From 026b48f8119d3a6728273c5138f602c63af5efcf Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 23 Oct 2007 14:11:43 -0400
Subject: [PATCH] Added shelluser creation plugin. Updated apache ssl cert creation.

---
 server/plugins-enabled/apache2_plugin.inc.php |  180 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 179 insertions(+), 1 deletions(-)

diff --git a/server/plugins-enabled/apache2_plugin.inc.php b/server/plugins-enabled/apache2_plugin.inc.php
index dc8dc38..d593fc7 100644
--- a/server/plugins-enabled/apache2_plugin.inc.php
+++ b/server/plugins-enabled/apache2_plugin.inc.php
@@ -45,6 +45,12 @@
 		Register for the events
 		*/
 		
+		
+		
+		$app->plugins->registerEvent('web_domain_insert',$this->plugin_name,'ssl');
+		$app->plugins->registerEvent('web_domain_update',$this->plugin_name,'ssl');
+		$app->plugins->registerEvent('web_domain_delete',$this->plugin_name,'ssl');
+		
 		$app->plugins->registerEvent('web_domain_insert',$this->plugin_name,'insert');
 		$app->plugins->registerEvent('web_domain_update',$this->plugin_name,'update');
 		$app->plugins->registerEvent('web_domain_delete',$this->plugin_name,'delete');
@@ -54,6 +60,123 @@
 		$app->plugins->registerEvent('server_ip_delete',$this->plugin_name,'server_ip');
 		
 	}
+	
+	// Handle the creation of SSL certificates
+	function ssl($event_name,$data) {
+		global $app, $conf;
+		
+		if(!is_dir($data["new"]["document_root"]."/ssl")) exec("mkdir -p ".$data["new"]["document_root"]."/ssl");
+		$ssl_dir = $data["new"]["document_root"]."/ssl";
+		$domain = $data["new"]["domain"];
+		$key_file = $ssl_dir.'/'.$domain.".key.org";
+  		$key_file2 = $ssl_dir.'/'.$domain.".key";
+  		$csr_file = $ssl_dir.'/'.$domain.".csr";
+  		$crt_file = $ssl_dir.'/'.$domain.".crt";
+		
+		//* Create a SSL Certificate
+		if($data["new"]["ssl_action"] == 'create') {
+			$rand_file = $ssl_dir."/random_file";
+    		$rand_data = md5(uniqid(microtime(),1));
+    		for($i=0; $i<1000; $i++){
+    			$rand_data .= md5(uniqid(microtime(),1));
+    			$rand_data .= md5(uniqid(microtime(),1));
+    			$rand_data .= md5(uniqid(microtime(),1));
+    			$rand_data .= md5(uniqid(microtime(),1));
+    		}
+    		file_put_contents($rand_file, $rand_data);
+
+    		$ssl_password = substr(md5(uniqid(microtime(),1)), 0, 15);
+			
+			$ssl_cnf = "        RANDFILE               = $rand_file
+
+        [ req ]
+        default_bits           = 1024
+        default_keyfile        = keyfile.pem
+        distinguished_name     = req_distinguished_name
+        attributes             = req_attributes
+        prompt                 = no
+        output_password        = $ssl_password
+
+        [ req_distinguished_name ]
+        C                      = $data[new][ssl_country]
+        ST                     = $data[new][ssl_state]
+        L                      = $data[new][ssl_locality]
+        O                      = $data[new][ssl_organisation]
+        OU                     = $data[new][ssl_organisation_unit]
+        CN                     = $domain
+        emailAddress           = webmatser@$data[new][domain]
+
+        [ req_attributes ]
+        challengePassword              = A challenge password";
+			
+			$ssl_cnf_file = $ssl_dir."/openssl.conf";
+			file_get_contents($ssl_cnf_file,$ssl_cnf);
+			
+			$rand_file = escapeshellcmd($rand_file);
+			$key_file = escapeshellcmd($key_file);
+			$key_file2 = escapeshellcmd($key_file2);
+			$ssl_days = 3650;
+			$csr_file = escapeshellcmd($csr_file);
+			$config_file = escapeshellcmd($ssl_cnf_file);
+			$crt_file escapeshellcmd($crt_file);
+
+        	if(is_file($ssl_cnf_file)){
+          		exec("openssl genrsa -des3 -rand $rand_file \
+				-passout pass:$ssl_password \
+				-out $key_file 1024 \
+				&& openssl req -new -passin pass:$ssl_password \
+				-passout pass:$ssl_password -key $key_file \
+				-out $csr_file -days $ssl_days \
+				-config $config_file \
+				&& openssl req -x509 -passin pass:$ssl_password \
+				-passout pass:$ssl_password \
+				-key $key_file -in $csr_file \
+				-out $crt_file -days $ssl_days \
+				-config $config_file \
+				&& openssl rsa -passin pass:$ssl_password \
+				-in $key_file \
+				-out $key_file2");
+				
+				$app->log("Creating SSL Cert for: $domain",LOGLEVEL_DEBUG);
+        	}
+
+    		exec("chmod 400 $key_file2");
+    		unlink($config_file);
+    		unlink($rand_file);
+    		$ssl_request = file_get_contents($csr_file);
+    		$ssl_cert = file_get_contents($crt_file);
+    		$mod->db->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert' WHERE domain = '".$data["new"]["domain"]."'");
+		}
+		
+		//* Save a SSL certificate to disk
+		if($data["new"]["ssl_action"] == 'save') {
+			$ssl_dir = $data["new"]["document_root"]."/ssl";
+			$domain = $data["new"]["domain"];
+  			$csr_file = $ssl_dir.'/'.$domain.".csr";
+  			$crt_file = $ssl_dir.'/'.$domain.".crt";
+			$bundle_file = $ssl_dir.'/'.$domain.".bundle";
+			file_put_contents($csr_file,$data["new"]["ssl_request"]);
+			file_put_contents($crt_file,$data["new"]["ssl_cert"]);
+			if(trim($data["new"]["ssl_bundle"]) != '') file_put_contents($bundle_file,$data["new"]["ssl_bundle"]);
+			$app->log("Saving SSL Cert for: $domain",LOGLEVEL_DEBUG);
+		}
+		
+		//* Delete a SSL certificate
+		if($data["new"]["ssl_action"] == 'del') {
+			$ssl_dir = $data["new"]["document_root"]."/ssl";
+			$domain = $data["new"]["domain"];
+  			$csr_file = $ssl_dir.'/'.$domain.".csr";
+  			$crt_file = $ssl_dir.'/'.$domain.".crt";
+			$bundle_file = $ssl_dir.'/'.$domain.".bundle";
+			unlink($csr_file);
+			unlink($crt_file);
+			unlink($bundle_file);
+			$app->log("Deleting SSL Cert for: $domain",LOGLEVEL_DEBUG);
+		}
+		
+		
+	}
+	
 	
 	function insert($event_name,$data) {
 		global $app, $conf;
@@ -104,7 +227,24 @@
 		if(!is_dir('/var/log/ispconfig/httpd/'.$data["new"]["domain"])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data["new"]["domain"]);
 		if(!is_link($data["new"]["document_root"]."/log")) exec("ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log");
 		
-		// TODO: Create the symlinks
+		// Create the symlinks for the sites
+		$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["new"]["sys_groupid"]));
+		$client_id = intval($client["client_id"]);
+		unset($client);
+		$tmp_symlinks_array = explode(':',$web_config["website_symlinks"]);
+		if(is_array($tmp_symlinks_array)) {
+			foreach($tmp_symlinks_array as $tmp_symlink) {
+				$tmp_symlink = str_replace("[client_id]",$client_id,$tmp_symlink);
+				$tmp_symlink = str_replace("[website_domain]",$data["new"]["domain"],$tmp_symlink);
+				// Remove trailing slash
+				if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
+				// create the symlinks, if not exist
+				if(!is_link($tmp_symlink)) {
+					exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink));
+					$app->log("Creating Symlink: ln -s ".$data["new"]["document_root"]."/ ".$tmp_symlink,LOGLEVEL_DEBUG);
+				}
+			}
+		}
 		
 		// Copy the error pages
 		$error_page_path = escapeshellcmd($data["new"]["web_document_root"])."/web/error/";
@@ -150,6 +290,24 @@
 		
 		$vhost_data = $data["new"];
 		$vhost_data["web_document_root"] = $data["new"]["document_root"]."/web";
+		
+		// Check if a SSL cert exists
+		$ssl_dir = $data["new"]["document_root"]."/ssl";
+		$domain = $data["new"]["domain"];
+  		$key_file = $ssl_dir.'/'.$domain.".key";
+  		$crt_file = $ssl_dir.'/'.$domain.".crt";
+		$bundle_file = $ssl_dir.'/'.$domain.".bundle";
+		
+		if($data["new"]["ssl"] == 'y' && @is_file($crt_file) && @is_file($key_file) {
+			$vhost_data["ssl_enabled"] = 1;
+			$app->log("Enable SSL for: $domain",LOGLEVEL_DEBUG);
+		} else {
+			$vhost_data["ssl_enabled"] = 0;
+			$app->log("Disable SSL for: $domain",LOGLEVEL_DEBUG);
+		}
+		
+		if(@is_file($bundle_file)) $vhost_data['has_bundle_cert'] = 1;
+		
 		//$vhost_data["document_root"] = $data["new"]["document_root"]."/web";
 		$tpl->setVar($vhost_data);
 		
@@ -227,6 +385,26 @@
 		if($docroot != '' && !stristr($docroot,'..')) exec("rm -rf $docroot");
 		$app->log("Removing website: $docroot",LOGLEVEL_DEBUG);
 		
+		// Delete the symlinks for the sites
+		$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["old"]["sys_groupid"]));
+		$client_id = intval($client["client_id"]);
+		unset($client);
+		$tmp_symlinks_array = explode(':',$web_config["website_symlinks"]);
+		if(is_array($tmp_symlinks_array)) {
+			foreach($tmp_symlinks_array as $tmp_symlink) {
+				$tmp_symlink = str_replace("[client_id]",$client_id,$tmp_symlink);
+				$tmp_symlink = str_replace("[website_domain]",$data["old"]["domain"],$tmp_symlink);
+				// Remove trailing slash
+				if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
+				// create the symlinks, if not exist
+				if(is_link($tmp_symlink)) {
+					unlink($tmp_symlink));
+					$app->log("Removing symlink: ".$tmp_symlink,LOGLEVEL_DEBUG);
+				}
+			}
+		}
+		// end removing symlinks
+		
 	}
 	
 	//* This function is called when a IP on the server is inserted, updated or deleted

--
Gitblit v1.9.1