From 0a466dfd65c07d4bf8c61c0e98c536c0f0b65ec1 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 23 Oct 2007 11:07:59 -0400
Subject: [PATCH] Added SSL website support.

---
 server/plugins-enabled/apache2_plugin.inc.php |  172 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 files changed, 168 insertions(+), 4 deletions(-)

diff --git a/server/plugins-enabled/apache2_plugin.inc.php b/server/plugins-enabled/apache2_plugin.inc.php
index c02bc3c..1d4533e 100644
--- a/server/plugins-enabled/apache2_plugin.inc.php
+++ b/server/plugins-enabled/apache2_plugin.inc.php
@@ -45,11 +45,115 @@
 		Register for the events
 		*/
 		
+		
+		
+		$app->plugins->registerEvent('web_domain_insert',$this->plugin_name,'ssl');
+		$app->plugins->registerEvent('web_domain_update',$this->plugin_name,'ssl');
+		$app->plugins->registerEvent('web_domain_delete',$this->plugin_name,'ssl');
+		
 		$app->plugins->registerEvent('web_domain_insert',$this->plugin_name,'insert');
 		$app->plugins->registerEvent('web_domain_update',$this->plugin_name,'update');
 		$app->plugins->registerEvent('web_domain_delete',$this->plugin_name,'delete');
 		
+		$app->plugins->registerEvent('server_ip_insert',$this->plugin_name,'server_ip');
+		$app->plugins->registerEvent('server_ip_update',$this->plugin_name,'server_ip');
+		$app->plugins->registerEvent('server_ip_delete',$this->plugin_name,'server_ip');
+		
 	}
+	
+	// Handle the creation of SSL certificates
+	function ssl($event_name,$data) {
+		global $app, $conf;
+		
+		if(!is_dir($data["new"]["document_root"]."/ssl")) exec("mkdir -p ".$data["new"]["document_root"]."/ssl");
+		$ssl_dir = $data["new"]["document_root"]."/ssl";
+		$domain = $data["new"]["domain"];
+		$key_file = $ssl_dir.'/'.$domain.".key.org";
+  		$key_file2 = $ssl_dir.'/'.$domain.".key";
+  		$csr_file = $ssl_dir.'/'.$domain.".csr";
+  		$crt_file = $ssl_dir.'/'.$domain.".crt";
+		
+		//* Create a SSL Certificate
+		if($data["new"]["ssl_action"] == 'create') {
+			$rand_file = $ssl_dir."/random_file";
+    		$rand_data = md5(uniqid(microtime(),1));
+    		for($i=0; $i<1000; $i++){
+    			$rand_data .= md5(uniqid(microtime(),1));
+    			$rand_data .= md5(uniqid(microtime(),1));
+    			$rand_data .= md5(uniqid(microtime(),1));
+    			$rand_data .= md5(uniqid(microtime(),1));
+    		}
+    		file_put_contents($rand_file, $rand_data);
+
+    		$ssl_password = substr(md5(uniqid(microtime(),1)), 0, 15);
+			
+			$ssl_cnf = "        RANDFILE               = $rand_file
+
+        [ req ]
+        default_bits           = 1024
+        default_keyfile        = keyfile.pem
+        distinguished_name     = req_distinguished_name
+        attributes             = req_attributes
+        prompt                 = no
+        output_password        = $ssl_password
+
+        [ req_distinguished_name ]
+        C                      = $data[new][ssl_country]
+        ST                     = $data[new][ssl_state]
+        L                      = $data[new][ssl_locality]
+        O                      = $data[new][ssl_organisation]
+        OU                     = $data[new][ssl_organisation_unit]
+        CN                     = $domain
+        emailAddress           = webmatser@$data[new][domain]
+
+        [ req_attributes ]
+        challengePassword              = A challenge password";
+			
+			$ssl_cnf_file = $ssl_dir."/openssl.conf";
+			file_get_contents($ssl_cnf_file,$ssl_cnf);
+			
+			$rand_file = escapeshellcmd($rand_file);
+			$key_file = escapeshellcmd($key_file);
+			$key_file2 = escapeshellcmd($key_file2);
+			$ssl_days = 3650;
+			$csr_file = escapeshellcmd($csr_file);
+			$config_file = escapeshellcmd($config_file);
+			$crt_file escapeshellcmd($crt_file);
+
+        	if(is_file($ssl_cnf_file)){
+          		exec("openssl genrsa -des3 -rand $rand_file \
+				-passout pass:$ssl_password \
+				-out $key_file 1024 \
+				&& openssl req -new -passin pass:$ssl_password \
+				-passout pass:$ssl_password -key $key_file \
+				-out $csr_file -days $ssl_days \
+				-config $config_file \
+				&& openssl req -x509 -passin pass:$ssl_password \
+				-passout pass:$ssl_password \
+				-key $key_file -in $csr_file \
+				-out $crt_file -days $ssl_days \
+				-config $config_file \
+				&& openssl rsa -passin pass:$ssl_password \
+				-in $key_file \
+				-out $key_file2");
+        	}
+
+    		exec("chmod 400 $key_file2");
+    		exec("rm -f $config_file");
+    		exec("rm -f $rand_file");
+    		$ssl_request = file_get_contents($csr_file);
+    		$ssl_cert = file_get_contents($crt_file);
+    		$mod->db->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert' WHERE domain = '".$data["new"]["domain"]."'");
+		}
+		
+		//* Save a SSL certificate to disk
+		if($data["new"]["ssl_action"] == 'save') {
+			
+		}
+		
+		
+	}
+	
 	
 	function insert($event_name,$data) {
 		global $app, $conf;
@@ -68,7 +172,7 @@
 		if($data["new"]["type"] != "vhost" && $data["new"]["parent_domain_id"] > 0) {
 			// This is not a vhost, so we need to update the parent record instead.
 			$parent_domain_id = intval($data["new"]["parent_domain_id"]);
-			$tmp = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$parent_domain_id);
+			$tmp = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$parent_domain_id." AND active = 'y'");
 			$data["new"] = $tmp;
 			$data["old"] = $tmp;
 		}
@@ -91,12 +195,37 @@
 		
 		// Check if the directories are there and create them if nescessary.
 		if(!is_dir($data["new"]["document_root"]."/web")) exec("mkdir -p ".$data["new"]["document_root"]."/web");
-		if(!is_dir($data["new"]["document_root"]."/log")) exec("mkdir -p ".$data["new"]["document_root"]."/log");
+		if(!is_dir($data["new"]["document_root"]."/web/error")) exec("mkdir -p ".$data["new"]["document_root"]."/web/error");
+		//if(!is_dir($data["new"]["document_root"]."/log")) exec("mkdir -p ".$data["new"]["document_root"]."/log");
 		if(!is_dir($data["new"]["document_root"]."/ssl")) exec("mkdir -p ".$data["new"]["document_root"]."/ssl");
 		if(!is_dir($data["new"]["document_root"]."/cgi-bin")) exec("mkdir -p ".$data["new"]["document_root"]."/cgi-bin");
 		
-		// TODO: Create the symlinks
+		// Create the symlink for the logfiles
+		if(!is_dir('/var/log/ispconfig/httpd/'.$data["new"]["domain"])) exec('mkdir -p /var/log/ispconfig/httpd/'.$data["new"]["domain"]);
+		if(!is_link($data["new"]["document_root"]."/log")) exec("ln -s /var/log/ispconfig/httpd/".$data["new"]["domain"]." ".$data["new"]["document_root"]."/log");
 		
+		// Create the symlinks for the sites
+		$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["new"]["sys_groupid"]));
+		$client_id = intval($client["client_id"]);
+		unset($client);
+		$tmp_symlinks_array = explode(':',$web_config["website_symlinks"]);
+		if(is_array($tmp_symlinks_array)) {
+			foreach($tmp_symlinks_array as $tmp_symlink) {
+				$tmp_symlink = str_replace("[client_id]",$client_id,$tmp_symlink);
+				$tmp_symlink = str_replace("[website_domain]",$data["new"]["domain"],$tmp_symlink);
+				// Remove trailing slash
+				if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
+				// create the symlinks, if not exist
+				if(!is_link($tmp_symlink)) {
+					exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink));
+					$app->log("Creating Symlink: ln -s ".$data["new"]["document_root"]."/ ".$tmp_symlink,LOGLEVEL_DEBUG);
+				}
+			}
+		}
+		
+		// Copy the error pages
+		$error_page_path = escapeshellcmd($data["new"]["web_document_root"])."/web/error/";
+		exec("cp /usr/local/ispconfig/server/conf/error/".substr(escapeshellcmd($conf["language"]),0,2)."/* ".$error_page_path);
 		
 		// Create group and user, if not exist
 		$app->uses("system");
@@ -150,7 +279,7 @@
 		}
 		
 		// get alias domains (co-domains and subdomains)
-		$aliases = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE parent_domain_id = ".$data["new"]["domain_id"]);
+		$aliases = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE parent_domain_id = ".$data["new"]["domain_id"]." AND active = 'y'");
 		$server_alias = '';
 		if(is_array($aliases)) {
 			foreach($aliases as $alias) {
@@ -165,6 +294,11 @@
 			}
 		}
 		$tpl->setVar('alias',trim($server_alias));
+		if(count($rewrite_rules) > 0) {
+			$tpl->setVar('rewrite_enabled',1);
+		} else {
+			$tpl->setVar('rewrite_enabled',0);
+		}
 		$tpl->setLoop('redirects',$rewrite_rules);
 		
 		$vhost_file = escapeshellcmd($web_config["vhost_conf_dir"].'/'.$data["new"]["domain"].'.vhost');
@@ -210,6 +344,36 @@
 		if($docroot != '' && !stristr($docroot,'..')) exec("rm -rf $docroot");
 		$app->log("Removing website: $docroot",LOGLEVEL_DEBUG);
 		
+		// Delete the symlinks for the sites
+		$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["old"]["sys_groupid"]));
+		$client_id = intval($client["client_id"]);
+		unset($client);
+		$tmp_symlinks_array = explode(':',$web_config["website_symlinks"]);
+		if(is_array($tmp_symlinks_array)) {
+			foreach($tmp_symlinks_array as $tmp_symlink) {
+				$tmp_symlink = str_replace("[client_id]",$client_id,$tmp_symlink);
+				$tmp_symlink = str_replace("[website_domain]",$data["old"]["domain"],$tmp_symlink);
+				// Remove trailing slash
+				if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
+				// create the symlinks, if not exist
+				if(is_link($tmp_symlink)) {
+					unlink($tmp_symlink));
+					$app->log("Removing symlink: ".$tmp_symlink,LOGLEVEL_DEBUG);
+				}
+			}
+		}
+		// end removing symlinks
+		
+	}
+	
+	//* This function is called when a IP on the server is inserted, updated or deleted
+	function server_ip($event_name,$data) {
+		global $app, $conf;
+		
+		// Here we write the name virtualhost directives
+		// NameVirtualHost IP:80
+		// NameVirtualHost IP:443
+		
 	}
 	
 

--
Gitblit v1.9.1