diff options
| -rw-r--r-- | packages/autoconfigbackup/autoconfigbackup.php | 2 | ||||
| -rw-r--r-- | packages/autoconfigbackup/autoconfigbackup.xml | 5 | ||||
| -rw-r--r-- | packages/autoconfigbackup/crypt_acb.php | 104 | ||||
| -rw-r--r-- | packages/autoconfigbackup/upload_config_filter.php | 35 |
4 files changed, 134 insertions, 12 deletions
diff --git a/packages/autoconfigbackup/autoconfigbackup.php b/packages/autoconfigbackup/autoconfigbackup.php index 6a03105e..24f26f05 100644 --- a/packages/autoconfigbackup/autoconfigbackup.php +++ b/packages/autoconfigbackup/autoconfigbackup.php @@ -34,6 +34,8 @@ require("guiconfig.inc"); $pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr("1.2", $pfSversion)) + require("crypt_acb.php"); // Seperator used during client / server communications $oper_sep = "\|\|"; diff --git a/packages/autoconfigbackup/autoconfigbackup.xml b/packages/autoconfigbackup/autoconfigbackup.xml index dd2371a1..f188af0b 100644 --- a/packages/autoconfigbackup/autoconfigbackup.xml +++ b/packages/autoconfigbackup/autoconfigbackup.xml @@ -63,6 +63,11 @@ <chmod>0755</chmod> <item>http://www.pfsense.com/packages/config/autoconfigbackup/autoconfigbackup.inc</item> </additional_files_needed> + <additional_files_needed> + <prefix>/etc/inc</prefix> + <chmod>0755</chmod> + <item>http://www.pfsense.com/packages/config/autoconfigbackup/crypt_acb.php</item> + </additional_files_needed> <tabs> <tab> <text>Settings</text> diff --git a/packages/autoconfigbackup/crypt_acb.php b/packages/autoconfigbackup/crypt_acb.php new file mode 100644 index 00000000..8c56dcaf --- /dev/null +++ b/packages/autoconfigbackup/crypt_acb.php @@ -0,0 +1,104 @@ +<?php + +/* $Id$ */ +/* + Copyright (C) 2008 Shrew Soft Inc + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + + DISABLE_PHP_LINT_CHECKING +*/ + + function crypt_data(& $data, $pass, $opt) { + + $pspec = "/usr/bin/openssl enc {$opt} -aes-256-cbc -k {$pass}"; + $dspec = array( 0 => array("pipe", "r"), + 1 => array("pipe", "w"), + 2 => array("pipe", "e")); + + $fp = proc_open($pspec, $dspec, $pipes); + if (!$fp) + return false; + + fwrite($pipes[0], $data); + fclose($pipes[0]); + + $rslt = stream_get_contents($pipes[1]); + fclose($pipes[1]); + + proc_close($fp); + + return $rslt; + } + + function encrypt_data(& $data, $pass) { + return base64_encode(crypt_data($data, $pass, "-e")); + } + + function decrypt_data(& $data, $pass) { + return crypt_data(base64_decode($data), $pass, "-d"); + } + + function tagfile_reformat($in, & $out, $tag) { + + $out = "---- BEGIN {$tag} ----\n"; + + $size = 80; + $oset = 0; + while ($size >= 64) { + $line = substr($in, $oset, 64); + $out .= $line."\n"; + $size = strlen($line); + $oset += $size; + } + + $out .= "---- END {$tag} ----\n"; + + return true; + } + + function tagfile_deformat($in, & $out, $tag) { + + $btag_val = "---- BEGIN {$tag} ----"; + $etag_val = "---- END {$tag} ----"; + + $btag_len = strlen($btag_val); + $etag_len = strlen($etag_val); + + $btag_pos = stripos($in, $btag_val); + $etag_pos = stripos($in, $etag_val); + + if (($btag_pos === false) || ($etag_pos === false)) + return false; + + $body_pos = $btag_pos + $btag_len; + $body_len = strlen($in); + $body_len -= strlen($btag_len); + $body_len -= strlen($etag_len); + + $out = substr($in, $body_pos, $body_len); + + return true; + } + +?>
\ No newline at end of file diff --git a/packages/autoconfigbackup/upload_config_filter.php b/packages/autoconfigbackup/upload_config_filter.php index 9f02234c..77f4473e 100644 --- a/packages/autoconfigbackup/upload_config_filter.php +++ b/packages/autoconfigbackup/upload_config_filter.php @@ -1,5 +1,9 @@ <?php +$pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); +if(strstr("1.2", $pfSversion)) + require("crypt_acb.php"); + /* * pfSense upload config to pfSense.org script * This file plugs into filter.inc (/usr/local/pkg/pf) @@ -14,18 +18,21 @@ $last_backup_date = str_replace("\n", "", file_get_contents("/cf/conf/lastpfSbackup.txt")); $last_config_change = $config['revision']['time']; $hostname = $config['system']['hostname']; +$reason = $config['revision']['description']; $username = $config['installedpackages']['autoconfigbackup']['config'][0]['username']; $password = $config['installedpackages']['autoconfigbackup']['config'][0]['password']; $encryptpw = $config['installedpackages']['autoconfigbackup']['config'][0]['crypto_password']; -$reason = $config['revision']['description']; // Define upload_url, must be present after other variable definitions due to username, password $upload_url = "https://{$username}:{$password}@portal.pfsense.org/pfSconfigbackups/backup.php"; if(!$username or !$password or !$encryptpw) { - $notice_text = "Either the username, password or encryption password is not set for Automatic Configuration Backup. Please correct this in Diagnostics -> AutoConfigBackup -> Settings."; + + $notice_text = "Either the username, password or encryption password is not set for Automatic Configuration Backup. "; + $notice_text .= "Please correct this in Diagnostics -> AutoConfigBackup -> Settings."; log_error($notice_text); - file_notice("autoconfigurationbackup", $notice_text, $notice_text, ""); + file_notice("AutoConfigBackup", $notice_text, $notice_text, ""); + } else { /* If configuration has changed, upload to pfS */ if($last_backup_date <> $last_config_change) { @@ -34,9 +41,10 @@ if(!$username or !$password or !$encryptpw) { conf_mount_rw(); // Lock config config_lock(); - - log_error("Beginning portal.pfsense.org configuration backup."); - update_filter_reload_status("Beginning portal.pfsense.org configuration backup."); + + $notice_text = "Beginning http://portal.pfsense.org configuration backup."; + log_error($notice_text); + update_filter_reload_status($notice_text); // Encrypt config.xml $data = file_get_contents("/cf/conf/config.xml"); @@ -78,12 +86,14 @@ if(!$username or !$password or !$encryptpw) { fclose($fd); if(!strstr($data, "500")) { - log_error("An error occured while uploading your pfSense configuration to portal.pfsense.org ($data)"); - file_notice("autoconfigurationbackup", "An error occured while uploading your pfSense configuration to portal.pfsense.org", $data, ""); - update_filter_reload_status("An error occured while uploading your pfSense configuration to portal.pfsense.org - $data"); + $notice_text = "An error occured while uploading your pfSense configuration to portal.pfsense.org"; + log_error($notice_text . " - " . $data); + file_notice("autoconfigurationbackup", $notice_text, $data, ""); + update_filter_reload_status($notice_text . " - " . $data); } else { - log_error("End of portal.pfsense.org configuration backup (success)."); - update_filter_reload_status("End of portal.pfsense.org configuration backup (success)."); + $notice_text = "End of portal.pfsense.org configuration backup (success)."; + log_error($notice_text); + update_filter_reload_status($notice_text); } // Unlock config @@ -92,8 +102,9 @@ if(!$username or !$password or !$encryptpw) { conf_mount_ro(); } else { - log_error("No portal.pfsense.org backup required."); + log_error("No http://portal.pfsense.org backup required."); } + } ?>
\ No newline at end of file |