Subversion Repositories ALCASAR

Rev

Rev 2299 | Rev 2316 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log

Rev Author Line No. Line
318 richard 1
<?php
2304 tom.houday 2
# $Id: network.php 2304 2017-06-26 12:56:14Z tom.houdayer $
3
 
838 richard 4
/* written by steweb57 & Rexy */
318 richard 5
 
861 richard 6
/********************
1748 richard 7
* READ CONF FILES   *
861 richard 8
*********************/
841 richard 9
define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
10
define ("ETHERS_FILE", "/usr/local/etc/alcasar-ethers");
2274 richard 11
define ("ETHERS_INFO_FILE", "/usr/local/etc/alcasar-ethers-info");
1959 richard 12
define ("DNS_LOCAL_FILE", "/usr/local/etc/alcasar-dns-name");
2304 tom.houday 13
define('LETS_ENCRYPT_FILE', '/usr/local/etc/alcasar-letsencrypt');
14
$conf_files=array(CONF_FILE,ETHERS_FILE,ETHERS_INFO_FILE,DNS_LOCAL_FILE, LETS_ENCRYPT_FILE);
1822 raphael.pi 15
$reg_ip = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/';
16
$reg_ip_cidr = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/';
17
$network_modification=0;
861 richard 18
foreach ($conf_files as $file){
19
if (!file_exists($file)){
20
	exit("Requested file ".$file." isn't present");}
21
if (!is_readable($file)){
22
	exit("Can't read the file ".$file);}
841 richard 23
}
318 richard 24
# Choice of language
25
$Language = 'en';
26
if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){
27
	$Langue		= explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);
28
	$Language	= strtolower(substr(chop($Langue[0]),0,2)); }
29
if($Language == 'fr'){
30
	$l_network_title	= "Configuration réseau";
1478 richard 31
	$l_extif_legend		= " (Interface connectée à Internet)";
32
	$l_intif_legend		= " (Réseau de consultation)";
318 richard 33
	$l_internet_legend	= "INTERNET";
1733 richard 34
	$l_ip_mask		= "Masque";
318 richard 35
	$l_ip_router		= "Passerelle";
736 franck 36
	$l_ip_public		= "Adresse IP publique";
1733 richard 37
	$l_ip_dns1		= "DNS1";
38
	$l_ip_dns2		= "DNS2";
861 richard 39
	$l_dhcp_title		= "Service DHCP";
862 richard 40
	$l_dhcp_state		= "Mode actuel";
1484 richard 41
	$l_DHCP_on		= "actif";
42
	$l_DHCP_off		= "inactif";
2304 tom.houday 43
	$l_DHCP_off_explain	= "/!\\ Avant d'arrêter le serveur DHCP, vous devez renseigner les paramètres d'un serveur externe (cf. documentation).";
841 richard 44
	$l_static_dhcp_title	= "Réservation d'adresses IP statiques";
45
	$l_mac_address		= "Adresse MAC";
46
	$l_ip_address		= "Adresse IP";
1959 richard 47
	$l_host_name		= "Nom d'hôte";
48
	$l_del			= "Supprimer de la liste";
841 richard 49
	$l_add_to_list		= "Ajouter";
1733 richard 50
	$l_apply		= "Appliquer les changements";
1959 richard 51
	$l_local_dns		= "Résolution local de nom";
1733 richard 52
	$l_import_cert		= "Import de certificat";
53
	$l_private_key		= "Clé privée (.key) :";
54
	$l_certificate		= "Certificat (.crt) :";
1740 richard 55
	$l_server_chain		= "Chaîne de certification (si nécéssaire : .crt) :";
56
	$l_default_cert		= "Revenir au certificat d'origine";
57
	$l_import		= "Importer";
1743 clement.si 58
	$l_current_certificate  = "Certificat actuel";
59
	$l_validated		= "Validé par :";
318 richard 60
} else {
61
	$l_network_title	= "Network configuration";
1478 richard 62
	$l_extif_legend		= " (Internet connected interface)";
63
	$l_intif_legend		= " (Private network)";
318 richard 64
	$l_internet_legend	= "INTERNET";
1733 richard 65
	$l_ip_mask		= "Mask";
841 richard 66
	$l_ip_router		= "Gateway";
318 richard 67
	$l_ip_public		= "Public IP address";
1733 richard 68
	$l_ip_dns1		= "DNS1";
69
	$l_ip_dns2		= "DNS2";
861 richard 70
	$l_dhcp_title		= "DHCP service";
862 richard 71
	$l_dhcp_state		= "Current mode";
1484 richard 72
	$l_DHCP_on		= "enabled";
73
	$l_DHCP_off		= "disabled";
2304 tom.houday 74
	$l_DHCP_off_explain	= "/!\\ Before disabling the DHCP server, you must write the extern DHCP parameters in the config file (see Documentation)";
841 richard 75
	$l_static_dhcp_title	= "Static IP addresses reservation";
76
	$l_mac_address		= "MAC Address";
77
	$l_ip_address		= "IP Address";
1959 richard 78
	$l_host_name		= "Host name";
79
	$l_del			= "Delete from list";
841 richard 80
	$l_add_to_list		= "Add";
1733 richard 81
	$l_apply		= "Apply changes";
1959 richard 82
	$l_local_dns		= "Local name resolution";
1733 richard 83
	$l_import_cert		= "Certificate import";
84
	$l_private_key		= "Private key (.key) :";
85
	$l_certificate		= "Certificate (.crt) :";
1740 richard 86
	$l_server_chain		= "Server-chain (if necessary : .crt) :";
1733 richard 87
	$l_default_cert		= "Back to default certificate";
1740 richard 88
	$l_import		= "Import";
1743 clement.si 89
	$l_current_certificate  = "Current certificate";
90
	$l_validated		= "Validated by :";
318 richard 91
}
841 richard 92
if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";}
93
switch ($choix)
94
{
1484 richard 95
case 'DHCP_On' :
1827 raphael.pi 96
	exec ("sudo /usr/local/bin/alcasar-dhcp.sh -on");
841 richard 97
	break;
98
case 'DHCP_Off' :
1827 raphael.pi 99
	exec ("sudo /usr/local/bin/alcasar-dhcp.sh -off");
841 richard 100
	break;
101
case 'new_mac' :
102
	if ((trim($_POST['add_mac']) != "") and (trim($_POST['add_ip']) != ""))
103
		{
104
		$tab=file(ETHERS_FILE);
1710 richard 105
		if ($tab)  # the file isn't empty
841 richard 106
			{
1959 richard 107
			$insert="True";
2265 richard 108
			$new_mac_addr=trim($_POST['add_mac'],"\x00..\x20");
109
			$new_ip_addr=trim($_POST['add_ip'],"\x00..\x20");
1959 richard 110
			foreach ($tab as $line)  # verify that MAC or IP address doesn't exist
841 richard 111
				{
112
				$field=explode(" ", $line);
113
				$mac_addr=trim($field[0]);$ip_addr=trim($field[1]);
2265 richard 114
				if (strcasecmp($new_mac_addr, $mac_addr) == 0)
841 richard 115
					{
116
					$insert="False";
117
					break;
118
					}
2265 richard 119
				if (strcasecmp($new_ip_addr, $ip_addr) == 0)
841 richard 120
					{
121
					$insert="False";
122
					break;
123
					}
124
				}
1959 richard 125
			if ($insert == "True")
126
				{
2274 richard 127
				$line = $new_mac_addr . " " . $new_ip_addr . "\n";
1959 richard 128
				$pointeur=fopen(ETHERS_FILE,"a");
129
				fwrite ($pointeur, $line);
130
				fclose ($pointeur);
2274 richard 131
				$pointeur=fopen(ETHERS_INFO_FILE,"a");
2277 richard 132
				$line = $new_mac_addr . " " . $new_ip_addr . " #" . trim($_POST['info'],"\x00..\x20") . "\n";
2274 richard 133
				fwrite ($pointeur, $line);
134
				fclose ($pointeur);
1959 richard 135
				exec ("sudo /usr/bin/systemctl reload chilli");
136
				}
841 richard 137
			}
1959 richard 138
		}
139
	break;
140
case 'del_mac' :
141
	foreach ($_POST as $key => $value)
142
		{
143
		if ($value == 'on')
841 richard 144
			{
1959 richard 145
			$ether_file=ETHERS_FILE;
146
			exec("/bin/sed -i \"/^$key/d\" $ether_file");
2274 richard 147
			$ether_file=ETHERS_INFO_FILE;
148
			exec("/bin/sed -i \"/^$key/d\" $ether_file");
1707 richard 149
			exec ("sudo /usr/bin/systemctl reload chilli");
841 richard 150
			}
151
		}
152
	break;
1959 richard 153
case 'new_host' :
154
	if ((trim($_POST['add_host']) != "") and (trim($_POST['add_ip']) != ""))
841 richard 155
		{
1959 richard 156
		$tab=file(DNS_LOCAL_FILE);
157
		$insert="True";
158
		if ($tab)  # the file isn't empty
841 richard 159
			{
1959 richard 160
			foreach ($tab as $line)  # verify that host or IP address doesn't exist
841 richard 161
				{
1959 richard 162
				if (preg_match ('/^address/', $line))
163
					{
164
					$field=explode("/", $line);
165
					$host_name=trim($field[1]);$ip_addr=trim($field[2]);
166
					if (strcasecmp(trim($_POST['add_host']),trim($host_name)) == 0)
167
						{
168
						$insert="False";
169
						break;
170
						}
171
					if (strcasecmp(trim($_POST['add_ip']), trim($ip_addr)) == 0)
172
						{
173
						$insert="False";
174
						break;
175
						}
841 richard 176
					}
177
				}
1959 richard 178
			if ($insert == "True")
179
				{
180
				$line1 = "address=/".trim($_POST['add_host'])."/".trim($_POST['add_ip'])."\n";
181
				$explode_ip=explode('.',trim($_POST['add_ip']));
182
				$reverse_ip=implode('.',array_reverse($explode_ip));
183
				$line2 = "ptr-record=".$reverse_ip.".in-addr.arpa,".trim($_POST['add_host'])."\n";
184
				$pointeur=fopen(DNS_LOCAL_FILE,"a");
185
				fwrite ($pointeur, $line1);
186
				fwrite ($pointeur, $line2);
187
				fclose ($pointeur);
188
				exec ("sudo /usr/bin/systemctl restart dnsmasq");
189
				exec ("sudo /usr/bin/systemctl restart dnsmasq-blacklist");
190
				exec ("sudo /usr/bin/systemctl restart dnsmasq-whitelist");
191
				}
841 richard 192
			}
193
		}
194
	break;
1960 richard 195
case 'del_host' :
1959 richard 196
	foreach ($_POST as $key => $value)
197
		{
198
		if ($value == 'on')
199
			{
1960 richard 200
			$dns_local_file=DNS_LOCAL_FILE;
201
			exec("/bin/sed -i \"/$key/d\" $dns_local_file");
202
			exec ("sudo /usr/bin/systemctl restart dnsmasq");
203
			exec ("sudo /usr/bin/systemctl restart dnsmasq-blacklist");
204
			exec ("sudo /usr/bin/systemctl restart dnsmasq-whitelist");
1959 richard 205
			}
206
		}
207
	break;
318 richard 208
}
209
 
210
// Fonction de test de connectivité internet
211
function internetTest(){
696 franck 212
	$host = "www.google.fr"; # Google Test
318 richard 213
	$port = "80";
1710 richard 214
	//var $num;	//not used
215
	//var $error;	//not used
1733 richard 216
 
318 richard 217
	if (! $sock = @fsockopen($host, $port, $num, $error, 5)) {
218
		return false;
219
	} else {
220
		fclose($sock);
221
		return true;
222
	}
223
}
1822 raphael.pi 224
/***********************************
225
* 	Update ALCASAR_CONF_FILE   *
226
***********************************/
227
/*******************************************
228
*	Read ALCASAR_CONF_FILE Before     *
229
********************************************/
2299 tom.houday 230
$file_conf = fopen(CONF_FILE, 'r');
231
if (!$file_conf) {
232
	exit('Error opening the file '.CONF_FILE);
233
}
234
while (!feof($file_conf)) {
235
	$buffer = fgets($file_conf, 4096);
236
	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
237
		$tmp = explode('=', $buffer);
238
		$conf[trim($tmp[0])] = trim($tmp[1]);
318 richard 239
	}
240
}
2299 tom.houday 241
fclose($file_conf);
1822 raphael.pi 242
 
243
if(isset($_POST['dns1']) && preg_match($reg_ip,$_POST['dns1']))
244
{
245
	file_put_contents(CONF_FILE, str_replace('DNS1='.$conf['DNS1'],'DNS1='.$_POST['dns1']."\n",file_get_contents(CONF_FILE)));
246
	$network_modification=1;
247
}
248
if(isset($_POST['dns2']) && preg_match($reg_ip,$_POST['dns2']))
249
{
250
	file_put_contents(CONF_FILE, str_replace('DNS2='.$conf['DNS2'],'DNS2='.$_POST['dns2']."\n",file_get_contents(CONF_FILE)));
251
	$network_modification=1;
252
}
318 richard 253
 
1822 raphael.pi 254
if(isset($_POST['ip_public']) && preg_match($reg_ip_cidr,$_POST['ip_public']))
255
{
256
	file_put_contents(CONF_FILE, str_replace('PUBLIC_IP='.$conf['PUBLIC_IP'],'PUBLIC_IP='.$_POST['ip_public']."\n",file_get_contents(CONF_FILE)));
257
	$network_modification=1;
258
}
259
 
260
if(isset($_POST['ip_gw']) && preg_match($reg_ip,$_POST['ip_gw']))
261
{
262
	file_put_contents(CONF_FILE, str_replace('GW='.$conf['GW'],'GW='.$_POST['ip_gw']."\n",file_get_contents(CONF_FILE)));
263
	$network_modification=1;
264
}
265
 
266
if(isset($_POST['ip_private']) && preg_match($reg_ip_cidr,$_POST['ip_private']))
267
{
268
	file_put_contents(CONF_FILE, str_replace('PRIVATE_IP='.$conf['PRIVATE_IP'],'PRIVATE_IP='.$_POST['ip_private']."\n",file_get_contents(CONF_FILE)));
269
	$network_modification=1;
270
}
271
if($network_modification)
272
{
273
	exec("sudo /usr/local/bin/alcasar-conf.sh -apply");
274
}
275
 
276
/*******************************************
277
*	Read ALCASAR_CONF_FILE Updated     *
278
********************************************/
2299 tom.houday 279
$file_conf = fopen(CONF_FILE, 'r');
280
if (!$file_conf) {
281
	exit('Error opening the file '.CONF_FILE);
282
}
283
while (!feof($file_conf)) {
284
	$buffer = fgets($file_conf, 4096);
285
	if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
286
		$tmp = explode('=', $buffer);
287
		$conf[trim($tmp[0])] = trim($tmp[1]);
1822 raphael.pi 288
	}
289
}
2299 tom.houday 290
fclose($file_conf);
1740 richard 291
?>
292
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
841 richard 293
<html><!-- written by steweb57 & rexy -->
318 richard 294
<head>
295
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
296
<title><?php echo $l_network_title; ?></title>
335 richard 297
<link rel="stylesheet" href="/css/style.css" type="text/css">
1578 richard 298
<script type="text/javascript">
299
function MAC_Control(formulaire){
300
/*MAC control (upper case and '-' separator*/
301
	var regex1 = /^([0-9a-fA-F]{2}(-|:)){5}[0-9a-fA-F]{2}$/; //vérification adresse mac
302
	if (regex1.test(document.forms[formulaire].add_mac.value)){
303
		document.forms[formulaire].add_mac.value=document.forms[formulaire].add_mac.value.toUpperCase().replace(/:/g, '-');
304
		return true;
305
	} else {
306
		alert("Invalid MAC address");//non internationnalisé
307
		return false;
308
	}
309
}
310
</script>
318 richard 311
</head>
312
<body>
2304 tom.houday 313
<table width="100%" cellspacing="0" cellpadding="0" border="0">
353 richard 314
	<tr><th><?php echo $l_network_title; ?></th></tr>
318 richard 315
	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
316
</table>
2134 richard 317
<? echo "<form action=".$_SERVER['PHP_SELF']." method='post'>";?>
2304 tom.houday 318
<table width="100%" cellspacing="0" cellpadding="5" border="1">
318 richard 319
	<tr><td valign="middle" align="left">
320
	<fieldset>
321
	<legend><?php echo $l_internet_legend;
322
 	if (InternetTest()){
841 richard 323
		echo " <img src='/images/state_ok.gif'>";
1848 richard 324
		$IP_PUB = exec ("wget http://ipecho.net/plain -O - -o /dev/null");}
318 richard 325
	else 	{
841 richard 326
		echo " <img src='/images/state_error.gif'>";
318 richard 327
		$IP_PUB = "-.-.-.-";}
328
	?></legend>
329
	<table>
1848 richard 330
		<tr><td><?php echo $l_ip_public." : ".$IP_PUB;?></td></tr>
1822 raphael.pi 331
		<?php
2304 tom.houday 332
		echo '<tr><td>'.$l_ip_dns1.' <input style="width:120px" type="text" name="dns1" value="'.$conf['DNS1'].'" /></td></tr>';
333
		echo '<tr><td>'.$l_ip_dns2.' <input style="width:120px" type="text" name="dns2" value="'.$conf['DNS2'].'" /></td></tr>';
1822 raphael.pi 334
		?>
318 richard 335
	</table>
336
	</fieldset>
337
	</td><td>
338
	<fieldset>
2304 tom.houday 339
	<legend><?php echo $conf['EXTIF'].$l_extif_legend; ?></legend>
318 richard 340
	<table>
1822 raphael.pi 341
		<?php
2304 tom.houday 342
		echo '<tr><td>'.$l_ip_address.' <input style="width:150px" type="text" name="ip_public" value="'.$conf['PUBLIC_IP'].'" /></td></tr>';
343
		echo '<tr><td>'.$l_ip_router.' <input style="width:120px" type="text" name="ip_gw" value="'.$conf['GW'].'" /></td></tr>';
1822 raphael.pi 344
		?>
318 richard 345
	</table>
346
	</fieldset>
347
	</td><td>
348
	<fieldset>
2304 tom.houday 349
	<legend><?php echo $conf['INTIF'].$l_intif_legend; ?></legend>
318 richard 350
	<table>
1822 raphael.pi 351
	<?php
2304 tom.houday 352
	echo '<tr><td>'.$l_ip_address.'</td><td> <input style="width:150px" type="text" name="ip_private" value="'.$conf['PRIVATE_IP'].'" /></td></tr>';
1822 raphael.pi 353
	?>
318 richard 354
	</table>
355
	</fieldset>
356
	</td></tr>
2134 richard 357
	<tr><td colspan="3" align="center">
358
	<?php echo "<input type='submit' value='$l_apply'>";?>
359
	</td></tr>
318 richard 360
</table>
2134 richard 361
</form>
2304 tom.houday 362
<table width="100%" cellspacing="0" cellpadding="0" border="0">
841 richard 363
	<tr><th><?php echo $l_dhcp_title;?></th></tr>
353 richard 364
	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
318 richard 365
</table>
2304 tom.houday 366
<table width="100%" cellspacing="0" cellpadding="5" border="1">
1484 richard 367
<tr><td colspan="2" valign="middle" align="left">
841 richard 368
<?
861 richard 369
$dhcp_state=trim($conf["DHCP"]);
862 richard 370
echo "<CENTER><H3>$l_dhcp_state : ${"l_DHCP_".$dhcp_state}</H3></CENTER>";
861 richard 371
echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
372
echo "<select name='choix'>";
373
echo "<option value=\"DHCP_Off\" ";if (!strcmp($dhcp_state,"off")) echo "selected";echo ">$l_DHCP_off";
1484 richard 374
echo "<option value=\"DHCP_On\" ";if (!strcmp($dhcp_state,"on")) echo "selected";echo ">$l_DHCP_on";
861 richard 375
echo "</select>";
2016 raphael.pi 376
echo "<input type=submit value='$l_apply'>";
377
echo "<br>$l_DHCP_off_explain";
2013 raphael.pi 378
 
841 richard 379
echo "</FORM>";
380
echo "</td></tr>";
1484 richard 381
if (strncmp($conf["DHCP"],"on",2) == 0) { require ('network2.php');}
2304 tom.houday 382
else { echo "</table>"; }
1710 richard 383
$maxsize=100000;
841 richard 384
?>
1710 richard 385
 
2304 tom.houday 386
<table width="100%" cellspacing="0" cellpadding="0" border="0">
1959 richard 387
	<tr><th><?php echo $l_local_dns;?></th></tr>
388
	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
389
</table>
2304 tom.houday 390
<table width="100%" cellspacing="0" cellpadding="5" border="1">
391
<tr><td width="50%" align="center">
1959 richard 392
<?
393
echo "<FORM action='network.php' method='POST'>";
394
echo "<table cellspacing=2 cellpadding=3 border=1>";
395
echo "<tr><th>$l_host_name<th>$l_ip_address<th>$l_del</tr>";
396
// Read the "dns_local" file
397
$line_exist=False;
398
$tab=file(DNS_LOCAL_FILE);
399
if ($tab)  # not empty
400
	{
401
	foreach ($tab as $line)
402
		{
403
			if (preg_match ('/^address/', $line))
404
			{
1960 richard 405
				$line_exist=True;
1959 richard 406
				$field=explode("/", $line);
1960 richard 407
				$host_name=$field[1];
408
				$ip_addr=$field[2];
409
				echo "<tr><td>$host_name";
410
				echo "<td>$ip_addr";
1959 richard 411
				echo "<td><input type='checkbox' name='$host_name'>";
412
				echo "</tr>";
413
			}
414
		}
415
	}
416
echo "</table>";
417
if ($line_exist)
418
	{
419
	echo "<input type='hidden' name='choix' value='del_host'>";
420
	echo "<input type='submit' value='$l_apply'>";
421
	}
2304 tom.houday 422
echo "</form></td><td width=\"50%\" valign='middle' align='center'>";
1959 richard 423
echo "<FORM name='new_host' action='network.php' method='POST'>";
424
echo "<table cellspacing=2 cellpadding=3 border=1>";
425
echo "<tr><th>$l_host_name<th>$l_ip_address";
426
?>
427
<td></td></tr>
2265 richard 428
<tr><td>Ex. : my_nas</td><td>Ex. : 192.168.182.10</td><td></td></tr>
1959 richard 429
<tr><td><input type='text' name='add_host' size='17'></td>
430
<td><input type='text' name='add_ip' size='10'><input type='hidden' name='choix' value='new_host'></td>
431
<td><? echo "<input type=submit class=button value=\"$l_add_to_list\">"?></td>
432
</tr></table>
433
</form>
434
</td></tr>
435
</table>
2304 tom.houday 436
<table width="100%" cellspacing="0" cellpadding="0" border="0">
1733 richard 437
	<tr><th><?php echo $l_import_cert;?></th></tr>
1710 richard 438
	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
439
</table>
2304 tom.houday 440
<table width="100%" cellspacing="0" cellpadding="5" border="1">
441
	<tr>
442
		<td width="50%">
443
			<h3>Importer un certificat existant</h3>
2297 tom.houday 444
			<form method="post" action="network.php" enctype="multipart/form-data">
2304 tom.houday 445
			<?php echo $l_private_key;?> <input type="file" name="key"><br>
446
			<?php echo $l_certificate;?> <input type="file" name="crt"><br>
447
			<?php echo $l_server_chain;?> <input type="file" name="sc">
2297 tom.houday 448
			<input type="hidden" name="MAX_FILE_SIZE" value=<?php echo $maxsize;?>><br>
449
			<input type="submit" <?php echo "value=\"".$l_import."\""?>>
450
			</form>
1743 clement.si 451
 
2297 tom.houday 452
			<?php
453
			$certificateInfos = openssl_x509_parse(file_get_contents('/etc/pki/tls/certs/alcasar.crt'));
454
 
455
			$cert_expiration_date = date('d-m-Y H:i:s', $certificateInfos['validTo_time_t']);
456
			$domain               = $certificateInfos['subject']['CN'];
457
			$organization         = (isset($certificateInfos['subject']['O'])) ? $certificateInfos['subject']['O'] : '';
458
			$CAdomain             = $certificateInfos['issuer']['CN'];
459
			$CAorganization       = (isset($certificateInfos['issuer']['O'])) ? $certificateInfos['issuer']['O'] : '';
460
			?>
461
			<br>
462
			<h3><?= $l_current_certificate ?></h3>
463
			Expiration Date : <?= $cert_expiration_date ?><br>
464
			Common name : <?= $domain ?><br>
465
			Organization : <?= $organization ?><br/>
466
			<h4><?=  $l_validated ?></h4>
467
			Common name : <?= $CAdomain ?><br>
468
			Organization : <?= $CAorganization ?><br>
2304 tom.houday 469
 
470
			<br>
2297 tom.houday 471
			<form method="post" action="network.php">
472
			<input type="hidden" name="default">
473
			<input type="submit" <?php echo "value=\"".$l_default_cert."\""; if(!file_exists("/etc/pki/tls/certs/alcasar.crt.old") || !file_exists("/etc/pki/tls/private/alcasar.key.old")){ echo " disabled";}?>>
474
			</form>
475
		</td>
2304 tom.houday 476
		<td width="50%" valign="top">
477
			<?php
478
			// Let's Encrypt actions
479
			if ((isset($_POST['action']) && ($_POST['action'] === 'le_issueCert'))) {
480
				// TODO: check ndd & mail format
481
 
482
				$email      = $_POST['email'];
483
				$domainName = $_POST['domainname'];
484
 
485
				exec('sudo /usr/local/bin/alcasar-letsencrypt.sh --issue --email '.escapeshellarg($email).' --domain '.escapeshellarg($domainName), $output, $exitCode);
486
 
487
				$cmdResponse = implode("<br>\n", $output);
488
			}
489
			if ((isset($_POST['action']) && ($_POST['action'] === 'le_renewCert'))) {
490
				if ((isset($_POST['recheck'])) && ((!empty($_POST['recheck'])) || (!empty($_POST['recheck_force'])))) {
491
					$forceOpt = (!empty($_POST['recheck_force'])) ? ' --force' : '';
492
 
493
					exec('sudo /usr/local/bin/alcasar-letsencrypt.sh --renew' . $forceOpt, $output, $exitCode);
494
 
495
					$cmdResponse = implode("<br>\n", $output);
496
				} else if ((isset($_POST['cancel'])) && (!empty($_POST['cancel']))) {
497
					file_put_contents(LETS_ENCRYPT_FILE, preg_replace('/challenge=.*/','challenge=', file_get_contents(LETS_ENCRYPT_FILE)));
498
					file_put_contents(LETS_ENCRYPT_FILE, preg_replace('/domainRequest=.*/','domainRequest=', file_get_contents(LETS_ENCRYPT_FILE)));
499
				}
500
			}
501
 
502
			// Read Let's Encrypt configuration file
503
			$file_conf_LE = fopen(LETS_ENCRYPT_FILE, 'r');
504
			if (!$file_conf_LE) {
505
				exit('Error opening the file '.LETS_ENCRYPT_FILE);
506
			}
507
			while (!feof($file_conf_LE)) {
508
				$buffer = fgets($file_conf_LE, 4096);
509
				if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
510
					$tmp = explode('=', $buffer);
511
					$LE_conf[trim($tmp[0])] = trim($tmp[1]);
512
				}
513
			}
514
			fclose($file_conf_LE);
515
 
516
			// Get step
517
			if (empty($LE_conf['domainRequest'])) {
518
				$step = 1;
519
			} else if (!empty($LE_conf['challenge'])) {
520
				$step = 2;
521
			} else if (($domain === $LE_conf['domainRequest']) && (empty($LE_conf['challenge']))) {
522
				$step = 3;
523
			} else {
524
				$step = 1;
525
			}
526
			?>
527
			<h3>Intégration Let's Encrypt</h3>
528
			<?php if ($step === 1) : ?>
529
				<form method="post" action="network.php">
530
					<input type="hidden" name="action" value="le_issueCert">
531
					Status : Inactif<br>
532
					Email : <input type="text" name="email" placeholder="adresse@email.com"<?= ((!empty($LE_conf['email'])) ? ' value="'.$LE_conf['email'].'"' : '') ?>><br>
533
					Nom de domaine : <input type="text" name="domainname" placeholder="alcasar.domain.tld" required><br>
534
					<input type="submit" name="issue" value="Envoyer"><br>
535
				</form>
536
			<?php elseif ($step === 2): ?>
537
				<form method="post" action="network.php">
538
					<input type="hidden" name="action" value="le_renewCert">
539
					Status : En attente de validation<br>
540
					Nom de domaine : <?= $LE_conf['domainRequest'] ?><br>
541
					Demandé le : <?= date('d-m-Y H:i:s', $LE_conf['dateIssueRequest']) ?><br>
542
					Entrée DNS TXT : "<?= '_acme-challenge.'.$LE_conf['domainRequest'] ?>"<br>
543
					Challenge : "<?= $LE_conf['challenge'] ?>"<br>
544
					<input type="submit" name="recheck" value="Revérifier"> <input type="submit" name="cancel" value="Annuler"><br>
545
				</form>
546
			<?php elseif ($step === 3): ?>
547
				<form method="post" action="network.php">
548
					<input type="hidden" name="action" value="le_renewCert">
549
					Status : Actif<br>
550
					Nom de domaine : <?= $LE_conf['domainRequest'] ?><br>
551
					API :  <?= $LE_conf['dnsapi'] ?><br>
552
					Prochain renouvellement : <?= date('d-m-Y', $LE_conf['dateNextRenewal']) ?><br>
553
					<?php if ($LE_conf['dateNextRenewal'] <= date('U')): ?>
554
						<input type="submit" name="recheck" value="Renouveller"><br>
555
					<?php else: ?>
556
						<input type="submit" name="recheck_force" value="Renouveller (forcer)"><br>
557
					<?php endif; ?>
558
				</form>
559
			<?php endif; ?>
560
			<?php if (isset($cmdResponse)): ?>
561
				<p><?= $cmdResponse ?></p>
562
			<?php endif; ?>
563
		</td>
1710 richard 564
	</tr>
565
</table>
318 richard 566
</body>
567
</html>
1710 richard 568
 
569
<?php
570
if(isset($_POST['default'])){
1740 richard 571
	echo "$l_default_cert";
1733 richard 572
	exec("sudo alcasar-importcert.sh -d");
1710 richard 573
}
574
if(isset($_POST['MAX_FILE_SIZE'])){
575
	$maxsize = 100000;
576
	if(isset($_FILES['key']) && isset($_FILES['crt']) && $_FILES['key']['error'] == 0 && $_FILES['crt']['error'] == 0){
577
		$dest = "/tmp/";
578
		if($_FILES['key']['size'] <= $maxsize && $_FILES['crt']['size'] <= $maxsize)
579
		{
580
			if(pathinfo($_FILES['key']['name'])['extension'] == 'key' && pathinfo($_FILES['crt']['name'])['extension'] == 'crt')
581
			{
582
				$scpath = "";
583
				if(isset($_FILES['sc']) && pathinfo($_FILES['sc']['name'])['extension'] == 'crt')
584
				{
585
					$scpath = $dest."server-chain.crt";
1740 richard 586
					move_uploaded_file($_FILES['sc']['tmp_name'], $scpath);
1710 richard 587
				}
588
				$keypath = $dest."alcasar.key";
589
				$crtpath = $dest."alcasar.crt";
590
				move_uploaded_file($_FILES['key']['tmp_name'], $keypath);
591
				move_uploaded_file($_FILES['crt']['tmp_name'], $crtpath);
592
				exec("sudo alcasar-importcert.sh -i $crtpath -k $keypath -c $scpath");
2304 tom.houday 593
				if (file_exists($crtpath)) unlink($crtpath);
594
				if (file_exists($keypath)) unlink($keypath);
595
				if (file_exists($scpath))  unlink($scpath);
1710 richard 596
			}
597
		}
598
	}
599
}
600
?>
2013 raphael.pi 601