Sophie

Sophie

distrib > Mageia > 4 > x86_64 > by-pkgid > ef1526a597d81f5be99c2bd1606e7845 > files > 6

fusiondirectory-plugin-fax-1.0.6-2.mga4.noarch.rpm

#!/usr/bin/php

/*
  This code is part of FusionDirectory (http://www.fusiondirectory.org/)
  Copyright (C) 2003-2010  Cajus Pollmeier
  Copyright (C) 2011-2013  FusionDirectory

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License as published by
  the Free Software Foundation; either version 2 of the License, or
  (at your option) any later version.

  This program is distributed in the hope that it will be useful,
  but WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  GNU General Public License for more details.

  You should have received a copy of the GNU General Public License
  along with this program; if not, write to the Free Software
  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
*/

<?php

$conf = "/etc/fusiondirectory/fusiondirectory.conf";
$conforig = "/etc/fusiondirectory/fusiondirectory.conf.orig";
$confsecret = "/etc/fusiondirectory/fusiondirectory.secrets";

function cred_encrypt($input, $password) {

  $size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, MCRYPT_MODE_CBC);
  $iv = mcrypt_create_iv($size, MCRYPT_DEV_RANDOM);

  return bin2hex(mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $password, $input, MCRYPT_MODE_ECB, $iv));
}


function get_random_char() {
  $randno = rand (0, 63);
  if ($randno < 12) {
    return (chr ($randno + 46)); // Digits, '/' and '.'
  } else if ($randno < 38) {
    return (chr ($randno + 53)); // Uppercase
  } else {
    return (chr ($randno + 59)); // Lowercase
  }
}


function get_random_string($size= 32){
  $str= "";
  for ($i = 0; $i < $size; $i++) {
    $str .= get_random_char();
  }
  return $str;
}


# We need to have access to fusiondirectory.secrets
if (posix_getuid() != 0) {
  die ("This program needs to be called by root!\n");
}

# Do we have a valid fusiondirectory.conf ?
if (!file_exists($conf)) {
  die ("Cannot find a valid $conf!\n");
}

echo "Starting password encryption\n";
echo "* generating random master key\n";
$master_key= get_random_string();

# Do we have a valid fusiondirectory.secrets, already?
if (file_exists($confsecret)) {
  die ("There's already a $confsecret. Cannot convert your existing fusiondirectory.conf - aborted\n");
} else {
  echo "* creating $confsecret\n";
  $fp = fopen ($confsecret, 'w') or die("Cannot open $confsecret for writing - aborted");
  fwrite ($fp, "RequestHeader set FD_KEY $master_key\n");
  fclose ($fp);
  chmod ($confsecret, 0600);
  chown ($confsecret, "root");
  chgrp ($confsecret, "root");
}

# Locate all passwords inside the fusiondirectory.conf
echo "* loading $conf\n";
$config = new DOMDocument();
$config->load($conf) or die ("Cannot read $conf - aborted\n");
$config->encoding = 'UTF-8';
$referrals= $config->getElementsByTagName("referral");
foreach ($referrals as $referral) {
  $user = $referral->attributes->getNamedItem("adminDn");
  echo "* encrypting FusionDirectory password for: ".$user->nodeValue."\n";
  $pw= $referral->attributes->getNamedItem("adminPassword");
  $pw->nodeValue= cred_encrypt($pw->nodeValue, $master_key);
}

# Encrypt the snapshot passwords
$locations= $config->getElementsByTagName("location");
foreach ($locations as $location) {
  $name = $location->attributes->getNamedItem("name");
  $node = $location->attributes->getNamedItem("snapshotAdminPassword");
  if ($node->nodeValue) {
    echo "* encrypting snapshot pasword for location: ".$name->nodeValue."\n";
    $node->nodeValue = cred_encrypt($node->nodeValue, $master_key);;
  }
}

# Move original fusiondirectory.conf out of the way and make it unreadable for the web user
echo "* creating backup in $conforig\n";
rename ($conf, $conforig);
chmod ($conforig, 0600);
chown ($conforig, "root");
chgrp ($conforig, "root");

# Save new passwords
echo "* saving modified $conf\n";
$config->save($conf) or die("Cannot write modified $conf - aborted\n");
chmod ($conf, 0640);
chown ($conf, "root");
chgrp ($conf, "www-data");
echo "OK\n\n";

# Print reminder
echo<<<EOF
Please adapt your http fusiondirectory location declaration to include the newly
created $confsecret.

Example:

Alias /fusiondirectory /usr/share/fusiondirectory/html

<Location /fusiondirectory>
  php_admin_flag engine on
  php_admin_flag register_globals off
  php_admin_flag allow_call_time_pass_reference off
  php_admin_flag expose_php off
  php_admin_flag zend.ze1_compatibility_mode off
  php_admin_flag register_long_arrays off
  php_admin_value upload_tmp_dir /var/spool/fusiondirectory/
  php_admin_value session.cookie_lifetime 0
  include /etc/fusiondirectory/fusiondirectory.secrets
</Location>


Please reload your httpd configuration after you've modified anything.


EOF;
?>

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional