Skip to content
Snippets Groups Projects
Commit 8c2008dc authored by Jesse Norell's avatar Jesse Norell
Browse files

fix $app->system-> calls in system/ but not interface/

parent de80006a
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
interface/lib/classes/functions.inc.php
+ 4
3
View file @ 8c2008dc
...@@ -472,15 +472,16 @@ class functions { ...@@ -472,15 +472,16 @@ class functions {
global $app; global $app;
// generate the SSH key pair for the client // generate the SSH key pair for the client
$app->system->exec_safe('mktemp -dt id_rsa.XXXXXXXX'); if (! $tmpdir = $app->system->exec_safe('mktemp -dt id_rsa.XXXXXXXX')) {
$tmpdir = $app->system->last_exec_out(); $app->log("mktemp failed, cannot create SSH keypair for ".$username, LOGLEVEL_WARN);
}
$id_rsa_file = $tmpdir . uniqid('',true); $id_rsa_file = $tmpdir . uniqid('',true);
$id_rsa_pub_file = $id_rsa_file.'.pub'; $id_rsa_pub_file = $id_rsa_file.'.pub';
if(file_exists($id_rsa_file)) unset($id_rsa_file); if(file_exists($id_rsa_file)) unset($id_rsa_file);
if(file_exists($id_rsa_pub_file)) unset($id_rsa_pub_file); if(file_exists($id_rsa_pub_file)) unset($id_rsa_pub_file);
if(!file_exists($id_rsa_file) && !file_exists($id_rsa_pub_file)) { if(!file_exists($id_rsa_file) && !file_exists($id_rsa_pub_file)) {
$app->system->exec_safe('ssh-keygen -t rsa -C ? -f ? -N ""', $username.'-rsa-key-'.time(), $id_rsa_file); $app->system->exec_safe('ssh-keygen -t rsa -C ? -f ? -N ""', $username.'-rsa-key-'.time(), $id_rsa_file);
$app->db->query("UPDATE client SET created_at = UNIX_TIMESTAMP(), id_rsa = ?, ssh_rsa = ? WHERE client_id = ?", $app->system->file_get_contents($id_rsa_file), $app->system->file_get_contents($id_rsa_pub_file), $client_id); $app->db->query("UPDATE client SET created_at = UNIX_TIMESTAMP(), id_rsa = ?, ssh_rsa = ? WHERE client_id = ?", @file_get_contents($id_rsa_file), @file_get_contents($id_rsa_pub_file), $client_id);
$app->system->rmdir($tmpdir, true); $app->system->rmdir($tmpdir, true);
} else { } else {
$app->log("Failed to create SSH keypair for ".$username, LOGLEVEL_WARN); $app->log("Failed to create SSH keypair for ".$username, LOGLEVEL_WARN);
......
interface/lib/classes/system.inc.php
+ 26
0
View file @ 8c2008dc
...@@ -79,6 +79,32 @@ class system { ...@@ -79,6 +79,32 @@ class system {
return false; return false;
} }
function rmdir($path, $recursive=false) {
// Disallow operating on root directory
if(realpath($path) == '/') {
$app->log("rmdir: afraid I might delete root: $path", LOGLEVEL_WARN);
return false;
}
$path = rtrim($path, '/');
if (is_dir($path) && !is_link($path)) {
$objects = array_diff(scandir($path), array('.', '..'));
foreach ($objects as $object) {
if ($recursive) {
if (is_dir("$path/$object") && !is_link("$path/$object")) {
$this->rmdir("$path/$object", $recursive);
} else {
unlink ("$path/$object");
}
} else {
$app->log("rmdir: invoked non-recursive, not removing $path (expect rmdir failure)", LOGLEVEL_DEBUG);
}
}
return rmdir($path);
}
return false;
}
public function last_exec_out() { public function last_exec_out() {
return $this->_last_exec_out; return $this->_last_exec_out;
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment