if (substr($url, -1) == "/") {
$url = substr($url, 0, -1);
}
define("SSO_ROOT_URL", $url);
$url = dirname(BB_GetFullRequestURLBase());
if (substr($url, -1) != "/") {
$url .= "/";
}
define("SSO_LOGIN_URL", $url);
define("SSO_SUPPORT_PATH", "support");
define("SSO_PROVIDER_PATH", "providers");
// Generate random seeds.
$rng = new CSPRNG(true);
$sso_rng = $rng;
for ($x = 0; $x < 14; $x++) {
$seed = $rng->GenerateToken(128);
if ($seed === false) {
InstallError("Seed generation failed.");
}
define("SSO_BASE_RAND_SEED" . ($x ? $x + 1 : ""), $seed);
}
define("SSO_USE_LESS_SAFE_STORAGE", $_REQUEST["sso_use_less_safe_storage"] == "yes");
// Connect to the database server.
$databases = SSO_GetSupportedDatabases();
$dbtype = (string) $_REQUEST["db_select"];
if (!isset($databases[$dbtype])) {
InstallError("Please select a database server.");
}
if ($_REQUEST["db_dsn"] == "") {
$dsn = $databases[$dbtype]["default_dsn"];
$dsn = str_replace("@RANDOM@", $rng->GenerateString(), $dsn);
}
if ($_REQUEST["type"] != "normal" && $_REQUEST["type"] != "remote" && $_REQUEST["type"] != "custom") {
BB_SetPageMessage("error", "Please select a 'Type'.");
}
if ((int) $_REQUEST["clock_drift"] < 0) {
BB_SetPageMessage("error", "Invalid clock drift specified.");
}
if ($_REQUEST["cipher"] != "blowfish" && $_REQUEST["cipher"] != "aes256") {
BB_SetPageMessage("error", "Please select a 'Symmetric Cipher'.");
}
if (BB_GetPageMessageType() != "error") {
if (!isset($_REQUEST["reset_key"]) || $_REQUEST["reset_key"] != "yes") {
$secretkey = $info["key"];
} else {
$secretkey = $_REQUEST["cipher"];
$secretkey .= ":" . $sso_rng->GenerateToken($_REQUEST["cipher"] == "aes256" ? 32 : 56);
$secretkey .= ":" . $sso_rng->GenerateToken($_REQUEST["cipher"] == "aes256" ? 32 : 8);
if ($_REQUEST["dual_encrypt"] > 0) {
$secretkey .= ":" . $sso_rng->GenerateToken($_REQUEST["cipher"] == "aes256" ? 32 : 56);
$secretkey .= ":" . $sso_rng->GenerateToken($_REQUEST["cipher"] == "aes256" ? 32 : 8);
}
}
$info = array("key" => $secretkey, "type" => $_REQUEST["type"], "purpose" => $_REQUEST["purpose"], "url" => $_REQUEST["url"], "impersonation" => (bool) (int) $_REQUEST["impersonation"], "clock_drift" => (int) $_REQUEST["clock_drift"], "field_map" => array(), "tag_map" => array(), "patterns" => $_REQUEST["patterns"]);
foreach ($sso_fields as $key => $encrypted) {
$md5key = md5($key);
if (isset($_REQUEST["field_map_" . $md5key]) && $_REQUEST["field_map_" . $md5key] != "" && isset($_REQUEST["field_perms_" . $md5key])) {
$info["field_map"][$key] = array("name" => $_REQUEST["field_map_" . $md5key], "perms" => $_REQUEST["field_perms_" . $md5key]);
}
}
$result = $sso_db->Query("SELECT", array("*", "FROM" => "?", "ORDER BY" => "tag_name"), $sso_db_tags);
while ($row2 = $result->NextRow()) {
function BB_CreatePage($bb_dir, $bb_file)
{
if (defined("DEFAULT_PAGE_LANG") && DEFAULT_PAGE_LANG != "") {
$bb_pref_lang = DEFAULT_PAGE_LANG;
} else {
$clientlangs = BB_ExtractClientLanguages();
$bb_pref_lang = count($clientlangs) ? $clientlangs[0] : "en";
}
BB_RunPluginActionInfo("bb_createpage_pref_lang", $bb_pref_lang);
$bb_page = array("ver" => 1.0, "redirect" => "", "cachetime" => -1, "easyedit" => true, "sitemap" => false, "sitemappriority" => "normal", "doctype" => "HTML 5", "metarobots" => "", "perms" => array(), "langs" => array($bb_pref_lang => array()), "onelang" => true, "defaultlang" => $bb_pref_lang);
// Map 'en' to 'en_us'.
if (strpos($bb_pref_lang, "_")) {
$bb_page["langs"][substr($bb_pref_lang, 0, strpos($bb_pref_lang, "_"))] = $bb_pref_lang;
}
BB_RunPluginActionInfo("bb_createpage_bb_page", $bb_page);
require_once ROOT_PATH . "/" . SUPPORT_PATH . "/random.php";
$rng = new CSPRNG(false);
$bb_langpage = array("title" => "", "metadesc" => "", "widgets" => array("root" => array("_f" => "Root/Page", "_m" => true, "_a" => "root", "_id" => "root", "_ids" => array())), "pagerand" => $rng->GenerateToken());
BB_RunPluginActionInfo("bb_createpage_bb_langpage", $bb_langpage);
$bb_langpagerevisions = array("rootrev" => 0, "branches" => array(), "revisions" => array(array("", serialize($bb_langpage), time(), time(), "Initial Page")));
BB_RunPluginActionInfo("bb_createpage_bb_langpagerevisions", $bb_langpagerevisions);
$bb_relroot = BB_MakePageDirs($bb_dir);
$data = "<" . "?php\n";
$data .= "\tdefine(\"BB_FILE\", 1);\n";
$data .= "\trequire_once \"" . $bb_file . "_page.php\";\n";
if ($bb_relroot != "") {
$data .= "\tchdir(\$bb_relroot);\n";
}
$data .= "\trequire_once \"main.php\";\n";
$data .= "?" . ">";
if (BB_WriteFile($bb_dir . "/" . $bb_file . ".php", $data) === false) {
return false;
}
$data = "<" . "?php\n";
$data .= "\t\$bb_dir = \"" . $bb_dir . "\";\n";
$data .= "\t\$bb_file = \"" . $bb_file . "\";\n";
$data .= "\t\$bb_relroot = \"" . $bb_relroot . "\";\n";
$data .= "\t\$bb_page = " . BB_CreatePHPStorageData($bb_page) . ";\n";
$data .= "?" . ">";
if (BB_WriteFile($bb_dir . "/" . $bb_file . "_page.php", $data) === false) {
return false;
}
$data = "<" . "?php\n\t\$bb_langpage = " . BB_CreatePHPStorageData($bb_langpage) . ";\n?" . ">";
if (BB_WriteFile($bb_dir . "/" . $bb_file . "_" . $bb_pref_lang . "_page.php", $data) === false) {
return false;
}
$data = "<" . "?php\n\t\$bb_langpagerevisions = " . BB_CreatePHPStorageData($bb_langpagerevisions) . ";\n?" . ">";
if (BB_WriteFile($bb_dir . "/" . $bb_file . "_" . $bb_pref_lang . "_rev.php", $data) === false) {
return false;
}
BB_RunPluginAction("post_bb_createpage");
return true;
}
$sso_apikey_info["keyinfo"]["opts"]["iv"] = pack("H*", substr($sso_apikey_info["key"], -16));
} else {
$info = explode(":", $sso_apikey_info["key"]);
if (count($info) < 3) {
return array("success" => false, "error" => SSO_Translate("Invalid secret key."));
}
$sso_apikey_info["keyinfo"]["mode"] = $info[0];
$sso_apikey_info["keyinfo"]["key"] = pack("H*", $info[1]);
$sso_apikey_info["keyinfo"]["opts"]["iv"] = pack("H*", $info[2]);
if (count($info) >= 5) {
$sso_apikey_info["keyinfo"]["opts"]["key2"] = pack("H*", $info[3]);
$sso_apikey_info["keyinfo"]["opts"]["iv2"] = pack("H*", $info[4]);
}
unset($info);
}
$sso_apikey_info["keyinfo"]["opts"]["prefix"] = pack("H*", $sso_rng->GenerateToken());
if ($sso_apikey_info["keyinfo"]["mode"] === "aes256") {
$sso_data = ExtendedAES::ExtractDataPacket($sso_data, $sso_apikey_info["keyinfo"]["key"], $sso_apikey_info["keyinfo"]["opts"]);
} else {
$sso_data = Blowfish::ExtractDataPacket($sso_data, $sso_apikey_info["keyinfo"]["key"], $sso_apikey_info["keyinfo"]["opts"]);
}
if ($sso_data === false) {
SSO_EndpointError("Unable to decrypt data packet.");
}
$sso_data = @json_decode($sso_data, true);
if ($sso_data === false) {
SSO_EndpointError("Unable to extract data packet.");
}
$sso_encrypted = true;
// Check the data packet against submitted data.
if (!isset($sso_data["ts"]) || !isset($sso_data["apikey"]) || $_REQUEST["apikey"] !== $sso_data["apikey"] || !isset($sso_data["action"]) || $_REQUEST["action"] !== $sso_data["action"] || !isset($sso_data["ver"]) || $_REQUEST["ver"] !== $sso_data["ver"]) {
define("DEFAULT_PAGE_LANG", $_REQUEST["default_page_lang"]);
if ($_REQUEST["write_perms"] == "g") {
$bb_writeperms = 0220;
} else {
if ($_REQUEST["write_perms"] == "w") {
$bb_writeperms = 0222;
} else {
$bb_writeperms = 0200;
}
}
try {
$rng = new CSPRNG(true);
} catch (Exception $e) {
InstallError("Unable to initialize CSPRNG. Insufficient entropy available to this host.");
}
$baserand = $rng->GenerateToken();
if ($baserand === false) {
InstallError("Unable to generate token with CSPRNG.");
}
define("BASE_RAND_SEED", $baserand);
$baserand = $rng->GenerateToken();
if ($baserand === false) {
InstallError("Unable to generate token with CSPRNG.");
}
define("BASE_RAND_SEED2", $baserand);
define("USE_LESS_SAFE_STORAGE", $_REQUEST["use_less_safe_storage"] == "yes");
// Generate the last widget update file (used for refreshing cached files after a widget is changed).
if (!BB_WidgetStatusUpdate()) {
InstallError("Unable to install the last update tracker.");
}
InstallSuccess("Successfully set up the last update tracker.");
