Skip to content

Commit

Permalink
MDL-51261 admin: Support upgrade key requirement on the site upgrade
Browse files Browse the repository at this point in the history 
The upgrade key can be defined in the main config.php as
$CFG->upgradekey.  If it is defined there, then its value must be
provided every time the site is being upgraded, regardless the
administrator is logged in or not.
  • Loading branch information
@mudrd8mz
mudrd8mz committed Sep 24, 2015
1 parent a277654 commit 98b32c9
Show file tree
Hide file tree
Showing 5 changed files with 101 additions and 15 deletions.
35 changes: 27 additions & 8 deletions admin/index.php
View file
Expand Up @@ -54,6 +54,16 @@

define('NO_OUTPUT_BUFFERING', true);

if (isset($_POST['upgradekey'])) {
// Before you start reporting issues about the collision attacks against
// SHA-1, you should understand that we are not actually attempting to do
// any cryptography here. This is hashed purely so that the key is not
// that apparent in the address bar itself. Anyone who catches the HTTP
// traffic can immediately use it as a valid admin key.
header('Location: index.php?cache=0&upgradekeyhash='.sha1($_POST['upgradekey']));
die();
}

if ((isset($_GET['cache']) and $_GET['cache'] === '0')
or (isset($_POST['cache']) and $_POST['cache'] === '0')
or (!isset($_POST['cache']) and !isset($_GET['cache']) and empty($_GET['sesskey']) and empty($_POST['sesskey']))) {
Expand Down Expand Up @@ -95,10 +105,14 @@
$agreelicense = optional_param('agreelicense', 0, PARAM_BOOL);
$fetchupdates = optional_param('fetchupdates', 0, PARAM_BOOL);
$newaddonreq = optional_param('installaddonrequest', null, PARAM_RAW);
$upgradekeyhash = optional_param('upgradekeyhash', null, PARAM_ALPHANUM);

// Set up PAGE.
$url = new moodle_url('/admin/index.php');
$url->param('cache', $cache);
if (isset($upgradekeyhash)) {
$url->param('upgradekeyhash', $upgradekeyhash);
}
$PAGE->set_url($url);
unset($url);

Expand Down Expand Up @@ -203,7 +217,7 @@
$PAGE->set_heading($strinstallation . ' - Moodle ' . $CFG->target_release);

$output = $PAGE->get_renderer('core', 'admin');
$url = new moodle_url('/admin/index.php', array('agreelicense' => 1, 'confirmrelease' => 1, 'lang' => $CFG->lang));
$url = new moodle_url($PAGE->url, array('agreelicense' => 1, 'confirmrelease' => 1, 'lang' => $CFG->lang));
echo $output->unsatisfied_dependencies_page($version, $failed, $url);
die();
}
Expand Down Expand Up @@ -253,11 +267,13 @@
// Detect config cache inconsistency, this happens when you switch branches on dev servers.
if ($CFG->version != $DB->get_field('config', 'value', array('name'=>'version'))) {
purge_all_caches();
redirect(new moodle_url('/admin/index.php'), 'Config cache inconsistency detected, resetting caches...');
redirect(new moodle_url($PAGE->url), 'Config cache inconsistency detected, resetting caches...');
}

if (!$cache and $version > $CFG->version) { // upgrade

check_upgrade_key($upgradekeyhash);

// Warning about upgrading a test site.
$testsite = false;
if (defined('BEHAT_SITE_RUNNING')) {
Expand Down Expand Up @@ -318,7 +334,7 @@
$PAGE->set_heading($strplugincheck);
$PAGE->set_cacheable(false);

$reloadurl = new moodle_url('/admin/index.php', array('confirmupgrade' => 1, 'confirmrelease' => 1, 'cache' => 0));
$reloadurl = new moodle_url($PAGE->url, array('confirmupgrade' => 1, 'confirmrelease' => 1, 'cache' => 0));

if ($fetchupdates) {
// No sesskey support guaranteed here, because sessions might not work yet.
Expand All @@ -342,15 +358,15 @@
}

echo $output->upgrade_plugin_check_page(core_plugin_manager::instance(), \core\update\checker::instance(),
$version, $showallplugins, $reloadurl,
new moodle_url('/admin/index.php', array('confirmupgrade'=>1, 'confirmrelease'=>1, 'confirmplugincheck'=>1, 'cache'=>0)));
$version, $showallplugins, $reloadurl, new moodle_url($PAGE->url, array(
'confirmupgrade' => 1, 'confirmrelease' => 1, 'confirmplugincheck' => 1, 'cache' => 0)));
die();

} else {
// Always verify plugin dependencies!
$failed = array();
if (!core_plugin_manager::instance()->all_plugins_ok($version, $failed)) {
$reloadurl = new moodle_url('/admin/index.php', array('confirmupgrade' => 1, 'confirmrelease' => 1, 'cache' => 0));
$reloadurl = new moodle_url($PAGE->url, array('confirmupgrade' => 1, 'confirmrelease' => 1, 'cache' => 0));
echo $output->unsatisfied_dependencies_page($version, $failed, $reloadurl);
die();
}
Expand All @@ -374,6 +390,9 @@
}

if (!$cache and moodle_needs_upgrading()) {

check_upgrade_key($upgradekeyhash);

if (!$PAGE->headerprinted) {
// means core upgrade or installation was not already done

Expand Down Expand Up @@ -413,7 +432,7 @@
echo $output->upgrade_plugin_check_page(core_plugin_manager::instance(), \core\update\checker::instance(),
$version, $showallplugins,
new moodle_url($PAGE->url),
new moodle_url('/admin/index.php', array('confirmplugincheck'=>1, 'cache'=>0)));
new moodle_url($PAGE->url, array('confirmplugincheck' => 1, 'cache' => 0)));
die();
}

Expand All @@ -422,7 +441,7 @@
if (!core_plugin_manager::instance()->all_plugins_ok($version, $failed)) {
/** @var core_admin_renderer $output */
$output = $PAGE->get_renderer('core', 'admin');
$reloadurl = new moodle_url('/admin/index.php', array('cache' => 0));
$reloadurl = new moodle_url($PAGE->url, array('cache' => 0));
echo $output->unsatisfied_dependencies_page($version, $failed, $reloadurl);
die();
}
Expand Down
39 changes: 32 additions & 7 deletions admin/renderer.php
View file
Expand Up @@ -43,7 +43,8 @@ public function install_licence_page() {
$copyrightnotice = text_to_html(get_string('gpl3'));
$copyrightnotice = str_replace('target="_blank"', 'onclick="this.target=\'_blank\'"', $copyrightnotice); // extremely ugly validation hack

$continue = new single_button(new moodle_url('/admin/index.php', array('lang'=>$CFG->lang, 'agreelicense'=>1)), get_string('continue'), 'get');
$continue = new single_button(new moodle_url($this->page->url, array(
'lang' => $CFG->lang, 'agreelicense' => 1)), get_string('continue'), 'get');

$output .= $this->header();
$output .= $this->heading('<a href="http://moodle.org">Moodle</a> - Modular Object-Oriented Dynamic Learning Environment');
Expand Down Expand Up @@ -96,10 +97,11 @@ public function install_environment_page($maturity, $envstatus, $environment_res
$output .= $this->environment_check_table($envstatus, $environment_results);

if (!$envstatus) {
$output .= $this->upgrade_reload(new moodle_url('/admin/index.php', array('agreelicense' => 1, 'lang' => $CFG->lang)));
$output .= $this->upgrade_reload(new moodle_url($this->page->url, array('agreelicense' => 1, 'lang' => $CFG->lang)));
} else {
$output .= $this->notification(get_string('environmentok', 'admin'), 'notifysuccess');
$output .= $this->continue_button(new moodle_url('/admin/index.php', array('agreelicense'=>1, 'confirmrelease'=>1, 'lang'=>$CFG->lang)));
$output .= $this->continue_button(new moodle_url($this->page->url, array(
'agreelicense' => 1, 'confirmrelease' => 1, 'lang' => $CFG->lang)));
}

$output .= $this->footer();
Expand Down Expand Up @@ -140,7 +142,7 @@ public function unsatisfied_dependencies_page($version, array $failed, moodle_ur
public function upgrade_confirm_page($strnewversion, $maturity, $testsite) {
$output = '';

$continueurl = new moodle_url('/admin/index.php', array('confirmupgrade' => 1, 'cache' => 0));
$continueurl = new moodle_url($this->page->url, array('confirmupgrade' => 1, 'cache' => 0));
$continue = new single_button($continueurl, get_string('continue'), 'get');
$cancelurl = new moodle_url('/admin/index.php');

Expand Down Expand Up @@ -170,7 +172,7 @@ public function upgrade_environment_page($release, $envstatus, $environment_resu
$output .= $this->environment_check_table($envstatus, $environment_results);

if (!$envstatus) {
$output .= $this->upgrade_reload(new moodle_url('/admin/index.php'), array('confirmupgrade' => 1, 'cache' => 0));
$output .= $this->upgrade_reload(new moodle_url($this->page->url, array('confirmupgrade' => 1, 'cache' => 0)));

} else {
$output .= $this->notification(get_string('environmentok', 'admin'), 'notifysuccess');
Expand All @@ -179,7 +181,8 @@ public function upgrade_environment_page($release, $envstatus, $environment_resu
$output .= $this->box(get_string('langpackwillbeupdated', 'admin'), 'generalbox', 'notice');
}

$output .= $this->continue_button(new moodle_url('/admin/index.php', array('confirmupgrade' => 1, 'confirmrelease' => 1, 'cache' => 0)));
$output .= $this->continue_button(new moodle_url($this->page->url, array(
'confirmupgrade' => 1, 'confirmrelease' => 1, 'cache' => 0)));
}

$output .= $this->footer();
Expand Down Expand Up @@ -991,7 +994,7 @@ public function plugins_check_table(core_plugin_manager $pluginman, $version, ar
$out = $this->output->container_start('nonehighlighted', 'plugins-check-info');
$out .= $this->output->heading(get_string('nonehighlighted', 'core_plugin'));
if (empty($options['full'])) {
$out .= html_writer::link(new moodle_url('/admin/index.php',
$out .= html_writer::link(new moodle_url($this->page->url,
array('confirmupgrade' => 1, 'confirmrelease' => 1, 'showallplugins' => 1, 'cache' => 0)),
get_string('nonehighlightedinfo', 'core_plugin'));
}
Expand Down Expand Up @@ -1572,4 +1575,26 @@ public function environment_check_table($result, $environment_results) {

return $output;
}

/**
* Render a simple page for providing the upgrade key.
*
* @param moodle_url|string $url
* @return string
*/
public function upgradekey_form_page($url) {

$output = '';
$output .= $this->header();
$output .= $this->container_start('upgradekeyreq');
$output .= $this->heading(get_string('upgradekeyreq', 'core_admin'));
$output .= html_writer::start_tag('form', array('method' => 'POST', 'action' => $url));
$output .= html_writer::empty_tag('input', array('name' => 'upgradekey', 'type' => 'password'));
$output .= html_writer::empty_tag('input', array('value' => get_string('submit'), 'type' => 'submit'));
$output .= html_writer::end_tag('form');
$output .= $this->container_end();
$output .= $this->footer();

return $output;
}
}
12 changes: 12 additions & 0 deletions config-dist.php
View file
Expand Up @@ -530,6 +530,18 @@
// any icon inside the pix/f folder. You can also set the customdescription field
// (shown above) and (for advanced use) the groups, string, and defaulticon fields.
//
// Upgrade key
//
// If the upgrade key is defined here, then the value must be provided every
// time the site is being upgraded, regardless the administrator is logged in
// or not. This prevents from anonymous access to the upgrade screens where the
// real authentication and authorization mechanisms must not be relied on.
//
// It is strongly recommended to use a value different from your real account
// password.
//
// $CFG->upgradekey = 'put_some_password-like_value_here';
//
//=========================================================================
// 7. SETTINGS FOR DEVELOPMENT SERVERS - not intended for production use!!!
//=========================================================================
Expand Down
1 change: 1 addition & 0 deletions lang/en/admin.php
View file
Expand Up @@ -1105,6 +1105,7 @@
$string['upgradeerror'] = 'Unknown error upgrading {$a->plugin} to version {$a->version}, can not continue.';
$string['upgradeforumread'] = 'A new feature has been added in Moodle 1.5 to track read/unread forum posts.<br />To use this functionality you need to <a href="{$a}">update your tables</a>.';
$string['upgradeforumreadinfo'] = 'A new feature has been added in Moodle 1.5 to track read/unread forum posts. To use this functionality you need to update your tables with all the tracking information for existing posts. Depending on the size of your site this can take a long time (hours) and can be quite taxing on the database, so it\'s best to do it during a quiet period. However, your site will continue functioning during this upgrade and users won\'t be affected. Once you start this process you should let it finish (keep your browser window open). However, if you stop the process by closing the window: don\'t worry, you can start over.<br /><br />Do you want to start the upgrading process now?';
$string['upgradekeyreq'] = 'Upgrade key required';
$string['upgradelogs'] = 'For full functionality, your old logs need to be upgraded. <a href="{$a}">More information</a>';
$string['upgradelogsinfo'] = 'Some changes have recently been made in the way logs are stored. To be able to view all of your old logs on a per-activity basis, your old logs need to be upgraded. Depending on your site this can take a long time (eg several hours) and can be quite taxing on the database for large sites. Once you start this process you should let it finish (by keeping the browser window open). Don\'t worry - your site will work fine for other people while the logs are being upgraded.<br /><br />Do you want to upgrade your logs now?';
$string['upgradesettings'] = 'New settings';
Expand Down
29 changes: 29 additions & 0 deletions lib/upgradelib.php
View file
Expand Up @@ -2342,3 +2342,32 @@ function upgrade_minmaxgrade() {
}
$rs->close();
}


/**
* Assert the upgrade key is provided, if it is defined.
*
* The upgrade key can be defined in the main config.php as $CFG->upgradekey. If
* it is defined there, then its value must be provided every time the site is
* being upgraded, regardless the administrator is logged in or not.
*
* This is supposed to be used at certain places in /admin/index.php only.
*
* @param string|null $upgradekeyhash the SHA-1 of the value provided by the user
*/
function check_upgrade_key($upgradekeyhash) {
global $CFG, $PAGE;

if (isset($CFG->config_php_settings['upgradekey'])) {
if ($upgradekeyhash === null or $upgradekeyhash !== sha1($CFG->config_php_settings['upgradekey'])) {
if (!$PAGE->headerprinted) {
$output = $PAGE->get_renderer('core', 'admin');
echo $output->upgradekey_form_page(new moodle_url('/admin/index.php', array('cache' => 0)));
die();
} else {
// This should not happen.
die('Upgrade locked');
}
}
}
}

0 comments on commit 98b32c9

Please sign in to comment.