mirror of https://github.com/MISP/MISP
Merge branch '2.4' into remove-netgeoip
commit
c30d1abb9c
|
@ -42,5 +42,4 @@
|
|||
url = https://github.com/pear/Crypt_GPG
|
||||
[submodule "INSTALL/Console_CommandLine"]
|
||||
path = INSTALL/dependencies/Console_CommandLine
|
||||
url = https://github.com/pear/Console_CommandLine
|
||||
|
||||
url = https://github.com/pear/Console_CommandLine
|
|
@ -28,7 +28,7 @@ install:
|
|||
- sudo apt-get -y update
|
||||
# Travis lacks entropy.
|
||||
- sudo apt-get -y install haveged
|
||||
- sudo apt-get -y install python3 python3-pip python3-dev python3-nose libxml2-dev libzmq3-dev zlib1g-dev apache2 curl php-mysql php-dev php-cli libapache2-mod-php libfuzzy-dev php-mbstring libonig4 php-json php-xml php-opcache php-readline php-pear php-redis php-gnupg php-gd
|
||||
- sudo apt-get -y install python3 python3-pip python3-dev python3-nose libxml2-dev libzmq3-dev zlib1g-dev apache2 curl php-mysql php-dev php-cli libapache2-mod-php libfuzzy-dev php-mbstring libonig4 php-json php-xml php-opcache php-readline php-redis php-gnupg php-gd
|
||||
- sudo apt-get -y dist-upgrade
|
||||
- sudo pip3 install --upgrade pip setuptools requests pyzmq
|
||||
- sudo pip3 install --upgrade -r requirements.txt
|
||||
|
|
|
@ -763,7 +763,6 @@ installDepsPhp70 () {
|
|||
php php-cli \
|
||||
php-dev \
|
||||
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
|
||||
php-pear \
|
||||
php-redis php-gnupg \
|
||||
php-gd
|
||||
|
||||
|
@ -785,7 +784,6 @@ installDepsPhp73 () {
|
|||
php7.3 php7.3-cli \
|
||||
php7.3-dev \
|
||||
php7.3-json php7.3-xml php7.3-mysql php7.3-opcache php7.3-readline php7.3-mbstring \
|
||||
php-pear \
|
||||
php-redis php-gnupg \
|
||||
php-gd
|
||||
}
|
||||
|
@ -1137,7 +1135,6 @@ installDepsPhp73 () {
|
|||
php7.3 php7.3-cli \
|
||||
php7.3-dev \
|
||||
php7.3-json php7.3-xml php7.3-mysql php7.3-opcache php7.3-readline php7.3-mbstring \
|
||||
php-pear \
|
||||
php-redis php-gnupg \
|
||||
php-gd
|
||||
}
|
||||
|
@ -1153,7 +1150,6 @@ installDepsPhp72 () {
|
|||
php php-cli \
|
||||
php-dev \
|
||||
php-json php-xml php-mysql php7.2-opcache php-readline php-mbstring \
|
||||
php-pear \
|
||||
php-redis php-gnupg \
|
||||
php-gd
|
||||
|
||||
|
@ -1174,7 +1170,6 @@ installDepsPhp70 () {
|
|||
php php-cli \
|
||||
php-dev \
|
||||
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
|
||||
php-pear \
|
||||
php-redis php-gnupg \
|
||||
php-gd
|
||||
|
||||
|
@ -1324,10 +1319,6 @@ installCore () {
|
|||
|
||||
# install plyara
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
|
||||
|
||||
# Install Crypt_GPG and Console_CommandLine
|
||||
sudo pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml
|
||||
sudo pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml
|
||||
}
|
||||
|
||||
installCake () {
|
||||
|
|
|
@ -1 +1 @@
|
|||
75d9de9742ccb2383d044f6a19fed73ea2909f9d INSTALL.sh
|
||||
6f5260ea0b7af730f4b94007e5046f661e3c2585 INSTALL.sh
|
||||
|
|
|
@ -1 +1 @@
|
|||
c5f790fc1c13af0b95490cc2136324b9dd9930af1b4c0afb6da4687b47c58e23 INSTALL.sh
|
||||
babd4491825edd02153d7d09624f1668c452ee14279872f367c5729dd51171bc INSTALL.sh
|
||||
|
|
|
@ -1 +1 @@
|
|||
5c2aaba9cafc88f5f81dafa7717e95daaec671ddd9aa32ed2ce0daf7654c2a11eab59271802590566f1cdd285a485673 INSTALL.sh
|
||||
0cf66499a027baaf5b52aba19270a7f6e5fbc7d99df225a9049bf9c35c35f9c4316a59ef92ec544ef2f23eea416897b0 INSTALL.sh
|
||||
|
|
|
@ -1 +1 @@
|
|||
dcb06c97ca3d4528b41c81f9d6933de235260e5fcfcc28c5fdd2fb19a287b421e492c3ae5ab3896ee3119309f7539be4b1a03422510721dae3f20d07ec2cc415 INSTALL.sh
|
||||
cfc7e4b1749ad8ed2d75fd3e7d984bb48ab253559c4a37318568dfc175fad40612a05bb59d3672dc3de88b651bd18e8b959457c4ae9c72eff2c0a7418e51fce8 INSTALL.sh
|
||||
|
|
|
@ -74,26 +74,6 @@
|
|||
- "/opt/misp-server/tmp"
|
||||
- "/opt/misp-server/backup"
|
||||
|
||||
######### PEAR: CRYPTPGP #########
|
||||
- name: Configure PEAR proxy
|
||||
shell: "{{ item }}"
|
||||
args:
|
||||
creates: /home/misp/ansible/ansible_shell_pear_configure_proxy.log
|
||||
with_items:
|
||||
- "pear config-set http_proxy http://{{proxy_host}}:{{proxy_port}} > /home/misp/ansible/ansible_shell_pear_configure_proxy.log"
|
||||
|
||||
- name: Configure PEAR tmp
|
||||
shell: "{{ item }}"
|
||||
args:
|
||||
creates: /home/misp/ansible/ansible_shell_pear_configure_tmp.log
|
||||
with_items:
|
||||
- pear config-set temp_dir /opt/misp-server/tmp/ > /home/misp/ansible/ansible_shell_pear_configure_tmp.log
|
||||
|
||||
- name: Install CryptGPG
|
||||
pear:
|
||||
name: Crypt_GPG
|
||||
state: present
|
||||
|
||||
######### MISP REPOSITORY #########
|
||||
|
||||
- name: Clone MISP repository
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
Subproject commit 40fca1d3dabbbb23e13b333bd5c615ca19d7d73f
|
|
@ -1 +0,0 @@
|
|||
Subproject commit bf07ab51207446ed33ea0075083df9bbc2358617
|
|
@ -1 +1 @@
|
|||
{"major":2, "minor":4, "hotfix":114}
|
||||
{"major":2, "minor":4, "hotfix":115}
|
||||
|
|
|
@ -506,4 +506,30 @@ class AdminShell extends AppShell
|
|||
$this->Server->cleanCacheFiles();
|
||||
echo '...caches lost in time, like tears in rain.' . PHP_EOL;
|
||||
}
|
||||
|
||||
public function resetSyncAuthkeys()
|
||||
{
|
||||
if (empty($this->args[0])) {
|
||||
echo sprintf(
|
||||
__("MISP mass sync authkey reset command line tool.\n\nUsage: %sConsole/cake resetSyncAuthkeys [user_id]") . "\n\n",
|
||||
APP
|
||||
);
|
||||
die();
|
||||
} else {
|
||||
$userId = $this->args[0];
|
||||
$user = $this->User->getAuthUser($userId);
|
||||
if (empty($user)) {
|
||||
echo __('Invalid user.') . "\n\n";
|
||||
}
|
||||
if (!$user['Role']['perm_site_admin']) {
|
||||
echo __('User has to be a site admin.') . "\n\n";
|
||||
}
|
||||
if (!empty($this->args[1])) {
|
||||
$jobId = $this->args[1];
|
||||
} else {
|
||||
$jobId = false;
|
||||
}
|
||||
$this->User->resetAllSyncAuthKeys($user, $jobId);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -260,19 +260,24 @@ class AppController extends Controller
|
|||
} else {
|
||||
// User not authenticated correctly
|
||||
// reset the session information
|
||||
$this->Session->destroy();
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$log = array(
|
||||
'org' => 'SYSTEM',
|
||||
'model' => 'User',
|
||||
'model_id' => 0,
|
||||
'email' => 'SYSTEM',
|
||||
'action' => 'auth_fail',
|
||||
'title' => 'Failed authentication using API key (' . trim($auth_key) . ')',
|
||||
'change' => null,
|
||||
);
|
||||
$this->Log->save($log);
|
||||
$redis = $this->{$this->modelClass}->setupRedis();
|
||||
if ($redis && !$redis->exists('misp:auth_fail_throttling:' . trim($auth_key))) {
|
||||
$redis->set('misp:auth_fail_throttling:' . trim($auth_key), 1);
|
||||
$redis->expire('misp:auth_fail_throttling:' . trim($auth_key), 3600);
|
||||
$this->Session->destroy();
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$log = array(
|
||||
'org' => 'SYSTEM',
|
||||
'model' => 'User',
|
||||
'model_id' => 0,
|
||||
'email' => 'SYSTEM',
|
||||
'action' => 'auth_fail',
|
||||
'title' => 'Failed authentication using API key (' . trim($auth_key) . ')',
|
||||
'change' => null,
|
||||
);
|
||||
$this->Log->save($log);
|
||||
}
|
||||
throw new ForbiddenException('Authentication failed. Please make sure you pass the API key of an API enabled user along in the Authorization header.');
|
||||
}
|
||||
unset($user);
|
||||
|
|
|
@ -335,7 +335,7 @@ class ACLComponent extends Component
|
|||
),
|
||||
'servers' => array(
|
||||
'add' => array(),
|
||||
'cache' => array('perm_site_admin'),
|
||||
'cache' => array(),
|
||||
'checkout' => array(),
|
||||
'createSync' => array('perm_sync'),
|
||||
'delete' => array(),
|
||||
|
@ -348,12 +348,12 @@ class ACLComponent extends Component
|
|||
'getInstanceUUID' => array('perm_sync'),
|
||||
'getPyMISPVersion' => array('*'),
|
||||
'getSetting' => array(),
|
||||
'getSubmodulesStatus' => array('perm_site_admin'),
|
||||
'getSubmoduleQuickUpdateForm' => array('perm_site_admin'),
|
||||
'getSubmodulesStatus' => array(),
|
||||
'getSubmoduleQuickUpdateForm' => array(),
|
||||
'getWorkers' => array(),
|
||||
'getVersion' => array('*'),
|
||||
'import' => ('perm_site_admin'),
|
||||
'index' => array('OR' => array('perm_sync', 'perm_admin')),
|
||||
'import' => array(),
|
||||
'index' => array(),
|
||||
'ondemandAction' => array(),
|
||||
'postTest' => array('perm_sync'),
|
||||
'previewEvent' => array(),
|
||||
|
@ -361,6 +361,7 @@ class ACLComponent extends Component
|
|||
'pull' => array(),
|
||||
'purgeSessions' => array(),
|
||||
'push' => array(),
|
||||
'resetRemoteAuthKey' => array(),
|
||||
'rest' => array('perm_auth'),
|
||||
'restartWorkers' => array(),
|
||||
'serverSettings' => array(),
|
||||
|
@ -371,7 +372,7 @@ class ACLComponent extends Component
|
|||
'statusZeroMQServer' => array(),
|
||||
'stopWorker' => array(),
|
||||
'stopZeroMQServer' => array(),
|
||||
'testConnection' => array('perm_sync'),
|
||||
'testConnection' => array(),
|
||||
'update' => array(),
|
||||
'updateJSON' => array(),
|
||||
'updateProgress' => array(),
|
||||
|
@ -503,7 +504,6 @@ class ACLComponent extends Component
|
|||
'admin_index' => array('perm_admin'),
|
||||
'admin_quickEmail' => array('perm_admin'),
|
||||
'admin_view' => array('perm_admin'),
|
||||
'arrayCopy' => array(),
|
||||
'attributehistogram' => array('*'),
|
||||
'change_pw' => array('*'),
|
||||
'checkAndCorrectPgps' => array(),
|
||||
|
@ -518,6 +518,7 @@ class ACLComponent extends Component
|
|||
'initiatePasswordReset' => array('perm_admin'),
|
||||
'login' => array('*'),
|
||||
'logout' => array('*'),
|
||||
'resetAllSyncAuthKeys' => array(),
|
||||
'resetauthkey' => array('*'),
|
||||
'request_API' => array('*'),
|
||||
'routeafterlogin' => array('*'),
|
||||
|
@ -553,6 +554,78 @@ class ACLComponent extends Component
|
|||
)
|
||||
);
|
||||
|
||||
private function __checkLoggedActions($user, $controller, $action)
|
||||
{
|
||||
$loggedActions = array(
|
||||
'servers' => array(
|
||||
'index' => array(
|
||||
'role' => array(
|
||||
'NOT' => array(
|
||||
'perm_site_admin'
|
||||
)
|
||||
),
|
||||
'message' => __('This could be an indication of an attempted privilege escalation on older vulnerable versions of MISP (<2.4.115)')
|
||||
)
|
||||
)
|
||||
);
|
||||
foreach ($loggedActions as $k => $v) {
|
||||
$loggedActions[$k] = array_change_key_case($v);
|
||||
}
|
||||
$message = '';
|
||||
if (!empty($loggedActions[$controller])) {
|
||||
if (!empty($loggedActions[$controller][$action])) {
|
||||
$message = $loggedActions[$controller][$action]['message'];
|
||||
$hit = false;
|
||||
if (empty($loggedActions[$controller][$action]['role'])) {
|
||||
$hit = true;
|
||||
} else {
|
||||
$role_req = $loggedActions[$controller][$action]['role'];
|
||||
if (empty($role_req['OR']) && empty($role_req['AND']) && empty($role_req['NOT'])) {
|
||||
$role_req = array('OR' => $role_req);
|
||||
}
|
||||
if (!empty($role_req['NOT'])) {
|
||||
foreach ($role_req['NOT'] as $k => $v) {
|
||||
if (!$user['Role'][$v]) {
|
||||
$hit = true;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
}
|
||||
if (!$hit && !empty($role_req['AND'])) {
|
||||
$subhit = true;
|
||||
foreach ($role_req['AND'] as $k => $v) {
|
||||
$subhit = $subhit && $user['Role'][$v];
|
||||
}
|
||||
if ($subhit) {
|
||||
$hit = true;
|
||||
}
|
||||
}
|
||||
if (!$hit && !empty($role_req['OR'])) {
|
||||
foreach ($role_req['OR'] as $k => $v) {
|
||||
if ($user['Role'][$v]) {
|
||||
$hit = true;
|
||||
continue;
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($hit) {
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => 'SYSTEM',
|
||||
'model' => 'User',
|
||||
'model_id' => $user['id'],
|
||||
'email' => $user['email'],
|
||||
'action' => 'security',
|
||||
'user_id' => $user['id'],
|
||||
'title' => __('User triggered security alert by attempting to access /%s/%s. Reason why this endpoint is of interest: %s', $controller, $action, $message),
|
||||
));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// The check works like this:
|
||||
// If the user is a site admin, return true
|
||||
// If the requested action has an OR-d list, iterate through the list. If any of the permissions are set for the user, return true
|
||||
|
@ -567,6 +640,7 @@ class ACLComponent extends Component
|
|||
foreach ($aclList as $k => $v) {
|
||||
$aclList[$k] = array_change_key_case($v);
|
||||
}
|
||||
$this->__checkLoggedActions($user, $controller, $action);
|
||||
if ($user['Role']['perm_site_admin']) {
|
||||
return true;
|
||||
}
|
||||
|
|
|
@ -44,12 +44,6 @@ class ServersController extends AppController
|
|||
|
||||
public function index()
|
||||
{
|
||||
if (!$this->_isSiteAdmin()) {
|
||||
if (!$this->userRole['perm_sync'] && !$this->userRole['perm_admin']) {
|
||||
$this->redirect(array('controller' => 'events', 'action' => 'index'));
|
||||
}
|
||||
$this->paginate['conditions'] = array('Server.org_id LIKE' => $this->Auth->user('org_id'));
|
||||
}
|
||||
if ($this->_isRest()) {
|
||||
$params = array(
|
||||
'recursive' => -1,
|
||||
|
@ -2089,4 +2083,28 @@ misp.direct_call(relative_path, body)
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
public function resetRemoteAuthKey($id)
|
||||
{
|
||||
if (!$this->request->is('post')) {
|
||||
throw new MethodNotAllowedException(__('This endpoint expects POST requests.'));
|
||||
}
|
||||
$result = $this->Server->resetRemoteAuthkey($id);
|
||||
if ($result !== true) {
|
||||
if (!$this->_isRest()) {
|
||||
$this->Flash->error($result);
|
||||
$this->redirect(array('action' => 'index'));
|
||||
} else {
|
||||
return $this->RestResponse->saveFailResponse('Servers', 'resetRemoteAuthKey', $id, $message, $this->response->type());
|
||||
}
|
||||
} else {
|
||||
$message = __('API key updated.');
|
||||
if (!$this->_isRest()) {
|
||||
$this->Flash->success($message);
|
||||
$this->redirect(array('action' => 'index'));
|
||||
} else {
|
||||
return $this->RestResponse->saveSuccessResponse('Servers', 'resetRemoteAuthKey', $message, $this->response->type());
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -211,7 +211,7 @@ class UsersController extends AppController
|
|||
// Save the data
|
||||
if ($this->User->save($user)) {
|
||||
$message = __('Password Changed.');
|
||||
$this->__extralog("change_pw");
|
||||
$this->User->extralog($this->Auth->user(), "change_pw", null, null, $user);
|
||||
if ($this->_isRest()) {
|
||||
return $this->RestResponse->saveSuccessResponse('User', 'change_pw', false, $this->response->type(), $message);
|
||||
}
|
||||
|
@ -869,12 +869,12 @@ class UsersController extends AppController
|
|||
$c++;
|
||||
}
|
||||
$fieldsResultStr = substr($fieldsResultStr, 2);
|
||||
$this->__extralog("edit", "user", $fieldsResultStr);
|
||||
$user = $this->User->find('first', array(
|
||||
'recursive' => -1,
|
||||
'conditions' => array('User.id' => $this->User->id)
|
||||
));
|
||||
$this->User->extralog($this->Auth->user(), "edit", "user", $fieldsResultStr, $user);
|
||||
if ($this->_isRest()) {
|
||||
$user = $this->User->find('first', array(
|
||||
'conditions' => array('User.id' => $this->User->id),
|
||||
'recursive' => -1
|
||||
));
|
||||
$user['User']['password'] = '******';
|
||||
return $this->RestResponse->viewData($user, $this->response->type());
|
||||
} else {
|
||||
|
@ -954,7 +954,7 @@ class UsersController extends AppController
|
|||
}
|
||||
$fieldsDescrStr = 'User (' . $id . '): ' . $user['User']['email'];
|
||||
if ($this->User->delete($id)) {
|
||||
$this->__extralog("delete", $fieldsDescrStr, '');
|
||||
$this->User->extralog($this->Auth->user(), "delete", $fieldsDescrStr, '');
|
||||
if ($this->_isRest()) {
|
||||
return $this->RestResponse->saveSuccessResponse('User', 'admin_delete', $id, $this->response->type(), 'User deleted.');
|
||||
} else {
|
||||
|
@ -1010,7 +1010,7 @@ class UsersController extends AppController
|
|||
}
|
||||
}
|
||||
if ($this->Auth->login()) {
|
||||
$this->__extralog("login");
|
||||
$this->User->extralog($this->Auth->user(), "login");
|
||||
$this->User->Behaviors->disable('SysLogLogable.SysLogLogable');
|
||||
$this->User->id = $this->Auth->user('id');
|
||||
$user = $this->User->find('first', array(
|
||||
|
@ -1125,7 +1125,7 @@ class UsersController extends AppController
|
|||
public function logout()
|
||||
{
|
||||
if ($this->Session->check('Auth.User')) {
|
||||
$this->__extralog("logout");
|
||||
$this->User->extralog($this->Auth->user(), "logout");
|
||||
}
|
||||
$this->Flash->info(__('Good-Bye'));
|
||||
$user = $this->User->find('first', array(
|
||||
|
@ -1140,7 +1140,7 @@ class UsersController extends AppController
|
|||
$this->redirect($this->Auth->logout());
|
||||
}
|
||||
|
||||
public function resetauthkey($id = null)
|
||||
public function resetauthkey($id = null, $alert = false)
|
||||
{
|
||||
if (!$this->_isAdmin() && Configure::read('MISP.disableUserSelfManagement')) {
|
||||
throw new MethodNotAllowedException('User self-management has been disabled on this instance.');
|
||||
|
@ -1149,24 +1149,12 @@ class UsersController extends AppController
|
|||
$id = $this->Auth->user('id');
|
||||
}
|
||||
if (!$this->userRole['perm_auth']) {
|
||||
throw new MethodNotAllowedException('Invalid action.');
|
||||
throw new MethodNotAllowedException(__('Invalid action.'));
|
||||
}
|
||||
$this->User->id = $id;
|
||||
if (!$id || !$this->User->exists($id)) {
|
||||
throw new MethodNotAllowedException('Invalid user.');
|
||||
$newkey = $this->User->resetauthkey($this->Auth->user(), $id, $alert);
|
||||
if ($newkey === false) {
|
||||
throw new MethodNotAllowedException(__('Invalid user.'));
|
||||
}
|
||||
$user = $this->User->read();
|
||||
$oldKey = $this->User->data['User']['authkey'];
|
||||
if (!$this->_isSiteAdmin() && !($this->_isAdmin() && $this->Auth->user('org_id') == $this->User->data['User']['org_id']) && ($this->Auth->user('id') != $id)) {
|
||||
throw new MethodNotAllowedException('Invalid user.');
|
||||
}
|
||||
$newkey = $this->User->generateAuthKey();
|
||||
$this->User->saveField('authkey', $newkey);
|
||||
$this->__extralog(
|
||||
'reset_auth_key',
|
||||
'Authentication key for user ' . $user['User']['id'] . ' (' . $user['User']['email'] . ')',
|
||||
$fieldsResult = 'authkey(' . $oldKey . ') => (' . $newkey . ')'
|
||||
);
|
||||
if (!$this->_isRest()) {
|
||||
$this->Flash->success(__('New authkey generated.', true));
|
||||
$this->_refreshAuth();
|
||||
|
@ -1176,6 +1164,25 @@ class UsersController extends AppController
|
|||
}
|
||||
}
|
||||
|
||||
public function resetAllSyncAuthKeys()
|
||||
{
|
||||
if (!$this->request->is('post')) {
|
||||
throw new MethodNotAllowedException(__('This functionality is only accessible via POST requests.'));
|
||||
}
|
||||
$results = $this->User->resetAllSyncAuthKeysRouter($this->Auth->user());
|
||||
if ($results === true) {
|
||||
$message = __('Job initiated.');
|
||||
} else {
|
||||
$message = __('%s authkeys reset, %s could not be reset.', $results['success'], $results['fails']);
|
||||
}
|
||||
if (!$this->_isRest()) {
|
||||
$this->Flash->info($message);
|
||||
$this->redirect($this->referer());
|
||||
} else {
|
||||
return $this->RestResponse->saveSuccessResponse('User', 'resetAllSyncAuthKeys', false, $this->response->type(), $message);
|
||||
}
|
||||
}
|
||||
|
||||
public function histogram($selected = null)
|
||||
{
|
||||
//if (!$this->request->is('ajax') && !$this->_isRest()) throw new MethodNotAllowedException('This function can only be accessed via AJAX or the API.');
|
||||
|
@ -1297,60 +1304,6 @@ class UsersController extends AppController
|
|||
return $this->response;
|
||||
}
|
||||
|
||||
private function __extralog($action = null, $description = null, $fieldsResult = null)
|
||||
{
|
||||
// new data
|
||||
$model = 'User';
|
||||
$modelId = $this->Auth->user('id');
|
||||
if ($action == 'login') {
|
||||
$description = "User (" . $this->Auth->user('id') . "): " . $this->data['User']['email'];
|
||||
} elseif ($action == 'logout') {
|
||||
$description = "User (" . $this->Auth->user('id') . "): " . $this->Auth->user('email');
|
||||
} elseif ($action == 'edit') {
|
||||
$description = "User (" . $this->User->id . "): " . $this->data['User']['email'];
|
||||
} elseif ($action == 'change_pw') {
|
||||
$description = "User (" . $this->User->id . "): " . $this->Auth->user('email');
|
||||
$fieldsResult = "Password changed.";
|
||||
}
|
||||
|
||||
// query
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => $this->Auth->user('Organisation')['name'],
|
||||
'model' => $model,
|
||||
'model_id' => $modelId,
|
||||
'email' => $this->Auth->user('email'),
|
||||
'action' => $action,
|
||||
'title' => $description,
|
||||
'change' => isset($fieldsResult) ? $fieldsResult : ''));
|
||||
|
||||
// write to syslogd as well
|
||||
App::import('Lib', 'SysLog.SysLog');
|
||||
$syslog = new SysLog();
|
||||
if (isset($fieldsResult) && $fieldsResult) {
|
||||
$syslog->write('notice', $description . ' -- ' . $action . ' -- ' . $fieldsResult);
|
||||
} else {
|
||||
$syslog->write('notice', $description . ' -- ' . $action);
|
||||
}
|
||||
}
|
||||
|
||||
// Used for fields_before and fields for audit
|
||||
public function arrayCopy(array $array)
|
||||
{
|
||||
$result = array();
|
||||
foreach ($array as $key => $val) {
|
||||
if (is_array($val)) {
|
||||
$result[$key] = arrayCopy($val);
|
||||
} elseif (is_object($val)) {
|
||||
$result[$key] = clone $val;
|
||||
} else {
|
||||
$result[$key] = $val;
|
||||
}
|
||||
}
|
||||
return $result;
|
||||
}
|
||||
|
||||
public function checkAndCorrectPgps()
|
||||
{
|
||||
if (!self::_isAdmin()) {
|
||||
|
|
|
@ -15316,7 +15316,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -15316,7 +15316,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -15325,7 +15325,7 @@ msgstr "Synkroniser bruger for"
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -15821,7 +15821,7 @@ msgstr ""
|
|||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
#: View/Users/edit.ctp:23
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -15316,7 +15316,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -15355,8 +15355,8 @@ msgstr "Synchroniser l'utilisateur pour"
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr "Coller ici la clé GnuPG de l’utilisateur, ou essayer de le récupérer depuis le serveur de clés du MIT en cliquant sur « Fetch GnuPG key » ci-dessous."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr "Coller ici la clé GnuPG de l’utilisateur, ou essayer de le récupérer depuis le serveur de clés du CIRCL en cliquant sur « Fetch GnuPG key » ci-dessous."
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
#: View/Users/admin_edit.ctp:66
|
||||
|
|
|
@ -12464,7 +12464,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -13164,7 +13164,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -15347,8 +15347,8 @@ msgstr "同期ユーザー用"
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr "ユーザーの GnuPG キーをここに貼り付けるか、下の \"GnuPG キーを取得\"をクリックして MIT キーサーバーから取得します。"
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr "ユーザーの GnuPG キーをここに貼り付けるか、下の \"GnuPG キーを取得\"をクリックして CIRCL キーサーバーから取得します。"
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
#: View/Users/admin_edit.ctp:66
|
||||
|
|
|
@ -15316,7 +15316,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -15945,8 +15945,8 @@ msgstr "Synkroniser brukeren for"
|
|||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
#: View/Users/edit.ctp:23
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr "Lim inn brukerens GnuPG-nøkkel her, eller prøv å hente den fra MIT-nøkkelserveren ved å klikke på \"Hent GnuPG-nøkkel\" nedenfor."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr "Lim inn brukerens GnuPG-nøkkel her, eller prøv å hente den fra CIRCL-nøkkelserveren ved å klikke på \"Hent GnuPG-nøkkel\" nedenfor."
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
#: View/Users/admin_edit.ctp:66
|
||||
|
|
|
@ -13159,7 +13159,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -15316,7 +15316,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -15316,7 +15316,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -15332,8 +15332,8 @@ msgstr "Синхронизировать пользователя"
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr "Вставьте GnuPG ключ пользователя сюда или нажмите кнопку \"Получить GnuPG ключ\" для получения ключа с сервера MIT."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr "Вставьте GnuPG ключ пользователя сюда или нажмите кнопку \"Получить GnuPG ключ\" для получения ключа с сервера CIRCL."
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
#: View/Users/admin_edit.ctp:66
|
||||
|
|
|
@ -15316,7 +15316,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -13159,7 +13159,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -12464,7 +12464,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -13159,7 +13159,7 @@ msgstr ""
|
|||
|
||||
#: View/Users/admin_add.ctp:70
|
||||
#: View/Users/admin_edit.ctp:64
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the MIT key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgid "Paste the user's GnuPG key here or try to retrieve it from the CIRCL key server by clicking on \"Fetch GnuPG key\" below."
|
||||
msgstr ""
|
||||
|
||||
#: View/Users/admin_add.ctp:72
|
||||
|
|
|
@ -48,6 +48,7 @@ class Log extends AppModel
|
|||
'request',
|
||||
'request_delegation',
|
||||
'reset_auth_key',
|
||||
'security',
|
||||
'serverSettingsEdit',
|
||||
'tag',
|
||||
'undelete',
|
||||
|
|
|
@ -2289,10 +2289,10 @@ class Server extends AppModel
|
|||
if (!$existingEvent) {
|
||||
// add data for newly imported events
|
||||
$result = $eventModel->_add($event, true, $user, $server['Server']['org_id'], $passAlong, true, $jobId);
|
||||
if ($result === true) {
|
||||
if ($result) {
|
||||
$successes[] = $eventId;
|
||||
} else {
|
||||
$fails[$eventId] = __('Failed (partially?) because of errors: ') . $result;
|
||||
$fails[$eventId] = __('Failed (partially?) because of validation errors: ') . json_encode($eventModel->validationErrors, true);
|
||||
}
|
||||
} else {
|
||||
if (!$existingEvent['Event']['locked'] && !$server['Server']['internal']) {
|
||||
|
@ -2316,6 +2316,7 @@ class Server extends AppModel
|
|||
$eventId,
|
||||
$server
|
||||
);
|
||||
;
|
||||
if (!empty($event)) {
|
||||
if ($this->__checkIfEventIsBlockedBeforePull($event)) {
|
||||
return false;
|
||||
|
@ -2328,7 +2329,7 @@ class Server extends AppModel
|
|||
}
|
||||
} else {
|
||||
// error
|
||||
$fails[$eventId] = __('failed downloading the event') . ': ' . json_encode($event);
|
||||
$fails[$eventId] = __('failed downloading the event');
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
@ -3984,6 +3985,9 @@ class Server extends AppModel
|
|||
public function runPOSTtest($id)
|
||||
{
|
||||
$server = $this->find('first', array('conditions' => array('Server.id' => $id)));
|
||||
if (empty($server)) {
|
||||
throw new InvalidArgumentException(__('Invalid server.'));
|
||||
}
|
||||
$HttpSocket = $this->setupHttpSocket($server);
|
||||
$request = $this->setupSyncRequest($server);
|
||||
$testFile = file_get_contents(APP . 'files/scripts/test_payload.txt');
|
||||
|
@ -3991,6 +3995,7 @@ class Server extends AppModel
|
|||
$this->Log = ClassRegistry::init('Log');
|
||||
try {
|
||||
$response = $HttpSocket->post($uri, json_encode(array('testString' => $testFile)), $request);
|
||||
$rawBody = $response->body;
|
||||
$response = json_decode($response, true);
|
||||
} catch (Exception $e) {
|
||||
$this->Log->create();
|
||||
|
@ -4006,7 +4011,14 @@ class Server extends AppModel
|
|||
return 8;
|
||||
}
|
||||
if (!isset($response['body']['testString']) || $response['body']['testString'] !== $testFile) {
|
||||
$responseString = isset($response['body']['testString']) ? $response['body']['testString'] : 'Response was empty.';
|
||||
$responseString = '';
|
||||
if (!empty($repsonse['body']['testString'])) {
|
||||
$responseString = $response['body']['testString'];
|
||||
} else if (!empty($rawBody)){
|
||||
$responseString = $rawBody;
|
||||
} else {
|
||||
$responseString = __('Response was empty.');
|
||||
}
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => 'SYSTEM',
|
||||
|
@ -4330,8 +4342,17 @@ class Server extends AppModel
|
|||
if (Configure::read('GnuPG.email') && Configure::read('GnuPG.homedir')) {
|
||||
$continue = true;
|
||||
try {
|
||||
require_once 'Crypt/GPG.php';
|
||||
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir'), 'gpgconf' => Configure::read('GnuPG.gpgconf'), 'binary' => (Configure::read('GnuPG.binary') ? Configure::read('GnuPG.binary') : '/usr/bin/gpg')));
|
||||
if (!class_exists('Crypt_GPG')) {
|
||||
if (!stream_resolve_include_path('Crypt/GPG.php')) {
|
||||
throw new Exception("Crypt_GPG is not installed");
|
||||
}
|
||||
require_once 'Crypt/GPG.php';
|
||||
}
|
||||
$gpg = new Crypt_GPG(array(
|
||||
'homedir' => Configure::read('GnuPG.homedir'),
|
||||
'gpgconf' => Configure::read('GnuPG.gpgconf'),
|
||||
'binary' => Configure::read('GnuPG.binary') ?: '/usr/bin/gpg'
|
||||
));
|
||||
} catch (Exception $e) {
|
||||
$gpgStatus = 2;
|
||||
$continue = false;
|
||||
|
@ -5187,4 +5208,65 @@ class Server extends AppModel
|
|||
}
|
||||
return $results;
|
||||
}
|
||||
|
||||
public function resetRemoteAuthKey($id)
|
||||
{
|
||||
$server = $this->find('first', array(
|
||||
'recursive' => -1,
|
||||
'conditions' => array('Server.id' => $id)
|
||||
));
|
||||
if (empty($server)) {
|
||||
return __('Invalid server');
|
||||
}
|
||||
$HttpSocket = $this->setupHttpSocket($server);
|
||||
$request = $this->setupSyncRequest($server);
|
||||
$uri = $server['Server']['url'] . '/users/resetauthkey/me';
|
||||
try {
|
||||
$response = $HttpSocket->post($uri, '{}', $request);
|
||||
} catch (Exception $e) {
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$message = 'Could not reset the remote authentication key.';
|
||||
$this->Log->save(array(
|
||||
'org' => 'SYSTEM',
|
||||
'model' => 'Server',
|
||||
'model_id' => $id,
|
||||
'email' => 'SYSTEM',
|
||||
'action' => 'error',
|
||||
'user_id' => 0,
|
||||
'title' => 'Error: ' . $message,
|
||||
));
|
||||
return $message;
|
||||
}
|
||||
if ($response->isOk()) {
|
||||
try {
|
||||
$response = json_decode($response->body, true);
|
||||
} catch (Exception $e) {
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$message = 'Invalid response received from the remote instance.';
|
||||
$this->Log->save(array(
|
||||
'org' => 'SYSTEM',
|
||||
'model' => 'Server',
|
||||
'model_id' => $id,
|
||||
'email' => 'SYSTEM',
|
||||
'action' => 'error',
|
||||
'user_id' => 0,
|
||||
'title' => 'Error: ' . $message,
|
||||
));
|
||||
return $message;
|
||||
}
|
||||
if (!empty($response['message'])) {
|
||||
$authkey = $response['message'];
|
||||
}
|
||||
if (substr($authkey, 0, 17) === 'Authkey updated: ') {
|
||||
$authkey = substr($authkey, 17, 57);
|
||||
}
|
||||
$server['Server']['authkey'] = $authkey;
|
||||
$this->save($server);
|
||||
return true;
|
||||
} else {
|
||||
return __('Could not reset the remote authentication key.');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -306,8 +306,7 @@ class User extends AppModel
|
|||
|
||||
// we have a clean, hopefully public, key here
|
||||
try {
|
||||
require_once 'Crypt/GPG.php';
|
||||
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir'), 'gpgconf' => Configure::read('GnuPG.gpgconf'), 'binary' => (Configure::read('GnuPG.binary') ? Configure::read('GnuPG.binary') : '/usr/bin/gpg')));
|
||||
$gpg = $this->initializeGpg();
|
||||
try {
|
||||
$keyImportOutput = $gpg->importKey($check['gpgkey']);
|
||||
if (!empty($keyImportOutput['fingerprint'])) {
|
||||
|
@ -379,7 +378,7 @@ class User extends AppModel
|
|||
return preg_match($regex, $value);
|
||||
}
|
||||
|
||||
public function identicalFieldValues($field=array(), $compareField=null)
|
||||
public function identicalFieldValues($field = array(), $compareField = null)
|
||||
{
|
||||
foreach ($field as $key => $value) {
|
||||
$v1 = $value;
|
||||
|
@ -450,10 +449,9 @@ class User extends AppModel
|
|||
{
|
||||
if (!$gpg) {
|
||||
try {
|
||||
require_once 'Crypt/GPG.php';
|
||||
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir'), 'gpgconf' => Configure::read('GnuPG.gpgconf'), 'binary' => (Configure::read('GnuPG.binary') ? Configure::read('GnuPG.binary') : '/usr/bin/gpg')));
|
||||
$gpg = $this->initializeGpg();
|
||||
} catch (Exception $e) {
|
||||
$result[2] ='GnuPG is not configured on this system.';
|
||||
$result[2] = 'GnuPG is not configured on this system.';
|
||||
$result[0] = true;
|
||||
return $result;
|
||||
}
|
||||
|
@ -499,7 +497,6 @@ class User extends AppModel
|
|||
|
||||
public function verifyGPG($id = false)
|
||||
{
|
||||
require_once 'Crypt/GPG.php';
|
||||
$this->Behaviors->detach('Trim');
|
||||
$results = array();
|
||||
$conditions = array('not' => array('gpgkey' => ''));
|
||||
|
@ -513,7 +510,7 @@ class User extends AppModel
|
|||
if (empty($users)) {
|
||||
return $results;
|
||||
}
|
||||
$gpg = new Crypt_GPG(array('homedir' => Configure::read('GnuPG.homedir'), 'gpgconf' => Configure::read('GnuPG.gpgconf'), 'binary' => (Configure::read('GnuPG.binary') ? Configure::read('GnuPG.binary') : '/usr/bin/gpg')));
|
||||
$gpg = $this->initializeGpg();
|
||||
foreach ($users as $k => $user) {
|
||||
$results[$user['User']['id']] = $this->verifySingleGPG($user, $gpg);
|
||||
}
|
||||
|
@ -1217,9 +1214,9 @@ class User extends AppModel
|
|||
public function verifyPassword($user_id, $password)
|
||||
{
|
||||
$currentUser = $this->find('first', array(
|
||||
'conditions' => array('User.id' => $user_id),
|
||||
'recursive' => -1,
|
||||
'fields' => array('User.password')
|
||||
'conditions' => array('User.id' => $user_id),
|
||||
'recursive' => -1,
|
||||
'fields' => array('User.password')
|
||||
));
|
||||
if (empty($currentUser)) {
|
||||
return false;
|
||||
|
@ -1253,4 +1250,201 @@ class User extends AppModel
|
|||
$this->save($admin);
|
||||
return $authKey;
|
||||
}
|
||||
|
||||
public function resetAllSyncAuthKeysRouter($user, $jobId = false)
|
||||
{
|
||||
if (Configure::read('MISP.background_jobs')) {
|
||||
$job = ClassRegistry::init('Job');
|
||||
$job->create();
|
||||
$eventModel = ClassRegistry::init('Event');
|
||||
$data = array(
|
||||
'worker' => $eventModel->__getPrioWorkerIfPossible(),
|
||||
'job_type' => __('reset_all_sync_api_keys'),
|
||||
'job_input' => __('Reseting all API keys'),
|
||||
'status' => 0,
|
||||
'retries' => 0,
|
||||
'org_id' => $user['org_id'],
|
||||
'org' => $user['Organisation']['name'],
|
||||
'message' => 'Issuing new API keys to all sync users.',
|
||||
);
|
||||
$job->save($data);
|
||||
$jobId = $job->id;
|
||||
$process_id = CakeResque::enqueue(
|
||||
'prio',
|
||||
'AdminShell',
|
||||
array('resetSyncAuthkeys', $user['id'], $jobId),
|
||||
true
|
||||
);
|
||||
$job->saveField('process_id', $process_id);
|
||||
return true;
|
||||
} else {
|
||||
return $this->resetAllSyncAuthKeys($user);
|
||||
}
|
||||
}
|
||||
|
||||
public function resetAllSyncAuthKeys($user, $jobId = false)
|
||||
{
|
||||
$affected_users = $this->find('all', array(
|
||||
'recursive' => -1,
|
||||
'contain' => array('Role'),
|
||||
'conditions' => array(
|
||||
'OR' => array(
|
||||
'Role.perm_sync' => 1,
|
||||
'Role.perm_admin' => 1
|
||||
),
|
||||
'Role.perm_site_admin' => 0
|
||||
)
|
||||
));
|
||||
$results = array('success' => 0, 'fails' => 0);
|
||||
$user_count = count($affected_users);
|
||||
if ($jobId) {
|
||||
$job = ClassRegistry::init('Job');
|
||||
$existingJob = $job->find('first', array(
|
||||
'conditions' => array('Job.id' => $jobId),
|
||||
'recursive' => -1
|
||||
));
|
||||
if (empty($existingJob)) {
|
||||
$jobId = false;
|
||||
}
|
||||
}
|
||||
foreach ($affected_users as $k => $affected_user) {
|
||||
try {
|
||||
$reset_result = $this->resetauthkey($user, $affected_user['User']['id'], true);
|
||||
if ($reset_result) {
|
||||
$results['success'] += 1;
|
||||
} else {
|
||||
$results['fails'] += 1;
|
||||
}
|
||||
} catch (Exception $e) {
|
||||
$results['fails'] += 1;
|
||||
}
|
||||
if ($jobId) {
|
||||
if ($k % 100 == 0) {
|
||||
$job->id = $jobId;
|
||||
$job->saveField('progress', 100 * (($k + 1) / count($user_count)));
|
||||
$job->saveField('message', __('Reset in progress - %s/%s.', $k, $user_count));
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($jobId) {
|
||||
$message = __('%s authkeys reset, %s could not be reset', $results['success'], $results['fails']);
|
||||
$job->saveField('progress', 100);
|
||||
$job->saveField('message', $message);
|
||||
$job->saveField('status', 4);
|
||||
}
|
||||
return $results;
|
||||
}
|
||||
|
||||
public function resetauthkey($user, $id, $alert = false)
|
||||
{
|
||||
$this->id = $id;
|
||||
if (!$id || !$this->exists($id)) {
|
||||
return false;
|
||||
}
|
||||
$updatedUser = $this->read();
|
||||
$oldKey = $this->data['User']['authkey'];
|
||||
if (empty($user['Role']['perm_site_admin']) && !($user['Role']['perm_admin'] && $user['org_id'] == $updatedUser['User']['org_id']) && ($user['id'] != $id)) {
|
||||
return false;
|
||||
}
|
||||
$newkey = $this->generateAuthKey();
|
||||
$this->saveField('authkey', $newkey);
|
||||
$this->extralog(
|
||||
$user,
|
||||
'reset_auth_key',
|
||||
sprintf(
|
||||
__('Authentication key for user %s (%s) updated.'),
|
||||
$updatedUser['User']['id'],
|
||||
$updatedUser['User']['email']
|
||||
),
|
||||
$fieldsResult = 'authkey(' . $oldKey . ') => (' . $newkey . ')',
|
||||
$updatedUser
|
||||
);
|
||||
if ($alert) {
|
||||
$baseurl = Configure::read('MISP.external_baseurl');
|
||||
if (empty($baseurl)) {
|
||||
$baseurl = Configure::read('MISP.baseurl');
|
||||
}
|
||||
$body = __(
|
||||
"Dear user,\n\nan API key reset has been triggered by an administrator for your user account on %s.\n\nYour new API key is: %s\n\nPlease update your server's sync setup to reflect this change.\n\nWe apologise for the inconvenience.",
|
||||
$baseurl,
|
||||
$newkey
|
||||
);
|
||||
$bodyNoEnc = __(
|
||||
"Dear user,\n\nan API key reset has been triggered by an administrator for your user account on %s.\n\nYour new API key can be retrieved by logging in using this sync user's account.\n\nPlease update your server's sync setup to reflect this change.\n\nWe apologise for the inconvenience.",
|
||||
$baseurl,
|
||||
$newkey
|
||||
);
|
||||
$this->sendEmail(
|
||||
$updatedUser,
|
||||
$body,
|
||||
$bodyNoEnc,
|
||||
__('API key reset by administrator')
|
||||
);
|
||||
}
|
||||
return $newkey;
|
||||
}
|
||||
|
||||
public function extralog($user, $action = null, $description = null, $fieldsResult = null, $modifiedUser = null)
|
||||
{
|
||||
// new data
|
||||
$model = 'User';
|
||||
$modelId = $user['id'];
|
||||
if (!empty($modifiedUser)) {
|
||||
$modelId = $modifiedUser['User']['id'];
|
||||
}
|
||||
if ($action == 'login') {
|
||||
$description = "User (" . $user['id'] . "): " . $user['email'];
|
||||
} elseif ($action == 'logout') {
|
||||
$description = "User (" . $user['id'] . "): " . $user['email'];
|
||||
} elseif ($action == 'edit') {
|
||||
$description = "User (" . $modifiedUser['User']['id'] . "): " . $modifiedUser['User']['email'];
|
||||
} elseif ($action == 'change_pw') {
|
||||
$description = "User (" . $modifiedUser['User']['id'] . "): " . $modifiedUser['User']['email'];
|
||||
$fieldsResult = "Password changed.";
|
||||
}
|
||||
|
||||
// query
|
||||
$this->Log = ClassRegistry::init('Log');
|
||||
$this->Log->create();
|
||||
$this->Log->save(array(
|
||||
'org' => $user['Organisation']['name'],
|
||||
'model' => $model,
|
||||
'model_id' => $modelId,
|
||||
'email' => $user['email'],
|
||||
'action' => $action,
|
||||
'title' => $description,
|
||||
'change' => isset($fieldsResult) ? $fieldsResult : ''));
|
||||
|
||||
// write to syslogd as well
|
||||
App::import('Lib', 'SysLog.SysLog');
|
||||
$syslog = new SysLog();
|
||||
$syslog->write('notice', $description . ' -- ' . $action . (empty($fieldResult) ? '' : '-- ' . $fieldResult));
|
||||
}
|
||||
|
||||
/**
|
||||
* @return Crypt_GPG
|
||||
* @throws Exception
|
||||
*/
|
||||
private function initializeGpg()
|
||||
{
|
||||
if (!class_exists('Crypt_GPG')) {
|
||||
if (!stream_resolve_include_path('Crypt/GPG.php')) {
|
||||
throw new Exception("Crypt_GPG is not installed.");
|
||||
}
|
||||
require_once 'Crypt/GPG.php';
|
||||
}
|
||||
|
||||
$homedir = Configure::read('GnuPG.homedir');
|
||||
if ($homedir === null) {
|
||||
throw new Exception("Configuration option 'GnuPG.homedir' is not set, Crypt_GPG cannot be initialized.");
|
||||
}
|
||||
|
||||
$options = array(
|
||||
'homedir' => $homedir,
|
||||
'gpgconf' => Configure::read('GnuPG.gpgconf'),
|
||||
'binary' => Configure::read('GnuPG.binary') ?: '/usr/bin/gpg',
|
||||
);
|
||||
|
||||
return new Crypt_GPG($options);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -85,7 +85,7 @@
|
|||
<?php
|
||||
if (($isAclAdmin && (($user['User']['org_id'] == $me['org_id'])) || ('1' == $me['id'])) || ($isSiteAdmin)):
|
||||
?>
|
||||
<span role="button" tabindex="0" aria-label="Initiate password refresh" title="<?php echo __('Initiate password refresh');?>" class="fa fa-sync useCursorPointer" onClick="initiatePasswordReset('<?php echo $user['User']['id']; ?>');" title="<?php echo __('Create new credentials and inform user');?>" role="button" tabindex="0" aria-label="<?php echo __('Create new credentials and inform user');?>"></span>
|
||||
<span role="button" tabindex="0" class="fa fa-sync useCursorPointer" onClick="initiatePasswordReset('<?php echo $user['User']['id']; ?>');" title="<?php echo __('Create new credentials and inform user');?>" role="button" tabindex="0" aria-label="<?php echo __('Create new credentials and inform user');?>"></span>
|
||||
<?php
|
||||
echo $this->Html->link('', array('admin' => true, 'action' => 'edit', $user['User']['id']), array('class' => 'fa fa-edit', 'title' => __('Edit'), 'aria-label' => __('Edit')));
|
||||
echo $this->Form->postLink('', array('admin' => true, 'action' => 'delete', $user['User']['id']), array('class' => 'fa fa-trash', 'title' => __('Delete'), 'aria-label' => __('Delete')), __('Are you sure you want to delete # %s? It is highly recommended to never delete users but to disable them instead.', $user['User']['id']));
|
||||
|
|
|
@ -21,6 +21,7 @@
|
|||
<th><?php echo $this->Paginator->sort('id');?></th>
|
||||
<th><?php echo $this->Paginator->sort('name');?></th>
|
||||
<th><?php echo __('Connection test');?></th>
|
||||
<th><?php echo __('Reset API key');?></th>
|
||||
<th><?php echo $this->Paginator->sort('internal');?></th>
|
||||
<th><?php echo $this->Paginator->sort('push');?></th>
|
||||
<th><?php echo $this->Paginator->sort('pull');?></th>
|
||||
|
@ -70,6 +71,20 @@ foreach ($servers as $server):
|
|||
?>
|
||||
</td>
|
||||
<td id="connection_test_<?php echo $server['Server']['id'];?>"><span role="button" tabindex="0" aria-label="<?php echo __('Test the connection to the remote instance');?>" title="<?php echo __('Test the connection to the remote instance');?>" class="btn btn-primary" style="line-height:10px; padding: 4px 4px;" onClick="testConnection('<?php echo $server['Server']['id'];?>');"><?php echo __('Run');?></span></td>
|
||||
<td id="reset_api_key_<?php echo $server['Server']['id'];?>">
|
||||
<?php
|
||||
echo $this->Form->postLink(
|
||||
__('Reset'),
|
||||
$baseurl . '/servers/resetRemoteAuthKey/' . $server['Server']['id'],
|
||||
array(
|
||||
'style' => 'line-height:10px; padding: 4px 4px;',
|
||||
'title' => __('Remotely reset API key'),
|
||||
'aria-label' => __('Remotely reset API key'),
|
||||
'class' => 'btn btn-primary'
|
||||
)
|
||||
);
|
||||
?>
|
||||
</td>
|
||||
|
||||
<td><span class="<?php echo ($server['Server']['internal']? 'icon-ok' : 'icon-remove'); ?>" role="img" aria-label="<?php echo ($server['Server']['internal']? __('Yes') : __('No')); ?>" title="<?php echo ($server['Server']['internal']? __('Internal instance that ignores distribution level degradation *WARNING: Only use this setting if you have several internal instances and the sync link is to an internal extension of the current MISP community*') : __('Normal sync link to an external MISP instance. Distribution degradation will follow the normal rules.')); ?>"></span></td>
|
||||
<td><span class="<?php echo ($server['Server']['push']? 'icon-ok' : 'icon-remove'); ?>" role="img" aria-label="<?php echo ($server['Server']['push']? __('Yes') : __('No')); ?>"></span><span class="short <?php if (!$server['Server']['push'] || empty($ruleDescription['push'])) echo "hidden"; ?>" data-toggle="popover" title="Distribution List" data-content="<?php echo $ruleDescription['push']; ?>"> (<?php echo __('Rules');?>)</span></td>
|
||||
|
|
|
@ -67,7 +67,7 @@
|
|||
?>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->Form->input('gpgkey', array('label' => __('GnuPG key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => __('Paste the user\'s GnuPG key here or try to retrieve it from the MIT key server by clicking on "Fetch GnuPG key" below.')));
|
||||
echo $this->Form->input('gpgkey', array('label' => __('GnuPG key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => __('Paste the user\'s GnuPG key here or try to retrieve it from the CIRCL key server by clicking on "Fetch GnuPG key" below.')));
|
||||
?>
|
||||
<div class="clear"><span role="button" tabindex="0" aria-label="<?php echo __('Fetch the user\'s GnuPG key');?>" onClick="lookupPGPKey('UserEmail');" class="btn btn-inverse" style="margin-bottom:10px;"><?php echo __('Fetch GnuPG key');?></span></div>
|
||||
<?php
|
||||
|
|
|
@ -61,7 +61,7 @@
|
|||
?>
|
||||
</div>
|
||||
<?php
|
||||
echo $this->Form->input('gpgkey', array('label' => __('GnuPG key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => __('Paste the user\'s GnuPG key here or try to retrieve it from the MIT key server by clicking on "Fetch GnuPG key" below.')));
|
||||
echo $this->Form->input('gpgkey', array('label' => __('GnuPG key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => __('Paste the user\'s GnuPG key here or try to retrieve it from the CIRCL key server by clicking on "Fetch GnuPG key" below.')));
|
||||
?>
|
||||
<div class="clear"><span role="button" tabindex="0" aria-label="<?php echo __('Fetch the user\'s GnuPG key');?>" onClick="lookupPGPKey('UserEmail');" class="btn btn-inverse" style="margin-bottom:10px;"><?php echo __('Fetch GnuPG key');?></span></div>
|
||||
<?php
|
||||
|
|
|
@ -1,5 +1,25 @@
|
|||
<div class="users index">
|
||||
<h2><?php echo __('Users');?></h2>
|
||||
<?php
|
||||
if ($isSiteAdmin) {
|
||||
echo sprintf(
|
||||
'<span>%s</span>',
|
||||
__(
|
||||
'Click %s to reset the API keys of all sync and org admin users in one shot. This will also automatically inform them of their new API keys.',
|
||||
$this->Form->postLink(
|
||||
__('here'),
|
||||
$baseurl . '/users/resetAllSyncAuthKeys',
|
||||
array(
|
||||
'title' => __('Reset all sync user API keys'),
|
||||
'aria-label' => __('Reset all sync user API keys'),
|
||||
'class' => 'bold'
|
||||
),
|
||||
__('Are you sure you wish to reset the API keys of all users with sync privileges?')
|
||||
)
|
||||
)
|
||||
);
|
||||
}
|
||||
?>
|
||||
<div class="pagination">
|
||||
<ul>
|
||||
<?php
|
||||
|
|
|
@ -20,7 +20,7 @@
|
|||
?>
|
||||
<div class="input clear"></div>
|
||||
<?php
|
||||
echo $this->Form->input('gpgkey', array('label' => __('GnuPG key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => __('Paste the user\'s GnuPG key here or try to retrieve it from the MIT key server by clicking on "Fetch GnuPG key" below.')));
|
||||
echo $this->Form->input('gpgkey', array('label' => __('GnuPG key'), 'div' => 'clear', 'class' => 'input-xxlarge', 'placeholder' => __('Paste the user\'s GnuPG key here or try to retrieve it from the CIRCL key server by clicking on "Fetch GnuPG key" below.')));
|
||||
?>
|
||||
<div class="clear"><span role="button" tabindex="0" aria-label="<?php echo __('Fetch GnuPG key');?>" onClick="lookupPGPKey('UserEmail');" class="btn btn-inverse" style="margin-bottom:10px;"><?php echo __('Fetch GnuPG key');?></span></div>
|
||||
<?php
|
||||
|
|
|
@ -2,7 +2,9 @@
|
|||
"prefer-stable": true,
|
||||
"minimum-stability": "dev",
|
||||
"require": {
|
||||
"kamisama/cake-resque": "4.1.2"
|
||||
"kamisama/cake-resque": "4.1.2",
|
||||
"pear/crypt_gpg": "1.6.3",
|
||||
"monolog/monolog": "1.24.0"
|
||||
},
|
||||
"suggest": {
|
||||
"elasticsearch/elasticsearch": "For logging to elasticsearch",
|
||||
|
|
|
@ -1 +1 @@
|
|||
Subproject commit b986f06cb415262c18c25e0e9c37107eb463cc54
|
||||
Subproject commit c4947875842fcac7d135e1ae9bc99973e18b8b64
|
|
@ -216,11 +216,6 @@ installCoreRHEL () {
|
|||
# Make git ignore filesystem permission differences
|
||||
$SUDO_WWW git config core.filemode false
|
||||
|
||||
# Install packaged pears
|
||||
sudo $RUN_PHP -- pear channel-update pear.php.net
|
||||
sudo $RUN_PHP -- pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml
|
||||
sudo $RUN_PHP -- pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml
|
||||
|
||||
# Create a python3 virtualenv
|
||||
$SUDO_WWW $RUN_PYTHON -- virtualenv -p python3 $PATH_TO_MISP/venv
|
||||
sudo mkdir /usr/share/httpd/.cache
|
||||
|
|
|
@ -142,7 +142,7 @@ yumInstallCoreDeps () {
|
|||
sudo systemctl enable --now redis.service
|
||||
|
||||
PHP_INI=/etc/php.ini
|
||||
sudo yum install php php-fpm php-devel php-pear \
|
||||
sudo yum install php php-fpm php-devel \
|
||||
php-mysqlnd \
|
||||
php-mbstring \
|
||||
php-xml \
|
||||
|
@ -200,11 +200,6 @@ installCoreRHEL () {
|
|||
# Make git ignore filesystem permission differences
|
||||
$SUDO_WWW git config core.filemode false
|
||||
|
||||
# Install packaged pears
|
||||
sudo $RUN_PHP -- pear channel-update pear.php.net
|
||||
sudo $RUN_PHP -- pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml
|
||||
sudo $RUN_PHP -- pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml
|
||||
|
||||
# Create a python3 virtualenv
|
||||
$SUDO_WWW virtualenv-3 -p python3 $PATH_TO_MISP/venv
|
||||
sudo mkdir /usr/share/httpd/.cache
|
||||
|
|
|
@ -116,7 +116,6 @@ installDepsPhp72 () {
|
|||
php php-cli \
|
||||
php-dev \
|
||||
php-json php-xml php-mysql php7.2-opcache php-readline php-mbstring \
|
||||
php-pear \
|
||||
php-redis php-gnupg \
|
||||
php-gd
|
||||
|
||||
|
@ -190,10 +189,6 @@ installCore () {
|
|||
|
||||
# install plyara
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
|
||||
|
||||
# Install Crypt_GPG and Console_CommandLine
|
||||
sudo pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml
|
||||
sudo pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml
|
||||
}
|
||||
# <snippet-end 1_mispCoreInstall.sh>
|
||||
```
|
||||
|
|
|
@ -605,7 +605,6 @@ installDepsPhp70 () {
|
|||
php php-cli \
|
||||
php-dev \
|
||||
php-json php-xml php-mysql php-opcache php-readline php-mbstring \
|
||||
php-pear \
|
||||
php-redis php-gnupg \
|
||||
php-gd
|
||||
|
||||
|
@ -629,7 +628,6 @@ installDepsPhp73 () {
|
|||
php7.3 php7.3-cli \
|
||||
php7.3-dev \
|
||||
php7.3-json php7.3-xml php7.3-mysql php7.3-opcache php7.3-readline php7.3-mbstring \
|
||||
php-pear \
|
||||
php-redis php-gnupg \
|
||||
php-gd
|
||||
}
|
||||
|
|
|
@ -145,11 +145,6 @@ $SUDO_WWW git submodule update --init --recursive
|
|||
# Make git ignore filesystem permission differences for submodules
|
||||
$SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
||||
|
||||
# Install packaged pears
|
||||
sudo $RUN_PHP "pear channel-update pear.php.net"
|
||||
sudo $RUN_PHP "pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml"
|
||||
sudo $RUN_PHP "pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml"
|
||||
|
||||
# Create a python3 virtualenv
|
||||
$SUDO_WWW $RUN_PYTHON "virtualenv -p python3 $PATH_TO_MISP/venv"
|
||||
sudo mkdir /var/www/.cache
|
||||
|
|
|
@ -137,11 +137,6 @@ $SUDO_WWW git submodule foreach --recursive git config core.filemode false
|
|||
# Make git ignore filesystem permission differences
|
||||
$SUDO_WWW git config core.filemode false
|
||||
|
||||
# Install packaged pears
|
||||
sudo $RUN_PHP "pear channel-update pear.php.net"
|
||||
sudo $RUN_PHP "pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml"
|
||||
sudo $RUN_PHP "pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml"
|
||||
|
||||
# Create a python3 virtualenv
|
||||
$SUDO_WWW $RUN_PYTHON "virtualenv -p python3 $PATH_TO_MISP/venv"
|
||||
sudo mkdir /usr/share/httpd/.cache
|
||||
|
|
|
@ -180,10 +180,6 @@ $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install python-magic
|
|||
|
||||
# install plyara
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
|
||||
|
||||
# Install Crypt_GPG and Console_CommandLine
|
||||
sudo pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml
|
||||
sudo pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml
|
||||
```
|
||||
|
||||
### 4/ CakePHP
|
||||
|
|
|
@ -205,10 +205,6 @@ $SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install python-magic
|
|||
|
||||
# install plyara
|
||||
$SUDO_WWW ${PATH_TO_MISP}/venv/bin/pip install plyara
|
||||
|
||||
# Install Crypt_GPG and Console_CommandLine
|
||||
sudo pear install ${PATH_TO_MISP}/INSTALL/dependencies/Console_CommandLine/package.xml
|
||||
sudo pear install ${PATH_TO_MISP}/INSTALL/dependencies/Crypt_GPG/package.xml
|
||||
```
|
||||
|
||||
### 4/ CakePHP
|
||||
|
|
|
@ -172,8 +172,6 @@ function installMISPonTsurugi() {
|
|||
a2dissite 000-default
|
||||
a2ensite default-ssl
|
||||
|
||||
pear channel-update pear.php.net
|
||||
pear install Crypt_GPG
|
||||
pecl channel-update pecl.php.net
|
||||
|
||||
yes '' |pecl install redis
|
||||
|
|
Loading…
Reference in New Issue