Subversion Repositories oidplus

Compare Revisions

Regard whitespace Rev 717 → Rev 718

/trunk/plugins/viathinksoft/adminPages/900_software_update/private/gen_serverside
32,6 → 32,11
die();
}
 
if (DIRECTORY_SEPARATOR != '/') {
echo "This script can only run on Unix like systems\n";
exit(2);
}
 
if ($argc != 4) {
echo "Usage: ".$argv[0]." <targetpath> <privkey> <force(1|0)>\n";
exit(2);
46,7 → 51,7
exit(1);
}
 
if (!file_exists($priv_key)) {
if (!is_file($priv_key)) {
echo "Private key file $priv_key does not exist!\n";
exit(1);
}
59,20 → 64,212
$outscript = '';
$func_idx = 0;
 
 
// First, write the change scripts
 
$out = array();
$ec = -1;
exec('svn info https://svn.viathinksoft.com/svn/oidplus/trunk/ | grep "Revision:" | cut -d " " -f 2', $out, $ec);
if ($ec != 0) die("SVN Info failed!!!\n");
$max_svn = implode("", $out);
 
for ($i=2; $i<=$max_svn; $i++) {
echo "SVN revision $i / $max_svn\r";
 
$outfile = $output_dir."/update_".($i-1)."_to_$i.txt";
if (!$force && is_file($outfile)) continue;
 
$outdir_old = "/tmp/oidplus_svntmp2_".($i-1)."/";
if ($outdir_old && is_dir($outdir_old)) exec("rm -rf $outdir_old", $out, $ec);
exec("svn co https://svn.viathinksoft.com/svn/oidplus/trunk/@".($i-1)." $outdir_old", $out, $ec);
if ($ec != 0) die("Checkout of SVN Rev ".($i-1)." failed!!!\n");
hotfix_dir($i-1, $outdir_old);
 
$outdir_new = "/tmp/oidplus_svntmp2_$i/";
if ($outdir_new && is_dir($outdir_new)) exec("rm -rf $outdir_new", $out, $ec);
exec("svn co https://svn.viathinksoft.com/svn/oidplus/trunk/@$i $outdir_new", $out, $ec);
if ($ec != 0) die("Checkout of SVN Rev ".($i)." failed!!!\n");
hotfix_dir($i, $outdir_new);
 
$outscript = "<?php\n";
$outscript .= "\n";
$outscript .= "/*\n";
$outscript .= " * OIDplus 2.0\n";
$outscript .= " * Copyright 2019 - ".date('Y')." Daniel Marschall, ViaThinkSoft\n";
$outscript .= " *\n";
$outscript .= " * Licensed under the Apache License, Version 2.0 (the \"License\");\n";
$outscript .= " * you may not use this file except in compliance with the License.\n";
$outscript .= " * You may obtain a copy of the License at\n";
$outscript .= " *\n";
$outscript .= " * http://www.apache.org/licenses/LICENSE-2.0\n";
$outscript .= " *\n";
$outscript .= " * Unless required by applicable law or agreed to in writing, software\n";
$outscript .= " * distributed under the License is distributed on an \"AS IS\" BASIS,\n";
$outscript .= " * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n";
$outscript .= " * See the License for the specific language governing permissions and\n";
$outscript .= " * limitations under the License.\n";
$outscript .= " */\n";
$outscript .= "\n";
$outscript .= "function info(\$str) { echo \"INFO: \$str\\n\"; }\n";
$outscript .= "function warn(\$str) { echo \"WARNING: \$str\\n\"; }\n";
$outscript .= "function err(\$str) { die(\"FATAL ERROR: \$str\\n\"); }\n";
$outscript .= "\n";
$outscript .= "@set_time_limit(0);\n";
$outscript .= "\n";
$outscript .= "@header('Content-Type: text/plain');\n";
$outscript .= "\n";
$outscript .= "chdir(__DIR__);\n";
if ($i >= 662) {
$outscript .= "if (trim(@file_get_contents('.version.php')) !== '<?php // Revision ".($i-1)."') {\n";
$outscript .= "\terr('This update can only be applied to OIDplus version svn-".($i-1)."!');\n";
$outscript .= "}\n";
} else {
$outscript .= "if (trim(@file_get_contents('oidplus_version.txt')) !== 'Revision ".($i-1)."') {\n";
$outscript .= "\terr('This update can only be applied to OIDplus version svn-".($i-1)."!');\n";
$outscript .= "}\n";
}
$outscript .= "\n";
/*
if ($i >= 99999) {
... once we require PHP 7.1, we add the requirement here
... also if we require fancy new PHP modules, we must add it here
... the checks avoid that someone breaks their OIDplus installation if they update
} else
*/if ($i >= 2) {
// Rev 2+ requires PHP 7.0.0
$outscript .= "if (version_compare(PHP_VERSION, '7.0.0') < 0) {\n";
$outscript .= "\terr('You need PHP Version 7.0 to update to this version');\n";
$outscript .= "}\n";
}
$outscript .= "\n";
$outscript .= "info('Update to OIDplus version svn-$i running...');\n";
$outscript .= "\n";
getDirContents($outdir_old, $outdir_new);
$outscript .= "\n";
if ($i >= 661) {
$outscript .= "file_put_contents('.version.php', \"<?php // Revision $i\\n\");\n";
$outscript .= "if (trim(@file_get_contents('.version.php')) !== '<?php // Revision $i') err('Could not write to .version.php!');\n";
if ($i == 661) {
$outscript .= "@unlink('oidplus_version.txt');\n";
$outscript .= "if (is_file('oidplus_version.txt')) err('Could not delete oidplus_version.txt! Please delete it manually');\n";
}
} else {
$outscript .= "file_put_contents('oidplus_version.txt', \"Revision $i\\n\");\n";
$outscript .= "if (trim(@file_get_contents('oidplus_version.txt')) !== 'Revision $i') err('Could not write to oidplus_version.txt!');\n";
}
$outscript .= "\n";
$outscript .= "\n";
$outscript .= "info('Update to OIDplus version svn-$i done!');\n";
$outscript .= "\n";
$outscript .= "unlink(__FILE__);\n";
$outscript .= "\n";
 
// Now add digital signature
 
if (strpos($outscript, '<?php') === false) {
echo "Not a PHP file\n"; // Should not happen
continue;
}
 
$naked = preg_replace('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', '', $outscript);
 
$hash = hash("sha256", $naked.basename($outfile));
 
$pkeyid = openssl_pkey_get_private('file://'.$priv_key);
openssl_sign($hash, $signature, $pkeyid, OPENSSL_ALGO_SHA256);
openssl_free_key($pkeyid);
 
if (!$signature) {
echo "ERROR: Signature failed\n";
continue;
}
 
$sign_line = '<?php /* <ViaThinkSoftSignature>'."\n".split_equal_length(base64_encode($signature),65).'</ViaThinkSoftSignature> */ ?>';
 
// We have to put the signature at the beginning, because we don't know if the end of the file lacks a PHP closing tag
if (substr($outscript,0,2) === '#!') {
// Preserve shebang
$shebang_pos = strpos($naked, "\n");
$shebang = substr($naked, 0, $shebang_pos);
$rest = substr($naked, $shebang_pos+1);
$outscript = $shebang."\n".$sign_line."\n".$rest;
} else {
$outscript = $sign_line."\n".$naked;
}
 
// Write the file
 
file_put_contents($outfile, $outscript);
 
$ec = -1;
$out = array();
exec('php -l '.escapeshellarg($outfile), $out, $ec);
if ($ec != 0) {
fwrite(STDERR, "STOP! $outfile PHP syntax error!\n");
unlink($outfile);
break;
}
file_put_contents($outfile.'.gz', gzencode($outscript));
 
// Delete temp dirs
 
$ec = -1;
$out = array();
if ($outdir_old && is_dir($outdir_old)) exec("rm -rf $outdir_old", $out, $ec);
if ($outdir_new && is_dir($outdir_new)) exec("rm -rf $outdir_new", $out, $ec);
}
echo "\n";
 
 
// Now write the release messages (required by software update and vnag)
 
$ec = -1;
$out = array();
exec('svn log https://svn.viathinksoft.com/svn/oidplus/trunk --xml', $out, $ec);
if ($ec != 0) {
fwrite(STDERR, "SVN Log failed\n");
} else {
$str = implode("\n",$out);
 
$xml = simplexml_load_string($str);
 
$out = array();
 
foreach ($xml as $a) {
 
$out[(int)$a->attributes()->revision] = array(
 
'date' => date('Y-m-d H:i:s',strtotime((string)$a->date)),
'author' => (string)$a->author,
'msg' => trim((string)$a->msg),
 
);
 
}
 
ksort($out);
 
// TODO: We should also digitally sign these files?
file_put_contents($output_dir.'/releases.ser', serialize($out));
file_put_contents($output_dir.'/releases.ser.gz', gzencode(serialize($out)));
}
 
# ------------------------------------------------------------------------------------------
 
function getDirContents_del($dir_old, $dir_new, $basepath_old=null, $basepath_new=null) {
global $outscript;
 
if (is_null($basepath_old)) $basepath_old = $dir_old;
$basepath_old = realpath($basepath_old) . DIRECTORY_SEPARATOR;
$basepath_old = my_realpath($basepath_old) . DIRECTORY_SEPARATOR;
if ($basepath_old == '/') {
fwrite(STDERR, 'ARG');
die();
}
 
$dir_old = realpath($dir_old) . DIRECTORY_SEPARATOR;
$dir_new = realpath($dir_new) . DIRECTORY_SEPARATOR;
$files_old = scandir($dir_old);
$files_new = scandir($dir_new);
$dir_old = my_realpath($dir_old) . DIRECTORY_SEPARATOR;
$dir_new = my_realpath($dir_new) . DIRECTORY_SEPARATOR;
$files_old = my_scandir($dir_old);
//$files_new = my_scandir($dir_new);
 
foreach ($files_old as $file_old) {
if ($file_old === '.') continue;
80,8 → 277,8
if ($file_old === '.svn') continue;
if ($file_old === '.git') continue;
 
$path_old = realpath($dir_old . DIRECTORY_SEPARATOR . $file_old);
$path_new = realpath($dir_new . DIRECTORY_SEPARATOR . $file_old);
$path_old = my_realpath($dir_old . DIRECTORY_SEPARATOR . $file_old);
$path_new = my_realpath($dir_new . DIRECTORY_SEPARATOR . $file_old);
 
$xpath_old = substr($path_old, strlen($basepath_old));
 
97,10 → 294,10
$outscript .= "\twarn('Directory could not be deleted (was not empty?): $xpath_old');\n";
$outscript .= "}\n";
$outscript .= "\n";
} else if (file_exists($path_old) && !file_exists($path_new)) {
} else if (is_file($path_old) && !is_file($path_new)) {
$outscript .= "// File deleted: $xpath_old\n";
$outscript .= "@unlink('$xpath_old');\n";
$outscript .= "if (file_exists('$xpath_old')) {\n";
$outscript .= "if (is_file('$xpath_old')) {\n";
$outscript .= "\twarn('File could not be deleted: $xpath_old');\n";
$outscript .= "}\n";
$outscript .= "\n";
112,16 → 309,16
global $outscript;
 
if (is_null($basepath_old)) $basepath_old = $dir_old;
$basepath_old = realpath($basepath_old) . DIRECTORY_SEPARATOR;
$basepath_old = my_realpath($basepath_old) . DIRECTORY_SEPARATOR;
if ($basepath_old == '/') {
fwrite(STDERR, 'ARG');
die();
}
 
$dir_old = realpath($dir_old) . DIRECTORY_SEPARATOR;
$dir_new = realpath($dir_new) . DIRECTORY_SEPARATOR;
$files_old = scandir($dir_old);
$files_new = scandir($dir_new);
$dir_old = my_realpath($dir_old) . DIRECTORY_SEPARATOR;
$dir_new = my_realpath($dir_new) . DIRECTORY_SEPARATOR;
$files_old = my_scandir($dir_old);
$files_new = my_scandir($dir_new);
 
foreach ($files_old as $file_old) {
if ($file_old === '.') continue;
129,12 → 326,12
if ($file_old === '.svn') continue;
if ($file_old === '.git') continue;
 
$path_old = realpath($dir_old . DIRECTORY_SEPARATOR . $file_old);
$path_new = realpath($dir_new . DIRECTORY_SEPARATOR . $file_old);
$path_old = my_realpath($dir_old . DIRECTORY_SEPARATOR . $file_old);
$path_new = my_realpath($dir_new . DIRECTORY_SEPARATOR . $file_old);
 
$xpath_old = substr($path_old, strlen($basepath_old));
 
if (file_exists($path_old) && file_exists($path_new)) {
if (is_file($path_old) && is_file($path_new)) {
if (file_get_contents($path_old) != file_get_contents($path_new)) {
$outscript .= "// Files different: $xpath_old\n";
 
145,10 → 342,10
$outscript .= "\t@touch('$xpath_old',".filemtime($path_new).");\n";
$outscript .= "}\n";
 
$outscript .= "if (!file_exists('$xpath_old')) {\n";
$outscript .= "if (!is_file('$xpath_old')) {\n";
$outscript .= "\twarn('File has vanished! Will re-create it: $xpath_old');\n";
$outscript .= "\twritefile_".$func_idx."();\n";
$outscript .= "\tif (!file_exists('$xpath_old')) {\n";
$outscript .= "\tif (!is_file('$xpath_old')) {\n";
$outscript .= "\t\twarn('File cannot be created (not existing): $xpath_old');\n";
$outscript .= "\t} else if (sha1_file('$xpath_old') != '".sha1_file($path_new)."') {\n";
$outscript .= "\t\twarn('File cannot be created (checksum mismatch): $xpath_old');\n";
185,6 → 382,7
$outscript .= "\n";
}
} else if (is_dir($path_old) && is_dir($path_new)) {
/*
$outscript .= "// Verify that directory exists: $xpath_old\n";
$outscript .= "if (!is_dir('$xpath_old')) {\n";
$outscript .= "\twarn('Directory has vanished! Will re-create it: $xpath_old');\n";
194,6 → 392,7
$outscript .= "\t}\n";
$outscript .= "}\n";
$outscript .= "\n";
*/
 
if ((fileperms($path_old) & 0777) != (fileperms($path_new) & 0777)) {
$outscript .= "// Different dir chmod: $xpath_old\n";
214,16 → 413,16
global $outscript;
 
if (is_null($basepath_new)) $basepath_new = $dir_new;
$basepath_new = realpath($basepath_new) . DIRECTORY_SEPARATOR;
$basepath_new = my_realpath($basepath_new) . DIRECTORY_SEPARATOR;
if ($basepath_new == '/') {
fwrite(STDERR, 'ARG');
die();
}
 
$dir_old = realpath($dir_old) . DIRECTORY_SEPARATOR;
$dir_new = realpath($dir_new) . DIRECTORY_SEPARATOR;
$files_old = scandir($dir_old);
$files_new = scandir($dir_new);
$dir_old = my_realpath($dir_old) . DIRECTORY_SEPARATOR;
$dir_new = my_realpath($dir_new) . DIRECTORY_SEPARATOR;
//$files_old = my_scandir($dir_old);
$files_new = my_scandir($dir_new);
 
foreach ($files_new as $file_new) {
if ($file_new === '.') continue;
231,8 → 430,8
if ($file_new === '.svn') continue;
if ($file_new === '.git') continue;
 
$path_old = realpath($dir_old . DIRECTORY_SEPARATOR . $file_new);
$path_new = realpath($dir_new . DIRECTORY_SEPARATOR . $file_new);
$path_old = my_realpath($dir_old . DIRECTORY_SEPARATOR . $file_new);
$path_new = my_realpath($dir_new . DIRECTORY_SEPARATOR . $file_new);
 
$xpath_new = substr($path_new, strlen($basepath_new));
 
246,7 → 445,12
$outscript .= "\twarn('Could not change directory permissions of ".$xpath_new."');\n";
$outscript .= "}\n";
$outscript .= "\n";
} else if (file_exists($path_new) && !file_exists($path_old)) {
// we create it locally, so that the recursive code still works
mkdir($dir_old . DIRECTORY_SEPARATOR . $file_new);
$path_old = my_realpath($dir_old . DIRECTORY_SEPARATOR . $file_new);
} else if (is_file($path_new) && !is_file($path_old)) {
$outscript .= "// File added: $xpath_new\n";
 
global $func_idx;
257,7 → 461,7
$outscript .= "}\n";
 
// Note: We will not warn if the file was created and is exactly the file we want
$outscript .= "if (file_exists('$xpath_new') && (sha1_file('$xpath_new') != '".sha1_file($path_new)."')) {\n";
$outscript .= "if (is_file('$xpath_new') && (sha1_file('$xpath_new') != '".sha1_file($path_new)."')) {\n";
$outscript .= "\twarn('File was created by someone else. Will overwrite the changes now: $xpath_new');\n";
$outscript .= "\t\$tmp = pathinfo('$xpath_new');\n";
$outscript .= "\t\$backup_name = \$tmp['dirname'].DIRECTORY_SEPARATOR.\$tmp['filename'].'.'.date('Ymdhis',@filemtime('$xpath_new')).(isset(\$tmp['extension']) ? '.'.\$tmp['extension'] : '');\n";
268,7 → 472,7
$outscript .= "}\n";
 
$outscript .= "writefile_".$func_idx."();\n";
$outscript .= "if (!file_exists('$xpath_new')) {\n";
$outscript .= "if (!is_file('$xpath_new')) {\n";
$outscript .= "\twarn('File cannot be created (not existing): $xpath_new');\n";
$outscript .= "} else if (sha1_file('$xpath_new') != '".sha1_file($path_new)."') {\n";
$outscript .= "\twarn('File cannot be created (checksum mismatch): $xpath_new');\n";
292,13 → 496,8
getDirContents_del($dir_old, $dir_new);
}
 
$out = array();
$ec = -1;
exec('svn info https://svn.viathinksoft.com/svn/oidplus/trunk/ | grep "Revision:" | cut -d " " -f 2', $out, $ec);
if ($ec != 0) die("SVN Info failed!!!\n");
$max_svn = implode("", $out);
 
function fix_rev699_bug($dir) {
function hotfix_dir($rev, $dir) {
if ($rev == 699) {
// Fix syntax error that lead to a stalled update!
$file = $dir.'/plugins/viathinksoft/adminPages/900_software_update/OIDplusPageAdminSoftwareUpdate.class.php';
$cont = file_get_contents($file);
311,190 → 510,8
$cont = str_replace("\t\tOIDplus::getEditionInfo()", "", $cont);
file_put_contents($file, $cont);
}
 
for ($i=2; $i<=$max_svn; $i++) {
echo "SVN revision $i / $max_svn\r";
 
$outfile = $output_dir."/update_".($i-1)."_to_$i.txt";
if (!$force && file_exists($outfile)) continue;
 
$outdir_old = "/tmp/oidplus_svntmp2_".($i-1)."/";
if ($outdir_old && is_dir($outdir_old)) exec("rm -rf $outdir_old", $out, $ec);
exec("svn co https://svn.viathinksoft.com/svn/oidplus/trunk/@".($i-1)." $outdir_old", $out, $ec);
if ($ec != 0) die("Checkout of SVN Rev ".($i-1)." failed!!!\n");
if ($i-1 == 699) fix_rev699_bug($outdir_old);
 
$outdir_new = "/tmp/oidplus_svntmp2_$i/";
if ($outdir_new && is_dir($outdir_new)) exec("rm -rf $outdir_new", $out, $ec);
exec("svn co https://svn.viathinksoft.com/svn/oidplus/trunk/@$i $outdir_new", $out, $ec);
if ($ec != 0) die("Checkout of SVN Rev ".($i)." failed!!!\n");
if ($i == 699) fix_rev699_bug($outdir_new);
 
$outscript = "<?php\n";
$outscript .= "\n";
$outscript .= "/*\n";
$outscript .= " * OIDplus 2.0\n";
$outscript .= " * Copyright 2019 - ".date('Y')." Daniel Marschall, ViaThinkSoft\n";
$outscript .= " *\n";
$outscript .= " * Licensed under the Apache License, Version 2.0 (the \"License\");\n";
$outscript .= " * you may not use this file except in compliance with the License.\n";
$outscript .= " * You may obtain a copy of the License at\n";
$outscript .= " *\n";
$outscript .= " * http://www.apache.org/licenses/LICENSE-2.0\n";
$outscript .= " *\n";
$outscript .= " * Unless required by applicable law or agreed to in writing, software\n";
$outscript .= " * distributed under the License is distributed on an \"AS IS\" BASIS,\n";
$outscript .= " * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\n";
$outscript .= " * See the License for the specific language governing permissions and\n";
$outscript .= " * limitations under the License.\n";
$outscript .= " */\n";
$outscript .= "\n";
$outscript .= "function info(\$str) { echo \"INFO: \$str\\n\"; }\n";
$outscript .= "function warn(\$str) { echo \"WARNING: \$str\\n\"; }\n";
$outscript .= "function err(\$str) { die(\"FATAL ERROR: \$str\\n\"); }\n";
$outscript .= "\n";
$outscript .= "@set_time_limit(0);\n";
$outscript .= "\n";
$outscript .= "@header('Content-Type: text/plain');\n";
$outscript .= "\n";
$outscript .= "chdir(__DIR__);\n";
if ($i >= 662) {
$outscript .= "if (trim(@file_get_contents('.version.php')) !== '<?php // Revision ".($i-1)."') {\n";
$outscript .= "\terr('This update can only be applied to OIDplus SVN Rev ".($i-1)."!');\n";
$outscript .= "}\n";
} else {
$outscript .= "if (trim(@file_get_contents('oidplus_version.txt')) !== 'Revision ".($i-1)."') {\n";
$outscript .= "\terr('This update can only be applied to OIDplus SVN Rev ".($i-1)."!');\n";
$outscript .= "}\n";
}
$outscript .= "\n";
/*
if ($i >= 99999) {
... once we require PHP 7.1, we add the requirement here
... also if we require fancy new PHP modules, we must add it here
... the checks avoid that someone breaks their OIDplus installation if they update
} else
*/if ($i >= 2) {
// Rev 2+ requires PHP 7.0.0
$outscript .= "if (version_compare(PHP_VERSION, '7.0.0') < 0) {\n";
$outscript .= "\terr('You need PHP Version 7.0 to update to this version');\n";
$outscript .= "}\n";
}
$outscript .= "\n";
$outscript .= "info('Update to SVN Rev $i...');\n";
$outscript .= "\n";
getDirContents($outdir_old, $outdir_new);
$outscript .= "\n";
if ($i >= 661) {
$outscript .= "file_put_contents('.version.php', \"<?php // Revision $i\\n\");\n";
$outscript .= "if (trim(@file_get_contents('.version.php')) !== '<?php // Revision $i') err('Could not write to .version.php!');\n";
if ($i == 661) {
$outscript .= "@unlink('oidplus_version.txt');\n";
$outscript .= "if (file_exists('oidplus_version.txt')) err('Could not delete oidplus_version.txt! Please delete it manually');\n";
}
} else {
$outscript .= "file_put_contents('oidplus_version.txt', \"Revision $i\\n\");\n";
$outscript .= "if (trim(@file_get_contents('oidplus_version.txt')) !== 'Revision $i') err('Could not write to oidplus_version.txt!');\n";
}
$outscript .= "\n";
$outscript .= "\n";
$outscript .= "info('Update to SVN Rev $i done!');\n";
$outscript .= "\n";
$outscript .= "unlink(__FILE__);\n";
$outscript .= "\n";
 
// Now add digital signature
 
if (strpos($outscript, '<?php') === false) {
echo "Not a PHP file\n"; // Should not happen
continue;
}
 
$naked = preg_replace('@<\?php /\* <ViaThinkSoftSignature>(.+)</ViaThinkSoftSignature> \*/ \?>\n@ismU', '', $outscript);
 
$hash = hash("sha256", $naked.basename($outfile));
 
$pkeyid = openssl_pkey_get_private('file://'.$priv_key);
openssl_sign($hash, $signature, $pkeyid, OPENSSL_ALGO_SHA256);
openssl_free_key($pkeyid);
 
if (!$signature) {
echo "ERROR: Signature failed\n";
continue;
}
 
$sign_line = '<?php /* <ViaThinkSoftSignature>'."\n".split_equal_length(base64_encode($signature),65).'</ViaThinkSoftSignature> */ ?>';
 
// We have to put the signature at the beginning, because we don't know if the end of the file lacks a PHP closing tag
if (substr($outscript,0,2) === '#!') {
// Preserve shebang
$shebang_pos = strpos($naked, "\n");
$shebang = substr($naked, 0, $shebang_pos);
$rest = substr($naked, $shebang_pos+1);
$outscript = $shebang."\n".$sign_line."\n".$rest;
} else {
$outscript = $sign_line."\n".$naked;
}
 
// Write the file
 
file_put_contents($outfile, $outscript);
 
$ec = -1;
$out = array();
exec('php -l '.escapeshellarg($outfile), $out, $ec);
if ($ec != 0) {
fwrite(STDERR, "STOP! $outfile PHP syntax error!\n");
unlink($outfile);
break;
}
file_put_contents($outfile.'.gz', gzencode($outscript));
 
// Delete temp dirs
 
$ec = -1;
$out = array();
if ($outdir_old && is_dir($outdir_old)) exec("rm -rf $outdir_old", $out, $ec);
if ($outdir_new && is_dir($outdir_new)) exec("rm -rf $outdir_new", $out, $ec);
}
echo "\n";
 
 
// Now write the release messages (required by software update and vnag)
 
 
$ec = -1;
$out = array();
exec('svn log https://svn.viathinksoft.com/svn/oidplus/trunk --xml', $out, $ec);
if ($ec != 0) {
fwrite(STDERR, "SVN Log failed\n");
} else {
$str = implode("\n",$out);
 
$xml = simplexml_load_string($str);
 
$out = array();
 
foreach ($xml as $a) {
 
$out[(int)$a->attributes()->revision] = array(
 
'date' => date('Y-m-d H:i:s',strtotime((string)$a->date)),
'author' => (string)$a->author,
'msg' => trim((string)$a->msg),
 
);
 
}
 
ksort($out);
 
file_put_contents($output_dir.'/releases.ser', serialize($out));
file_put_contents($output_dir.'/releases.ser.gz', gzencode(serialize($out)));
}
 
# ---
 
function split_equal_length($data, $width=65) {
$res = '';
for ($i=0; $i<strlen($data); $i+=$width) {
522,3 → 539,14
}
fclose($handle);
}
 
function my_realpath($name) {
$ret = realpath($name);
return ($ret === false) ? $name : $ret;
}
 
function my_scandir($dir) {
$ret = @scandir($dir);
if ($ret === false) return array();
return $ret;
}
/trunk/plugins/viathinksoft/captcha/vts_challenge/OIDplusCaptchaPluginVtsClientChallenge.class.php
95,18 → 95,18
$server_secret='VtsClientChallenge:'.OIDplus::baseConfig()->getValue('SERVER_SECRET');
$max_time = 10*60; // 10min. TODO: make configurable!
 
if (!isset($params[$fieldname])) throw new \Exception('No challenge response found');
if (!isset($params[$fieldname])) throw new OIDplusException('No challenge response found');
 
list($starttime, $ip_target, $challenge, $answer, $challenge_integrity) = @json_decode($params[$fieldname], true);
 
if ($ip_target != (isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : 'unknown')) {
throw new \Exception(_L('Wrong IP address'));
throw new OIDplusException(_L('Wrong IP address'));
} else if (time()-$starttime > $max_time) {
throw new \Exception(_L('Challenge expired'));
throw new OIDplusException(_L('Challenge expired'));
} else if ($challenge_integrity != sha3_512_hmac($challenge,$server_secret)) {
throw new \Exception(_L('Challenge integrity failed'));
throw new OIDplusException(_L('Challenge integrity failed'));
} else if ($challenge !== sha3_512($starttime.'/'.$ip_target.'/'.$answer)) {
throw new \Exception(_L('Wrong answer'));
throw new OIDplusException(_L('Wrong answer'));
}
}