diff options
Diffstat (limited to 'config/autoconfigbackup')
| -rw-r--r-- | config/autoconfigbackup/autoconfigbackup.inc | 35 | ||||
| -rw-r--r-- | config/autoconfigbackup/autoconfigbackup.php | 23 | ||||
| -rw-r--r-- | config/autoconfigbackup/autoconfigbackup.xml | 2 | ||||
| -rw-r--r-- | config/autoconfigbackup/autoconfigbackup_backup.php | 2 | ||||
| -rw-r--r-- | config/autoconfigbackup/autoconfigbackup_stats.php | 10 | ||||
| -rw-r--r-- | config/autoconfigbackup/crypt_acb.php | 20 | ||||
| -rw-r--r-- | config/autoconfigbackup/parse_config_upload.inc | 1 | ||||
| -rw-r--r-- | config/autoconfigbackup/parse_config_upload.php | 1 | ||||
| -rw-r--r-- | config/autoconfigbackup/upload_config_filter.php | 1 |
9 files changed, 75 insertions, 20 deletions
diff --git a/config/autoconfigbackup/autoconfigbackup.inc b/config/autoconfigbackup/autoconfigbackup.inc index 0ca3ebe9..2c9d18f9 100644 --- a/config/autoconfigbackup/autoconfigbackup.inc +++ b/config/autoconfigbackup/autoconfigbackup.inc @@ -43,8 +43,17 @@ if(file_exists("/usr/local/pkg/parse_config/parse_config_upload.php")) function custom_php_validation_command($post, &$input_errors) { global $_POST, $savemsg, $config; + if(!$post['username']) + $input_errors[] = "Username is required."; + + if(!$post['password'] or !$post['passwordagain']) + $input_errors[] = "The subscription password is required."; + + if(!$post['crypto_password'] or !$post['crypto_password2']) + $input_errors[] = "The encryption password is required."; + if($post['password'] <> $post['passwordagain']) - $input_errors[] = "Sorry, the entered passwords do not match."; + $input_errors[] = "Sorry, the entered portal.pfsense.org passwords do not match."; if($post['crypto_password'] <> $post['crypto_password2']) $input_errors[] = "Sorry, the entered encryption passwords do not match."; @@ -59,6 +68,21 @@ function custom_php_validation_command($post, &$input_errors) { unset($_POST['testconnection']); } +function configure_proxy() { + global $config; + $ret = array(); + if (!empty($config['system']['proxyurl'])) { + $ret[CURLOPT_PROXY] = $config['system']['proxyurl']; + if (!empty($config['system']['proxyport'])) + $ret[CURLOPT_PROXYPORT] = $config['system']['proxyport']; + if (!empty($config['system']['proxyuser']) && !empty($config['system']['proxypass'])) { + $ret[CURLOPT_PROXYAUTH] = CURLAUTH_ANY | CURLAUTH_ANYSAFE; + $ret[CURLOPT_PROXYUSERPWD] = "{$config['system']['proxyuser']}:{$config['system']['proxypass']}"; + } + } + return $ret; +} + function test_connection($post) { global $savemsg, $config, $g; @@ -93,6 +117,9 @@ function test_connection($post) { curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_CONNECTTIMEOUT, 55); curl_setopt($curl_session, CURLOPT_TIMEOUT, 30); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=showbackups&hostname={$hostname}"); $data = curl_exec($curl_session); @@ -200,7 +227,10 @@ function upload_config($reasonm = "") { curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl_session, CURLOPT_CONNECTTIMEOUT, 55); curl_setopt($curl_session, CURLOPT_TIMEOUT, 30); - + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + $data = curl_exec($curl_session); if (curl_errno($curl_session)) { $fd = fopen("/tmp/backupdebug.txt", "w"); @@ -239,4 +269,3 @@ function upload_config($reasonm = "") { } } -?> diff --git a/config/autoconfigbackup/autoconfigbackup.php b/config/autoconfigbackup/autoconfigbackup.php index 20f5f741..755c47aa 100644 --- a/config/autoconfigbackup/autoconfigbackup.php +++ b/config/autoconfigbackup/autoconfigbackup.php @@ -28,6 +28,7 @@ */ require("guiconfig.inc"); +require("autoconfigbackup.inc"); $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version < 2.0) @@ -79,7 +80,7 @@ else include("head.inc"); function get_hostnames() { - global $stats_url, $username, $password, $oper_sep; + global $stats_url, $username, $password, $oper_sep, $config, $g; // Populate available backups $curl_session = curl_init(); curl_setopt($curl_session, CURLOPT_URL, $stats_url); @@ -88,6 +89,10 @@ function get_hostnames() { curl_setopt($curl_session, CURLOPT_POST, 1); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=showstats"); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + $data = curl_exec($curl_session); if (curl_errno($curl_session)) { $fd = fopen("/tmp/acb_statsdebug.txt", "w"); @@ -165,6 +170,10 @@ function get_hostnames() { curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=delete" . "&hostname=" . urlencode($hostname) . "&revision=" . urlencode($_REQUEST['rmver'])); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + $data = curl_exec($curl_session); if (curl_errno($curl_session)) { $fd = fopen("/tmp/acb_deletedebug.txt", "w"); @@ -192,6 +201,9 @@ function get_hostnames() { curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=restore" . "&hostname=" . urlencode($hostname) . "&revision=" . urlencode($_REQUEST['newver'])); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); $data = curl_exec($curl_session); $data_split = split("\+\+\+\+", $data); $sha256 = trim($data_split[0]); // sha256 @@ -256,6 +268,9 @@ EOF; curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=restore" . "&hostname=" . urlencode($hostname) . "&revision=" . urlencode($_REQUEST['download'])); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); $data = curl_exec($curl_session); if (!tagfile_deformat($data, $data1, "config.xml")) $input_errors[] = "The downloaded file does not appear to contain an encrypted pfSense configuration."; @@ -306,6 +321,10 @@ EOF; curl_setopt($curl_session, CURLOPT_POST, 1); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=showbackups&hostname={$hostname}"); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + $data = curl_exec($curl_session); if (curl_errno($curl_session)) { $fd = fopen("/tmp/acb_backupdebug.txt", "w"); @@ -401,4 +420,4 @@ EOF; </form> <?php include("fend.inc"); ?> </body> -</html>
\ No newline at end of file +</html> diff --git a/config/autoconfigbackup/autoconfigbackup.xml b/config/autoconfigbackup/autoconfigbackup.xml index b0514e6a..ee125efc 100644 --- a/config/autoconfigbackup/autoconfigbackup.xml +++ b/config/autoconfigbackup/autoconfigbackup.xml @@ -34,7 +34,7 @@ */ ]]> </copyright> - <description>Automatically backs up your pfSense configuration. All contents are encrypted on the server. Requires Gold or Support Subscription from https://portal.pfsense.org</description> + <description>Automatically backs up your pfSense configuration. All contents are encrypted before being sent to the server. Requires Gold Subscription from https://portal.pfsense.org</description> <requirements>pfSense Portal subscription</requirements> <name>AutoConfigBackup</name> <version>1.25</version> diff --git a/config/autoconfigbackup/autoconfigbackup_backup.php b/config/autoconfigbackup/autoconfigbackup_backup.php index 7a6b045f..f14b8aed 100644 --- a/config/autoconfigbackup/autoconfigbackup_backup.php +++ b/config/autoconfigbackup/autoconfigbackup_backup.php @@ -29,7 +29,7 @@ require("globals.inc"); require("guiconfig.inc"); -require("/usr/local/pkg/autoconfigbackup.inc"); +require("autoconfigbackup.inc"); $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version < 2.0) diff --git a/config/autoconfigbackup/autoconfigbackup_stats.php b/config/autoconfigbackup/autoconfigbackup_stats.php index b991e3d3..34d96eda 100644 --- a/config/autoconfigbackup/autoconfigbackup_stats.php +++ b/config/autoconfigbackup/autoconfigbackup_stats.php @@ -29,7 +29,7 @@ require("globals.inc"); require("guiconfig.inc"); -require("/usr/local/pkg/autoconfigbackup.inc"); +require("autoconfigbackup.inc"); $pf_version=substr(trim(file_get_contents("/etc/version")),0,3); if ($pf_version < 2.0) @@ -72,6 +72,10 @@ if($_REQUEST['delhostname']) { curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=deletehostname&delhostname=" . urlencode($_REQUEST['delhostname'])); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + $data = curl_exec($curl_session); if (curl_errno($curl_session)) { $fd = fopen("/tmp/acb_deletedebug.txt", "w"); @@ -144,6 +148,10 @@ include("head.inc"); curl_setopt($curl_session, CURLOPT_POST, 1); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=showstats"); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + $data = curl_exec($curl_session); if (curl_errno($curl_session)) { $fd = fopen("/tmp/acb_statsdebug.txt", "w"); diff --git a/config/autoconfigbackup/crypt_acb.php b/config/autoconfigbackup/crypt_acb.php index 49a2147a..9f897cb5 100644 --- a/config/autoconfigbackup/crypt_acb.php +++ b/config/autoconfigbackup/crypt_acb.php @@ -31,14 +31,17 @@ function crypt_data($val, $pass, $opt) { $file = tempnam("/tmp", "php-encrypt"); - $fd = fopen("$file.dec", "w"); - fwrite($fd, $val); - fclose($fd); - exec("/usr/bin/openssl enc {$opt} -aes-256-cbc -in $file.dec -out $file.enc -k {$pass}"); - $result = file_get_contents("$file.enc"); - exec("rm $file"); - exec("rm $file.dec"); - exec("rm $file.enc"); + file_put_contents("{$file}.dec", $val); + exec("/usr/bin/openssl enc {$opt} -aes-256-cbc -in {$file}.dec -out {$file}.enc -k " . escapeshellarg($pass)); + if (file_exists("{$file}.enc")) + $result = file_get_contents("{$file}.enc"); + else { + $result = ""; + log_error("Failed to encrypt/decrypt data!"); + } + @unlink($file); + @unlink("{$file}.dec"); + @unlink("{$file}.enc"); return $result; } @@ -130,4 +133,3 @@ return strpos(strtolower($str), strtolower($needle)); } -?>
\ No newline at end of file diff --git a/config/autoconfigbackup/parse_config_upload.inc b/config/autoconfigbackup/parse_config_upload.inc index ce592966..ba0b48ce 100644 --- a/config/autoconfigbackup/parse_config_upload.inc +++ b/config/autoconfigbackup/parse_config_upload.inc @@ -5,4 +5,3 @@ if(file_exists("/usr/local/pkg/autoconfigbackup.inc")) { upload_config(); } -?> diff --git a/config/autoconfigbackup/parse_config_upload.php b/config/autoconfigbackup/parse_config_upload.php index ce592966..ba0b48ce 100644 --- a/config/autoconfigbackup/parse_config_upload.php +++ b/config/autoconfigbackup/parse_config_upload.php @@ -5,4 +5,3 @@ if(file_exists("/usr/local/pkg/autoconfigbackup.inc")) { upload_config(); } -?> diff --git a/config/autoconfigbackup/upload_config_filter.php b/config/autoconfigbackup/upload_config_filter.php index ce592966..ba0b48ce 100644 --- a/config/autoconfigbackup/upload_config_filter.php +++ b/config/autoconfigbackup/upload_config_filter.php @@ -5,4 +5,3 @@ if(file_exists("/usr/local/pkg/autoconfigbackup.inc")) { upload_config(); } -?> |