Trying to Keep Special Chars in Remote Backup Encryption Keys

This commit is contained in:
earnolmartin 2019-08-22 10:56:17 -06:00
parent 84ea13c006
commit e21f03a600
2 changed files with 19 additions and 11 deletions

View file

@ -10115,8 +10115,6 @@ function dologin2($username,$password,$usernamefield='',$passwordfield='',$login
$this->setselecteddomain($this->userconfig['defaultdomain']);
}
$this->addDaemonOp('daemon_vps','vps_check_state','xx');
return True;
} else {
$this->debugecho2("<hr>user/pass is not correct....",2);
@ -10697,8 +10695,8 @@ function rebuildCrontab(){
$timeInOneHour = ($time + 1);
$uploadScriptCommand = 'echo "0 ' . $timeInOneHour . ' * * ' . $dayofweek . ' ' . $uploadScript . ' ' . $transfer_method . ' \'' . $transfer_login . '\' \'' . $transfer_pass . '\' ' . $transfer_host . ' ' . $transfer_port . ' \'' . $transfer_encrpytion_password . '\'" >> ' . $ehcpCronFile;
passthru2($backupScriptCommand, true, true);
passthru2($uploadScriptCommand, true, true);
passthru2($backupScriptCommand, true, false);
passthru2($uploadScriptCommand, true, false);
$rs->MoveNext();
}
@ -14793,9 +14791,6 @@ function runop2($op,$action,$info,$info2='',$info3=''){
case 'fixApacheConfigSslOnly':
return $this->fixApacheConfigSslOnly($info);
break;
case 'daemon_vps':
return $this->call_func_in_module('Vps_Module','daemon_vps',array('action'=>$action,'info'=>$info));
break; # array in this is params
case 'process_ssl_certs':
return $this->handleCustomSSLCertsForDomains();
break;

View file

@ -51,8 +51,22 @@ function decryptBackupFile(){
backupFileName=$(echo "$1" | grep -o "[^${backupEncFilesDir}].*" | grep -o "[^/].*")
backupFileNameWithTGZ=$(echo ${backupFileName: : -4})
if [ ! -z "$backupFileNameWithTGZ" ]; then
openssl enc -aes-256-cbc -d -in "$1" -out "/var/backup/${backupFileNameWithTGZ}" -k "${encryptionKey}"
outOpen=$(openssl enc -aes-256-cbc -d -in "$1" -out "/var/backup/${backupFileNameWithTGZ}" -k "${encryptionKey}" 2>&1)
echo "OpenSSL unencrypt output is $outOpen"
hasFailed=$(echo "$outOpen" | grep -o "bad decrypt")
if [ ! -z "$hasFailed" ]; then
echo "Failed to unencrypt... trying -nopad option..."
outOpen=$(openssl enc -aes-256-cbc -d -in "$1" -out "/var/backup/${backupFileNameWithTGZ}" -k "${encryptionKey}" -nopad 2>&1)
fi
hasBadDecrypt=$(echo "$outOpen" | grep -o "bad decrypt")
hasDecryptError=$(echo "$outOpen" | grep -o "error")
if [ -z "$hasBadDecrypt" ] && [ -z "$hasDecryptError" ]; then
echo "Beginning EHCP restore daemon operation!"
doEHCPRestore "${backupFileNameWithTGZ}"
else
echo "Failed to decrypt the encryped archive. Perhaps the file is corrupt or using a different md digest?"
exit 1
fi
fi
fi
}
@ -74,4 +88,3 @@ fi
# Find the backup file to restore, unecrypt it, and then tell the EHCP daemon to restore it based on variable settings at the beginning of the file
getLatestBackupToRestore