diff options
Diffstat (limited to 'config/autoconfigbackup')
| -rw-r--r-- | config/autoconfigbackup/autoconfigbackup.inc | 52 | ||||
| -rw-r--r-- | config/autoconfigbackup/autoconfigbackup.php | 36 | ||||
| -rw-r--r-- | config/autoconfigbackup/autoconfigbackup.xml | 20 | ||||
| -rw-r--r-- | config/autoconfigbackup/autoconfigbackup_backup.php | 14 | ||||
| -rw-r--r-- | config/autoconfigbackup/autoconfigbackup_stats.php | 10 | ||||
| -rw-r--r-- | config/autoconfigbackup/crypt_acb.php | 20 | ||||
| -rw-r--r-- | config/autoconfigbackup/parse_config_upload.inc | 1 | ||||
| -rw-r--r-- | config/autoconfigbackup/parse_config_upload.php | 1 | ||||
| -rw-r--r-- | config/autoconfigbackup/upload_config_filter.php | 1 |
9 files changed, 101 insertions, 54 deletions
diff --git a/config/autoconfigbackup/autoconfigbackup.inc b/config/autoconfigbackup/autoconfigbackup.inc index 313cc1ac..2511a2a1 100644 --- a/config/autoconfigbackup/autoconfigbackup.inc +++ b/config/autoconfigbackup/autoconfigbackup.inc @@ -2,7 +2,7 @@ /* $Id$ */ /* autoconfigbackup.inc - Copyright (C) 2008 Scott Ullrich + Copyright (C) 2008-2014 Electric Sheep Fencing LP Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: @@ -40,11 +40,20 @@ if(file_exists("/usr/local/pkg/parse_config/parse_config_upload.php")) unlink("/usr/local/pkg/parse_config/parse_config_upload.php"); /* ensures patches match */ -function custom_php_validation_command($post, $input_errors) { +function custom_php_validation_command($post, &$input_errors) { global $_POST, $savemsg, $config; + if(!$post['username']) + $input_errors[] = "Username is required."; + + if(!$post['password'] or !$post['passwordagain']) + $input_errors[] = "The subscription password is required."; + + if(!$post['crypto_password'] or !$post['crypto_password2']) + $input_errors[] = "The encryption password is required."; + if($post['password'] <> $post['passwordagain']) - $input_errors[] = "Sorry, the entered passwords do not match."; + $input_errors[] = "Sorry, the entered portal.pfsense.org passwords do not match."; if($post['crypto_password'] <> $post['crypto_password2']) $input_errors[] = "Sorry, the entered encryption passwords do not match."; @@ -59,6 +68,21 @@ function custom_php_validation_command($post, $input_errors) { unset($_POST['testconnection']); } +function configure_proxy() { + global $config; + $ret = array(); + if (!empty($config['system']['proxyurl'])) { + $ret[CURLOPT_PROXY] = $config['system']['proxyurl']; + if (!empty($config['system']['proxyport'])) + $ret[CURLOPT_PROXYPORT] = $config['system']['proxyport']; + if (!empty($config['system']['proxyuser']) && !empty($config['system']['proxypass'])) { + $ret[CURLOPT_PROXYAUTH] = CURLAUTH_ANY | CURLAUTH_ANYSAFE; + $ret[CURLOPT_PROXYUSERPWD] = "{$config['system']['proxyuser']}:{$config['system']['proxypass']}"; + } + } + return $ret; +} + function test_connection($post) { global $savemsg, $config, $g; @@ -93,6 +117,9 @@ function test_connection($post) { curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_CONNECTTIMEOUT, 55); curl_setopt($curl_session, CURLOPT_TIMEOUT, 30); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=showbackups&hostname={$hostname}"); $data = curl_exec($curl_session); @@ -117,9 +144,6 @@ function upload_config($reasonm = "") { * This file plugs into config.inc (/usr/local/pkg/parse_config) * and runs every time the running firewall filter changes. * - * Written by Scott Ullrich - * (C) 2008 BSD Perimeter LLC - * */ if(file_exists("/tmp/acb_nooverwrite")) { @@ -130,13 +154,11 @@ function upload_config($reasonm = "") { } // Define some needed variables - if(!file_exists("/cf/conf/lastpfSbackup.txt")) { - conf_mount_rw(); - touch("/cf/conf/lastpfSbackup.txt"); - conf_mount_ro(); - } + if(file_exists("/cf/conf/lastpfSbackup.txt")) + $last_backup_date = str_replace("\n", "", file_get_contents("/cf/conf/lastpfSbackup.txt")); + else + $last_backup_date = ""; - $last_backup_date = str_replace("\n", "", file_get_contents("/cf/conf/lastpfSbackup.txt")); $last_config_change = $config['revision']['time']; $hostname = $config['system']['hostname'] . "." . $config['system']['domain']; if($reasonm) @@ -202,7 +224,10 @@ function upload_config($reasonm = "") { curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl_session, CURLOPT_CONNECTTIMEOUT, 55); curl_setopt($curl_session, CURLOPT_TIMEOUT, 30); - + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + $data = curl_exec($curl_session); if (curl_errno($curl_session)) { $fd = fopen("/tmp/backupdebug.txt", "w"); @@ -241,4 +266,3 @@ function upload_config($reasonm = "") { } } -?>
\ No newline at end of file diff --git a/config/autoconfigbackup/autoconfigbackup.php b/config/autoconfigbackup/autoconfigbackup.php index 20f5f741..52b3eca9 100644 --- a/config/autoconfigbackup/autoconfigbackup.php +++ b/config/autoconfigbackup/autoconfigbackup.php @@ -28,6 +28,7 @@ */ require("guiconfig.inc"); +require("autoconfigbackup.inc"); $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version < 2.0) @@ -79,7 +80,7 @@ else include("head.inc"); function get_hostnames() { - global $stats_url, $username, $password, $oper_sep; + global $stats_url, $username, $password, $oper_sep, $config, $g; // Populate available backups $curl_session = curl_init(); curl_setopt($curl_session, CURLOPT_URL, $stats_url); @@ -88,6 +89,10 @@ function get_hostnames() { curl_setopt($curl_session, CURLOPT_POST, 1); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=showstats"); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + $data = curl_exec($curl_session); if (curl_errno($curl_session)) { $fd = fopen("/tmp/acb_statsdebug.txt", "w"); @@ -165,6 +170,10 @@ function get_hostnames() { curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=delete" . "&hostname=" . urlencode($hostname) . "&revision=" . urlencode($_REQUEST['rmver'])); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + $data = curl_exec($curl_session); if (curl_errno($curl_session)) { $fd = fopen("/tmp/acb_deletedebug.txt", "w"); @@ -192,6 +201,9 @@ function get_hostnames() { curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=restore" . "&hostname=" . urlencode($hostname) . "&revision=" . urlencode($_REQUEST['newver'])); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); $data = curl_exec($curl_session); $data_split = split("\+\+\+\+", $data); $sha256 = trim($data_split[0]); // sha256 @@ -256,6 +268,9 @@ EOF; curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=restore" . "&hostname=" . urlencode($hostname) . "&revision=" . urlencode($_REQUEST['download'])); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); $data = curl_exec($curl_session); if (!tagfile_deformat($data, $data1, "config.xml")) $input_errors[] = "The downloaded file does not appear to contain an encrypted pfSense configuration."; @@ -306,6 +321,10 @@ EOF; curl_setopt($curl_session, CURLOPT_POST, 1); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=showbackups&hostname={$hostname}"); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + $data = curl_exec($curl_session); if (curl_errno($curl_session)) { $fd = fopen("/tmp/acb_backupdebug.txt", "w"); @@ -338,10 +357,17 @@ EOF; <center> <b>Hostname:</b> <select id="hostname" name="hostname" onChange="document.location='autoconfigbackup.php?hostname=' + this.value;"> - <?foreach($hostnames as $hn):?> - <option value='<?=$hn?>'><?=$hn?></option> + <? + $host_not_found = true; + foreach($hostnames as $hn): + ?> + <option value='<?=$hn?>' <? if ($hn == $hostname) {echo " selected=\"selected\""; $host_not_found = false;}?>> + <?=$hn?> + </option> <?endforeach?> - <option value='<?=$hostname?>' SELECTED><?=$hostname?></option> + <? if ($host_not_found) { ?> + <option value='<?=$hostname?>' SELECTED><?=$hostname?></option> + <? } ?> </select> </td> </tr> @@ -401,4 +427,4 @@ EOF; </form> <?php include("fend.inc"); ?> </body> -</html>
\ No newline at end of file +</html> diff --git a/config/autoconfigbackup/autoconfigbackup.xml b/config/autoconfigbackup/autoconfigbackup.xml index 0d324d8a..eb3f7545 100644 --- a/config/autoconfigbackup/autoconfigbackup.xml +++ b/config/autoconfigbackup/autoconfigbackup.xml @@ -7,8 +7,8 @@ /* $Id$ */ /* autoconfigbackup.xml - part of pfSense (http://www.pfSense.com) - Copyright (C) 2008 BSD Perimeter + part of pfSense (https://www.pfsense.org) + Copyright (C) 2008-2014 Electric Sheep Fencing LP All rights reserved. Redistribution and use in source and binary forms, with or without @@ -34,10 +34,10 @@ */ ]]> </copyright> - <description>Automatically backs up your pfSense configuration. All contents are encrypted on the server. Requires Gold or Support Subscription from https://portal.pfsense.org</description> + <description>Automatically backs up your pfSense configuration. All contents are encrypted before being sent to the server. Requires Gold Subscription from https://portal.pfsense.org</description> <requirements>pfSense Portal subscription</requirements> <name>AutoConfigBackup</name> - <version>1.22</version> + <version>1.28</version> <title>Diagnostics: Auto Configuration Backup</title> <savetext>Change</savetext> <include_file>/usr/local/pkg/autoconfigbackup.inc</include_file> @@ -132,19 +132,15 @@ <fieldname>crypto_password2</fieldname> <type>password</type> </field> - <field> - <fielddescr>Test connection</fielddescr> - <description>Check this box to test the connection to portal.pfsense.org.</description> - <fieldname>testconnection</fieldname> - <type>checkbox</type> - </field> </fields> <custom_php_validation_command> - custom_php_validation_command($_POST, &$input_errors); + custom_php_validation_command($_POST, $input_errors); </custom_php_validation_command> <custom_php_resync_config_command> <![CDATA[ - exec("echo > /cf/conf/lastpfSbackup.txt"); + conf_mount_rw(); + @unlink("/cf/conf/lastpfSbackup.txt"); + conf_mount_ro(); if(!function_exists("filter_configure")) require_once("filter.inc"); filter_configure(); diff --git a/config/autoconfigbackup/autoconfigbackup_backup.php b/config/autoconfigbackup/autoconfigbackup_backup.php index a65fba4d..3c5ea423 100644 --- a/config/autoconfigbackup/autoconfigbackup_backup.php +++ b/config/autoconfigbackup/autoconfigbackup_backup.php @@ -29,7 +29,7 @@ require("globals.inc"); require("guiconfig.inc"); -require("/usr/local/pkg/autoconfigbackup.inc"); +require("autoconfigbackup.inc"); $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version < 2.0) @@ -48,7 +48,9 @@ if($_POST) { else write_config("Backup invoked via Auto Config Backup."); $config = parse_config(true); - exec("echo > /cf/conf/lastpfSbackup.txt"); + conf_mount_rw(); + @unlink("/cf/conf/lastpfSbackup.txt", ""); + conf_mount_ro(); upload_config($_REQUEST['reason']); $savemsg = "Backup completed successfully."; $donotshowheader=true; @@ -103,14 +105,6 @@ include("head.inc"); </td> </tr> <tr> - <td align="right"> - Do not overwrite previous backups for this hostname: - </td> - <td> - <input type="checkbox" name="nooverwrite"> - </td> - </tr> - <tr> <td> </td> diff --git a/config/autoconfigbackup/autoconfigbackup_stats.php b/config/autoconfigbackup/autoconfigbackup_stats.php index b991e3d3..34d96eda 100644 --- a/config/autoconfigbackup/autoconfigbackup_stats.php +++ b/config/autoconfigbackup/autoconfigbackup_stats.php @@ -29,7 +29,7 @@ require("globals.inc"); require("guiconfig.inc"); -require("/usr/local/pkg/autoconfigbackup.inc"); +require("autoconfigbackup.inc"); $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version < 2.0) @@ -72,6 +72,10 @@ if($_REQUEST['delhostname']) { curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=deletehostname&delhostname=" . urlencode($_REQUEST['delhostname'])); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + $data = curl_exec($curl_session); if (curl_errno($curl_session)) { $fd = fopen("/tmp/acb_deletedebug.txt", "w"); @@ -144,6 +148,10 @@ include("head.inc"); curl_setopt($curl_session, CURLOPT_POST, 1); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=showstats"); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + $data = curl_exec($curl_session); if (curl_errno($curl_session)) { $fd = fopen("/tmp/acb_statsdebug.txt", "w"); diff --git a/config/autoconfigbackup/crypt_acb.php b/config/autoconfigbackup/crypt_acb.php index 49a2147a..9f897cb5 100644 --- a/config/autoconfigbackup/crypt_acb.php +++ b/config/autoconfigbackup/crypt_acb.php @@ -31,14 +31,17 @@ function crypt_data($val, $pass, $opt) { $file = tempnam("/tmp", "php-encrypt"); - $fd = fopen("$file.dec", "w"); - fwrite($fd, $val); - fclose($fd); - exec("/usr/bin/openssl enc {$opt} -aes-256-cbc -in $file.dec -out $file.enc -k {$pass}"); - $result = file_get_contents("$file.enc"); - exec("rm $file"); - exec("rm $file.dec"); - exec("rm $file.enc"); + file_put_contents("{$file}.dec", $val); + exec("/usr/bin/openssl enc {$opt} -aes-256-cbc -in {$file}.dec -out {$file}.enc -k " . escapeshellarg($pass)); + if (file_exists("{$file}.enc")) + $result = file_get_contents("{$file}.enc"); + else { + $result = ""; + log_error("Failed to encrypt/decrypt data!"); + } + @unlink($file); + @unlink("{$file}.dec"); + @unlink("{$file}.enc"); return $result; } @@ -130,4 +133,3 @@ return strpos(strtolower($str), strtolower($needle)); } -?>
\ No newline at end of file diff --git a/config/autoconfigbackup/parse_config_upload.inc b/config/autoconfigbackup/parse_config_upload.inc index ce592966..ba0b48ce 100644 --- a/config/autoconfigbackup/parse_config_upload.inc +++ b/config/autoconfigbackup/parse_config_upload.inc @@ -5,4 +5,3 @@ if(file_exists("/usr/local/pkg/autoconfigbackup.inc")) { upload_config(); } -?> diff --git a/config/autoconfigbackup/parse_config_upload.php b/config/autoconfigbackup/parse_config_upload.php index ce592966..ba0b48ce 100644 --- a/config/autoconfigbackup/parse_config_upload.php +++ b/config/autoconfigbackup/parse_config_upload.php @@ -5,4 +5,3 @@ if(file_exists("/usr/local/pkg/autoconfigbackup.inc")) { upload_config(); } -?> diff --git a/config/autoconfigbackup/upload_config_filter.php b/config/autoconfigbackup/upload_config_filter.php index ce592966..ba0b48ce 100644 --- a/config/autoconfigbackup/upload_config_filter.php +++ b/config/autoconfigbackup/upload_config_filter.php @@ -5,4 +5,3 @@ if(file_exists("/usr/local/pkg/autoconfigbackup.inc")) { upload_config(); } -?> |