Subversion Repositories ALCASAR

<?php

<?php

// written by steweb57, Rexy & Tom HOUDAYER

// written by steweb57, Rexy & Tom HOUDAYER

/********************

/********************

*  READ CONF FILES  *

*  READ CONF FILES  *

	$l_add_to_list		= "Ajouter";

	$l_add_to_list		= "Ajouter";

	$l_apply		= "Appliquer les changements";

	$l_apply		= "Appliquer les changements";

	$l_local_dns		= "Résolution local de nom (DNS)";

	$l_local_dns		= "Résolution local de nom (DNS)";

	$l_import_cert		= "Import de certificat";

	$l_import_cert		= "Import de certificat";

	$l_private_key		= "Clé privée (.key) :";

	$l_private_key		= "Clé privée (.key) :";

	$l_import		= "Importer";

	$l_import		= "Importer";

	$l_current_certificate  = "Certificat actuel";

	$l_current_certificate  = "Certificat actuel";

	$l_validated		= "Validé par :";

	$l_validated		= "Validé par :";

	$l_empty		= "Vide";

	$l_empty		= "Vide";

	$l_yes			= "Oui";

	$l_yes			= "Oui";

	$l_no			= "Non";

	$l_no			= "Non";

	$l_ssl_title		= "Chiffrer les flux d'authentification entre les utilisateurs et ALCASAR";

	$l_ssl_title		= "Chiffrer les flux d'authentification entre les utilisateurs et ALCASAR";

	$l_cert_expiration	= "Date d'expiration :";

	$l_cert_expiration	= "Date d'expiration :";

	$l_cert_commonname	= "Nom commun :";

	$l_cert_commonname	= "Nom commun :";

	$l_cert_organization	= "Organisation :";

	$l_cert_organization	= "Organisation :";

	$l_le_status		= "Status :";

	$l_le_status		= "Status :";

	$l_disabled		= "Inactif";

	$l_disabled		= "Inactif";

	$l_pending_validation	= "En attente de validation";

	$l_pending_validation	= "En attente de validation";

	$l_enabled		= "Actif";

	$l_enabled		= "Actif";

	$l_le_email		= "Email :";

	$l_le_email		= "Email :";

	$l_cancel		= "Annuler";

	$l_cancel		= "Annuler";

	$l_le_api		= "API :";

	$l_le_api		= "API :";

	$l_le_next_renewal	= "Prochain renouvellement :";

	$l_le_next_renewal	= "Prochain renouvellement :";

	$l_renew		= "Renouveller";

	$l_renew		= "Renouveller";

	$l_renew_force		= "Renouveller (forcer)";

	$l_renew_force		= "Renouveller (forcer)";

} else {			// English

} else {			// English

	$l_network_title	= "Network configuration";

	$l_network_title	= "Network configuration";

	$l_internet_legend	= "INTERNET";

	$l_internet_legend	= "INTERNET";

	$l_ip_mask		= "Mask";

	$l_ip_mask		= "Mask";

	$l_ip_router		= "Gateway";

	$l_ip_router		= "Gateway";

	$l_add_to_list		= "Add";

	$l_add_to_list		= "Add";

	$l_apply		= "Apply changes";

	$l_apply		= "Apply changes";

	$l_local_dns		= "Local name resolution (DNS";

	$l_local_dns		= "Local name resolution (DNS";

	$l_import_cert		= "Certificate import";

	$l_import_cert		= "Certificate import";

	$l_private_key		= "Private key (.key) :";

	$l_private_key		= "Private key (.key) :";

	$l_import		= "Import";

	$l_import		= "Import";

	$l_current_certificate  = "Current certificate";

	$l_current_certificate  = "Current certificate";

	$l_validated		= "Validated by :";

	$l_validated		= "Validated by :";

	$l_empty		= "Empty";

	$l_empty		= "Empty";

	$l_yes			= "Yes";

	$l_yes			= "Yes";

	$l_no			= "No";

	$l_no			= "No";

	$l_ssl_title		= "Cipher authentication flows between users and ALCASAR";

	$l_ssl_title		= "Cipher authentication flows between users and ALCASAR";

	$l_cert_expiration	= "Expiration date:";

	$l_cert_expiration	= "Expiration date:";

	$l_cert_commonname	= "Common name:";

	$l_cert_commonname	= "Common name:";

	$l_cert_organization	= "Organization:";

	$l_cert_organization	= "Organization:";

	$l_le_status		= "Status:";

	$l_le_status		= "Status:";

	$l_disabled		= "Disabled";

	$l_disabled		= "Disabled";

	$l_pending_validation	= "Pending validation";

	$l_pending_validation	= "Pending validation";

	$l_enabled		= "Enabled";

	$l_enabled		= "Enabled";

	$l_le_email		= "Email:";

	$l_le_email		= "Email:";

	$l_cancel		= "Cancel";

	$l_cancel		= "Cancel";

	$l_le_api		= "API:";

	$l_le_api		= "API:";

	$l_le_next_renewal	= "Next renewal:";

	$l_le_next_renewal	= "Next renewal:";

	$l_renew		= "Renew";

	$l_renew		= "Renew";

	$l_renew_force		= "Renew (force)";

	$l_renew_force		= "Renew (force)";

}

}

$reg_ip      = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/';

$reg_ip      = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/';

$reg_ip_cidr = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/';

$reg_ip_cidr = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/';

$reg_mac     = '/^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$/';

$reg_mac     = '/^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$/';

			}

			}

		}

		}

		header('Location: '.$_SERVER['PHP_SELF']);

		header('Location: '.$_SERVER['PHP_SELF']);

		exit();

		exit();

		exec('sudo alcasar-importcert.sh -d');

		exec('sudo alcasar-importcert.sh -d');

		break;

		break;

	case 'import_cert':	// Import certificate

	case 'import_cert':	// Import certificate

		$maxsize = 100000;

		$maxsize = 100000;

		if (isset($_FILES['key']) && isset($_FILES['crt']) && ($_FILES['key']['error'] == 0) && ($_FILES['crt']['error'] == 0)) {

		if (isset($_FILES['key']) && isset($_FILES['crt']) && ($_FILES['key']['error'] == 0) && ($_FILES['crt']['error'] == 0)) {

			if ($_FILES['key']['size'] <= $maxsize && $_FILES['crt']['size'] <= $maxsize) {

			if ($_FILES['key']['size'] <= $maxsize && $_FILES['crt']['size'] <= $maxsize) {

				if (pathinfo($_FILES['key']['name'])['extension'] == 'key' && ((pathinfo($_FILES['crt']['name'])['extension'] == 'crt') || (pathinfo($_FILES['crt']['name'])['extension'] == 'cer'))) {

				if (pathinfo($_FILES['key']['name'])['extension'] == 'key' && ((pathinfo($_FILES['crt']['name'])['extension'] == 'crt') || (pathinfo($_FILES['crt']['name'])['extension'] == 'cer'))) {

					$dest = '/tmp/';

					$dest = '/tmp/';

					$scpath = '';

					$scpath = '';

						move_uploaded_file($_FILES['sc']['tmp_name'], $scpath);

						move_uploaded_file($_FILES['sc']['tmp_name'], $scpath);

					}

					}

					$keypath = $dest.'alcasar.key';

					$keypath = $dest.'alcasar.key';

					$crtpath = $dest.'alcasar.crt';

					$crtpath = $dest.'alcasar.crt';

					move_uploaded_file($_FILES['key']['tmp_name'], $keypath);

					move_uploaded_file($_FILES['key']['tmp_name'], $keypath);

}

}

// Let's Encrypt actions

// Let's Encrypt actions

if ($choix === 'le_issueCert') {

if ($choix === 'le_issueCert') {

	// TODO: check ndd & mail format

	// TODO: check ndd & mail format

	$email      = $_POST['email'];

	$email      = $_POST['email'];

	$domainName = $_POST['domainname'];

	$domainName = $_POST['domainname'];

	exec('sudo /usr/local/bin/alcasar-letsencrypt.sh --issue --email '.escapeshellarg($email).' --domain '.escapeshellarg($domainName), $output, $exitCode);

	exec('sudo /usr/local/bin/alcasar-letsencrypt.sh --issue --email '.escapeshellarg($email).' --domain '.escapeshellarg($domainName), $output, $exitCode);

	$cmdResponse = implode("<br>\n", $output);

	$cmdResponse = implode("<br>\n", $output);

}

}

if ($choix === 'le_renewCert') {

if ($choix === 'le_renewCert') {

	if ((isset($_POST['recheck'])) && ((!empty($_POST['recheck'])) || (!empty($_POST['recheck_force'])))) {

	if ((isset($_POST['recheck'])) && ((!empty($_POST['recheck'])) || (!empty($_POST['recheck_force'])))) {

		$forceOpt = (!empty($_POST['recheck_force'])) ? ' --force' : '';

		$forceOpt = (!empty($_POST['recheck_force'])) ? ' --force' : '';

		file_put_contents(LETS_ENCRYPT_FILE, preg_replace('/challenge=.*/','challenge=', file_get_contents(LETS_ENCRYPT_FILE)));

		file_put_contents(LETS_ENCRYPT_FILE, preg_replace('/challenge=.*/','challenge=', file_get_contents(LETS_ENCRYPT_FILE)));

		file_put_contents(LETS_ENCRYPT_FILE, preg_replace('/domainRequest=.*/','domainRequest=', file_get_contents(LETS_ENCRYPT_FILE)));

		file_put_contents(LETS_ENCRYPT_FILE, preg_replace('/domainRequest=.*/','domainRequest=', file_get_contents(LETS_ENCRYPT_FILE)));

	}

	}

}

}

// Read Let's Encrypt configuration file

// Read Let's Encrypt configuration file

$file_conf_LE = fopen(LETS_ENCRYPT_FILE, 'r');

$file_conf_LE = fopen(LETS_ENCRYPT_FILE, 'r');

if (!$file_conf_LE) {

if (!$file_conf_LE) {

	exit('Error opening the file '.LETS_ENCRYPT_FILE);

	exit('Error opening the file '.LETS_ENCRYPT_FILE);

}

}

		$LE_conf[trim($tmp[0])] = trim($tmp[1]);

		$LE_conf[trim($tmp[0])] = trim($tmp[1]);

	}

	}

}

}

fclose($file_conf_LE);

fclose($file_conf_LE);

// Fonction de test de connectivité internet

// Fonction de test de connectivité internet

function internetTest() {

function internetTest() {

	$host = 'www.google.fr'; # Google Test

	$host = 'www.google.fr'; # Google Test

	$port = '80';

	$port = '80';

	curl_close($ch);

	curl_close($ch);

} else {

} else {

	$internet_publicIP = '-.-.-.-';

	$internet_publicIP = '-.-.-.-';

}

}

// Network interfaces

// Network interfaces

$interfacesIgnored = ['lo', 'tun[0-9]*', $conf['EXTIF'], $conf['INTIF']];

$interfacesIgnored = ['lo', 'tun[0-9]*', $conf['EXTIF'], $conf['INTIF']];

exec("ip -o link show | awk -F': ' '{print $2}' | sed '/^" . implode('\\|', $interfacesIgnored) . "$/d'", $interfacesAvailable);

exec("ip -o link show | awk -F': ' '{print $2}' | sed '/^" . implode('\\|', $interfacesIgnored) . "$/d'", $interfacesAvailable);

// TODO: Pending the next version

// TODO: Pending the next version

		'ip'        => $conf['PRIVATE_IP']

		'ip'        => $conf['PRIVATE_IP']

	]

	]

];

];

?>

?>

<html>

<html>

<head>

<head>

	<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

	<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

	<title><?= $l_network_title ?></title>

	<title><?= $l_network_title ?></title>

	<link rel="stylesheet" href="/css/style.css" type="text/css">

	<link rel="stylesheet" href="/css/style.css" type="text/css">

	</script>

	</script>

</head>

</head>

<body>

<body>

	<div class="panel">

<div class="panel">

		<div class="panel-header"><?= $l_network_title ?></div>

	<div class="panel-header"><?= $l_network_title ?></div>

			<form action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>" method="post">

		<form action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>" method="post">

				<div class="network-configurator">

			<div class="network-configurator">

					<div class="internet">

				<div class="internet">

						<div data-network-type="internet">

					<div data-network-type="internet">

							<div class="network-box">

						<div class="network-box">

				</div>

			</div>

			</form>

		</form>

		</div>

	</div>

	</div>

</div>

	<br>

<br>

<table width="100%" cellspacing="0" cellpadding="5" border="1">

<table width="100%" cellspacing="0" cellpadding="5" border="1">

	<tr><td width="50%" align="center" valign="middle">

	<tr><td width="50%" align="center" valign="middle">

		<form action="network.php" method="POST">

		<form action="network.php" method="POST">

		<table cellspacing="2" cellpadding="3" border="1">

		<table cellspacing="2" cellpadding="3" border="1">

		<tr><th><?= $l_mac_address ?></th><th><?= $l_ip_address ?></th><th>Info<th><?= $l_del ?></th></tr>

		<tr><th><?= $l_mac_address ?></th><th><?= $l_ip_address ?></th><th>Info<th><?= $l_del ?></th></tr>

			</tr></table>

			</tr></table>

		</form>

		</form>

	</td></tr>

	</td></tr>

</table>

</table>

<br>

<br>

<table width="100%" cellspacing="0" cellpadding="5" border="1">

<table width="100%" cellspacing="0" cellpadding="5" border="1">

	<tr>

	<tr>

		<td width="50%" align="center">

		<td width="50%" align="center">

			<form action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>" method="POST">

			<form action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>" method="POST">

			<table cellspacing="2" cellpadding="3" border="1">

			<table cellspacing="2" cellpadding="3" border="1">

			</form>

			</form>

		</td>

		</td>

	</tr>

	</tr>

</table>

</table>

<br>

<br>

		<form method="post" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>">

		<form method="post" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>">

		<input type="hidden" name="choix" value="https_login">

		<input type="hidden" name="choix" value="https_login">

		<select name="https_login">

		<select name="https_login">

			<option value="on"<?=  (($conf['HTTPS_LOGIN'] === 'on')  ? ' selected' : '') ?>><?= $l_yes ?></option>

			<option value="on"<?=  (($conf['HTTPS_LOGIN'] === 'on')  ? ' selected' : '') ?>><?= $l_yes ?></option>

			<option value="off"<?= (($conf['HTTPS_LOGIN'] === 'off') ? ' selected' : '') ?>><?= $l_no ?></option>

			<option value="off"<?= (($conf['HTTPS_LOGIN'] === 'off') ? ' selected' : '') ?>><?= $l_no ?></option>

		</select>

		</select>

		<input type="submit" value="<?= $l_apply ?>"><br>

		<input type="submit" value="<?= $l_apply ?>"><br>

		</form>

		</form>

		<br>

<br>

			<?php

			<?php

			$certificateInfos = openssl_x509_parse(file_get_contents('/etc/pki/tls/certs/alcasar.crt'));

			$certificateInfos = openssl_x509_parse(file_get_contents('/etc/pki/tls/certs/alcasar.crt'));

			$cert_expiration_date = date('d-m-Y H:i:s', $certificateInfos['validTo_time_t']);

			$cert_expiration_date = date('d-m-Y H:i:s', $certificateInfos['validTo_time_t']);

			$domain               = $certificateInfos['subject']['CN'];

			$domain               = $certificateInfos['subject']['CN'];

			$organization         = (isset($certificateInfos['subject']['O'])) ? $certificateInfos['subject']['O'] : '';

			$organization         = (isset($certificateInfos['subject']['O'])) ? $certificateInfos['subject']['O'] : '';

			$CAdomain             = $certificateInfos['issuer']['CN'];

			$CAdomain             = $certificateInfos['issuer']['CN'];

			$CAorganization       = (isset($certificateInfos['issuer']['O'])) ? $certificateInfos['issuer']['O'] : '';

			$CAorganization       = (isset($certificateInfos['issuer']['O'])) ? $certificateInfos['issuer']['O'] : '';

			?>

			?>

			<h3><?= $l_current_certificate ?></h3>

			<h3><?= $l_current_certificate ?></h3>

			<h3><?= $l_upload_certificate ?></h3>

			<h3><?= $l_upload_certificate ?></h3>

			<form method="post" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>" enctype="multipart/form-data">

			<form method="post" action="<?= htmlspecialchars($_SERVER['PHP_SELF']) ?>" enctype="multipart/form-data">

				<?= $l_private_key;?> <input type="file" name="key"><br>

				<?= $l_private_key;?> <input type="file" name="key"><br>

				<?= $l_certificate;?> <input type="file" name="crt"><br>

				<?= $l_certificate;?> <input type="file" name="crt"><br>

				<?= $l_server_chain;?> <input type="file" name="sc"><br>

				<?= $l_server_chain;?> <input type="file" name="sc"><br>

				<input type="hidden" name="choix" value="import_cert">

				<input type="hidden" name="choix" value="import_cert">

				<input type="submit" value="<?= $l_import ?>">

				<input type="submit" value="<?= $l_import ?>">

			</form>

			</form>

			<?php

			<?php

			// Get step

			// Get step

			if (empty($LE_conf['domainRequest'])) {

			if (empty($LE_conf['domainRequest'])) {

				$step = 1;

				$step = 1;

			} else if (!empty($LE_conf['challenge'])) {

			} else if (!empty($LE_conf['challenge'])) {

				</form>

				</form>

			<?php endif; ?>

			<?php endif; ?>

			<?php if (isset($cmdResponse)): ?>

			<?php if (isset($cmdResponse)): ?>

				<p><?= $cmdResponse ?></p>

				<p><?= $cmdResponse ?></p>

			<?php endif; ?>

			<?php endif; ?>

</body>

</body>

</html>

</html>