gitlabFork/ISPConfig3.git - Solinfo Gitblit

- don't set password via remoting if field is empty

Marius Cramer

2015-08-06 37b29231e47a0c4458dc1c15d98588f16f07e1e2

commit \| author \| age
181529	1	<?php
L	2	/*
5a43e7	3	Copyright (c) 2007-2010, Till Brehm, projektfarm Gmbh, Oliver Vogel www.muv.com
181529	4	All rights reserved.
L	5
	6	Redistribution and use in source and binary forms, with or without modification,
	7	are permitted provided that the following conditions are met:
	8
	9	* Redistributions of source code must retain the above copyright notice,
	10	this list of conditions and the following disclaimer.
	11	* Redistributions in binary form must reproduce the above copyright notice,
	12	this list of conditions and the following disclaimer in the documentation
	13	and/or other materials provided with the distribution.
	14	* Neither the name of ISPConfig nor the names of its contributors
	15	may be used to endorse or promote products derived from this software without
	16	specific prior written permission.
	17
	18	THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
	19	ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	20	WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
	21	IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
	22	INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
	23	BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	24	DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
	25	OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
	26	NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
	27	EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	28	*/
	29
	30	class remoteaction_core_module {
	31	var $module_name = 'remoteaction_core_module';
	32	var $class_name = 'remoteaction_core_module';
	33	/* No actions at this time. maybe later... */
	34	var $actions_available = array();
	35	//* This function is called during ispconfig installation to determine
	36	// if a symlink shall be created for this plugin.
	37	function onInstall() {
5a43e7	38	return false;
181529	39	}
L	40
	41	/*
	42	This function is called when the module is loaded
	43	*/
	44	function onLoad() {
	45	/*
	46	* Check for actions to execute
	47	*/
5a43e7	48	//* This module has been replaced by the new action framework.
T	49	// $this->_execActions();
181529	50	}
L	51
	52	/*
	53	This function is called when a change in one of the registered tables is detected.
	54	The function then raises the events for the plugins.
	55	*/
	56	function process($tablename, $action, $data) {
	57	// not needed
	58	} // end function
	59
	60	private function _actionDone($id, $state) {
	61	/*
	62	* First set the state
	63	*/
	64	global $app;
cc7a82	65	$sql = "UPDATE sys_remoteaction SET action_state = ? WHERE action_id = ?";
MC	66	$app->dbmaster->query($sql, $state, $id);
181529	67
L	68	/*
	69	* Then save the maxid for the next time...
	70	*/
	71	$fp = fopen(dirname(__FILE__) . "/../lib/remote_action.inc.php", 'wb');
	72	$content = '<?php' . "\n" . '$maxid_remote_action = ' . $id . ';' . "\n?>";
	73	fwrite($fp, $content);
	74	fclose($fp);
	75	}
	76
	77
	78	/**
	79	* This method searches for scheduled actions and exec then
	80	*/
b1a6a5	81
MC	82
181529	83	private function _execActions() {
L	84	global $app;
	85	global $conf;
	86
	87	/* the id of the server as int */
	88	$server_id = intval($conf["server_id"]);
	89
	90	/*
	91	* First we (till and i, oliver) thought, it was enough to write
	92	* "select from where action_status = 'pending'" and then execute this actions.
	93	* But it is not!
	94	* If a hacker can hack into a server, she can change the valus of action_status
	95	* and so re-exec a action, executed some days bevore. So she can (for example)
	96	* stop a service, a admin stopped some days before! To avoid this, we ignore
	97	* the status (it is only for the interface to show) and use our own maxid
	98	*/
b1a6a5	99	include_once SCRIPT_PATH."/lib/remote_action.inc.php";
181529	100
L	101	/*
	102	* Get all actions this server should execute
	103	*/
cc7a82	104	$sql = "SELECT action_id, action_type, action_param FROM sys_remoteaction WHERE server_id = ? AND action_id > ? ORDER BY action_id";
MC	105	$actions = $app->dbmaster->queryAllRecords($sql, $server_id, $maxid_remote_action);
181529	106
L	107	/*
	108	* process all actions
	109	*/
	110	if(is_array($actions)) {
	111	foreach ($actions as $action) {
	112	if ($action['action_type'] == 'os_update') {
	113	/* do the update */
	114	$this->_doOsUpdate($action);
	115	/* this action takes so much time,
	116	* we stop executing the actions not to waste more time */
	117	return;
	118	}
b1a6a5	119
181529	120	if ($action['action_type'] == 'ispc_update') {
L	121	/* do the update */
6882ab	122	// Update function has been removed
T	123	// $this->_doIspCUpdate($action);
181529	124	/* this action takes so much time,
L	125	* we stop executing the actions not to waste more time */
6882ab	126	$this->_actionDone($action['action_id'], 'ok');
181529	127	}
46598e	128	if ($action['action_type'] == 'openvz_start_vm') {
T	129	$veid = intval($action['action_param']);
	130	if($veid > 0) {
	131	exec("vzctl start $veid");
	132	}
c8f203	133	$this->_actionDone($action['action_id'], 'ok');
46598e	134	}
T	135	if ($action['action_type'] == 'openvz_stop_vm') {
	136	$veid = intval($action['action_param']);
	137	if($veid > 0) {
	138	exec("vzctl stop $veid");
	139	}
c8f203	140	$this->_actionDone($action['action_id'], 'ok');
46598e	141	}
T	142	if ($action['action_type'] == 'openvz_restart_vm') {
	143	$veid = intval($action['action_param']);
	144	if($veid > 0) {
	145	exec("vzctl restart $veid");
	146	}
c8f203	147	$this->_actionDone($action['action_id'], 'ok');
46598e	148	}
T	149	if ($action['action_type'] == 'openvz_create_ostpl') {
b1a6a5	150	$parts = explode(':', $action['action_param']);
46598e	151	$veid = intval($parts[0]);
T	152	$template_cache_dir = '/vz/template/cache/';
	153	$template_name = escapeshellcmd($parts[1]);
	154	if($veid > 0 && $template_name != '' && is_dir($template_cache_dir)) {
	155	$command = "vzdump --suspend --compress --stdexcludes --dumpdir $template_cache_dir $veid";
	156	exec($command);
	157	exec("mv ".$template_cache_dir."vzdump-openvz-".$veid."*.tgz ".$template_cache_dir.$template_name.".tar.gz");
	158	exec("rm -f ".$template_cache_dir."vzdump-openvz-".$veid."*.log");
	159	}
c8f203	160	$this->_actionDone($action['action_id'], 'ok');
46598e	161	/* this action takes so much time,
T	162	* we stop executing the actions not to waste more time */
	163	return;
	164	}
b1a6a5	165
MC	166
181529	167	}
L	168	}
	169	}
	170
	171	private function _doOsUpdate($action) {
	172	/*
	173	* Do the update
	174	*/
	175	exec("aptitude update");
	176	exec("aptitude safe-upgrade -y");
	177
	178	//TODO : change this when distribution information has been integrated into server record
	179	if(file_exists('/etc/gentoo-release')) {
	180	exec("glsa-check -f --nocolor affected");
	181	}
	182	else {
	183	exec("aptitude update");
	184	exec("aptitude safe-upgrade -y");
	185	}
b1a6a5	186
181529	187	/*
L	188	* All well done!
	189	*/
	190	$this->_actionDone($action['action_id'], 'ok');
	191	}
	192
	193	private function _doIspCUpdate($action) {
b1a6a5	194
181529	195	// Ensure that this code is not executed twice as this would cause a loop in case of a failure
L	196	$this->_actionDone($action['action_id'], 'ok');
b1a6a5	197
181529	198	/*
b1a6a5	199	* Get the version-number of the newest version
181529	200	*/
L	201	$new_version = @file_get_contents('http://www.ispconfig.org/downloads/ispconfig3_version.txt');
	202	$new_version = trim($new_version);
	203
	204	/*
	205	* Do the update
	206	*/
	207
	208	/* jump into the temporary dir */
	209	$oldDir = getcwd();
	210	chdir("/tmp");
	211
	212	/* delete the old files (if there are any...) */
	213	exec("rm /tmp/ISPConfig-" . $new_version . ".tar.gz");
	214	exec("rm /tmp/ispconfig3_install -R");
b1a6a5	215
181529	216	/* get the newest version */
L	217	exec("wget http://www.ispconfig.org/downloads/ISPConfig-" . $new_version . ".tar.gz");
b1a6a5	218
181529	219	/* extract the files */
L	220	exec("tar xvfz ISPConfig-" . $new_version . ".tar.gz");
	221
	222	/*
	223	* Initialize the automated update
	224	* (the update is then done next start of server.sh
	225	*/
	226	chdir("/tmp/ispconfig3_install/install");
	227	exec("touch autoupdate");
b1a6a5	228
181529	229	/*
L	230	* do some clean-up
	231	*/
	232	exec("rm /tmp/ISPConfig-" . $new_version . ".tar.gz");
	233
	234	/*
	235	* go back to the "old path"
	236	*/
	237	chdir($oldDir);
	238
	239	/*
	240	* All well done!
	241	*/
	242	//$this->_actionDone($action['action_id'], 'ok');
	243	}
b1a6a5	244
181529	245	}
b1a6a5	246
8e9a5f	247	?>