diff options
-rwxr-xr-x[-rw-r--r--] | src/etc/inc/auth.inc | 34 | ||||
-rw-r--r-- | src/etc/inc/smtp.inc | 10 | ||||
-rw-r--r-- | src/usr/local/www/firewall_rules.php | 43 | ||||
-rw-r--r-- | src/usr/local/www/firewall_rules_edit.php | 12 | ||||
-rw-r--r-- | src/usr/local/www/pkg_mgr_install.php | 2 |
5 files changed, 75 insertions, 26 deletions
diff --git a/src/etc/inc/auth.inc b/src/etc/inc/auth.inc index fffe84f..4899e4a 100644..100755 --- a/src/etc/inc/auth.inc +++ b/src/etc/inc/auth.inc @@ -360,6 +360,13 @@ function local_backed($username, $passwd) { return false; } + if ($user['bcrypt-hash']) { + if (password_verify($passwd, $user['bcrypt-hash'])) { + return true; + } + } + + //for backwards compatibility if ($user['password']) { if (crypt($passwd, $user['password']) == $user['password']) { return true; @@ -450,7 +457,7 @@ function local_sync_accounts() { function local_user_set(& $user) { global $g, $debug; - if (empty($user['password'])) { + if (empty($user['password']) && empty($user['bcrypt-hash'])) { log_error("There is something wrong in your config because user {$user['name']} password is missing!"); return; } @@ -498,7 +505,11 @@ function local_user_set(& $user) { log_error(sprintf(gettext("Running: %s"), $cmd)); } $fd = popen($cmd, "w"); - fwrite($fd, $user['password']); + if (empty($user['bcrypt-hash'])) { + fwrite($fd, $user['password']); + } else { + fwrite($fd, $user['bcrypt-hash']); + } pclose($fd); $user_group = "wheel"; $user_home = "/root"; @@ -528,7 +539,11 @@ function local_user_set(& $user) { log_error(sprintf(gettext("Running: %s"), $cmd)); } $fd = popen($cmd, "w"); - fwrite($fd, $user['password']); + if (empty($user['bcrypt-hash'])) { + fwrite($fd, $user['password']); + } else { + fwrite($fd, $user['bcrypt-hash']); + } pclose($fd); /* create user directory if required */ @@ -593,8 +608,17 @@ function local_user_del($user) { function local_user_set_password(&$user, $password) { - $user['password'] = crypt($password); - $user['md5-hash'] = md5($password); + unset($user['password']); + unset($user['md5-hash']); + $user['bcrypt-hash'] = password_hash($password, PASSWORD_BCRYPT); + + /* Maintain compatibility with FreeBSD - change $2y$ prefix to $2b$ + * https://reviews.freebsd.org/D2742 + * XXX: Can be removed as soon as r284483 is MFC'd. + */ + if ($user['bcrypt-hash'][2] == "y") { + $user['bcrypt-hash'][2] = "b"; + } // Converts ascii to unicode. $astr = (string) $password; diff --git a/src/etc/inc/smtp.inc b/src/etc/inc/smtp.inc index 2cae8dd..de5522c 100644 --- a/src/etc/inc/smtp.inc +++ b/src/etc/inc/smtp.inc @@ -2,7 +2,7 @@ /* * smtp.php * - * @(#) $Header: /opt2/ena/metal/smtp/smtp.php,v 1.48 2014/11/23 22:45:30 mlemos Exp $ + * @(#) $Header: /opt2/ena/metal/smtp/smtp.php,v 1.50 2016/01/19 00:16:06 mlemos Exp $ * */ @@ -12,7 +12,7 @@ <package>net.manuellemos.smtp</package> - <version>@(#) $Id: smtp.php,v 1.48 2014/11/23 22:45:30 mlemos Exp $</version> + <version>@(#) $Id: smtp.php,v 1.50 2016/01/19 00:16:06 mlemos Exp $</version> <copyright>Copyright (C) Manuel Lemos 1999-2011</copyright> <title>Sending e-mail messages via SMTP protocol</title> <author>Manuel Lemos</author> @@ -261,7 +261,7 @@ class smtp_class <variable> <name>user_agent</name> <type>STRING</type> - <value>SMTP Class (http://www.phpclasses.org/smtpclass $Revision: 1.48 $)</value> + <value>SMTP Class (http://www.phpclasses.org/smtpclass $Revision: 1.50 $)</value> <documentation> <purpose>Set the user agent used when connecting via an HTTP proxy.</purpose> <usage>Change this value only if for some reason you want emulate a @@ -270,7 +270,7 @@ class smtp_class </variable> {/metadocument} */ - var $user_agent='SMTP Class (http://www.phpclasses.org/smtpclass $Revision: 1.48 $)'; + var $user_agent='SMTP Class (http://www.phpclasses.org/smtpclass $Revision: 1.50 $)'; /* {metadocument} @@ -1889,4 +1889,4 @@ class smtp_class */ -?> +?>
\ No newline at end of file diff --git a/src/usr/local/www/firewall_rules.php b/src/usr/local/www/firewall_rules.php index 615f3bc..7c0e9b4 100644 --- a/src/usr/local/www/firewall_rules.php +++ b/src/usr/local/www/firewall_rules.php @@ -528,7 +528,7 @@ for ($i = 0; isset($a_filter[$i]); $i++): $image = ""; if (!isset($filterent['disabled'])) { if ($schedstatus) { - if ($iconfn == "block" || $iconfn == "reject") { + if ($filterent['type'] == "block" || $filterent['type'] == "reject") { $image = "times-circle"; $dispcolor = "text-danger"; $alttext = gettext("Traffic matching this rule is currently being denied"); @@ -539,13 +539,13 @@ for ($i = 0; isset($a_filter[$i]); $i++): } $printicon = true; } else if ($filterent['sched']) { - if ($iconfn == "block" || $iconfn == "reject") { + if ($filterent['type'] == "block" || $filterent['type'] == "reject") { $image = "times-circle"; } else { - $image = "times-circle"; + $image = "play-circle"; } $alttext = gettext("This rule is not currently active because its period has expired"); - $dispcolor = "text-danger"; + $dispcolor = "text-warning"; $printicon = true; } } @@ -745,14 +745,18 @@ events.push(function() { // Check all of the rule checkboxes so that their values are posted $('#order-store').click(function () { - $('[id^=frc]').prop('checked', true); + $('[id^=frc]').prop('checked', true); + + // Save the separator bar configuration + save_separators(); }); - // Separator bar stuff + // Separator bar stuff ------------------------------------------------------------------------ $("#addsep").prop('type' ,'button'); $("#addsep").click(function() { alert("This feature is not yet complete. (Nothing is saved)\nIncluded for review only."); + // Inset a temporary bar in which hte user can enter some optional text $('#ruletable > tbody:last').append('<tr>' + '<td bgcolor="#cce5ff" colspan="10"><input id="newsep" placeholder="<?=gettext("Enter a description, Save, then drag to final location.")?>" class="col-md-12" type="text"></input></td>' + '<td bgcolor="#cce5ff" colspan="2"><button class="btn btn-default btn-sm" id="btnnewsep"><?=gettext("Save")?></button></td>' + @@ -760,22 +764,43 @@ events.push(function() { $("#btnnewsep").prop('type' ,'button'); + // Remove the temporary separator bar and replace it with the final version containing the + // user's text and a delete icon $("#btnnewsep").click(function() { - var septext = $('#newsep').val(); + var septext = escapeHtml($('#newsep').val()); $('#ruletable > tbody:last >tr:last').remove(); $('#ruletable > tbody:last').append('<tr class="ui-sortable-handle">' + '<td bgcolor="#cce5ff" colspan="11">' + '<font color="#002699">' + septext + '</font></td>' + - '<td bgcolor="#cce5ff"><a href="#"><i class="fa fa-trash"></i></a></td>' + + '<td bgcolor="#cce5ff"><a href="#"><i class="fa fa-trash sepdel"></i></a></td>' + '</tr>'); }); }); + // Delete a sepaator row $(function(){ - $('table').on('click','tr a',function(e){ + $('table').on('click','tr a .sepdel',function(e){ e.preventDefault(); $(this).parents('tr').remove(); }); }); + + function save_separators() { + return(true); + } + + //JS equivalent to PHP htmlspecialchars() + function escapeHtml(text) { + var map = { + '&': '&', + '<': '<', + '>': '>', + '"': '"', + "'": ''' + }; + + return text.replace(/[&<>"']/g, function(m) { return map[m]; }); + } + // -------------------------------------------------------------------------------------------- }); //]]> </script> diff --git a/src/usr/local/www/firewall_rules_edit.php b/src/usr/local/www/firewall_rules_edit.php index 3918866..b46a1d8 100644 --- a/src/usr/local/www/firewall_rules_edit.php +++ b/src/usr/local/www/firewall_rules_edit.php @@ -645,22 +645,22 @@ if ($_POST) { if ($_POST['statetype'] == "none") { if (!empty($_POST['max'])) { - $input_errors[] = gettext("You cannot specify the maximum state entries (advanced option) if statetype is none and no L7 container is selected."); + $input_errors[] = gettext("You cannot specify the maximum state entries (advanced option) if statetype is none."); } if (!empty($_POST['max-src-nodes'])) { - $input_errors[] = gettext("You cannot specify the maximum number of unique source hosts (advanced option) if statetype is none and no L7 container is selected."); + $input_errors[] = gettext("You cannot specify the maximum number of unique source hosts (advanced option) if statetype is none."); } if (!empty($_POST['max-src-conn'])) { - $input_errors[] = gettext("You cannot specify the maximum number of established connections per host (advanced option) if statetype is none and no L7 container is selected."); + $input_errors[] = gettext("You cannot specify the maximum number of established connections per host (advanced option) if statetype is none."); } if (!empty($_POST['max-src-states'])) { - $input_errors[] = gettext("You cannot specify the maximum state entries per host (advanced option) if statetype is none and no L7 container is selected."); + $input_errors[] = gettext("You cannot specify the maximum state entries per host (advanced option) if statetype is none."); } if (!empty($_POST['max-src-conn-rate']) || !empty($_POST['max-src-conn-rates'])) { - $input_errors[] = gettext("You cannot specify the maximum new connections per host / per second(s) (advanced option) if statetype is none and no L7 container is selected."); + $input_errors[] = gettext("You cannot specify the maximum new connections per host / per second(s) (advanced option) if statetype is none."); } if (!empty($_POST['statetimeout'])) { - $input_errors[] = gettext("You cannot specify the state timeout (advanced option) if statetype is none and no L7 container is selected."); + $input_errors[] = gettext("You cannot specify the state timeout (advanced option) if statetype is none."); } } diff --git a/src/usr/local/www/pkg_mgr_install.php b/src/usr/local/www/pkg_mgr_install.php index 5958783..6b0876f 100644 --- a/src/usr/local/www/pkg_mgr_install.php +++ b/src/usr/local/www/pkg_mgr_install.php @@ -259,7 +259,7 @@ if ($_GET && $_GET['id'] == "firmware") { $tab_array = array(); if ($firmwareupdate || ($_POST['id'] == "firmware")) { - $pgtitle = array(gettext("System"), gettext("Update"), $headline); + $pgtitle = array(gettext("System"), gettext("Update")); $tab_array[] = array(gettext("System Update"), true, ""); $tab_array[] = array(gettext("Update Settings"), false, "system_update_settings.php"); } else { |