Gitiles
Code Review Sign In
gerrit.omnirom.org / android_external_wpa_supplicant_8 / 74f70d4688040f5499074ee3e899467e2c4944be / . / hs20 / server / www / users.php
blob: 2bd555275ddab342d8cf859a0698f72b03856b54 [file] [log] [blame]
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]1<?php
2
3require('config.php');
4
5$db = new PDO($osu_db);
6if (!$db) {
7 die($sqliteerror);
8}
9
10if (isset($_GET["id"])) {
11 $id = $_GET["id"];
12 if (!is_numeric($id))
13 $id = 0;
14} else
15 $id = 0;
16if (isset($_GET["cmd"]))
17 $cmd = $_GET["cmd"];
18else
19 $cmd = '';
20
21if ($cmd == 'eventlog' && $id > 0) {
22 $row = $db->query("SELECT dump FROM eventlog WHERE rowid=$id")->fetch();
23 $dump = $row['dump'];
24 if ($dump[0] == '<') {
25 header("Content-type: text/xml");
26 echo "<?xml version=\"1.0\"?>\n";
27 echo $dump;
28 } else {
29 header("Content-type: text/plain");
30 echo $dump;
31 }
32 exit;
33}
34
35if ($cmd == 'mo' && $id > 0) {
36 $mo = $_GET["mo"];
37 if (!isset($mo))
38 exit;
39 if ($mo != "devinfo" && $mo != "devdetail" && $mo != "pps")
40 exit;
41 $row = $db->query("SELECT $mo FROM users WHERE rowid=$id")->fetch();
42 header("Content-type: text/xml");
43 echo "<?xml version=\"1.0\"?>\n";
44 echo $row[$mo];
45 exit;
46}
47
48if ($cmd == 'cert' && $id > 0) {
49 $row = $db->query("SELECT cert_pem FROM users WHERE rowid=$id")->fetch();
50 header("Content-type: text/plain");
51 echo $row['cert_pem'];
52 exit;
53}
54
55?>
56
57<html>
58<head><title>HS 2.0 users</title></head>
59<body>
60
61<?php
62
63if ($cmd == 'subrem-clear' && $id > 0) {
64 $db->exec("UPDATE users SET remediation='' WHERE rowid=$id");
65}
66if ($cmd == 'subrem-add-user' && $id > 0) {
67 $db->exec("UPDATE users SET remediation='user' WHERE rowid=$id");
68}
69if ($cmd == 'subrem-add-machine' && $id > 0) {
70 $db->exec("UPDATE users SET remediation='machine' WHERE rowid=$id");
71}
Hai Shalom74f70d42019-02-11 14:42:39 -0800[diff] [blame^]72if ($cmd == 'subrem-add-reenroll' && $id > 0) {
73 $db->exec("UPDATE users SET remediation='reenroll' WHERE rowid=$id");
74}
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]75if ($cmd == 'subrem-add-policy' && $id > 0) {
76 $db->exec("UPDATE users SET remediation='policy' WHERE rowid=$id");
77}
78if ($cmd == 'subrem-add-free' && $id > 0) {
79 $db->exec("UPDATE users SET remediation='free' WHERE rowid=$id");
80}
81if ($cmd == 'fetch-pps-on' && $id > 0) {
82 $db->exec("UPDATE users SET fetch_pps=1 WHERE rowid=$id");
83}
84if ($cmd == 'fetch-pps-off' && $id > 0) {
85 $db->exec("UPDATE users SET fetch_pps=0 WHERE rowid=$id");
86}
87if ($cmd == 'reset-pw' && $id > 0) {
88 $db->exec("UPDATE users SET password='ChangeMe' WHERE rowid=$id");
89}
90if ($cmd == "policy" && $id > 0 && isset($_GET["policy"])) {
91 $policy = $_GET["policy"];
92 if ($policy == "no-policy" ||
93 is_readable("$osu_root/spp/policy/$policy.xml")) {
94 $db->exec("UPDATE users SET policy='$policy' WHERE rowid=$id");
95 }
96}
97if ($cmd == "account-type" && $id > 0 && isset($_GET["type"])) {
98 $type = $_GET["type"];
99 if ($type == "shared")
100 $db->exec("UPDATE users SET shared=1 WHERE rowid=$id");
101 if ($type == "default")
102 $db->exec("UPDATE users SET shared=0 WHERE rowid=$id");
103}
104
105if ($cmd == "set-osu-cred" && $id > 0) {
106 $osu_user = $_POST["osu_user"];
107 $osu_password = $_POST["osu_password"];
108 if (strlen($osu_user) == 0)
109 $osu_password = "";
110 $db->exec("UPDATE users SET osu_user='$osu_user', osu_password='$osu_password' WHERE rowid=$id");
111}
112
Roshan Pius3a1667e2018-07-03 15:17:14 -0700[diff] [blame]113if ($cmd == 'clear-t-c' && $id > 0) {
114 $db->exec("UPDATE users SET t_c_timestamp=NULL WHERE rowid=$id");
115}
116
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]117$dump = 0;
118
119if ($id > 0) {
120
121if (isset($_GET["dump"])) {
122 $dump = $_GET["dump"];
123 if (!is_numeric($dump))
124 $dump = 0;
125} else
126 $dump = 0;
127
128echo "[<a href=\"users.php\">All users</a>] ";
129if ($dump == 0)
130 echo "[<a href=\"users.php?id=$id&dump=1\">Include debug dump</a>] ";
131else
132 echo "[<a href=\"users.php?id=$id\">Without debug dump</a>] ";
133echo "<br>\n";
134
135$row = $db->query("SELECT rowid,* FROM users WHERE rowid=$id")->fetch();
136
137echo "<H3>" . $row['identity'] . "@" . $row['realm'] . "</H3>\n";
138
139echo "MO: ";
140if (strlen($row['devinfo']) > 0) {
141 echo "[<a href=\"users.php?cmd=mo&id=$id&mo=devinfo\">DevInfo</a>]\n";
142}
143if (strlen($row['devdetail']) > 0) {
144 echo "[<a href=\"users.php?cmd=mo&id=$id&mo=devdetail\">DevDetail</a>]\n";
145}
146if (strlen($row['pps']) > 0) {
147 echo "[<a href=\"users.php?cmd=mo&id=$id&mo=pps\">PPS</a>]\n";
148}
149if (strlen($row['cert_pem']) > 0) {
150 echo "[<a href=\"users.php?cmd=cert&id=$id\">Certificate</a>]\n";
151}
152echo "<BR>\n";
153
154echo "Fetch PPS MO: ";
155if ($row['fetch_pps'] == "1") {
156 echo "On next connection " .
157 "[<a href=\"users.php?cmd=fetch-pps-off&id=$id\">" .
158 "do not fetch</a>]<br>\n";
159} else {
160 echo "Do not fetch " .
161 "[<a href=\"users.php?cmd=fetch-pps-on&id=$id\">" .
162 "request fetch</a>]<br>\n";
163}
164
165$cert = $row['cert'];
166if (strlen($cert) > 0) {
167 echo "Certificate fingerprint: $cert<br>\n";
168}
169
170echo "Remediation: ";
171$rem = $row['remediation'];
172if ($rem == "") {
173 echo "Not required";
174 echo " [<a href=\"users.php?cmd=subrem-add-user&id=" .
175 $row['rowid'] . "\">add:user</a>]";
176 echo " [<a href=\"users.php?cmd=subrem-add-machine&id=" .
177 $row['rowid'] . "\">add:machine</a>]";
Hai Shalom74f70d42019-02-11 14:42:39 -0800[diff] [blame^]178 if ($row['methods'] == 'TLS') {
179 echo " [<a href=\"users.php?cmd=subrem-add-reenroll&id=" .
180 $row['rowid'] . "\">add:reenroll</a>]";
181 }
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]182 echo " [<a href=\"users.php?cmd=subrem-add-policy&id=" .
183 $row['rowid'] . "\">add:policy</a>]";
184 echo " [<a href=\"users.php?cmd=subrem-add-free&id=" .
185 $row['rowid'] . "\">add:free</a>]";
186} else if ($rem == "user") {
187 echo "User [<a href=\"users.php?cmd=subrem-clear&id=" .
188 $row['rowid'] . "\">clear</a>]";
189} else if ($rem == "policy") {
190 echo "Policy [<a href=\"users.php?cmd=subrem-clear&id=" .
191 $row['rowid'] . "\">clear</a>]";
192} else if ($rem == "free") {
193 echo "Free [<a href=\"users.php?cmd=subrem-clear&id=" .
194 $row['rowid'] . "\">clear</a>]";
Hai Shalom74f70d42019-02-11 14:42:39 -0800[diff] [blame^]195} else if ($rem == "reenroll") {
196 echo "Reenroll [<a href=\"users.php?cmd=subrem-clear&id=" .
197 $row['rowid'] . "\">clear</a>]";
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]198} else {
199 echo "Machine [<a href=\"users.php?cmd=subrem-clear&id=" .
200 $row['rowid'] . "\">clear</a>]";
201}
202echo "<br>\n";
203
Hai Shalom39ba6fc2019-01-22 12:40:38 -0800[diff] [blame]204if (strncmp($row['identity'], "cert-", 5) != 0)
205 echo "Machine managed: " . ($row['machine_managed'] == "1" ? "TRUE" : "FALSE") . "<br>\n";
206
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]207echo "<form>Policy: <select name=\"policy\" " .
208 "onChange=\"window.location='users.php?cmd=policy&id=" .
209 $row['rowid'] . "&policy=' + this.value;\">\n";
210echo "<option value=\"" . $row['policy'] . "\" selected>" . $row['policy'] .
211 "</option>\n";
212$files = scandir("$osu_root/spp/policy");
213foreach ($files as $file) {
214 if (!preg_match("/.xml$/", $file))
215 continue;
216 if ($file == $row['policy'] . ".xml")
217 continue;
218 $p = substr($file, 0, -4);
219 echo "<option value=\"$p\">$p</option>\n";
220}
221echo "<option value=\"no-policy\">no policy</option>\n";
222echo "</select></form>\n";
223
224echo "<form>Account type: <select name=\"type\" " .
225 "onChange=\"window.location='users.php?cmd=account-type&id=" .
226 $row['rowid'] . "&type=' + this.value;\">\n";
227if ($row['shared'] > 0) {
228 $default_sel = "";
229 $shared_sel = " selected";
230} else {
231 $default_sel = " selected";
232 $shared_sel = "";
233}
234echo "<option value=\"default\"$default_sel>default</option>\n";
235echo "<option value=\"shared\"$shared_sel>shared</option>\n";
236echo "</select></form>\n";
237
238echo "Phase 2 method(s): " . $row['methods'] . "<br>\n";
239
240echo "<br>\n";
241echo "<a href=\"users.php?cmd=reset-pw&id=" .
242 $row['rowid'] . "\">Reset AAA password</a><br>\n";
243
244echo "<br>\n";
245echo "<form action=\"users.php?cmd=set-osu-cred&id=" . $row['rowid'] .
246 "\" method=\"POST\">\n";
247echo "OSU credentials (if username empty, AAA credentials are used):<br>\n";
248echo "username: <input type=\"text\" name=\"osu_user\" value=\"" .
249 $row['osu_user'] . "\">\n";
250echo "password: <input type=\"password\" name=\"osu_password\">\n";
251echo "<input type=\"submit\" value=\"Set OSU credentials\">\n";
252echo "</form>\n";
253
Roshan Pius3a1667e2018-07-03 15:17:14 -0700[diff] [blame]254if (strlen($row['t_c_timestamp']) > 0) {
255 echo "<br>\n";
256 echo "<a href=\"users.php?cmd=clear-t-c&id=" .
257 $row['rowid'] .
258 "\">Clear Terms and Conditions acceptance</a><br>\n";
259}
260
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]261echo "<hr>\n";
262
263$user = $row['identity'];
264$osu_user = $row['osu_user'];
265$realm = $row['realm'];
266}
267
268if ($id > 0 || ($id == 0 && $cmd == 'eventlog')) {
269
270 if ($id == 0) {
271 echo "[<a href=\"users.php\">All users</a>] ";
272 echo "<br>\n";
273 }
274
275echo "<table border=1>\n";
276echo "<tr>";
277if ($id == 0) {
278 echo "<th>user<th>realm";
279}
280echo "<th>time<th>address<th>sessionID<th>notes";
281if ($dump > 0)
282 echo "<th>dump";
283echo "\n";
284if (isset($_GET["limit"])) {
285 $limit = $_GET["limit"];
286 if (!is_numeric($limit))
287 $limit = 20;
288} else
289 $limit = 20;
290if ($id == 0)
291 $res = $db->query("SELECT rowid,* FROM eventlog ORDER BY timestamp DESC LIMIT $limit");
292else if (strlen($osu_user) > 0)
293 $res = $db->query("SELECT rowid,* FROM eventlog WHERE (user='$user' OR user='$osu_user') AND realm='$realm' ORDER BY timestamp DESC LIMIT $limit");
294else
295 $res = $db->query("SELECT rowid,* FROM eventlog WHERE user='$user' AND realm='$realm' ORDER BY timestamp DESC LIMIT $limit");
296foreach ($res as $row) {
297 echo "<tr>";
298 if ($id == 0) {
299 echo "<td>" . $row['user'] . "\n";
300 echo "<td>" . $row['realm'] . "\n";
301 }
302 echo "<td>" . $row['timestamp'] . "\n";
303 echo "<td>" . $row['addr'] . "\n";
304 echo "<td>" . $row['sessionid'] . "\n";
305 echo "<td>" . $row['notes'] . "\n";
306 $d = $row['dump'];
307 if (strlen($d) > 0) {
308 echo "[<a href=\"users.php?cmd=eventlog&id=" . $row['rowid'] .
309 "\">";
310 if ($d[0] == '<')
311 echo "XML";
312 else
313 echo "txt";
314 echo "</a>]\n";
315 if ($dump > 0)
316 echo "<td>" . htmlspecialchars($d) . "\n";
317 }
318}
319echo "</table>\n";
320
321}
322
323
324if ($id == 0 && $cmd != 'eventlog') {
325
326echo "[<a href=\"users.php?cmd=eventlog&limit=50\">Eventlog</a>] ";
327echo "<br>\n";
328
Hai Shalom39ba6fc2019-01-22 12:40:38 -0800[diff] [blame]329echo "<table border=1 cellspacing=0 cellpadding=0>\n";
330echo "<tr><th>User<th>Realm<th><small>Remediation</small><th>Policy<th><small>Account type</small><th><small>Phase 2 method(s)</small><th>DevId<th>MAC Address<th>T&C\n";
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]331
Hai Shalom74f70d42019-02-11 14:42:39 -0800[diff] [blame^]332$res = $db->query('SELECT rowid,* FROM users WHERE (phase2=1 OR methods=\'TLS\') ORDER BY identity');
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]333foreach ($res as $row) {
334 echo "<tr><td><a href=\"users.php?id=" . $row['rowid'] . "\"> " .
335 $row['identity'] . " </a>";
336 echo "<td>" . $row['realm'];
337 $rem = $row['remediation'];
338 echo "<td>";
339 if ($rem == "") {
Hai Shalom39ba6fc2019-01-22 12:40:38 -0800[diff] [blame]340 echo "-";
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]341 } else if ($rem == "user") {
342 echo "User";
343 } else if ($rem == "policy") {
344 echo "Policy";
345 } else if ($rem == "free") {
346 echo "Free";
Hai Shalom74f70d42019-02-11 14:42:39 -0800[diff] [blame^]347 } else if ($rem == "reenroll") {
348 echo "Reenroll";
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]349 } else {
350 echo "Machine";
351 }
352 echo "<td>" . $row['policy'];
353 if ($row['shared'] > 0)
354 echo "<td>shared";
355 else
356 echo "<td>default";
Hai Shalom39ba6fc2019-01-22 12:40:38 -0800[diff] [blame]357 echo "<td><small>" . $row['methods'] . "</small>";
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]358 echo "<td>";
359 $xml = xml_parser_create();
360 xml_parse_into_struct($xml, $row['devinfo'], $devinfo);
361 foreach($devinfo as $k) {
362 if ($k['tag'] == 'DEVID') {
Hai Shalom39ba6fc2019-01-22 12:40:38 -0800[diff] [blame]363 echo "<small>" . $k['value'] . "</small>";
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]364 break;
365 }
366 }
Hai Shalom39ba6fc2019-01-22 12:40:38 -0800[diff] [blame]367 echo "<td><small>" . $row['mac_addr'] . "</small>";
368 echo "<td><small>" . $row['t_c_timestamp'] . "</small>";
Dmitry Shmidtdf5a7e42014-04-02 12:59:59 -0700[diff] [blame]369 echo "\n";
370}
371echo "</table>\n";
372
373}
374
375?>
376
377</html>