Merge branch 'temp-here' into db-security

Conflicts:
	lib/common/functions.sh

.gitignore

@@ -70,3 +70,4 @@ packages/FOGService.msi
 packages/clientfiles
 packages/inits
 packages/kernels
+tmp/*

bin/installfog.sh

@@ -601,8 +601,8 @@ while [[ -z $blGo ]]; do
                     configureMySql
                     backupReports
                     configureHttpd
-                    backupDB
                     updateDB
+                    backupDB
                     configureStorage
                     configureDHCP
                     configureTFTPandPXE

lib/common/config.sh

@@ -30,7 +30,7 @@
 [[ -z $sqlserverlist ]] && sqlserverlist="mysql-server mariadb-server mariadb-galera-server MariaDB-server MariaDB-Galera-server"
 command -v systemctl >>$workingdir/error_logs/fog_error_${version}.log 2>&1
 exitcode=$?
-ps -p 1 -o comm= | grep systemd
+ps -p 1 -o comm= | grep systemd >>$workingdir/error_logs/fog_error_${version}.log 2>&1
 bootcode=$?
 [[ $exitcode -eq 0 && $bootcode -eq 0 && -z $systemctl ]] && systemctl="yes"
 if [[ $systemctl == yes ]]; then

lib/common/input.sh

@@ -29,7 +29,7 @@ if [[ $guessdefaults == 1 ]]; then
             ;;
     esac
     allinterfaces=$(getAllNetworkInterfaces)
-    strSuggestedInterface=${allinterfaces[0]}
+    strSuggestedInterface=$(echo ${allinterfaces} | awk '{print $1}')
     if [[ -z $strSuggestedInterface ]]; then
         echo "ERROR: Not able to find a network interface that is up on your system."
         exit 1
@@ -50,8 +50,7 @@ if [[ $guessdefaults == 1 ]]; then
         sed -i '/^$/d' /tmp/nameservers.txt #Delete blank lines from temp file.
         strSuggestedDNS=$(head -n 1 /tmp/nameservers.txt) #Get first DNS Address from the file.
 	rm -f /tmp/nameservers.txt #Cleanup after ourselves.	
-    fi	    
-    strSuggestedSNUser="fogstorage"
+    fi
     strSuggestedHostname=$(hostname -f)
 fi
 displayOSChoices
@@ -251,8 +250,8 @@ case $installtype in
                     ;;
             esac
         done
-	[[ -z $snmysqlhost ]] && snmysqlhost='localhost'
-	[[ -z $snmysqluser ]] && snmysqluser='root'
+        [[ -z $snmysqlhost ]] && snmysqlhost='localhost'
+        [[ -z $snmysqluser ]] && snmysqluser='fogmaster'
         ;;
     [Ss])
         while [[ -z $snmysqlhost ]]; do
@@ -262,6 +261,7 @@ case $installtype in
             echo -n "  runs the web server, dhcp, and tftp.  IP or Hostname: "
             read snmysqlhost
         done
+        strSuggestedSNUser='fogstorage'
         while [[ -z $snmysqluser ]]; do
             snmysqluser=$strSuggestedSNUser
             if [[ -z $autoaccept ]]; then

lib/redhat/config.sh

@@ -33,7 +33,13 @@ case $linuxReleaseName in
         ;;
     *)
         [[ -z $etcconf ]] && etcconf="/etc/httpd/conf.d/fog.conf"
-        [[ -z $packages ]] && packages="curl dhcp gcc gcc-c++ genisoimage gzip httpd lftp m4 make mod_fastcgi mod_ssl mtools mysql mysql-server net-tools nfs-utils php php-cli php-common php-fpm php-gd php-ldap php-mbstring php-mysqlnd php-process syslinux tar tftp-server vsftpd wget xinetd xz-devel"
+        [[ -z $packages ]] && {
+            if [[ $OSVersion -gt 7 ]]; then
+                packages="curl dhcp-server gcc gcc-c++ genisoimage gzip httpd lftp m4 make mod_fastcgi mod_ssl mtools mysql mysql-server net-tools nfs-utils php php-cli php-common php-fpm php-gd php-json php-ldap php-mbstring php-mysqlnd php-process syslinux tar tftp-server vsftpd wget xinetd xz-devel"
+            else
+                packages="curl dhcp gcc gcc-c++ genisoimage gzip httpd lftp m4 make mod_fastcgi mod_ssl mtools mysql mysql-server net-tools nfs-utils php php-cli php-common php-fpm php-gd php-ldap php-mbstring php-mysqlnd php-process syslinux tar tftp-server vsftpd wget xinetd xz-devel"
+            fi
+        }
         command -v dnf >>$workingdir/error_logs/fog_error_${version}.log 2>&1
         if [[ $? -eq 0 ]]; then
             [[ -z $packageinstaller ]] && packageinstaller="dnf -y install"

lib/ubuntu/config.sh

@@ -19,77 +19,83 @@
 [[ -z $repo ]] && repo="php"
 [[ -z $packageQuery ]] && packageQuery="dpkg -l \$x | grep '^ii'"
 if [[ $linuxReleaseName == +(*[Bb][Ii][Aa][Nn]*) ]]; then
-    if [[ $OSVersion -gt 9 ]]; then
-        [[ -z $php_ver || ${php_ver%.*} -lt 7 ]] && php_ver="7.3"
-        [[ -z $php_verAdds ]] && php_verAdds="-$php_ver"
+    if [[ $OSVersion -gt 9  ]]; then
+        [[ -z $php_ver || ${php_ver%.*} -lt 7  ]] && php_ver="7.3"
     elif [[ $OSVersion -gt 8 ]]; then
-        [[ -z $php_ver || ${php_ver%.*} -lt 7 ]] && php_ver="7.0"
-        [[ -z $php_verAdds ]] && php_verAdds="-$php_ver"
+        [[ -z $php_ver || $php_ver -le "7.0" ]] && php_ver="7.0"
     else
         [[ -z $php_ver ]] && php_ver="5"
-        [[ -z $php_verAdds ]] && php_verAdds="-5.6"
     fi
 elif [[ $linuxReleaseName == +(*[Uu][Bb][Uu][Nn][Tt][Uu]*|*[Mm][Ii][Nn][Tt]*) ]]; then
     DEBIAN_FRONTEND=noninteractive apt-get purge -yq sysv-rc-conf >/dev/null 2>&1
-    if [[ -z $php_ver || $php_ver != "7.1" || ( $linuxReleaseName == +(*[Uu][Bb][Uu][Nn][Tt][Uu]*) && $OSVersion -ge 18 ) ]]; then
-        if [[ $autoaccept != yes ]]; then
-            echo " *** Detected a potential need to reinstall apache and php files."
-            echo " *** This will remove the /etc/php* and /etc/apache2* directories"
-            echo " ***  and remove/purge the apache and php files from this system."
-            echo " *** If you're okay with this please type Y, anything else will"
-            echo " ***  continue the installation, but may mean you will need to"
-            echo " ***  remove the files later and make proper changes as "
-            echo " ***  necessary. (Y/N): "
-            read dummy
-        else
-            dummy="y"
+    if [[ $linuxReleaseName == +(*[Uu][Bb][Uu][Nn][Tt][Uu]*) ]]; then
+        libcurl="libcurl3"
+        if [[ $OSVersion -gt 17 ]]; then
+            libcurl="libcurl4"
         fi
-        case $dummy in
-            [Yy])
-                dots "Removing apache and php files"
-                rm -rf /etc/php* /etc/apache2*
-                echo "Done"
-                dots "Stopping web services"
-                [[ $systemctl == yes ]] && systemctl stop apache2 >/dev/null 2>&1 || service apache2 stop >/dev/null 2>&1
-                [[ ! $? -eq 0 ]] && echo "Failed" || echo "Done"
-                dots "Removing the apache and php packages"
-                DEBIAN_FRONTEND=noninteractive apt-get purge -yq 'apache2*' 'php5*' 'php7*' 'libapache*' >/dev/null 2>&1
-                [[ ! $? -eq 0 ]] && echo "Failed" || echo "Done"
-                dots "Resetting our variables to specify php version"
-                if [[ $linuxReleaseName == +(*[Uu][Bb][Uu][Nn][Tt][Uu]*) && $OSVersion -ge 18 ]]; then
-                    php_ver="7.2"
-                    php_verAdds="-7.2"
-                else
-                    php_ver="7.1"
-                    php_verAdds="-7.1"
-                fi
-                phpfpm="php${php_ver}-fpm"
-                phpldap="php${php_ver}-ldap"
-                phpcmd="php"
-                libcurl="libcurl3";
-                [[ $OSVersion -ge 18 ]] && libcurl="libcurl4"
-                x="mysql-server"
-                eval $packageQuery >>$workingdir/error_logs/fog_error_${version}.log 2>&1
-                if [[ $? -eq 0 ]]; then
-                    packages="apache2 build-essential cpp curl g++ gawk gcc genisoimage gzip htmldoc isc-dhcp-server isolinux lftp libapache2-mod-fastcgi libapache2-mod-php${php_ver} libc6 $libcurl liblzma-dev m4 mysql-client mysql-server net-tools nfs-kernel-server openssh-server $phpfpm php-gettext php${php_ver} php${php_ver}-cli php${php_ver}-curl php${php_ver}-gd php${php_ver}-json $phpldap php${php_ver}-mysql php${php_ver}-mysqlnd sysv-rc-conf tar tftpd-hpa tftp-hpa vsftpd wget xinetd zlib1g"
-                else
-                    packages="apache2 build-essential cpp curl g++ gawk gcc genisoimage gzip htmldoc isc-dhcp-server isolinux lftp libapache2-mod-fastcgi libapache2-mod-php${php_ver} libc6 $libcurl liblzma-dev m4 mariadb-client mariadb-server net-tools nfs-kernel-server openssh-server $phpfpm php-gettext php${php_ver} php${php_ver}-cli php${php_ver}-curl php${php_ver}-gd php${php_ver}-json $phpldap php${php_ver}-mysql php${php_ver}-mysqlnd sysv-rc-conf tar tftpd-hpa tftp-hpa vsftpd wget xinetd zlib1g"
-                fi
-                apt-get clean -yq >/dev/null 2>&1
-                echo "Done"
+        case $OSVersion in
+            19)
+                php_ver="7.3"
+                [[ -z $phpfpm ]] && phpfpm="php${php_ver}-fpm"
+                [[ -z $phpldap ]] && phpldap="php${php_ver}-ldap"
+                [[ -z $phpcmd ]] && phpcmd="php"
+                packages="apache2 build-essential cpp curl g++ gawk gcc genisoimage gzip htmldoc isc-dhcp-server isolinux lftp libapache2-mod-fastcgi libapache2-mod-php${php_ver} libc6 $libcurl liblzma-dev m4 mariadb-client mariadb-server net-tools nfs-kernel-server openssh-server $phpfpm php-gettext php${php_ver} php${php_ver}-cli php${php_ver}-curl php${php_ver}-gd php${php_ver}-json $phpldap php${php_ver}-mysql php${php_ver}-mysqlnd tar tftpd-hpa tftp-hpa vsftpd wget xinetd zlib1g"
                 ;;
+            18)
+                php_ver="7.2"
+                [[ -z $phpfpm ]] && phpfpm="php${php_ver}-fpm"
+                [[ -z $phpldap ]] && phpldap="php${php_ver}-ldap"
+                [[ -z $phpcmd ]] && phpcmd="php"
+                packages="apache2 build-essential cpp curl g++ gawk gcc genisoimage gzip htmldoc isc-dhcp-server isolinux lftp libapache2-mod-fastcgi libapache2-mod-php${php_ver} libc6 $libcurl liblzma-dev m4 mariadb-client mariadb-server net-tools nfs-kernel-server openssh-server $phpfpm php-gettext php${php_ver} php${php_ver}-cli php${php_ver}-curl php${php_ver}-gd php${php_ver}-json $phpldap php${php_ver}-mysql php${php_ver}-mysqlnd sysv-rc-conf tar tftpd-hpa tftp-hpa vsftpd wget xinetd zlib1g"
+                ;;
+            *)
+                php_ver="7.1"
+                [[ -z $phpfpm ]] && phpfpm="php${php_ver}-fpm"
+                [[ -z $phpldap ]] && phpldap="php${php_ver}-ldap"
+                [[ -z $phpcmd ]] && phpcmd="php"
+                if [[ -z $php_ver || $php_ver != "7.1" ]]; then
+                    if [[ $autoaccept != yes ]]; then
+                        echo " *** Detected a potential need to reinstall apache and php files."
+                        echo " *** This will remove the /etc/php* and /etc/apache2* directories"
+                        echo " ***  and remove/purge the apache and php files from this system."
+                        echo " *** If you're okay with this please type Y, anything else will"
+                        echo " ***  continue the installation, but may mean you will need to"
+                        echo " ***  remove the files later and make proper changes as "
+                        echo " ***  necessary. (Y/N): "
+                        read dummy
+                    else
+                        dummy="y"
+                    fi
+                    case $dummy in
+                        [Yy])
+                            dots "Removing apache and php files"
+                            rm -rf /etc/php* /etc/apache2*
+                            echo "Done"
+                            dots "Stopping web services"
+                            if [[ $systemctl == yes ]]; then
+                                systemctl is-active --quiet apache2 && systemctl stop apache2 >/dev/null 2>&1 || true
+                            fi
+                            [[ ! $? -eq 0 ]] && echo "Failed" || echo "Done"
+                            dots "Removing the apache and php packages"
+                            DEBIAN_FRONTEND=noninteractive apt-get purge -yq 'apache2*' 'php5*' 'php7*' 'libapache*' >/dev/null 2>&1
+                            [[ ! $? -eq 0 ]] && echo "Failed" || echo "Done"
+                            apt-get clean -yq >/dev/null 2>&1
+                            ;;
+                    esac
+                fi
         esac
     fi
 else
     [[ -z $php_ver ]] && php_ver=5
-    [[ -z $php_verAdds ]] && php_verAdds="-5.6"
 fi
+[[ -z $php_verAdds ]] && php_verAdds="-${php_ver}"
+[[ $php_ver == 5 ]] && php_verAdds="-5.6"
 [[ $php_ver != 5 ]] && phpcmd="php" || phpcmd="php5"
 [[ -z $phpfpm ]] && phpfpm="php${php_ver}-fpm"
+[[ -z $phpldap ]] && phpldap="php${php_ver}-ldap"
+[[ -z $phpcmd ]] && phpcmd="php"
 case $linuxReleaseName in
     *[Uu][Bb][Uu][Nn][Tt][Uu]*|*[Bb][Ii][Aa][Nn]*|*[Mm][Ii][Nn][Tt]*)
-        libcurl="libcurl3";
-        [[ $OSVersion -ge 18 || ( $linuxReleaseName == +(*[Bb][Ii][Aa][Nn]*) && $OSVersion -ge 10 ) ]] && libcurl="libcurl4"
         [[ -z $packages ]] && packages="apache2 build-essential cpp curl g++ gawk gcc genisoimage gzip htmldoc isc-dhcp-server isolinux lftp libapache2-mod-fastcgi libapache2-mod-php${php_ver} libc6 $libcurl liblzma-dev m4 mariadb-client mariadb-server net-tools nfs-kernel-server openssh-server $phpfpm php-gettext php${php_ver} php${php_ver}-cli php${php_ver}-curl php${php_ver}-gd php${php_ver}-json $phpldap php${php_ver}-mysql php${php_ver}-mysqlnd sysv-rc-conf tar tftpd-hpa tftp-hpa vsftpd wget xinetd zlib1g"
         [[ -z $packageinstaller ]] && packageinstaller="apt-get -yq install -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold"
         [[ -z $packagelist ]] && packagelist="apt-cache pkgnames | grep"

packages/web/commons/schema.php

@@ -751,8 +751,6 @@
     "UPDATE `schemaVersion` set vValue = '15'",
 );
 // 16
-$fogstoragenodeuser = "fogstorage";
-$fogstoragenodepass = "fs".rand(1000, 100000000000);
 $this->schema[] = array(
     "ALTER TABLE `tasks` ADD COLUMN `taskBPM` varchar(250) NOT NULL AFTER "
     . "`taskPCT`, ADD COLUMN `taskTimeElapsed` varchar(250) NOT NULL AFTER "
@@ -841,13 +839,12 @@
     . "VALUES "
     . "('FOG_STORAGENODE_MYSQLUSER','This setting defines the username "
     . "the storage nodes should use to connect to the fog server.',"
-    . "'$fogstoragenodeuser','FOG Storage Nodes'),"
-    . "('FOG_STORAGENODE_MYSQLPASS','This setting defines the password "
+    . "'fogstorage','FOG Storage Nodes')",
+    "INSERT IGNORE INTO `globalSettings` "
+    . "(`settingKey`,`settingDesc`,`settingValue`,`settingCategory`) "
+    . "SELECT 'FOG_STORAGENODE_MYSQLPASS','This setting defines the password "
     . "the storage nodes should use to connect to the fog server.',"
-    . "'$fogstoragenodepass','FOG Storage Nodes')",
-    "GRANT ALL ON `"
-    . DATABASE_NAME
-    . "`.* TO '$fogstoragenodeuser'@'%' IDENTIFIED BY '$fogstoragenodepass'",
+    . "`sPass`,'FOG Storage Nodes' FROM storageInfo",
     "UPDATE `schemaVersion` set `vValue`='16'",
 );
 // 17
@@ -2833,7 +2830,7 @@
 // 186
 $this->schema[] = array(
     "DELETE FROM `globalSettings` WHERE `settingKey`='FOG_NEW_CLIENT'",
-    "ALTER TABLE .`hosts` ADD COLUMN `hostADPassLegacy` LONGTEXT AFTER `hostADPass`",
+    "ALTER TABLE `hosts` ADD COLUMN `hostADPassLegacy` LONGTEXT AFTER `hostADPass`",
     "UPDATE `globalSettings` SET "
     . "`settingDesc`='This setting defines the default value "
     . "to populate the hosts Active Directory password value "

packages/web/lib/client/snapinclient.class.php

@@ -162,6 +162,11 @@ public function json()
                             continue;
                         }
                     }
+                    $location = sprintf(
+                        'http://%s/%s',
+                        $StorageNode->get('ip'),
+                        $StorageNode->get('webroot')
+                    );
                     $path = sprintf(
                         '/%s',
                         trim($StorageNode->get('snapinpath'), '/')

packages/web/lib/fog/fogbase.class.php

@@ -1539,10 +1539,16 @@ public static function aesdecrypt(
             return $encdata;
         }
         $data = explode('|', $encdata);
-        $iv = pack('H*', $data[0]);
-        $encoded = pack('H*', $data[1]);
+        if ($iv = pack('H*', $data[0])) {
+            return '';
+        }
+        if ($encoded != pack('H*', $data[1])) {
+            return '';
+        }
         if (!$key && $data[2]) {
-            $key = pack('H*', $data[2]);
+            if ($key != pack('H*', $data[2])) {
+                return '';
+            }
         }
         if (empty($key)) {
             return '';

packages/web/lib/fog/fogcontroller.class.php

@@ -307,7 +307,7 @@ public function add($key, $value)
                 print_r($value, 1)
             );
             self::info($msg);
-            if (!is_array($this->data[$key])) {
+            if (isset($this->data[$key]) && !is_array($this->data[$key])) {
                 $this->data[$key] = array($this->data[$key]);
             }
             $this->data[$key][] = $value;