danwin1210/hosting
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added canonical tag and store tor/php instance responsibility in db

Browse Source
This commit is contained in:
Daniel Winzen
2019-06-20 18:53:30 +02:00
parent 0462b9a440
commit 851a3103be
13 changed files with 99 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
var/www/cron.php
View File

@ -18,12 +18,12 @@ $db->query('UPDATE service_instances SET reload=0 WHERE reload=1;');
$del=$db->prepare("DELETE FROM new_account WHERE user_id=?;");
$enable_onion=$db->prepare("UPDATE onions SET enabled=2 WHERE onion=?;");
$approval = REQUIRE_APPROVAL ? 'WHERE new_account.approved=1': '';
$stmt=$db->query("SELECT users.system_account, users.username, new_account.password, users.php, users.autoindex, users.id, onions.onion FROM new_account INNER JOIN users ON (users.id=new_account.user_id) INNER JOIN onions ON (onions.user_id=users.id) $approval LIMIT 100;");
$stmt=$db->query("SELECT users.system_account, users.username, new_account.password, users.php, users.autoindex, users.id, onions.onion, users.instance FROM new_account INNER JOIN users ON (users.id=new_account.user_id) INNER JOIN onions ON (onions.user_id=users.id) $approval LIMIT 100;");
while($id=$stmt->fetch(PDO::FETCH_NUM)){
$onion=$id[6];
$system_account=$id[0];
$firstchar=substr($system_account, 0, 1);
$reload[$firstchar]=true;
$instance=$id[7];
$reload[$instance]=true;
$enable_onion->execute([$id[6]]);
//add and manage rights of system user
$shell = ENABLE_SHELL_ACCESS ? '/bin/bash' : '/usr/sbin/nologin';
@ -46,11 +46,11 @@ while($id=$stmt->fetch(PDO::FETCH_NUM)){
//add hidden services to tor
$update_onion=$db->prepare('UPDATE onions SET private_key=?, enabled=1 WHERE onion=?;');
$stmt=$db->query('SELECT onion, private_key, version FROM onions WHERE enabled=2;');
$stmt=$db->query('SELECT onion, private_key, version, instance FROM onions WHERE enabled=2;');
$onions=$stmt->fetchAll(PDO::FETCH_NUM);
foreach($onions as $onion){
$firstchar=substr($onion[0], 0, 1);
$reload[$firstchar]=true;
$instance = $onion[3];
$reload[$instance] = true;
if($onion[2]==2){
//php openssl implementation has some issues, re-export using native openssl
$pkey=openssl_pkey_get_private($onion[1]);
@ -58,57 +58,57 @@ foreach($onions as $onion){
openssl_pkey_free($pkey);
$priv_key=shell_exec('echo ' . escapeshellarg($exported) . ' | openssl rsa');
//save hidden service
mkdir("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion", 0700);
file_put_contents("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/private_key", $priv_key);
chmod("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/private_key", 0600);
chown("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/", "_tor-$firstchar");
chown("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/private_key", "_tor-$firstchar");
chgrp("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/", "_tor-$firstchar");
chgrp("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/private_key", "_tor-$firstchar");
mkdir("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion", 0700);
file_put_contents("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/private_key", $priv_key);
chmod("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/private_key", 0600);
chown("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/", "_tor-$instance");
chown("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/private_key", "_tor-$instance");
chgrp("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/", "_tor-$instance");
chgrp("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/private_key", "_tor-$instance");
$update_onion->execute([$priv_key, $onion[0]]);
}elseif($onion[2]==3){
$priv_key=base64_decode($onion[1]);
//save hidden service
mkdir("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion", 0700);
file_put_contents("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/hs_ed25519_secret_key", $priv_key);
chmod("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/hs_ed25519_secret_key", 0600);
chown("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/", "_tor-$firstchar");
chown("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/hs_ed25519_secret_key", "_tor-$firstchar");
chgrp("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/", "_tor-$firstchar");
chgrp("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/hs_ed25519_secret_key", "_tor-$firstchar");
mkdir("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion", 0700);
file_put_contents("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/hs_ed25519_secret_key", $priv_key);
chmod("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/hs_ed25519_secret_key", 0600);
chown("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/", "_tor-$instance");
chown("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/hs_ed25519_secret_key", "_tor-$instance");
chgrp("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/", "_tor-$instance");
chgrp("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/hs_ed25519_secret_key", "_tor-$instance");
$update_onion->execute([$onion[1], $onion[0]]);
}
}
//delete old accounts
$del=$db->prepare("DELETE FROM users WHERE id=?;");
$stmt=$db->query("SELECT system_account, id, mysql_user FROM users WHERE todelete=1 LIMIT 100;");
$stmt=$db->query("SELECT system_account, id, mysql_user, instance FROM users WHERE todelete=1 LIMIT 100;");
$accounts=$stmt->fetchAll(PDO::FETCH_NUM);
$mark_onions=$db->prepare('UPDATE onions SET enabled=-1 WHERE user_id=? AND enabled!=-2;');
foreach($accounts as $account){
$firstchar=substr($account[0], 0, 1);
$reload[$firstchar]=true;
$instance=$account[3];
$reload[$instance]=true;
$mark_onions->execute([$account[1]]);
}
//delete hidden services from tor
$del_onions=$db->prepare('DELETE FROM onions WHERE onion=?;');
$stmt=$db->query('SELECT onion FROM onions WHERE enabled=-1;');
$stmt=$db->query('SELECT onion, instance FROM onions WHERE enabled=-1;');
$onions=$stmt->fetchAll(PDO::FETCH_NUM);
foreach($onions as $onion){
$firstchar=substr($onion[0], 0, 1);
$reload[$firstchar]=true;
if(file_exists("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/")){
if(file_exists("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/authorized_clients/")){
foreach(glob("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/authorized_clients/*") as $file){
$instance = $onion[1];
$reload[$instance] = true;
if(file_exists("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/")){
if(file_exists("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/authorized_clients/")){
foreach(glob("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/authorized_clients/*") as $file){
unlink($file);
}
rmdir("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/authorized_clients");
rmdir("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/authorized_clients");
}
foreach(glob("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/*") as $file){
foreach(glob("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/*") as $file){
unlink($file);
}
rmdir("/var/lib/tor-instances/$firstchar/hidden_service_$onion[0].onion/");
rmdir("/var/lib/tor-instances/$instance/hidden_service_$onion[0].onion/");
}
$del_onions->execute([$onion[0]]);
}