tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ent 9154 SSL MySQL console connection

This commit is contained in:
edu.corral 2022-09-14 14:19:47 +02:00
parent 3a1ec66bfb
commit 544f337181
4 changed files with 336 additions and 293 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

530
pandora_console/godmode/setup/setup_general.php
View File

@ -1,4 +1,5 @@
<?php
/**
* General setup.
*
@ -513,8 +514,8 @@ echo '<form id="form_setup" method="post" action="index.php?sec=gsetup&sec2=godm
echo '<fieldset>';
echo '<legend>'.__('General options').'</legend>';
html_print_input_hidden('update_config', 1);
html_print_table($table);
html_print_input_hidden('update_config', 1);
html_print_table($table);
$encryption = [
'ssl' => 'SSL',
@ -528,292 +529,301 @@ echo '</fieldset>';
echo '<fieldset>';
echo '<legend>'.__('Mail configuration').'</legend>';
$table_mail_conf->data[0][0] = ui_print_warning_message(
__(
'Please notice that some providers like Gmail or Office365 need to setup/enable manually external connections using SMTP and you need to use STARTTLS on port 587.
$table_mail_conf->data[0][0] = ui_print_warning_message(
__(
'Please notice that some providers like Gmail or Office365 need to setup/enable manually external connections using SMTP and you need to use STARTTLS on port 587.
If you have manual settings in your pandora_server.conf, please note these settings will ignore this console setup.'
)
);
)
);
$table_mail_conf->data[1][0] = __('From address');
$table_mail_conf->data[1][1] = html_print_input_text(
'email_from_dir',
$config['email_from_dir'],
$table_mail_conf->data[1][0] = __('From address');
$table_mail_conf->data[1][1] = html_print_input_text(
'email_from_dir',
$config['email_from_dir'],
'',
30,
100,
true
);
$table_mail_conf->data[2][0] = __('From name');
$table_mail_conf->data[2][1] = html_print_input_text(
'email_from_name',
$config['email_from_name'],
'',
30,
100,
true
);
$table_mail_conf->data[3][0] = __('SMTP Server');
$table_mail_conf->data[3][1] = html_print_input_text(
'email_smtpServer',
$config['email_smtpServer'],
'',
30,
100,
true
);
$table_mail_conf->data[4][0] = __('SMTP Port');
$table_mail_conf->data[4][1] = html_print_input_text(
'email_smtpPort',
$config['email_smtpPort'],
'',
30,
100,
true
);
$table_mail_conf->data[5][0] = __('Encryption');
$table_mail_conf->data[5][1] = html_print_select(
$encryption,
'email_encryption',
$config['email_encryption'],
'',
__('none'),
0,
true
);
$table_mail_conf->data[6][0] = __('Email user');
$table_mail_conf->data[6][1] = html_print_input_text(
'email_username',
$config['email_username'],
'',
30,
100,
true
);
$table_mail_conf->data[7][0] = __('Email password');
$table_mail_conf->data[7][1] = html_print_input_password(
'email_password',
io_output_password(
$config['email_password']
),
'',
30,
100,
true
);
$table_mail_conf->data[7][1] .= ui_print_reveal_password(
'email_password',
true
);
$uniqid = uniqid();
$table_mail_conf->data[8][0] = html_print_button(
__('Email test'),
'email_test_dialog',
false,
"show_email_test('".$uniqid."');",
'class="sub next"',
true
);
print_email_test_modal_window($uniqid);
html_print_input_hidden('update_config', 1);
html_print_table($table_mail_conf);
echo '</fieldset>';
echo '<fieldset>';
echo '<div class="action-buttons" style="width: '.$table->width.'">';
html_print_submit_button(__('Update'), 'update_button', false, 'class="sub upd"');
echo '</div>';
echo '</form>';
/**
* Print the modal window for the summary of each alerts group
*
* @param string $id Id.
*
* @return void
*/
function print_email_test_modal_window($id)
{
// Email config table.
$table_mail_test = new stdClass();
$table_mail_test->width = '100%';
$table_mail_test->class = 'databox filters';
$table_mail_test->data = [];
$table_mail_test->style[0] = 'font-weight: bold;';
$table_mail_test->style[1] = 'font-weight: bold;display: flex;height: 54px;align-items: center;padding-left: 15px;';
$table_mail_test->data[0][0] = __('Address');
$table_mail_test->data[0][1] = html_print_input_text(
'email_test_address',
'',
30,
'',
35,
100,
true
);
$table_mail_conf->data[2][0] = __('From name');
$table_mail_conf->data[2][1] = html_print_input_text(
'email_from_name',
$config['email_from_name'],
'',
30,
100,
true
);
$table_mail_conf->data[3][0] = __('SMTP Server');
$table_mail_conf->data[3][1] = html_print_input_text(
'email_smtpServer',
$config['email_smtpServer'],
'',
30,
100,
true
);
$table_mail_conf->data[4][0] = __('SMTP Port');
$table_mail_conf->data[4][1] = html_print_input_text(
'email_smtpPort',
$config['email_smtpPort'],
'',
30,
100,
true
);
$table_mail_conf->data[5][0] = __('Encryption');
$table_mail_conf->data[5][1] = html_print_select(
$encryption,
'email_encryption',
$config['email_encryption'],
'',
__('none'),
0,
true
);
$table_mail_conf->data[6][0] = __('Email user');
$table_mail_conf->data[6][1] = html_print_input_text(
'email_username',
$config['email_username'],
'',
30,
100,
true
);
$table_mail_conf->data[7][0] = __('Email password');
$table_mail_conf->data[7][1] = html_print_input_password(
'email_password',
io_output_password(
$config['email_password']
),
'',
30,
100,
true
);
$table_mail_conf->data[7][1] .= ui_print_reveal_password(
'email_password',
true
);
$uniqid = uniqid();
$table_mail_conf->data[8][0] = html_print_button(
__('Email test'),
'email_test_dialog',
$table_mail_test->data[1][0] = html_print_button(
__('Send'),
'email_test',
false,
"show_email_test('".$uniqid."');",
'',
'class="sub next"',
true
);
print_email_test_modal_window($uniqid);
$table_mail_test->data[1][1] = '&nbsp&nbsp<span id="email_test_sent_message" class="invisible"><b>Email sent</b></span><span id="email_test_failure_message" class=invisible"><b>Email could not be sent</b></span>';
html_print_input_hidden('update_config', 1);
html_print_table($table_mail_conf);
echo '<div id="email_test_'.$id.'" title="'.__('Check mail configuration').'" class="invisible">'.html_print_table($table_mail_test, true).'</div>';
}
echo '</fieldset>';
echo '<fieldset>';
echo '<div class="action-buttons" style="width: '.$table->width.'">';
html_print_submit_button(__('Update'), 'update_button', false, 'class="sub upd"');
echo '</div>';
echo '</form>';
/**
* Print the modal window for the summary of each alerts group
*
* @param string $id Id.
*
* @return void
*/
function print_email_test_modal_window($id)
{
// Email config table.
$table_mail_test = new stdClass();
$table_mail_test->width = '100%';
$table_mail_test->class = 'databox filters';
$table_mail_test->data = [];
$table_mail_test->style[0] = 'font-weight: bold;';
$table_mail_test->style[1] = 'font-weight: bold;display: flex;height: 54px;align-items: center;padding-left: 15px;';
$table_mail_test->data[0][0] = __('Address');
$table_mail_test->data[0][1] = html_print_input_text(
'email_test_address',
'',
'',
35,
100,
true
);
$table_mail_test->data[1][0] = html_print_button(
__('Send'),
'email_test',
false,
'',
'class="sub next"',
true
);
$table_mail_test->data[1][1] = '&nbsp&nbsp<span id="email_test_sent_message" class="invisible"><b>Email sent</b></span><span id="email_test_failure_message" class=invisible"><b>Email could not be sent</b></span>';
echo '<div id="email_test_'.$id.'" title="'.__('Check mail configuration').'" class="invisible">'.html_print_table($table_mail_test, true).'</div>';
?>
<script type="text/javascript">
function show_timezone() {
zone = $("#zone").val();
$.ajax({
type: "POST",
url: "ajax.php",
data: "page=<?php echo $_GET['sec2']; ?>&select_timezone=1&zone=" + zone,
dataType: "json",
success: function(data) {
$("#timezone").empty();
jQuery.each(data, function(id, value) {
timezone = value;
$("select[name='timezone']").append($("<option>").val(timezone).html(timezone));
});
}
});
}
function show_email_test(id) {
$('#email_test_sent_message').hide();
$('#email_test_failure_message').hide();
?>
<script type="text/javascript">
function show_timezone () {
zone = $("#zone").val();
$.ajax({
type: "POST",
url: "ajax.php",
data: "page=<?php echo $_GET['sec2']; ?>&select_timezone=1&zone=" + zone,
dataType: "json",
success: function(data) {
$("#timezone").empty();
jQuery.each (data, function (id, value) {
timezone = value;
$("select[name='timezone']").append($("<option>").val(timezone).html(timezone));
});
}
});
}
$("#email_test_" + id).dialog({
resizable: true,
draggable: true,
modal: true,
width: 450,
overlay: {
opacity: 0.5,
background: "black"
}
});
}
function show_email_test(id) {
$('#email_test_sent_message').hide();
$('#email_test_failure_message').hide();
function perform_email_test() {
$('#email_test_sent_message').hide();
$('#email_test_failure_message').hide();
$("#email_test_"+id).dialog({
resizable: true,
draggable: true,
modal: true,
width: 450,
overlay: {
opacity: 0.5,
background: "black"
}
});
}
var test_address = $('#text-email_test_address').val();
params = {
email_smtpServer: $('#text-email_smtpServer').val(),
email_smtpPort: $('#text-email_smtpPort').val(),
email_username: $('#text-email_username').val(),
email_password: $('#password-email_password').val(),
email_encryption: $("#email_encryption option:selected").val(),
email_from_dir: $('#text-email_from_dir').val(),
email_from_name: $('#text-email_from_name').val()
};
function perform_email_test () {
$('#email_test_sent_message').hide();
$('#email_test_failure_message').hide();
var test_address = $('#text-email_test_address').val();
params = {
email_smtpServer : $('#text-email_smtpServer').val(),
email_smtpPort : $('#text-email_smtpPort').val(),
email_username : $('#text-email_username').val(),
email_password : $('#password-email_password').val(),
email_encryption : $( "#email_encryption option:selected" ).val(),
email_from_dir : $('#text-email_from_dir').val(),
email_from_name : $('#text-email_from_name').val()
};
$.ajax({
type: "POST",
url: "ajax.php",
data : {
page: "godmode/setup/setup_general",
test_address: test_address,
params: params
},
dataType: "json",
success: function(data) {
if (parseInt(data) === 1) {
$('#email_test_sent_message').show();
$('#email_test_failure_message').hide();
} else {
$.ajax({
type: "POST",
url: "ajax.php",
data: {
page: "godmode/setup/setup_general",
test_address: test_address,
params: params
},
dataType: "json",
success: function(data) {
if (parseInt(data) === 1) {
$('#email_test_sent_message').show();
$('#email_test_failure_message').hide();
} else {
$('#email_test_failure_message').show();
$('#email_test_sent_message').hide();
}
},
error: function() {
$('#email_test_failure_message').show();
$('#email_test_sent_message').hide();
}
},
error: function() {
$('#email_test_failure_message').show();
$('#email_test_sent_message').hide();
},
});
}
$(document).ready (function () {
$("#zone").attr("hidden", true);
$("#timezone").attr("hidden", true);
$("#change_timezone").click(function () {
$("#zone").attr("hidden", false);
$("#timezone").attr("hidden", false);
});
if ($("input[name=use_cert]").is(':checked')) {
$('#ssl-path-tr').show();
},
});
}
$("input[name=use_cert]").change(function () {
if( $(this).is(":checked") )
$(document).ready(function() {
$("#zone").attr("hidden", true);
$("#timezone").attr("hidden", true);
$("#change_timezone").click(function() {
$("#zone").attr("hidden", false);
$("#timezone").attr("hidden", false);
});
if ($("input[name=use_cert]").is(':checked')) {
$('#ssl-path-tr').show();
}
if ($("input[name=mysql_use_cert]").is(':checked')) {
$('#mysql-ssl-path-tr').show();
}
$("input[name=use_cert]").change(function() {
if ($(this).is(":checked"))
$('#ssl-path-tr').show();
else
$('#ssl-path-tr').hide();
});
$("input[name=mysql_use_cert]").change(function() {
if ($(this).is(":checked"))
$('#mysql-ssl-path-tr').show();
else
$('#mysql-ssl-path-tr').hide();
});
$("input[name=https]").change(function() {
if ($("input[name=https]").prop('checked')) {
$("#dialog").dialog({
modal: true,
width: 500,
buttons: [{
class: 'ui-widget ui-state-default ui-corner-all ui-button-text-only sub upd submit-next',
text: "<?php echo __('OK'); ?>",
click: function() {
$(this).dialog("close");
}
}]
});
}
})
$("input[name=force_public_url]").change(function() {
if ($("input[name=force_public_url]").prop('checked')) {
$("#force_public_url_dialog").dialog({
modal: true,
width: 500,
buttons: [{
class: 'ui-widget ui-state-default ui-corner-all ui-button-text-only sub upd submit-next',
text: "<?php echo __('OK'); ?>",
click: function() {
$(this).dialog("close");
}
}]
});
}
})
$('input#button-email_test').click(perform_email_test);
});
$("input[name=https]").change(function (){
if($("input[name=https]").prop('checked')) {
$("#dialog").dialog({
modal: true,
width: 500,
buttons:[
{
class: 'ui-widget ui-state-default ui-corner-all ui-button-text-only sub upd submit-next',
text: "<?php echo __('OK'); ?>",
click: function(){
$(this).dialog("close");
}
}
]
});
}
})
$("input[name=force_public_url]").change(function (){
if($("input[name=force_public_url]").prop('checked')) {
$("#force_public_url_dialog").dialog({
modal: true,
width: 500,
buttons: [
{
class: 'ui-widget ui-state-default ui-corner-all ui-button-text-only sub upd submit-next',
text: "<?php echo __('OK'); ?>",
click: function(){
$(this).dialog("close");
}
}
]
});
}
})
$('input#button-email_test').click(perform_email_test);
});
</script>

6
pandora_console/include/config.inc.php
View File

@ -1,4 +1,5 @@
<?php
/**
* Configuraton sample file.
*
@ -38,6 +39,11 @@
* $config["homedir"]="/var/www/pandora_console/";
* $config["homeurl"]="/pandora_console/";
* $config["auth"]["scheme"] = "mysql";
*
* This is used to configure MySQL SSL console connection
* $config["dbssl"]=0;
* $config["dbsslcafile"]="/path/ca-cert.pem";
* $config["sslverifyservercert"]=0;
*/
// By default report any error but notices.

77
pandora_console/include/db/mysql.php
View File

@ -31,7 +31,9 @@ function mysql_connect_db(
$user=null,
$pass=null,
$port=null,
$charset=null
$charset=null,
$ssl=null,
$verify=null
) {
global $config;
@ -55,6 +57,14 @@ function mysql_connect_db(
$port = $config['dbport'];
}
if ($ssl === null && (bool) $config['dbssl'] === true) {
$ssl = $config['dbsslcafile'];
}
if ($verify === null && (bool) $config['sslverifyservercert'] === true) {
$verify = 'ignore verify';
}
// Check if mysqli is available
if (!isset($config['mysqli'])) {
$config['mysqli'] = extension_loaded(mysqli);
@ -63,22 +73,39 @@ function mysql_connect_db(
// Non-persistent connection: This will help to avoid mysql errors like "has gone away" or locking problems
// If you want persistent connections change it to mysql_pconnect().
if ($config['mysqli']) {
$connect_id = mysqli_connect($host, $user, $pass, $db, $port);
if (mysqli_connect_errno() > 0) {
include 'general/mysqlerr.php';
return false;
if (empty($ssl)) {
$connect_id = mysqli_connect($host, $user, $pass, $db, $port);
if (mysqli_connect_errno() > 0) {
include 'general/mysqlerr.php';
return false;
}
db_change_cache_id($db, $host);
if (isset($charset)) {
mysqli_set_charset($connect_id, $charset);
}
mysqli_select_db($connect_id, $db);
} else {
$connect_id = mysqli_init();
mysqli_ssl_set($connect_id, null, null, $ssl, null, null);
if ($verify === null) {
mysqli_real_connect($connect_id, $host, $user, $pass, $db, $port, null, MYSQLI_CLIENT_SSL);
} else {
mysqli_real_connect($connect_id, $host, $user, $pass, $db, $port, null, MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT);
}
if (mysqli_connect_errno() > 0) {
include 'general/mysqlerr.php';
return false;
}
}
db_change_cache_id($db, $host);
if (isset($charset)) {
mysqli_set_charset($connect_id, $charset);
}
mysqli_select_db($connect_id, $db);
} else {
$connect_id = @mysql_connect($host.':'.$port, $user, $pass, true);
if (! $connect_id) {
if (!$connect_id) {
return false;
}
@ -117,7 +144,7 @@ function mysql_db_get_all_rows_sql($sql, $search_history_db=false, $cache=true,
$history = false;
// Connect to the history DB
if (! isset($config['history_db_connection']) || $config['history_db_connection'] === false) {
if (!isset($config['history_db_connection']) || $config['history_db_connection'] === false) {
$config['history_db_connection'] = db_connect($config['history_db_host'], $config['history_db_name'], $config['history_db_user'], io_output_password($config['history_db_pass']), $config['history_db_port'], false);
}
@ -142,13 +169,13 @@ function mysql_db_get_all_rows_sql($sql, $search_history_db=false, $cache=true,
}
// Append result to the history DB data
if (! empty($return)) {
if (!empty($return)) {
foreach ($return as $row) {
array_push($history, $row);
}
}
if (! empty($history)) {
if (!empty($history)) {
return $history;
}
@ -240,7 +267,7 @@ function mysql_db_get_row($table, $field_search, $condition, $fields=false, $cac
} else {
if (is_array($fields)) {
$fields = implode(',', $fields);
} else if (! is_string($fields)) {
} else if (!is_string($fields)) {
return false;
}
}
@ -403,7 +430,7 @@ function mysql_db_process_sql($sql, $rettype='affected_rows', $dbconnection='',
$cache = $config['dbcache'];
}
if ($cache && ! empty($sql_cache[$sql_cache['id']][$sql])) {
if ($cache && !empty($sql_cache[$sql_cache['id']][$sql])) {
$retval = $sql_cache[$sql_cache['id']][$sql];
$sql_cache['saved'][$sql_cache['id']]++;
db_add_database_debug_trace($sql);
@ -518,7 +545,7 @@ function mysql_db_process_sql($sql, $rettype='affected_rows', $dbconnection='',
}
}
if (! empty($retval)) {
if (!empty($retval)) {
return $retval;
}
@ -594,7 +621,7 @@ function mysql_encapsule_fields_with_same_name_to_instructions($field)
*/
function mysql_db_get_value_filter($field, $table, $filter, $where_join='AND', $search_history_db=false)
{
if (! is_array($filter) || empty($filter)) {
if (!is_array($filter) || empty($filter)) {
return false;
}
@ -693,7 +720,7 @@ function mysql_db_format_array_where_clause_sql($values, $join='AND', $prefix=fa
{
$fields = [];
if (! is_array($values)) {
if (!is_array($values)) {
return '';
}
@ -863,7 +890,7 @@ function mysql_db_format_array_where_clause_sql($values, $join='AND', $prefix=fa
$i++;
}
return (! empty($query) ? $prefix : '').$query.$group.$order.$limit.$offset;
return (!empty($query) ? $prefix : '').$query.$group.$order.$limit.$offset;
}
@ -945,7 +972,7 @@ function mysql_db_get_row_filter($table, $filter, $fields=false, $where_join='AN
} else {
if (is_array($fields)) {
$fields = implode(',', $fields);
} else if (! is_string($fields)) {
} else if (!is_string($fields)) {
return false;
}
}
@ -995,7 +1022,7 @@ function mysql_db_get_all_rows_filter($table, $filter=[], $fields=false, $where_
$fields = '*';
} else if (is_array($fields)) {
$fields = implode(',', $fields);
} else if (! is_string($fields)) {
} else if (!is_string($fields)) {
return false;
}

16
pandora_console/include/functions_config.php
View File

@ -1,4 +1,5 @@
<?php
/**
* Main configuration of Pandora FMS
*
@ -30,6 +31,7 @@
require_once __DIR__.'/../vendor/autoload.php';
require_once __DIR__.'/functions.php';
enterprise_include_once('include/functions_config.php');
use PandoraFMS\Core\DBMaintainer;
use PandoraFMS\Core\Config;
@ -146,7 +148,7 @@ function config_update_config()
return false;
}
if (! check_acl($config['id_user'], 0, 'PM') && ! is_user_admin($config['id_user'])) {
if (!check_acl($config['id_user'], 0, 'PM') && !is_user_admin($config['id_user'])) {
$config['error_config_update_config'] = [];
$config['error_config_update_config']['correct'] = false;
$config['error_config_update_config']['message'] = __('Failed updated: User is not admin.');
@ -2241,9 +2243,9 @@ function config_process_config()
config_update_value('2Fa_auth', '');
}
/*
* Parse the ACL IP list for access API
*/
/*
* Parse the ACL IP list for access API
*/
$temp_list_ACL_IPs_for_API = [];
if (isset($config['list_ACL_IPs_for_API'])) {
@ -2799,7 +2801,7 @@ function config_process_config()
$temp_ad_adv_perms = $config['ad_adv_perms'];
}
config_update_value('ad_adv_perms', $temp_ad_adv_perms);
config_update_value('ad_adv_perms', $temp_ad_adv_perms);
}
if (!isset($config['ldap_adv_perms'])) {
@ -3399,7 +3401,6 @@ function config_check()
$supervisor = new ConsoleSupervisor(false);
$supervisor->runBasic();
}
}
@ -3424,7 +3425,6 @@ function get_um_url()
}
return $url;
}
@ -3440,7 +3440,7 @@ function config_return_in_bytes($val)
$last = strtolower($val[(strlen($val) - 1)]);
$val = (int) trim($val);
switch ($last) {
// The 'G' modifier is available since PHP 5.1.0.
// The 'G' modifier is available since PHP 5.1.0.
case 'g':
$val *= 1024;
case 'm':