Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/duplicati/duplicati.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/Duplicati/Server/Database/ServerSettings.cs
diff options
context:
space:
mode:
Diffstat (limited to 'Duplicati/Server/Database/ServerSettings.cs')
-rw-r--r--Duplicati/Server/Database/ServerSettings.cs139
1 files changed, 114 insertions, 25 deletions
diff --git a/Duplicati/Server/Database/ServerSettings.cs b/Duplicati/Server/Database/ServerSettings.cs
index 7b2e4d08d..8104bb175 100644
--- a/Duplicati/Server/Database/ServerSettings.cs
+++ b/Duplicati/Server/Database/ServerSettings.cs
@@ -18,7 +18,11 @@
using System;
using System.Linq;
using System.Collections.Generic;
+using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
+using Org.BouncyCastle.Crypto.Parameters;
+using Org.BouncyCastle.Pkcs;
+using Org.BouncyCastle.Security;
namespace Duplicati.Server.Database
{
@@ -35,6 +39,8 @@ namespace Duplicati.Server.Database
public const string SERVER_PORT_CHANGED = "server-port-changed";
public const string SERVER_PASSPHRASE = "server-passphrase";
public const string SERVER_PASSPHRASE_SALT = "server-passphrase-salt";
+ public const string SERVER_PASSPHRASETRAYICON = "server-passphrase-trayicon";
+ public const string SERVER_PASSPHRASETRAYICONHASH = "server-passphrase-trayicon-hash";
public const string UPDATE_CHECK_LAST = "last-update-check";
public const string UPDATE_CHECK_INTERVAL = "update-check-interval";
public const string UPDATE_CHECK_NEW_VERSION = "update-check-latest";
@@ -44,8 +50,9 @@ namespace Duplicati.Server.Database
public const string SERVER_SSL_CERTIFICATE = "server-ssl-certificate";
public const string HAS_FIXED_INVALID_BACKUPID = "has-fixed-invalid-backup-id";
public const string UPDATE_CHANNEL = "update-channel";
- public const string USAGE_REPORTER_LEVEL = "usage-reporter-level";
- }
+ public const string USAGE_REPORTER_LEVEL = "usage-reporter-level";
+ public const string HAS_ASKED_FOR_PASSWORD_PROTECTION = "has-asked-for-password-protection";
+ }
private Dictionary<string, string> m_values;
private Database.Connection m_connection;
@@ -58,7 +65,7 @@ namespace Duplicati.Server.Database
ReloadSettings();
}
- private void ReloadSettings()
+ public void ReloadSettings()
{
lock(m_connection.m_lock)
{
@@ -87,11 +94,12 @@ namespace Duplicati.Server.Database
else
m_values[k.Key] = newsettings[k.Key];
- SaveSettings();
}
- System.Threading.Interlocked.Increment(ref Program.LastDataUpdateID);
- Program.StatusEventNotifyer.SignalNewEvent();
+ SaveSettings();
+
+ if (newsettings.Keys.Contains(CONST.SERVER_PASSPHRASE))
+ GenerateWebserverPasswordTrayIcon();
}
private void SaveSettings()
@@ -104,8 +112,13 @@ namespace Duplicati.Server.Database
Value = n.Value
}, Database.Connection.SERVER_SETTINGS_ID);
- // In case the usage reporter is enabled or disabled, refresh now
- Program.StartOrStopUsageReporter();
+ System.Threading.Interlocked.Increment(ref Program.LastDataUpdateID);
+ Program.StatusEventNotifyer.SignalNewEvent();
+
+ // In case the usage reporter is enabled or disabled, refresh now
+ Program.StartOrStopUsageReporter();
+ // If throttle options were changed, update now
+ Program.UpdateThrottleSpeeds();
}
public string StartupDelayDuration
@@ -187,9 +200,27 @@ namespace Duplicati.Server.Database
m_values[CONST.IS_FIRST_RUN] = value.ToString();
SaveSettings();
}
- }
-
- public bool UnackedError
+ }
+
+ public bool HasAskedForPasswordProtection
+ {
+ get
+ {
+ var tp = m_values[CONST.HAS_ASKED_FOR_PASSWORD_PROTECTION];
+ if (string.IsNullOrEmpty(tp))
+ return true;
+
+ return Duplicati.Library.Utility.Utility.ParseBoolOption(m_values, CONST.HAS_ASKED_FOR_PASSWORD_PROTECTION);
+ }
+ set
+ {
+ lock (m_connection.m_lock)
+ m_values[CONST.HAS_ASKED_FOR_PASSWORD_PROTECTION] = value.ToString();
+ SaveSettings();
+ }
+ }
+
+ public bool UnackedError
{
get
{
@@ -274,7 +305,6 @@ namespace Duplicati.Server.Database
m_values[CONST.SERVER_PASSPHRASE] = "";
m_values[CONST.SERVER_PASSPHRASE_SALT] = "";
}
- SaveSettings();
}
else
{
@@ -295,9 +325,41 @@ namespace Duplicati.Server.Database
m_values[CONST.SERVER_PASSPHRASE] = pwd;
m_values[CONST.SERVER_PASSPHRASE_SALT] = salt;
}
+ }
- SaveSettings();
+ SaveSettings();
+ GenerateWebserverPasswordTrayIcon();
+ }
+
+ public string WebserverPasswordTrayIcon => m_values[CONST.SERVER_PASSPHRASETRAYICON];
+
+ public string WebserverPasswordTrayIconHash => m_values[CONST.SERVER_PASSPHRASETRAYICONHASH];
+
+ public void GenerateWebserverPasswordTrayIcon()
+ {
+ var password = "";
+ var pwd = "";
+
+ if (!string.IsNullOrEmpty(m_values[CONST.SERVER_PASSPHRASE]))
+ {
+ password = Guid.NewGuid().ToString();
+ var buf = Convert.FromBase64String(m_values[CONST.SERVER_PASSPHRASE_SALT]);
+
+ var sha256 = System.Security.Cryptography.SHA256.Create();
+ var str = System.Text.Encoding.UTF8.GetBytes(password);
+
+ sha256.TransformBlock(str, 0, str.Length, str, 0);
+ sha256.TransformFinalBlock(buf, 0, buf.Length);
+ pwd = Convert.ToBase64String(sha256.Hash);
}
+
+ lock (m_connection.m_lock)
+ {
+ m_values[CONST.SERVER_PASSPHRASETRAYICON] = password;
+ m_values[CONST.SERVER_PASSPHRASETRAYICONHASH] = pwd;
+ }
+
+ SaveSettings();
}
public DateTime LastUpdateCheck
@@ -411,20 +473,31 @@ namespace Duplicati.Server.Database
{
get
{
- try
+ if (String.IsNullOrEmpty(m_values[CONST.SERVER_SSL_CERTIFICATE]))
+ return null;
+
+ if (Library.Utility.Utility.IsClientWindows)
+ return new X509Certificate2(Convert.FromBase64String(m_values[CONST.SERVER_SSL_CERTIFICATE]));
+ else
{
- if(String.IsNullOrEmpty(m_values[CONST.SERVER_SSL_CERTIFICATE]))
+ var store = new Pkcs12Store();
+
+ using (var stream = new System.IO.MemoryStream(Convert.FromBase64String(m_values[CONST.SERVER_SSL_CERTIFICATE])))
+ store.Load(stream, null);
+
+ if (store.Count != 1)
return null;
- var cert = new X509Certificate2();
-
- cert.Import(Convert.FromBase64String(m_values[CONST.SERVER_SSL_CERTIFICATE]));
+ var certAlias = store.Aliases.Cast<string>().FirstOrDefault(n => store.IsKeyEntry(n));
+ var cert = new X509Certificate2(DotNetUtilities.ToX509Certificate(store.GetCertificate(certAlias).Certificate).GetRawCertData());
+ var rsaPriv = DotNetUtilities.ToRSA(store.GetKey(certAlias).Key as RsaPrivateCrtKeyParameters);
+ var rsaPrivate = new RSACryptoServiceProvider(new CspParameters { KeyContainerName = "KeyContainer" });
+
+ rsaPrivate.ImportParameters(rsaPriv.ExportParameters(true));
+ cert.PrivateKey = rsaPrivate;
+
return cert;
}
- catch
- {
- return null;
- }
}
set
{
@@ -434,9 +507,25 @@ namespace Duplicati.Server.Database
m_values[CONST.SERVER_SSL_CERTIFICATE] = String.Empty;
}
else
- {
- lock (m_connection.m_lock)
- m_values[CONST.SERVER_SSL_CERTIFICATE] = Convert.ToBase64String(value.Export(X509ContentType.Pkcs12));
+ {
+ if (Library.Utility.Utility.IsClientWindows)
+ lock (m_connection.m_lock)
+ m_values[CONST.SERVER_SSL_CERTIFICATE] = Convert.ToBase64String(value.Export(X509ContentType.Pkcs12));
+ else
+ {
+ var store = new Pkcs12Store();
+
+ store.SetKeyEntry(value.FriendlyName,
+ new AsymmetricKeyEntry(DotNetUtilities.GetKeyPair(value.PrivateKey).Private),
+ new[] { new X509CertificateEntry(DotNetUtilities.FromX509Certificate(value)) });
+
+ using (var stream = new System.IO.MemoryStream())
+ {
+ store.Save(stream, null, new SecureRandom());
+ lock (m_connection.m_lock)
+ m_values[CONST.SERVER_SSL_CERTIFICATE] = Convert.ToBase64String(stream.ToArray());
+ }
+ }
}
SaveSettings();
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-22 01:59:15 +0300