Implemented gpg sign system to extensions

.env

@@ -35,5 +35,4 @@ LIMAN_CONNECTOR_SERVER=http://127.0.0.1:5000
 
 PUSHER_APP_ID=liman
 PUSHER_APP_KEY=liman-key
-PUSHER_APP_SECRET=liman-secret
 PUSHER_APP_CLUSTER=eu

app/Extension.php

@@ -21,7 +21,7 @@ class Extension extends Model
      * @var array
      */
     protected $fillable = [
-        "name" , "version", "icon", "service", "sslPorts"
+        "name" , "version", "icon", "service", "sslPorts", "issuer"
     ];
 
     /**

app/Http/Controllers/Extension/MainController.php

@@ -72,7 +72,7 @@ class MainController extends Controller
     public function upload()
     {
         $flag = Validator::make(request()->all(), [
-            'extension' => 'required |  max:5000000 | mimes:zip'
+            'extension' => 'required | max:5000000'
         ]);
         try{
             $flag->validate();
@@ -80,11 +80,27 @@ class MainController extends Controller
             return respond("Lütfen geçerli bir eklenti giriniz.",201);
         }
 
+        $zipFile = request()->file('extension');
+        if(endsWith(request()->file('extension')->getClientOriginalName(), ".signed")){
+            $verify = trim(shell_exec("gpg --verify --status-fd 1 ".request()->file('extension')->path()." | grep GOODSIG || echo 0"));
+            if(!(bool) $verify){
+                return respond("Eklenti dosyanız doğrulanamadı.",201);
+            }
+            $decrypt =  trim(shell_exec("gpg --status-fd 1 -d -o '/tmp/".request()->file('extension')->getClientOriginalName()."' ".request()->file('extension')->path()." | grep FAILURE > /dev/null && echo 0 || echo 1"));
+            if(!(bool) $decrypt){
+                return respond("Eklenti dosyası doğrulanırken bir hata oluştu!.",201);
+            }
+            $zipFile = "/tmp/".request()->file('extension')->getClientOriginalName();
+        }else{
+            if(!request()->has('force')){
+                return respond("Bu eklenti imzalanmamış bir eklenti, yine de kurmak istediğinize emin misiniz?",203);
+            }
+        }
         // Initialize Zip Archive Object to use it later.
         $zip = new ZipArchive;
 
         // Try to open zip file.
-        if (!$zip->open(request()->file('extension'))) {
+        if (!$zip->open($zipFile)) {
             system_log(7,"EXTENSION_UPLOAD_FAILED_CORRUPTED");
             return respond("Eklenti Dosyası Açılamıyor.", 201);
         }
@@ -104,6 +120,12 @@ class MainController extends Controller
 
         $json = json_decode($file, true);
 
+        if(isset($verify)){
+            $json["issuer"] = explode(" ", $verify, 4)[3];
+        }else{
+            $json["issuer"] = "";
+        }
+
         // Check If Extension Already Exists.
         $extension = Extension::where('name', $json["name"])->first();
 

build_tools/DEBIAN/postinst

@@ -2,6 +2,7 @@
 
 # Create Required Folders for Liman
 mkdir -p /liman/{server,certs,logs,database,sandbox,keys,extensions}
+gpg --import /liman/server/storage/aciklab.public
 
 # User Creation
 if getent passwd liman > /dev/null 2>&1; then

config/websockets.php

@@ -26,7 +26,7 @@ return [
             'id' => env('PUSHER_APP_ID'),
             'name' => env('APP_NAME'),
             'key' => env('PUSHER_APP_KEY'),
-            'secret' => env('PUSHER_APP_SECRET'),
+            'secret' => env('APP_KEY'),
             'path' => env('PUSHER_APP_PATH'),
             'capacity' => null,
             'enable_client_messages' => true,

database/migrations/2020_02_10_172318_add_issuer_column_to_extensions.php

+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+class AddIssuerColumnToExtensions extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('extensions', function (Blueprint $table) {
+            $table->string('issuer')->default("");
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('extensions', function (Blueprint $table) {
+            //
+        });
+    }
+}

resources/views/extension_pages/manager.blade.php

@@ -42,15 +42,20 @@
             <br><br>
         
             @include('table',[
-                "value" => extensions(),
+                "value" => extensions()->map(function($item){
+                    if(!$item["issuer"]){
+                        $item["issuer"] = __('Doğrulanmadı!');
+                    }
+                    return $item;
+                }),
                 "sortable" => true,
                 "sortUpdateUrl" => route('update_ext_orders'),
                 "afterSortFunction" => 'location.reload',
                 "title" => [
-                    "Eklenti Adı" , "Versiyon", "Son Güncelleme Tarihi", "*hidden*"
+                    "Eklenti Adı" , "Versiyon", "İmzalayan", "Son Güncelleme Tarihi", "*hidden*"
                 ],
                 "display" => [
-                    "name" , "version", "updated_at", "id:extension_id"
+                    "name" , "version", "issuer", "updated_at", "id:extension_id"
                 ],
                 "menu" => [
                     "Sil" => [
@@ -79,6 +84,7 @@
         "title" => "Eklenti Yükle",
         "url" => route('extension_upload'),
         "next" => "reload",
+        "error" => "extensionUploadError",
         "inputs" => [
             "Lütfen Eklenti Dosyasını(.lmne) Seçiniz" => "extension:file",
         ],
@@ -146,6 +152,43 @@
                 });
             }
         });
+
+        function extensionUploadError(response){
+            let error = JSON.parse(response);
+            if(error.status == 203){
+                $('#extensionUpload_alert').hide();
+                Swal.fire({
+                    title: "{{ __('Onay') }}",
+                    text: error.message,
+                    type: 'warning',
+                    showCancelButton: true,
+                    confirmButtonColor: '#3085d6',
+                    cancelButtonColor: '#d33',
+                    cancelButtonText: "{{ __('İptal') }}",
+                    confirmButtonText: "{{ __('Tamam') }}"
+                }).then((result) => {
+                    if (result.value) {
+                        Swal.fire({
+                            position: 'center',
+                            type: 'info',
+                            title: '{{__("Yükleniyor...")}}',
+                            showConfirmButton: false,
+                        });
+
+                        let data = new FormData(document.querySelector('#extensionUpload_form'))
+                        data.append("force", "1");
+                        request('{{route('extension_upload')}}',data,function(response){
+                            Swal.close();
+                            reload();
+                        }, function(response){
+                            let error = JSON.parse(response);
+                            Swal.close();
+                            $('#extensionUpload_alert').removeClass('alert-danger').removeAttr('hidden').removeClass('alert-success').addClass('alert-danger').html(error.message).fadeIn();
+                        });
+                    }
+                });
+            }
+        }
         
         function downloadDebFile(form){
             window.location.assign('/indir/eklenti_deb/' + form.getElementsByTagName('select')[0].value);

resources/views/l/modal.blade.php

@@ -15,7 +15,7 @@
             @isset($onsubmit)
                 <form @isset($id)id="{{$id}}_form"@endisset onsubmit="return {{$onsubmit}}(this)" target="#">
             @else
-                <form @isset($id)id="{{$id}}_form"@endisset onsubmit="return @isset($url)request('{{$url}}',this,@isset($next){{$next}}@endisset)"@endisset target="#">
+                <form @isset($id)id="{{$id}}_form"@endisset onsubmit="return @isset($url)request('{{$url}}',this,@isset($next){{$next}}@endisset,@isset($error){{$error}}@endisset)"@endisset target="#">
             @endif
                 <div class="modal-body">
                     <div id="{{$id}}_alert" class="alert" role="alert" hidden></div>

storage/aciklab.public

+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQGNBF5BODEBDADBJRhNShOSI13WnDbVeE1r5nKq0wHMYsCsPzweZW2LkFqMfIft
+nfGQzyTcZMnOswMKyKe7IZ1GMURf7jexu1f6xy1N1zQ+SGV07lRCIx57Lp9Xj2G4
+YQiCzlEWG40e9IA8zeOxYHMVxLtqdHE0M588xWmi9ijDhwbbDxvzBNQwwlkrScQ/
+j26/Lam0SLFuRHBHYNGQd5IG3hC/t2XKEODa4gGQDs1COOiBwRDD1RYyGez1tIn0
+fEsHpvx5BTmeDj1kpg5Ye//ek+bSB0+tpNasbYTYDgReZGP25CApO3VK0gNW0XBm
+IuMxXgwpkkuUr2i2puwChwNOMPJwIpMh8w0eVQYsRXMV1HaPcBO/5s2bkOatmr5u
+flnXkKzX6+cik8Ioflppb7OjkvdPD/pfXnjgZmfid1U7egNroBDFQNRAjFroyPsL
+C1jGp80PYIUvHmem1xsRbAwhrJHRIC5AkZc+OD3PdVLXwiTfbdKHXOx9UcZn5WQN
+DNjzxD1EKHAgjzkAEQEAAbQoSEFWRUxTQU4gQS7Fni4gPGFjaWtsYWJAaGF2ZWxz
+YW4uY29tLnRyPokB1AQTAQoAPhYhBEqOZD0LNQ5EVODsnVrzFDWUb0k4BQJeQTgx
+AhsDBQkDwmcABQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEFrzFDWUb0k42S8L
+/1fDK42iz9+q7F4gakWuaK904wyLCLjkTyxnIhmh3vkb0ruGj/2el8I5EVQ3Mvy9
+B1mNTFK3jLVm2FbsXCh2ZKnldNvWOKPBMVJe3en0tXFu+gN0/UULzneaXHoQZsoX
+VNMPNd3BOGPnvWtUt3Mmt7J2+/+lEoShN+PrR3H4/ZVn0vVFkwJtNGm9McIYoJOh
+AE6+Vp2gVm0uCdrMV8qjCkoq3NwH8sqKFg3NhAjkRkKQoaU71jVTFLmYzWq6Kz/W
+1DNBE3yzP0vV5uBL46inawwzlyQ0KIXbCAp29dTlr+bVUp1wKZKb2GozfwOj4zMo
+7O3x4Xgvn8Ems79IjFtUdJdYI6pMXpLlqA0A4dR8N+ujMiE3qTGJ/pwykXqgqfPa
++aHYplA2AQBfqmIeIBKNlurCLvyU0NkjCtPlJPNMZhFXPxAPvKRL1a+yWzu2Jc8U
+JqBjtQTcOFu0fDrgmmbmrF53nr2CWLIgKutv9lA7LormUhJY6dARhUF7Gf83E1D3
+07kBjQReQTgxAQwAvYKWhBAMbPT6Tu8YzRE5NFRR834tSK+f63KarYah5ewywkmX
+vm/zEifZsL0QiZP+jCbLSqiGRL7s4CHf1NK5vgbVOPbGgQHmcLN5rKlZCrqv26K1
+4ZHicvxLKQr1vktr+nQW1NnbkNrK5M8hVsVFte15WW2YP+UIZsKgRVDqtK1Qr5GW
+pNxBHIFZwMFuCz8lyqgxi1/dtbWv/SfGb5L2zijpbXBuXAg8lujiSSgTZudjww9t
+MuKTMgjs7StG08WGccqvlnEAv0jam3jhI4bwufiqaRQliVMEKHHoIB6qdH7AxQus
+myj46t955Y5imNIiln4xvmT2fgi4xvMQRqGvgE0wcciwJVkhLB9+Xd4tqgbW0L2O
+OfP9Wf2NUWMxAt2JgCY+FMREmeCfDTuEghLlQhGgDKnv/t2wfdwV083aPX/6icTp
+hoyyFI5axojKepjFxRBpg83w4kplkbZngs4OQ+UBlfHcGK9PtRnRhusumc9fyeV1
+IMugEPPHFNzhkB1xABEBAAGJAbwEGAEKACYWIQRKjmQ9CzUORFTg7J1a8xQ1lG9J
+OAUCXkE4MQIbDAUJA8JnAAAKCRBa8xQ1lG9JODyTC/9QzcoxwsYO+2iViC2bqjGs
+Tvq7x1X6Ye23GESVuwOe9hFMGKQB/+lbu6Gs8D6ruB14zc053BdvteuO5uGikXRm
+Hn+BYP+CuB1Eh9QcwVprBnUejGiE2ESr0/fugDjd0CPQiJ6X5wTvD8bS2UKsHBNz
+CS+TBRUMcfTiPGzFlAI0AUQXgUaxFGg5w8BzkNeTHdFYYUV9NP0CK0nPcisaH7dF
+xQn5bITumdoeZaoKXZ1QfJisOx1j+ikEKh36PB4nP59rYL422o7v8A7Fj8ay8ol8
+dfqlV5qxQqh7pIZnKNxYG+V28JWQ0RWF4i+IsoyKYEx6N1qLMWdaC1f0CKd3S49T
+gvhoFZy2EWnOA66HZrpt5wYbibw81qQ+VhW1oKxqApiHrYeOPC+3MvfHMYye8au/
+v3nwvvo3CqknlLhJ3Ne+XC4z+ldC0uPXlkc82MEolucUSTvulzKGYwXXCmJRzyrd
+ZEAbq3H2w8lWPoQjvimciEX2qu8/kACpydRKevjjDQ0=
+=ZSem
+-----END PGP PUBLIC KEY BLOCK-----