<?php
|
|
/*
|
Copyright (c) 2015 Michael Fürmann, Spicy Web (spicyweb.de)
|
All rights reserved.
|
|
Redistribution and use in source and binary forms, with or without modification,
|
are permitted provided that the following conditions are met:
|
|
* Redistributions of source code must retain the above copyright notice,
|
this list of conditions and the following disclaimer.
|
* Redistributions in binary form must reproduce the above copyright notice,
|
this list of conditions and the following disclaimer in the documentation
|
and/or other materials provided with the distribution.
|
* Neither the name of ISPConfig nor the names of its contributors
|
may be used to endorse or promote products derived from this software without
|
specific prior written permission.
|
|
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
|
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
|
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
|
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
|
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
|
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
|
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
|
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
*/
|
|
class xmpp_plugin {
|
|
var $plugin_name = 'xmpp_server_plugin';
|
var $class_name = 'xmpp_server_plugin';
|
|
var $xmpp_config_dir = '/etc/metronome';
|
|
var $ssl_certificate_changed = false;
|
var $ssl_certificate_deleted = false;
|
|
|
//* This function is called during ispconfig installation to determine
|
// if a symlink shall be created for this plugin.
|
function onInstall() {
|
global $conf;
|
|
if($conf['services']['xmpp'] == true) {
|
return true;
|
} else {
|
return false;
|
}
|
|
}
|
|
/*
|
This function is called when the plugin is loaded
|
*/
|
|
function onLoad() {
|
global $app;
|
|
/*
|
Register for the events
|
*/
|
|
$app->plugins->registerEvent('server_insert', 'xmpp_plugin', 'insert');
|
$app->plugins->registerEvent('server_update', 'xmpp_plugin', 'update');
|
|
$app->plugins->registerEvent('xmpp_domain_insert', 'xmpp_plugin', 'ssl');
|
$app->plugins->registerEvent('xmpp_domain_update', 'xmpp_plugin', 'ssl');
|
$app->plugins->registerEvent('xmpp_domain_delete', 'xmpp_plugin', 'ssl');
|
|
$app->plugins->registerEvent('xmpp_domain_insert', 'xmpp_plugin', 'domainInsert');
|
$app->plugins->registerEvent('xmpp_domain_update', 'xmpp_plugin', 'domainUpdate');
|
$app->plugins->registerEvent('xmpp_domain_delete', 'xmpp_plugin', 'domainDelete');
|
$app->plugins->registerEvent('xmpp_user_insert', 'xmpp_plugin', 'userInsert');
|
$app->plugins->registerEvent('xmpp_user_update', 'xmpp_plugin', 'userUpdate');
|
$app->plugins->registerEvent('xmpp_user_delete', 'xmpp_plugin', 'userDelete');
|
|
}
|
|
function insert($event_name, $data) {
|
global $app, $conf;
|
|
$this->update($event_name, $data);
|
|
}
|
|
// The purpose of this plugin is to rewrite the main.cf file
|
function update($event_name, $data) {
|
global $app, $conf;
|
|
// get the config
|
$app->uses("getconf,system,tpl");
|
|
|
$old_ini_data = $app->ini_parser->parse_ini_string($data['old']['config']);
|
$xmpp_config = $app->getconf->get_server_config($conf['server_id'], 'xmpp');
|
|
// Global server config
|
$tpl = new tpl();
|
$tpl->newTemplate('metronome_conf_global.master');
|
$tpl->setVar('ipv6', $xmpp_config['xmpp_use_ipv6']=='y'?'true':'false');
|
$tpl->setVar('bosh_timeout', intval($xmpp_config['xmpp_bosh_max_inactivity']));
|
$tpl->setVar('port_http', intval($xmpp_config['xmpp_port_http']));
|
$tpl->setVar('port_https', intval($xmpp_config['xmpp_port_https']));
|
$tpl->setVar('port_pastebin', intval($xmpp_config['xmpp_port_pastebin']));
|
$tpl->setVar('port_bosh', intval($xmpp_config['xmpp_port_bosh']));
|
// Global server admins (for all hosted domains)
|
$admins = '';
|
foreach(explode(',', $xmpp_config['xmpp_server_admins']) AS $a)
|
$admins.= "\t\"".trim($a)."\",\n";
|
$tpl->setVar('server_admins', $admins);
|
unset($admins);
|
// enabled modules, so own modules or simmilar prosody-modules can easily be added
|
$modules = '';
|
foreach(explode(',', $xmpp_config['xmpp_modules_enabled']) AS $m)
|
$modules.= "\t\"".trim($m)."\",\n";
|
$tpl->setVar('modules_enabled', $modules);
|
unset($modules);
|
$app->system->file_put_contents($this->xmpp_config_dir.'/global.cfg.lua', $tpl->grab());
|
unset($tpl);
|
|
$app->services->restartServiceDelayed('metronome', 'restart');
|
return;
|
}
|
|
function domainInsert($event_name, $data) {
|
global $app, $conf;
|
|
$this->domainUpdate($event_name, $data);
|
|
}
|
|
function domainUpdate($event_name, $data){
|
global $app, $conf;
|
|
// get the config
|
$app->uses("getconf,system,tpl");
|
|
// Collections
|
$status_hosts = array($data['new']['domain']);
|
$status_comps = array();
|
|
// Create main host file
|
$tpl = new tpl();
|
$tpl->newTemplate('metronome_conf_host.master');
|
$tpl->setVar('domain', $data['new']['domain']);
|
$tpl->setVar('active', $data['new']['active'] == 'y' ? 'true' : 'false');
|
$tpl->setVar('public_registration', $data['new']['public_registration'] == 'y' ? 'true' : 'false');
|
// Domain admins
|
$admins = array();
|
foreach(explode(',',$data['new']['domain_admins']) AS $adm){
|
$admins[] = trim($adm);
|
}
|
$tpl->setVar('domain_admins', "\t\t\"".implode("\",\n\t\t\"",$admins)."\"\n");
|
|
// Enable / Disable features
|
if($data['new']['use_pubsub']=='y'){
|
$tpl->setVar('use_pubsub', 'true');
|
$status_comps[] = 'pubsub.'.$data['new']['domain'];
|
}else{
|
$tpl->setVar('use_pubsub', 'false');
|
}
|
if($data['new']['use_proxy']=='y'){
|
$tpl->setVar('use_proxy', 'true');
|
$status_comps[] = 'proxy.'.$data['new']['domain'];
|
}else{
|
$tpl->setVar('use_proxy', 'false');
|
}
|
|
if($data['new']['use_anon_host']=='y'){
|
$tpl->setVar('use_anon_host', 'true');
|
$status_hosts[] = 'anon.'.$data['new']['domain'];
|
}else{
|
$tpl->setVar('use_anon_host', 'false');
|
}
|
if($data['new']['use_vjud']=='y'){
|
$tpl->setVar('use_vjud', 'true');
|
$tpl->setVar('vjud_opt_mode', 'opt-'.$data['new']['vjud_opt_mode']);
|
$status_comps[] = 'vjud.'.$data['new']['domain'];
|
}else{
|
$tpl->setVar('use_vjud', 'false');
|
}
|
|
$tpl->setVar('use_muc', $data['new']['use_muc_host']=='y'?'true':'false');
|
if($data['new']['use_muc_host'] == 'y'){
|
$status_comps[] = 'muc.'.$data['new']['domain'];
|
$tpl->setVar('muc_restrict_room_creation', $data['new']['muc_restrict_room_creation']);
|
$tpl->setVar('muc_name', strlen($data['new']['muc_name']) ? $data['new']['muc_name'] : $data['new']['domain'].' Chatrooms');
|
// Admins for MUC channels
|
$admins = array();
|
foreach(explode(',',$data['new']['muc_admins']) AS $adm){
|
$admins[] = trim($adm);
|
}
|
$tpl->setVar('muc_admins', "\t\t\"".implode("\",\n\t\t\"",$admins)."\"\n");
|
$tpl->setVar('use_pastebin', $data['new']['use_pastebin']=='y'?'true':'false');
|
$tpl->setVar('pastebin_expire', intval($data['new']['pastebin_expire_after']));
|
$tpl->setVar('pastebin_trigger', $data['new']['pastebin_trigger']);
|
$tpl->setVar('use_archive', $data['new']['use_http_archive']=='y'?'true':'false');
|
$tpl->setVar('archive_join', $data['new']['http_archive_show_join']=='y'?'true':'false');
|
$tpl->setVar('archive_status', $data['new']['http_archive_show_status']=='y'?'true':'false');
|
|
}
|
|
// Check for SSL
|
if(strlen($data['new']['ssl_cert']) && strlen($data['new']['ssl_key']) && !$this->ssl_certificate_deleted || $this->ssl_certificate_changed)
|
$tpl->setVar('ssl_cert', true);
|
|
$app->system->file_put_contents($this->xmpp_config_dir.'/hosts/'.$data['new']['domain'].'.cfg.lua', $tpl->grab());
|
unset($tpl);
|
|
// Create status host file
|
if($data['new']['use_status_host']=='y'){
|
$tpl = new tpl;
|
$tpl->newTemplate('metronome_conf_status.master');
|
$tpl->setVar('domain', $data['new']['domain']);
|
$tpl->setVar('status_hosts', "\t\t\"".implode("\",\n\t\t\"",$status_hosts)."\"\n");
|
$tpl->setVar('status_comps', "\t\t\"".implode("\",\n\t\t\"",$status_comps)."\"\n");
|
$app->system->file_put_contents($this->xmpp_config_dir.'/status/'.$data['new']['domain'].'.cfg.lua', $tpl->grab());
|
unset($tpl);
|
}
|
|
$app->services->restartServiceDelayed('metronome', 'reload');
|
}
|
|
function domainDelete($event_name, $data){
|
global $app, $conf;
|
|
// get the config
|
$app->uses("system");
|
$domain = $data['old']['domain'];
|
$folder = str_replace('-', '%2d', str_replace('.', '%2e', $str = urlencode($domain)));
|
|
// Remove config files
|
$app->system->unlink("/etc/metronome/hosts/$domain.cfg.lua");
|
$app->system->unlink("/etc/metronome/status/$domain.cfg.lua");
|
$app->system->unlink("/etc/metronome/certs/$domain.cert");
|
$app->system->unlink("/etc/metronome/certs/$domain.key");
|
$app->system->unlink("/etc/metronome/certs/$domain.csr");
|
// Remove all stored data
|
var_dump('rm -rf /var/lib/metronome/'.$folder);
|
exec('rm -rf /var/lib/metronome/'.$folder);
|
exec('rm -rf /var/lib/metronome/*%2e'.$folder);
|
|
$app->services->restartServiceDelayed('metronome', 'reload');
|
}
|
|
function userInsert($event_name, $data){
|
//$data['new']['auth_method']
|
// Check domain for auth settings
|
// Don't allow manual user creation for mailaccount controlled domains
|
|
// maybe metronomectl adduser for new local users
|
}
|
function userUpdate($event_name, $data){
|
// Check domain for auth settings
|
// Don't allow manual user update for mailaccount controlled domains
|
|
// maybe metronomectl passwd for existing local users
|
}
|
function userDelete($event_name, $data){
|
// Check domain for auth settings
|
// Don't allow manual user deletion for mailaccount controlled domains
|
|
// Remove account from metronome
|
exec('metronomectl deluser '.$data['old']['jid']);
|
}
|
|
// Handle the creation of SSL certificates
|
function ssl($event_name, $data) {
|
global $app, $conf;
|
|
$app->uses('system,tpl');
|
|
// load the server configuration options
|
$app->uses('getconf');
|
$web_config = $app->getconf->get_server_config($conf['server_id'], 'web');
|
|
$ssl_dir = '/etc/metronome/certs';
|
$domain = $data['new']['domain'];
|
$cnf_file = $ssl_dir.'/'.$domain.'.cnf';
|
$key_file = $ssl_dir.'/'.$domain.'.key';
|
$csr_file = $ssl_dir.'/'.$domain.'.csr';
|
$crt_file = $ssl_dir.'/'.$domain.'.cert';
|
|
//* Create a SSL Certificate, but only if this is not a mirror server.
|
if($data['new']['ssl_action'] == 'create' && $conf['mirror_server_id'] == 0) {
|
|
$this->ssl_certificate_changed = true;
|
|
//* Rename files if they exist
|
if(file_exists($cnf_file)) $app->system->rename($cnf_file, $cnf_file.'.bak');
|
if(file_exists($key_file)){
|
$app->system->rename($key_file, $key_file.'.bak');
|
$app->system->chmod($key_file.'.bak', 0400);
|
$app->system->chown($key_file.'.bak', 'metronome');
|
}
|
if(file_exists($csr_file)) $app->system->rename($csr_file, $csr_file.'.bak');
|
if(file_exists($crt_file)) $app->system->rename($crt_file, $crt_file.'.bak');
|
|
// Write new CNF file
|
$tpl = new tpl();
|
$tpl->newTemplate('metronome_conf_ssl.master');
|
$tpl->setVar('domain', $domain);
|
$tpl->setVar('ssl_country', $data['new']['ssl_country']);
|
$tpl->setVar('ssl_locality', $data['new']['ssl_locality']);
|
$tpl->setVar('ssl_organisation', $data['new']['ssl_organisation']);
|
$tpl->setVar('ssl_organisation_unit', $data['new']['ssl_organisation_unit']);
|
$tpl->setVar('ssl_email', $data['new']['ssl_email']);
|
$app->system->file_put_contents($cnf_file, $tpl->grab());
|
|
// Generate new key, csr and cert
|
exec("(cd /etc/metronome/certs && make $domain.key)");
|
exec("(cd /etc/metronome/certs && make $domain.csr)");
|
exec("(cd /etc/metronome/certs && make $domain.cert)");
|
|
$ssl_key = $app->system->file_get_contents($key_file);
|
$app->system->chmod($key_file, 0400);
|
$app->system->chown($key_file, 'metronome');
|
$ssl_request = $app->system->file_get_contents($csr_file);
|
$ssl_cert = $app->system->file_get_contents($crt_file);
|
/* Update the DB of the (local) Server */
|
$app->db->query("UPDATE xmpp_domain SET ssl_request = ?, ssl_cert = ?, ssl_key = ? WHERE domain = ?", $ssl_request, $ssl_cert, $ssl_key, $data['new']['domain']);
|
$app->db->query("UPDATE xmpp_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
|
/* Update also the master-DB of the Server-Farm */
|
$app->dbmaster->query("UPDATE xmpp_domain SET ssl_request = ?, ssl_cert = ?, ssl_key = ? WHERE domain = ?", $ssl_request, $ssl_cert, $ssl_key, $data['new']['domain']);
|
$app->dbmaster->query("UPDATE xmpp_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
|
$app->log('Creating XMPP SSL Cert for: '.$domain, LOGLEVEL_DEBUG);
|
}
|
|
//* Save a SSL certificate to disk
|
if($data["new"]["ssl_action"] == 'save') {
|
$this->ssl_certificate_changed = true;
|
|
//* Rename files if they exist
|
if(file_exists($cnf_file)) $app->system->rename($cnf_file, $cnf_file.'.bak');
|
if(file_exists($key_file)){
|
$app->system->rename($key_file, $key_file.'.bak');
|
$app->system->chmod($key_file.'.bak', 0400);
|
$app->system->chown($key_file.'.bak', 'metronome');
|
}
|
if(file_exists($csr_file)) $app->system->rename($csr_file, $csr_file.'.bak');
|
if(file_exists($crt_file)) $app->system->rename($crt_file, $crt_file.'.bak');
|
|
//* Write new ssl files
|
if(trim($data["new"]["ssl_request"]) != '')
|
$app->system->file_put_contents($csr_file, $data["new"]["ssl_request"]);
|
if(trim($data["new"]["ssl_cert"]) != '')
|
$app->system->file_put_contents($crt_file, $data["new"]["ssl_cert"]);
|
|
//* Write the key file, if field is empty then import the key into the db
|
if(trim($data["new"]["ssl_key"]) != '') {
|
$app->system->file_put_contents($key_file, $data["new"]["ssl_key"]);
|
$app->system->chmod($key_file, 0400);
|
$app->system->chown($key_file, 'metronome');
|
} else {
|
$ssl_key = $app->system->file_get_contents($key_file);
|
/* Update the DB of the (local) Server */
|
$app->db->query("UPDATE xmpp_domain SET ssl_key = ? WHERE domain = ?", $ssl_key, $data['new']['domain']);
|
/* Update also the master-DB of the Server-Farm */
|
$app->dbmaster->query("UPDATE xmpp_domain SET ssl_key = '$ssl_key' WHERE domain = ?", $data['new']['domain']);
|
}
|
|
/* Update the DB of the (local) Server */
|
$app->db->query("UPDATE xmpp_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
|
|
/* Update also the master-DB of the Server-Farm */
|
$app->dbmaster->query("UPDATE xmpp_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
|
$app->log('Saving XMPP SSL Cert for: '.$domain, LOGLEVEL_DEBUG);
|
}
|
|
//* Delete a SSL certificate
|
if($data['new']['ssl_action'] == 'del') {
|
$this->ssl_certificate_deleted = true;
|
$app->system->unlink($csr_file);
|
$app->system->unlink($crt_file);
|
$app->system->unlink($key_file);
|
$app->system->unlink($cnf_file);
|
$app->system->unlink($csr_file.'.bak');
|
$app->system->unlink($crt_file.'.bak');
|
$app->system->unlink($key_file.'.bak');
|
$app->system->unlink($cnf_file.'.bak');
|
/* Update the DB of the (local) Server */
|
$app->db->query("UPDATE xmpp_domain SET ssl_request = '', ssl_cert = '', ssl_key = '' WHERE domain = ?", $data['new']['domain']);
|
$app->db->query("UPDATE xmpp_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
|
/* Update also the master-DB of the Server-Farm */
|
$app->dbmaster->query("UPDATE xmpp_domain SET ssl_request = '', ssl_cert = '', ssl_key = '' WHERE domain = ?", $data['new']['domain']);
|
$app->dbmaster->query("UPDATE xmpp_domain SET ssl_action = '' WHERE domain = ?", $data['new']['domain']);
|
$app->log('Deleting SSL Cert for: '.$domain, LOGLEVEL_DEBUG);
|
}
|
|
}
|
|
} // end class
|
|
?>
|
