From 81bb092842f1e7e97fbf56620d886344c6650b44 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9r=C3=B4me=20Schneider?= <mail@jeromeschneider.fr>
Date: Thu, 22 Mar 2012 13:49:38 +0100
Subject: [PATCH] Working on admin interface, as well as Mongoose structure

---
 .../{ubuntux64 => linux/x86_64}/mongoose      | Bin
 .../cgi/{ubuntux64 => linux/x86_64}/php-cgi   | Bin
 CoreVersions/Baikal_0.1/Mongoose/run.sh       |  74 ++++++++---------
 .../Baikal_0.1/Scripts/adminpassword.php      |  76 ++++++++++++++++++
 .../Baikal_0.1/WWWRoot/back/index.php         |   1 +
 .../WWWRoot/classes/BaikalAdmin.php           |  37 +++++++++
 .../Baikal_0.1/WWWRoot/front/index.php        |   6 +-
 Specific/config.php                           |  21 +++--
 8 files changed, 160 insertions(+), 55 deletions(-)
 rename CoreVersions/Baikal_0.1/Mongoose/builds/{ubuntux64 => linux/x86_64}/mongoose (100%)
 rename CoreVersions/Baikal_0.1/Mongoose/cgi/{ubuntux64 => linux/x86_64}/php-cgi (100%)
 create mode 100755 CoreVersions/Baikal_0.1/Scripts/adminpassword.php

diff --git a/CoreVersions/Baikal_0.1/Mongoose/builds/ubuntux64/mongoose b/CoreVersions/Baikal_0.1/Mongoose/builds/linux/x86_64/mongoose
similarity index 100%
rename from CoreVersions/Baikal_0.1/Mongoose/builds/ubuntux64/mongoose
rename to CoreVersions/Baikal_0.1/Mongoose/builds/linux/x86_64/mongoose
diff --git a/CoreVersions/Baikal_0.1/Mongoose/cgi/ubuntux64/php-cgi b/CoreVersions/Baikal_0.1/Mongoose/cgi/linux/x86_64/php-cgi
similarity index 100%
rename from CoreVersions/Baikal_0.1/Mongoose/cgi/ubuntux64/php-cgi
rename to CoreVersions/Baikal_0.1/Mongoose/cgi/linux/x86_64/php-cgi
diff --git a/CoreVersions/Baikal_0.1/Mongoose/run.sh b/CoreVersions/Baikal_0.1/Mongoose/run.sh
index f820de6..164cead 100755
--- a/CoreVersions/Baikal_0.1/Mongoose/run.sh
+++ b/CoreVersions/Baikal_0.1/Mongoose/run.sh
@@ -1,56 +1,50 @@
 #!/usr/bin/env bash
 
-PATH_scriptfile=`readlink -f $0`
-PATH_scriptdir=`dirname $PATH_scriptfile`"/"
-PATH_root=`dirname $(dirname $(dirname $PATH_scriptdir))`"/"
-PATH_docroot=$PATH_root"html/"
+PATH_SCRIPTFILE=`readlink -f $0`
+PATH_SCRIPTDIR=`dirname $PATH_SCRIPTFILE`"/"
+PATH_ROOT=`dirname $(dirname $(dirname $PATH_SCRIPTDIR))`"/"
+PATH_DOCROOT=$PATH_ROOT"html/"
 
-PATH_specific=$PATH_root"Specific/"
-PATH_configfile=$PATH_specific"config.php"
+PATH_SPECIFIC=$PATH_ROOT"Specific/"
+PATH_CONFIGFILE=$PATH_SPECIFIC"config.php"
 
-MONGOOSE_builds=$PATH_scriptdir"builds/"
-MONGOOSE_cgi=$PATH_scriptdir"cgi/"
+MONGOOSE_BUILDS=$PATH_SCRIPTDIR"builds/"
+MONGOOSE_CGI=$PATH_SCRIPTDIR"cgi/"
 
-function whichPlatform() {
-	local platform='unknown'
-	local unamestr=`uname`
-	
-	if [[ "$unamestr" == 'Linux' ]]; then
-		platform='linux'
-	elif [[ "$unamestr" == 'FreeBSD' ]]; then
-		platform='freebsd'
-	elif [[ "$unamestr" == 'Darwin' ]]; then
-		platform='osx'
-	fi
-	
-	echo "$platform"
+function whichOS() {
+	echo $(uname -s)
+}
+
+function whichARCH() {
+	echo $(uname -m)
+}
+
+function toLowerCase() {
+	echo $(echo "$1"|tr '[A-Z]' '[a-z]')
+}
+
+function whichBINDIST() {
+	local OS=$(whichOS);
+	local ARCH=$(whichARCH);
+	echo $(toLowerCase "$OS""/""$ARCH")
 }
 
 function getBaikalConf() {
-	local conf=$(php -r "require_once('$PATH_configfile'); if(is_bool($1)) { echo intval($1);} else { echo $1;}")
-	echo $conf
+	local CONF=$(php -r "require_once('$PATH_CONFIGFILE'); if(is_bool($1)) { echo intval($1);} else { echo $1;}")
+	echo "$CONF"
 }
 
-BAIKAL_standaloneenabled=$(getBaikalConf BAIKAL_STANDALONE_ENABLED)
-if [[ "$BAIKAL_standaloneenabled" == '0' ]]; then
+BAIKAL_STANDALONE_ALLOWED=$(getBaikalConf BAIKAL_STANDALONE_ALLOWED)
+if [[ "$BAIKAL_STANDALONE_ALLOWED" == '0' ]]; then
 	echo "Baïkal Standalone Server is disabled by config."
 	exit 0
 fi
 
-BAIKAL_standaloneport=$(getBaikalConf BAIKAL_STANDALONE_PORT)
-BAIKAL_baseuri=$(getBaikalConf BAIKAL_BASEURI)
+BAIKAL_STANDALONE_PORT=$(getBaikalConf BAIKAL_STANDALONE_PORT)
+MONGOOSE_BINDIST=$(whichBINDIST)
+echo "Serving standalone Baïkal on port $BAIKAL_STANDALONE_PORT ('$PATH_DOCROOT' on $MONGOOSE_BINDIST)"
 
-platform=$(whichPlatform)
-echo "Serving standalone Baïkal at $BAIKAL_baseuri:$BAIKAL_standaloneport ('$PATH_docroot' on $platform )"
+MONGOOSE_BIN="$MONGOOSE_BUILDS""$MONGOOSE_BINDIST""/mongoose"
+MONGOOSE_CGIBIN="$MONGOOSE_CGI""$MONGOOSE_BINDIST""/php-cgi"
 
-if [[ $platform == 'linux' ]]; then
-	MONGOOSE_bin=$MONGOOSE_builds"ubuntux64/mongoose"
-	MONGOOSE_cgibin=$MONGOOSE_cgi"ubuntux64/php-cgi"
-elif [[ $platform == 'freebsd' ]]; then
-	echo "FreeBSD !"
-elif [[ $platform == 'osx' ]]; then
-	MONGOOSE_bin=$MONGOOSE_builds"mac/mongoose"
-	MONGOOSE_cgibin=$MONGOOSE_cgi"mac/php-cgi"
-fi
-
-`$MONGOOSE_bin -p $BAIKAL_standaloneport -I $MONGOOSE_cgibin -i index.html,index.php -r $PATH_docroot`
+`$MONGOOSE_BIN -d no -p $BAIKAL_STANDALONE_PORT -I $MONGOOSE_CGIBIN -i index.html,index.php -r $PATH_DOCROOT`
\ No newline at end of file
diff --git a/CoreVersions/Baikal_0.1/Scripts/adminpassword.php b/CoreVersions/Baikal_0.1/Scripts/adminpassword.php
new file mode 100755
index 0000000..3c40413
--- /dev/null
+++ b/CoreVersions/Baikal_0.1/Scripts/adminpassword.php
@@ -0,0 +1,76 @@
+#!/usr/bin/env php
+<?php
+/***************************************************************
+*  Copyright notice
+*
+*  (c) 2012 Jérôme Schneider <mail@jeromeschneider.fr>
+*  All rights reserved
+*
+*  http://baikal.codr.fr
+*
+*  This script is part of the Baïkal Server project. The Baïkal
+*  Server project is free software; you can redistribute it
+*  and/or modify it under the terms of the GNU General Public
+*  License as published by the Free Software Foundation; either
+*  version 2 of the License, or (at your option) any later version.
+*
+*  The GNU General Public License can be found at
+*  http://www.gnu.org/copyleft/gpl.html.
+*
+*  This script is distributed in the hope that it will be useful,
+*  but WITHOUT ANY WARRANTY; without even the implied warranty of
+*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+*  GNU General Public License for more details.
+*
+*  This copyright notice MUST APPEAR in all copies of the script!
+***************************************************************/
+
+define("BAIKAL_CONTEXT", TRUE);
+define("BAIKAL_CONTEXT_CLI", TRUE);
+
+require_once("../Bootstrap.php");
+require_once("./inc/functions.php");
+require_once(BAIKAL_PATH_WWWROOT . "classes/BaikalAdmin.php");
+
+$sConfigFile = BAIKAL_PATH_SPECIFIC . "config.php";
+
+if(!file_exists($sConfigFile)) {
+	die("Specific/config.php is does not exist. Aborting, cannot modify admin password.");
+}
+
+if(!is_writable($sConfigFile)) {
+	die("Specific/config.php is not writable. Aborting, cannot modify admin password.");
+}
+
+$bFound = FALSE;
+
+if(!defined("BAIKAL_ADMIN_PASSWORDHASH")) {
+	echo "-- Info: There's currently no admin password set. --\n";
+} else {
+	echo "-- Info: The current admin password hash is '" . BAIKAL_ADMIN_PASSWORDHASH . "'. --\n";
+	$bFound = TRUE;
+}
+
+$sPassword = prompt_silent("New admin password: ");
+$sPasswordConfirm = prompt_silent("Confirm new admin password: ");
+
+if($sPassword === "") {
+	die("Password cannot be empty.\n");
+}
+
+if($sPassword !== $sPasswordConfirm) {
+	die("Passwords don't match; aborting.\n");
+}
+
+$sHash = BaikalAdmin::hashAdminPassword($sPassword);
+
+echo ("\nNew password hash:" . $sHash . "\n");
+$sFileContents = file_get_contents($sConfigFile);
+
+if($bFound === FALSE) {
+	$sFileContents .= "\n\n# Baïkal Web interface admin password hash; Set by Core/Scripts/adminpassword.php\ndefine(\"BAIKAL_ADMIN_PASSWORDHASH\", \"" . $sHash . "\");\n";
+} else {
+	die("TODO: implement update using regex");
+}
+
+file_put_contents($sConfigFile, $sFileContents);
\ No newline at end of file
diff --git a/CoreVersions/Baikal_0.1/WWWRoot/back/index.php b/CoreVersions/Baikal_0.1/WWWRoot/back/index.php
index 1520222..879641e 100644
--- a/CoreVersions/Baikal_0.1/WWWRoot/back/index.php
+++ b/CoreVersions/Baikal_0.1/WWWRoot/back/index.php
@@ -33,6 +33,7 @@ require_once(BAIKAL_PATH_WWWROOT . "classes/BaikalAdmin.php");
 require_once(BAIKAL_PATH_WWWROOT . "classes/BaikalTools.php");
 
 BaikalAdmin::assertEnabled();
+BaikalAdmin::assertAuthentified();
 
 echo "<h1>Ba&iuml;kal Admin</h1>";
 
diff --git a/CoreVersions/Baikal_0.1/WWWRoot/classes/BaikalAdmin.php b/CoreVersions/Baikal_0.1/WWWRoot/classes/BaikalAdmin.php
index c5ec1c3..a9ff9b7 100644
--- a/CoreVersions/Baikal_0.1/WWWRoot/classes/BaikalAdmin.php
+++ b/CoreVersions/Baikal_0.1/WWWRoot/classes/BaikalAdmin.php
@@ -59,6 +59,43 @@ class BaikalAdmin {
 		}
 	}
 	
+	static function assertAuthentified() {
+		if(!self::isAuthentified()) {
+			header(utf8_decode('WWW-Authenticate: Basic realm="Baïkal admin"'));
+			header('HTTP/1.0 401 Unauthorized'); 
+			die("Please authenticate.");
+		}
+		
+		return TRUE;
+	}
+	
+	static function isAuthentified() {
+
+		if(array_key_exists("PHP_AUTH_USER", $_SERVER)) {
+			$sUser = $_SERVER["PHP_AUTH_USER"];
+		} else {
+			$sUser = FALSE;
+		}
+		
+		if(array_key_exists("PHP_AUTH_PW", $_SERVER)) {
+			$sPass = $_SERVER["PHP_AUTH_PW"];
+		} else {
+			$sPass = FALSE;
+		}
+		
+		$sPassHash = self::hashAdminPassword($sPass);
+		
+		if($sUser === "admin" && $sPassHash === BAIKAL_ADMIN_PASSWORDHASH) {
+			return TRUE;
+		}
+		
+		return FALSE;
+	}
+	
+	static function hashAdminPassword($sPassword) {
+		return md5('admin:' . BAIKAL_AUTH_REALM . ':' . $sPassword);
+	}
+	
 	static function displayUsers() {
 		$aUsers = BaikalTools::getUsers();
 		
diff --git a/CoreVersions/Baikal_0.1/WWWRoot/front/index.php b/CoreVersions/Baikal_0.1/WWWRoot/front/index.php
index b89364b..55a0394 100755
--- a/CoreVersions/Baikal_0.1/WWWRoot/front/index.php
+++ b/CoreVersions/Baikal_0.1/WWWRoot/front/index.php
@@ -32,10 +32,10 @@
 	"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
 <head>
-	<title><?= BAIKAL_BASEURI ?></title>
+	<title>Baïkal Server</title>
 	<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"></meta>
 </head>
 <body>
-	<h2>Baïkal on <?= BAIKAL_BASEURI ?></h2>
+	<h2>Baïkal is running allright.</h2>
 </body>
-</html>
\ No newline at end of file
+</html>
diff --git a/Specific/config.php b/Specific/config.php
index 69822b0..9ab1f50 100755
--- a/Specific/config.php
+++ b/Specific/config.php
@@ -8,24 +8,21 @@
 # Timezone of your users, if unsure, check http://en.wikipedia.org/wiki/List_of_tz_database_time_zones
 define("BAIKAL_TIMEZONE", "Europe/Paris");
 
-# WEB absolute URI
-define("BAIKAL_BASEURI", "http://dav.mydomain.com/");
-
-# WEB absolute URI
-define("BAIKAL_ADMIN_ENABLED", TRUE);
-
 ##############################################################################
 # In this section: Optional configuration: you *may* customize these settings
 #
 
-# CardDAV ON/OFF switch
+# CardDAV ON/OFF switch; default TRUE
 define("BAIKAL_CARD_ENABLED", TRUE);
 
-# CalDAV ON/OFF switch
+# CalDAV ON/OFF switch; default TRUE
 define("BAIKAL_CAL_ENABLED", TRUE);
 
-# CalDAV ON/OFF switch
-define("BAIKAL_STANDALONE_ENABLED", FALSE);
+# Baïkal Web Admin interface ON/OFF; default FALSE
+define("BAIKAL_ADMIN_ENABLED", FALSE);
 
-# CalDAV ON/OFF switch
-define("BAIKAL_STANDALONE_PORT", 8888);
\ No newline at end of file
+# Standalone Server, allowed or not; default FALSE
+define("BAIKAL_STANDALONE_ALLOWED", FALSE);
+
+# Standalone Server, port number; default 8888
+define("BAIKAL_STANDALONE_PORT", 8888);