From e21f03a600e83075cac6ec65dbc5894cf79c8def Mon Sep 17 00:00:00 2001 From: earnolmartin Date: Thu, 22 Aug 2019 10:56:17 -0600 Subject: [PATCH] Trying to Keep Special Chars in Remote Backup Encryption Keys --- ehcp/classapp.php | 9 ++------ .../ehcp_backup/restore_ehcp_backup.sh | 21 +++++++++++++++---- 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/ehcp/classapp.php b/ehcp/classapp.php index c868752..f2fd5ad 100755 --- a/ehcp/classapp.php +++ b/ehcp/classapp.php @@ -10114,8 +10114,6 @@ function dologin2($username,$password,$usernamefield='',$passwordfield='',$login if($this->userconfig['defaultdomain']<>'' and $this->selecteddomain=='') { $this->setselecteddomain($this->userconfig['defaultdomain']); } - - $this->addDaemonOp('daemon_vps','vps_check_state','xx'); return True; } else { @@ -10697,8 +10695,8 @@ function rebuildCrontab(){ $timeInOneHour = ($time + 1); $uploadScriptCommand = 'echo "0 ' . $timeInOneHour . ' * * ' . $dayofweek . ' ' . $uploadScript . ' ' . $transfer_method . ' \'' . $transfer_login . '\' \'' . $transfer_pass . '\' ' . $transfer_host . ' ' . $transfer_port . ' \'' . $transfer_encrpytion_password . '\'" >> ' . $ehcpCronFile; - passthru2($backupScriptCommand, true, true); - passthru2($uploadScriptCommand, true, true); + passthru2($backupScriptCommand, true, false); + passthru2($uploadScriptCommand, true, false); $rs->MoveNext(); } @@ -14793,9 +14791,6 @@ function runop2($op,$action,$info,$info2='',$info3=''){ case 'fixApacheConfigSslOnly': return $this->fixApacheConfigSslOnly($info); break; - case 'daemon_vps': - return $this->call_func_in_module('Vps_Module','daemon_vps',array('action'=>$action,'info'=>$info)); - break; # array in this is params case 'process_ssl_certs': return $this->handleCustomSSLCertsForDomains(); break; diff --git a/ehcp/scripts/ehcp_backup/restore_ehcp_backup.sh b/ehcp/scripts/ehcp_backup/restore_ehcp_backup.sh index 2b1f815..692fdaa 100755 --- a/ehcp/scripts/ehcp_backup/restore_ehcp_backup.sh +++ b/ehcp/scripts/ehcp_backup/restore_ehcp_backup.sh @@ -50,9 +50,23 @@ function decryptBackupFile(){ if [ ! -z "$1" ] && [ -e "$1" ]; then backupFileName=$(echo "$1" | grep -o "[^${backupEncFilesDir}].*" | grep -o "[^/].*") backupFileNameWithTGZ=$(echo ${backupFileName: : -4}) - if [ ! -z "$backupFileNameWithTGZ" ]; then - openssl enc -aes-256-cbc -d -in "$1" -out "/var/backup/${backupFileNameWithTGZ}" -k "${encryptionKey}" - doEHCPRestore "${backupFileNameWithTGZ}" + if [ ! -z "$backupFileNameWithTGZ" ]; then + outOpen=$(openssl enc -aes-256-cbc -d -in "$1" -out "/var/backup/${backupFileNameWithTGZ}" -k "${encryptionKey}" 2>&1) + echo "OpenSSL unencrypt output is $outOpen" + hasFailed=$(echo "$outOpen" | grep -o "bad decrypt") + if [ ! -z "$hasFailed" ]; then + echo "Failed to unencrypt... trying -nopad option..." + outOpen=$(openssl enc -aes-256-cbc -d -in "$1" -out "/var/backup/${backupFileNameWithTGZ}" -k "${encryptionKey}" -nopad 2>&1) + fi + hasBadDecrypt=$(echo "$outOpen" | grep -o "bad decrypt") + hasDecryptError=$(echo "$outOpen" | grep -o "error") + if [ -z "$hasBadDecrypt" ] && [ -z "$hasDecryptError" ]; then + echo "Beginning EHCP restore daemon operation!" + doEHCPRestore "${backupFileNameWithTGZ}" + else + echo "Failed to decrypt the encryped archive. Perhaps the file is corrupt or using a different md digest?" + exit 1 + fi fi fi } @@ -74,4 +88,3 @@ fi # Find the backup file to restore, unecrypt it, and then tell the EHCP daemon to restore it based on variable settings at the beginning of the file getLatestBackupToRestore -