github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-19 21:04:07 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge pull request #4 from serghey-rodin/master

Browse source 
updates from master branch
This commit is contained in:
myvesta 2018-05-14 16:55:36 +02:00 committed by GitHub
commit 5d10ea26d5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
24 changed files with 98 additions and 82 deletions
Download patch file Download diff file Expand all files Collapse all files

1
bin/v-add-mail-domain
View file

@ -45,6 +45,7 @@ is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_domain_new 'mail' "$domain"
is_package_full 'MAIL_DOMAINS'
is_dir_symlink $HOMEDIR/$user/mail
#----------------------------------------------------------#

1
bin/v-add-web-domain
View file

@ -47,6 +47,7 @@ is_object_valid 'user' 'USER' "$user"
is_object_unsuspended 'user' 'USER' "$user"
is_package_full 'WEB_DOMAINS' 'WEB_ALIASES'
is_domain_new 'web' "$domain,$aliases"
is_dir_symlink $HOMEDIR/$user/web
if [ ! -z "$ip" ]; then
is_ip_valid "$ip" "$user"
else

6
bin/v-check-user-hash
View file

@ -75,15 +75,15 @@ else
method='des'
fi
# Checking salt
if [ -z "$salt" ]; then
echo "Error: password missmatch"
echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
exit 9
fi
# Checking hash
result=$(grep "^$user:$hash:" /etc/shadow 2>/dev/null)
if [[ -z "$result" ]]; then
# Comparing hashes
if [[ "$shadow" != "$hash" ]]; then
echo "Error: password missmatch"
echo "$date $time $user $ip failed to login" >> $VESTA/log/auth.log
exit 9

23
bin/v-list-user-log
View file

@ -23,7 +23,10 @@ json_list() {
objects=$(echo "$logs" |wc -l)
echo "{"
for str in $logs; do
eval $str
ID=$(echo "$str" |cut -f 2 -d \')
DATE=$(echo "$str" |cut -f 4 -d \')
TIME=$(echo "$str" |cut -f 6 -d \')
CMD=$(echo "$str" |cut -f 8 -d \')
CMD=${CMD//\"/\\\"}
echo -n ' "'$ID'": {
"CMD": "'$CMD'",
@ -46,13 +49,9 @@ shell_list() {
echo "DATE~TIME~CMD"
echo "----~----~---"
for str in $logs; do
eval $str
if [ -z "$DATE" ]; then
DATE='no'
fi
if [ -z "$TIME" ]; then
TIME='no'
fi
DATE=$(echo "$str" |cut -f 4 -d \')
TIME=$(echo "$str" |cut -f 6 -d \')
CMD=$(echo "$str" |cut -f 8 -d \')
echo "$DATE~$TIME~$CMD"
done
}
@ -61,7 +60,9 @@ shell_list() {
plain_list() {
IFS=$'\n'
for str in $logs; do
eval $str
DATE=$(echo "$str" |cut -f 4 -d \')
TIME=$(echo "$str" |cut -f 6 -d \')
CMD=$(echo "$str" |cut -f 8 -d \')
echo -e "$ID\t$CMD\t$UNDO\t$TIME\t$DATE"
done
}
@ -71,7 +72,9 @@ csv_list() {
IFS=$'\n'
echo "ID,CMD,UNDO,TIME,DATE"
for str in $logs; do
eval $str
DATE=$(echo "$str" |cut -f 4 -d \')
TIME=$(echo "$str" |cut -f 6 -d \')
CMD=$(echo "$str" |cut -f 8 -d \')
echo "$ID,\"$CMD\",\"$UNDO\",$TIME,$DATE"
done
}

22
bin/v-update-sys-rrd-mysql
View file

@ -14,6 +14,7 @@ period=${1-daily}
# Includes
source $VESTA/func/main.sh
source $VESTA/func/db.sh
source $VESTA/conf/vesta.conf
@ -66,23 +67,10 @@ for host in $hosts; do
fi
if [ "$period" = 'daily' ]; then
# Defining host credentials
host_str=$(grep "HOST='$host'" $conf)
for key in $host_str; do
eval ${key%%=*}=${key#*=}
done
sql="mysql -h $HOST -u $USER -p$PASSWORD -e"
# Checking empty vars
if [ -z $HOST ] || [ -z $USER ] || [ -z $PASSWORD ]; then
echo "Error: config is broken"
log_event "$E_PARSING" "$ARGUMENTS"
exit $E_PARSING
fi
# Parsing data
status=$($sql "SHOW GLOBAL STATUS" 2>/dev/null); code="$?"
if [ '0' -ne "$code" ]; then
mysql_connect $host
query='SHOW GLOBAL STATUS'
status=$(mysql_query "$query" 2>/dev/null)
if [ $? -ne 0 ]; then
active=0
slow=0
else

10
func/db.sh
View file

@ -47,7 +47,10 @@ mysql_connect() {
}
mysql_query() {
mysql --defaults-file=$mycnf -e "$1" 2>/dev/null
sql_tmp=$(mktemp)
echo "$1" > $sql_tmp
mysql --defaults-file=$mycnf < "$sql_tmp" 2>/dev/null
rm -f "$sql_tmp"
}
mysql_dump() {
@ -89,7 +92,10 @@ psql_connect() {
}
psql_query() {
psql -h $HOST -U $USER -c "$1" 2>/dev/null
sql_tmp=$(mktemp)
echo "$1" > $sql_tmp
psql -h $HOST -U $USER -f "$sql_tmp" 2>/dev/null
rm -f $sql_tmp
}
psql_dump() {

7
func/main.sh
View file

@ -287,6 +287,13 @@ is_hash_valid() {
fi
}
# Check if directory is a symlink
is_dir_symlink() {
if [[ -L "$1" ]]; then
check_result $E_FORBIDEN "$1 directory is a symlink"
fi
}
# Get object value
get_object_value() {
object=$(grep "$2='$3'" $USER_DATA/$1.conf)

6
func/rebuild.sh
View file

@ -71,6 +71,9 @@ rebuild_user_conf() {
echo "$BIN/v-update-web-domains-disk $user" \
>> $VESTA/data/queue/disk.pipe
if [[ -L "$HOMEDIR/$user/web" ]]; then
rm $HOMEDIR/$user/web
fi
mkdir -p $HOMEDIR/$user/conf/web
mkdir -p $HOMEDIR/$user/web
mkdir -p $HOMEDIR/$user/tmp
@ -105,6 +108,9 @@ rebuild_user_conf() {
echo "$BIN/v-update-mail-domains-disk $user" \
>> $VESTA/data/queue/disk.pipe
if [[ -L "$HOMEDIR/$user/mail" ]]; then
rm $HOMEDIR/$user/mail
fi
mkdir -p $HOMEDIR/$user/conf/mail
mkdir -p $HOMEDIR/$user/mail
chmod 751 $HOMEDIR/$user/mail

2
src/deb/ioncube/control
View file

@ -1,7 +1,7 @@
Source: vesta-ioncube
Package: vesta-ioncube
Priority: optional
Version: 0.9.8-20
Version: 0.9.8-21
Section: admin
Maintainer: Serghey Rodin <skid@vestacp.com>
Homepage: https://www.ioncube.com

2
src/deb/nginx/control
View file

@ -1,7 +1,7 @@
Source: vesta-nginx
Package: vesta-nginx
Priority: optional
Version: 0.9.8-20
Version: 0.9.8-21
Section: admin
Maintainer: Serghey Rodin <skid@vestacp.com>
Homepage: http://vestacp.com

2
src/deb/php/control
View file

@ -1,7 +1,7 @@
Source: vesta-php
Package: vesta-php
Priority: optional
Version: 0.9.8-20
Version: 0.9.8-21
Section: admin
Maintainer: Serghey Rodin <skid@vestacp.com>
Homepage: http://vestacp.com

2
src/deb/softaculous/control
View file

@ -1,7 +1,7 @@
Source: vesta-softaculous
Package: vesta-softaculous
Priority: optional
Version: 0.9.8-20
Version: 0.9.8-21
Section: admin
Maintainer: Serghey Rodin <skid@vestacp.com>
Homepage: https://www.softaculous.com

2
src/deb/vesta/control
View file

@ -1,7 +1,7 @@
Source: vesta
Package: vesta
Priority: optional
Version: 0.9.8-20
Version: 0.9.8-21
Section: admin
Maintainer: Serghey Rodin <skid@vestacp.com>
Homepage: http://vestacp.com

6
src/deb/vesta/postinst
View file

@ -20,8 +20,12 @@ if [ -x "/usr/local/vesta/upd/fix_sessions.sh" ]; then
/usr/local/vesta/upd/fix_sessions.sh
fi
if [ -e /usr/local/vesta/upd/fix_nginx_auth.sh ]; then
if [ -x /usr/local/vesta/upd/fix_nginx_auth.sh ]; then
/usr/local/vesta/upd/fix_nginx_auth.sh
fi
if [ -x /usr/local/vesta/upd/fix_roundcube.sh ]; then
/usr/local/vesta/upd/fix_roundcube.sh
fi
exit 0

2
src/rpm/specs/vesta-ioncube.spec
View file

@ -1,6 +1,6 @@
Name: vesta-ioncube
Version: 0.9.8
Release: 20
Release: 21
Summary: ionCube Loader
Group: System Environment/Base
License: "Freely redistributable without restriction"

2
src/rpm/specs/vesta-nginx.spec
View file

@ -1,6 +1,6 @@
Name: vesta-nginx
Version: 0.9.8
Release: 20
Release: 21
Summary: Vesta Control Panel
Group: System Environment/Base
License: BSD-like

2
src/rpm/specs/vesta-php.spec
View file

@ -1,6 +1,6 @@
Name: vesta-php
Version: 0.9.8
Release: 20
Release: 21
Summary: Vesta Control Panel
Group: System Environment/Base
License: GPL

2
src/rpm/specs/vesta-softaculous.spec
View file

@ -1,6 +1,6 @@
Name: vesta-softaculous
Version: 0.9.8
Release: 20
Release: 21
Summary: Vesta Control Panel
Group: System Environment/Base
License: Softaculous License

16
src/rpm/specs/vesta.spec
View file

@ -1,6 +1,6 @@
Name: vesta
Version: 0.9.8
Release: 20
Release: 21
Summary: Vesta Control Panel
Group: System Environment/Base
License: GPL
@ -30,18 +30,21 @@ rm -rf %{buildroot}
%post
if [ $1 -ge 2 ]; then
if [ -e /usr/local/vesta/upd/add_sudo.sh ]; then
if [ -x /usr/local/vesta/upd/add_sudo.sh ]; then
/usr/local/vesta/upd/add_sudo.sh
fi
if [ -e /usr/local/vesta/upd/add_notifications.sh ]; then
if [ -x /usr/local/vesta/upd/add_notifications.sh ]; then
/usr/local/vesta/upd/add_notifications.sh
fi
if [ -e /usr/local/vesta/upd/fix_sessions.sh ]; then
if [ -x /usr/local/vesta/upd/fix_sessions.sh ]; then
/usr/local/vesta/upd/fix_sessions.sh
fi
if [ -e /usr/local/vesta/upd/fix_nginx_auth.sh ]; then
if [ -x /usr/local/vesta/upd/fix_nginx_auth.sh ]; then
/usr/local/vesta/upd/fix_nginx_auth.sh
fi
if [ -x /usr/local/vesta/upd/fix_roundcube.sh ]; then
/usr/local/vesta/upd/fix_roundcube.sh
fi
fi
%files
%{_vestadir}
@ -56,6 +59,9 @@ fi
%config(noreplace) %{_vestadir}/web/css/uploadify.css
%changelog
* Fri May 11 2018 Serghey Rodin <builder@vestacp.com> - 0.9.8-21
- Additional security fixes
* Sun Apr 08 2018 Serghey Rodin <builder@vestacp.com> - 0.9.8-20
- Hardening password checks

2
upd/add_sudo.sh
View file

@ -3,7 +3,7 @@
if [ ! -e '/etc/sudoers.d/admin' ]; then
if [ ! -d '/etc/sudoers.d' ]; then
mkidr /etc/sudoers.d
mkdir /etc/sudoers.d
chmod 750 /etc/sudoers.d
fi
echo '# Created by vesta update-trigger' > /etc/sudoers.d/admin

19
upd/fix_roundcube.sh Executable file
View file

@ -0,0 +1,19 @@
#!/bin/bash
# Locate roundcube directory
if [ -d '/etc/roundcube' ]; then
rc_dir='/etc/roundcube'
fi
if [ -d '/etc/roundcubemail' ]; then
rc_dir='/etc/roundcubemail'
fi
if [ -z "$rc_dir" ]; then
exit
fi
# Check for eval
cd $rc_dir
for config in $(grep eval *.php |cut -f1 -d:); do
sed -i '/eval/d' $config
done

6
web/inc/i18n/sr.php
View file

@ -489,7 +489,7 @@ $LANG['sr'] = array(
'Welcome' => 'Dobrodošli',
'LOGGED_IN_AS' => 'Ulogovani ste kao %s',
'Error' => 'Greška',
'Invalid username or password' => 'Pogrešani login podaci',
'Invalid username or password' => 'Pogrešni login podaci',
'Invalid username or code' => 'Pogrešno korisničko ime ili kod',
'Passwords not match' => 'Passwordi se ne poklapaju',
'Please enter valid email address.' => 'Potrebno je uneti validnu email adresu.',
@ -512,8 +512,8 @@ $LANG['sr'] = array(
'Welcome to Vesta Control Panel' => 'Dobrodošli u Vesta kontrolni panel',
'MAIL_FROM' => 'Vesta kontrolni panel <noreply@%s>',
'GREETINGS_GORDON_FREEMAN' => "Poštovanje, %s %s,\n",
'GREETINGS' => "Poštovanje,\n",
'GREETINGS_GORDON_FREEMAN' => "Poštovani %s %s,\n",
'GREETINGS' => "Poštovani,\n",
'ACCOUNT_READY' => "Vaš hosting nalog je kreiran i spreman za korišćenje.\n\nhttps://%s/login/\nKorisničko ime: %s\nŠifra: %s\n\n--\nVesta kontrolni panel\n",
'FTP login credentials' => 'FTP podaci',

35
web/upload/UploadHandler.php
View file

@ -1117,37 +1117,12 @@ class UploadHandler
$append_file = $content_range && is_file($file_path) &&
$file->size > $this->get_file_size($file_path);
if ($uploaded_file && is_uploaded_file($uploaded_file)) {
// multipart/formdata uploads (POST method uploads)
if ($append_file) {
file_put_contents(
$file_path,
fopen($uploaded_file, 'r'),
FILE_APPEND
);
} else {
chmod($uploaded_file, 0644);
// move_uploaded_file($uploaded_file, $file_path);
exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} '{$file_path}'", $output, $return_var);
$error = check_return_code($return_var, $output);
if ($return_var != 0) {
//var_dump(VESTA_CMD . "v-copy-fs-file {$user} {$fn} {$path}");
//var_dump($path);
//var_dump($output);
$file->error = 'Error while saving file ';
// var_dump(VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} {$file_path}");
// var_dump($return_var);
// var_dump($output);
// exit();
}
chmod($uploaded_file, 0644);
exec (VESTA_CMD . "v-copy-fs-file ". USERNAME ." {$uploaded_file} '{$file_path}'", $output, $return_var);
$error = check_return_code($return_var, $output);
if ($return_var != 0) {
$file->error = 'Error while saving file ';
}
} else {
// Non-multipart uploads (PUT method support)
file_put_contents(
$file_path,
fopen('php://input', 'r'),
$append_file ? FILE_APPEND : 0
);
}
$file_size = $this->get_file_size($file_path, $append_file);

2
web/view/file/index.php
View file

@ -16,7 +16,7 @@ if (!empty($_REQUEST['path'])) {
$path = $_REQUEST['path'];
if (!empty($_REQUEST['raw'])) {
header('content-type: image/jpeg');
passthru (VESTA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg($_REQUEST['path']));
passthru (VESTA_CMD . "v-open-fs-file " . $user . " " . escapeshellarg(htmlspecialchars($_REQUEST['path'], ENT_QUOTES, 'UTF-8')));
exit;
}
}