Skip to content

Commit

Permalink
6.9.27
Browse files Browse the repository at this point in the history
  • Loading branch information
showpy committed Jul 17, 2019
1 parent 7e47105 commit 00acb06
Show file tree
Hide file tree
Showing 10 changed files with 1,489 additions and 241 deletions.
2 changes: 1 addition & 1 deletion BTPanel/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -332,7 +332,7 @@ def san_baseline(pdata=None):
if comReturn: return comReturn
import san_baseline
dataObject = san_baseline.san_baseline()
defs = ('start', 'get_api_log', 'get_resut', 'get_ssh_errorlogin')
defs = ('start', 'get_api_log', 'get_resut', 'get_ssh_errorlogin','repair','repair_all')
return publicObject(dataObject, defs, None, pdata)


Expand Down
2 changes: 1 addition & 1 deletion BTPanel/static/js/public.js
Original file line number Diff line number Diff line change
Expand Up @@ -1631,7 +1631,7 @@ function ssh_login_def() {
pdata_socket['data'] = {};
pdata_socket['data']['ssh_user'] = $("input[name='ssh_user']").val();
pdata_socket['data']['ssh_passwd'] = $("input[name='ssh_passwd']").val();
if (!pdata_socket.ssh_user || !pdata_socket.ssh_passwd) {
if (!pdata_socket.data.ssh_user || !pdata_socket.data.ssh_passwd) {
layer.msg('SSH用户名和密码不能为空!');
return;
}
Expand Down
6 changes: 3 additions & 3 deletions class/common.py
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ def init(self):
if ua:
ua = ua.lower();
if ua.find('spider') != -1 or ua.find('bot') != -1: return redirect('https://www.baidu.com');
g.version = '6.9.26'
g.version = '6.9.27'
g.title = public.GetConfigValue('title')
g.uri = request.path
session['version'] = g.version;
Expand Down Expand Up @@ -61,7 +61,7 @@ def local(self):
def checkAddressWhite(self):
token = self.GetToken();
if not token: return redirect('/login');
if not request.remote_addr in token['address']: return redirect('/login');
if not public.GetClientIp() in token['address']: return redirect('/login');


#检查IP限制
Expand All @@ -70,7 +70,7 @@ def checkLimitIp(self):
iplist = public.ReadFile('data/limitip.conf')
if iplist:
iplist = iplist.strip();
if not request.remote_addr in iplist.split(','): return redirect('/login')
if not public.GetClientIp() in iplist.split(','): return redirect('/login')

#设置基础Session
def setSession(self):
Expand Down
58 changes: 55 additions & 3 deletions class/jobs.py
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
# +-------------------------------------------------------------------
# | Author: 黄文良 <[email protected]>
# +-------------------------------------------------------------------
import system,psutil,time,public,db,os,sys,json,py_compile
import system,psutil,time,public,db,os,sys,json,py_compile,re
os.chdir('/www/server/panel')
sm = system.system();
taskConfig = json.loads(public.ReadFile('config/task.json'))
Expand Down Expand Up @@ -61,9 +61,61 @@ def control_init():
public.ExecShell("chmod -R 600 /www/server/cron/*.log")
public.ExecShell("chown -R root:root /www/server/panel/data")
public.ExecShell("chown -R root:root /www/server/panel/config")


disable_putenv('putenv')
clean_session()
set_crond()

#默认禁用指定PHP函数
def disable_putenv(fun_name):
try:
is_set_disable = '/www/server/panel/data/disable_%s' % fun_name
if os.path.exists(is_set_disable): return True
php_vs = ('52','53','54','55','56','70','71','72','73','74')
php_ini = "/www/server/php/{0}/etc/php.ini"
rep = "disable_functions\s*=\s*.*"
for pv in php_vs:
php_ini_path = php_ini.format(pv)
if not os.path.exists(php_ini_path): continue
php_ini_body = public.readFile(php_ini_path)
tmp = re.search(rep,php_ini_body)
if not tmp: continue
disable_functions = tmp.group()
if disable_functions.find(fun_name) != -1: continue
print(disable_functions)
php_ini_body = php_ini_body.replace(disable_functions,disable_functions+',%s' % fun_name)
php_ini_body.find(fun_name)
public.writeFile(php_ini_path,php_ini_body)
public.phpReload(pv)
public.writeFile(is_set_disable,'True')
return True
except: return False


#创建计划任务
def set_crond():
try:
echo = public.md5(public.md5('renew_lets_ssl_bt'))
cron_id = public.M('crontab').where('echo=?',(echo,)).getField('id')

import crontab
args_obj = public.dict_obj()
if not cron_id:
cronPath = public.GetConfigValue('setup_path') + '/cron/' + echo
shell = 'python /www/server/panel/class/panelLets.py renew_lets_ssl'
public.writeFile(cronPath,shell)
args_obj.id = public.M('crontab').add('name,type,where1,where_hour,where_minute,echo,addtime,status,save,backupTo,sType,sName,sBody,urladdress',("续签Let's Encrypt证书",'day','','0','10',echo,time.strftime('%Y-%m-%d %X',time.localtime()),0,'','localhost','toShell','',shell,''))
crontab.crontab().set_cron_status(args_obj)
else:
cron_path = public.get_cron_path()
if os.path.exists(cron_path):
cron_s = public.readFile(cron_path)
if cron_s.find(echo) == -1:
public.M('crontab').where('echo=?',(echo,)).setField('status',0)
args_obj.id = cron_id
crontab.crontab().set_cron_status(args_obj)
except:
print(public.get_error_info())


#清理多余的session文件
def clean_session():
Expand Down
30 changes: 22 additions & 8 deletions class/monitor.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,11 @@
#!/usr/bin/python
#coding: utf-8
# +-------------------------------------------------------------------
# | 宝塔Linux面板
# +-------------------------------------------------------------------
# | Copyright (c) 2015-2099 宝塔软件(http://bt.cn) All rights reserved.
# +-------------------------------------------------------------------
# | Author: 王张杰 <[email protected]>
# +-------------------------------------------------------------------

import os
import json
Expand All @@ -21,6 +27,14 @@ def __get_file_json(self, filename):
except:
return {}

def __get_file_nums(self, filepath):
if not os.path.exists(filepath): return 0

count = 0
for index, line in enumerate(open(filepath, 'r')):
count += 1
return count

def _get_site_list(self):
sites = public.M('sites').where('status=?', (1,)).field('name').get()
return sites
Expand Down Expand Up @@ -120,14 +134,14 @@ def _php_count(self, args):

# 获取攻击数
def _get_attack_nums(self, args):
file_name = '/www/server/btwaf/total.json'
if not os.path.exists(file_name): return 0
today = time.strftime('%Y-%m-%d', time.localtime())
sites = self._get_site_list()

try:
file_body = json.loads(public.readFile(file_name))
return int(file_body['total'])
except:
return 0
count = 0
for site in sites:
file_path = '/www/wwwlogs/btwaf/{0}_{1}.log'.format(site['name'], today)
count += self.__get_file_nums(file_path)
return count

def get_exception(self, args):
data = {'mysql_slow': self._get_slow_log_nums(args), 'php_slow': self._php_count(args), 'attack_num': self._get_attack_nums(args)}
Expand Down
38 changes: 26 additions & 12 deletions class/panelLets.py
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,8 @@
try:
requests.packages.urllib3.disable_warnings()
except:pass
import BTPanel
if __name__ != '__main__':
import BTPanel
try:
import dns.resolver
except:
Expand Down Expand Up @@ -248,19 +249,32 @@ def apple_lest_cert(self,get):
public.writeFile(path + "/README","let")

#计划任务续签
echo = public.md5(public.md5('renew_lets_ssl_bt'))
crontab = public.M('crontab').where('echo=?',(echo,)).find()
if not crontab:
cronPath = public.GetConfigValue('setup_path') + '/cron/' + echo
shell = 'python %s/panel/class/panelLets.py renew_lets_ssl ' % (self.setupPath)
public.writeFile(cronPath,shell)
public.M('crontab').add('name,type,where1,where_hour,where_minute,echo,addtime,status,save,backupTo,sType,sName,sBody,urladdress',("续签Let's Encrypt证书",'day','','0','10',echo,time.strftime('%Y-%m-%d %X',time.localtime()),1,'','localhost','toShell','',shell,''))

self.set_crond()
return public.returnMsg(True, '申请成功.')




#创建计划任务
def set_crond(self):
try:
echo = public.md5(public.md5('renew_lets_ssl_bt'))
cron_id = public.M('crontab').where('echo=?',(echo,)).getField('id')

import crontab
args_obj = public.dict_obj()
if not cron_id:
cronPath = public.GetConfigValue('setup_path') + '/cron/' + echo
shell = 'python %s/panel/class/panelLets.py renew_lets_ssl ' % (self.setupPath)
public.writeFile(cronPath,shell)
args_obj.id = public.M('crontab').add('name,type,where1,where_hour,where_minute,echo,addtime,status,save,backupTo,sType,sName,sBody,urladdress',("续签Let's Encrypt证书",'day','','0','10',echo,time.strftime('%Y-%m-%d %X',time.localtime()),0,'','localhost','toShell','',shell,''))
crontab.crontab().set_cron_status(args_obj)
else:
cron_path = public.get_cron_path()
if os.path.exists(cron_path):
cron_s = public.readFile(cron_path)
if cron_s.find(echo) == -1:
public.M('crontab').where('echo=?',(echo,)).setField('status',0)
args_obj.id = cron_id
crontab.crontab().set_cron_status(args_obj)
except:pass

#手动解析
def crate_let_by_oper(self,data):
Expand Down
7 changes: 6 additions & 1 deletion class/panelTask.py
Original file line number Diff line number Diff line change
Expand Up @@ -199,12 +199,17 @@ def get_task_log(self,id,task_type,num=5):

#清理任务日志
def clean_log(self):
import shutil
s_time = int(time.time())
timeout = 86400
for f in os.listdir(self.__task_path):
filename = self.__task_path + f
c_time = os.stat(filename).st_ctime
if s_time - c_time > timeout: os.remove(filename)
if s_time - c_time > timeout:
if os.path.isdir(filename):
shutil.rmtree(filename)
else:
os.remove(filename)
return True

#文件压缩
Expand Down
19 changes: 19 additions & 0 deletions class/public.py
Original file line number Diff line number Diff line change
Expand Up @@ -1307,3 +1307,22 @@ def de_punycode(domain):
newdomain += dkey + '.'
return newdomain[0:-1];

#取计划任务文件路径
def get_cron_path():
u_file = '/var/spool/cron/crontabs/root'
if not os.path.exists(u_file):
file='/var/spool/cron/root'
else:
file=u_file
return file

#取通用对象
class dict_obj:
def __contains__(self, key):
return getattr(self,key,None)
def __setitem__(self, key, value): setattr(self,key,value)
def __getitem__(self, key): return getattr(self,key,None)
def __delitem__(self,key): delattr(self,key)
def __delattr__(self, key): delattr(self,key)
def get_items(self): return self

Loading

0 comments on commit 00acb06

Please sign in to comment.