1#!/usr/local/bin/perl 2# change_session.cgi 3# Enable or disable session authentication 4 5require './usermin-lib.pl'; 6$access{'session'} || &error($text{'acl_ecannot'}); 7&ReadParse(); 8&error_setup($text{'session_err'}); 9$ver = &get_usermin_version(); 10 11&lock_file($usermin_miniserv_config); 12&get_usermin_miniserv_config(\%miniserv); 13$miniserv{'passdelay'} = $in{'passdelay'}; 14 15# Save blocked hosts 16if ($in{'blockhost_on'}) { 17 $in{'blockhost_time'} =~ /^\d+$/ && $in{'blockhost_time'} > 0 || 18 &error($text{'session_eblockhost_time'}); 19 $in{'blockhost_failures'} =~ /^\d+$/ && $in{'blockhost_failures'} > 0 || 20 &error($text{'session_eblockhost_failures'}); 21 $miniserv{'blockhost_time'} = $in{'blockhost_time'}; 22 $miniserv{'blockhost_failures'} = $in{'blockhost_failures'}; 23 } 24else { 25 $miniserv{'blockhost_time'} = $miniserv{'blockhost_failures'} = undef; 26 } 27 28# Save blocked users 29if ($in{'blockuser_on'}) { 30 $in{'blockuser_time'} =~ /^\d+$/ && $in{'blockuser_time'} > 0 || 31 &error($text{'session_eblockuser_time'}); 32 $in{'blockuser_failures'} =~ /^\d+$/ && $in{'blockuser_failures'} > 0 || 33 &error($text{'session_eblockuser_failures'}); 34 $miniserv{'blockuser_time'} = $in{'blockuser_time'}; 35 $miniserv{'blockuser_failures'} = $in{'blockuser_failures'}; 36 } 37else { 38 $miniserv{'blockuser_time'} = $miniserv{'blockuser_failures'} = undef; 39 } 40 41$miniserv{'syslog'} = $in{'syslog'}; 42if ($in{'session'} && $ENV{'HTTP_COOKIE'} !~ /sessiontest=1/i) { 43 &error($text{'session_ecookie'}); 44 } 45$miniserv{'session'} = $in{'session'}; 46if ($in{'logouttime_on'}) { 47 $in{'logouttime'} =~ /^\d+$/ && $in{'logouttime'} > 0 || 48 &error($text{'session_elogouttime'}); 49 } 50$miniserv{'logouttime'} = $in{'logouttime_on'} ? $in{'logouttime'} : undef; 51if ($in{'localauth'}) { 52 $lsof = &has_command("lsof"); 53 &error($text{'session_elsof'}) if (!$lsof); 54 $miniserv{'localauth'} = $lsof; 55 } 56else { 57 delete($miniserv{'localauth'}); 58 } 59if ($in{'passwd_file'}) { 60 $in{'passwd_file'} =~ /\|$/ || -r $in{'passwd_file'} || 61 &error($text{'session_epasswd_file'}); 62 $in{'passwd_uindex'} =~ /^\d+$/ || 63 &error($text{'session_epasswd_uindex'}); 64 $in{'passwd_pindex'} =~ /^\d+$/ || 65 &error($text{'session_epasswd_pindex'}); 66 $miniserv{'passwd_file'} = $in{'passwd_file'}; 67 $miniserv{'passwd_uindex'} = $in{'passwd_uindex'}; 68 $miniserv{'passwd_pindex'} = $in{'passwd_pindex'}; 69 } 70else { 71 delete($miniserv{'passwd_file'}); 72 delete($miniserv{'passwd_uindex'}); 73 delete($miniserv{'passwd_pindex'}); 74 } 75if ($in{'extauth'}) { 76 $in{'extauth'} =~ /^(\S+)/ && -x $1 || 77 &error($text{'session_eextauth'}); 78 $miniserv{'extauth'} = $in{'extauth'}; 79 } 80else { 81 delete($miniserv{'extauth'}); 82 } 83 84if ($ver >= 1.047 && defined($in{'passwd_mode'})) { 85 $miniserv{'passwd_mode'} = $in{'passwd_mode'}; 86 } 87if ($ver >= 1.087) { 88 $miniserv{'passwd_blank'} = $in{'passwd_blank'}; 89 } 90 91if ($ver >= 1.003) { 92 $miniserv{'domainuser'} = $in{'domainuser'}; 93 } 94if ($ver >= 1.021) { 95 $miniserv{'domainstrip'} = $in{'domainstrip'}; 96 if ($in{'user_mapping_on'}) { 97 -r $in{'user_mapping'} || $in{'user_mapping'} =~ /\|$/ || 98 &error($text{'session_eusermap'}); 99 $miniserv{'user_mapping'} = $in{'user_mapping'}; 100 } 101 else { 102 delete($miniserv{'user_mapping'}); 103 } 104 $miniserv{'user_mapping_reverse'} = $in{'user_mapping_reverse'}; 105 } 106&lock_file($miniserv{'userfile'}); 107@users = &get_usermin_miniserv_users(); 108if ($in{'authmode'} == 0) { 109 delete($miniserv{'no_pam'}); 110 $users[0]->{'pass'} = 'x'; 111 } 112elsif ($in{'authmode'} == 1) { 113 $in{'passwd_file'} || &error($text{'session_eauthmode1'}); 114 $miniserv{'no_pam'} = 1; 115 $users[0]->{'pass'} = 'x'; 116 } 117else { 118 $in{'extauth'} || &error($text{'session_eauthmode2'}); 119 $users[0]->{'pass'} = 'e'; 120 } 121$miniserv{'pam_conv'} = $in{'pam_conv'}; 122$miniserv{'pam_end'} = $in{'pam_end'}; 123if ($in{'cmd_def'}) { 124 delete($gconfig{'passwd_cmd'}); 125 } 126else { 127 $in{'cmd'} =~ /\S/ && &has_command($in{'cmd'}) || 128 &error($text{'session_ecmd'}); 129 $gconfig{'passwd_cmd'} = $in{'cmd'}; 130 } 131$miniserv{'session_ip'} = $in{'session_ip'}; 132$miniserv{'utmp'} = $in{'utmp'}; 133&save_usermin_miniserv_users(@users); 134&unlock_file($miniserv{'userfile'}); 135&put_usermin_miniserv_config(\%miniserv); 136&unlock_file($usermin_miniserv_config); 137 138&lock_file($usermin_config); 139&get_usermin_config(\%uconfig); 140#$uconfig{'locking'} = $in{'locking'}; 141$uconfig{'noremember'} = !$in{'remember'}; 142$uconfig{'realname'} = $in{'realname'}; 143if ($in{'passwd_file'}) { 144 $uconfig{'passwd_file'} = $in{'passwd_file'}; 145 $uconfig{'passwd_uindex'} = $in{'passwd_uindex'}; 146 $uconfig{'passwd_pindex'} = $in{'passwd_pindex'}; 147 } 148else { 149 delete($uconfig{'passwd_file'}); 150 delete($uconfig{'passwd_uindex'}); 151 delete($uconfig{'passwd_pindex'}); 152 } 153if ($in{'banner_def'}) { 154 delete($uconfig{'loginbanner'}); 155 } 156else { 157 -r $in{'banner'} || &error($text{'session_ebanner'}); 158 $uconfig{'loginbanner'} = $in{'banner'}; 159 } 160$uconfig{'create_homedir'} = $in{'create_homedir'}; 161if ($in{'create_homedir_perms_def'}) { 162 delete($uconfig{'create_homedir_perms'}); 163 } 164else { 165 $in{'create_homedir_perms'} =~ /^[0-7]{3,4}$/ || 166 &error($text{'session_ehomedir_perms'}); 167 $uconfig{'create_homedir_perms'} = $in{'create_homedir_perms'}; 168 } 169&put_usermin_config(\%uconfig); 170&unlock_file($usermin_config); 171 172&restart_usermin_miniserv(); 173&webmin_log("session", undef, undef, \%in); 174&redirect(""); 175 176