diff options
author | Kai Blin <kai@samba.org> | 2011-07-08 15:05:38 +0200 |
---|---|---|
committer | Karolin Seeger <kseeger@samba.org> | 2011-07-24 21:27:25 +0200 |
commit | e4e6195701d761326ad5f2dbb63aeb71b0dc7971 (patch) | |
tree | 31310c61e3d34d8de61656ff5ed48f59288f17d9 | |
parent | 9839935c29ec0ab522994436e6e89939696409de (diff) | |
download | samba-e4e6195701d761326ad5f2dbb63aeb71b0dc7971.tar.gz |
s3 swat: Add XSRF protection to password page
Signed-off-by: Kai Blin <kai@samba.org>
-rw-r--r-- | source3/web/swat.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/source3/web/swat.c b/source3/web/swat.c index f1f226ba9c7..dcc935ab9a2 100644 --- a/source3/web/swat.c +++ b/source3/web/swat.c @@ -1226,12 +1226,15 @@ static void chg_passwd(void) static void passwd_page(void) { const char *new_name = cgi_user_name(); + const char passwd_form[] = "passwd"; + const char rpasswd_form[] = "rpasswd"; if (!new_name) new_name = ""; printf("<H2>%s</H2>\n", _("Server Password Management")); printf("<FORM name=\"swatform\" method=post>\n"); + print_xsrf_token(cgi_user_name(), cgi_user_pass(), passwd_form); printf("<table>\n"); @@ -1271,14 +1274,16 @@ static void passwd_page(void) * Do some work if change, add, disable or enable was * requested. It could be this is the first time through this * code, so there isn't anything to do. */ - if ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) || - (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG))) { + if (verify_xsrf_token(passwd_form) && + ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) || + (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG)))) { chg_passwd(); } printf("<H2>%s</H2>\n", _("Client/Server Password Management")); printf("<FORM name=\"swatform\" method=post>\n"); + print_xsrf_token(cgi_user_name(), cgi_user_pass(), rpasswd_form); printf("<table>\n"); @@ -1311,7 +1316,7 @@ static void passwd_page(void) * password somewhere other than the server. It could be this * is the first time through this code, so there isn't * anything to do. */ - if (cgi_variable(CHG_R_PASSWD_FLAG)) { + if (verify_xsrf_token(passwd_form) && cgi_variable(CHG_R_PASSWD_FLAG)) { chg_passwd(); } |