From aba885f434a9e2c99cdf9801b2cef8e484d1b0b0 Mon Sep 17 00:00:00 2001 From: flucout Date: Tue, 13 Aug 2024 20:29:20 +0800 Subject: [PATCH] update --- app/command/Clean.php | 29 +------------------ app/common.php | 26 +++++++++++++++++ app/controller/Api.php | 57 +++++++++++++++++++++---------------- app/lib/BtPlugins.php | 10 +++++-- app/lib/ThirdPlugins.php | 1 - app/view/admin/plugins.html | 7 ++++- route/app.php | 4 +++ 7 files changed, 76 insertions(+), 58 deletions(-) diff --git a/app/command/Clean.php b/app/command/Clean.php index 35286d2..eac07b6 100644 --- a/app/command/Clean.php +++ b/app/command/Clean.php @@ -68,37 +68,10 @@ private function clean_plugins(Input $input, Output $output, $os){ if($file == '.' || $file == '..') continue; if(!in_array($file, $file_list)){ $filepath = $data_dir . 'folder/' . $file; - $this->delete_dir($filepath); + deleteDir($filepath); $count++; } } $output->writeln($os.'成功清理'.$count.'个历史版本插件目录'); } - - // 删除文件夹 - private function delete_dir($dir){ - $rd = opendir($dir); - if (!$rd) { - return false; - } - - while (($file = readdir($rd)) !== false) { - if ($file == '.' || $file == '..') { - continue; - } - - $file = $dir . '/' . $file; - - if (is_dir($file)) { - $this->delete_dir($file); - } - else { - unlink($file); - } - } - - closedir($rd); - rmdir($dir); - return true; - } } diff --git a/app/common.php b/app/common.php index 8c148a6..5a6bebc 100644 --- a/app/common.php +++ b/app/common.php @@ -294,4 +294,30 @@ function makeSelfSignSSL(string $commonName, array $domainList, $validity = 3650 unlink($opensslConfigFile); return ['cert' => $certificate, 'key' => $privateKey]; +} + +function deleteDir($dir){ + $rd = opendir($dir); + if (!$rd) { + return false; + } + + while (($file = readdir($rd)) !== false) { + if ($file == '.' || $file == '..') { + continue; + } + + $file = $dir . '/' . $file; + + if (is_dir($file)) { + deleteDir($file); + } + else { + unlink($file); + } + } + + closedir($rd); + rmdir($dir); + return true; } \ No newline at end of file diff --git a/app/controller/Api.php b/app/controller/Api.php index 64d5143..1b8df5a 100644 --- a/app/controller/Api.php +++ b/app/controller/Api.php @@ -48,7 +48,7 @@ public function download_plugin(){ if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){ return '参数不正确'; } - if(!$this->checklist()) '你的服务器被禁止使用此云端'; + if(!$this->checklist()) return '你的服务器被禁止使用此云端'; $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip'; if(file_exists($filepath)){ $filename = $plugin_name.'.zip'; @@ -70,19 +70,21 @@ public function download_plugin_main(){ if(!preg_match('/^[a-zA-Z0-9_]+$/', $plugin_name) || !preg_match('/^[0-9.]+$/', $version)){ return '参数不正确'; } - if(!$this->checklist()) '你的服务器被禁止使用此云端'; - $filepath = get_data_dir($os).'plugins/main/'.$plugin_name.'-'.$version.'.dat'; - if(file_exists($filepath)){ + if(!$this->checklist()) return '你的服务器被禁止使用此云端'; + $filepath = get_data_dir($os).'plugins/package/'.$plugin_name.'-'.$version.'.zip'; + $mainfilepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py'; + if(file_exists($mainfilepath)){ $filename = $plugin_name.'_main.py'; - $this->output_file($filepath, $filename); - }else{ - $filepath = get_data_dir($os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py'; - if(file_exists($filepath)){ - $filename = $plugin_name.'_main.py'; - $this->output_file($filepath, $filename); + $this->output_file($mainfilepath, $filename); + }elseif(file_exists($filepath)){ + $zip = new \ZipArchive; + if ($zip->open($filepath) === true){ + echo $zip->getFromName($plugin_name.'/'.$plugin_name.'_main.py'); }else{ - return '云端不存在该插件主文件'; + return '插件包解压缩失败'; } + }else{ + return '云端不存在该插件主文件'; } } @@ -469,26 +471,31 @@ public function logerror(){ public function bt_cert(){ $data = input('post.data'); $param = json_decode($data, true); - if(!$param || !isset($param['domain'])) return json(['status'=>false, 'msg'=>'参数错误']); + if(!$param || !isset($param['action']) || !isset($param['domain'])) return json(['status'=>false, 'msg'=>'参数错误']); $dir = app()->getBasePath().'script/'; $ssl_path = app()->getRootPath().'public/ssl/baota_root.pfx'; $isca = file_exists($dir.'ca.crt') && file_exists($dir.'ca.key') && file_exists($ssl_path); if(!$isca) return json(['status'=>false, 'msg'=>'CA证书不存在']); - $domain = $param['domain']; - if(empty($domain)) return json(['status'=>false, 'msg'=>'域名不能为空']); - $domain_list = explode(',', $domain); - foreach($domain_list as $d){ - if(!checkDomain($d)) return json(['status'=>false, 'msg'=>'域名或IP格式不正确:'.$d]); - } - $common_name = $domain_list[0]; - $validity = 3650; - $result = makeSelfSignSSL($common_name, $domain_list, $validity); - if(!$result){ - return json(['status'=>false, 'msg'=>'生成证书失败']); + if($param['action'] == 'get_domain_cert'){ + if(!$this->checklist()) return json(['status'=>false, 'msg'=>'你的服务器被禁止使用此云端']); + $domain = $param['domain']; + if(empty($domain)) return json(['status'=>false, 'msg'=>'域名不能为空']); + $domain_list = explode(',', $domain); + foreach($domain_list as $d){ + if(!checkDomain($d)) return json(['status'=>false, 'msg'=>'域名或IP格式不正确:'.$d]); + } + $common_name = $domain_list[0]; + $validity = 3650; + $result = makeSelfSignSSL($common_name, $domain_list, $validity); + if(!$result){ + return json(['status'=>false, 'msg'=>'生成证书失败']); + } + $ca_pfx = base64_encode(file_get_contents($ssl_path)); + return json(['status'=>true, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key'], 'pfx'=>$ca_pfx, 'password'=>'']); + }else{ + return json(['status'=>false, 'msg'=>'不支持当前操作']); } - $ca_pfx = base64_encode(file_get_contents($ssl_path)); - return json(['status'=>true, 'msg'=>'生成证书成功', 'cert'=>$result['cert'], 'key'=>$result['key'], 'pfx'=>$ca_pfx, 'password'=>'']); } } \ No newline at end of file diff --git a/app/lib/BtPlugins.php b/app/lib/BtPlugins.php index 513be18..6a32c0d 100644 --- a/app/lib/BtPlugins.php +++ b/app/lib/BtPlugins.php @@ -11,7 +11,7 @@ class BtPlugins private $os; //需屏蔽的插件名称列表 - private static $block_plugins = ['dns']; + private static $block_plugins = ['dns','bt_boce','ssl_verify']; public function __construct($os){ $this->os = $os; @@ -72,9 +72,10 @@ private function download_plugin_package($plugin_name, $version){ $zip = new ZipArchive; if ($zip->open($filepath) === true) { - $zip->extractTo(get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version); + $plugins_dir = get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version; + $zip->extractTo($plugins_dir, $plugin_name.'/'.$plugin_name.'_main.py'); $zip->close(); - $main_filepath = get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version.'/'.$plugin_name.'/'.$plugin_name.'_main.py'; + $main_filepath = $plugins_dir.'/'.$plugin_name.'/'.$plugin_name.'_main.py'; if(file_exists($main_filepath) && filesize($main_filepath)>10){ if(!strpos(file_get_contents($main_filepath), 'import ')){ //加密py文件,需要解密 $this->decode_plugin_main($plugin_name, $version, $main_filepath); @@ -84,6 +85,7 @@ private function download_plugin_package($plugin_name, $version){ $zip->close(); } } + deleteDir($plugins_dir); }else{ unlink($filepath); throw new Exception('插件包解压缩失败'); @@ -197,6 +199,8 @@ private function noauth_plugin_main($main_filepath){ $data = str_replace('\'https://www.bt.cn/api/bt_waf/reportInterceptFail', 'public.GetConfigValue(\'home\')+\'/api/bt_waf/reportInterceptFail', $data); $data = str_replace('\'https://www.bt.cn/api/v2/contact/nps/questions', 'public.GetConfigValue(\'home\')+\'/panel/notpro', $data); $data = str_replace('\'https://www.bt.cn/api/v2/contact/nps/submit', 'public.GetConfigValue(\'home\')+\'/panel/notpro', $data); + $data = str_replace('\'http://www.bt.cn/api/Auth', 'public.GetConfigValue(\'home\')+\'/api/Auth', $data); + $data = str_replace('\'https://www.bt.cn/api/Auth', 'public.GetConfigValue(\'home\')+\'/api/Auth', $data); file_put_contents($main_filepath, $data); } diff --git a/app/lib/ThirdPlugins.php b/app/lib/ThirdPlugins.php index af9bf37..a6f47d0 100644 --- a/app/lib/ThirdPlugins.php +++ b/app/lib/ThirdPlugins.php @@ -65,7 +65,6 @@ private function download_plugin_package($plugin_name, $version){ $zip = new ZipArchive; if ($zip->open($filepath) === true) { - $zip->extractTo(get_data_dir($this->os).'plugins/folder/'.$plugin_name.'-'.$version); $zip->close(); return true; }else{ diff --git a/app/view/admin/plugins.html b/app/view/admin/plugins.html index 8fb5906..0fee771 100644 --- a/app/view/admin/plugins.html +++ b/app/view/admin/plugins.html @@ -157,8 +157,13 @@ layer.alert('成功下载'+$.downloadCount+'个插件包!', {icon:1}, function(){layer.closeAll();searchSubmit();}); return; } - $.downloadCount++; var plugin = $.preDownload[0]; + if(plugin.name == 'firewall'){ + $.preDownload.shift(); + download_item(); + return; + } + $.downloadCount++; var ii = layer.msg('['+$.downloadCount+'/'+$.preDownloadCount+']正在下载'+plugin.name+'-'+plugin.version, {icon: 16, shade:0.1, time: 0}); $.ajax({ type : 'POST', diff --git a/route/app.php b/route/app.php index ef93c31..52a8fd2 100644 --- a/route/app.php +++ b/route/app.php @@ -119,6 +119,10 @@ Route::post('/bt_waf/reportInterceptFail', 'api/return_empty'); Route::any('/panel/get_spider', 'api/get_spider'); + Route::post('/Auth/GetSocre', 'api/get_ssl_list'); + Route::post('/Auth/SetSocre', 'api/get_ssl_list'); + Route::post('/Auth/SubmitScore', 'api/get_ssl_list'); + Route::miss('api/return_error'); });