WebSVN – ALCASAR – Diff – /web/acc/admin/network.php

 <?php
+# $Id: network.php 2304 2017-06-26 12:56:14Z tom.houdayer $
 /* written by steweb57 & Rexy */
 /********************
 * READ CONF FILES   *
 *********************/
 define ("CONF_FILE", "/usr/local/etc/alcasar.conf");
 define ("ETHERS_FILE", "/usr/local/etc/alcasar-ethers");
 define ("ETHERS_INFO_FILE", "/usr/local/etc/alcasar-ethers-info");
 define ("DNS_LOCAL_FILE", "/usr/local/etc/alcasar-dns-name");
+define('LETS_ENCRYPT_FILE', '/usr/local/etc/alcasar-letsencrypt');
-$conf_files=array(CONF_FILE,ETHERS_FILE,ETHERS_INFO_FILE,DNS_LOCAL_FILE);
+$conf_files=array(CONF_FILE,ETHERS_FILE,ETHERS_INFO_FILE,DNS_LOCAL_FILE, LETS_ENCRYPT_FILE);
 $reg_ip = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/';
 $reg_ip_cidr = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/';
 $network_modification=0;
 foreach ($conf_files as $file){
 if (!file_exists($file)){
 	$l_ip_dns2		= "DNS2";
 	$l_dhcp_title		= "Service DHCP";
 	$l_dhcp_state		= "Mode actuel";
 	$l_DHCP_on		= "actif";
 	$l_DHCP_off		= "inactif";
-	$l_DHCP_off_explain	= "! Avant d'arrêter le serveur DHCP, vous devez renseigner les paramètres d'un serveur externe (cf. documentation).";
+	$l_DHCP_off_explain	= "/!\\ Avant d'arrêter le serveur DHCP, vous devez renseigner les paramètres d'un serveur externe (cf. documentation).";
 	$l_static_dhcp_title	= "Réservation d'adresses IP statiques";
 	$l_mac_address		= "Adresse MAC";
 	$l_ip_address		= "Adresse IP";
 	$l_host_name		= "Nom d'hôte";
 	$l_del			= "Supprimer de la liste";
 	$l_ip_dns2		= "DNS2";
 	$l_dhcp_title		= "DHCP service";
 	$l_dhcp_state		= "Current mode";
 	$l_DHCP_on		= "enabled";
 	$l_DHCP_off		= "disabled";
-	$l_DHCP_off_explain	= "! Before disabling the DHCP server, you must write the extern DHCP parameters in the config file (see Documentation)";
+	$l_DHCP_off_explain	= "/!\\ Before disabling the DHCP server, you must write the extern DHCP parameters in the config file (see Documentation)";
 	$l_static_dhcp_title	= "Static IP addresses reservation";
 	$l_mac_address		= "MAC Address";
 	$l_ip_address		= "IP Address";
 	$l_host_name		= "Host name";
 	$l_del			= "Delete from list";
+	}
+}
 </script>
 </head>
 <body>
-<table width="100%" border="0" cellspacing="0" cellpadding="0">
+<table width="100%" cellspacing="0" cellpadding="0" border="0">
 	<tr><th><?php echo $l_network_title; ?></th></tr>
 	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
 </table>
 <? echo "<form action=".$_SERVER['PHP_SELF']." method='post'>";?>
-<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>
+<table width="100%" cellspacing="0" cellpadding="5" border="1">
 	<tr><td valign="middle" align="left">
 	<fieldset>
 	<legend><?php echo $l_internet_legend;
  	if (InternetTest()){
 		echo " <img src='/images/state_ok.gif'>";
 		$IP_PUB = "-.-.-.-";}
 	?></legend>
 	<table>
 		<tr><td><?php echo $l_ip_public." : ".$IP_PUB;?></td></tr>
 		<?php
-		echo "<tr><td>".$l_ip_dns1." <input style='width:120px' type='text' name='dns1' value=".$conf["DNS1"]."/></td></tr>";
+		echo '<tr><td>'.$l_ip_dns1.' <input style="width:120px" type="text" name="dns1" value="'.$conf['DNS1'].'" /></td></tr>';
-		echo "<tr><td>".$l_ip_dns2." <input style='width:120px' type='text' name='dns2' value=".$conf["DNS2"]."/></td></tr>";
+		echo '<tr><td>'.$l_ip_dns2.' <input style="width:120px" type="text" name="dns2" value="'.$conf['DNS2'].'" /></td></tr>';
 		?>
 	</table>
 	</fieldset>
 	</td><td>
 	<fieldset>
-	<legend><?php echo $conf["EXTIF"].$l_extif_legend; ?></legend>
+	<legend><?php echo $conf['EXTIF'].$l_extif_legend; ?></legend>
 	<table>
 		<?php
-		echo "<tr><td>".$l_ip_address." <input style='width:150px' type='text' name='ip_public' value=".$conf['PUBLIC_IP']."/></td></tr>";
+		echo '<tr><td>'.$l_ip_address.' <input style="width:150px" type="text" name="ip_public" value="'.$conf['PUBLIC_IP'].'" /></td></tr>';
-		echo "<tr><td>".$l_ip_router." <input style='width:120px' type='text' name='ip_gw' value=".$conf['GW']."/></td></tr>";
+		echo '<tr><td>'.$l_ip_router.' <input style="width:120px" type="text" name="ip_gw" value="'.$conf['GW'].'" /></td></tr>';
 		?>
 	</table>
 	</fieldset>
 	</td><td>
 	<fieldset>
-	<legend><?php echo $conf["INTIF"].$l_intif_legend; ?></legend>
+	<legend><?php echo $conf['INTIF'].$l_intif_legend; ?></legend>
 	<table>
 	<?php
-	echo "<tr><td>".$l_ip_address."</td><td> <input style='width:150px' type='text' name='ip_private' value=".$conf['PRIVATE_IP']." /></td></tr>";
+	echo '<tr><td>'.$l_ip_address.'</td><td> <input style="width:150px" type="text" name="ip_private" value="'.$conf['PRIVATE_IP'].'" /></td></tr>';
 	?>
 	</table>
 	</fieldset>
 	</td></tr>
 	<tr><td colspan="3" align="center">
 	<?php echo "<input type='submit' value='$l_apply'>";?>
 	</td></tr>
 </table>
 </form>
-<table width="100%" border="0" cellspacing="0" cellpadding="0">
+<table width="100%" cellspacing="0" cellpadding="0" border="0">
 	<tr><th><?php echo $l_dhcp_title;?></th></tr>
 	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
 </table>
-<table width="100%" border=1 cellspacing=0 cellpadding=0>
+<table width="100%" cellspacing="0" cellpadding="5" border="1">
 <tr><td colspan="2" valign="middle" align="left">
 <?
 $dhcp_state=trim($conf["DHCP"]);
 echo "<CENTER><H3>$l_dhcp_state : ${"l_DHCP_".$dhcp_state}</H3></CENTER>";
 echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";
 echo "<br>$l_DHCP_off_explain";
 echo "</FORM>";
 echo "</td></tr>";
 if (strncmp($conf["DHCP"],"on",2) == 0) { require ('network2.php');}
-else { echo "</TABLE>"; }
+else { echo "</table>"; }
 $maxsize=100000;
 ?>
-<table width="100%" border="0" cellspacing="0" cellpadding="0">
+<table width="100%" cellspacing="0" cellpadding="0" border="0">
 	<tr><th><?php echo $l_local_dns;?></th></tr>
 	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
 </table>
-<table width="100%" border="1" cellspacing="0" cellpadding="0">
+<table width="100%" cellspacing="0" cellpadding="5" border="1">
-<tr><td colspan=2 align="center">
+<tr><td width="50%" align="center">
 <?
 echo "<FORM action='network.php' method='POST'>";
 echo "<table cellspacing=2 cellpadding=3 border=1>";
 echo "<tr><th>$l_host_name<th>$l_ip_address<th>$l_del</tr>";
 // Read the "dns_local" file
 if ($line_exist)
+	{
 	echo "<input type='hidden' name='choix' value='del_host'>";
 	echo "<input type='submit' value='$l_apply'>";
+	}
-echo "</form></td><td valign='middle' align='center'>";
+echo "</form></td><td width=\"50%\" valign='middle' align='center'>";
 echo "<FORM name='new_host' action='network.php' method='POST'>";
 echo "<table cellspacing=2 cellpadding=3 border=1>";
 echo "<tr><th>$l_host_name<th>$l_ip_address";
 ?>
 <td></td></tr>
 <td><? echo "<input type=submit class=button value=\"$l_add_to_list\">"?></td>
 </tr></table>
 </form>
 </td></tr>
 </table>
-<table width="100%" border="0" cellspacing="0" cellpadding="0">
+<table width="100%" cellspacing="0" cellpadding="0" border="0">
 	<tr><th><?php echo $l_import_cert;?></th></tr>
 	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>
 </table>
-<table width="100%" border="1" cellspacing="0" cellpadding="0">
+<table width="100%" cellspacing="0" cellpadding="5" border="1">
-	<tr><td>
+	<tr>
+		<td width="50%">
+			<h3>Importer un certificat existant</h3>
 			<form method="post" action="network.php" enctype="multipart/form-data">
-			<?php echo $l_private_key;?><input type="file" name="key"><br>
+			<?php echo $l_private_key;?> <input type="file" name="key"><br>
-			<?php echo $l_certificate;?><input type="file" name="crt"><br>
+			<?php echo $l_certificate;?> <input type="file" name="crt"><br>
-			<?php echo $l_server_chain;?><input type="file" name="sc">
+			<?php echo $l_server_chain;?> <input type="file" name="sc">
 			<input type="hidden" name="MAX_FILE_SIZE" value=<?php echo $maxsize;?>><br>
 			<input type="submit" <?php echo "value=\"".$l_import."\""?>>
 			</form>
 			<?php
 			Common name : <?= $domain ?><br>
 			Organization : <?= $organization ?><br/>
 			<h4><?=  $l_validated ?></h4>
 			Common name : <?= $CAdomain ?><br>
 			Organization : <?= $CAorganization ?><br>
-			</td><td>
+			<br>
 			<form method="post" action="network.php">
 			<input type="hidden" name="default">
 			<input type="submit" <?php echo "value=\"".$l_default_cert."\""; if(!file_exists("/etc/pki/tls/certs/alcasar.crt.old") || !file_exists("/etc/pki/tls/private/alcasar.key.old")){ echo " disabled";}?>>
 			</form>
 		</td>
+		<td width="50%" valign="top">
+			<?php
+			// Let's Encrypt actions
+			if ((isset($_POST['action']) && ($_POST['action'] === 'le_issueCert'))) {
+				// TODO: check ndd & mail format
+				$email      = $_POST['email'];
+				$domainName = $_POST['domainname'];
+				exec('sudo /usr/local/bin/alcasar-letsencrypt.sh --issue --email '.escapeshellarg($email).' --domain '.escapeshellarg($domainName), $output, $exitCode);
+				$cmdResponse = implode("<br>\n", $output);
+			}
+			if ((isset($_POST['action']) && ($_POST['action'] === 'le_renewCert'))) {
+				if ((isset($_POST['recheck'])) && ((!empty($_POST['recheck'])) || (!empty($_POST['recheck_force'])))) {
+					$forceOpt = (!empty($_POST['recheck_force'])) ? ' --force' : '';
+					exec('sudo /usr/local/bin/alcasar-letsencrypt.sh --renew' . $forceOpt, $output, $exitCode);
+					$cmdResponse = implode("<br>\n", $output);
+				} else if ((isset($_POST['cancel'])) && (!empty($_POST['cancel']))) {
+					file_put_contents(LETS_ENCRYPT_FILE, preg_replace('/challenge=.*/','challenge=', file_get_contents(LETS_ENCRYPT_FILE)));
+					file_put_contents(LETS_ENCRYPT_FILE, preg_replace('/domainRequest=.*/','domainRequest=', file_get_contents(LETS_ENCRYPT_FILE)));
+				}
+			}
+			// Read Let's Encrypt configuration file
+			$file_conf_LE = fopen(LETS_ENCRYPT_FILE, 'r');
+			if (!$file_conf_LE) {
+				exit('Error opening the file '.LETS_ENCRYPT_FILE);
+			}
+			while (!feof($file_conf_LE)) {
+				$buffer = fgets($file_conf_LE, 4096);
+				if ((strpos($buffer, '=') !== false) && (substr($buffer, 0, 1) !== '#')) {
+					$tmp = explode('=', $buffer);
+					$LE_conf[trim($tmp[0])] = trim($tmp[1]);
+				}
+			}
+			fclose($file_conf_LE);
+			// Get step
+			if (empty($LE_conf['domainRequest'])) {
+				$step = 1;
+			} else if (!empty($LE_conf['challenge'])) {
+				$step = 2;
+			} else if (($domain === $LE_conf['domainRequest']) && (empty($LE_conf['challenge']))) {
+				$step = 3;
+			} else {
+				$step = 1;
+			}
+			?>
+			<h3>Intégration Let's Encrypt</h3>
+			<?php if ($step === 1) : ?>
+				<form method="post" action="network.php">
+					<input type="hidden" name="action" value="le_issueCert">
+					Status : Inactif<br>
+					Email : <input type="text" name="email" placeholder="adresse@email.com"<?= ((!empty($LE_conf['email'])) ? ' value="'.$LE_conf['email'].'"' : '') ?>><br>
+					Nom de domaine : <input type="text" name="domainname" placeholder="alcasar.domain.tld" required><br>
+					<input type="submit" name="issue" value="Envoyer"><br>
+				</form>
+			<?php elseif ($step === 2): ?>
+				<form method="post" action="network.php">
+					<input type="hidden" name="action" value="le_renewCert">
+					Status : En attente de validation<br>
+					Nom de domaine : <?= $LE_conf['domainRequest'] ?><br>
+					Demandé le : <?= date('d-m-Y H:i:s', $LE_conf['dateIssueRequest']) ?><br>
+					Entrée DNS TXT : "<?= '_acme-challenge.'.$LE_conf['domainRequest'] ?>"<br>
+					Challenge : "<?= $LE_conf['challenge'] ?>"<br>
+					<input type="submit" name="recheck" value="Revérifier"> <input type="submit" name="cancel" value="Annuler"><br>
+				</form>
+			<?php elseif ($step === 3): ?>
+				<form method="post" action="network.php">
+					<input type="hidden" name="action" value="le_renewCert">
+					Status : Actif<br>
+					Nom de domaine : <?= $LE_conf['domainRequest'] ?><br>
+					API :  <?= $LE_conf['dnsapi'] ?><br>
+					Prochain renouvellement : <?= date('d-m-Y', $LE_conf['dateNextRenewal']) ?><br>
+					<?php if ($LE_conf['dateNextRenewal'] <= date('U')): ?>
+						<input type="submit" name="recheck" value="Renouveller"><br>
+					<?php else: ?>
+						<input type="submit" name="recheck_force" value="Renouveller (forcer)"><br>
+					<?php endif; ?>
+				</form>
+			<?php endif; ?>
+			<?php if (isset($cmdResponse)): ?>
+				<p><?= $cmdResponse ?></p>
+			<?php endif; ?>
+		</td>
 	</tr>
 </table>
 </body>
 </html>
 if(isset($_POST['default'])){
 	echo "$l_default_cert";
 	exec("sudo alcasar-importcert.sh -d");
+}
 if(isset($_POST['MAX_FILE_SIZE'])){
-	echo "changement";
 	$maxsize = 100000;
 	if(isset($_FILES['key']) && isset($_FILES['crt']) && $_FILES['key']['error'] == 0 && $_FILES['crt']['error'] == 0){
 		$dest = "/tmp/";
 		if($_FILES['key']['size'] <= $maxsize && $_FILES['crt']['size'] <= $maxsize)
+		{
 				$keypath = $dest."alcasar.key";
 				$crtpath = $dest."alcasar.crt";
 				move_uploaded_file($_FILES['key']['tmp_name'], $keypath);
 				move_uploaded_file($_FILES['crt']['tmp_name'], $crtpath);
 				exec("sudo alcasar-importcert.sh -i $crtpath -k $keypath -c $scpath");
+				if (file_exists($crtpath)) unlink($crtpath);
+				if (file_exists($keypath)) unlink($keypath);
+				if (file_exists($scpath))  unlink($scpath);
+			}
+		}
+	}
+}
 ?>

Subversion Repositories ALCASAR

(root)/web/acc/admin/network.php – Rev 2299 → 2304