Home Explore Help
Sign In
yunoadmin
/
pihole_ynh
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge pull request #11 from YunoHost-Apps/testing

Fix alias_traversal
Maniack Crudelis 8 years ago
parent
1dbd813d78 2e4c4203d4
commit
64c2454637
7 changed files with 82 additions and 3 deletions
Split View Show Diff Stats
  1. 2 1
      conf/nginx.conf
  2. 1 1
      manifest.json
  3. 5 0
      scripts/_common.sh
  4. 51 0
      scripts/_sed
  5. 15 1
      scripts/change_url
  6. 4 0
      scripts/install
  7. 4 0
      scripts/upgrade

+ 2 - 1
conf/nginx.conf
View File 

@@ -1,4 +1,5 @@
 
-location __PATH__ {
 
+#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
 
+location __PATH__/ {
 
 	alias __FINALPATH__/;
 
 
 	if ($scheme = http) {

+ 1 - 1
manifest.json
View File 

@@ -6,7 +6,7 @@
 
 		"en": "Network-wide ad blocking via your own DNS server.",
 
 		"fr": "Filtrage publicitaire sur l'ensemble du réseau via votre propre serveur DNS."
 
 	},
 
-	"version": "3.1.4~ynh1",
 
+	"version": "3.1.4~ynh2",
 
 	"url": "https://pi-hole.net/",
 
 	"license": "EUPL-1.2",
 
 	"maintainer": {

+ 5 - 0
scripts/_common.sh
View File 

@@ -454,6 +454,11 @@ EOF
 
 	ynh_store_file_checksum "$finalfail2banfilterconf"
 
 
 	sudo systemctl restart fail2ban
 
+	if local fail2ban_error="$(tail -n50 /var/log/fail2ban.log | grep "WARNING Command.*$app.*addfailregex")"
 
+	then
 
+		echo "[ERR] Fail2ban fail to load the jail for $app" >&2
 
+		echo "WARNING${fail2ban_error#*WARNING}" >&2
 
+	fi
 
 }
 
 
 # Remove the dedicated fail2ban config (jail and filter conf files)

+ 51 - 0
scripts/_sed
View File 

@@ -0,0 +1,51 @@
 
+#!/bin/bash
 
+
 
+# https://github.com/YunoHost/yunohost/pull/394
 
+
 
+# Substitute/replace a string (or expression) by another in a file
 
+#
 
+# usage: ynh_replace_string match_string replace_string target_file
 
+# | arg: match_string - String to be searched and replaced in the file
 
+# | arg: replace_string - String that will replace matches
 
+# | arg: target_file - File in which the string will be replaced.
 
+#
 
+# As this helper is based on sed command, regular expressions and
 
+# references to sub-expressions can be used
 
+# (see sed manual page for more information)
 
+ynh_replace_string () {
 
+	local delimit=@
 
+	local match_string=$1
 
+	local replace_string=$2
 
+	local workfile=$3
 
+
 
+	# Escape the delimiter if it's in the string.
 
+	match_string=${match_string//${delimit}/"\\${delimit}"}
 
+	replace_string=${replace_string//${delimit}/"\\${delimit}"}
 
+
 
+	sudo sed --in-place "s${delimit}${match_string}${delimit}${replace_string}${delimit}g" "$workfile"
 
+}
 
+
 
+# Substitute/replace a password by another in a file
 
+#
 
+# usage: ynh_replace_password_string match_string replace_string target_file
 
+# | arg: match_string - String to be searched and replaced in the file
 
+# | arg: replace_string - String that will replace matches
 
+# | arg: target_file - File in which the string will be replaced.
 
+#
 
+# This helper will use ynh_replace_string, but as you can use special
 
+# characters, you can't use some regular expressions and sub-expressions.
 
+ynh_replace_password_string () {
 
+	local match_string=$1
 
+	local replace_string=$2
 
+	local workfile=$3
 
+
 
+	# Escape any backslash to preserve them as simple backslash.
 
+	match_string=${match_string//\\/"\\\\"}
 
+	replace_string=${replace_string//\\/"\\\\"}
 
+
 
+	# Escape the & character, who has a special function in sed.
 
+	match_string=${match_string//&/"\&"}
 
+	replace_string=${replace_string//&/"\&"}
 
+
 
+	ynh_replace_string "$match_string" "$replace_string" "$workfile"
 
+}

+ 15 - 1
scripts/change_url
View File 

@@ -8,6 +8,7 @@
 
 
 source _common.sh
 
 source /usr/share/yunohost/helpers
 
+source _sed
 
 
 #=================================================
 
 # RETRIEVE ARGUMENTS
 
@@ -64,7 +65,20 @@ nginx_conf_path=/etc/nginx/conf.d/$old_domain.d/$app.conf
 
 # Change the path in the nginx config file
 
 if [ $change_path -eq 1 ]
 
 then
 
-	ynh_replace_string "location $old_path" "location $new_path" "$nginx_conf_path"
 
+
 
+	# Move from sub path to root
 
+	if [ "$new_path" == "/" ]
 
+	then
 
+		ynh_replace_string "^ *rewrite.*\^$old_path" "#sub_path_only&" "$nginx_conf_path"
 
+		ynh_replace_string "\(rewrite *\^\)$old_path\$ $old_path/*" "\1$new_path$ $new_path" "$nginx_conf_path"
 
+
 
+	# Move to a sub path
 
+	else
 
+		ynh_replace_string "^#sub_path_only" "" "$nginx_conf_path"
 
+		ynh_replace_string "\(rewrite *\^\)$old_path\$ $old_path/*" "\1$new_path$ $new_path/" "$nginx_conf_path"
 
+	fi
 
+
 
+	ynh_replace_string "location ${old_path%/}/" "location ${new_path%/}/" "$nginx_conf_path"
 
 fi
 
 
 # Change the domain for nginx

+ 4 - 0
scripts/install
View File 

@@ -94,6 +94,10 @@ ynh_setup_source "$final_path" admin_dashboard
 
 # NGINX CONFIGURATION
 
 #=================================================
 
 
+if [ "$path_url" != "/" ]
 
+then
 
+	ynh_replace_string "^#sub_path_only" "" "../conf/nginx.conf"
 
+fi
 
 ynh_add_nginx_config
 
 
 #=================================================

+ 4 - 0
scripts/upgrade
View File 

@@ -63,6 +63,10 @@ ynh_setup_source "$final_path" admin_dashboard
 
 # NGINX CONFIGURATION
 
 #=================================================
 
 
+if [ "$path_url" != "/" ]
 
+then
 
+	ynh_replace_string "^#sub_path_only" "" "../conf/nginx.conf"
 
+fi
 
 ynh_add_nginx_config
 
 
 #=================================================