diff options
| author | Kai Blin <kai@samba.org> | 2011-07-08 12:57:43 +0200 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2011-07-26 20:47:47 +0200 |
| commit | 387ab46cfc6d501fefe6b5fcdf266c0280cbcd95 (patch) | |
| tree | 027b893b6418e17c01760a81ac1d6676a33263af | |
| parent | 2c46845dee2dfcb90cf04951d6348b93210acc4f (diff) | |
| download | samba-387ab46cfc6d501fefe6b5fcdf266c0280cbcd95.tar.gz | |
s3 swat: Add support for anti-XSRF token
Signed-off-by: Kai Blin <kai@samba.org>
(cherry picked from commit 69ebd0eee88b1b4b8e29a7620e01c8d9c89b452a)
| -rw-r--r-- | source3/web/swat.c | 54 | ||||
| -rw-r--r-- | source3/web/swat_proto.h | 5 |
2 files changed, 59 insertions, 0 deletions
diff --git a/source3/web/swat.c b/source3/web/swat.c index 765655ccbc5..95837b4ea5e 100644 --- a/source3/web/swat.c +++ b/source3/web/swat.c @@ -29,6 +29,7 @@ #include "includes.h" #include "web/swat_proto.h" +#include "../lib/crypto/md5.h" static int demo_mode = False; static int passwd_only = False; @@ -50,6 +51,7 @@ static int iNumNonAutoPrintServices = 0; #define DISABLE_USER_FLAG "disable_user_flag" #define ENABLE_USER_FLAG "enable_user_flag" #define RHOST "remote_host" +#define XSRF_TOKEN "xsrf" #define _(x) lang_msg_rotate(talloc_tos(),x) @@ -138,6 +140,58 @@ static char *make_parm_name(const char *label) return parmname; } +void get_xsrf_token(const char *username, const char *pass, + const char *formname, char token_str[33]) +{ + struct MD5Context md5_ctx; + uint8_t token[16]; + int i; + + token_str[0] = '\0'; + ZERO_STRUCT(md5_ctx); + MD5Init(&md5_ctx); + + MD5Update(&md5_ctx, (uint8_t *)formname, strlen(formname)); + if (username != NULL) { + MD5Update(&md5_ctx, (uint8_t *)username, strlen(username)); + } + if (pass != NULL) { + MD5Update(&md5_ctx, (uint8_t *)pass, strlen(pass)); + } + + MD5Final(token, &md5_ctx); + + for(i = 0; i < sizeof(token); i++) { + char tmp[3]; + + snprintf(tmp, sizeof(tmp), "%02x", token[i]); + strncat(token_str, tmp, sizeof(tmp)); + } +} + +void print_xsrf_token(const char *username, const char *pass, + const char *formname) +{ + char token[33]; + + get_xsrf_token(username, pass, formname, token); + printf("<input type=\"hidden\" name=\"%s\" value=\"%s\">\n", + XSRF_TOKEN, token); + +} + +bool verify_xsrf_token(const char *formname) +{ + char expected[33]; + const char *username = cgi_user_name(); + const char *pass = cgi_user_pass(); + const char *token = cgi_variable_nonull(XSRF_TOKEN); + + get_xsrf_token(username, pass, formname, expected); + return (strncmp(expected, token, sizeof(expected)) == 0); +} + + /**************************************************************************** include a lump of html in a page ****************************************************************************/ diff --git a/source3/web/swat_proto.h b/source3/web/swat_proto.h index 76f9c3c68f1..e66c9420db5 100644 --- a/source3/web/swat_proto.h +++ b/source3/web/swat_proto.h @@ -67,5 +67,10 @@ void status_page(void); /* The following definitions come from web/swat.c */ const char *lang_msg_rotate(TALLOC_CTX *ctx, const char *msgid); +void get_xsrf_token(const char *username, const char *pass, + const char *formname, char token_str[33]); +void print_xsrf_token(const char *username, const char *pass, + const char *formname); +bool verify_xsrf_token(const char *formname); #endif /* _SWAT_PROTO_H_ */ |