| Line 1... |
Line 1... |
| 1 |
<?php
|
1 |
<?php
|
| 2 |
# $Id: network.php 3301 2025-10-04 08:12:56Z rexy $
|
2 |
# $Id: network.php 3302 2025-10-20 22:47:58Z rexy $
|
| 3 |
// written by steweb57, Rexy, Tom HOUDAYER & Pierre RIVAULT
|
3 |
// written by steweb57, Rexy, Tom HOUDAYER & Pierre RIVAULT
|
| 4 |
|
4 |
|
| 5 |
/********************
|
5 |
/********************
|
| 6 |
* READ CONF FILES *
|
6 |
* READ CONF FILES *
|
| 7 |
*********************/
|
7 |
*********************/
|
| Line 91... |
Line 91... |
| 91 |
$l_le_integration = "Intégrer un certificat Let's Encrypt";
|
91 |
$l_le_integration = "Intégrer un certificat Let's Encrypt";
|
| 92 |
$l_le_status = "Status :";
|
92 |
$l_le_status = "Status :";
|
| 93 |
$l_disabled = "Inactif";
|
93 |
$l_disabled = "Inactif";
|
| 94 |
$l_pending_validation = "En attente de validation";
|
94 |
$l_pending_validation = "En attente de validation";
|
| 95 |
$l_enabled = "Actif";
|
95 |
$l_enabled = "Actif";
|
| 96 |
$l_le_email = "Email :";
|
96 |
$l_le_email = "Email (optionel) :";
|
| 97 |
$l_le_domain_name = "Nom de domaine :";
|
97 |
$l_le_domain_name = "Nom de domaine :";
|
| 98 |
$l_send = "Envoyer";
|
98 |
$l_send = "Envoyer";
|
| 99 |
$l_le_ask_on = "Demandé le :";
|
99 |
$l_le_ask_on = "Demandé le :";
|
| 100 |
$l_le_dns_entry_txt = "Entrée DNS TXT :";
|
100 |
$l_le_dns_entry_txt = "Entrée DNS TXT :";
|
| 101 |
$l_le_challenge = "Challenge :";
|
101 |
$l_le_challenge = "Challenge :";
|
| Line 105... |
Line 105... |
| 105 |
$l_le_auto_renewal_warning = "Alerte de renouvellement à partir du :";
|
105 |
$l_le_auto_renewal_warning = "Alerte de renouvellement à partir du :";
|
| 106 |
$l_renewal_request = "Demande de renouvellement";
|
106 |
$l_renewal_request = "Demande de renouvellement";
|
| 107 |
$l_previous_LE_cert = "Revenir au certificat Let's Encrypt :";
|
107 |
$l_previous_LE_cert = "Revenir au certificat Let's Encrypt :";
|
| 108 |
$l_gw_weight = "Poids";
|
108 |
$l_gw_weight = "Poids";
|
| 109 |
$l_error = "Erreur";
|
109 |
$l_error = "Erreur";
|
| 110 |
$l_error_bad_mac = "Adresse MAC invalide";
|
110 |
$l_error_bad_mac = "Adresse MAC vide ou invalide";
|
| 111 |
$l_error_bad_ip = "Adresse IP invalide";
|
111 |
$l_error_bad_ip = "Adresse IP vide ou invalide";
|
| 112 |
$l_error_bad_ip_CIDR = "Adresse IP au format CIDR invalide";
|
112 |
$l_error_bad_ip_CIDR = "Adresse IP au format CIDR vide ou invalide";
|
| 113 |
$l_error_bad_ip_port = "Adresse IP + port invalide";
|
113 |
$l_error_bad_ip_port = "Adresse IP + port vide ou invalide";
|
| 114 |
$l_error_weight = "Poids invalide";
|
114 |
$l_error_weight = "Poids vide ou invalide";
|
| 115 |
$l_error_bad_domain = "Nom de domaine invalide";
|
115 |
$l_error_bad_domain = "Nom de domaine vide ou invalide";
|
| 116 |
$l_change_successful = "Changement effectué avec succès";
|
116 |
$l_change_successful = "Changement effectué avec succès";
|
| 117 |
} else if ($Language === 'es') {
|
117 |
} else if ($Language === 'es') {
|
| 118 |
$l_network_title = "Configuración de Red";
|
118 |
$l_network_title = "Configuración de Red";
|
| 119 |
$l_internet_legend = "INTERNET";
|
119 |
$l_internet_legend = "INTERNET";
|
| 120 |
$l_ip_mask = "Máscara";
|
120 |
$l_ip_mask = "Máscara";
|
| Line 161... |
Line 161... |
| 161 |
$l_le_integration = "Integración con Let's Encrypt";
|
161 |
$l_le_integration = "Integración con Let's Encrypt";
|
| 162 |
$l_le_status = "Estado:";
|
162 |
$l_le_status = "Estado:";
|
| 163 |
$l_disabled = "Desactivado";
|
163 |
$l_disabled = "Desactivado";
|
| 164 |
$l_pending_validation = "Validación pendiente";
|
164 |
$l_pending_validation = "Validación pendiente";
|
| 165 |
$l_enabled = "Activado";
|
165 |
$l_enabled = "Activado";
|
| 166 |
$l_le_email = "Email:";
|
166 |
$l_le_email = "Email (opcional):";
|
| 167 |
$l_le_domain_name = "Nombre de dominio:";
|
167 |
$l_le_domain_name = "Nombre de dominio:";
|
| 168 |
$l_send = "Enviar";
|
168 |
$l_send = "Enviar";
|
| 169 |
$l_le_ask_on = "Preguntar el:";
|
169 |
$l_le_ask_on = "Preguntar el:";
|
| 170 |
$l_le_dns_entry_txt = "Entrada DNS TXT:";
|
170 |
$l_le_dns_entry_txt = "Entrada DNS TXT:";
|
| 171 |
$l_le_challenge = "Desafío:";
|
171 |
$l_le_challenge = "Desafío:";
|
| Line 175... |
Line 175... |
| 175 |
$l_le_auto_renewal_warning = "Aviso de renovación a partir de:";
|
175 |
$l_le_auto_renewal_warning = "Aviso de renovación a partir de:";
|
| 176 |
$l_renewal_request = "Solicitud de renovación";
|
176 |
$l_renewal_request = "Solicitud de renovación";
|
| 177 |
$l_previous_LE_cert = "Volver al certificado de Let's Encrypt :";
|
177 |
$l_previous_LE_cert = "Volver al certificado de Let's Encrypt :";
|
| 178 |
$l_gw_weight = "Peso";
|
178 |
$l_gw_weight = "Peso";
|
| 179 |
$l_error = "Error";
|
179 |
$l_error = "Error";
|
| 180 |
$l_error_bad_mac = "Dirección MAC no válida";
|
180 |
$l_error_bad_mac = "Dirección MAC vacío o no válida";
|
| 181 |
$l_error_bad_ip = "Dirección IP inválida";
|
181 |
$l_error_bad_ip = "Dirección IP vacío o inválida";
|
| 182 |
$l_error_bad_ip_CIDR = "Dirección IP no válida en formato CIDR";
|
182 |
$l_error_bad_ip_CIDR = "Dirección IP vacío o no válida en formato CIDR";
|
| 183 |
$l_error_bad_ip_port = "Dirección IP + puerto no válidos";
|
183 |
$l_error_bad_ip_port = "Dirección IP + puerto vacío o no válidos";
|
| 184 |
$l_error_weight = "Peso no válido";
|
184 |
$l_error_weight = "Peso vacío o no válido";
|
| 185 |
$l_error_bad_domain = "Nombre de dominio no válido";
|
185 |
$l_error_bad_domain = "Nombre de dominio vacío o no válido";
|
| 186 |
$l_change_successful = "Cambio completado con éxito";
|
186 |
$l_change_successful = "Cambio completado con éxito";
|
| 187 |
} else {
|
187 |
} else {
|
| 188 |
$l_network_title = "Network configuration";
|
188 |
$l_network_title = "Network configuration";
|
| 189 |
$l_internet_legend = "INTERNET";
|
189 |
$l_internet_legend = "INTERNET";
|
| 190 |
$l_ip_mask = "Mask";
|
190 |
$l_ip_mask = "Mask";
|
| Line 231... |
Line 231... |
| 231 |
$l_le_integration = "Integrate a Let's Encrypt certificate";
|
231 |
$l_le_integration = "Integrate a Let's Encrypt certificate";
|
| 232 |
$l_le_status = "Status:";
|
232 |
$l_le_status = "Status:";
|
| 233 |
$l_disabled = "Disabled";
|
233 |
$l_disabled = "Disabled";
|
| 234 |
$l_pending_validation = "Pending validation";
|
234 |
$l_pending_validation = "Pending validation";
|
| 235 |
$l_enabled = "Enabled";
|
235 |
$l_enabled = "Enabled";
|
| 236 |
$l_le_email = "Email:";
|
236 |
$l_le_email = "Email (optional):";
|
| 237 |
$l_le_domain_name = "Domain name:";
|
237 |
$l_le_domain_name = "Domain name:";
|
| 238 |
$l_send = "Send";
|
238 |
$l_send = "Send";
|
| 239 |
$l_le_ask_on = "Ask on:";
|
239 |
$l_le_ask_on = "Ask on:";
|
| 240 |
$l_le_dns_entry_txt = "DNS TXT entry:";
|
240 |
$l_le_dns_entry_txt = "DNS TXT entry:";
|
| 241 |
$l_le_challenge = "Challenge:";
|
241 |
$l_le_challenge = "Challenge:";
|
| Line 245... |
Line 245... |
| 245 |
$l_le_auto_renewal_warning = "Renewal Alert starting on:";
|
245 |
$l_le_auto_renewal_warning = "Renewal Alert starting on:";
|
| 246 |
$l_renewal_request = "Renewal request";
|
246 |
$l_renewal_request = "Renewal request";
|
| 247 |
$l_previous_LE_cert = "Back to the Let's Encrypt certificate :";
|
247 |
$l_previous_LE_cert = "Back to the Let's Encrypt certificate :";
|
| 248 |
$l_gw_weight = "Weight";
|
248 |
$l_gw_weight = "Weight";
|
| 249 |
$l_error = "Error";
|
249 |
$l_error = "Error";
|
| 250 |
$l_error_bad_mac = "Invalid mac address";
|
250 |
$l_error_bad_mac = "Empty or invalid mac address";
|
| 251 |
$l_error_bad_ip = "Invalid IP address";
|
251 |
$l_error_bad_ip = "Empty or invalid IP address";
|
| 252 |
$l_error_bad_ip_CIDR = "Invalid IP address in CIDR format";
|
252 |
$l_error_bad_ip_CIDR = "Empty or invalid IP address in CIDR format";
|
| 253 |
$l_error_bad_ip_port = "Invalid IP address + port";
|
253 |
$l_error_bad_ip_port = "Empty or invalid IP address + port";
|
| 254 |
$l_error_weight = "Invalid weight";
|
254 |
$l_error_weight = "Empty or invalid weight";
|
| 255 |
$l_error_bad_domain = "Invalid domain name";
|
255 |
$l_error_bad_domain = "Empty or invalid domain name";
|
| 256 |
$l_change_successful = "Network updated successfully";
|
256 |
$l_change_successful = "Network updated successfully";
|
| 257 |
}
|
257 |
}
|
| 258 |
|
258 |
|
| 259 |
$reg_ip = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/';
|
259 |
$reg_ip = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$/';
|
| 260 |
$reg_ip_cidr = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/';
|
260 |
$reg_ip_cidr = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))$/';
|
| 261 |
$reg_ip_port = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\:([1-9]|[1-9][0-9]|[1-9][0-9]{2}|[1-9][0-9]{3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5]))$/';
|
261 |
$reg_ip_port = '/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\:([1-9]|[1-9][0-9]|[1-9][0-9]{2}|[1-9][0-9]{3}|[1-5][0-9]{4}|6[0-4][0-9]{3}|65[0-4][0-9]{2}|655[0-2][0-9]|6553[0-5]))$/';
|
| 262 |
$reg_mac = '/^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$/';
|
262 |
$reg_mac = '/^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$/';
|
| 263 |
$reg_host = '/^[a-zA-Z0-9-_]+$/';
|
263 |
$reg_host = '/^[a-zA-Z0-9-_]+$/';
|
| 264 |
$reg_weight = '/^[0-9]*$/';
|
264 |
$reg_weight = '/^[0-9]*$/';
|
| 265 |
$reg_domain = '/^[a-zA-Z0-9-]+\.[a-zA-Z]{2,11}(?:\.[a-zA-Z]{2,})?$/';
|
265 |
$reg_domain = '/^[a-zA-Z0-9-]+\.[a-zA-Z]{2,11}(?:\.[a-zA-Z]{2,})?$/';
|
| - |
|
266 |
$reg_email = '/^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/';
|
| 266 |
$ext_conf_error = false;
|
267 |
$ext_conf_error = false;
|
| 267 |
|
268 |
|
| 268 |
$choix = (isset($_POST['choix'])) ? $_POST['choix'] : '';
|
269 |
$choix = (isset($_POST['choix'])) ? $_POST['choix'] : '';
|
| 269 |
switch ($choix) {
|
270 |
switch ($choix) {
|
| 270 |
case 'DHCP_On':
|
271 |
case 'DHCP_On':
|
| Line 626... |
Line 627... |
| 626 |
fclose($file_conf);
|
627 |
fclose($file_conf);
|
| 627 |
}
|
628 |
}
|
| 628 |
|
629 |
|
| 629 |
// Let's Encrypt actions
|
630 |
// Let's Encrypt actions
|
| 630 |
if ($choix === 'le_issueCert') {
|
631 |
if ($choix === 'le_issueCert') {
|
| 631 |
// TODO: check ndd & mail format
|
- |
|
| 632 |
$email = $_POST['email'];
|
632 |
$email = $_POST['email'];
|
| 633 |
$domainName = $_POST['domainname'];
|
633 |
$domainName = $_POST['domainname'];
|
| - |
|
634 |
if ((!empty($domainname)) && (preg_match($reg_domain, $domainname))) {
|
| - |
|
635 |
if ((!empty($email)) && (preg_match($reg_email, $email))) {
|
| - |
|
636 |
exec('sudo /usr/local/bin/alcasar-letsencrypt.sh --issue --domain '.escapeshellarg($domainName), $output, $exitCode);}
|
| - |
|
637 |
else {
|
| 634 |
exec('sudo /usr/local/bin/alcasar-letsencrypt.sh --issue --email '.escapeshellarg($email).' --domain '.escapeshellarg($domainName), $output, $exitCode);
|
638 |
exec('sudo /usr/local/bin/alcasar-letsencrypt.sh --issue --email '.escapeshellarg($email).' --domain '.escapeshellarg($domainName), $output, $exitCode);}
|
| 635 |
$cmdResponse = implode("<br>\n", $output);
|
639 |
$cmdResponse = implode("<br>\n", $output);}
|
| 636 |
}
|
640 |
}
|
| 637 |
if ($choix === 'le_renewCert') {
|
641 |
if ($choix === 'le_renewCert') {
|
| 638 |
if ((isset($_POST['recheck'])) && ((!empty($_POST['recheck'])) || (!empty($_POST['recheck_force'])))) {
|
642 |
if ((isset($_POST['recheck'])) && ((!empty($_POST['recheck'])) || (!empty($_POST['recheck_force'])))) {
|
| 639 |
$forceOpt = (!empty($_POST['recheck_force'])) ? ' --force' : '';
|
643 |
$forceOpt = (!empty($_POST['recheck_force'])) ? ' --force' : '';
|
| 640 |
|
644 |
|
| Line 1315... |
Line 1319... |
| 1315 |
<b><?= $l_validated ?></b> <?= $CAdomain ?> (<?= $CAorganization ?>)<br>
|
1319 |
<b><?= $l_validated ?></b> <?= $CAdomain ?> (<?= $CAorganization ?>)<br>
|
| 1316 |
</div>
|
1320 |
</div>
|
| 1317 |
<div class="panel-cell">
|
1321 |
<div class="panel-cell">
|
| 1318 |
<?
|
1322 |
<?
|
| 1319 |
if (file_exists('/etc/pki/tls/certs/alcasar.crt.old') && file_exists('/etc/pki/tls/private/alcasar.key.old')){ // An old default certificate exist ?
|
1323 |
if (file_exists('/etc/pki/tls/certs/alcasar.crt.old') && file_exists('/etc/pki/tls/private/alcasar.key.old')){ // An old default certificate exist ?
|
| - |
|
1324 |
$certificateInfos = openssl_x509_parse(file_get_contents('/etc/pki/tls/certs/alcasar.crt.old'));
|
| - |
|
1325 |
$cert_expiration_date = date('d-m-Y H:i:s', $certificateInfos['validTo_time_t']);
|
| - |
|
1326 |
$domain = $certificateInfos['subject']['CN'];
|
| - |
|
1327 |
$organization = (isset($certificateInfos['subject']['O'])) ? $certificateInfos['subject']['O'] : '';
|
| - |
|
1328 |
$CAdomain = $certificateInfos['issuer']['CN'];
|
| - |
|
1329 |
$CAorganization = (isset($certificateInfos['issuer']['O'])) ? $certificateInfos['issuer']['O'] : '';
|
| 1320 |
echo "<form method=\"post\" action=\"".htmlspecialchars($_SERVER['PHP_SELF'])."\">\n";
|
1330 |
echo "<form method=\"post\" action=\"".htmlspecialchars($_SERVER['PHP_SELF'])."\">\n";
|
| 1321 |
echo "\t\t\t\t<input type=\"hidden\" name=\"choix\" value=\"set_default_cert\">\n";
|
1331 |
echo "\t\t\t\t<input type=\"hidden\" name=\"choix\" value=\"set_default_cert\">\n";
|
| 1322 |
echo "\t\t\t\t<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" value=\"$l_default_cert\"> (alcasar.lan)<br>\n";
|
1332 |
echo "\t\t\t\t<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" value=\"$l_default_cert\"><br>\n";
|
| 1323 |
echo "\t\t\t</form>\n";}
|
1333 |
echo "\t\t\t\t<b>$l_cert_commonname</b> $domain <br>";
|
| 1324 |
if (!empty($LE_conf['domainRequest']) && ($domain != $LE_conf['domainRequest'])) { // A Let's encrypt certificate exist & it's not the active one ?
|
- |
|
| 1325 |
echo "\t\t\t<form method=\"post\" action=\"".htmlspecialchars($_SERVER['PHP_SELF'])."\">\n";
|
1334 |
echo "\t\t\t\t<b>$l_cert_expiration</b> $cert_expiration_date <br>";
|
| 1326 |
echo "\t\t\t\t<input type=\"hidden\" name=\"choix\" value=\"set_last_LE_cert\">\n";
|
1335 |
echo "\t\t\t\t<b>$l_cert_organization</b> $organization <br>";
|
| 1327 |
echo "\t\t\t\t<input type=\"submit\" onClick=\"document.getElementById('ldoverlay').style.display='block';\" value=\"".$l_previous_LE_cert."\"> (".$LE_conf['domainRequest'].")\n";
|
1336 |
echo "\t\t\t\t<b>$l_validated</b> $CAdomain ($CAorganization)<br>";
|
| 1328 |
echo "\t\t\t</form>\n";}
|
1337 |
echo "\t\t\t</form>\n";}
|
| 1329 |
?>
|
1338 |
?>
|
| 1330 |
</div>
|
1339 |
</div>
|
| 1331 |
</div>
|
1340 |
</div>
|
| 1332 |
<div class="panel-row">
|
1341 |
<div class="panel-row">
|