/cf/conf/lastpfSbackup.txt"); filter_configure_sync(); print_info_box($savemsg); $donotshowheader=true; } if($_REQUEST['savemsg']) $savemsg = htmlentities($_REQUEST['savemsg']); if($_REQUEST['download']) { // Phone home and obtain backups $curl_session = curl_init(); curl_setopt($curl_session, CURLOPT_URL, $get_url); curl_setopt($curl_session, CURLOPT_POST, 3); curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=restore" . "&hostname=" . urlencode($hostname) . "&revision=" . urlencode($_REQUEST['download'])); $data = curl_exec($curl_session); if (!tagfile_deformat($data, $data1, "config.xml")) $input_errors[] = "The downloaded file does not appear to contain an encrypted pfSense configuration."; if ($input_errors) print_input_errors($input_errors); else echo "
{$data}"; exit; } if($_REQUEST['newver'] != "") { // Phone home and obtain backups $curl_session = curl_init(); curl_setopt($curl_session, CURLOPT_URL, $get_url); curl_setopt($curl_session, CURLOPT_POST, 3); curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=restore" . "&hostname=" . urlencode($hostname) . "&revision=" . urlencode($_REQUEST['newver'])); $data = curl_exec($curl_session); if (!tagfile_deformat($data, $data, "config.xml")) $input_errors[] = "The downloaded file does not appear to contain an encrypted pfSense configuration."; $data_split = split("++++", $data); $sha256 = $data_split[0]; // sha256 $data = decrypt_data($data_split[1], $decrypt_password); $fd = fopen("/tmp/config_restore.xml", "w"); fwrite($fd, $data); fclose($fd); if(count($data) < 50) $input_errors[] = "The decrypted config.xml is under 50 characters, something went wrong. Aborting."; $ondisksha256 = trim(`/sbin/sha256 /tmp/config_restore.xml | awk '{ print $4 }'`); if($sha256 != "0" || $sha256 != "") // we might not have a sha256 on file for older backups if($ondisksha256 <> $sha256) $input_errors[] = "SHA256 does not match, cannot restore. ({$sha256}) - ({$ondisksha256})"; if (curl_errno($curl_session)) { /* If an error occured, log the error in /tmp/ */ $fd = fopen("/tmp/backupdebug.txt", "w"); fwrite($fd, $get_url . "" . "action=restore&hostname={$hostname}&revision=" . urlencode($_REQUEST['newver']) . "\n\n"); fwrite($fd, $data); fwrite($fd, curl_error($curl_session)); fclose($fd); } else { curl_close($curl_session); } if(!$input_errors && $data) { if(config_restore("/tmp/config_restore.xml") == 0) { $savemsg = "Successfully reverted the pfSense configuration to timestamp " . urldecode($_REQUEST['newver']) . "."; $savemsg .= <<