From 31564b356d8caf82cf2a45e97bb4c998619944af Mon Sep 17 00:00:00 2001 From: doktornotor Date: Sun, 23 Aug 2015 10:45:23 +0200 Subject: autoconfigbackup.- code style fixes - Update copyright header - Code style and whitespace fixes - Use platform_booting() - Replace backticks with shell_exec() --- config/autoconfigbackup/autoconfigbackup.inc | 292 ++++++++++++++------------- 1 file changed, 152 insertions(+), 140 deletions(-) (limited to 'config') diff --git a/config/autoconfigbackup/autoconfigbackup.inc b/config/autoconfigbackup/autoconfigbackup.inc index 7050aab6..dc69ab62 100644 --- a/config/autoconfigbackup/autoconfigbackup.inc +++ b/config/autoconfigbackup/autoconfigbackup.inc @@ -1,69 +1,74 @@ $post['passwordagain']) + if ($post['password'] <> $post['passwordagain']) { $input_errors[] = "Sorry, the entered portal.pfsense.org passwords do not match."; + } - if($post['crypto_password'] <> $post['crypto_password2']) + if ($post['crypto_password'] <> $post['crypto_password2']) { $input_errors[] = "Sorry, the entered encryption passwords do not match."; + } - if($post['testconnection']) { + if ($post['testconnection']) { $status = test_connection($post); - if($status) + if ($status) { $savemsg = "Connection to portal.pfsense.org was tested with no errors."; + } } - + // We do not need to store this value. unset($_POST['testconnection']); } @@ -73,8 +78,9 @@ function configure_proxy() { $ret = array(); if (!empty($config['system']['proxyurl'])) { $ret[CURLOPT_PROXY] = $config['system']['proxyurl']; - if (!empty($config['system']['proxyport'])) + if (!empty($config['system']['proxyport'])) { $ret[CURLOPT_PROXYPORT] = $config['system']['proxyport']; + } if (!empty($config['system']['proxyuser']) && !empty($config['system']['proxypass'])) { $ret[CURLOPT_PROXYAUTH] = CURLAUTH_ANY | CURLAUTH_ANYSAFE; $ret[CURLOPT_PROXYUSERPWD] = "{$config['system']['proxyuser']}:{$config['system']['proxypass']}"; @@ -86,27 +92,28 @@ function configure_proxy() { function test_connection($post) { global $savemsg, $config, $g; - /* do nothing when booting */ - if($g['booting']) + // Do nothing when booting + if (platform_booting()) { return; + } // Seperator used during client / server communications - $oper_sep = "\|\|"; + $oper_sep = "\|\|"; // Encryption password - $decrypt_password = $post['crypto_password']; + $decrypt_password = $post['crypto_password']; // Defined username - $username = $post['username']; + $username = $post['username']; // Defined password - $password = $post['password']; + $password = $post['password']; // Set hostname - $hostname = $config['system']['hostname'] . "." . $config['system']['domain']; + $hostname = $config['system']['hostname'] . "." . $config['system']['domain']; // URL to restore.php - $get_url = "https://portal.pfsense.org/pfSconfigbackups/restore.php"; + $get_url = "https://portal.pfsense.org/pfSconfigbackups/restore.php"; // Populate available backups $curl_session = curl_init(); @@ -124,29 +131,30 @@ function test_connection($post) { curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=showbackups&hostname={$hostname}"); $data = curl_exec($curl_session); - if (curl_errno($curl_session)) + if (curl_errno($curl_session)) { return("An error occurred " . curl_error($curl_session)); - else + } else { curl_close($curl_session); - + } return; } function upload_config($reasonm = "") { global $config, $g, $input_errors; - /* do nothing when booting */ - if($g['booting']) + // Do nothing when booting + if (platform_booting()) { return; + } /* - * pfSense upload config to pfSense.org script - * This file plugs into config.inc (/usr/local/pkg/parse_config) - * and runs every time the running firewall filter changes. - * + * pfSense upload config to pfSense.org script + * This file plugs into config.inc (/usr/local/pkg/parse_config) + * and runs every time the running firewall filter changes. + * */ - - if(file_exists("/tmp/acb_nooverwrite")) { + + if (file_exists("/tmp/acb_nooverwrite")) { unlink("/tmp/acb_nooverwrite"); $nooverwrite = "true"; } else { @@ -154,28 +162,30 @@ function upload_config($reasonm = "") { } // Define some needed variables - if(file_exists("/cf/conf/lastpfSbackup.txt")) + if (file_exists("/cf/conf/lastpfSbackup.txt")) { $last_backup_date = str_replace("\n", "", file_get_contents("/cf/conf/lastpfSbackup.txt")); - else + } else { $last_backup_date = ""; + } $last_config_change = $config['revision']['time']; - $hostname = $config['system']['hostname'] . "." . $config['system']['domain']; - if($reasonm) + $hostname = $config['system']['hostname'] . "." . $config['system']['domain']; + if ($reasonm) { $reason = $reasonm; - else - $reason = $config['revision']['description']; - $username = $config['installedpackages']['autoconfigbackup']['config'][0]['username']; - $password = $config['installedpackages']['autoconfigbackup']['config'][0]['password']; - $encryptpw = $config['installedpackages']['autoconfigbackup']['config'][0]['crypto_password']; + } else { + $reason = $config['revision']['description']; + } + $username = $config['installedpackages']['autoconfigbackup']['config'][0]['username']; + $password = $config['installedpackages']['autoconfigbackup']['config'][0]['password']; + $encryptpw = $config['installedpackages']['autoconfigbackup']['config'][0]['crypto_password']; // Define upload_url, must be present after other variable definitions due to username, password $upload_url = "https://portal.pfsense.org/pfSconfigbackups/backup.php"; - if(!$username or !$password or !$encryptpw) { - if(!file_exists("/cf/conf/autoconfigback.notice")) { - $notice_text = "Either the username, password or encryption password is not set for Automatic Configuration Backup. "; - $notice_text .= "Please correct this in Diagnostics -> AutoConfigBackup -> Settings."; + if (!$username or !$password or !$encryptpw) { + if (!file_exists("/cf/conf/autoconfigback.notice")) { + $notice_text = "Either the username, password or encryption password is not set for Automatic Configuration Backup."; + $notice_text .= " Please correct this in Diagnostics -> AutoConfigBackup -> Settings."; //log_error($notice_text); //file_notice("AutoConfigBackup", $notice_text, $notice_text, ""); conf_mount_rw(); @@ -184,81 +194,83 @@ function upload_config($reasonm = "") { } } else { /* If configuration has changed, upload to pfS */ - if($last_backup_date <> $last_config_change) { + if ($last_backup_date <> $last_config_change) { - // Mount RW (if needed) - conf_mount_rw(); + // Mount RW (if needed) + conf_mount_rw(); - $notice_text = "Beginning https://portal.pfsense.org configuration backup."; + $notice_text = "Beginning https://portal.pfsense.org configuration backup."; + log_error($notice_text); + update_filter_reload_status($notice_text); + + // Encrypt config.xml + $data = file_get_contents("/cf/conf/config.xml"); + $raw_config_sha256_hash = trim(shell_exec("/sbin/sha256 /cf/conf/config.xml | /usr/bin/awk '{ print $4 }'")); + $data = encrypt_data($data, $encryptpw); + tagfile_reformat($data, $data, "config.xml"); + + $post_fields = array( + 'reason' => urlencode((string)$reason), + 'hostname' => urlencode($hostname), + 'configxml' => urlencode($data), + 'nooverwrite' => urlencode($nooverwrite), + 'raw_config_sha256_hash' => urlencode($raw_config_sha256_hash) + ); + + // URL-ify the data for the POST + foreach ($post_fields as $key=>$value) { + $fields_string .= $key . '=' . $value . '&'; + } + rtrim($fields_string,'&'); + + // Check configuration into the ESF repo + $curl_session = curl_init(); + curl_setopt($curl_session, CURLOPT_URL, $upload_url); + curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}"))); + curl_setopt($curl_session, CURLOPT_POST, count($post_fields)); + curl_setopt($curl_session, CURLOPT_POSTFIELDS, $fields_string); + curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + curl_setopt($curl_session, CURLOPT_CONNECTTIMEOUT, 55); + curl_setopt($curl_session, CURLOPT_TIMEOUT, 30); + curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + // Proxy + curl_setopt_array($curl_session, configure_proxy()); + + $data = curl_exec($curl_session); + if (curl_errno($curl_session)) { + $fd = fopen("/tmp/backupdebug.txt", "w"); + fwrite($fd, $upload_url . "" . $fields_string . "\n\n"); + fwrite($fd, $data); + fwrite($fd, curl_error($curl_session)); + fclose($fd); + } else { + curl_close($curl_session); + } + + if (!strstr($data, "500")) { + $notice_text = "An error occurred while uploading your pfSense configuration to portal.pfsense.org"; + log_error($notice_text . " - " . $data); + file_notice("autoconfigurationbackup", $notice_text, $data, ""); + update_filter_reload_status($notice_text . " - " . $data); + } else { + // Update last pfS backup time + $fd = fopen("/cf/conf/lastpfSbackup.txt", "w"); + fwrite($fd, $config['revision']['time']); + fclose($fd); + $notice_text = "End of portal.pfsense.org configuration backup (success)."; log_error($notice_text); update_filter_reload_status($notice_text); + } - // Encrypt config.xml - $data = file_get_contents("/cf/conf/config.xml"); - $raw_config_sha256_hash = trim(`/sbin/sha256 /cf/conf/config.xml | awk '{ print $4 }'`); - $data = encrypt_data($data, $encryptpw); - tagfile_reformat($data, $data, "config.xml"); - - $post_fields = array( - 'reason' => urlencode((string)$reason), - 'hostname' => urlencode($hostname), - 'configxml' => urlencode($data), - 'nooverwrite' => urlencode($nooverwrite), - 'raw_config_sha256_hash' => urlencode($raw_config_sha256_hash) - ); - - //url-ify the data for the POST - foreach($post_fields as $key=>$value) - $fields_string .= $key.'='.$value.'&'; - rtrim($fields_string,'&'); - - // Check configuration into the ESF repo - $curl_session = curl_init(); - curl_setopt($curl_session, CURLOPT_URL, $upload_url); - curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}"))); - curl_setopt($curl_session, CURLOPT_POST, count($post_fields)); - curl_setopt($curl_session, CURLOPT_POSTFIELDS, $fields_string); - curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); - curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); - curl_setopt($curl_session, CURLOPT_CONNECTTIMEOUT, 55); - curl_setopt($curl_session, CURLOPT_TIMEOUT, 30); - curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); - // Proxy - curl_setopt_array($curl_session, configure_proxy()); - - $data = curl_exec($curl_session); - if (curl_errno($curl_session)) { - $fd = fopen("/tmp/backupdebug.txt", "w"); - fwrite($fd, $upload_url . "" . $fields_string . "\n\n"); - fwrite($fd, $data); - fwrite($fd, curl_error($curl_session)); - fclose($fd); - } else { - curl_close($curl_session); - } - - if(!strstr($data, "500")) { - $notice_text = "An error occurred while uploading your pfSense configuration to portal.pfsense.org"; - log_error($notice_text . " - " . $data); - file_notice("autoconfigurationbackup", $notice_text, $data, ""); - update_filter_reload_status($notice_text . " - " . $data); - } else { - // Update last pfS backup time - $fd = fopen("/cf/conf/lastpfSbackup.txt", "w"); - fwrite($fd, $config['revision']['time']); - fclose($fd); - $notice_text = "End of portal.pfsense.org configuration backup (success)."; - log_error($notice_text); - update_filter_reload_status($notice_text); - } - - // Mount image RO (if needed) - conf_mount_ro(); + // Mount image RO (if needed) + conf_mount_ro(); } else { - // debugging + // Debugging //log_error("No https://portal.pfsense.org backup required."); } - } + } } +?> -- cgit v1.2.3