Backport Cloudflare and Gratis plus passwords in base64 DynDNS changes

Note: corresponding change to upgrade_config.inc to come in master to
correctly implement the upgrade_155_to_156 code, that is master only and
will become upgrade_158_to_159

6 files changed, 85 insertions, 26 deletions

diff --git a/src/etc/inc/dyndns.class b/src/etc/inc/dyndns.class
index 5654653..e6f3f80 100644
--- a/src/etc/inc/dyndns.class
+++ b/src/etc/inc/dyndns.class
@@ -207,9 +207,8 @@
 					$dnsZoneID ='', $dnsTTL='', $dnsResultMatch = '', $dnsRequestIf = '',
 					$dnsID = '', $dnsVerboseLog = false, $curlIpresolveV4 = false, $curlSslVerifypeer = true) {
 
-			global $config, $g;
-
-			if ($dnsService == "namecheap") {
+			global $config, $g, $dyndns_split_domain_types;
+			if (in_array($dnsService, $dyndns_split_domain_types)) {
 				$this->_FQDN = $dnsHost . "." . $dnsDomain;
 			} else {
 				$this->_FQDN = $dnsHost;
@@ -234,7 +233,15 @@
 			case 'freedns-v6':
 				if (!$dnsHost) $this->_error(5);
 				break;
-			case 'namecheap':
+			case "namecheap":
+				if (!$dnsPass) $this->_error(4);
+				if (!$dnsHost) $this->_error(5);
+				if (!$dnsDomain) $this->_error(5);
+				break;
+			case "cloudflare-v6":
+			case "cloudflare":
+			case "gratisdns":
+				if (!$dnsUser) $this->_error(3);
 				if (!$dnsPass) $this->_error(4);
 				if (!$dnsHost) $this->_error(5);
 				if (!$dnsDomain) $this->_error(5);
@@ -266,7 +273,7 @@
 			}
 			$this->_dnsService = strtolower($dnsService);
 			$this->_dnsUser = $dnsUser;
-			$this->_dnsPass = $dnsPass;
+			$this->_dnsPass = base64_decode($dnsPass);
 			$this->_dnsHost = $dnsHost;
 			$this->_dnsDomain = $dnsDomain;
 			$this->_dnsServer = $dnsServer;
@@ -754,8 +761,6 @@
 					$needsIP = TRUE;
 					$dnsServer ='api.cloudflare.com';
 					$dnsHost = str_replace(' ', '', $this->_dnsHost);
-					$host_names = explode(".", $dnsHost);
-					$bottom_host_name = $host_names[count($host_names)-2] . "." . $host_names[count($host_names)-1];
 
 					curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 					curl_setopt($ch, CURLOPT_HTTPHEADER, array(
@@ -765,12 +770,12 @@
 					));
 
 					// Get zone ID
-					$getZoneId = "https://{$dnsServer}/client/v4/zones/?name={$bottom_host_name}";
+					$getZoneId = "https://{$dnsServer}/client/v4/zones/?name={$this->_dnsDomain}";
 					curl_setopt($ch, CURLOPT_URL, $getZoneId);
 					$output = json_decode(curl_exec($ch));
 					$zone = $output->result[0]->id;
 					if ($zone) { // If zone ID was found get host ID
-						$getHostId = "https://{$dnsServer}/client/v4/zones/{$zone}/dns_records?name={$this->_dnsHost}&type={$recordType}";
+						$getHostId = "https://{$dnsServer}/client/v4/zones/{$zone}/dns_records?name={$this->_FQDN}&type={$recordType}";
 						curl_setopt($ch, CURLOPT_URL, $getHostId);
 						$output = json_decode(curl_exec($ch));
 						$host = $output->result[0]->id;
@@ -801,15 +806,7 @@
 				case 'gratisdns':
 					$needsIP = TRUE;
 					$server = "https://ssl.gratisdns.dk/ddns.phtml";
-					$host = trim($this->_dnsHost);
-					$hostnames = explode(".", $host);
-					$hostnames_count = count($hostnames);
-					if ($hostnames_count > 2) {
-						$domain = $hostnames[$hostnames_count-2] . "." . $hostnames[$hostnames_count-1];
-					} else {
-						$domain = $host;
-					}
-					curl_setopt($ch, CURLOPT_URL, $server . '?u=' . $this->_dnsUser . '&p=' . $this->_dnsPass . '&h=' . $host . '&d=' . $domain . '&i=' . $this->_dnsIP);
+					curl_setopt($ch, CURLOPT_URL, $server . '?u=' . $this->_dnsUser . '&p=' . $this->_dnsPass . '&h=' . $this->_dnsHost . '&d=' . $this->_dnsDomain . '&i=' . $this->_dnsIP);
 					break;
 				case 'ovh-dynhost':
 					$needsIP = FALSE;
diff --git a/src/etc/inc/globals.inc b/src/etc/inc/globals.inc
index f39bf3e..3c7bb45 100644
--- a/src/etc/inc/globals.inc
+++ b/src/etc/inc/globals.inc
@@ -99,7 +99,7 @@ $g = array(
 	"disablecrashreporter" => false,
 	"crashreporterurl" => "https://crashreporter.pfsense.org/crash_reporter.php",
 	"debug" => false,
-	"latest_config" => "15.5",
+	"latest_config" => "15.8",
 	"nopkg_platforms" => array("cdrom"),
 	"minimum_ram_warning" => "101",
 	"minimum_ram_warning_text" => "128 MB",
@@ -241,4 +241,5 @@ $factory_default_checkipservice = array(
 	"descr" => 'Default Check IP Service'
 );
 
+$dyndns_split_domain_types = array("namecheap", "cloudflare", "cloudflare-v6", "gratisdns");
 ?>
diff --git a/src/etc/inc/upgrade_config.inc b/src/etc/inc/upgrade_config.inc
index 27a248f..3bfd6fa 100644
--- a/src/etc/inc/upgrade_config.inc
+++ b/src/etc/inc/upgrade_config.inc
@@ -5002,4 +5002,59 @@ function upgrade_154_to_155() {
 		}
 	}
 }
+
+function upgrade_155_to_156() {
+	// Unused
+}
+
+function upgrade_156_to_157() {
+	global $config;
+	/* Convert Cloudflare and GratisDNS type DynDNS entries to the new split hostname and domain format */
+
+	if (!is_array($config['dyndnses'])) {
+		$config['dyndnses'] = array();
+	}
+	if (!is_array($config['dyndnses']['dyndns'])) {
+		$config['dyndnses']['dyndns'] = array();
+	}
+	$a_dyndns = &$config['dyndnses']['dyndns'];
+
+	foreach ($a_dyndns as &$dyndns) {
+		if (($dyndns['type'] == "cloudflare") || ($dyndns['type'] == "cloudflare-v6") || ($dyndns['type'] == "gratisdns")) {
+			/* Use the old style logic to split the host and domain one last time. */
+			$dparts = explode(".", trim($dyndns['host']));
+			$domain_part_count = ($dparts[count($dparts)-1] == "uk") ? 3 : 2;
+			$domain_offset = count($dparts) - $domain_part_count;
+			$dyndns['host'] = implode(".", array_slice($dparts, 0, $domain_offset));
+			$dyndns['domainname'] = implode(".", array_slice($dparts, $domain_offset));
+		}
+	}
+
+	/* unset old pppoerestart cron job if it exists. redmine 1905 */
+	if (is_array($config['cron']['item'])) {
+		foreach ($config['cron']['item'] as $idx => $cronitem) {
+			if ($cronitem['command'] == "/etc/pppoerestart") {
+				unset($config['cron']['item'][$idx]);
+			}
+		}
+	}
+}
+
+function upgrade_157_to_158() {
+	global $config;
+	/* Convert Dynamic DNS passwords to base64 encoding. Redmine #6688 */
+
+	if (!is_array($config['dyndnses'])) {
+		$config['dyndnses'] = array();
+	}
+	if (!is_array($config['dyndnses']['dyndns'])) {
+		$config['dyndnses']['dyndns'] = array();
+	}
+	$a_dyndns = &$config['dyndnses']['dyndns'];
+
+	foreach ($a_dyndns as &$dyndns) {
+		$dyndns['password'] = base64_encode($dyndns['password']);
+	}
+}
+
 ?>
diff --git a/src/usr/local/www/services_dyndns.php b/src/usr/local/www/services_dyndns.php
index 9dc08a3..5d466ed 100644
--- a/src/usr/local/www/services_dyndns.php
+++ b/src/usr/local/www/services_dyndns.php
@@ -65,10 +65,11 @@ if (!is_array($config['dyndnses']['dyndns'])) {
 }
 
 $a_dyndns = &$config['dyndnses']['dyndns'];
+global $dyndns_split_domain_types;
 
 if ($_GET['act'] == "del") {
 	$conf = $a_dyndns[$_GET['id']];
-	if ($conf['type'] == "namecheap") {
+	if (in_array($conf['type'], $dyndns_split_domain_types)) {
 		$hostname = $conf['host'] . "." . $conf['domainname'];
 	} else {
 		$hostname = $conf['host'];
@@ -128,7 +129,7 @@ display_top_tabs($tab_array);
 <?php
 $i = 0;
 foreach ($a_dyndns as $dyndns):
-	if ($dyndns['type'] == "namecheap") {
+	if (in_array($dyndns['type'], $dyndns_split_domain_types)) {
 		$hostname = $dyndns['host'] . "." . $dyndns['domainname'];
 	} else {
 		$hostname = $dyndns['host'];
diff --git a/src/usr/local/www/services_dyndns_edit.php b/src/usr/local/www/services_dyndns_edit.php
index 13dba5c..8691053 100644
--- a/src/usr/local/www/services_dyndns_edit.php
+++ b/src/usr/local/www/services_dyndns_edit.php
@@ -108,6 +108,7 @@ if (isset($id) && isset($a_dyndns[$id])) {
 }
 
 if ($_POST) {
+	global $dyndns_split_domain_types;
 	unset($input_errors);
 	$pconfig = $_POST;
 
@@ -128,7 +129,7 @@ if ($_POST) {
 		$reqdfieldsn[] = gettext("Password");
 		$reqdfields[] = "username";
 		$reqdfieldsn[] = gettext("Username");
-		if ($pconfig['type'] == "namecheap") {
+		if (in_array($pconfig['type'], $dyndns_split_domain_types)) {
 			$reqdfields[] = "domainname";
 			$reqdfieldsn[] = gettext("Domain name");
 		}
@@ -181,7 +182,7 @@ if ($_POST) {
 		$dyndns['type'] = $_POST['type'];
 		$dyndns['username'] = $_POST['username'];
 		if ($_POST['passwordfld'] != DMYPWD) {
-			$dyndns['password'] = $_POST['passwordfld'];
+			$dyndns['password'] = base64_encode($_POST['passwordfld']);
 		} else {
 			$dyndns['password'] = $a_dyndns[$id]['password'];;
 		}
@@ -334,7 +335,7 @@ $group->setHelp('Enter the complete fully qualified domain name. Example: myhost
 			'he.net tunnelbroker: Enter the tunnel ID.' . '<br />' .
 			'GleSYS: Enter the record ID.' . '<br />' .
 			'DNSimple: Enter only the domain name.' . '<br />' .
-			'Namecheap: Enter the hostname and the domain separately, with the domain being the domain or subdomain zone being handled by Namecheap.');
+			'Namecheap, Cloudflare, GratisDNS: Enter the hostname and the domain separately, with the domain being the domain or subdomain zone being handled by the provider.');
 
 $section->add($group);
 
@@ -491,6 +492,9 @@ events.push(function() {
 				hideInput('ttl', false);
 				break;
 			case "namecheap":
+			case "cloudflare-v6":
+			case "cloudflare":
+			case "gratisdns":
 				hideGroupInput('domainname', false);
 				hideInput('resultmatch', true);
 				hideInput('updateurl', true);
diff --git a/src/usr/local/www/widgets/widgets/dyn_dns_status.widget.php b/src/usr/local/www/widgets/widgets/dyn_dns_status.widget.php
index cbbb005..099b03c 100644
--- a/src/usr/local/www/widgets/widgets/dyn_dns_status.widget.php
+++ b/src/usr/local/www/widgets/widgets/dyn_dns_status.widget.php
@@ -53,6 +53,7 @@
  */
 
 $nocsrf = true;
+global $dyndns_split_domain_types;
 
 require_once("guiconfig.inc");
 require_once("pfsense-utils.inc");
@@ -83,7 +84,7 @@ if ($_REQUEST['getdyndnsstatus']) {
 			echo "|";
 		}
 		$cache_sep = ":";
-		if ($dyndns['type'] == "namecheap") {
+		if (in_array($dyndns['type'], $dyndns_split_domain_types)) {
 			$hostname = $dyndns['host'] . "." . $dyndns['domainname'];
 		} elseif (empty($dyndns['type'])) {
 			/* RFC2136, add some dummy values */
@@ -144,7 +145,7 @@ if ($_REQUEST['getdyndnsstatus']) {
 	<tbody>
 	<?php $dyndnsid = 0; foreach ($all_dyndns as $dyndns):
 
-		if ($dyndns['type'] == "namecheap") {
+		if (in_array($dyndns['type'], $dyndns_split_domain_types)) {
 			$hostname = $dyndns['host'] . "." . $dyndns['domainname'];
 		} elseif (empty($dyndns['type'])) {
 			/* RFC2136, add some dummy values */