "intl/lang_tdb.h"
 #include "../lib/crypto/md5.h"
 
@@ -122 +128 @@
 
         while (*str) {
-                if (*str != ' ') *p++ = toupper_ascii(*str);
+                if (*str != ' ') *p++ = toupper_m(*str);
                 ++str;
         }
@@ -169 +175 @@
 
                 snprintf(tmp, sizeof(tmp), "%02x", token[i]);
-                strncat(token_str, tmp, sizeof(tmp));
+                strlcat(token_str, tmp, sizeof(tmp));
         }
 }
@@ -193 +199 @@
         const char *token = cgi_variable_nonull(XSRF_TOKEN);
         const char *time_str = cgi_variable_nonull(XSRF_TIME);
+        char *p = NULL;
+        long long xsrf_time_ll = 0;
         time_t xsrf_time = 0;
         time_t now = time(NULL);
 
-        if (sizeof(time_t) == sizeof(int)) {
-                xsrf_time = atoi(time_str);
-        } else if (sizeof(time_t) == sizeof(long)) {
-                xsrf_time = atol(time_str);
-        } else if (sizeof(time_t) == sizeof(long long)) {
-                xsrf_time = atoll(time_str);
-        }
+        errno = 0;
+        xsrf_time_ll = strtoll(time_str, &p, 10);
+        if (errno != 0) {
+                return false;
+        }
+        if (p == NULL) {
+                return false;
+        }
+        if (PTR_DIFF(p, time_str) > strlen(time_str)) {
+                return false;
+        }
+        if (xsrf_time_ll > _TYPE_MAXIMUM(time_t)) {
+                return false;
+        }
+        if (xsrf_time_ll < _TYPE_MINIMUM(time_t)) {
+                return false;
+        }
+        xsrf_time = xsrf_time_ll;
 
         if (abs(now - xsrf_time) > XSRF_TIMEOUT) {
@@ -492 +511 @@
 
                 if ((parm_filter & FLAG_WIZARD) && !(parm->flags & FLAG_WIZARD)) continue;
-                
+
                 if ((parm_filter & FLAG_ADVANCED) && !(parm->flags & FLAG_ADVANCED)) continue;
-                
+
                 if (heading && heading != last_heading) {
                         printf("<tr><td></td></tr><tr><td><b><u>%s</u></b></td></tr>\n", _(heading));
@@ -521 +540 @@
         fprintf(f, "# from %s (%s)\n", cgi_remote_host(), cgi_remote_addr());
         fprintf(f, "# Date: %s\n\n", current_timestring(ctx, False));
-        
+
         lp_dump(f, show_defaults, iNumNonAutoPrintServices);
 
@@ -565 +584 @@
         }
         iNumNonAutoPrintServices = lp_numservices();
-        pcap_cache_reload(&load_printers);
+        if (pcap_cache_loaded()) {
+                load_printers(server_event_context(),
+                              server_messaging_context());
+        }
 
         return 1;
@@ -631 +653 @@
 {
         char *p;
-        
+
         if ((p = cgi_user_name()) && strcmp(p, "root")) {
                 printf(_("Logged in as <b>%s</b>"), p);
@@ -745 +767 @@
         printf("<input type=reset name=\"Reset Values\" value=\"Reset\">\n");
         printf("<p>\n");
-        
+
         printf("<table>\n");
         show_parameters(GLOBAL_SECTION_SNUM, 1, parm_filter, 0);
@@ -797 +819 @@
                 /* Plain text passwords are too badly broken - use encrypted passwords only */
                 lp_do_parameter( GLOBAL_SECTION_SNUM, "encrypt passwords", "Yes");
-                
+
                 switch ( SerType ){
                         case 0:
@@ -909 +931 @@
                 for(i = 0; wins_servers[i]; i++) printf("%s ", wins_servers[i]);
         }
-        
+
         printf("\"></td></tr>\n");
         if (winstype == 3) {
@@ -919 +941 @@
         printf("<td><input type=radio name=\"HomeExpo\" value=\"0\" %s> No</td>", (have_home == -1 ) ? "checked" : "");
         printf("<td></td></tr>\n");
-        
+
         /* Enable this when we are ready ....
          * printf("<tr><td><b>%s:&nbsp;</b></td>\n", _("Is Print Server"));
@@ -926 +948 @@
          * printf("<td></td></tr>\n");
          */
-        
+
         printf("</table></center>");
         printf("<hr>");
@@ -1125 +1147 @@
                 return False;
         }
-        
+
         if (remote_machine != NULL) {
                 ret = remote_password_change(remote_machine, user_name,
@@ -1139 +1161 @@
                 return False;
         }
-        
+
         ret = local_password_change(user_name, local_flags, new_passwd,
                                         &err_str, &msg_str);
@@ -1222 +1244 @@
         local_flags |= (cgi_variable(ENABLE_USER_FLAG) ? LOCAL_ENABLE_USER : 0);
         local_flags |= (cgi_variable(DISABLE_USER_FLAG) ? LOCAL_DISABLE_USER : 0);
-        
 
         rslt = change_password(host,
@@ -1237 +1258 @@
                 }
         }
-        
+
         return;
 }
@@ -1527 +1548 @@
         BlockSignals(True,SIGPIPE);
 
-        dbf = x_fopen("/dev/null", O_WRONLY, 0);
-        if (!dbf) dbf = x_stderr;
+        debug_set_logfile("/dev/null");
 
         /* we don't want stderr screwing us up */
         close(2);
         open("/dev/null", O_WRONLY);
-
+        setup_logging("swat", DEBUG_FILE);
+
+        load_case_tables();
+        
         pc = poptGetContext("swat", argc, (const char **) argv, long_options, 0);
 
@@ -1542 +1565 @@
         poptFreeContext(pc);
 
-        load_case_tables();
-
-        setup_logging(argv[0],False);
+        /* This should set a more apporiate log file */
         load_config(True);
+        reopen_logs();
         load_interfaces();
         iNumNonAutoPrintServices = lp_numservices();
-        pcap_cache_reload(&load_printers);
+        if (pcap_cache_loaded()) {
+                load_printers(server_event_context(),
+                              server_messaging_context());
+        }
 
         cgi_setup(get_dyn_SWATDIR(), !demo_mode);