Ticket #318: fix_318-2.diff

debian/postinst

@@ -83 +83 @@
-# Mail server hostname
-DEFAULT_MX=""
-
-
-
-
-
-
+
+
-# quels clients mysql sont permis (%, localhost, etc)
-MYSQL_CLIENT=""
-
@@ -119 +116 @@
-    update_var alternc/ns2 NS2_HOSTNAME
-    update_var alternc/bind_internal BIND_INTERNAL
-    update_var alternc/default_mx DEFAULT_MX 
-    update_var alternc/mysql/host MYSQL_HOST 
-    update_var alternc/mysql/db MYSQL_DATABASE 
-    update_var alternc/mysql/user MYSQL_USER 
-    update_var alternc/mysql/password MYSQL_PASS 
-    update_var alternc/mysql/client MYSQL_CLIENT 
-    update_var alternc/alternc_location ALTERNC_LOC
-    update_var alternc/mynetwork SMTP_RELAY_NETWORKS
-    sed -e "$SED_SCRIPT" < $CONFIGFILE > $CONFIGFILE.tmp
-    mv -f $CONFIGFILE.tmp $CONFIGFILE
-
+    echo "Updating /etc/alternc/mysql.cnf"
+    # build local.sh if it does not exist
+    if [ ! -f $CONFIGFILE ]; then
+        cat > $CONFIGFILE <<EOF
+# AlternC - Web Hosting System - MySQL Configuration
+# Automatically generated by AlternC configuration, do not edit
+# This file will be modified on package configuration
+# (e.g. upgrade or dpkg-reconfigure alternc)
+[client]
+host = ""
+database = ""
+user = ""
+password = ""
+EOF
+        chown root:www-data $CONFIGFILE
+        chmod 640 $CONFIGFILE
+    fi
+
+    # Update the mysql configuration file
+    SED_SCRIPT=""
+    update_var alternc/mysql/host host
+    update_var alternc/mysql/db database
+    update_var alternc/mysql/user user
+    update_var alternc/mysql/password password
+    sed -e "$SED_SCRIPT" < /etc/alternc/mysql.cnf > /etc/alternc/mysql.cnf.$$
+    mv -f /etc/alternc/mysql.cnf.$$ /etc/alternc/mysql.cnf
+
-    # forget the password
-    db_reset alternc/mysql/password || true
-    db_fset alternc/mysql/password "seen" "false" || true

debian/postrm

@@ -15 +15 @@
-
-case "$1" in
-  purge)
-
+mysql.cnf /etc/alternc/
-    rm -f /var/backups/alternc/etc-installed.tar.gz
-
-    # Purge database?

debian/changelog

@@ -1 +1 @@
-alternc (0.9.7+dev) stable; urgency=low UNRELEASED
-
+  * move mysql configuration into a valid MySQL configuration file
+    (/etc/alternc/mysql.cnf). This fixes a serious security issue
+    (#318) where the MySQL root password was passed on the commandline.
-  * standardisation of the web interface, along with some esthetic changes, by
-    Marc Angles, sponsored by Koumbit
-  * styles can now be changed locally in admin/styles/base.css

debian/config

@@ -38 +38 @@
-    # source the current config
-    . /etc/alternc/local.sh
-fi
+if [ -r /etc/alternc/mysql.cnf ]; then
+    # make mysql configuration available as shell variables
+    # to convert from .cnf to shell syntax, we:
+    # * match only lines with "equal" in them (/=/)
+    # * remove whitespace (s)
+    # * convert mysql variables into our MYSQL_ naming convention (;s)
+    # * print the result (;p)
+    # XXX: removing the ws breaks passwords with spaces, which are legal
+    eval `sed -n -e '/=/{s/ //g;s/host/MYSQL_HOST/;s/user/MYSQL_LOGIN/;s/password/MYSQL_PWD/;p}' /etc/alternc/mysql.cnf`
+fi
-
-# mettre les valeurs de local.sh comme "default" pour debconf
-db_get alternc/hostingname

bureau/class/local.php

@@ -22 +22 @@
-}
-
-fclose($config_file);
+
+$config_file = fopen('/etc/alternc/mysql.cnf', 'r');
+while (FALSE !== ($line = fgets($config_file))) {
+    if (ereg('^([A-Za-z0-9_]*) *= *(.*)$', trim($line), $regs)) {
+        switch ($regs[1]) {
+        case "user":
+            $GLOBALS['L_MYSQL_LOGIN'] = $regs[2];
+            break;
+        case "password":
+            $GLOBALS['L_MYSQL_PWD'] = $regs[2];
+            break;
+        case "host":
+            $GLOBALS['L_MYSQL_HOST'] = $regs[2];
+            break;
+        case "database":
+            $GLOBALS['L_MYSQL_DATABASE'] = $regs[2];
+            break;
+        }
+    }
+}
+
+fclose($config_file);

src/basedir_prot.sh

@@ -7 +7 @@
-# dans alternc/html/u/user avec open_base_dir
-
-# ce script a les dépendances suivantes:
-
-
-
+
+
-
-override_d=/var/alternc/apacheconf
-override_f=${override_d}/override_php.conf
@@ -18 +17 @@
-. /etc/alternc/local.sh
-. /usr/lib/alternc/functions.sh
-
-if [ -z "$MYSQL_HOST" ]
-then
-    MYSQL_HOST="localhost"
-fi
-
-echo -n "adding open_base_dir protection for:"
-# boucle sur tous les domaines hébergés, ou sur les arguments de la
-# ligne de commande

src/sqlbackup.sh

@@ -29 +29 @@
-
-set -e
-
-# Get mysql user and password : 
-. /etc/alternc/local.sh
-
-function dobck {
-    local ext
-    local i
@@ -63 +60 @@
-        mv -f "${target_dir}/${db}.sql${ext}" \
-              "${target_dir}/${db}.sql.${i}${ext}" 2>/dev/null || true 
-        if [ "$compressed" -eq 1 ]; then
-h"$MYSQL_HOST" -u"$login" -p"$pass" "$db" 
+-defaults-file=/etc/alternc/mysql-alternc.cnf
-                gzip -c > "${target_dir}/${db}.sql${ext}"
-        else
-h"$MYSQL_HOST" -u"$login" -p"$pass" "$db" 
+-defaults-file=/etc/alternc/mysql-alternc.cnf
-                > "${target_dir}/${db}.sql"
-        fi
-
@@ -83 +80 @@
-    mode=1
-fi
-
-
-
+
-SELECT login, pass, db, bck_history, bck_gzip, bck_dir
-  FROM db
- WHERE bck_mode=$mode;

src/update_domains.sh

@@ -74 +74 @@
-
-. "$CONFIG_FILE"
-
-if [ -z "$MYSQL_HOST" -o -z "$MYSQL_DATABASE" -o -z "$MYSQL_USER" -o \
-     -z "$MYSQL_PASS" -o -z "$DEFAULT_MX" -o -z "$PUBLIC_IP" ]; then
-    echo "Bad configuration. Please use:"
-    echo "   dpkg-reconfigure alternc"
-    exit 1
-fi
-
-if [ -f "$LOCK_FILE" ]; then
-    echo "`date` $0: last cron unfinished or stale lock file." |
-        tee -a "$DOMAIN_LOG_FILE" >&2
@@ -96 +89 @@
-HTTP_DNS="$DATA_ROOT/dns"
-HTML_HOME="$DATA_ROOT/html"
-
-
-
-
-
+
+
-
-########################################################################
-# Functions

src/fixperms.sh

@@ -63 +63 @@
-    done
-}
-
-h"$MYSQL_HOST" -p"$MYSQL_PASS" -u"$MYSQL_USER" "$MYSQL_DATABASE"
+-defaults-file=/etc/alternc/mysql.cnf
-

tools/get_domains_by_account

@@ -74 +74 @@
-# Have to get AlternC conf file :
-! [ -f "$ALTERNC_CONF_FILE" ] && { echo $MISSING_CONF_FILE ; exit 1 ; } || . $ALTERNC_CONF_FILE
-# Must have access to mysql to retreive accounts owning domains :
-
--h$MYSQL_HOST -u$MYSQL_USER -p$MYSQL_PASS -D$MYSQL_DATABASE -e 
- || mysql="$mysql -h$MYSQL_HOST -u$MYSQL_USER -p$MYSQL_PASS -D$MYSQL_DATABASE -B -N -e "
+
+
+
-
-# Does the stuff
-$mysql "select concat(a.sub, if(a.sub=\"\",\"\", \".\"), a.domaine) from sub_domaines a, membres b where a.compte = b.uid and b.login = \"${1}\";"

tools/top_http_users

@@ -168 +168 @@
-# Have to get AlternC conf file :
-[ -f "$ALTERNC_CONF_FILE" ] || { echo $MISSING_CONF_FILE ; exit 1 ; } && . $ALTERNC_CONF_FILE
-# Must have access to mysql to retreive accounts owning domains :
-
-
-
-
+
+
+
-# Prevents executing more than one shell at the same time
-$lockfilecreate --retry 1 $LOCK_FILE
-if [ $? != 0 ]

tools/get_account_by_domain

@@ -75 +75 @@
-[ "$1" = "-h" ] || [ "$1" = "--help" ] && { echo $HELP ; echo $USAGE ; exit 0 ; }
-# Have to get AlternC conf file :
-! [ -f "$ALTERNC_CONF_FILE" ] && { echo $MISSING_CONF_FILE ; exit 1 ; } || . $ALTERNC_CONF_FILE
-
-
-
-
+
+
+
-
-# Does the stuff
-
+-B -N -e 
-
-