From 5d3295c86c853e99a1c76820ce9ff0fd081ee8c4 Mon Sep 17 00:00:00 2001 From: Robb Ebright Date: Wed, 1 Jan 2020 21:03:30 -0500 Subject: [PATCH 1/7] first stab at icecast password change on install --- airtime_mvc/public/setup/database-setup.php | 21 +++++++++++++++++++ install | 9 ++++++++ installer/lib/requirements-debian-buster.apt | 2 ++ installer/lib/requirements-debian-jessie.apt | 2 ++ installer/lib/requirements-debian-stretch.apt | 2 ++ installer/lib/requirements-ubuntu-bionic.apt | 2 ++ installer/lib/requirements-ubuntu-precise.apt | 2 ++ installer/lib/requirements-ubuntu-xenial.apt | 2 ++ ...uirements-ubuntu-xenial_docker_minimal.apt | 2 ++ 9 files changed, 44 insertions(+) diff --git a/airtime_mvc/public/setup/database-setup.php b/airtime_mvc/public/setup/database-setup.php index 17038ac74..bbbecd9fc 100644 --- a/airtime_mvc/public/setup/database-setup.php +++ b/airtime_mvc/public/setup/database-setup.php @@ -79,6 +79,7 @@ class DatabaseSetup extends Setup { $this->setNewDatabaseConnection(self::$_properties["dbname"]); $this->checkSchemaExists(); $this->createDatabaseTables(); + $this->updateIcecastPassword(); } /** @@ -175,5 +176,25 @@ class DatabaseSetup extends Setup { array(self::DB_NAME,)); } } + /** + * Updates the icecast password in the database based upon the temp file created during install + * @throws AirtimeDatabaseException + */ + private function updateIcecastPassword() { + if (!file_exists(LIBRETIME_CONF_DIR . '/icecast_pass')) { + throw new AirtimeDatabaseException("The Icecast Password file was not accessible", array()); + }; + $icecastPass = file_get_contents(LIBRETIME_CONF_DIR . '/icecast_pass', true); + error_log($icecastPass); + $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's1_pass' AND SET value = :icecastpass WHERE keyname = 's1_admin_pass'; " + . "UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's2_pass'; " + . "UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's2_admin_pass'; " + . "UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's3_pass'; " + . "UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's3_admin_pass'; " + . "INSERT INTO cc_pref (keystr, valstr) VALUES ('default_icecast_password', :icecastpass )"); + if (!$statement->execute(array(":icecastpass" => $icecastPass))) { + throw new AirtimeDatabaseException("Could not update the database with icecast password!", array()); + } + } } diff --git a/install b/install index 1dcd695b5..b1b8a1f42 100755 --- a/install +++ b/install @@ -894,6 +894,12 @@ if [ "$icecast" = "t" ]; then else icecast_unit_name="icecast" fi + icecast_pass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-12};echo;) + echo $icecast_pass > /tmp/icecast_pass + xmlstarlet ed --inplace -u /icecast/authentication/source-password -v $icecast_pass /etc/icecast2/icecast.xml + xmlstarlet ed --inplace -u /icecast/authentication/relay-password -v $icecast_pass /etc/icecast2/icecast.xml + xmlstarlet ed --inplace -u /icecast/authentication/admin-password -v $icecast_pass /etc/icecast2/icecast.xml + # restart in case icecast was already started (like is the case on debian) systemInitCommand restart ${icecast_unit_name} verbose "...Done" @@ -1100,6 +1106,9 @@ if [ ! -d "/etc/airtime" ]; then mkdir /etc/airtime fi +# need to copy the icecast_pass from temp to /etc/airtime so installer can read it + cp /tmp/icecast_pass /etc/airtime/icecast_pass + chown -R ${web_user}:${web_user} /etc/airtime diff --git a/installer/lib/requirements-debian-buster.apt b/installer/lib/requirements-debian-buster.apt index e50bd7aed..5c665ec07 100644 --- a/installer/lib/requirements-debian-buster.apt +++ b/installer/lib/requirements-debian-buster.apt @@ -67,3 +67,5 @@ liquidsoap libopus0 systemd-sysv + +xmlstarlet diff --git a/installer/lib/requirements-debian-jessie.apt b/installer/lib/requirements-debian-jessie.apt index 548835c90..4e22102cc 100644 --- a/installer/lib/requirements-debian-jessie.apt +++ b/installer/lib/requirements-debian-jessie.apt @@ -63,3 +63,5 @@ libopus0 sysvinit sysvinit-utils + +xmlstarlet diff --git a/installer/lib/requirements-debian-stretch.apt b/installer/lib/requirements-debian-stretch.apt index 5f11226cb..c71175f6a 100644 --- a/installer/lib/requirements-debian-stretch.apt +++ b/installer/lib/requirements-debian-stretch.apt @@ -67,3 +67,5 @@ liquidsoap libopus0 systemd-sysv + +xmlstarlet diff --git a/installer/lib/requirements-ubuntu-bionic.apt b/installer/lib/requirements-ubuntu-bionic.apt index 08e6f21a6..58be7819f 100644 --- a/installer/lib/requirements-ubuntu-bionic.apt +++ b/installer/lib/requirements-ubuntu-bionic.apt @@ -81,3 +81,5 @@ build-essential libssl-dev libffi-dev python-dev + +xmlstarlet diff --git a/installer/lib/requirements-ubuntu-precise.apt b/installer/lib/requirements-ubuntu-precise.apt index 7c217f659..ed31b628f 100644 --- a/installer/lib/requirements-ubuntu-precise.apt +++ b/installer/lib/requirements-ubuntu-precise.apt @@ -70,3 +70,5 @@ liquidsoap-plugin-pulseaudio liquidsoap-plugin-taglib liquidsoap-plugin-voaacenc liquidsoap-plugin-vorbis + +xmlstarlet diff --git a/installer/lib/requirements-ubuntu-xenial.apt b/installer/lib/requirements-ubuntu-xenial.apt index 70336c10c..41381915f 100644 --- a/installer/lib/requirements-ubuntu-xenial.apt +++ b/installer/lib/requirements-ubuntu-xenial.apt @@ -81,3 +81,5 @@ build-essential libssl-dev libffi-dev python-dev + +xmlstarlet diff --git a/installer/lib/requirements-ubuntu-xenial_docker_minimal.apt b/installer/lib/requirements-ubuntu-xenial_docker_minimal.apt index 6d414ba2d..09c94f817 100644 --- a/installer/lib/requirements-ubuntu-xenial_docker_minimal.apt +++ b/installer/lib/requirements-ubuntu-xenial_docker_minimal.apt @@ -76,3 +76,5 @@ build-essential libssl-dev libffi-dev python-dev + +xmlstarlet From 88a7cf6a3e7ca4be026e68947c9dea0fd8e3569d Mon Sep 17 00:00:00 2001 From: Robbt Date: Fri, 3 Jan 2020 13:20:40 -0500 Subject: [PATCH 2/7] fix database statements --- airtime_mvc/public/setup/database-setup.php | 86 ++++++++++++++++++--- 1 file changed, 75 insertions(+), 11 deletions(-) diff --git a/airtime_mvc/public/setup/database-setup.php b/airtime_mvc/public/setup/database-setup.php index bbbecd9fc..4ff510713 100644 --- a/airtime_mvc/public/setup/database-setup.php +++ b/airtime_mvc/public/setup/database-setup.php @@ -184,17 +184,81 @@ class DatabaseSetup extends Setup { if (!file_exists(LIBRETIME_CONF_DIR . '/icecast_pass')) { throw new AirtimeDatabaseException("The Icecast Password file was not accessible", array()); }; - $icecastPass = file_get_contents(LIBRETIME_CONF_DIR . '/icecast_pass', true); - error_log($icecastPass); - $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's1_pass' AND SET value = :icecastpass WHERE keyname = 's1_admin_pass'; " - . "UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's2_pass'; " - . "UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's2_admin_pass'; " - . "UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's3_pass'; " - . "UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's3_admin_pass'; " - . "INSERT INTO cc_pref (keystr, valstr) VALUES ('default_icecast_password', :icecastpass )"); - if (!$statement->execute(array(":icecastpass" => $icecastPass))) { - throw new AirtimeDatabaseException("Could not update the database with icecast password!", array()); - } + $icecast_pass = file_get_contents(LIBRETIME_CONF_DIR . '/icecast_pass', true); + error_log($icecast_pass); + $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's1_pass'"); + $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); + try { + $statement->execute(); + } + catch (PDOException $ex) { + print "Error!: " . $ex->getMessage() . "
"; + die(); + } + $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's1_admin_pass'"); + $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); + try { + $statement->execute(); + } + catch (PDOException $ex) { + print "Error!: " . $ex->getMessage() . "
"; + die(); + } + $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's2_pass'"); + $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); + try { + $statement->execute(); + } + catch (PDOException $ex) { + print "Error!: " . $ex->getMessage() . "
"; + die(); + } + $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's2_admin_pass'"); + $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); + try { + $statement->execute(); + } + catch (PDOException $ex) { + print "Error!: " . $ex->getMessage() . "
"; + die(); + } + + $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's3_pass'"); + $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); + try { + $statement->execute(); + } + catch (PDOException $ex) { + print "Error!: " . $ex->getMessage() . "
"; + die(); + } + $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's3_admin_pass'"); + $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); + try { + $statement->execute(); + } + catch (PDOException $ex) { + print "Error!: " . $ex->getMessage() . "
"; + die(); + } + $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's1_admin_pass'"); + $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); + try { + $statement->execute(); + } + catch (PDOException $ex) { + print "Error!: " . $ex->getMessage() . "
"; + die(); + } + $statement = self::$dbh->prepare("INSERT INTO cc_pref (keystr, valstr) VALUES ('default_icecast_password', :icecastpass )"); + $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); + try { + $statement->execute(); + } + catch (PDOException $ex) { + print "Error!: " . $ex->getMessage() . "
"; + die(); + } } } From 9a027373e19af13ac242166ff8f34471c867ca14 Mon Sep 17 00:00:00 2001 From: Robbt Date: Fri, 3 Jan 2020 15:00:27 -0500 Subject: [PATCH 3/7] fixed database page stall --- airtime_mvc/public/setup/database-setup.php | 9 --------- 1 file changed, 9 deletions(-) diff --git a/airtime_mvc/public/setup/database-setup.php b/airtime_mvc/public/setup/database-setup.php index 4ff510713..87f5c839c 100644 --- a/airtime_mvc/public/setup/database-setup.php +++ b/airtime_mvc/public/setup/database-setup.php @@ -185,7 +185,6 @@ class DatabaseSetup extends Setup { throw new AirtimeDatabaseException("The Icecast Password file was not accessible", array()); }; $icecast_pass = file_get_contents(LIBRETIME_CONF_DIR . '/icecast_pass', true); - error_log($icecast_pass); $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's1_pass'"); $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); try { @@ -193,7 +192,6 @@ class DatabaseSetup extends Setup { } catch (PDOException $ex) { print "Error!: " . $ex->getMessage() . "
"; - die(); } $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's1_admin_pass'"); $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); @@ -202,7 +200,6 @@ class DatabaseSetup extends Setup { } catch (PDOException $ex) { print "Error!: " . $ex->getMessage() . "
"; - die(); } $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's2_pass'"); $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); @@ -211,7 +208,6 @@ class DatabaseSetup extends Setup { } catch (PDOException $ex) { print "Error!: " . $ex->getMessage() . "
"; - die(); } $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's2_admin_pass'"); $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); @@ -220,7 +216,6 @@ class DatabaseSetup extends Setup { } catch (PDOException $ex) { print "Error!: " . $ex->getMessage() . "
"; - die(); } $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's3_pass'"); @@ -230,7 +225,6 @@ class DatabaseSetup extends Setup { } catch (PDOException $ex) { print "Error!: " . $ex->getMessage() . "
"; - die(); } $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's3_admin_pass'"); $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); @@ -239,7 +233,6 @@ class DatabaseSetup extends Setup { } catch (PDOException $ex) { print "Error!: " . $ex->getMessage() . "
"; - die(); } $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's1_admin_pass'"); $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); @@ -248,7 +241,6 @@ class DatabaseSetup extends Setup { } catch (PDOException $ex) { print "Error!: " . $ex->getMessage() . "
"; - die(); } $statement = self::$dbh->prepare("INSERT INTO cc_pref (keystr, valstr) VALUES ('default_icecast_password', :icecastpass )"); $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); @@ -257,7 +249,6 @@ class DatabaseSetup extends Setup { } catch (PDOException $ex) { print "Error!: " . $ex->getMessage() . "
"; - die(); } } From edaa2ead85ffcc46c7651382934e3ea327f75ecd Mon Sep 17 00:00:00 2001 From: Robbt Date: Fri, 3 Jan 2020 20:14:02 -0500 Subject: [PATCH 4/7] fixed new line in php --- airtime_mvc/public/setup/database-setup.php | 5 ++++- install | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/airtime_mvc/public/setup/database-setup.php b/airtime_mvc/public/setup/database-setup.php index 87f5c839c..1fa894255 100644 --- a/airtime_mvc/public/setup/database-setup.php +++ b/airtime_mvc/public/setup/database-setup.php @@ -184,7 +184,10 @@ class DatabaseSetup extends Setup { if (!file_exists(LIBRETIME_CONF_DIR . '/icecast_pass')) { throw new AirtimeDatabaseException("The Icecast Password file was not accessible", array()); }; - $icecast_pass = file_get_contents(LIBRETIME_CONF_DIR . '/icecast_pass', true); + $icecast_pass_txt = file(LIBRETIME_CONF_DIR . '/icecast_pass'); + $icecast_pass = $icecast_pass_txt[0]; + $icecast_pass = str_replace(PHP_EOL, '', $icecast_pass); + error_log($icecast_pass); $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's1_pass'"); $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); try { diff --git a/install b/install index b1b8a1f42..897adae30 100755 --- a/install +++ b/install @@ -894,7 +894,7 @@ if [ "$icecast" = "t" ]; then else icecast_unit_name="icecast" fi - icecast_pass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-12};echo;) + icecast_pass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-12};) echo $icecast_pass > /tmp/icecast_pass xmlstarlet ed --inplace -u /icecast/authentication/source-password -v $icecast_pass /etc/icecast2/icecast.xml xmlstarlet ed --inplace -u /icecast/authentication/relay-password -v $icecast_pass /etc/icecast2/icecast.xml From 211ce99a2cd431241c9edacf6a13849b49e1ca39 Mon Sep 17 00:00:00 2001 From: Robb Ebright Date: Mon, 6 Jan 2020 13:58:31 -0500 Subject: [PATCH 5/7] removed debugging log --- airtime_mvc/public/setup/database-setup.php | 1 - 1 file changed, 1 deletion(-) diff --git a/airtime_mvc/public/setup/database-setup.php b/airtime_mvc/public/setup/database-setup.php index 1fa894255..a3e3ff2b6 100644 --- a/airtime_mvc/public/setup/database-setup.php +++ b/airtime_mvc/public/setup/database-setup.php @@ -187,7 +187,6 @@ class DatabaseSetup extends Setup { $icecast_pass_txt = file(LIBRETIME_CONF_DIR . '/icecast_pass'); $icecast_pass = $icecast_pass_txt[0]; $icecast_pass = str_replace(PHP_EOL, '', $icecast_pass); - error_log($icecast_pass); $statement = self::$dbh->prepare("UPDATE cc_stream_setting SET value = :icecastpass WHERE keyname = 's1_pass'"); $statement->bindValue(':icecastpass', $icecast_pass, PDO::PARAM_STR); try { From f42f331c29cf1106580170c5ac9be66ee7576571 Mon Sep 17 00:00:00 2001 From: Robb Ebright Date: Tue, 7 Jan 2020 08:50:32 -0500 Subject: [PATCH 6/7] added xmlstarlet to centos based vagrant install --- installer/vagrant/centos.sh | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/installer/vagrant/centos.sh b/installer/vagrant/centos.sh index ddfcecebd..fdff0dd5f 100644 --- a/installer/vagrant/centos.sh +++ b/installer/vagrant/centos.sh @@ -86,7 +86,8 @@ yum install -y \ policycoreutils-python \ python-celery \ python2-pika \ - lsof + lsof \ + xmlstarlet # for pip ssl install yum install -y \ From 336e7d82b19165bb76c2e051cc9b2edb5721ed6a Mon Sep 17 00:00:00 2001 From: Robb Ebright Date: Tue, 7 Jan 2020 10:40:30 -0500 Subject: [PATCH 7/7] fixed installer to not change pass during upgrade and add centos support --- install | 21 +++++++++++++-------- installer/vagrant/centos.sh | 2 +- 2 files changed, 14 insertions(+), 9 deletions(-) diff --git a/install b/install index 897adae30..b64b12621 100755 --- a/install +++ b/install @@ -891,15 +891,20 @@ if [ "$icecast" = "t" ]; then icecast_unit_name="icecast2" if [ "$dist" != "centos" ]; then sed -i 's/ENABLE=false/ENABLE=true/g' /etc/default/icecast2 + icecast_config="/etc/icecast2/icecast.xml" else icecast_unit_name="icecast" + icecast_config="/etc/icecast.xml" + fi + # only update icecast password if + if [ ! -f "/etc/airtime/airtime.conf" ]; then + icecast_pass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-12};) + echo $icecast_pass > /tmp/icecast_pass + loud "\n New install detected setting icecast password to random value." + xmlstarlet ed --inplace -u /icecast/authentication/source-password -v $icecast_pass $icecast_config + xmlstarlet ed --inplace -u /icecast/authentication/relay-password -v $icecast_pass $icecast_config + xmlstarlet ed --inplace -u /icecast/authentication/admin-password -v $icecast_pass $icecast_config fi - icecast_pass=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-12};) - echo $icecast_pass > /tmp/icecast_pass - xmlstarlet ed --inplace -u /icecast/authentication/source-password -v $icecast_pass /etc/icecast2/icecast.xml - xmlstarlet ed --inplace -u /icecast/authentication/relay-password -v $icecast_pass /etc/icecast2/icecast.xml - xmlstarlet ed --inplace -u /icecast/authentication/admin-password -v $icecast_pass /etc/icecast2/icecast.xml - # restart in case icecast was already started (like is the case on debian) systemInitCommand restart ${icecast_unit_name} verbose "...Done" @@ -1104,10 +1109,10 @@ if [ ! -d "/etc/airtime" ]; then verbose "\n * Creating /etc/airtime/ directory..." mkdir /etc/airtime + # need to copy the icecast_pass from temp to /etc/airtime so installer can read it + cp /tmp/icecast_pass /etc/airtime/icecast_pass fi -# need to copy the icecast_pass from temp to /etc/airtime so installer can read it - cp /tmp/icecast_pass /etc/airtime/icecast_pass chown -R ${web_user}:${web_user} /etc/airtime diff --git a/installer/vagrant/centos.sh b/installer/vagrant/centos.sh index fdff0dd5f..ed3b0bf70 100644 --- a/installer/vagrant/centos.sh +++ b/installer/vagrant/centos.sh @@ -86,7 +86,7 @@ yum install -y \ policycoreutils-python \ python-celery \ python2-pika \ - lsof \ + lsof \ xmlstarlet # for pip ssl install