From 23fa05a572d0f6af96b578d3cf4f4955f3268903 Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Wed, 2 Dec 2015 12:47:13 +0100
Subject: Add privileges configuration to quagga_ospfd package

---
 config/quagga_ospfd/quagga_ospfd.xml | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'config')

diff --git a/config/quagga_ospfd/quagga_ospfd.xml b/config/quagga_ospfd/quagga_ospfd.xml
index 860c298b..a696bd81 100644
--- a/config/quagga_ospfd/quagga_ospfd.xml
+++ b/config/quagga_ospfd/quagga_ospfd.xml
@@ -42,7 +42,7 @@
 	]]>
 	</copyright>
 	<name>quagga_ospfd</name>
-	<version>0.6.8</version>
+	<version>0.6.9</version>
 	<title>Services: Quagga OSPFd</title>
 	<include_file>/usr/local/pkg/quagga_ospfd.inc</include_file>
 	<aftersaveredirect>pkg_edit.php?xml=quagga_ospfd.xml&amp;id=0</aftersaveredirect>
@@ -50,6 +50,10 @@
 		<prefix>/usr/local/pkg/</prefix>
 		<item>https://packages.pfsense.org/packages/config/quagga_ospfd/quagga_ospfd.inc</item>
 	</additional_files_needed>
+	<additional_files_needed>
+		<prefix>/etc/inc/priv/</prefix>
+		<item>https://packages.pfsense.org/packages/config/quagga_ospfd/quagga_ospfd.priv.inc</item>
+	</additional_files_needed>
 	<additional_files_needed>
 		<prefix>/usr/local/pkg/</prefix>
 		<item>https://packages.pfsense.org/packages/config/quagga_ospfd/quagga_ospfd_interfaces.xml</item>
@@ -69,7 +73,6 @@
 	</additional_files_needed>
 	<menu>
 		<name>Quagga OSPFd</name>
-		<tooltiptext>Modify Quagga ospfd settings.</tooltiptext>
 		<section>Services</section>
 		<configfile>quagga_ospfd.xml</configfile>
 		<url>/pkg_edit.php?xml=quagga_ospfd.xml&amp;id=0</url>
-- 
cgit v1.2.3


From a3e2b5ce07e77b02936f5f62a665d98a8eed4121 Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Wed, 2 Dec 2015 12:49:12 +0100
Subject: Add privileges configuration to quagga_ospfd package

---
 config/quagga_ospfd/quagga_ospfd.priv.inc | 50 +++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)
 create mode 100644 config/quagga_ospfd/quagga_ospfd.priv.inc

(limited to 'config')

diff --git a/config/quagga_ospfd/quagga_ospfd.priv.inc b/config/quagga_ospfd/quagga_ospfd.priv.inc
new file mode 100644
index 00000000..96053ec2
--- /dev/null
+++ b/config/quagga_ospfd/quagga_ospfd.priv.inc
@@ -0,0 +1,50 @@
+<?php
+/*
+	quagga_ospfd.priv.inc
+	part of pfSense (http://www.pfSense.org/)
+	Copyright (C) 2015 ESF, LLC
+	All rights reserved.
+
+	Redistribution and use in source and binary forms, with or without
+	modification, are permitted provided that the following conditions are met:
+
+	1. Redistributions of source code must retain the above copyright notice,
+	   this list of conditions and the following disclaimer.
+
+	2. Redistributions in binary form must reproduce the above copyright
+	   notice, this list of conditions and the following disclaimer in the
+	   documentation and/or other materials provided with the distribution.
+
+	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+	POSSIBILITY OF SUCH DAMAGE.
+*/
+global $priv_list;
+
+$priv_list['page-services-quagga'] = array();
+$priv_list['page-services-quagga']['name'] = "WebCfg - Services: Quagga OSPFd package";
+$priv_list['page-services-quagga']['descr'] = "Allow access to Quagga OSPFd package GUI";
+
+$priv_list['page-services-quagga']['match'] = array();
+$priv_list['page-services-quagga']['match'][] = "pkg.php?xml=quagga_ospfd.xml*";
+$priv_list['page-services-quagga']['match'][] = "pkg.php?xml=quagga_ospfd_interfaces.xml*";
+$priv_list['page-services-quagga']['match'][] = "pkg.php?xml=quagga_ospfd_raw.xml*";
+$priv_list['page-services-quagga']['match'][] = "pkg.php?xml=bind_views.xml*";
+$priv_list['page-services-quagga']['match'][] = "pkg.php?xml=bind_zones.xml*";
+
+$priv_list['page-services-quagga']['match'][] = "pkg_edit.php?xml=quagga_ospfd.xml*";
+$priv_list['page-services-quagga']['match'][] = "pkg_edit.php?xml=quagga_ospfd_interfaces.xml*";
+$priv_list['page-services-quagga']['match'][] = "pkg_edit.php?xml=quagga_ospfd_raw.xml*";
+$priv_list['page-services-quagga']['match'][] = "pkg_edit.php?xml=bind_views.xml*";
+$priv_list['page-services-quagga']['match'][] = "pkg_edit.php?xml=bind_zones.xml*";
+
+$priv_list['page-services-quagga']['match'][] = "status_ospfd.php*";
+
+?>
-- 
cgit v1.2.3


From 9974cc8852285f582d5e1f777a111884451e9e0c Mon Sep 17 00:00:00 2001
From: doktornotor <notordoktor@gmail.com>
Date: Wed, 2 Dec 2015 12:53:19 +0100
Subject: Add missing includes, fix var declarations, full paths to binaries,
 code style

---
 config/quagga_ospfd/quagga_ospfd.inc | 49 +++++++++++++++++++-----------------
 1 file changed, 26 insertions(+), 23 deletions(-)

(limited to 'config')

diff --git a/config/quagga_ospfd/quagga_ospfd.inc b/config/quagga_ospfd/quagga_ospfd.inc
index 34900e76..27f08143 100644
--- a/config/quagga_ospfd/quagga_ospfd.inc
+++ b/config/quagga_ospfd/quagga_ospfd.inc
@@ -30,10 +30,13 @@
 */
 require_once("config.inc");
 require_once("functions.inc");
+require_once("interfaces.inc");
 require_once("service-utils.inc");
+require_once("util.inc");
 
 define('PKG_QUAGGA_CONFIG_BASE', '/var/etc/quagga');
 
+global $pkg_login, $pkg_uid, $pkg_group, $pkg_gid, $pkg_gecos, $pkg_homedir, $pkg_shell;
 $pkg_login	= "quagga";
 $pkg_uid	= "101";
 $pkg_group	= "quagga";
@@ -68,7 +71,7 @@ function quagga_ospfd_get_interfaces() {
 }
 
 function quagga_ospfd_install_conf() {
-	global $config, $g, $input_errors, $pkg_login, $pkg_uid, $pkg_group, $pkg_gid, $pkg_gecos, $pkg_homedir, $pkg_shell;
+	global $config, $pkg_login, $pkg_uid, $pkg_group, $pkg_gid, $pkg_gecos, $pkg_homedir, $pkg_shell;
 
 	conf_mount_rw();
 	// Since we need to embed this in a string, copy to a var. Can't embed constnats.
@@ -77,7 +80,7 @@ function quagga_ospfd_install_conf() {
 	$noaccept = "";
 
 	// generate ospfd.conf based on the assistant
-	if(is_array($config['installedpackages']['quaggaospfd']['config'])) {
+	if (is_array($config['installedpackages']['quaggaospfd']['config'])) {
 		$ospfd_conf = &$config['installedpackages']['quaggaospfd']['config'][0];
 	} else {
 		log_error("Quagga OSPFd: No config data found.");
@@ -91,7 +94,7 @@ function quagga_ospfd_install_conf() {
 	} else {
 		$conffile = "# This file was created by the pfSense package manager.  Do not edit!\n\n";
 
-		if($ospfd_conf['password']) {
+		if ($ospfd_conf['password']) {
 			$conffile .= "password {$ospfd_conf['password']}\n";
 		}
 		if ($ospfd_conf['logging']) {
@@ -250,10 +253,10 @@ function quagga_ospfd_install_conf() {
 	if (isset($config['installedpackages']['quaggaospfdraw']['config'][0]['zebra'])
 	    && !empty($config['installedpackages']['quaggaospfdraw']['config'][0]['zebra'])) {
 		// if there is a raw config specifyed in tthe config.xml use that instead of the assisted config
-		$zebraconffile = str_replace("\r","",base64_decode($config['installedpackages']['quaggaospfdraw']['config'][0]['zebra']));
+		$zebraconffile = str_replace("\r", "", base64_decode($config['installedpackages']['quaggaospfdraw']['config'][0]['zebra']));
 	} else {
 		$zebraconffile = "# This file was created by the pfSense package manager.  Do not edit!\n\n";
-		if($ospfd_conf['password']) {
+		if ($ospfd_conf['password']) {
 			$zebraconffile .= "password {$ospfd_conf['password']}\n";
 		}
 		if ($ospfd_conf['logging']) {
@@ -315,24 +318,24 @@ EOF;
 	// Create rc.d file
 	$rc_file_stop = <<<EOF
 if [ -e /var/run/quagga/zebra.pid ]; then
-	kill -9 `cat /var/run/quagga/zebra.pid`
-	rm -f /var/run/quagga/zebra.pid
+	/bin/kill -9 `/bin/cat /var/run/quagga/zebra.pid`
+	/bin/rm -f /var/run/quagga/zebra.pid
 fi
 if [ -e /var/run/quagga/ospfd.pid ]; then
-	kill -9 `cat /var/run/quagga/ospfd.pid`
-	rm -f /var/run/quagga/ospfd.pid
+	/bin/kill -9 `/bin/cat /var/run/quagga/ospfd.pid`
+	/bin/rm -f /var/run/quagga/ospfd.pid
 fi
 EOF;
 	$rc_file_start = <<<EOF
 /bin/mkdir -p /var/run/quagga
 /bin/mkdir -p /var/log/quagga
-rm -f /var/run/quagga/zebra.pid
-rm -f /var/run/quagga/ospfd.pid
+/bin/rm -f /var/run/quagga/zebra.pid
+/bin/rm -f /var/run/quagga/ospfd.pid
 
-if [ `pw groupshow {$pkg_group} 2>&1 | grep -c "pw: unknown group"` -gt 0 ]; then
+if [ `/usr/sbin/pw groupshow {$pkg_group} 2>&1 | /usr/bin/grep -c "pw: unknown group"` -gt 0 ]; then
 	/usr/sbin/pw groupadd {$pkg_group} -g {$pkg_gid}
 fi
-if [ `pw usershow {$pkg_login} 2>&1 | grep -c "pw: no such user"` -gt 0 ]; then
+if [ `/usr/sbin/pw usershow {$pkg_login} 2>&1 | /usr/bin/grep -c "pw: no such user"` -gt 0 ]; then
 	/usr/sbin/pw useradd {$pkg_login} -u {$pkg_uid} -g {$pkg_gid} -c "{$pkg_gecos}" -d {$pkg_homedir} -s {$pkg_shell}
 fi
 
@@ -340,8 +343,8 @@ fi
 /usr/sbin/chown -R quagga:quagga /var/run/quagga
 /usr/sbin/chown -R quagga:quagga /var/log/quagga
 # Ensure no other copies of the daemons are running or it breaks.
-killall -9 zebra 2>/dev/null
-killall -9 ospfd 2>/dev/null
+/usr/bin/killall -9 zebra 2>/dev/null
+/usr/bin/killall -9 ospfd 2>/dev/null
 sleep 1
 {$carp_ip_status_check}
 /usr/local/sbin/zebra -d -f {$quagga_config_base}/zebra.conf
@@ -355,9 +358,9 @@ EOF;
 	);
 
 	// Ensure files have correct permissions
-	exec("chmod a+rx /usr/local/etc/rc.d/quagga.sh");
-	exec("chmod u+rw,go-rw {$quagga_config_base}/ospfd.conf");
-	exec("chmod u+rw,go-rw {$quagga_config_base}/zebra.conf");
+	mwexec("/bin/chmod a+rx /usr/local/etc/rc.d/quagga.sh");
+	mwexec("/bin/chmod u+rw,go-rw {$quagga_config_base}/ospfd.conf");
+	mwexec("/bin/chmod u+rw,go-rw {$quagga_config_base}/zebra.conf");
 
 	// Kick off newly created rc.d script
 	if (is_ipaddr($ospfd_conf['carpstatusip'])) {
@@ -366,17 +369,17 @@ EOF;
 			// Stop the service if the VIP is in BACKUP or INIT state.
 			case "BACKUP":
 			case "INIT":
-				exec("/usr/local/etc/rc.d/quagga.sh stop");
+				mwexec("/usr/local/etc/rc.d/quagga.sh stop");
 				break;
 			// Start the service if the VIP is MASTER state.
 			case "MASTER":
 			// Assume it's up if the status can't be determined.
 			default:
-				exec("/usr/local/etc/rc.d/quagga.sh restart");
+				mwexec("/usr/local/etc/rc.d/quagga.sh restart");
 				break;
 		}
 	} else {
-		exec("/usr/local/etc/rc.d/quagga.sh restart");
+		mwexec("/usr/local/etc/rc.d/quagga.sh restart");
 	}
 
 	// Back to RO mount for NanoBSD and friends
@@ -384,7 +387,7 @@ EOF;
 }
 
 function quagga_ospfd_validate_interface() {
-	global $config, $g, $id, $input_errors;
+	global $config, $id, $input_errors;
 
 	if ($config['installedpackages']['quaggaospfdinterfaces']['config']) {
 		foreach ($config['installedpackages']['quaggaospfdinterfaces']['config'] as $index => $conf) {
@@ -402,7 +405,7 @@ function quagga_ospfd_validate_interface() {
 }
 
 function quagga_ospfd_validate_input() {
-	global $config, $g, $input_errors;
+	global $config, $input_errors;
 
 	if ($_POST['password'] <> "" && (strpos($_POST['password'], "'") !== false)) {
 		$input_errors[] = "Password cannot contain a single quote (')";
-- 
cgit v1.2.3