From 2a79f3394083fffb8e81360b3de23e116d5921b4 Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Fri, 21 Aug 2015 20:23:44 +0200
Subject: shellcmd - rewrite from scratch

---
 config/shellcmd/shellcmd.inc | 246 +++++++++++++++++++++++++++++++++++--------
 1 file changed, 201 insertions(+), 45 deletions(-)

(limited to 'config/shellcmd/shellcmd.inc')

diff --git a/config/shellcmd/shellcmd.inc b/config/shellcmd/shellcmd.inc
index 04cbf3d6..ef81050d 100644
--- a/config/shellcmd/shellcmd.inc
+++ b/config/shellcmd/shellcmd.inc
@@ -1,14 +1,11 @@
 <?php
-/* $Id$ */
-/*
-/* ========================================================================== */
-/*
-    shellcmd.inc
-    Copyright (C) 2008 Mark J Crane
-    All rights reserved.
-                                                                              */
-/* ========================================================================== */
 /*
+	shellcmd.inc
+	part of pfSense (https://www.pfSense.org/)
+	Copyright (C) 2008 Mark J Crane
+	Copyright (C) 2015 ESF, LLC
+	All rights reserved.
+
 	Redistribution and use in source and binary forms, with or without
 	modification, are permitted provided that the following conditions are met:
 
@@ -30,58 +27,217 @@
 	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 	POSSIBILITY OF SUCH DAMAGE.
 */
+function shellcmd_install_command() {
+	global $config;
+	conf_mount_rw();
 
-require_once("services.inc");
-
-if (!function_exists("pkg_is_service_running")) {
-	function pkg_is_service_running($servicename)
-	{
-	    exec("/bin/ps ax | awk '{ print $5 }'", $psout);
-	    array_shift($psout);
-	    foreach($psout as $line) {
-		$ps[] = trim(array_pop(explode(' ', array_pop(explode('/', $line)))));
-	    }
-	    if(is_service_running($servicename, $ps) or is_process_running($servicename) ) {
-		return true;
-	    }
-	    else {
-		return false;
-	    }
+	/* Remove garbage left over by previous broken package versions */
+	unlink_if_exists("/usr/local/etc/rc.d/shellcmd.sh");
+	if (is_dir("/usr/local/www/packages/shellcmd")) {
+		mwexec("/bin/rm -rf /usr/local/www/packages/shellcmd/");
 	}
+
+	shellcmd_import_config();
+	shellcmd_sync_package();
+	conf_mount_ro();
+
 }
 
-function shellcmd_sync_package()
-{
 
-	global $config;   
-	//synch shellcmd tab
-	//configure_shellcmd();
-	//$handle = popen("/usr/local/etc/rc.d/shellcmd.sh stop", "r");
-	//pclose($handle);
-	//$handle = popen("/usr/local/etc/rc.d/shellcmd.sh start", "r");
-	//pclose($handle);
+function shellcmd_delete_php_command() {
+	global $config;
+
+	/* When 'Delete item' is clicked in Shellcmd Settings */
+	if ($_GET['act'] == "del") {
+
+		/* System earlyshellcmd commands */
+		$a_earlyshellcmd = &$config['system']['earlyshellcmd'];
+		if (!is_array($a_earlyshellcmd)) {
+			$a_earlyshellcmd = array();
+		}
+		/* Shellcmd package commands */
+		$a_shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config'];
+		if (!is_array($a_shellcmd_config)) {
+			$a_shellcmd_config = array();
+		}
+
+		/* First check for a couple of special cases that we do NOT want deleted */
+		/* TODO: Create a function for these checks */
+		$pkg = '';
+		/* pfBlockerNG - function to restore archived aliastables on nanobsd (see pfblockerng.inc) */
+		$pfbcmd = "/usr/local/pkg/pfblockerng/pfblockerng.sh";
+		/* If the entry exists in system config ... */
+		if (in_array($pfbcmd, $a_earlyshellcmd)) {
+			$cnta = 0;
+			/* ... but does not exist in package config ... */
+			foreach ($a_shellcmd_config as $item => $value) {
+				if (in_array($pfbcmd, $value)) {
+					$cnta++;
+				}
+			}
+			/* ... the user has deleted this protected entry. */
+			if ($cnta === 0) {
+				$pkg .= "[pfBlockerNG]";
+				/* Force reimport. */
+				shellcmd_forced_restore($pkg);
+			}
+		}
+		/* System Patches auto-apply patch feature (see patches.inc) */
+		$spcmd = "/usr/local/bin/php -f /usr/local/bin/apply_patches.php";
+		if (in_array($spcmd, $a_earlyshellcmd)) {
+			$cntb = 0;
+			foreach ($a_shellcmd_config as $item => $value) {
+				if (in_array($spcmd, $value)) {
+					$cntb++;
+				}
+			}
+			if ($cntb === 0) {
+				$pkg .= "[System Patches]";
+				shellcmd_forced_restore($pkg);
+			}
+		}
+
+		/* Otherwise, sync package and system configuration normally */
+		shellcmd_sync_package();
+	}
+}
+
+/* Force restore of protected (early)shellcmds from system config */
+function shellcmd_forced_restore($pkg) {
+	log_error("[shellcmd] Refused to delete {$pkg} earlyshellcmd. Use {$pkg} to configure this entry.");
+	shellcmd_import_config();
+	write_config("[shellcmd] Restore of {$pkg} earlyshellcmd forced.");
+	/* Send the user back to settings */
+	header("Location: pkg.php?xml=shellcmd.xml");
+	exit;
 
 }
-    
 
-function shellcmd_install_command()
-{
 
+function shellcmd_sync_package() {
 	global $config;
 	conf_mount_rw();
-	shellcmd_sync_package();
-	conf_mount_ro();
+
+	$cmd = '';
+	$cmdtype = '';
+	$a_shellcmd = array();
+	$a_earlyshellcmd = array();
+	$a_shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config'];
+	if (!is_array($a_shellcmd_config)) {
+		$a_shellcmd_config = array();
+	}
+	$i = 0;
+	/* When shellcmd/earlyshellcmd is added to shellcmd package configuration, make sure */
+	/* we add corresponding shellcmd/earlyshellcmd entry to $config['system'] as well */
+	foreach ($a_shellcmd_config as $item) {
+		/* Get the command from package configuration here */
+		$cmd = $a_shellcmd_config[$i]['cmd'];
+		/* Lets see what type of command we are adding first... */
+		$cmdtype = $a_shellcmd_config[$i]['cmdtype'];
+		/* shellcmd */
+		if ($cmdtype == "shellcmd") {
+			$a_shellcmd[] = $cmd;
+			$i++;
+		/* earlyshellcmd */
+		} elseif ($cmdtype == "earlyshellcmd") {
+			$a_earlyshellcmd[] = $cmd;
+			$i++;
+		/* Should never happen; someone messing with config.xml manually?! */
+		} else {
+			return;
+			$i++;
+		}
+	}
+
+	/* Write the new system configuration to config.xml from scratch when done */
+	unset($config['system']['shellcmd']);
+	$config['system']['shellcmd'] = $a_shellcmd;
+	unset($config['system']['earlyshellcmd']);
+	$config['system']['earlyshellcmd'] = $a_earlyshellcmd;
+	write_config("[shellcmd] Successfully (re)synced shellcmd configuration.");
 
 }
 
 
-function shellcmd_deinstall_command()
-{
+function shellcmd_import_config() {
+	global $config;
 
-	conf_mount_rw();
-	$handle = popen("/usr/local/etc/rc.d/shellcmd.sh stop", "r");
-	//unlink_if_exists("/usr/local/etc/rc.d/shellcmd.sh");
-	conf_mount_ro();
+	/* Import earlyshellcmd entries which were either created by previous package versions, */
+	/* or manually, or added by some other package(s) (if there are any in config.xml) */
+	/* Two currently known special cases are handled here - System Patches and pfBlockerNG */
+	$shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config'];
+	if (!is_array($shellcmd_config)) {
+		$shellcmd_config = array();
+	}
+
+	$i = 0;
+	if (is_array($config['system']['earlyshellcmd'])) {
+		$earlyshellcmds = &$config['system']['earlyshellcmd'];
+		$pfbcmd = "/usr/local/pkg/pfblockerng/pfblockerng.sh";
+		$spcmd = "/usr/local/bin/php -f /usr/local/bin/apply_patches.php";
+		foreach ($earlyshellcmds as $earlyshellcmd) {
+			/* pfBlockerNG - function to restore archived aliastables on nanobsd (see pfblockerng.inc) */
+			if (stristr($earlyshellcmd, "{$pfbcmd}")) {
+				$shellcmd_config[$i]['cmd'] = $earlyshellcmd;
+				$shellcmd_config[$i]['cmdtype'] = "earlyshellcmd";
+				$shellcmd_config[$i]['description'] = "pfBlockerNG default earlyshellcmd. DO NOT EDIT/DELETE!";
+				$i++;
+			/* System Patches auto-apply patch feature (see patches.inc) */
+			} elseif (stristr($earlyshellcmd, "{$spcmd}")) {
+				$shellcmd_config[$i]['cmd'] = $earlyshellcmd;
+				$shellcmd_config[$i]['cmdtype'] = "earlyshellcmd";
+				$shellcmd_config[$i]['description'] = "System Patches default earlyshellcmd. DO NOT EDIT/DELETE!";
+				$i++;
+			/* Other manually added earlyshellcmd entries */
+			} else {
+				$shellcmd_config[$i]['cmd'] = $earlyshellcmd;
+				$shellcmd_config[$i]['cmdtype'] = "earlyshellcmd";
+				$shellcmd_config[$i]['description'] = "Imported earlyshellcmd ({$i})";
+				$i++;
+			}
+
+		}
+	}
+	/* Import shellcmd entries which were created manually (if there are any in config.xml) */
+	if (is_array($config['system']['shellcmd'])) {
+		$shellcmds = &$config['system']['shellcmd'];
+		foreach ($shellcmds as $shellcmd) {
+			$shellcmd_config[$i]['cmd'] = $shellcmd;
+			$shellcmd_config[$i]['cmdtype'] = "shellcmd";
+			$shellcmd_config[$i]['description'] = "Imported shellcmd ({$i})";
+			$i++;
+		}
+	}
+
+	/* Write the new config.xml when import is finished */
+	write_config("[shellcmd] Successfully imported package configuration from config.xml.");
+
+}
+
+function shellcmd_validate_input($post, &$input_errors) {
+	global $config;
+	$a_shellcmd = &$config['system']['shellcmd'];
+	if (!is_array($a_shellcmd)) {
+		$a_shellcmd = array();
+	}
+	$a_earlyshellcmd = &$config['system']['earlyshellcmd'];
+	if (!is_array($a_earlyshellcmd)) {
+		$a_earlyshellcmd = array();
+	}
+
+	/* Make sure we don't add the same command twice as it's just pointless */
+	if (($post['cmd']) != '') {
+		if ($post['cmdtype'] == "shellcmd") {
+			if (in_array($post['cmd'], $a_shellcmd)) {
+				$input_errors[] = "{$post['cmd']} already exists as shellcmd.";
+			}
+		}
+		if ($post['cmdtype'] == "earlyshellcmd") {
+			if (in_array($post['cmd'], $a_earlyshellcmd)) {
+				$input_errors[] = "{$post['cmd']} already exists as earlyshellcmd.";
+			}
+		}
+	}
 
 }
 
-- 
cgit v1.2.3


From f0064564bce1b9ab24807648c67ab61bec351539 Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Sat, 22 Aug 2015 17:00:07 +0200
Subject: shellcmd - add support for disabled items, fix to allow editing
 descriptions

---
 config/shellcmd/shellcmd.inc | 50 +++++++++++++++++++++++++++++++++++---------
 1 file changed, 40 insertions(+), 10 deletions(-)

(limited to 'config/shellcmd/shellcmd.inc')

diff --git a/config/shellcmd/shellcmd.inc b/config/shellcmd/shellcmd.inc
index ef81050d..1dc52a50 100644
--- a/config/shellcmd/shellcmd.inc
+++ b/config/shellcmd/shellcmd.inc
@@ -102,6 +102,7 @@ function shellcmd_delete_php_command() {
 	}
 }
 
+
 /* Force restore of protected (early)shellcmds from system config */
 function shellcmd_forced_restore($pkg) {
 	log_error("[shellcmd] Refused to delete {$pkg} earlyshellcmd. Use {$pkg} to configure this entry.");
@@ -142,9 +143,8 @@ function shellcmd_sync_package() {
 		} elseif ($cmdtype == "earlyshellcmd") {
 			$a_earlyshellcmd[] = $cmd;
 			$i++;
-		/* Should never happen; someone messing with config.xml manually?! */
+		/* Either disabled, or possibly someone messing with config.xml manually?! */
 		} else {
-			return;
 			$i++;
 		}
 	}
@@ -162,15 +162,30 @@ function shellcmd_sync_package() {
 function shellcmd_import_config() {
 	global $config;
 
-	/* Import earlyshellcmd entries which were either created by previous package versions, */
-	/* or manually, or added by some other package(s) (if there are any in config.xml) */
-	/* Two currently known special cases are handled here - System Patches and pfBlockerNG */
 	$shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config'];
 	if (!is_array($shellcmd_config)) {
 		$shellcmd_config = array();
 	}
 
 	$i = 0;
+
+	/* First, preserve any disabled items */
+	$a_shellcmd_config = &$shellcmd_config;
+	foreach ($a_shellcmd_config as $item => $value) {
+		$cmd = $value['cmd'];
+		$cmdtype = $value['cmdtype'];
+		$description = $value['description'];
+		if ($cmdtype == "disabled") {
+			$shellcmd_config[$i]['cmd'] = $cmd;
+			$shellcmd_config[$i]['cmdtype'] = "disabled";
+			$shellcmd_config[$i]['description'] = $description ?: "Imported disabled item ({$i})";
+			$i++;
+		}
+	}
+
+	/* Import earlyshellcmd entries which were either created by previous package versions, */
+	/* or manually, or added by some other package(s) (if there are any in config.xml) */
+	/* Two currently known special cases are handled here - System Patches and pfBlockerNG */
 	if (is_array($config['system']['earlyshellcmd'])) {
 		$earlyshellcmds = &$config['system']['earlyshellcmd'];
 		$pfbcmd = "/usr/local/pkg/pfblockerng/pfblockerng.sh";
@@ -192,7 +207,7 @@ function shellcmd_import_config() {
 			} else {
 				$shellcmd_config[$i]['cmd'] = $earlyshellcmd;
 				$shellcmd_config[$i]['cmdtype'] = "earlyshellcmd";
-				$shellcmd_config[$i]['description'] = "Imported earlyshellcmd ({$i})";
+				$shellcmd_config[$i]['description'] = $shellcmd_config[$i]['description'] ?: "Imported earlyshellcmd ({$i})";
 				$i++;
 			}
 
@@ -204,7 +219,7 @@ function shellcmd_import_config() {
 		foreach ($shellcmds as $shellcmd) {
 			$shellcmd_config[$i]['cmd'] = $shellcmd;
 			$shellcmd_config[$i]['cmdtype'] = "shellcmd";
-			$shellcmd_config[$i]['description'] = "Imported shellcmd ({$i})";
+			$shellcmd_config[$i]['description'] = $shellcmd_config[$i]['description'] ?: "Imported shellcmd ({$i})";
 			$i++;
 		}
 	}
@@ -224,17 +239,32 @@ function shellcmd_validate_input($post, &$input_errors) {
 	if (!is_array($a_earlyshellcmd)) {
 		$a_earlyshellcmd = array();
 	}
+	$a_shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config'];
+	if (!is_array($a_shellcmd_config)) {
+		$a_shellcmd_config = array();
+	}
 
 	/* Make sure we don't add the same command twice as it's just pointless */
-	if (($post['cmd']) != '') {
+	if (($post['cmd']) != '')  {
+		$id = $post['id'];
 		if ($post['cmdtype'] == "shellcmd") {
 			if (in_array($post['cmd'], $a_shellcmd)) {
-				$input_errors[] = "{$post['cmd']} already exists as shellcmd.";
+				/* Allow changing description */
+				if ((($post['cmd']) == $a_shellcmd_config[$id]['cmd']) && (($post['cmdtype']) == $a_shellcmd_config[$id]['cmdtype'])) {
+					return;
+				} else {
+					$input_errors[] = "{$post['cmd']} already exists as shellcmd.";
+				}
 			}
 		}
 		if ($post['cmdtype'] == "earlyshellcmd") {
 			if (in_array($post['cmd'], $a_earlyshellcmd)) {
-				$input_errors[] = "{$post['cmd']} already exists as earlyshellcmd.";
+				/* Allow changing description */
+				if ((($post['cmd']) == $a_shellcmd_config[$id]['cmd']) && (($post['cmdtype']) == $a_shellcmd_config[$id]['cmdtype'])) {
+					return;
+				} else {
+					$input_errors[] = "{$post['cmd']} already exists as earlyshellcmd.";
+				}
 			}
 		}
 	}
-- 
cgit v1.2.3


From 4424d5f6afb3319c50def0262427c7030cb94ab1 Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Sat, 22 Aug 2015 22:48:59 +0200
Subject: shellcmd - add support for afterfilterchangeshellcmd

Since it apparently still works and some users need it. Like https://forum.pfsense.org/index.php?topic=65004.msg353454#msg353454
---
 config/shellcmd/shellcmd.inc | 39 ++++++++++++++++++++++++++++++++++++---
 1 file changed, 36 insertions(+), 3 deletions(-)

(limited to 'config/shellcmd/shellcmd.inc')

diff --git a/config/shellcmd/shellcmd.inc b/config/shellcmd/shellcmd.inc
index 1dc52a50..8135bae8 100644
--- a/config/shellcmd/shellcmd.inc
+++ b/config/shellcmd/shellcmd.inc
@@ -123,13 +123,16 @@ function shellcmd_sync_package() {
 	$cmdtype = '';
 	$a_shellcmd = array();
 	$a_earlyshellcmd = array();
+	/* afterfilterchangeshellcmd is NOT treated as an array, it's a string! */
+	/* See /etc/inc/xmlparse.inc and /etc/inc/xmlreader.inc */
+	$afterfilterchangeshellcmd = '';
 	$a_shellcmd_config = &$config['installedpackages']['shellcmdsettings']['config'];
 	if (!is_array($a_shellcmd_config)) {
 		$a_shellcmd_config = array();
 	}
 	$i = 0;
-	/* When shellcmd/earlyshellcmd is added to shellcmd package configuration, make sure */
-	/* we add corresponding shellcmd/earlyshellcmd entry to $config['system'] as well */
+	/* When an item is added to shellcmd package configuration, make sure */
+	/* we add corresponding entry to $config['system'] as well */
 	foreach ($a_shellcmd_config as $item) {
 		/* Get the command from package configuration here */
 		$cmd = $a_shellcmd_config[$i]['cmd'];
@@ -143,6 +146,10 @@ function shellcmd_sync_package() {
 		} elseif ($cmdtype == "earlyshellcmd") {
 			$a_earlyshellcmd[] = $cmd;
 			$i++;
+		/* afterfilterchangeshellcmd */
+		} elseif ($cmdtype == "afterfilterchangeshellcmd") {
+			$afterfilterchangeshellcmd = $cmd;
+			$i++;
 		/* Either disabled, or possibly someone messing with config.xml manually?! */
 		} else {
 			$i++;
@@ -154,6 +161,8 @@ function shellcmd_sync_package() {
 	$config['system']['shellcmd'] = $a_shellcmd;
 	unset($config['system']['earlyshellcmd']);
 	$config['system']['earlyshellcmd'] = $a_earlyshellcmd;
+	unset($config['system']['afterfilterchangeshellcmd']);
+	$config['system']['afterfilterchangeshellcmd'] = $afterfilterchangeshellcmd;
 	write_config("[shellcmd] Successfully (re)synced shellcmd configuration.");
 
 }
@@ -224,6 +233,15 @@ function shellcmd_import_config() {
 		}
 	}
 
+	/* Import afterfilterchangeshellcmd entry which was created manually (if there is any in config.xml) */
+	/* afterfilterchangeshellcmd is NOT treated as an array, it's a string! See /etc/inc/xmlparse.inc and /etc/inc/xmlreader.inc */
+	if ($config['system']['afterfilterchangeshellcmd'] != '') {
+		$shellcmd_config[$i]['cmd'] = $config['system']['afterfilterchangeshellcmd'];
+		$shellcmd_config[$i]['cmdtype'] = "afterfilterchangeshellcmd";
+		$shellcmd_config[$i]['description'] = $shellcmd_config[$i]['description'] ?: "Imported afterfilterchangeshellcmd";
+		$i++;
+	}
+
 	/* Write the new config.xml when import is finished */
 	write_config("[shellcmd] Successfully imported package configuration from config.xml.");
 
@@ -243,9 +261,11 @@ function shellcmd_validate_input($post, &$input_errors) {
 	if (!is_array($a_shellcmd_config)) {
 		$a_shellcmd_config = array();
 	}
+	/* afterfilterchangeshellcmd is NOT an array */
+	$afterfilterchangeshellcmd = $config['system']['afterfilterchangeshellcmd'];
 
 	/* Make sure we don't add the same command twice as it's just pointless */
-	if (($post['cmd']) != '')  {
+	if (($post['cmd']) != '') {
 		$id = $post['id'];
 		if ($post['cmdtype'] == "shellcmd") {
 			if (in_array($post['cmd'], $a_shellcmd)) {
@@ -267,6 +287,19 @@ function shellcmd_validate_input($post, &$input_errors) {
 				}
 			}
 		}
+		/* Only ONE item of this type may be configured */
+		if ($post['cmdtype'] == "afterfilterchangeshellcmd") {
+			// Not yet configured, OK
+			if ($afterfilterchangeshellcmd == '') {
+				return;
+			// Allow changing description
+			} elseif ((($post['cmd']) == $a_shellcmd_config[$id]['cmd']) && (($post['cmdtype']) == $a_shellcmd_config[$id]['cmdtype'])) {
+				return;
+			// Tired of input validation... Needs something better in future.
+			} else {
+				$input_errors[] = "Only ONE afterfilterchangeshellcmd may be configured! Delete the existing entry and try again!";
+			}
+		}
 	}
 
 }
-- 
cgit v1.2.3


From 3719585d678bf74e55559f724c4490852bcd6984 Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Tue, 25 Aug 2015 08:09:08 +0200
Subject: remove useless remount calls

These are dealt with by install_package() from pkg-utils.inc.
---
 config/shellcmd/shellcmd.inc | 2 --
 1 file changed, 2 deletions(-)

(limited to 'config/shellcmd/shellcmd.inc')

diff --git a/config/shellcmd/shellcmd.inc b/config/shellcmd/shellcmd.inc
index 8135bae8..113b645c 100644
--- a/config/shellcmd/shellcmd.inc
+++ b/config/shellcmd/shellcmd.inc
@@ -29,7 +29,6 @@
 */
 function shellcmd_install_command() {
 	global $config;
-	conf_mount_rw();
 
 	/* Remove garbage left over by previous broken package versions */
 	unlink_if_exists("/usr/local/etc/rc.d/shellcmd.sh");
@@ -39,7 +38,6 @@ function shellcmd_install_command() {
 
 	shellcmd_import_config();
 	shellcmd_sync_package();
-	conf_mount_ro();
 
 }
 
-- 
cgit v1.2.3