From 134b253e7e589dc291dfc262aaeea5bba20675e3 Mon Sep 17 00:00:00 2001 From: George Liu Date: Sat, 25 Dec 2021 20:42:32 +1000 Subject: [PATCH] update openssl rand password generation routines in 123.09beta01 - correct the openssl rand syntax so it works with either openssl 1.0.x or 1.1.1 as previous syntax and positioning of arguments only worked with openssl 1.0.x and not openssl 1.1.1 --- addons/linfo.sh | 4 ++-- centmin-cli.sh | 2 +- centmin.sh | 2 +- inc/mariadb_submenu.inc | 2 +- inc/memcacheadmin.inc | 4 ++-- inc/mysqlsecure.inc | 2 +- inc/phpinfo.inc | 4 ++-- inc/wpsetup-fastcgi-cache.inc | 10 +++++----- inc/wpsetup.inc | 10 +++++----- inc/zendopcache_install.inc | 4 ++-- inc/zendopcache_upgrade.inc | 8 ++++---- tools/nvwp.sh | 6 +++--- 12 files changed, 29 insertions(+), 29 deletions(-) diff --git a/addons/linfo.sh b/addons/linfo.sh index 1e39cc25..82a1672f 100755 --- a/addons/linfo.sh +++ b/addons/linfo.sh @@ -115,9 +115,9 @@ rm -rf ${LINFOPATH}/config.inc.php ########################################### passp() { -CSALT=$(/usr/bin/openssl rand 6 -base64 | tr -dc 'a-zA-Z0-9') +CSALT=$(/usr/bin/openssl rand -base64 7 | tr -dc 'a-zA-Z0-9') CUSER=$(echo "admin${CSALT}") -CPASS=$(/usr/bin/openssl rand 19 -base64 | tr -dc 'a-zA-Z0-9') +CPASS=$(/usr/bin/openssl rand -base64 21 | tr -dc 'a-zA-Z0-9') if [[ "$(hostname -f 2>&1 | grep -w 'Unknown host')" || "$(hostname -f 2>&1 | grep -w 'service not known')" ]]; then hname=$(hostname) diff --git a/centmin-cli.sh b/centmin-cli.sh index 7d517d56..e7cb1de5 100755 --- a/centmin-cli.sh +++ b/centmin-cli.sh @@ -27,7 +27,7 @@ DT=$(date +"%d%m%y-%H%M%S") branchname='123.09beta01' SCRIPT_MAJORVER='1.2.3' SCRIPT_MINORVER='09' -SCRIPT_INCREMENTVER='773' +SCRIPT_INCREMENTVER='774' SCRIPT_VERSIONSHORT="${branchname}" SCRIPT_VERSION="${SCRIPT_VERSIONSHORT}.b${SCRIPT_INCREMENTVER}" SCRIPT_DATE='24/12/2021' diff --git a/centmin.sh b/centmin.sh index 13e565c5..23bd186c 100755 --- a/centmin.sh +++ b/centmin.sh @@ -27,7 +27,7 @@ DT=$(date +"%d%m%y-%H%M%S") branchname='123.09beta01' SCRIPT_MAJORVER='1.2.3' SCRIPT_MINORVER='09' -SCRIPT_INCREMENTVER='773' +SCRIPT_INCREMENTVER='774' SCRIPT_VERSIONSHORT="${branchname}" SCRIPT_VERSION="${SCRIPT_VERSIONSHORT}.b${SCRIPT_INCREMENTVER}" SCRIPT_DATE='24/12/2021' diff --git a/inc/mariadb_submenu.inc b/inc/mariadb_submenu.inc index 1bcd62ca..a5e2cbd7 100644 --- a/inc/mariadb_submenu.inc +++ b/inc/mariadb_submenu.inc @@ -124,7 +124,7 @@ if [[ "$mysqlroot_reset" = [yY] ]]; then mysqld --skip-grant-tables --skip-networking --user=mysql & mysql -e "FLUSH PRIVILEGES;" fi - NEWMYSQLROOTPASS=$(/usr/bin/openssl rand 21 -base64 | tr -dc 'a-zA-Z0-9') + NEWMYSQLROOTPASS=$(/usr/bin/openssl rand -base64 24 | tr -dc 'a-zA-Z0-9') echo "mysqladmin -u root -p${OLDMYSQLROOTPASS} password $NEWMYSQLROOTPASS" mysqladmin -u root -p${OLDMYSQLROOTPASS} password $NEWMYSQLROOTPASS echo diff --git a/inc/memcacheadmin.inc b/inc/memcacheadmin.inc index 04571c0a..db99f310 100644 --- a/inc/memcacheadmin.inc +++ b/inc/memcacheadmin.inc @@ -54,9 +54,9 @@ sed -i "s/mymemcache-server2:11211/localhost:11212/g" /usr/local/nginx/html/memc fi -CSALT=$(/usr/bin/openssl rand 8 -base64 | tr -dc 'a-zA-Z0-9') +CSALT=$(/usr/bin/openssl rand -base64 10 | tr -dc 'a-zA-Z0-9') memcacheduser=$(echo "memadmin${CSALT}") -memcachedpassword=$(/usr/bin/openssl rand 19 -base64 | tr -dc 'a-zA-Z0-9') +memcachedpassword=$(/usr/bin/openssl rand -base64 21 | tr -dc 'a-zA-Z0-9') echo "" cecho "Setup Memcached Server Admin Login Details for /usr/local/nginx/html/memcache_${N}.php" $boldgreen diff --git a/inc/mysqlsecure.inc b/inc/mysqlsecure.inc index 354bab92..3ef53242 100644 --- a/inc/mysqlsecure.inc +++ b/inc/mysqlsecure.inc @@ -1,5 +1,5 @@ securemysql() { -THEMYSQLPASS=$(/usr/bin/openssl rand 21 -base64 | tr -dc 'a-zA-Z0-9') +THEMYSQLPASS=$(/usr/bin/openssl rand -base64 24 | tr -dc 'a-zA-Z0-9') # mysql -e "DELETE FROM mysql.user WHERE User=""; FLUSH PRIVILEGES;" # mysqladmin -u root password $THEMYSQLPASS diff --git a/inc/phpinfo.inc b/inc/phpinfo.inc index 967991ee..841a7cc2 100644 --- a/inc/phpinfo.inc +++ b/inc/phpinfo.inc @@ -3,9 +3,9 @@ phpiadmin() { # Randomize phpi.php filename NPHP=$(od -vAn -N4 -tx < /dev/urandom) NPHP=$(echo ${NPHP} | sed -e 's/\s//') - PHPISALT=$(/usr/bin/openssl rand 11 -base64 | tr -dc 'a-zA-Z0-9') + PHPISALT=$(/usr/bin/openssl rand -base64 14 | tr -dc 'a-zA-Z0-9') PHPIUSER=$(echo "phpiadmin${PHPISALT}") - PHPIPASS=$(/usr/bin/openssl rand 19 -base64 | tr -dc 'a-zA-Z0-9') + PHPIPASS=$(/usr/bin/openssl rand -base64 21 | tr -dc 'a-zA-Z0-9') echo "" mv /usr/local/nginx/html/phpi.php "/usr/local/nginx/html/${NPHP}_phpi.php" # cecho "Insert Username/Password into /usr/local/nginx/html/${NPHP}_phpi.php file itself" $boldyellow diff --git a/inc/wpsetup-fastcgi-cache.inc b/inc/wpsetup-fastcgi-cache.inc index 434cfd37..c5507aa6 100644 --- a/inc/wpsetup-fastcgi-cache.inc +++ b/inc/wpsetup-fastcgi-cache.inc @@ -146,7 +146,7 @@ fc_installredisserver() { } fc_dbsetup() { - SALT=$(/usr/bin/openssl rand 12 -base64 | tr -dc 'a-zA-Z0-9') + SALT=$(/usr/bin/openssl rand -base64 14 | tr -dc 'a-zA-Z0-9') DBN=$RANDOM DBNB=$RANDOM DBNC=$RANDOM @@ -445,8 +445,8 @@ elif [[ "$SECOND_IP" ]]; then fi fc_wpinstall - WPSALT=$(/usr/bin/openssl rand 19 -base64 | tr -dc 'a-zA-Z0-9') - WPSALTB=$(/usr/bin/openssl rand 11 -base64 | tr -dc 'a-zA-Z0-9') + WPSALT=$(/usr/bin/openssl rand -base64 21 | tr -dc 'a-zA-Z0-9') + WPSALTB=$(/usr/bin/openssl rand -base64 14 | tr -dc 'a-zA-Z0-9') WPN=$RANDOM WPNB=$RANDOM WPADMINUSER="z${WPSALT}wp${WPNB}" @@ -852,8 +852,8 @@ find "/home/nginx/domains/$vhostname" -type d -exec chmod g+s {} \; if [[ "$disablepwdprotect" != [yY] ]]; then # wp-login.php password protection if [[ -f /usr/local/nginx/conf/htpasswd.sh && ! -f /home/nginx/domains/$vhostname/htpasswd_wplogin ]]; then - HTWPLOGINSALT=$(/usr/bin/openssl rand 14 -base64 | tr -dc 'a-zA-Z0-9') - HTWPLOGINSALTB=$(/usr/bin/openssl rand 20 -base64 | tr -dc 'a-zA-Z0-9') + HTWPLOGINSALT=$(/usr/bin/openssl rand -base64 16 | tr -dc 'a-zA-Z0-9') + HTWPLOGINSALTB=$(/usr/bin/openssl rand -base64 23 | tr -dc 'a-zA-Z0-9') HTWPLOGIN=$RANDOM HTWPLOGINB=$RANDOM HTUSER="u${HTWPLOGINSALT}x${HTWPLOGIN}" diff --git a/inc/wpsetup.inc b/inc/wpsetup.inc index a4a17a1f..e36db8b1 100644 --- a/inc/wpsetup.inc +++ b/inc/wpsetup.inc @@ -53,7 +53,7 @@ installredisserver() { } dbsetup() { - SALT=$(/usr/bin/openssl rand 12 -base64 | tr -dc 'a-zA-Z0-9') + SALT=$(/usr/bin/openssl rand -base64 14 | tr -dc 'a-zA-Z0-9') DBN=$RANDOM DBNB=$RANDOM DBNC=$RANDOM @@ -352,8 +352,8 @@ elif [[ "$SECOND_IP" ]]; then fi wpinstall - WPSALT=$(/usr/bin/openssl rand 19 -base64 | tr -dc 'a-zA-Z0-9') - WPSALTB=$(/usr/bin/openssl rand 11 -base64 | tr -dc 'a-zA-Z0-9') + WPSALT=$(/usr/bin/openssl rand -base64 21 | tr -dc 'a-zA-Z0-9') + WPSALTB=$(/usr/bin/openssl rand -base64 14 | tr -dc 'a-zA-Z0-9') WPN=$RANDOM WPNB=$RANDOM WPADMINUSER="z${WPSALT}wp${WPNB}" @@ -753,8 +753,8 @@ find "/home/nginx/domains/$vhostname" -type d -exec chmod g+s {} \; if [[ "$disablepwdprotect" != [yY] ]]; then # wp-login.php password protection if [[ -f /usr/local/nginx/conf/htpasswd.sh && ! -f /home/nginx/domains/$vhostname/htpasswd_wplogin ]]; then - HTWPLOGINSALT=$(/usr/bin/openssl rand 14 -base64 | tr -dc 'a-zA-Z0-9') - HTWPLOGINSALTB=$(/usr/bin/openssl rand 20 -base64 | tr -dc 'a-zA-Z0-9') + HTWPLOGINSALT=$(/usr/bin/openssl rand -base64 16 | tr -dc 'a-zA-Z0-9') + HTWPLOGINSALTB=$(/usr/bin/openssl rand -base64 23 | tr -dc 'a-zA-Z0-9') HTWPLOGIN=$RANDOM HTWPLOGINB=$RANDOM HTUSER="u${HTWPLOGINSALT}x${HTWPLOGIN}" diff --git a/inc/zendopcache_install.inc b/inc/zendopcache_install.inc index 98f2ee10..1a29f92e 100644 --- a/inc/zendopcache_install.inc +++ b/inc/zendopcache_install.inc @@ -12,9 +12,9 @@ gethtpasswdsh else hname=$(hostname -f) fi -OPSALT=$(/usr/bin/openssl rand 10 -base64 | tr -dc 'a-zA-Z0-9') +OPSALT=$(/usr/bin/openssl rand -base64 11 | tr -dc 'a-zA-Z0-9') OPUSER=$(echo "opadmin${OPSALT}") -OPPASS=$(/usr/bin/openssl rand 22 -base64 | tr -dc 'a-zA-Z0-9') +OPPASS=$(/usr/bin/openssl rand -base64 23 | tr -dc 'a-zA-Z0-9') echo "" cecho "Creating htpasswd_opcache user/pass..." $boldyellow diff --git a/inc/zendopcache_upgrade.inc b/inc/zendopcache_upgrade.inc index 5c74dc57..5d330def 100644 --- a/inc/zendopcache_upgrade.inc +++ b/inc/zendopcache_upgrade.inc @@ -12,9 +12,9 @@ gethtpasswdsh else hname=$(hostname -f) fi -OPSALT=$(/usr/bin/openssl rand 10 -base64 | tr -dc 'a-zA-Z0-9') +OPSALT=$(/usr/bin/openssl rand -base64 11 | tr -dc 'a-zA-Z0-9') OPUSER=$(echo "opadmin${OPSALT}") -OPPASS=$(/usr/bin/openssl rand 22 -base64 | tr -dc 'a-zA-Z0-9') +OPPASS=$(/usr/bin/openssl rand -base64 23 | tr -dc 'a-zA-Z0-9') echo "" cecho "Creating htpasswd_opcache user/pass..." $boldyellow @@ -177,9 +177,9 @@ gethtpasswdsh else hname=$(hostname -f) fi -OPSALT=$(/usr/bin/openssl rand 10 -base64 | tr -dc 'a-zA-Z0-9') +OPSALT=$(/usr/bin/openssl rand -base64 11 | tr -dc 'a-zA-Z0-9') OPUSER=$(echo "opadmin${OPSALT}") -OPPASS=$(/usr/bin/openssl rand 22 -base64 | tr -dc 'a-zA-Z0-9') +OPPASS=$(/usr/bin/openssl rand -base64 23 | tr -dc 'a-zA-Z0-9') N=$(od -vAn -N8 -tx < /dev/urandom | sed -e 's/\s//g') if [[ -f /usr/local/nginx/html/opcache.php ]]; then diff --git a/tools/nvwp.sh b/tools/nvwp.sh index 1b86c6be..2b31eedf 100755 --- a/tools/nvwp.sh +++ b/tools/nvwp.sh @@ -306,7 +306,7 @@ cmchkconfig() { } dbsetup() { - SALT=$(/usr/bin/openssl rand 12 -base64 | tr -dc 'a-zA-Z0-9') + SALT=$(/usr/bin/openssl rand -base64 14 | tr -dc 'a-zA-Z0-9') DBN=$RANDOM DBNB=$RANDOM DBNC=$RANDOM @@ -746,8 +746,8 @@ find "/home/nginx/domains/$vhostname" -type d -exec chmod g+s {} \; # wp-login.php password protection if [[ -f /usr/local/nginx/conf/htpasswd.sh && ! -f /home/nginx/domains/$vhostname/htpasswd_wplogin ]]; then - HTWPLOGINSALT=$(/usr/bin/openssl rand 14 -base64 | tr -dc 'a-zA-Z0-9') - HTWPLOGINSALTB=$(/usr/bin/openssl rand 20 -base64 | tr -dc 'a-zA-Z0-9') + HTWPLOGINSALT=$(/usr/bin/openssl rand -base64 16 | tr -dc 'a-zA-Z0-9') + HTWPLOGINSALTB=$(/usr/bin/openssl rand -base64 23 | tr -dc 'a-zA-Z0-9') HTWPLOGIN=$RANDOM HTWPLOGINB=$RANDOM HTUSER="u${HTWPLOGINSALT}x${HTWPLOGIN}"