From 38cd8f296245c2edb3f0b1290385d31df7a720b8 Mon Sep 17 00:00:00 2001 From: Isaac A <6174343+tenten8401@users.noreply.github.com> Date: Sat, 16 Mar 2019 21:18:46 -0400 Subject: [PATCH 1/4] Allow nodes to be created on privileged ports --- app/Models/Node.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/Models/Node.php b/app/Models/Node.php index 80c84904f..1a412be95 100644 --- a/app/Models/Node.php +++ b/app/Models/Node.php @@ -110,8 +110,8 @@ class Node extends Model implements CleansAttributes, ValidableContract 'disk' => 'numeric|min:1', 'disk_overallocate' => 'numeric|min:-1', 'daemonBase' => 'regex:/^([\/][\d\w.\-\/]+)$/', - 'daemonSFTP' => 'numeric|between:1024,65535', - 'daemonListen' => 'numeric|between:1024,65535', + 'daemonSFTP' => 'numeric|between:1,65535', + 'daemonListen' => 'numeric|between:1,65535', 'maintenance_mode' => 'boolean', 'upload_size' => 'int|between:1,1024', ]; From 4460b6835a5b9a287ea46628a8fd109173f7bd60 Mon Sep 17 00:00:00 2001 From: Arnaud Lier Date: Sat, 23 Mar 2019 22:04:57 +0100 Subject: [PATCH 2/4] Match original database password length when doing a password reset (#1509) --- app/Http/Controllers/Admin/ServersController.php | 2 +- app/Http/Controllers/Server/DatabaseController.php | 2 +- app/Services/Databases/DatabaseManagementService.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/app/Http/Controllers/Admin/ServersController.php b/app/Http/Controllers/Admin/ServersController.php index 161e8aba6..44eebcccf 100644 --- a/app/Http/Controllers/Admin/ServersController.php +++ b/app/Http/Controllers/Admin/ServersController.php @@ -599,7 +599,7 @@ class ServersController extends Controller ['id', '=', $request->input('database')], ]); - $this->databasePasswordService->handle($database, str_random(20)); + $this->databasePasswordService->handle($database, str_random(24)); return response('', 204); } diff --git a/app/Http/Controllers/Server/DatabaseController.php b/app/Http/Controllers/Server/DatabaseController.php index be7d501ba..7d8e4cda2 100644 --- a/app/Http/Controllers/Server/DatabaseController.php +++ b/app/Http/Controllers/Server/DatabaseController.php @@ -142,7 +142,7 @@ class DatabaseController extends Controller { $this->authorize('reset-db-password', $request->attributes->get('server')); - $password = str_random(20); + $password = str_random(24); $this->passwordService->handle($request->attributes->get('database'), $password); return response()->json(['password' => $password]); diff --git a/app/Services/Databases/DatabaseManagementService.php b/app/Services/Databases/DatabaseManagementService.php index dc91e11f9..d7c942cba 100644 --- a/app/Services/Databases/DatabaseManagementService.php +++ b/app/Services/Databases/DatabaseManagementService.php @@ -69,7 +69,7 @@ class DatabaseManagementService $data['server_id'] = $server; $data['database'] = sprintf('s%d_%s', $server, $data['database']); $data['username'] = sprintf('u%d_%s', $server, str_random(10)); - $data['password'] = $this->encrypter->encrypt(str_random(16)); + $data['password'] = $this->encrypter->encrypt(str_random(24)); $this->database->beginTransaction(); try { From 7277b6449b4f918f10e54453ba2b0dea2d0349d2 Mon Sep 17 00:00:00 2001 From: saibotk Date: Sat, 27 Apr 2019 20:18:12 +0200 Subject: [PATCH 3/4] Replace 2FA QR Code generation (#1548) Due to the Google API for generating the 2FA QR code will be shut down on 14.04.2019, this adds the package "pragmarx/google2fa-qrcode" and updates "pragmarx/google2fa" to version 5.x. Due to now using BaconQR, Pterodactyl now needs the php-imagick extension to render the images. --- app/Services/Users/TwoFactorSetupService.php | 8 +- composer.json | 3 +- composer.lock | 172 ++++++++++++++++-- .../Users/TwoFactorSetupServiceTest.php | 6 +- 4 files changed, 167 insertions(+), 22 deletions(-) diff --git a/app/Services/Users/TwoFactorSetupService.php b/app/Services/Users/TwoFactorSetupService.php index 4d2ecff8a..786cf3d35 100644 --- a/app/Services/Users/TwoFactorSetupService.php +++ b/app/Services/Users/TwoFactorSetupService.php @@ -10,7 +10,7 @@ namespace Pterodactyl\Services\Users; use Pterodactyl\Models\User; -use PragmaRX\Google2FA\Google2FA; +use PragmaRX\Google2FAQRCode\Google2FA; use Illuminate\Contracts\Encryption\Encrypter; use Pterodactyl\Contracts\Repository\UserRepositoryInterface; use Illuminate\Contracts\Config\Repository as ConfigRepository; @@ -28,7 +28,7 @@ class TwoFactorSetupService private $encrypter; /** - * @var \PragmaRX\Google2FA\Google2FA + * @var PragmaRX\Google2FAQRCode\Google2FA */ private $google2FA; @@ -42,7 +42,7 @@ class TwoFactorSetupService * * @param \Illuminate\Contracts\Config\Repository $config * @param \Illuminate\Contracts\Encryption\Encrypter $encrypter - * @param \PragmaRX\Google2FA\Google2FA $google2FA + * @param PragmaRX\Google2FAQRCode\Google2FA $google2FA * @param \Pterodactyl\Contracts\Repository\UserRepositoryInterface $repository */ public function __construct( @@ -70,7 +70,7 @@ class TwoFactorSetupService public function handle(User $user): string { $secret = $this->google2FA->generateSecretKey($this->config->get('pterodactyl.auth.2fa.bytes')); - $image = $this->google2FA->getQRCodeGoogleUrl($this->config->get('app.name'), $user->email, $secret); + $image = $this->google2FA->getQRCodeInline($this->config->get('app.name'), $user->email, $secret); $this->repository->withoutFreshModel()->update($user->id, [ 'totp_secret' => $this->encrypter->encrypt($secret), diff --git a/composer.json b/composer.json index 49a957236..95c96926d 100644 --- a/composer.json +++ b/composer.json @@ -29,7 +29,8 @@ "lord/laroute": "^2.4", "matriphe/iso-639": "^1.2", "nesbot/carbon": "^1.22", - "pragmarx/google2fa": "^2.0", + "pragmarx/google2fa": "^5.0", + "pragmarx/google2fa-qrcode": "^1.0.3", "predis/predis": "^1.1", "prologue/alerts": "^0.4", "ramsey/uuid": "^3.7", diff --git a/composer.lock b/composer.lock index 42f0ec2fb..f1a7e59f2 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "2079d9e659d2f26492c9931277bd1f25", + "content-hash": "9c03519785d01a8f710a0f7e65f602e8", "packages": [ { "name": "appstract/laravel-blade-directives", @@ -142,6 +142,55 @@ ], "time": "2018-11-21T19:18:43+00:00" }, + { + "name": "bacon/bacon-qr-code", + "version": "2.0.0", + "source": { + "type": "git", + "url": "https://github.com/Bacon/BaconQrCode.git", + "reference": "eaac909da3ccc32b748a65b127acd8918f58d9b0" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/Bacon/BaconQrCode/zipball/eaac909da3ccc32b748a65b127acd8918f58d9b0", + "reference": "eaac909da3ccc32b748a65b127acd8918f58d9b0", + "shasum": "" + }, + "require": { + "dasprid/enum": "^1.0", + "ext-iconv": "*", + "php": "^7.1" + }, + "require-dev": { + "phly/keep-a-changelog": "^1.4", + "phpunit/phpunit": "^6.4", + "squizlabs/php_codesniffer": "^3.1" + }, + "suggest": { + "ext-imagick": "to generate QR code images" + }, + "type": "library", + "autoload": { + "psr-4": { + "BaconQrCode\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-2-Clause" + ], + "authors": [ + { + "name": "Ben Scholzen 'DASPRiD'", + "email": "mail@dasprids.de", + "homepage": "http://www.dasprids.de", + "role": "Developer" + } + ], + "description": "BaconQrCode is a QR code generator for PHP.", + "homepage": "https://github.com/Bacon/BaconQrCode", + "time": "2018-04-25T17:53:56+00:00" + }, { "name": "cakephp/chronos", "version": "1.2.3", @@ -199,6 +248,48 @@ ], "time": "2018-10-18T22:02:21+00:00" }, + { + "name": "dasprid/enum", + "version": "1.0.0", + "source": { + "type": "git", + "url": "https://github.com/DASPRiD/Enum.git", + "reference": "631ef6e638e9494b0310837fa531bedd908fc22b" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/DASPRiD/Enum/zipball/631ef6e638e9494b0310837fa531bedd908fc22b", + "reference": "631ef6e638e9494b0310837fa531bedd908fc22b", + "shasum": "" + }, + "require-dev": { + "phpunit/phpunit": "^6.4", + "squizlabs/php_codesniffer": "^3.1" + }, + "type": "library", + "autoload": { + "psr-4": { + "DASPRiD\\Enum\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-2-Clause" + ], + "authors": [ + { + "name": "Ben Scholzen 'DASPRiD'", + "email": "mail@dasprids.de", + "homepage": "https://dasprids.de/" + } + ], + "description": "PHP 7.1 enum implementation", + "keywords": [ + "enum", + "map" + ], + "time": "2017-10-25T22:45:27+00:00" + }, { "name": "dnoegel/php-xdg-base-dir", "version": "0.1", @@ -2108,31 +2199,27 @@ }, { "name": "pragmarx/google2fa", - "version": "v2.0.7", + "version": "v5.0.0", "source": { "type": "git", "url": "https://github.com/antonioribeiro/google2fa.git", - "reference": "5a818bda62fab0c0a79060b06d50d50b5525d631" + "reference": "17c969c82f427dd916afe4be50bafc6299aef1b4" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/antonioribeiro/google2fa/zipball/5a818bda62fab0c0a79060b06d50d50b5525d631", - "reference": "5a818bda62fab0c0a79060b06d50d50b5525d631", + "url": "https://api.github.com/repos/antonioribeiro/google2fa/zipball/17c969c82f427dd916afe4be50bafc6299aef1b4", + "reference": "17c969c82f427dd916afe4be50bafc6299aef1b4", "shasum": "" }, "require": { "paragonie/constant_time_encoding": "~1.0|~2.0", - "paragonie/random_compat": "~1.4|~2.0", + "paragonie/random_compat": ">=1", "php": ">=5.4", "symfony/polyfill-php56": "~1.2" }, "require-dev": { - "bacon/bacon-qr-code": "~1.0", "phpunit/phpunit": "~4|~5|~6" }, - "suggest": { - "bacon/bacon-qr-code": "Required to generate inline QR Codes." - }, "type": "library", "extra": { "component": "package", @@ -2148,7 +2235,7 @@ }, "notification-url": "https://packagist.org/downloads/", "license": [ - "BSD-3-Clause" + "MIT" ], "authors": [ { @@ -2162,10 +2249,67 @@ "2fa", "Authentication", "Two Factor Authentication", - "google2fa", - "laravel" + "google2fa" ], - "time": "2018-01-06T16:21:07+00:00" + "time": "2019-03-19T22:44:16+00:00" + }, + { + "name": "pragmarx/google2fa-qrcode", + "version": "v1.0.3", + "source": { + "type": "git", + "url": "https://github.com/antonioribeiro/google2fa-qrcode.git", + "reference": "fd5ff0531a48b193a659309cc5fb882c14dbd03f" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/antonioribeiro/google2fa-qrcode/zipball/fd5ff0531a48b193a659309cc5fb882c14dbd03f", + "reference": "fd5ff0531a48b193a659309cc5fb882c14dbd03f", + "shasum": "" + }, + "require": { + "bacon/bacon-qr-code": "~1.0|~2.0", + "php": ">=5.4", + "pragmarx/google2fa": ">=4.0" + }, + "require-dev": { + "khanamiryan/qrcode-detector-decoder": "^1.0", + "phpunit/phpunit": "~4|~5|~6|~7" + }, + "type": "library", + "extra": { + "component": "package", + "branch-alias": { + "dev-master": "1.0-dev" + } + }, + "autoload": { + "psr-4": { + "PragmaRX\\Google2FAQRCode\\": "src/", + "PragmaRX\\Google2FAQRCode\\Tests\\": "tests/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Antonio Carlos Ribeiro", + "email": "acr@antoniocarlosribeiro.com", + "role": "Creator & Designer" + } + ], + "description": "QR Code package for Google2FA", + "keywords": [ + "2fa", + "Authentication", + "Two Factor Authentication", + "google2fa", + "qr code", + "qrcode" + ], + "time": "2019-03-20T16:42:58+00:00" }, { "name": "predis/predis", diff --git a/tests/Unit/Services/Users/TwoFactorSetupServiceTest.php b/tests/Unit/Services/Users/TwoFactorSetupServiceTest.php index 8cb097537..09d37b0d7 100644 --- a/tests/Unit/Services/Users/TwoFactorSetupServiceTest.php +++ b/tests/Unit/Services/Users/TwoFactorSetupServiceTest.php @@ -5,7 +5,7 @@ namespace Tests\Unit\Services\Users; use Mockery as m; use Tests\TestCase; use Pterodactyl\Models\User; -use PragmaRX\Google2FA\Google2FA; +use PragmaRX\Google2FAQRCode\Google2FA; use Illuminate\Contracts\Config\Repository; use Illuminate\Contracts\Encryption\Encrypter; use Pterodactyl\Services\Users\TwoFactorSetupService; @@ -24,7 +24,7 @@ class TwoFactorSetupServiceTest extends TestCase private $encrypter; /** - * @var \PragmaRX\Google2FA\Google2FA|\Mockery\Mock + * @var PragmaRX\Google2FAQRCode\Google2FA|\Mockery\Mock */ private $google2FA; @@ -56,7 +56,7 @@ class TwoFactorSetupServiceTest extends TestCase $this->config->shouldReceive('get')->with('pterodactyl.auth.2fa.bytes')->once()->andReturn(32); $this->google2FA->shouldReceive('generateSecretKey')->with(32)->once()->andReturn('secretKey'); $this->config->shouldReceive('get')->with('app.name')->once()->andReturn('CompanyName'); - $this->google2FA->shouldReceive('getQRCodeGoogleUrl')->with('CompanyName', $model->email, 'secretKey')->once()->andReturn('http://url.com'); + $this->google2FA->shouldReceive('getQRCodeInline')->with('CompanyName', $model->email, 'secretKey')->once()->andReturn('http://url.com'); $this->encrypter->shouldReceive('encrypt')->with('secretKey')->once()->andReturn('encryptedSecret'); $this->repository->shouldReceive('withoutFreshModel->update')->with($model->id, ['totp_secret' => 'encryptedSecret'])->once()->andReturnNull(); From 3290d3986313af2050c13d44da7b99edc631372e Mon Sep 17 00:00:00 2001 From: TonisGen <32432159+TonyS95@users.noreply.github.com> Date: Thu, 2 May 2019 04:02:41 +0100 Subject: [PATCH 4/4] update egg-teamspeak3-server.json (#1575) * delete ts3 egg * update egg-teamspeak3-server.json --- .../seeds/eggs/voice-servers/egg-teamspeak3-server.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/database/seeds/eggs/voice-servers/egg-teamspeak3-server.json b/database/seeds/eggs/voice-servers/egg-teamspeak3-server.json index c9521cff4..2058ec225 100644 --- a/database/seeds/eggs/voice-servers/egg-teamspeak3-server.json +++ b/database/seeds/eggs/voice-servers/egg-teamspeak3-server.json @@ -3,7 +3,7 @@ "meta": { "version": "PTDL_v1" }, - "exported_at": "2018-10-28T20:50:23+01:00", + "exported_at": "2019-05-01T16:35:15+00:00", "name": "Teamspeak3 Server", "author": "support@pterodactyl.io", "description": "VoIP software designed with security in mind, featuring crystal clear voice quality, endless customization options, and scalabilty up to thousands of simultaneous users.", @@ -27,10 +27,10 @@ "name": "Server Version", "description": "The version of Teamspeak 3 to use when running the server.", "env_variable": "TS_VERSION", - "default_value": "3.5.0", + "default_value": "3.7.1", "user_viewable": 1, "user_editable": 1, "rules": "required|regex:\/^([0-9_\\.-]{5,10})$\/" } ] -} +} \ No newline at end of file