FHEM/fhem-mirror
2
0
Fork 0
mirror of https://github.com/fhem/fhem-mirror.git synced 2025-04-28 11:01:59 +00:00
Code Issues Releases Wiki Activity

motd + Security check

Browse Source 
git-svn-id: https://svn.fhem.de/fhem/trunk@1637 2b470e98-0d58-463d-a4d8-8e2adae1ed80
This commit is contained in:
rudolfkoenig 2012-06-22 08:22:24 +00:00
parent 91d4f27318
commit 5298c9df29
4 changed files with 47 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
fhem/CHANGED
View File

@ -48,6 +48,7 @@
- change: separating common functions used by the FHEM modules into - change: separating common functions used by the FHEM modules into
*Utils.pm files from fhem.pl *Utils.pm files from fhem.pl
- feature: portpassword and basicAuth may use evaluated functions - feature: portpassword and basicAuth may use evaluated functions
- feature: motd with SecurityCheck added
- 2011-12-31 (5.2) - 2011-12-31 (5.2)
- bugfix: applying smallscreen attributes to firefox/opera - bugfix: applying smallscreen attributes to firefox/opera

17
fhem/fhem.pl
View File

@ -195,7 +195,7 @@ $modules{Global}{AttrList} =
"verbose:1,2,3,4,5 mseclog version nofork logdir holiday2we " . "verbose:1,2,3,4,5 mseclog version nofork logdir holiday2we " .
"autoload_undefined_devices dupTimeout latitude longitude " . "autoload_undefined_devices dupTimeout latitude longitude " .
"backupcmd backupdir backupsymlink backup_before_update " . "backupcmd backupdir backupsymlink backup_before_update " .
"exclude_from_update "; "exclude_from_update motd";
$modules{Global}{AttrFn} = "GlobalAttr"; $modules{Global}{AttrFn} = "GlobalAttr";
@ -355,9 +355,18 @@ if($pfn) {
# create the global interface definitions # create the global interface definitions
createInterfaceDefinitions(); createInterfaceDefinitions();
$attr{global}{motd} = "SecurityCheck:\n\n"
if(!$attr{global}{motd} || $attr{global}{motd} =~ m/^SecurityCheck/);
$init_done = 1; $init_done = 1;
DoTrigger("global", "INITIALIZED"); DoTrigger("global", "INITIALIZED");
$attr{global}{motd} .=
"\nSet the global attribute motd to none to supress this message,\n".
"or restart fhem for a new check if the problem ist fixed.\n"
if($attr{global}{motd} =~ m/^SecurityCheck:\n\n./);
delete($attr{global}{motd}) if($attr{global}{motd} eq "SecurityCheck:\n\n");
Log 0, "Server started (version $attr{global}{version}, pid $$)"; Log 0, "Server started (version $attr{global}{version}, pid $$)";
################################################ ################################################
@ -682,6 +691,11 @@ AnalyzeInput($)
} }
} else { } else {
$client{$c}{prompt} = 1; # Empty return $client{$c}{prompt} = 1; # Empty return
if(!$client{$c}{motdDisplayed}) {
my $motd = $attr{global}{motd};
push @ret, $motd if($motd && $motd ne "none");
$client{$c}{motdDisplayed} = 1;
}
} }
next if($rest); next if($rest);
} }
@ -1155,6 +1169,7 @@ CommandSave($$)
($a eq "configfile" || $a eq "version")); ($a eq "configfile" || $a eq "version"));
my $val = $attr{$d}{$a}; my $val = $attr{$d}{$a};
$val =~ s/;/;;/g; $val =~ s/;/;;/g;
$val =~ s/\n/\\\n/g;
print $fh "attr $d $a $val\n"; print $fh "attr $d $a $val\n";
} }
} }

32
fhem/webfrontend/pgm2/01_FHEMWEB.pm
View File

@ -92,7 +92,7 @@ FHEMWEB_Initialize($)
$hash->{AttrFn} = "FW_Attr"; $hash->{AttrFn} = "FW_Attr";
$hash->{DefFn} = "FW_Define"; $hash->{DefFn} = "FW_Define";
$hash->{UndefFn} = "FW_Undef"; $hash->{UndefFn} = "FW_Undef";
$hash->{NotifyFn}= "FW_Notify"; $hash->{NotifyFn}= "FW_SecurityCheck";
$hash->{AttrList}= "loglevel:0,1,2,3,4,5,6 webname fwmodpath fwcompress:0,1 ". $hash->{AttrList}= "loglevel:0,1,2,3,4,5,6 webname fwmodpath fwcompress:0,1 ".
"plotmode:gnuplot,gnuplot-scroll,SVG plotsize refresh " . "plotmode:gnuplot,gnuplot-scroll,SVG plotsize refresh " .
"touchpad smallscreen plotfork basicAuth basicAuthMsg ". "touchpad smallscreen plotfork basicAuth basicAuthMsg ".
@ -109,6 +109,25 @@ FHEMWEB_Initialize($)
addToAttrList("icon"); addToAttrList("icon");
} }
#####################################
sub
FW_SecurityCheck($$)
{
my ($ntfy, $dev) = @_;
return if($dev->{NAME} ne "global" ||
!grep(m/^INITIALIZED$/, @{$dev->{CHANGED}}));
my $motd = AttrVal("global", "motd", "");
if($motd =~ "^SecurityCheck") {
my @list = grep { !AttrVal($_, "basicAuth", undef) }
devspec2array("TYPE=FHEMWEB");
$motd .= (join(",", sort @list)." has no basicAuth attribute\n")
if(@list);
$attr{global}{motd} = $motd;
}
$modules{FHEMWEB}{NotifyFn}= "FW_Notify";
return undef;
}
##################################### #####################################
sub sub
FW_Define($$) FW_Define($$)
@ -274,7 +293,7 @@ FW_Read($)
# BASIC HTTP AUTH # BASIC HTTP AUTH
my $basicAuth = AttrVal($FW_wname, "basicAuth", undef); my $basicAuth = AttrVal($FW_wname, "basicAuth", undef);
if($basicAuth) { if($basicAuth) {
$hash->{BUF} =~ m/^Authorization: Basic (.*)/m; $hash->{BUF} =~ m/Authorization: Basic ([^\r\n]*)/s;
my $secret = $1; my $secret = $1;
my $pwok = ($secret && $secret eq $basicAuth); my $pwok = ($secret && $secret eq $basicAuth);
if($secret && $basicAuth =~ m/^{.*}$/) { if($secret && $basicAuth =~ m/^{.*}$/) {
@ -293,6 +312,7 @@ FW_Read($)
print $c "HTTP/1.1 401 Authorization Required\r\n", print $c "HTTP/1.1 401 Authorization Required\r\n",
"WWW-Authenticate: Basic realm=\"$msg\"\r\n", "WWW-Authenticate: Basic realm=\"$msg\"\r\n",
"Content-Length: 0\r\n\r\n"; "Content-Length: 0\r\n\r\n";
$hash->{BUF}="";
return; return;
}; };
} }
@ -302,6 +322,7 @@ FW_Read($)
my ($mode, $arg, $method) = split(" ", $FW_httpheader[0]); my ($mode, $arg, $method) = split(" ", $FW_httpheader[0]);
$hash->{BUF} = ""; $hash->{BUF} = "";
$arg = "" if(!defined($arg));
Log $ll, "HTTP $name GET $arg"; Log $ll, "HTTP $name GET $arg";
my $pid; my $pid;
if(AttrVal($FW_wname, "plotfork", undef)) { if(AttrVal($FW_wname, "plotfork", undef)) {
@ -545,6 +566,11 @@ FW_AnswerCall($)
elsif($FW_detail) { FW_doDetail($FW_detail); } elsif($FW_detail) { FW_doDetail($FW_detail); }
elsif($FW_room) { FW_showRoom(); } elsif($FW_room) { FW_showRoom(); }
elsif($cmd =~ /^logwrapper/) { FW_logWrapper($cmd); } elsif($cmd =~ /^logwrapper/) { FW_logWrapper($cmd); }
elsif(AttrVal("global", "motd", "none") ne "none") {
my $motd = AttrVal("global","motd",undef);
$motd =~ s/\n/<br>/g;
FW_pO "<div id=\"content\">$motd</div>";
}
FW_pO "</body></html>"; FW_pO "</body></html>";
return 0; return 0;
} }
@ -791,7 +817,7 @@ FW_roomOverview($)
return; return;
} else { } else {
FW_pO "<div id=\"logo\"></div>"; FW_pH "", "<div id=\"logo\"></div>";
} }

2
fhem/webfrontend/pgm2/98_SVG.pm
View File

@ -70,7 +70,7 @@ SVG_render($$$$$$$$)
'xmlns:xlink="http://www.w3.org/1999/xlink" >'; 'xmlns:xlink="http://www.w3.org/1999/xlink" >';
my $prf = AttrVal($parent_name, "stylesheetPrefix", ""); my $prf = AttrVal($parent_name, "stylesheetPrefix", "");
SVG_pO "<style lType=\"text/css\"><![CDATA["; SVG_pO "<style type=\"text/css\"><![CDATA[";
if(open(FH, "$parent_dir/${prf}svg_style.css") || if(open(FH, "$parent_dir/${prf}svg_style.css") ||
open(FH, "$parent_dir/svg_style.css")) { open(FH, "$parent_dir/svg_style.css")) {
SVG_pO join("", <FH>); SVG_pO join("", <FH>);