VladPolskiy/webmin
1
0
Fork 0
mirror of https://github.com/webmin/webmin.git synced 2025-07-23 00:30:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c8c6c3e40f9f39d509bedb769c5f93f4881342d4
webmin/mysql/save_ssl.cgi
Jamie Cameron c9c672a6a7 Fix permissions fix
2023-04-04 21:52:47 -07:00

78 lines
2.0 KiB
Perl
Executable File
Raw Blame History

#!/usr/local/bin/perl
# Save SSL options
require './mysql-lib.pl';
$access{'perms'} == 1 || &error($text{'cnf_ecannot'});
&error_setup($text{'ssl_err'});
&ReadParse();
# Get the mysqld section
foreach my $l (&get_all_mysqld_files()) {
&lock_file($l);
}
$conf = &get_mysql_config();
($mysqld) = grep { $_->{'name'} eq 'mysqld' } @$conf;
$mysqld || &error($text{'cnf_emysqld'});
if ($in{'gen'}) {
# Generate new SSL cert and key in new files
my $dir = $config{'my_cnf'};
$dir =~ s/\/([^\/]+)$//;
my $cert = $dir."/mysql-ssl.cert";
-r $cert && &error(&text('ssl_ecertexists', $cert));
my $key = $dir."/mysql-ssl.key";
-r $key && &error(&text('ssl_ekeyexists', $key));
&foreign_require("webmin");
$opts = { 'commonName_def' => 1,
'size_def' => 1,
'days' => 1825,
'countryName' => 'US' };
$err = &webmin::parse_ssl_key_form($opts, $key, $cert);
&error($err) if ($err);
&save_directive($conf, $mysqld, "ssl_cert", [ $cert ]);
&save_directive($conf, $mysqld, "ssl_key", [ $key ]);
my $myuser = &find_value("user", $mysqld->{'members'});
$myuser ||= 'mysql';
&set_ownership_permissions($myuser, undef, 0600, $key, $cert);
}
else {
# Save SSL options
my $cert = [ ];
if (!$in{'cert_def'}) {
-r $in{'cert'} || &error($text{'ssl_ecert'});
$cert = [ $in{'cert'} ];
}
&save_directive($conf, $mysqld, "ssl_cert", $cert);
my $key = [ ];
if (!$in{'key_def'}) {
-r $in{'key'} || &error($text{'ssl_ekey'});
$key = [ $in{'key'} ];
}
&save_directive($conf, $mysqld, "ssl_key", $key);
my $ca = [ ];
if (!$in{'ca_def'}) {
-r $in{'ca'} || &error($text{'ssl_eca'});
$ca = [ $in{'ca'} ];
}
&save_directive($conf, $mysqld, "ssl_ca", $ca);
&save_directive($conf, $mysqld, "require_secure_transport",
$in{'req'} ? [ "on" ] : [ ]);
}
# Write out file
foreach my $l (&get_all_mysqld_files()) {
&flush_file_lines($l, undef, 1);
&unlock_file($l);
}
if (($in{'restart'} || $in{'gen'}) && &is_mysql_running() > 0) {
&stop_mysql();
$err = &start_mysql();
&error($err) if ($err);
}
&webmin_log($in{'gen'} ? "genssl" : "ssl");
&redirect("");
Reference in New Issue View Git Blame Copy Permalink