summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorKai Blin <kai@samba.org>2011-07-08 15:05:38 +0200
committerKarolin Seeger <kseeger@samba.org>2011-07-26 20:48:10 +0200
commit78bee109191146c10bb0fd751dfa845d4796668d (patch)
tree835c22f411bc9376ce773c0af5facb670bda95f7
parent68c94f82a5f0be5e7efe0bc12a3d7fd8b8174cd8 (diff)
downloadsamba-78bee109191146c10bb0fd751dfa845d4796668d.tar.gz
s3 swat: Add XSRF protection to password page
Signed-off-by: Kai Blin <kai@samba.org> (cherry picked from commit e4e6195701d761326ad5f2dbb63aeb71b0dc7971)
-rw-r--r--source3/web/swat.c11
1 files changed, 8 insertions, 3 deletions
diff --git a/source3/web/swat.c b/source3/web/swat.c
index ecb279178b4..c46cd8f592d 100644
--- a/source3/web/swat.c
+++ b/source3/web/swat.c
@@ -1226,12 +1226,15 @@ static void chg_passwd(void)
static void passwd_page(void)
{
const char *new_name = cgi_user_name();
+ const char passwd_form[] = "passwd";
+ const char rpasswd_form[] = "rpasswd";
if (!new_name) new_name = "";
printf("<H2>%s</H2>\n", _("Server Password Management"));
printf("<FORM name=\"swatform\" method=post>\n");
+ print_xsrf_token(cgi_user_name(), cgi_user_pass(), passwd_form);
printf("<table>\n");
@@ -1271,14 +1274,16 @@ static void passwd_page(void)
* Do some work if change, add, disable or enable was
* requested. It could be this is the first time through this
* code, so there isn't anything to do. */
- if ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) ||
- (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG))) {
+ if (verify_xsrf_token(passwd_form) &&
+ ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) ||
+ (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG)))) {
chg_passwd();
}
printf("<H2>%s</H2>\n", _("Client/Server Password Management"));
printf("<FORM name=\"swatform\" method=post>\n");
+ print_xsrf_token(cgi_user_name(), cgi_user_pass(), rpasswd_form);
printf("<table>\n");
@@ -1311,7 +1316,7 @@ static void passwd_page(void)
* password somewhere other than the server. It could be this
* is the first time through this code, so there isn't
* anything to do. */
- if (cgi_variable(CHG_R_PASSWD_FLAG)) {
+ if (verify_xsrf_token(passwd_form) && cgi_variable(CHG_R_PASSWD_FLAG)) {
chg_passwd();
}