parent
1abbc187e9
commit
0b4c35c58e
|
@ -266,7 +266,7 @@ class MonitorsController extends AppController {
|
||||||
if ( $mToken ) {
|
if ( $mToken ) {
|
||||||
$auth = ' -T '.$mToken;
|
$auth = ' -T '.$mToken;
|
||||||
} else if ( ZM_AUTH_RELAY == 'hashed' ) {
|
} else if ( ZM_AUTH_RELAY == 'hashed' ) {
|
||||||
$auth = ' -A '.generateAuthHash(ZM_AUTH_HASH_IPS);
|
$auth = ' -A '.calculateAuthHash(ZM_AUTH_HASH_IPS?$_SERVER['REMOTE_ADDR']:'');
|
||||||
} else if ( ZM_AUTH_RELAY == 'plain' ) {
|
} else if ( ZM_AUTH_RELAY == 'plain' ) {
|
||||||
# Plain requires the plain text password which must either be in request or stored in session
|
# Plain requires the plain text password which must either be in request or stored in session
|
||||||
$password = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass');;
|
$password = $this->request->query('pass') ? $this->request->query('pass') : $this->request->data('pass');;
|
||||||
|
@ -290,12 +290,19 @@ class MonitorsController extends AppController {
|
||||||
}
|
}
|
||||||
|
|
||||||
$shellcmd = escapeshellcmd(ZM_PATH_BIN."/zmu $verbose -m$id $q $auth");
|
$shellcmd = escapeshellcmd(ZM_PATH_BIN."/zmu $verbose -m$id $q $auth");
|
||||||
$status = exec ($shellcmd);
|
$status = exec($shellcmd, $output, $rc);
|
||||||
|
if ($status) {
|
||||||
$this->set(array(
|
$this->set(array(
|
||||||
'status' => $status,
|
'status'=>$rc,
|
||||||
'_serialize' => array('status'),
|
'error'=>$output,
|
||||||
));
|
'_serialize' => array('status','error'),
|
||||||
|
));
|
||||||
|
} else {
|
||||||
|
$this->set(array(
|
||||||
|
'status' => 'Ok',
|
||||||
|
'_serialize' => array('status'),
|
||||||
|
));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if a daemon is running for the monitor id
|
// Check if a daemon is running for the monitor id
|
||||||
|
|
|
@ -208,6 +208,14 @@ function getAuthUser($auth) {
|
||||||
return null;
|
return null;
|
||||||
} // end getAuthUser($auth)
|
} // end getAuthUser($auth)
|
||||||
|
|
||||||
|
function calculateAuthHash($remoteAddr) {
|
||||||
|
global $user;
|
||||||
|
$local_time = localtime();
|
||||||
|
$authKey = ZM_AUTH_HASH_SECRET.$user['Username'].$user['Password'].$remoteAddr.$local_time[2].$local_time[3].$local_time[4].$local_time[5];
|
||||||
|
#ZM\Debug("Generated using hour:".$local_time[2] . ' mday:' . $local_time[3] . ' month:'.$local_time[4] . ' year: ' . $local_time[5] );
|
||||||
|
return md5($authKey);
|
||||||
|
}
|
||||||
|
|
||||||
function generateAuthHash($useRemoteAddr, $force=false) {
|
function generateAuthHash($useRemoteAddr, $force=false) {
|
||||||
global $user;
|
global $user;
|
||||||
if (ZM_OPT_USE_AUTH and (ZM_AUTH_RELAY == 'hashed') and isset($user['Username']) and isset($user['Password']) and isset($_SESSION)) {
|
if (ZM_OPT_USE_AUTH and (ZM_AUTH_RELAY == 'hashed') and isset($user['Username']) and isset($user['Password']) and isset($_SESSION)) {
|
||||||
|
@ -218,16 +226,8 @@ function generateAuthHash($useRemoteAddr, $force=false) {
|
||||||
|
|
||||||
# Appending the remoteAddr prevents us from using an auth hash generated for a different ip
|
# Appending the remoteAddr prevents us from using an auth hash generated for a different ip
|
||||||
if ($force or ( !isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime )) {
|
if ($force or ( !isset($_SESSION['AuthHash'.$_SESSION['remoteAddr']]) ) or ( $_SESSION['AuthHashGeneratedAt'] < $mintime )) {
|
||||||
|
$auth = calculateAuthHash($useRemoteAddr?$_SESSION['remoteAddr']:'');
|
||||||
# Don't both regenerating Auth Hash if an hour hasn't gone by yet
|
# Don't both regenerating Auth Hash if an hour hasn't gone by yet
|
||||||
$local_time = localtime();
|
|
||||||
$authKey = '';
|
|
||||||
if ($useRemoteAddr) {
|
|
||||||
$authKey = ZM_AUTH_HASH_SECRET.$user['Username'].$user['Password'].$_SESSION['remoteAddr'].$local_time[2].$local_time[3].$local_time[4].$local_time[5];
|
|
||||||
} else {
|
|
||||||
$authKey = ZM_AUTH_HASH_SECRET.$user['Username'].$user['Password'].$local_time[2].$local_time[3].$local_time[4].$local_time[5];
|
|
||||||
}
|
|
||||||
#ZM\Debug("Generated using hour:".$local_time[2] . ' mday:' . $local_time[3] . ' month:'.$local_time[4] . ' year: ' . $local_time[5] );
|
|
||||||
$auth = md5($authKey);
|
|
||||||
$_SESSION['AuthHash'.$_SESSION['remoteAddr']] = $auth;
|
$_SESSION['AuthHash'.$_SESSION['remoteAddr']] = $auth;
|
||||||
$_SESSION['AuthHashGeneratedAt'] = $time;
|
$_SESSION['AuthHashGeneratedAt'] = $time;
|
||||||
# Because we don't write out the session, it shouldn't actually get written out to disk. However if it does, the GeneratedAt should protect us.
|
# Because we don't write out the session, it shouldn't actually get written out to disk. However if it does, the GeneratedAt should protect us.
|
||||||
|
|
Loading…
Reference in New Issue