From 63640c011e50cf6152733690043dee27d0a2f41f Mon Sep 17 00:00:00 2001
From: Steve Clement <steve@localhost.lu>
Date: Fri, 20 Nov 2020 15:41:52 +0900
Subject: [PATCH] chg: [installer] Updated installer

---
 INSTALL/INSTALL.sh        | 77 ++++++++++++++++++++-------------------
 INSTALL/INSTALL.sh.sha1   |  2 +-
 INSTALL/INSTALL.sh.sha256 |  2 +-
 INSTALL/INSTALL.sh.sha384 |  2 +-
 INSTALL/INSTALL.sh.sha512 |  2 +-
 5 files changed, 43 insertions(+), 42 deletions(-)

diff --git a/INSTALL/INSTALL.sh b/INSTALL/INSTALL.sh
index 2541158a3..77fb45a33 100755
--- a/INSTALL/INSTALL.sh
+++ b/INSTALL/INSTALL.sh
@@ -73,16 +73,13 @@
 MISPvars () {
   debug "Setting generic ${LBLUE}MISP${NC} variables shared by all flavours" 2> /dev/null
   # Local non-root MISP user
-  MISP_USER='misp'
-  MISP_PASSWORD="$(openssl rand -hex 32)"
-
-  # MISP configuration variables
-  PATH_TO_MISP='/var/www/MISP'
+  MISP_USER="${MISP_USER:-misp}"
+  MISP_PASSWORD="${MISP_PASSWORD:-$(openssl rand -hex 32)}"
 
   # The web server user
   # RHEL/CentOS
   if [[ -f "/etc/redhat-release" ]]; then
-    WWW_USER='apache'
+    WWW_USER="apache"
     SUDO_WWW="sudo -H -u ${WWW_USER} "
   # Debian flavoured
   elif [[ -f "/etc/debian_version" ]]; then
@@ -91,13 +88,13 @@ MISPvars () {
   # OpenBSD
   elif [[ "$(uname -s)" == "OpenBSD" ]]; then
     WWW_USER="www"
-    PATH_TO_MISP="/var/www/htdocs/MISP"
+    PATH_TO_MISP="${PATH_TO_MISP:-/var/www/htdocs/MISP}"
     SUDO_WWW="doas -u www "
     SUDO_CMD="doas "
   # NetBSD
   elif [[ "$(uname -s)" == "NetBSD" ]]; then
     WWW_USER="www"
-    PATH_TO_MISP="/usr/pkg/share/httpd/htdocs/MISP"
+    PATH_TO_MISP="$PATH_TO_MISP:-/usr/pkg/share/httpd/htdocs/MISP}"
     SUDO_WWW="sudo -H -u ${WWW_USER} "
   else
     # I am feeling lucky
@@ -105,40 +102,39 @@ MISPvars () {
     SUDO_WWW="sudo -H -u ${WWW_USER} "
   fi
 
-  if [ -z "${FQDN}" ]; then
-    FQDN="misp.local"
-  fi
+  # MISP configuration variables
+  PATH_TO_MISP="${PATH_TO_MISP:-/var/www/MISP}"
 
-  if [ -z "${MISP_BASEURL}" ]; then
-    MISP_BASEURL='""'
-  fi
+  FQDN="${FQDN:-misp.local}"
 
-  MISP_LIVE='1'
+  MISP_BASEURL="${MISP_BASEURL:-""}"
+
+  MISP_LIVE="1"
 
   # Database configuration
-  DBHOST='localhost'
-  DBNAME='misp'
-  DBUSER_ADMIN='root'
-  DBPASSWORD_ADMIN="$(openssl rand -hex 32)"
-  DBUSER_MISP='misp'
-  DBPASSWORD_MISP="$(openssl rand -hex 32)"
+  DBHOST="${DBHOST:-localhost}"
+  DBNAME="${DBNAME:-misp}"
+  DBUSER_ADMIN="${DBUSER_ADMIN:-root}"
+  DBPASSWORD_ADMIN="${DBPASSWORD_ADMIN:-$(openssl rand -hex 32)}"
+  DBUSER_MISP="${DBUSER_MISP:-misp}"
+  DBPASSWORD_MISP="${DBPASSWORD_MISP:-$(openssl rand -hex 32)}"
 
   # OpenSSL configuration
   OPENSSL_CN=${FQDN}
-  OPENSSL_C='LU'
-  OPENSSL_ST='State'
-  OPENSSL_L='Location'
-  OPENSSL_O='Organization'
-  OPENSSL_OU='Organizational Unit'
+  OPENSSL_C="LU"
+  OPENSSL_ST="State"
+  OPENSSL_L="Location"
+  OPENSSL_O="Organization"
+  OPENSSL_OU="Organizational Unit"
   OPENSSL_EMAILADDRESS="info@${FQDN}"
 
   # GPG configuration
-  GPG_REAL_NAME='Autogenerated Key'
+  GPG_REAL_NAME="Autogenerated Key"
   # On a REAL install, please do not set a comment, see here for why: https://www.debian-administration.org/users/dkg/weblog/97
-  GPG_COMMENT='WARNING: MISP AutoGenerated Key consider this Key VOID!'
-  GPG_EMAIL_ADDRESS='admin@admin.test'
+  GPG_COMMENT="WARNING: MISP AutoGenerated Key consider this Key VOID!"
+  GPG_EMAIL_ADDRESS="admin@admin.test"
   # 3072 bits used as per suggestions here: https://riseup.net/en/security/message-security/openpgp/best-practices
-  GPG_KEY_LENGTH='3072'
+  GPG_KEY_LENGTH="3072"
   GPG_PASSPHRASE="$(openssl rand -hex 32)"
 
   # debug alias to make sure people are not confused when blindly copy pasting blobs of code
@@ -148,10 +144,10 @@ MISPvars () {
   alias checkAptLock="echo 'Function used in Installer to make sure apt is not locked'"
 
   # php.ini configuration
-  upload_max_filesize=50M
-  post_max_size=50M
-  max_execution_time=300
-  memory_limit=2048M
+  upload_max_filesize="50M"
+  post_max_size="50M"
+  max_execution_time="300"
+  memory_limit="2048M"
 
   CAKE="${PATH_TO_MISP}/app/Console/cake"
 
@@ -814,7 +810,7 @@ installDepsPhp70 () {
   libapache2-mod-php \
   php php-cli \
   php-dev \
-  php-json php-xml php-mysql php-opcache php-readline php-mbstring \
+  php-json php-xml php-mysql php-opcache php-readline php-mbstring php-zip \
   php-redis php-gnupg \
   php-gd
 
@@ -1187,7 +1183,7 @@ installDepsPhp74 () {
   libapache2-mod-php \
   php php-cli \
   php-dev \
-  php-json php-xml php-mysql php-opcache php-readline php-mbstring \
+  php-json php-xml php-mysql php-opcache php-readline php-mbstring php-zip \
   php-redis php-gnupg \
   php-gd
 
@@ -1238,7 +1234,7 @@ installDepsPhp72 () {
   libapache2-mod-php \
   php php-cli \
   php-dev \
-  php-json php-xml php-mysql php7.2-opcache php-readline php-mbstring \
+  php-json php-xml php-mysql php7.2-opcache php-readline php-mbstring php-zip \
   php-redis php-gnupg \
   php-gd
 
@@ -1258,7 +1254,7 @@ installDepsPhp70 () {
   libapache2-mod-php \
   php php-cli \
   php-dev \
-  php-json php-xml php-mysql php-opcache php-readline php-mbstring \
+  php-json php-xml php-mysql php-opcache php-readline php-mbstring php-zip \
   php-redis php-gnupg \
   php-gd
 
@@ -2051,6 +2047,7 @@ yumInstallCoreDeps () {
                    rh-php72-php-xml \
                    rh-php72-php-bcmath \
                    rh-php72-php-opcache \
+                   rh-php72-php-zip \
                    rh-php72-php-gd -y
 
   # Python 3.6 is now available in RHEL 7.7 base
@@ -2097,13 +2094,16 @@ installCoreRHEL () {
   umask 0022
   
   cd $PATH_TO_MISP/app/files/scripts/python-cybox
+  $SUDO_WWW git config core.filemode false
   $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
   
   cd $PATH_TO_MISP/app/files/scripts/python-stix
+  $SUDO_WWW git config core.filemode false
   $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
 
   # install mixbox to accommodate the new STIX dependencies:
   cd $PATH_TO_MISP/app/files/scripts/mixbox
+  $SUDO_WWW git config core.filemode false
   $SUDO_WWW $PATH_TO_MISP/venv/bin/pip install .
 
   # install STIX2.0 library to support STIX 2.0 export:
@@ -2123,6 +2123,7 @@ installCoreRHEL () {
   sudo yum install devtoolset-7 cmake3 cppcheck libcxx-devel -y
 
   cd $PATH_TO_MISP/app/files/scripts/lief
+  $SUDO_WWW git config core.filemode false
   $SUDO_WWW mkdir build
   cd build
   $SUDO_WWW scl enable devtoolset-7 "bash -c 'cmake3 \
diff --git a/INSTALL/INSTALL.sh.sha1 b/INSTALL/INSTALL.sh.sha1
index df3855a20..9c8f4a26b 100644
--- a/INSTALL/INSTALL.sh.sha1
+++ b/INSTALL/INSTALL.sh.sha1
@@ -1 +1 @@
-1048857d0c71a2fb6029a448090bc88e008aa499  INSTALL.sh
+5b00af62ec1da32cd1a3bf16d5826dc8aedea784  INSTALL.sh
diff --git a/INSTALL/INSTALL.sh.sha256 b/INSTALL/INSTALL.sh.sha256
index 37a9d0798..67ad52408 100644
--- a/INSTALL/INSTALL.sh.sha256
+++ b/INSTALL/INSTALL.sh.sha256
@@ -1 +1 @@
-2e3e878d35568521b5dec1e7f6da3193fe3c51049e4bcc127068659e5375939e  INSTALL.sh
+fab6e625909c4eca47132b2e595cf5d90d3f17a62e62e93682f95c6e0856e848  INSTALL.sh
diff --git a/INSTALL/INSTALL.sh.sha384 b/INSTALL/INSTALL.sh.sha384
index aa3276e7f..846f54b7f 100644
--- a/INSTALL/INSTALL.sh.sha384
+++ b/INSTALL/INSTALL.sh.sha384
@@ -1 +1 @@
-ed7092dc612c51d7b81969418b4eea90ce5e990dde693a3ce83566dec11e1cf456452dcf103689f05b7e6ccb63f9bc45  INSTALL.sh
+edbd5a1d718ec565c120caca4060c71fd39c7225048717dc2e8ed3187cc6d0813c8caf9babe724ebb7d8cee591d9618f  INSTALL.sh
diff --git a/INSTALL/INSTALL.sh.sha512 b/INSTALL/INSTALL.sh.sha512
index 4e3fca072..1924d8863 100644
--- a/INSTALL/INSTALL.sh.sha512
+++ b/INSTALL/INSTALL.sh.sha512
@@ -1 +1 @@
-2d4cc5d6e02135b337541ce00cddb205e10ede924b89b1eefe069dd1fce7ce552970ab65a7342838a3bb41e0dcdab6460e7f96ab7f63ea554d9a1db61116ae2a  INSTALL.sh
+d0ea35cf636af8260a4d655bb05bc7b3584a1313f8ac6a4bb905c0cba46345d9a170efd210f00b5a879d7cf01497d840467ae35ad093130ff57083efc06b69ec  INSTALL.sh