Author: jfthomps
Date: Wed Jun 7 20:52:50 2017
New Revision: 1797999
URL: http://svn.apache.org/viewvc?rev=1797999&view=rev
Log:
VCL-1045 - Method of encrypting sensitive database entries
addomain.php: modified AJsaveResource: added check for getCryptKeyID returning
NULL
siteconfig.php: removed TODO comment
utils.php:
-modified checkCryptkey: updated comments
-modified prettyLength: (unrelated to this JIRA) cast $minutes / 60 to int
vm.php: modified AJupdateVMprofileItem: added check for getCryptKeyID returning
NULL
Modified:
vcl/trunk/web/.ht-inc/addomain.php
vcl/trunk/web/.ht-inc/siteconfig.php
vcl/trunk/web/.ht-inc/utils.php
vcl/trunk/web/.ht-inc/vm.php
Modified: vcl/trunk/web/.ht-inc/addomain.php
URL:
http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/addomain.php?rev=1797999&r1=1797998&r2=1797999&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/addomain.php (original)
+++ vcl/trunk/web/.ht-inc/addomain.php Wed Jun 7 20:52:50 2017
@@ -188,6 +188,11 @@ class ADdomain extends Resource {
$oldsecretid = $olddata['secretid'];
# check that we have a cryptsecret entry for
this secret
$cryptkeyid = getCryptKeyID();
+ if($cryptkeyid == NULL) {
+ $ret = array('status' => 'error', 'msg'
=> "Error encountered while updating password");
+ sendJSON($ret);
+ return;
+ }
$query = "SELECT cryptsecret "
. "FROM cryptsecret "
. "WHERE cryptkeyid = $cryptkeyid AND "
Modified: vcl/trunk/web/.ht-inc/siteconfig.php
URL:
http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/siteconfig.php?rev=1797999&r1=1797998&r2=1797999&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/siteconfig.php (original)
+++ vcl/trunk/web/.ht-inc/siteconfig.php Wed Jun 7 20:52:50 2017
@@ -1138,7 +1138,7 @@ class AffilTextVariable {
continue;
$id = "{$this->domidbase}_$affilid";
$newval = processInputVar($id, ARG_STRING);
- if($newval !== NULL || # TODO test further
+ if($newval !== NULL ||
! $this->allowempty ||
($affilid == $this->globalid && !
$this->allowglobalempty)) {
if(! $this->validateValue($newval)) {
Modified: vcl/trunk/web/.ht-inc/utils.php
URL:
http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/utils.php?rev=1797999&r1=1797998&r2=1797999&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/utils.php (original)
+++ vcl/trunk/web/.ht-inc/utils.php Wed Jun 7 20:52:50 2017
@@ -646,10 +646,11 @@ function checkCryptkey() {
return;
}
- # no id file or no matching entry in cryptkey, create new key
+ // if no id file and cannot write to cryptkey directory, return
if(! is_writable($filebase))
return;
+ # no id file or no matching entry in cryptkey, create new key
$keyfile = "$filebase/private.pem";
$_algorithm = constant("OPENSSL_KEYTYPE_" . ASYMALGO);
@@ -10023,7 +10024,7 @@ function prettyLength($minutes) {
elseif($minutes == 60)
return i("1 hour");
elseif($minutes % 60 == 0)
- return $minutes / 60 . " " . i("hours");
+ return (int)($minutes / 60) . " " . i("hours");
else {
$hours = (int)($minutes / 60);
$min = (int)($minutes % 60);
Modified: vcl/trunk/web/.ht-inc/vm.php
URL:
http://svn.apache.org/viewvc/vcl/trunk/web/.ht-inc/vm.php?rev=1797999&r1=1797998&r2=1797999&view=diff
==============================================================================
--- vcl/trunk/web/.ht-inc/vm.php (original)
+++ vcl/trunk/web/.ht-inc/vm.php Wed Jun 7 20:52:50 2017
@@ -868,6 +868,11 @@ function AJupdateVMprofileItem() {
$secretid = getSecretKeyID('vmprofile', 'secretid',
$profileid);
# check that we have a cryptsecret entry for this secret
$cryptkeyid = getCryptKeyID();
+ if($cryptkeyid === NULL) {
+ print "dojo.byId('savestatus').innerHTML = '';";
+ print "alert('Error saving password');";
+ return;
+ }
$query = "SELECT cryptsecret "
. "FROM cryptsecret "
. "WHERE cryptkeyid = $cryptkeyid AND "
