Trying to Keep Special Chars in Remote Backup Encryption Keys

This commit is contained in:
earnolmartin 2019-08-22 10:56:17 -06:00
parent 84ea13c006
commit e21f03a600
2 changed files with 19 additions and 11 deletions

View file

@ -10114,8 +10114,6 @@ function dologin2($username,$password,$usernamefield='',$passwordfield='',$login
if($this->userconfig['defaultdomain']<>'' and $this->selecteddomain=='') { if($this->userconfig['defaultdomain']<>'' and $this->selecteddomain=='') {
$this->setselecteddomain($this->userconfig['defaultdomain']); $this->setselecteddomain($this->userconfig['defaultdomain']);
} }
$this->addDaemonOp('daemon_vps','vps_check_state','xx');
return True; return True;
} else { } else {
@ -10697,8 +10695,8 @@ function rebuildCrontab(){
$timeInOneHour = ($time + 1); $timeInOneHour = ($time + 1);
$uploadScriptCommand = 'echo "0 ' . $timeInOneHour . ' * * ' . $dayofweek . ' ' . $uploadScript . ' ' . $transfer_method . ' \'' . $transfer_login . '\' \'' . $transfer_pass . '\' ' . $transfer_host . ' ' . $transfer_port . ' \'' . $transfer_encrpytion_password . '\'" >> ' . $ehcpCronFile; $uploadScriptCommand = 'echo "0 ' . $timeInOneHour . ' * * ' . $dayofweek . ' ' . $uploadScript . ' ' . $transfer_method . ' \'' . $transfer_login . '\' \'' . $transfer_pass . '\' ' . $transfer_host . ' ' . $transfer_port . ' \'' . $transfer_encrpytion_password . '\'" >> ' . $ehcpCronFile;
passthru2($backupScriptCommand, true, true); passthru2($backupScriptCommand, true, false);
passthru2($uploadScriptCommand, true, true); passthru2($uploadScriptCommand, true, false);
$rs->MoveNext(); $rs->MoveNext();
} }
@ -14793,9 +14791,6 @@ function runop2($op,$action,$info,$info2='',$info3=''){
case 'fixApacheConfigSslOnly': case 'fixApacheConfigSslOnly':
return $this->fixApacheConfigSslOnly($info); return $this->fixApacheConfigSslOnly($info);
break; break;
case 'daemon_vps':
return $this->call_func_in_module('Vps_Module','daemon_vps',array('action'=>$action,'info'=>$info));
break; # array in this is params
case 'process_ssl_certs': case 'process_ssl_certs':
return $this->handleCustomSSLCertsForDomains(); return $this->handleCustomSSLCertsForDomains();
break; break;

View file

@ -50,9 +50,23 @@ function decryptBackupFile(){
if [ ! -z "$1" ] && [ -e "$1" ]; then if [ ! -z "$1" ] && [ -e "$1" ]; then
backupFileName=$(echo "$1" | grep -o "[^${backupEncFilesDir}].*" | grep -o "[^/].*") backupFileName=$(echo "$1" | grep -o "[^${backupEncFilesDir}].*" | grep -o "[^/].*")
backupFileNameWithTGZ=$(echo ${backupFileName: : -4}) backupFileNameWithTGZ=$(echo ${backupFileName: : -4})
if [ ! -z "$backupFileNameWithTGZ" ]; then if [ ! -z "$backupFileNameWithTGZ" ]; then
openssl enc -aes-256-cbc -d -in "$1" -out "/var/backup/${backupFileNameWithTGZ}" -k "${encryptionKey}" outOpen=$(openssl enc -aes-256-cbc -d -in "$1" -out "/var/backup/${backupFileNameWithTGZ}" -k "${encryptionKey}" 2>&1)
doEHCPRestore "${backupFileNameWithTGZ}" echo "OpenSSL unencrypt output is $outOpen"
hasFailed=$(echo "$outOpen" | grep -o "bad decrypt")
if [ ! -z "$hasFailed" ]; then
echo "Failed to unencrypt... trying -nopad option..."
outOpen=$(openssl enc -aes-256-cbc -d -in "$1" -out "/var/backup/${backupFileNameWithTGZ}" -k "${encryptionKey}" -nopad 2>&1)
fi
hasBadDecrypt=$(echo "$outOpen" | grep -o "bad decrypt")
hasDecryptError=$(echo "$outOpen" | grep -o "error")
if [ -z "$hasBadDecrypt" ] && [ -z "$hasDecryptError" ]; then
echo "Beginning EHCP restore daemon operation!"
doEHCPRestore "${backupFileNameWithTGZ}"
else
echo "Failed to decrypt the encryped archive. Perhaps the file is corrupt or using a different md digest?"
exit 1
fi
fi fi
fi fi
} }
@ -74,4 +88,3 @@ fi
# Find the backup file to restore, unecrypt it, and then tell the EHCP daemon to restore it based on variable settings at the beginning of the file # Find the backup file to restore, unecrypt it, and then tell the EHCP daemon to restore it based on variable settings at the beginning of the file
getLatestBackupToRestore getLatestBackupToRestore