From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty
---
server/lib/classes/system.inc.php | 254 ++++++++++++++++++++++++++++++++++++++++++++++----
1 files changed, 232 insertions(+), 22 deletions(-)
diff --git a/server/lib/classes/system.inc.php b/server/lib/classes/system.inc.php
index 9b7d994..739e822 100644
--- a/server/lib/classes/system.inc.php
+++ b/server/lib/classes/system.inc.php
@@ -34,7 +34,9 @@
var $server_id;
var $server_conf;
var $data;
-
+ var $min_uid = 500;
+ var $min_gid = 500;
+
/**
* Construct for this class
*
@@ -899,7 +901,7 @@
//* We allow only some characters in the path
// * is allowed, for example it is part of wildcard certificates/keys: *.example.com.crt
- if(!preg_match('@^/[-a-zA-Z0-9_/.*~]{1,}$@', $path)) return false;
+ if(!preg_match('@^/[-a-zA-Z0-9_/.*]{1,}[~]?$@', $path)) return false;
//* Check path for symlinks
$path_parts = explode('/', $path);
@@ -913,6 +915,38 @@
}
+ /**
+ * This function checks the free space for a given directory
+ * @param path check path
+ * @param limit min. free space in bytes
+ * @return bool - true when the the free space is above limit ohterwise false, opt. available disk-space
+ */
+
+ function check_free_space($path, $limit = 0, &$free_space = 0) {
+ $path = rtrim($path, '/');
+
+ /**
+ * Make sure that we have only existing directories in the path.
+
+ * Given a file name instead of a directory, the behaviour of the disk_free_space
+ function is unspecified and may differ between operating systems and PHP versions.
+ */
+ while(!is_dir($path) && $path != '/') $path = realpath(dirname($path));
+
+ $free_space = disk_free_space($out);
+
+ if (!$free_space) {
+ $free_space = 0;
+ return false;
+ }
+
+ if ($free_space >= $limit) {
+ return true;
+ } else {
+ return false;
+ }
+
+ }
@@ -1524,9 +1558,13 @@
}
}
- function maildirmake($maildir_path, $user = '', $group = '', $subfolder = '') {
+ function maildirmake($maildir_path, $user = '', $subfolder = '', $group = '') {
- global $app;
+ global $app, $conf;
+
+ // load the server configuration options
+ $app->uses("getconf");
+ $mail_config = $app->getconf->get_server_config($conf["server_id"], 'mail');
if($subfolder != '') {
$dir = escapeshellcmd($maildir_path.'/.'.$subfolder);
@@ -1571,25 +1609,30 @@
//* Add the subfolder to the subscriptions and courierimapsubscribed files
if($subfolder != '') {
+
// Courier
- if(!is_file($maildir_path.'/courierimapsubscribed')) {
- $tmp_file = escapeshellcmd($maildir_path.'/courierimapsubscribed');
- touch($tmp_file);
- chmod($tmp_file, 0744);
- chown($tmp_file, 'vmail');
- chgrp($tmp_file, 'vmail');
+ if($mail_config['pop3_imap_daemon'] == 'courier') {
+ if(!is_file($maildir_path.'/courierimapsubscribed')) {
+ $tmp_file = escapeshellcmd($maildir_path.'/courierimapsubscribed');
+ touch($tmp_file);
+ chmod($tmp_file, 0744);
+ chown($tmp_file, 'vmail');
+ chgrp($tmp_file, 'vmail');
+ }
+ $this->replaceLine($maildir_path.'/courierimapsubscribed', 'INBOX.'.$subfolder, 'INBOX.'.$subfolder, 1, 1);
}
- $this->replaceLine($maildir_path.'/courierimapsubscribed', 'INBOX.'.$subfolder, 'INBOX.'.$subfolder, 1, 1);
// Dovecot
- if(!is_file($maildir_path.'/subscriptions')) {
- $tmp_file = escapeshellcmd($maildir_path.'/subscriptions');
- touch($tmp_file);
- chmod($tmp_file, 0744);
- chown($tmp_file, 'vmail');
- chgrp($tmp_file, 'vmail');
+ if($mail_config['pop3_imap_daemon'] == 'dovecot') {
+ if(!is_file($maildir_path.'/subscriptions')) {
+ $tmp_file = escapeshellcmd($maildir_path.'/subscriptions');
+ touch($tmp_file);
+ chmod($tmp_file, 0744);
+ chown($tmp_file, 'vmail');
+ chgrp($tmp_file, 'vmail');
+ }
+ $this->replaceLine($maildir_path.'/subscriptions', $subfolder, $subfolder, 1, 1);
}
- $this->replaceLine($maildir_path.'/subscriptions', $subfolder, $subfolder, 1, 1);
}
$app->log('Created Maildir '.$maildir_path.' with subfolder: '.$subfolder, LOGLEVEL_DEBUG);
@@ -1758,23 +1801,190 @@
return $return_var == 0 ? true : false;
}
+ function mount_backup_dir($backup_dir, $mount_cmd = '/usr/local/ispconfig/server/scripts/backup_dir_mount.sh'){
+ global $app, $conf;
+
+ $mounted = true;
+ if ( is_file($mount_cmd) &&
+ is_executable($mount_cmd) &&
+ fileowner($mount_cmd) === 0
+ ) {
+ if (!$this->is_mounted($backup_dir)){
+ exec($mount_cmd);
+ sleep(1);
+ if (!$this->is_mounted($backup_dir)) $mounted = false;
+ }
+ } else $mounted = false;
+ if (!$mounted) {
+ //* send email to admin that backup directory could not be mounted
+ $global_config = $app->getconf->get_global_config('mail');
+ if($global_config['admin_mail'] != ''){
+ $subject = 'Backup directory '.$backup_dir.' could not be mounted';
+ $message = "Backup directory ".$backup_dir." could not be mounted.\n\nThe command\n\n".$mount_cmd."\n\nfailed.";
+ mail($global_config['admin_mail'], $subject, $message);
+ }
+ }
+
+ return $mounted;
+ }
+
+ function umount_backup_dir($backup_dir, $mount_cmd = '/usr/local/ispconfig/server/scripts/backup_dir_umount.sh'){
+ global $app, $conf;
+
+ if ( is_file($mount_cmd) &&
+ is_executable($mount_cmd) &&
+ fileowner($mount_cmd) === 0
+ ) {
+ if ($this->is_mounted($backup_dir)){
+ exec($mount_cmd);
+ sleep(1);
+ }
+ }
+
+ $unmounted = $this->is_mounted($backup_dir) == 0 ? true : false;
+ if(!$unmounted) {
+ //* send email to admin that backup directory could not be unmounted
+ $global_config = $app->getconf->get_global_config('mail');
+ if($global_config['admin_mail'] != ''){
+ $subject = 'Backup directory '.$backup_dir.' could not be unmounted';
+ $message = "Backup directory ".$backup_dir." could not be unmounted.\n\nThe command\n\n".$mount_cmd."\n\nfailed.";
+ mail($global_config['admin_mail'], $subject, $message);
+ }
+ }
+
+ return $unmounted;
+
+ }
+
function getinitcommand($servicename, $action, $init_script_directory = ''){
global $conf;
- // systemd
- if(is_executable('/bin/systemd')){
- return 'systemctl '.$action.' '.$servicename.'.service';
- }
// upstart
if(is_executable('/sbin/initctl')){
exec('/sbin/initctl version 2>/dev/null | /bin/grep -q upstart', $retval['output'], $retval['retval']);
if(intval($retval['retval']) == 0) return 'service '.$servicename.' '.$action;
+ }
+ // systemd
+ if(is_executable('/bin/systemd') || is_executable('/usr/bin/systemctl')){
+ return 'systemctl '.$action.' '.$servicename.'.service';
}
// sysvinit
if($init_script_directory == '') $init_script_directory = $conf['init_scripts'];
if(substr($init_script_directory, -1) === '/') $init_script_directory = substr($init_script_directory, 0, -1);
return $init_script_directory.'/'.$servicename.' '.$action;
}
+
+ function getapacheversion($get_minor = false) {
+ global $app;
+
+ $cmd = '';
+ if($this->is_installed('apache2ctl')) $cmd = 'apache2ctl -v';
+ elseif($this->is_installed('apachectl')) $cmd = 'apachectl -v';
+ else {
+ $app->log("Could not check apache version, apachectl not found.", LOGLEVEL_WARN);
+ return '2.2';
+ }
+
+ exec($cmd, $output, $return_var);
+ if($return_var != 0 || !$output[0]) {
+ $app->log("Could not check apache version, apachectl did not return any data.", LOGLEVEL_WARN);
+ return '2.2';
+ }
+
+ if(preg_match('/version:\s*Apache\/(\d+)(\.(\d+)(\.(\d+))*)?(\D|$)/i', $output[0], $matches)) {
+ return $matches[1] . (isset($matches[3]) ? '.' . $matches[3] : '') . (isset($matches[5]) && $get_minor == true ? '.' . $matches[5] : '');
+ } else {
+ $app->log("Could not check apache version, did not find version string in apachectl output.", LOGLEVEL_WARN);
+ return '2.2';
+ }
+ }
+ function getapachemodules() {
+ global $app;
+
+ $cmd = '';
+ if($this->is_installed('apache2ctl')) $cmd = 'apache2ctl -t -D DUMP_MODULES';
+ elseif($this->is_installed('apachectl')) $cmd = 'apachectl -t -D DUMP_MODULES';
+ else {
+ $app->log("Could not check apache modules, apachectl not found.", LOGLEVEL_WARN);
+ return array();
+ }
+
+ exec($cmd . ' 2>/dev/null', $output, $return_var);
+ if($return_var != 0 || !$output[0]) {
+ $app->log("Could not check apache modules, apachectl did not return any data.", LOGLEVEL_WARN);
+ return array();
+ }
+
+ $modules = array();
+ for($i = 0; $i < count($output); $i++) {
+ if(preg_match('/^\s*(\w+)\s+\((shared|static)\)\s*$/', $output[$i], $matches)) {
+ $modules[] = $matches[1];
+ }
+ }
+
+ return $modules;
+ }
+
+ //* ISPConfig mail function
+ public function mail($to, $subject, $text, $from, $filepath = '', $filetype = 'application/pdf', $filename = '', $cc = '', $bcc = '', $from_name = '') {
+ global $app, $conf;
+
+ if($conf['demo_mode'] == true) $app->error("Mail sending disabled in demo mode.");
+
+ $app->uses('getconf,ispcmail');
+ $mail_config = $app->getconf->get_global_config('mail');
+ if($mail_config['smtp_enabled'] == 'y') {
+ $mail_config['use_smtp'] = true;
+ $app->ispcmail->setOptions($mail_config);
+ }
+ $app->ispcmail->setSender($from, $from_name);
+ $app->ispcmail->setSubject($subject);
+ $app->ispcmail->setMailText($text);
+
+ if($filepath != '') {
+ if(!file_exists($filepath)) $app->error("Mail attachement does not exist ".$filepath);
+ $app->ispcmail->readAttachFile($filepath);
+ }
+
+ if($cc != '') $app->ispcmail->setHeader('Cc', $cc);
+ if($bcc != '') $app->ispcmail->setHeader('Bcc', $bcc);
+
+ $app->ispcmail->send($to);
+ $app->ispcmail->finish();
+
+ return true;
+ }
+
+ public function is_allowed_user($username, $check_id = true, $restrict_names = false) {
+ global $app;
+
+ $name_blacklist = array('root','ispconfig','vmail','getmail');
+ if(in_array($username,$name_blacklist)) return false;
+
+ if(preg_match('/^[a-zA-Z0-9\.\-_]{1,32}$/', $username) == false) return false;
+
+ if($check_id && intval($this->getuid($username)) < $this->min_uid) return false;
+
+ if($restrict_names == true && preg_match('/^web\d+$/', $username) == false) return false;
+
+ return true;
+ }
+
+ public function is_allowed_group($groupname, $check_id = true, $restrict_names = false) {
+ global $app;
+
+ $name_blacklist = array('root','ispconfig','vmail','getmail');
+ if(in_array($groupname,$name_blacklist)) return false;
+
+ if(preg_match('/^[a-zA-Z0-9\.\-_]{1,32}$/', $groupname) == false) return false;
+
+ if($check_id && intval($this->getgid($groupname)) < $this->min_gid) return false;
+
+ if($restrict_names == true && preg_match('/^client\d+$/', $groupname) == false) return false;
+
+ return true;
+ }
+
}
?>
--
Gitblit v1.9.1