mirror of
https://github.com/webmin/webmin.git
synced 2025-07-21 23:40:34 +00:00
193 lines
4.7 KiB
Perl
Executable File
193 lines
4.7 KiB
Perl
Executable File
#!/usr/local/bin/perl
|
|
# save_stunnel.cgi
|
|
# Save, create or delete an SSL tunnel
|
|
|
|
require './stunnel-lib.pl';
|
|
&ReadParse();
|
|
&error_setup($text{'save_err'});
|
|
|
|
if ($in{'idx'} ne '') {
|
|
@stunnels = &list_stunnels();
|
|
$st = $stunnels[$in{'idx'}];
|
|
%old = %$st;
|
|
}
|
|
|
|
if ($in{'delete'}) {
|
|
# Just delete from inetd.conf and xinetd.conf
|
|
&lock_file($st->{'file'});
|
|
if (&get_stunnel_version(\$dummy) >= 4) {
|
|
if ($st->{'args'} =~ /^(\S+)\s+(\S+)/) {
|
|
$cfile = $2;
|
|
if ($cfile =~ /^\Q$module_config_directory\E\//) {
|
|
&lock_file($cfile);
|
|
unlink($cfile);
|
|
}
|
|
}
|
|
}
|
|
&delete_stunnel($st);
|
|
}
|
|
else {
|
|
# Validate inputs
|
|
$in{'name'} =~ /^[A-z][A-z0-9\_\-]+$/ || &error($text{'save_ename'});
|
|
$in{'port'} =~ /^\d+$/ || &error($text{'save_eport'});
|
|
if ($in{'pmode'} == 2) {
|
|
-r $in{'pem'} || &error(&text('save_epem', $in{'pem'}));
|
|
}
|
|
if (!$in{'tcpw_def'}) {
|
|
$in{'tcpw'} =~ /^\S+$/ || &error($text{'save_etcpw'});
|
|
}
|
|
if (!$in{'iface_def'}) {
|
|
&to_ipaddress($in{'iface'}) || &to_ip6address($in{'iface'}) ||
|
|
&error($text{'save_eiface'});
|
|
}
|
|
if ($in{'mode'} == 0 || $in{'mode'} == 1) {
|
|
# Running a command
|
|
$cmd = $in{'mode'} == 0 ? $in{'cmd0'} : $in{'cmd1'};
|
|
$args = $in{'mode'} == 0 ? $in{'args0'} : $in{'args1'};
|
|
&has_command($cmd) || &error($text{'save_ecmd'});
|
|
}
|
|
else {
|
|
# Connecting to remote host and port
|
|
&to_ipaddress($in{'rhost'}) || &to_ip6address($in{'rhost'}) ||
|
|
&error($text{'save_erhost'});
|
|
$in{'rport'} =~ /^\d+$/ || &error($text{'save_erport'});
|
|
}
|
|
|
|
# Create inetd/xinetd config
|
|
if (&get_stunnel_version(\$dummy) >= 4) {
|
|
# New-style args format
|
|
if ($in{'new'}) {
|
|
$cfile = "$module_config_directory/$in{'name'}.conf";
|
|
unlink($cfile);
|
|
$conf = { };
|
|
$st = { 'args' => "$stunnel_shortname $cfile",
|
|
'command' => $config{'stunnel_path'},
|
|
'type' => $in{'type'} };
|
|
}
|
|
else {
|
|
if ($st->{'args'} =~ /^(\S+)\s+(\S+)/) {
|
|
$cfile = $2;
|
|
@conf = &get_stunnel_config($cfile);
|
|
($conf) = grep { !$_->{'name'} } @conf;
|
|
}
|
|
}
|
|
$st->{'name'} = $in{'name'};
|
|
$st->{'port'} = $in{'port'};
|
|
$st->{'active'} = $in{'active'};
|
|
if ($in{'pmode'} == 1) {
|
|
$conf->{'values'}->{'cert'} = $webmin_pem;
|
|
}
|
|
elsif ($in{'pmode'} == 2) {
|
|
$conf->{'values'}->{'cert'} = $in{'pem'};
|
|
}
|
|
else {
|
|
delete($conf->{'values'}->{'cert'});
|
|
}
|
|
$conf->{'values'}->{'client'} = $in{'cmode'} ? 'yes' : 'no';
|
|
if (!$in{'tcpw_def'}) {
|
|
$conf->{'values'}->{'service'} = $in{'tcpw'};
|
|
}
|
|
else {
|
|
delete($conf->{'values'}->{'service'});
|
|
}
|
|
if (!$in{'iface_def'}) {
|
|
$conf->{'values'}->{'local'} = $in{'iface'};
|
|
}
|
|
else {
|
|
delete($conf->{'values'}->{'local'});
|
|
}
|
|
if ($in{'mode'} == 0 || $in{'mode'} == 1) {
|
|
# Running a command
|
|
$conf->{'values'}->{'exec'} = $cmd;
|
|
$conf->{'values'}->{'execargs'} = $args if ($args);
|
|
$conf->{'values'}->{'pty'} = $in{'mode'} ? 'yes' : 'no';
|
|
delete($conf->{'values'}->{'connect'});
|
|
}
|
|
else {
|
|
# Connecting to remote host and port
|
|
if ($in{'rhost'} eq 'localhost') {
|
|
$conf->{'values'}->{'connect'} = $in{'rport'};
|
|
}
|
|
else {
|
|
$conf->{'values'}->{'connect'} =
|
|
"$in{'rhost'}:$in{'rport'}";
|
|
}
|
|
delete($conf->{'values'}->{'exec'});
|
|
delete($conf->{'values'}->{'execargs'});
|
|
delete($conf->{'values'}->{'pty'});
|
|
}
|
|
|
|
# Save this stunnel config file
|
|
if ($in{'new'}) {
|
|
&create_stunnel_service($conf, $cfile);
|
|
}
|
|
else {
|
|
&modify_stunnel_service($conf, $cfile);
|
|
}
|
|
}
|
|
else {
|
|
# Old-style args format
|
|
if ($in{'new'}) {
|
|
$st = { 'args' => $stunnel_shortname,
|
|
'command' => $config{'stunnel_path'},
|
|
'type' => $in{'type'} };
|
|
}
|
|
else {
|
|
$st->{'args'} = $in{'args'};
|
|
}
|
|
$st->{'name'} = $in{'name'};
|
|
$st->{'port'} = $in{'port'};
|
|
$st->{'active'} = $in{'active'};
|
|
if ($in{'pmode'} == 1) {
|
|
$st->{'args'} .= " -p $webmin_pem";
|
|
}
|
|
elsif ($in{'pmode'} == 2) {
|
|
$st->{'args'} .= " -p $in{'pem'}";
|
|
}
|
|
if ($in{'cmode'}) {
|
|
$st->{'args'} .= " -c";
|
|
}
|
|
if (!$in{'tcpw_def'}) {
|
|
$st->{'args'} .= " -N $in{'tcpw'}";
|
|
}
|
|
if (!$in{'iface_def'}) {
|
|
$st->{'args'} .= " -I $in{'iface'}";
|
|
}
|
|
if ($in{'mode'} == 0 || $in{'mode'} == 1) {
|
|
# Running a command
|
|
if ($in{'mode'} == 0) {
|
|
$st->{'args'} .= " -l $cmd";
|
|
}
|
|
else {
|
|
$st->{'args'} .= " -L $cmd";
|
|
}
|
|
if ($args) {
|
|
$st->{'args'} .= " -- $args";
|
|
}
|
|
}
|
|
else {
|
|
# Connecting to remote host and port
|
|
if ($in{'rhost'} eq 'localhost') {
|
|
$st->{'args'} .= " -r $in{'rport'}";
|
|
}
|
|
else {
|
|
$st->{'args'} .=" -r $in{'rhost'}:$in{'rport'}";
|
|
}
|
|
}
|
|
}
|
|
|
|
if ($in{'new'}) {
|
|
&lock_create_file();
|
|
&create_stunnel($st);
|
|
}
|
|
else {
|
|
&lock_file($old{'file'});
|
|
&modify_stunnel(\%old, $st);
|
|
}
|
|
}
|
|
&unlock_all_files();
|
|
&webmin_log($in{'delete'} ? "delete" : $in{'new'} ? "create" : "modify",
|
|
"stunnel", $st->{'name'}, $st);
|
|
&redirect("");
|
|
|