Subversion Repositories ALCASAR

<?php

/* written by steweb57 & Rexy */

/********************

* TEST CONF FILES   *

*********************/

define ("CONF_FILE", "/usr/local/etc/alcasar.conf");

define ("ETHERS_FILE", "/usr/local/etc/alcasar-ethers");

$conf_files=array(CONF_FILE,ETHERS_FILE);

foreach ($conf_files as $file){

if (!file_exists($file)){

	exit("Requested file ".$file." isn't present");}

if (!is_readable($file)){

	exit("Can't read the file ".$file);}

}

# Choice of language

$Language = 'en';

if(isset($_SERVER['HTTP_ACCEPT_LANGUAGE'])){

	$Langue		= explode(",",$_SERVER['HTTP_ACCEPT_LANGUAGE']);

	$Language	= strtolower(substr(chop($Langue[0]),0,2)); }

if($Language == 'fr'){

	$l_network_title	= "Configuration réseau";

	$l_extif_legend		= " (Interface connectée à Internet)";

	$l_intif_legend		= " (Réseau de consultation)";

	$l_internet_legend	= "INTERNET";

	$l_ip_adr		= "Adresse IP";

	$l_ip_mask		= "Masque";

	$l_ip_router		= "Passerelle";

	$l_ip_public		= "Adresse IP publique";

	$l_ip_dns1		= "DNS1";

	$l_ip_dns2		= "DNS2";

	$l_dhcp_title		= "Service DHCP";

	$l_dhcp_state		= "Mode actuel";

	$l_DHCP_on		= "actif";

	$l_DHCP_off		= "inactif";

	$l_DHCP_off_explain	= "! Avant d'arrêter le serveur DHCP, vous devez renseigner les paramètres d'un serveur externe (cf. documentation).";

	$l_static_dhcp_title	= "Réservation d'adresses IP statiques";

	$l_mac_address		= "Adresse MAC";

	$l_ip_address		= "Adresse IP";

	$l_mac_del		= "Supprimer de la liste";

	$l_add_to_list		= "Ajouter";

	$l_apply		= "Appliquer les changements";

	$l_import_cert		= "Import de certificat";

	$l_private_key		= "Clé privée (.key) :";

	$l_certificate		= "Certificat (.crt) :";

	$l_server_chain		= "Chaîne de certification (si nécéssaire : .crt) :";

	$l_default_cert		= "Revenir au certificat d'origine";

	$l_import		= "Importer";

	$l_current_certificate  = "Certificat actuel";

	$l_validated		= "Validé par :";

} else {

	$l_network_title	= "Network configuration";

	$l_extif_legend		= " (Internet connected interface)";

	$l_intif_legend		= " (Private network)";

	$l_internet_legend	= "INTERNET";

	$l_ip_adr		= "IP Address";

	$l_ip_mask		= "Mask";

	$l_ip_router		= "Gateway";

	$l_ip_public		= "Public IP address";

	$l_ip_dns1		= "DNS1";

	$l_ip_dns2		= "DNS2";

	$l_dhcp_title		= "DHCP service";

	$l_dhcp_state		= "Current mode";

	$l_DHCP_on		= "enabled";

	$l_DHCP_off		= "disabled";

	$l_DHCP_off_explain	= "! Before disabling the DHCP server, you must write the extern DHCP parameters in the config file (see Documentation)";

	$l_static_dhcp_title	= "Static IP addresses reservation";

	$l_mac_address		= "MAC Address";

	$l_ip_address		= "IP Address";

	$l_mac_del		= "Delete from list";

	$l_add_to_list		= "Add";

	$l_apply		= "Apply changes";

	$l_import_cert		= "Certificate import";

	$l_private_key		= "Private key (.key) :";

	$l_certificate		= "Certificate (.crt) :";

	$l_server_chain		= "Server-chain (if necessary : .crt) :";

	$l_default_cert		= "Back to default certificate";

	$l_import		= "Import";

	$l_current_certificate  = "Current certificate";

	$l_validated		= "Validated by :";

}

if (isset($_POST['choix'])){$choix=$_POST['choix'];} else {$choix="";}

switch ($choix)

{

case 'DHCP_On' :

	exec ("sudo /usr/local/sbin/alcasar-dhcp.sh -on");

	break;

case 'DHCP_Off' :

	exec ("sudo /usr/local/sbin/alcasar-dhcp.sh -off");

	break;

case 'new_mac' :

	if ((trim($_POST['add_mac']) != "") and (trim($_POST['add_ip']) != ""))

		{

		$tab=file(ETHERS_FILE);

		$insert="True";

		if ($tab)  # the file isn't empty

			{

			foreach ($tab as $line)  # verify that MAC or IP addresses doesn't exist

				{

				$field=explode(" ", $line);

				$mac_addr=trim($field[0]);$ip_addr=trim($field[1]);

				if (strcasecmp(trim($_POST['add_mac']),trim($mac_addr)) == 0)

					{

					$insert="False";

					break;

					}

				if (strcasecmp(trim($_POST['add_ip']), trim($ip_addr)) == 0)

					{

					$insert="False";

					break;

					}

				}

			}

		if ($insert == "True")

			{

			$line = trim($_POST['add_mac']) . " " . trim($_POST['add_ip']) . "\n";

			$pointeur=fopen(ETHERS_FILE,"a");

			fwrite ($pointeur, $line);

			fclose ($pointeur);

			exec ("sudo /usr/bin/systemctl reload chilli");

			}

		}

	break;

case 'del_mac' :

	$tab=file(ETHERS_FILE);

	if ($tab)

		{

		$pointeur=fopen(ETHERS_FILE,"w+");

		foreach ($tab as $line)

			{

			$field=explode(" ", $line);

			$mac_addr=trim($field[0]);

			$remove_line = False;

			foreach ($_POST as $key => $value)

				{

				if ($mac_addr == $key)

			       		{

					$remove_line = True;

					break;

					}

				}

			if (! $remove_line) {fwrite($pointeur,$line);}

			}

		fclose($pointeur);

		exec ("sudo /usr/bin/systemctl reload chilli");

		}

	break;

}

// Fonction de test de connectivité internet

function internetTest(){

	$host = "www.google.fr"; # Google Test

	$port = "80";

	//var $num;	//not used

	//var $error;	//not used

	if (! $sock = @fsockopen($host, $port, $num, $error, 5)) {

		return false;

	} else {

		fclose($sock);

		return true;

	}

}

/***********************************

*	Read ALCASAR_CONF_FILE     *

************************************/

$ouvre=fopen(CONF_FILE,"r");

if ($ouvre){

	while (!feof ($ouvre))

	{

		$tampon = fgets($ouvre, 4096);

		if (strpos($tampon,"=")!==false){

			$tmp = explode("=",$tampon);

			$conf[$tmp[0]] = $tmp[1];

		}

	}

}else{

	exit("Erreur d'ouverture du fichier ".CONF_FILE);

}

fclose($ouvre);

/************************

*	TO DO		*

*************************/

//modification de la conf réseau  --> V3.0

?>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

<html><!-- written by steweb57 & rexy -->

<head>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8">

<title><?php echo $l_network_title; ?></title>

<link rel="stylesheet" href="/css/style.css" type="text/css">

<script type="text/javascript">

function MAC_Control(formulaire){

/*MAC control (upper case and '-' separator*/

	var regex1 = /^([0-9a-fA-F]{2}(-|:)){5}[0-9a-fA-F]{2}$/; //vérification adresse mac

	if (regex1.test(document.forms[formulaire].add_mac.value)){

		document.forms[formulaire].add_mac.value=document.forms[formulaire].add_mac.value.toUpperCase().replace(/:/g, '-');

		return true;

	} else {

		alert("Invalid MAC address");//non internationnalisé

		return false;

	}

}

</script>

</head>

<body>

<table width="100%" border="0" cellspacing="0" cellpadding="0">

	<tr><th><?php echo $l_network_title; ?></th></tr>

	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>

</table>

<TABLE width="100%" border=1 cellspacing=0 cellpadding=1>

	<tr><td valign="middle" align="left">

	<fieldset>

	<legend><?php echo $l_internet_legend;

 	if (InternetTest()){

		echo " <img src='/images/state_ok.gif'>";

		$IP_PUB = exec ("wget http://checkip.dyndns.org/ -O - -o /dev/null | cut -d: -f 2 | cut -d\< -f 1");}

	else 	{

		echo " <img src='/images/state_error.gif'>";

		$IP_PUB = "-.-.-.-";}

	?></legend>

	<table>

		<tr><td><?php echo $l_ip_public." : </td><td>".$IP_PUB;?></td></tr>

		<tr><td><?php echo $l_ip_dns1." : </td><td>".$conf["DNS1"];?></td></tr>

		<tr><td><?php echo $l_ip_dns2." : </td><td>".$conf["DNS2"];?></td></tr>

	</table>

	</fieldset>

	</td><td>

	<fieldset>

	<legend><?php echo $conf["EXTIF"].$l_extif_legend; ?></legend>

	<table>

		<tr><td><?php echo $l_ip_adr." : </td><td>".$conf["PUBLIC_IP"];?></td></tr>

		<tr><td><?php echo $l_ip_router." : </td><td>".$conf["GW"];?></td></tr>

	</table>

	</fieldset>

	</td><td>

	<fieldset>

	<legend><?php echo $conf["INTIF"].$l_intif_legend; ?></legend>

	<table>

		<tr><td><?php echo $l_ip_adr." : </td><td>".$conf["PRIVATE_IP"];?></td></tr>

	</table>

	</fieldset>

	</td></tr>

</table>

<table width="100%" border="0" cellspacing="0" cellpadding="0">

	<tr><th><?php echo $l_dhcp_title;?></th></tr>

	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>

</table>

<table width="100%" border=1 cellspacing=0 cellpadding=0>

<tr><td colspan="2" valign="middle" align="left">

<?

$dhcp_state=trim($conf["DHCP"]);

echo "<CENTER><H3>$l_dhcp_state : ${"l_DHCP_".$dhcp_state}</H3></CENTER>";

echo "<FORM action='$_SERVER[PHP_SELF]' method=POST>";

echo "<select name='choix'>";

echo "<option value=\"DHCP_Off\" ";if (!strcmp($dhcp_state,"off")) echo "selected";echo ">$l_DHCP_off";

echo "<option value=\"DHCP_On\" ";if (!strcmp($dhcp_state,"on")) echo "selected";echo ">$l_DHCP_on";

echo "</select>";

echo "<input type=submit value='$l_apply'>";

echo "<br>$l_DHCP_off_explain";

echo "</FORM>";

echo "</td></tr>";

if (strncmp($conf["DHCP"],"on",2) == 0) { require ('network2.php');}

else { echo "</TABLE>"; }

$maxsize=100000;

?>

<table width="100%" border="0" cellspacing="0" cellpadding="0">

	<tr><th><?php echo $l_import_cert;?></th></tr>

	<tr bgcolor="#FFCC66"><td><img src="/images/pix.gif" width="1" height="2"></td></tr>

</table>

<table width="100%" border="1" cellspacing="0" cellpadding="0">

	<tr><td>

	<form method="post" action="network.php" enctype="multipart/form-data">

	<?php echo $l_private_key;?><input type="file" name="key"><br>

	<?php echo $l_certificate;?><input type="file" name="crt"><br>

	<?php echo $l_server_chain;?><input type="file" name="sc">

	<input type="hidden" name="MAX_FILE_SIZE" value=<?php echo $maxsize;?>><br>

	<input type="submit" <?php echo "value=\"".$l_import."\""?>>

	</form>

<?php

$domain = exec("/bin/openssl x509 -noout -subject -in /etc/pki/tls/certs/alcasar.crt | sed -n '/^subject/s/^.*CN=//p' | cut -d'/' -f 1");

$organization = exec("/bin/openssl x509 -noout -subject -in /etc/pki/tls/certs/alcasar.crt | sed -n '/^subject/s/^.*O=//p' | cut -d'/' -f 1");

$CAdomain = exec("/bin/openssl x509 -noout -issuer -in /etc/pki/tls/certs/alcasar.crt | sed -n '/^issuer/s/^.*CN=//p' | cut -d'/' -f 1");

$CAorganization = exec("/bin/openssl x509 -noout -issuer -in /etc/pki/tls/certs/alcasar.crt | sed -n '/^issuer/s/^.*O=//p' | cut -d'/' -f 1");

	echo "<br><br>\n";

	echo "<h3>".$l_current_certificate."</h3>\n";

	echo "Common name : ".$domain."<br>\n";

	echo "Organization : ".$organization."<br/>\n";

	echo "<h4>". $l_validated ."</h4>\n";

	echo "Common name : ".$CAdomain."<br>\n";

	echo "Organization : ".$CAorganization."<br>\n";

?>

	</td><td>

	<form method="post" action="network.php">

	<input type="hidden" name="default">

	<input type="submit" <?php echo "value=\"".$l_default_cert."\""; if(!file_exists("/etc/pki/tls/certs/alcasar.crt.old") || !file_exists("/etc/pki/tls/private/alcasar.key.old")){ echo "disabled";}?> >

	</form>

	</td>

	</tr>

</table>

</body>

</html>

<?php

if(isset($_POST['default'])){

	echo "$l_default_cert";

	exec("sudo alcasar-importcert.sh -d");

}

if(isset($_POST['MAX_FILE_SIZE'])){

	echo "changement";

	$maxsize = 100000;

	if(isset($_FILES['key']) && isset($_FILES['crt']) && $_FILES['key']['error'] == 0 && $_FILES['crt']['error'] == 0){

		$dest = "/tmp/";

		if($_FILES['key']['size'] <= $maxsize && $_FILES['crt']['size'] <= $maxsize)

		{

			if(pathinfo($_FILES['key']['name'])['extension'] == 'key' && pathinfo($_FILES['crt']['name'])['extension'] == 'crt')

			{

				$scpath = "";

				if(isset($_FILES['sc']) && pathinfo($_FILES['sc']['name'])['extension'] == 'crt')

				{

					$scpath = $dest."server-chain.crt";

					move_uploaded_file($_FILES['sc']['tmp_name'], $scpath);

				}

				$keypath = $dest."alcasar.key";

				$crtpath = $dest."alcasar.crt";

				move_uploaded_file($_FILES['key']['tmp_name'], $keypath);

				move_uploaded_file($_FILES['crt']['tmp_name'], $crtpath);

				exec("sudo alcasar-importcert.sh -i $crtpath -k $keypath -c $scpath");

			}

		}

	}

}

?>