From 0a466dfd65c07d4bf8c61c0e98c536c0f0b65ec1 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Tue, 23 Oct 2007 11:07:59 -0400
Subject: [PATCH] Added SSL website support.

---
 server/plugins-enabled/apache2_plugin.inc.php |  137 +++++++++++++++++++++++++++++++++++++++++++--
 1 files changed, 131 insertions(+), 6 deletions(-)

diff --git a/server/plugins-enabled/apache2_plugin.inc.php b/server/plugins-enabled/apache2_plugin.inc.php
index 520bcb7..1d4533e 100644
--- a/server/plugins-enabled/apache2_plugin.inc.php
+++ b/server/plugins-enabled/apache2_plugin.inc.php
@@ -45,6 +45,12 @@
 		Register for the events
 		*/
 		
+		
+		
+		$app->plugins->registerEvent('web_domain_insert',$this->plugin_name,'ssl');
+		$app->plugins->registerEvent('web_domain_update',$this->plugin_name,'ssl');
+		$app->plugins->registerEvent('web_domain_delete',$this->plugin_name,'ssl');
+		
 		$app->plugins->registerEvent('web_domain_insert',$this->plugin_name,'insert');
 		$app->plugins->registerEvent('web_domain_update',$this->plugin_name,'update');
 		$app->plugins->registerEvent('web_domain_delete',$this->plugin_name,'delete');
@@ -54,6 +60,100 @@
 		$app->plugins->registerEvent('server_ip_delete',$this->plugin_name,'server_ip');
 		
 	}
+	
+	// Handle the creation of SSL certificates
+	function ssl($event_name,$data) {
+		global $app, $conf;
+		
+		if(!is_dir($data["new"]["document_root"]."/ssl")) exec("mkdir -p ".$data["new"]["document_root"]."/ssl");
+		$ssl_dir = $data["new"]["document_root"]."/ssl";
+		$domain = $data["new"]["domain"];
+		$key_file = $ssl_dir.'/'.$domain.".key.org";
+  		$key_file2 = $ssl_dir.'/'.$domain.".key";
+  		$csr_file = $ssl_dir.'/'.$domain.".csr";
+  		$crt_file = $ssl_dir.'/'.$domain.".crt";
+		
+		//* Create a SSL Certificate
+		if($data["new"]["ssl_action"] == 'create') {
+			$rand_file = $ssl_dir."/random_file";
+    		$rand_data = md5(uniqid(microtime(),1));
+    		for($i=0; $i<1000; $i++){
+    			$rand_data .= md5(uniqid(microtime(),1));
+    			$rand_data .= md5(uniqid(microtime(),1));
+    			$rand_data .= md5(uniqid(microtime(),1));
+    			$rand_data .= md5(uniqid(microtime(),1));
+    		}
+    		file_put_contents($rand_file, $rand_data);
+
+    		$ssl_password = substr(md5(uniqid(microtime(),1)), 0, 15);
+			
+			$ssl_cnf = "        RANDFILE               = $rand_file
+
+        [ req ]
+        default_bits           = 1024
+        default_keyfile        = keyfile.pem
+        distinguished_name     = req_distinguished_name
+        attributes             = req_attributes
+        prompt                 = no
+        output_password        = $ssl_password
+
+        [ req_distinguished_name ]
+        C                      = $data[new][ssl_country]
+        ST                     = $data[new][ssl_state]
+        L                      = $data[new][ssl_locality]
+        O                      = $data[new][ssl_organisation]
+        OU                     = $data[new][ssl_organisation_unit]
+        CN                     = $domain
+        emailAddress           = webmatser@$data[new][domain]
+
+        [ req_attributes ]
+        challengePassword              = A challenge password";
+			
+			$ssl_cnf_file = $ssl_dir."/openssl.conf";
+			file_get_contents($ssl_cnf_file,$ssl_cnf);
+			
+			$rand_file = escapeshellcmd($rand_file);
+			$key_file = escapeshellcmd($key_file);
+			$key_file2 = escapeshellcmd($key_file2);
+			$ssl_days = 3650;
+			$csr_file = escapeshellcmd($csr_file);
+			$config_file = escapeshellcmd($config_file);
+			$crt_file escapeshellcmd($crt_file);
+
+        	if(is_file($ssl_cnf_file)){
+          		exec("openssl genrsa -des3 -rand $rand_file \
+				-passout pass:$ssl_password \
+				-out $key_file 1024 \
+				&& openssl req -new -passin pass:$ssl_password \
+				-passout pass:$ssl_password -key $key_file \
+				-out $csr_file -days $ssl_days \
+				-config $config_file \
+				&& openssl req -x509 -passin pass:$ssl_password \
+				-passout pass:$ssl_password \
+				-key $key_file -in $csr_file \
+				-out $crt_file -days $ssl_days \
+				-config $config_file \
+				&& openssl rsa -passin pass:$ssl_password \
+				-in $key_file \
+				-out $key_file2");
+        	}
+
+    		exec("chmod 400 $key_file2");
+    		exec("rm -f $config_file");
+    		exec("rm -f $rand_file");
+    		$ssl_request = file_get_contents($csr_file);
+    		$ssl_cert = file_get_contents($crt_file);
+    		$mod->db->query("UPDATE web_domain SET ssl_request = '$ssl_request', ssl_cert = '$ssl_cert' WHERE domain = '".$data["new"]["domain"]."'");
+		}
+		
+		//* Save a SSL certificate to disk
+		if($data["new"]["ssl_action"] == 'save') {
+			
+		}
+		
+		
+	}
+	
 	
 	function insert($event_name,$data) {
 		global $app, $conf;
@@ -109,12 +209,17 @@
 		$client_id = intval($client["client_id"]);
 		unset($client);
 		$tmp_symlinks_array = explode(':',$web_config["website_symlinks"]);
-		foreach($tmp_symlinks_array as $tmp_symlink) {
-			$tmp_symlink = str_replace("[client_id]",$client_id,$tmp_symlink);
-			$tmp_symlink = str_replace("[website_domain]",$data["new"]["domain"],$tmp_symlink);
-			if(!is_link($tmp_symlink)) {
-				exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink));
-				$app->log("Creating Symlink: ln -s ".$data["new"]["document_root"]."/ ".$tmp_symlink,LOGLEVEL_DEBUG);
+		if(is_array($tmp_symlinks_array)) {
+			foreach($tmp_symlinks_array as $tmp_symlink) {
+				$tmp_symlink = str_replace("[client_id]",$client_id,$tmp_symlink);
+				$tmp_symlink = str_replace("[website_domain]",$data["new"]["domain"],$tmp_symlink);
+				// Remove trailing slash
+				if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
+				// create the symlinks, if not exist
+				if(!is_link($tmp_symlink)) {
+					exec("ln -s ".escapeshellcmd($data["new"]["document_root"])."/ ".escapeshellcmd($tmp_symlink));
+					$app->log("Creating Symlink: ln -s ".$data["new"]["document_root"]."/ ".$tmp_symlink,LOGLEVEL_DEBUG);
+				}
 			}
 		}
 		
@@ -239,6 +344,26 @@
 		if($docroot != '' && !stristr($docroot,'..')) exec("rm -rf $docroot");
 		$app->log("Removing website: $docroot",LOGLEVEL_DEBUG);
 		
+		// Delete the symlinks for the sites
+		$client = $app->db->queryOneRecord("SELECT client_id FROM sys_group WHERE sys_group.groupid = ".intval($data["old"]["sys_groupid"]));
+		$client_id = intval($client["client_id"]);
+		unset($client);
+		$tmp_symlinks_array = explode(':',$web_config["website_symlinks"]);
+		if(is_array($tmp_symlinks_array)) {
+			foreach($tmp_symlinks_array as $tmp_symlink) {
+				$tmp_symlink = str_replace("[client_id]",$client_id,$tmp_symlink);
+				$tmp_symlink = str_replace("[website_domain]",$data["old"]["domain"],$tmp_symlink);
+				// Remove trailing slash
+				if(substr($tmp_symlink, -1, 1) == '/') $tmp_symlink = substr($tmp_symlink, 0, -1);
+				// create the symlinks, if not exist
+				if(is_link($tmp_symlink)) {
+					unlink($tmp_symlink));
+					$app->log("Removing symlink: ".$tmp_symlink,LOGLEVEL_DEBUG);
+				}
+			}
+		}
+		// end removing symlinks
+		
 	}
 	
 	//* This function is called when a IP on the server is inserted, updated or deleted

--
Gitblit v1.9.1