kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

[enh] Importing API and SSL from branches

This commit is contained in:
Benjamin Sonntag 2015-05-07 17:29:43 +02:00
parent 5b6ba099c8
commit 080bf49df5
66 changed files with 16411 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
api/Makefile Normal file
View File

@ -0,0 +1,26 @@
# ----------------------------------------------------------------------
# LICENSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License (GPL)
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# To read the license please visit http://www.gnu.org/copyleft/gpl.html
# ----------------------------------------------------------------------
# Purpose of file: Install the files of alternc-api package
# ----------------------------------------------------------------------
install:
install -m 0644 -g root -o root api.conf $(DESTDIR)/etc/alternc/apache-panel.d
install -m 0644 api.sql $(DESTDIR)/usr/share/alternc/
install -m 0644 -g 1999 -o root panel/* $(DESTDIR)/usr/share/alternc/panel/admin/api/
install -m 0644 ../lib/Alternc/Api/*.php $(DESTDIR)/usr/share/php/Alternc/Api/
install -m 0644 ../lib/Alternc/Api/Auth/*.php $(DESTDIR)/usr/share/php/Alternc/Api/Auth/
install -m 0644 ../lib/Alternc/Api/Object/*.php $(DESTDIR)/usr/share/php/Alternc/Api/Object/

9
api/api.conf Normal file
View File

@ -0,0 +1,9 @@
# apache configuration to add the API at /api/ in any panel
# put this into /etc/alternc/apache-panel.d
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule /api/(.*) /api/index.php [L]

23
api/api.sql Normal file
View File

@ -0,0 +1,23 @@
-- used by Alternc_Api_Auth_Sharedsecret
CREATE TABLE IF NOT EXISTS `sharedsecret` (
`uid` int(10) unsigned NOT NULL,
`secret` varchar(32) NOT NULL,
`application` varchar(255) NOT NULL,
PRIMARY KEY (`uid`,`secret`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='Shared secrets used by Alternc_Api_Auth_Sharedsecret';
-- used by Alternc_Api_Token
CREATE TABLE IF NOT EXISTS `token` (
`token` varchar(32) NOT NULL,
`expire` datetime NOT NULL,
`data` text NOT NULL,
PRIMARY KEY (`token`),
KEY `expire` (`expire`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='Tokens used by API callers';

91
api/panel/bootstrap.php Normal file
View File

@ -0,0 +1,91 @@
<?php
/* Global variables (AlternC configuration) */
require_once("/usr/share/alternc/panel/class/local.php");
// Define constants from vars of /etc/alternc/local.sh
// The you can't choose where is the AlternC Panel
define('ALTERNC_MAIL', "$L_ALTERNC_MAIL");
define('ALTERNC_HTML', "$L_ALTERNC_HTML");
if(isset($L_ALTERNC_LOGS_ARCHIVE))
define('ALTERNC_LOGS_ARCHIVE', "$L_ALTERNC_LOGS_ARCHIVE");
define('ALTERNC_LOGS', "$L_ALTERNC_LOGS");
define('ALTERNC_PANEL', "/usr/share/alternc/panel");
define('ALTERNC_LOCALES', ALTERNC_PANEL."/locales");
define('ALTERNC_LOCK_JOBS', '/var/run/alternc/jobs-lock');
define('ALTERNC_LOCK_PANEL', '/var/lib/alternc/panel/nologin.lock');
/* PHPLIB inclusions : */
$root=ALTERNC_PANEL."/";
require_once($root."class/db_mysql.php");
require_once($root."class/functions.php");
global $L_MYSQL_HOST,$L_MYSQL_DATABASE,$L_MYSQL_LOGIN,$L_MYSQL_PWD,$db,$dbh;
class DB_system extends DB_Sql {
var $Host,$Database,$User,$Password;
/**
* Creator
*/
function DB_system() {
global $L_MYSQL_HOST,$L_MYSQL_DATABASE,$L_MYSQL_LOGIN,$L_MYSQL_PWD;
$this->Host = $L_MYSQL_HOST;
$this->Database = $L_MYSQL_DATABASE;
$this->User = $L_MYSQL_LOGIN;
$this->Password = $L_MYSQL_PWD;
}
}
// we do both:
$db= new DB_system();
$dbh = new PDO("mysql:host=".$L_MYSQL_HOST.";dbname=".$L_MYSQL_DATABASE, $L_MYSQL_LOGIN,$L_MYSQL_PWD,
array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES UTF8;")
);
// Current User ID = the user whose commands are made on behalf of.
$cuid=0;
$classes=array();
/* CLASSES PHP : automatic include : */
$c=opendir($root."class/");
while ($di=readdir($c)) {
if (preg_match("#^m_(.*)\\.php$#",$di,$match)) { // $
$name1="m_".$match[1];
$name2=$match[1];
$classes[]=$name2;
require_once($root."class/".$name1.".php");
}
}
closedir($c);
/* THE DEFAULT CLASSES ARE :
dom, ftp, mail, quota, bro, admin, mem, mysql, err
*/
/* Language */
//include_once("../../class/lang_env.php");
// Adaptation to BOTH version of the variables managed by AlternC 1/3/4
if (is_file($root."/class/variables.php")) {
require_once($root."/class/variables.php");
} else {
$variables=new m_variables();
}
$mem=new m_mem();
$err=new m_err();
$authip=new m_authip();
$hooks=new m_hooks();
for($i=0;$i<count($classes);$i++) {
$name2=$classes[$i];
if (isset($$name2)) continue; // for already instancied class like mem, err or authip
$name1="m_".$name2;
$$name2= new $name1();
}

196
api/panel/index.php Normal file
View File

@ -0,0 +1,196 @@
<?php
/**
* multiple call-mode API for Alternc
* you can call this HTTP(s) API as follow:
* from the base url https://panel.example.fr/api/
* 1. /api/post use GETted data (?token=xx&object=xx&action=yy&option1=value1&option2=value2
* 2. /api/post use POSTED json data using the same keys
* 3. use a sub-url (rest-style) of the form /api/rest/object/action?token=xx&option1=value1&option2=value2
* 4. the same (REST) but options and value are POSTED
*
* the json-object contains:
* ->object = the Alternc_Api_Object_<classname> to call
* ->action = the method to call in this class
* ->options = an object passed as it is while calling the method.
*
* Authentication is done by asking for /api/auth/<method>?option1=value1&option2=value2
* or POSTED data
* a token is returned for this session
* Use /api/auth to know which method you can use and what parameter they expect
* @todo add HTML pages that will self-document this API
*/
// bootstrap AlternC
require_once("bootstrap.php");
/**
* Attempts to load a class in multiple path, the PSR-0 or old style way
*
* @staticvar array $srcPathList
* @staticvar boolean $init
* @param string $class_name
* @return boolean
*/
function __autoload($class_name) {
// Contains (Namespace) => directory
static $srcPathList = array();
static $init = null;
// Attempts to set include path and directories once
if (is_null($init)) {
// Sets init flag
$init = true;
// Sets a contextual directory
$srcPathList["standard"] = "/usr/share/php";
// Updates include_path according to this list
$includePathList = explode(PATH_SEPARATOR, get_include_path());
foreach ($srcPathList as $path) {
if (!in_array($path, $includePathList)) {
$includePathList[] = $path;
}
}
// Reverses the path for search efficiency
$finalIncludePathList = array_reverse($includePathList);
// Sets the updated include_path
set_include_path(implode(PATH_SEPARATOR, $finalIncludePathList));
}
// Accepts old Foo_Bar namespacing
if (preg_match("/_/", $class_name)) {
$file_name = str_replace('_', DIRECTORY_SEPARATOR, $class_name) . '.php';
// Accepts 5.3 Foo\Bar PSR-0 namespacing
} else if (preg_match("/\\/", $class_name)) {
$file_name = str_replace('\\', DIRECTORY_SEPARATOR, ltrim($class_name, '\\')) . '.php';
// Accepts non namespaced classes
} else {
$file_name = $class_name . '.php';
}
// Attempts to find file in namespace
foreach ($srcPathList as $namespace => $path) {
$file_path = $path . DIRECTORY_SEPARATOR . $file_name;
if (is_file($file_path) && is_readable($file_path)) {
require $file_path;
return true;
}
}
// Failed to find file
return false;
}
function apicall($data, $token) {
global $dbh;
$options["databaseAdapter"] = $dbh;
$options["loginAdapterList"] = array("sharedsecret", "login");
// TODO (no loggerAdapter PSR3-Interface-compliant class as of now)
try {
$data["token_hash"] = $token;
$service = new Alternc_Api_Service($options);
$response = $service->call(
new Alternc_Api_Request($data)
);
header("Content-Type: application/json");
echo $response->toJson();
exit();
} catch (Exception $e) {
// something went wrong, we spit out the exception as an Api_Response
// TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception !
header("Content-Type: application/json");
$response = new Alternc_Api_Response(array("code" => $e->getCode(), "message" => $e->getMessage()));
echo $response->toJson();
exit();
}
}
function apiauth($data) {
global $dbh;
$options["databaseAdapter"] = $dbh;
// TODO (no loggerAdapter PSR3-Interface-compliant class as of now)
try {
$service = new Alternc_Api_Service($options);
$response = $service->auth($data);
header("Content-Type: application/json");
echo $response->toJson();
exit();
} catch (Exception $e) {
// something went wrong, we spit out the exception as an Api_Response
// TODO : Don't do that on production! spit out a generic "fatal error" code and LOG the exception !
header("Content-Type: application/json");
$response = new Alternc_Api_Response(array("code" => $e->code, "message" => $e->message));
echo $response->toJson();
exit();
}
}
/**
* Main code: either we are authenticating
* or calling one of the APIs
* or asking for some documentation
*/
// Authentication
if (preg_match("#^/api/auth/([^/\?]*)[/\?]?#", $_SERVER["REQUEST_URI"], $mat)) {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$data = array("options" => $_POST,
"method" => $mat[1]);
apiauth($data);
exit();
} else {
$data = array("options" => $_GET,
"method" => $mat[1]);
apiauth($data);
exit();
}
}
// We support 4 api calls methods:
if ($_SERVER["REQUEST_URI"] == "/api/post") {
// simple ?q or POST of json data
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$data = array("options" => $_POST,
"object" => $_POST["object"],
"action" => $_POST["action"],
);
$token = $_POST["token"];
apicall($data, $token);
exit();
} else {
$data = array("options" => $_GET,
"object" => $_GET["object"],
"action" => $_GET["action"],
);
$token = $_GET["token"];
apicall($data, $token);
exit();
}
}
if (preg_match("#^/api/rest/([^/]*)/([^/\?]*)[/\?]?#", $_SERVER["REQUEST_URI"], $mat)) {
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$data = array("options" => $_POST,
"object" => $mat[1],
"action" => $mat[2]
);
$token = $_POST["token"];
apicall($data, $token);
exit();
} else {
$data = array("options" => $_GET,
"object" => $mat[1],
"action" => $mat[2]
);
$token = $_GET["token"];
apicall($data, $token);
exit();
}
}
echo "I did nothing. Did you call the api properly?";

4
debian/alternc-api.dirs vendored Normal file
View File

@ -0,0 +1,4 @@
etc/alternc/apache-panel.d
usr/share/alternc/panel/admin/api
usr/share/php/Alternc/Api/Auth
usr/share/php/Alternc/Api/Object

36
debian/alternc-api.postinst vendored Normal file
View File

@ -0,0 +1,36 @@
#!/bin/bash -e
case "$1" in
configure)
echo "Installing mysql table"
mysql --defaults-file=/etc/alternc/my.cnf \
</usr/share/alternc/api.sql || true
# Refresh apache configuration
# configure /etc/alternc/templates/apache/httpd.conf
# configure /etc/alternc/templates/apache-ssl/httpd.conf
echo -e "\033[31m**********************************************"
echo "* ALTERNC-API ACTION REQUESTED *"
echo "* *"
echo "* Please run alternc.install to fully deploy *"
echo "**********************************************"
echo -e "\033[0m"
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
# vim: et sw=4

5
debian/alternc-ssl.cron.d vendored Normal file
View File

@ -0,0 +1,5 @@
@reboot root mkdir -p /var/run/alternc-ssl && chown alterncpanel:alterncpanel /var/run/alternc-ssl
# in case incron didn't work, fix ssl aliases every hour:
44 * * * * root /usr/lib/alternc/ssl_alias_manager.sh

20
debian/alternc-ssl.dirs vendored Normal file
View File

@ -0,0 +1,20 @@
etc/alternc/templates/apache2/mods-available
etc/apache2/conf.d
usr/lib/alternc/install.d
usr/share/alternc/install
usr/share/doc/alternc-ssl
usr/share/alternc/panel/admin/images
usr/share/alternc/panel/admin/styles
usr/share/alternc/panel/class
usr/share/alternc/panel/locales/en_US/LC_MESSAGES
usr/share/alternc/panel/locales/fr_FR/LC_MESSAGES
usr/share/alternc/panel/locales/it_IT/LC_MESSAGES
usr/share/alternc/panel/locales/nl_NL/LC_MESSAGES
usr/share/alternc/panel/locales/de_DE/LC_MESSAGES
usr/share/alternc/panel/locales/pt_BR/LC_MESSAGES
usr/share/alternc/panel/locales/es_ES/LC_MESSAGES
var/lib/alternc/backups
etc/alternc/functions_hosting
etc/incron.d
usr/share/php/Alternc/Api/Object
var/lib/alternc/ssl/private

46
debian/alternc-ssl.postinst vendored Executable file
View File

@ -0,0 +1,46 @@
#!/bin/bash -e
. /usr/share/debconf/confmodule
CONFIGFILE="/etc/alternc/local.sh"
case "$1" in
configure)
. "$CONFIGFILE"
# Then, configure the quota for "ssl"
/usr/lib/alternc/quota_init ssl 0
echo "Installing mysql table"
mysql --defaults-file=/etc/alternc/my.cnf -f < /usr/share/alternc/install/ssl.sql || true
echo "installing required apache modules"
a2enmod ssl
echo "$2" >/var/lib/alternc/backups/alternc-ssl-lastversion
echo -e "\033[31m**********************************************"
echo "* *"
echo "* ALTERNC-SSL ACTION REQUESTED *"
echo "* *"
echo "* Please run alternc.install to fully deploy *"
echo "* Then change your quota to activate SSL Cert*"
echo "* *"
echo "**********************************************"
echo -e "\033[0m"
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#
# vim: et sw=4

36
debian/alternc-ssl.postrm vendored Executable file
View File

@ -0,0 +1,36 @@
#!/bin/sh -e
CONFIGFILE="/etc/alternc/my.cnf"
MENUFILE="/etc/alternc/menulist.txt"
case "$1" in
remove)
# TODO : we don't purge *-ssl vhosts or *-ssl templates, they may break the hosting ...
if [ -e "$CONFIGFILE" -a -x "/usr/bin/mysql" ]; then
mysql --defaults-file=${CONFIGFILE} -f -e "DELETE FROM domaines_type WHERE name IN ('vhost-ssl','vhost-mixssl','roundcube-ssl','squirrelmail-ssl','panel-ssl','php52-ssl','php52-mixssl');"
mysql --defaults-file=${CONFIGFILE} -f -e "UPDATE sub_domaines SET web_action='DELETE' WHERE type IN ('vhost-ssl','vhost-mixssl','roundcube-ssl','squirrelmail-ssl','panel-ssl','php52-ssl','php52-mixssl');"
fi
echo -e "\033[31m**********************************************"
echo "* *"
echo "* ALTERNC-SSL ACTION REQUESTED *"
echo "* *"
echo "* Please run alternc.install to fully remove *"
echo "* *"
echo "**********************************************"
echo -e "\033[0m"
;;
purge)
# Purge the certificate and alias table:
if [ -e "$CONFIGFILE" -a -x "/usr/bin/mysql" ]; then
mysql --defaults-file=${CONFIGFILE} -f -e "DROP TABLE IF EXISTS certificate;"
mysql --defaults-file=${CONFIGFILE} -f -e "DROP TABLE IF EXISTS certif_alias;"
mysql --defaults-file=${CONFIGFILE} -f -e "DROP TABLE IF EXISTS certif_hosts;"
fi
;;
esac
# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.
#DEBHELPER#

26
lib/Alternc/Api/Auth/Interface.php Normal file
View File

@ -0,0 +1,26 @@
<?php
/**
* Authentication API used by server to authenticate a user using a
* specific method.
*/
interface Alternc_Api_Auth_Interface {
/**
* contructor :
* $service is an Alternc_Api_Service object having a getDb() method
*/
function __construct($service);
/**
* auth takes options specific to the auth itself
* returns an Alternc_Api_Token object
*/
function auth($options);
/**
* instructions on how to use this Auth class
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/
function instructions();
}

72
lib/Alternc/Api/Auth/Login.php Normal file
View File

@ -0,0 +1,72 @@
<?php
/**
* Authentication API used by server to authenticate a user
* using his alternc login and password
*/
class Alternc_Api_Auth_Login implements Alternc_Api_Auth_Interface {
private $db; // PDO object
const ERR_INVALID_ARGUMENT = 1111201;
/**
* Constructor of the Login Api Auth
*
* @param $service an Alternc_Api_Service object
* @return create the object
*/
function __construct($service) {
if (!($service instanceof Alternc_Api_Service))
throw new \Exception("Invalid argument (service)", ERR_INVALID_ARGUMENT);
$this->db = $service->getDb();
}
/**
* Authenticate a user
*
* @param $options options, depending on the auth scheme, including uid for setuid users
* here, login is the AlternC username, and password is the password for this username.
* @return an Alternc_Api_Token
*/
function auth($options) {
if (!isset($options["login"]) || !is_string($options["login"])) {
throw new \Exception("Missing required parameter login", self::ERR_INVALID_ARGUMENT);
}
if (!isset($options["password"]) || !is_string($options["password"])) {
throw new \Exception("Missing required parameter password", self::ERR_INVALID_ARGUMENT);
}
if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#", $options["login"])) { // FIXME : normalize this on AlternC !!!
throw new \Exception("Invalid login", self::ERR_INVALID_LOGIN);
}
$stmt = $db->query("SELECT m.enabled,m.uid,m.login,m.su FROM membres m WHERE m.login=? AND m.password=?;", array($options["login"], $options["password"]), PDO::FETCH_CLASS);
$me = $stmt->fetch();
if (!$me)
return new Alternc_Api_Response(array("code" => ERR_INVALID_AUTH, "message" => "Invalid login or password"));
if (!$me->enabled)
return new Alternc_Api_Response(array("code" => ERR_DISABLED_ACCOUNT, "message" => "Account is disabled"));
return Alternc_Api_Token::tokenGenerate(
array("uid" => $me->uid, "isAdmin" => ($me->su != 0)), $this->db
);
}
/**
* instructions on how to use this Auth class
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/
function instructions() {
return array("fields" => array("login" => "AlternC user account", "password" => "AlternC's user password stored in membres table."),
"description" => "Authenticate against an AlternC user and password, the same as for the control panel"
);
}
}
// class Alternc_Api_Auth_Login

80
lib/Alternc/Api/Auth/Sharedsecret.php Normal file
View File

@ -0,0 +1,80 @@
<?php
/**
* Authentication API used by server to authenticate a user using a
* SHARED SECRET (ApiKey)
*/
class Alternc_Api_Auth_Sharedsecret implements Alternc_Api_Auth_Interface {
private $db; // PDO object
const ERR_INVALID_ARGUMENT = 1111801;
const ERR_INVALID_SECRET = 1111802;
const ERR_INVALID_LOGIN = 1111803;
const ERR_DISABLED_ACCOUNT = 1111804;
const ERR_INVALID_AUTH = 1111805;
/**
* Constructor of the Shared Secret Api Auth
*
* @param $service an Alternc_Api_Service object
* @return create the object
*/
function __construct($service) {
if (!($service instanceof Alternc_Api_Service))
throw new \Exception("Invalid argument (service)", ERR_INVALID_ARGUMENT);
$this->db = $service->getDb();
}
/**
* Authenticate a user
*
* @param $options options, depending on the auth scheme, including uid for setuid users
* here, login is the alternc username, and secret is a valid shared secret for this user.
* @return an Alternc_Api_Token
*/
function auth($options) {
if (!isset($options["login"]) || !is_string($options["login"])) {
throw new \Exception("Missing required parameter login", self::ERR_INVALID_ARGUMENT);
}
if (!isset($options["secret"]) || !is_string($options["secret"])) {
throw new \Exception("Missing required parameter secret", self::ERR_INVALID_ARGUMENT);
}
if (!preg_match("#^[0-9a-zA-Z]{32}$#", $options["secret"])) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_SECRET, "message" => "Invalid shared secret syntax"));
}
if (!preg_match("#^[0-9a-zA-Z-]{1,32}$#", $options["login"])) { // FIXME : normalize this on AlternC !!!
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_LOGIN, "message" => "Invalid login"));
}
$stmt = $this->db->prepare("SELECT m.enabled,m.uid,m.login,m.su FROM membres m, sharedsecret s WHERE s.uid=m.uid AND m.login=? AND s.secret=?;");
$stmt->execute(array($options["login"], $options["secret"]));
$me = $stmt->fetch(PDO::FETCH_OBJ);
if (!$me)
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_AUTH, "message" => "Invalid shared secret"));
if (!$me->enabled)
return new Alternc_Api_Response(array("code" => self::ERR_DISABLED_ACCOUNT, "message" => "Account is disabled"));
return Alternc_Api_Token::tokenGenerate(
array("uid" => (int) $me->uid, "isAdmin" => ($me->su != 0)), $this->db
);
}
/**
* instructions on how to use this Auth class
* @return array("fields" => array("fields to send, required or not"), "description" => "description of this auth")
*/
function instructions() {
return array("fields" => array("login" => "AlternC user account", "secret" => "API Key, Shared secrets, valid for this account, stored in sharedsecret table."),
"description" => "Authenticate against an Api Key, also called SharedSecret. distinct from the account's password, can be plenty and revoked independently"
);
}
}
// class Alternc_Api_Auth_Sharedsecret

64
lib/Alternc/Api/Legacyobject.php Normal file
View File

@ -0,0 +1,64 @@
<?php
/**
* Any Legacy AlternC Api should use this class as a parent
* to be able to handle properly the access rights & error messages
*
* @author benjamin
*/
class Alternc_Api_Legacyobject {
protected $admin; // m_admin instance
protected $cuid; // current user id
protected $isAdmin; // is it an Admin account?
protected $db; // PDO DB access to AlternC's database.
const ERR_INVALID_ARGUMENT = 111201;
const ERR_ALTERNC_FUNCTION = 111202;
const ERR_NOT_FOUND = 111203;
function __construct($service) {
global $admin, $cuid;
if (!($service instanceof Alternc_Api_Service)) {
throw new \Exception("Bad argument: service is not an Alternc_Api_Service", self::ERR_INVALID_ARGUMENT);
}
// We store the global $cuid to AlternC legacy classes
$this->db = $service->db;
$this->cuid = $cuid = $service->token->uid;
$this->isAdmin = $service->token->isAdmin;
// We use the global $admin from AlternC legacy classes
$this->admin = $admin;
// Set the legacy rights:
$this->admin->enabled = $this->isAdmin;
}
/** return a proper Alternc_Api_Response from an error class and error string
* from AlternC legacy class
*/
protected function alterncLegacyErrorManager() {
global $err;
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "[" . $err->clsid . "] " . $err->error));
}
/** ensure that offset & count are set properly from $options.
*/
protected function offsetAndCount($options, $max) {
$offset = -1;
$count = -1;
if (isset($options["count"]))
$count = intval($options["count"]);
if (isset($options["offset"]))
$offset = intval($options["offset"]);
if ($offset != -1 || $count != -1) {
if ($offset < 0 || $offset > $max)
$offset = 0;
if ($count < 0 || $count > 1000)
$count = 1000;
}
return array($offset, $count);
}
}
// Aternc_Api_Legacyobject

203
lib/Alternc/Api/Object/Account.php Normal file
View File

@ -0,0 +1,203 @@
<?php
/**
* Account Api of AlternC, used by alternc-api package
*/
class Alternc_Api_Object_Account extends Alternc_Api_Legacyobject {
/** API Method from legacy class method admin->add_mem()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: login, pass, nom, prenom, mail,
* non-mandatory: canpass, type, duration, notes, force, create_dom, db_server_id
* @return Alternc_Api_Response whose content is the newly created UID
*/
function add($options) {
$mandatory = array("login", "pass", "nom", "prenom", "mail");
$defaults = array("canpass" => 1, "type" => "default", "duration" => 0, "notes" => "", "force" => 0, "create_dom" => "");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key] = $value;
}
}
if (!isset($options["db_server_id"])) {
$stmt = $this->db->prepare("SELECT MIN(db_servers.id) AS id FROM db_servers;");
$stmt->execute();
$me = $stmt->fetch(PDO::FETCH_OBJ);
$options["db_server_id"] = $me->id;
}
$uid = $this->admin->add_mem($options["login"], $options["pass"], $options["nom"], $options["prenom"], $options["mail"], $options["canpass"], $options["type"], $options["duration"], $options["notes"], $options["force"], $options["create_dom"], $options["db_server_id"]);
if (!$uid) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $uid));
}
}
/** API Method from legacy class method admin->update_mem()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: nom, prenom, mail,
* non-mandatory: pass, canpass, type, duration, notes, force, create_dom, db_server_id
* @return Alternc_Api_Response whose content is the updated UID
*/
function update($options) {
$defaults = array("nom", "prenom", "mail", "canpass", "enabled", "type", "duration", "notes");
if (!isset($options["uid"])) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: UID"));
}
$uid = intval($options["uid"]);
$old = $this->admin->get($uid);
if (!$old) {
return new Alternc_Api_Response(array("code" => self::ERR_NOT_FOUND, "message" => "User not found"));
}
foreach ($defaults as $key) {
if (!isset($options[$key])) {
$options[$key] = $old[$key];
}
}
if (!isset($options["pass"]))
$options["pass"] = "";
$uid = $this->admin->update_mem($uid, $options["mail"], $options["nom"], $options["prenom"], $options["pass"], $options["enabled"], $options["canpass"], $options["type"], $options["duration"], $options["notes"]);
if (!$uid) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $uid));
}
}
/** API Method from legacy class method admin->del_mem()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: uid
* @return Alternc_Api_Response TRUE if the account has been deleted.
*/
function del($options) {
if (!isset($options["uid"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: UID"));
}
$result = $this->admin->del_mem(intval($options["uid"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method admin->lock_mem()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: uid
* @return Alternc_Api_Response TRUE if the account has been locked
*/
function lock($options) {
if (!isset($options["uid"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: UID"));
}
$result = $this->admin->lock_mem(intval($options["uid"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method admin->unlock_mem()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: uid
* @return Alternc_Api_Response TRUE if the account has been unlocked
*/
function unlock($options) {
if (!isset($options["uid"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: UID"));
}
$result = $this->admin->unlock_mem(intval($options["uid"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method admin->normal2su()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: uid
* @return Alternc_Api_Response TRUE if the account has been set to be an administator
*/
function setAdmin($options) {
if (!isset($options["uid"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: UID"));
}
$result = $this->admin->normal2su(intval($options["uid"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method admin->su2normal()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: uid
* @return Alternc_Api_Response TRUE if the account has been set to NOT be an administrator
*/
function unsetAdmin($options) {
if (!isset($options["uid"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: UID"));
}
$result = $this->admin->su2normal(intval($options["uid"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method admin->get_list()
* @param $options a hash with parameters transmitted to legacy call
* non-mandatory parameters: ONE OF:
* uid(strict), login(like %%), domain(like %%), creator(strict, by uid),
* Any of: offset(int=0), count(int=+inf)
* @return Alternc_Api_Response An array with all matching users informations as hashes
*/
function find($options) {
$result = false;
if (!$result && isset($options["uid"])) {
$result = $this->admin->get(intval($options["uid"]));
if ($result)
$result = array($result);
}
if (!$result && isset($options["login"])) {
$result = $this->admin->get_list(1/* ALL */, "", $options["login"], "login");
}
if (!$result && isset($options["domain"])) {
$result = $this->admin->get_list(1/* ALL */, "", $options["domain"], "domaine");
}
if (!$result && isset($options["creator"])) {
$result = $this->admin->get_list(1/* ALL */, intval($options["creator"]));
}
if (!$result) { // everybody
$result = $this->admin->get_list(1/* ALL */, "");
}
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
list($offset, $count) = $this->offsetAndCount($options, count($result));
if ($offset != -1 || $count != -1) {
$result = array_slice($result, $offset, $count);
}
return new Alternc_Api_Response(array("content" => $result));
}
}
}
// class Alternc_Api_Object_Account

142
lib/Alternc/Api/Object/Domain.php Normal file
View File

@ -0,0 +1,142 @@
<?php
/**
* Domain Api of AlternC, used by alternc-api package
*/
class Alternc_Api_Object_Domain extends Alternc_Api_Legacyobject {
protected $dom; // m_dom instance
function __construct($service) {
global $dom;
parent::__construct($service);
$this->dom = $dom;
}
/** API Method from legacy class method dom->get_domain_list()
* @param $options a hash with parameters transmitted to legacy call
* may be "uid" to only return domains for a specific user-id
* (if you are not admin, this WILL only list YOUR domains anyway)
* may be "offset" and/or "count" to do paging.
* @return Alternc_Api_Response whose content is the list of hosted domains on this server
* (no more details as of now)
*/
function find($options) {
global $cuid;
$sql = "";
if ($this->isAdmin) {
if (isset($options["uid"])) {
$uid = intval($options["uid"]);
} else {
$uid = -1;
}
} else {
$uid = $cuid;
}
if ($uid != -1) {
$sql = " WHERE compte=$uid ";
} else {
$sql = "";
}
$stmt = $this->db->prepare("SELECT * FROM domaines $sql ORDER BY domaine");
$stmt->execute();
$result = array();
while ($me = $stmt->fetch(PDO::FETCH_OBJ)) {
$result[$me->domaine] = $me;
}
list($offset,$count)=$this->offsetAndCount($options, count($result));
if ($offset != -1 || $count != -1) {
$result = array_slice($result, $offset, $count);
}
return new Alternc_Api_Response(array("content" => $result));
}
/** API Method from legacy class method dom->add_domain()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: domain(str), dns(bool)
* non-mandatory: noerase(bool, only admins), force(bool, only admins), isslave(bool), slavedom(str)
* @return Alternc_Api_Response whose content is the newly created DOMAIN id
*/
function add($options) {
$mandatory = array("domain", "dns");
$defaults = array("noerase" => false, "force" => false, "isslave" => false, "slavedom" => "");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key] = $value;
}
}
if (!$this->isAdmin) { // only admin can change the options below:
$options["noerase"] = false;
$options["force"] = false;
}
$did = $this->dom->add_domain($options["domain"], $options["dns"], $options["noerase"], $options["force"], $options["isslave"], $options["slavedom"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method dom->edit_domain()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: domain(str), dns(bool)
* non-mandatory: noerase(bool, only admins), force(bool, only admins), isslave(bool), slavedom(str)
* @return Alternc_Api_Response whose content is the newly created DOMAIN id
*/
function update($options) {
$mandatory = array("domain", "dns", "gesmx");
$defaults = array("force" => false, "ttl" => 86400);
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key] = $value;
}
}
if (!$this->isAdmin) { // only admin can change the options below:
$options["force"] = false;
}
$did = $this->dom->edit_domain($options["domain"], $options["dns"], $options["gesmx"], $options["force"], $options["ttl"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method dom->del_domain()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: domain
* @return Alternc_Api_Response TRUE if the domain has been marked for deletion.
*/
function del($options) {
if (!isset($options["domain"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: DOMAIN"));
}
$result = $this->dom->del_domain($options["domain"]);
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
}
// class Alternc_Api_Object_Domain

126
lib/Alternc/Api/Object/Ftp.php Normal file
View File

@ -0,0 +1,126 @@
<?php
/**
* Ftp Api of AlternC, used by alternc-api package
*/
class Alternc_Api_Object_Ftp extends Alternc_Api_Legacyobject {
protected $ftp; // m_ftp instance
function __construct($service) {
global $ftp;
parent::__construct($service);
$this->ftp = $ftp;
}
/** API Method from legacy class method ftp->add_ftp()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: prefix, login, pass, dir
* @return Alternc_Api_Response whose content is the newly created UID
*/
function add($options) {
$mandatory = array("prefix", "login", "pass", "dir");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
$ftpid = $this->ftp->add_ftp($options["prefix"], $options["login"], $options["pass"], $options["dir"]);
if (!$ftpid) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $ftpid));
}
}
/** API Method from legacy class method ftp->put_ftp_details()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: id
* non-mandatory: prefix, login, pass, dir
* @return Alternc_Api_Response whose content is the updated UID
*/
function update($options) {
$defaults = array("prefix", "login", "dir");
if (!isset($options["id"])) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ID"));
}
$id = intval($options["id"]);
$old = $this->ftp->get_ftp_details($id);
if (!$old) {
return new Alternc_Api_Response(array("code" => self::ERR_NOT_FOUND, "message" => "FTP Account not found"));
}
foreach ($defaults as $key) {
if (!isset($options[$key])) {
$options[$key] = $old[$key];
}
}
if (!isset($options["pass"]))
$options["pass"] = "";
$result = $this->ftp->put_ftp_details($id, $options["prefix"], $options["login"], $options["pass"], $options["dir"]);
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $result));
}
}
/** API Method from legacy class method ftp->del_ftp()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: id
* @return Alternc_Api_Response TRUE if the FTP account has been deleted.
*/
function del($options) {
if (!isset($options["id"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: ID"));
}
$result = $this->ftp->delete_ftp(intval($options["id"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method ftp->get_list()
* @param $options a hash with parameters transmitted to legacy call
* non-mandatory parameters:
* Any of: offset(int=0), count(int=+inf)
* @return Alternc_Api_Response An array with all matching FTP account informations as hashes
*/
function find($options) {
$result = $this->ftp->get_list();
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
list($offset, $count) = $this->offsetAndCount($options, count($result));
if ($offset != -1 || $count != -1) {
$result = array_slice($result, $offset, $count);
}
return new Alternc_Api_Response(array("content" => $result));
}
}
/** API Method from legacy class method ftp->is_ftp()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: DIR
* @return Alternc_Api_Response Integer the ID of the account in this folder, or FALSE
*/
function isFtp($options) {
if (!isset($options["dir"])) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: DIR"));
}
$result = $this->ftp->is_ftp($options["dir"]);
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $result));
}
}
}
// class Alternc_Api_Object_Ftp

380
lib/Alternc/Api/Object/Mail.php Normal file
View File

@ -0,0 +1,380 @@
<?php
/**
* Domain Api of AlternC, used by alternc-api package
*/
class Alternc_Api_Object_Mail extends Alternc_Api_Legacyobject {
protected $mail; // m_mail instance
function __construct($service) {
global $mail;
parent::__construct($service);
$this->mail = $mail;
}
/** API Method from legacy class method mail->enum_domains()
* @param $options a hash with parameters transmitted to legacy call
* @return Alternc_Api_Response whose content is the list of hosted domains
* for mails on this server
* (no more details as of now)
*/
function listDomains($options) {
global $cuid;
$sql = "";
$uid = $cuid;
if ($this->isAdmin && isset($options["uid"])) {
$uid = intval($options["uid"]);
}
$did = $this->mail->enum_domains($uid);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method mail->available()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: mail(str)
* @return Alternc_Api_Response telling TRUE or FALSE
*/
function isAvailable($options) {
if (!isset($options["mail"])) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . "mail"));
}
$did = $this->mail->available($options["mail"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method $mail->enum_domain_mails
* ($dom_id = null, $search="", $offset=0, $count=30, $show_systemmails=false)
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters:
* non-mandatory:
* @return Alternc_Api_Response whose content is
*/
function getAll($options) {
$defaults = array("dom_id" => null, "search" => "", "offset" => 0, "count" => 30, "show_systemmails" => false);
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key] = $value;
}
}
$did = $this->mail->enum_domain_mails($options["dom_id"], $options["search"], $options["offset"], $options["count"], $options["show_systemmails"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method $mail->create
* ($dom_id, $mail,$type="",$dontcheck=false){
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters:
* non-mandatory:
* @return Alternc_Api_Response whose content is
*/
function create($options) {
$defaults = array("type" => "");
$mandatory = array("dom_id", "mail");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key] = $value;
}
}
$did = $this->mail->create($options["dom_id"], $options["mail"], $options["type"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method $mail->get_details($mail_id)
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: mail_id
* @return Alternc_Api_Response whose content is
*/
function get($options) {
$mandatory = array("mail_id");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
$did = $this->mail->get_details($options["mail_id"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method $mail->get_account_by_mail_id($mail_id)
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: mail_id
* @return Alternc_Api_Response whose content is
*/
function account($options) {
$mandatory = array("mail_id");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
$did = $this->mail->get_account_by_mail_id($options["mail_id"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method $mail->delete($mail_id)
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: mail_id
* @return Alternc_Api_Response whose content is
*/
function delete($options) {
$mandatory = array("mail_id");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
$did = $this->mail->delete($options["mail_id"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method $mail->undelete($mail_id)
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: mail_id
* @return Alternc_Api_Response whose content is
*/
function undelete($options) {
$mandatory = array("mail_id");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
$did = $this->mail->undelete($options["mail_id"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method $mail->delete($mail_id)
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: mail_id, password
* @return Alternc_Api_Response whose content is
*/
function passwd($options) {
$mandatory = array("mail_id", "password");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
$did = $this->mail->set_passwd($options["mail_id"], $options["password"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method $mail->enable($mail_id)
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: mail_id
* @return Alternc_Api_Response whose content is
*/
function enable($options) {
$mandatory = array("mail_id");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
$did = $this->mail->enable($options["mail_id"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method $mail->disable($mail_id)
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: mail_id
* @return Alternc_Api_Response whose content is
*/
function disable($options) {
$mandatory = array("mail_id");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
$did = $this->mail->disable($options["mail_id"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method from legacy class method $mail-> set_details
* ($mail_id, $islocal, $quotamb, $recipients,$delivery="dovecot",$dontcheck=false)
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters:
* non-mandatory:
* @return Alternc_Api_Response whose content is
*/
function update($options) {
$defaults = array("delivery" => "dovecot");
$mandatory = array("mail_id", "islocal", "quotamb", "recipients");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key] = $value;
}
}
$did = $this->mail->set_details($options["mail_id"], $options["islocal"], $options["quotamb"], $options["recipients"], $options["delivery"]);
if (!$did) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $did));
}
}
/** API Method for email authentication
* @param $options a hash with email and password parameters.
* @return Alternc_Api_Response whose content is true / false if the auth
* to this email was successfull.
*/
function login($options) {
global $cuid;
$uid = $cuid;
if ($this->isAdmin && isset($options["uid"])) {
$uid = intval($options["uid"]);
}
if (!isset($options["email"]) || !isset($options["password"])) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing email or password argument"));
}
list($address,$domain)=explode("@",$options["email"],2);
$stmt = $this->db->prepare("SELECT enabled,password FROM domaines d,address a WHERE a.domain_id=d.id AND address=? AND domaine=?;");
$stmt->execute(array($address,$domain));
$me = $stmt->fetch(PDO::FETCH_OBJ);
if ($me && $me->enabled) {
// Check password :
return new Alternc_Api_Response(array("content" => $this->check_password($options["password"],$me->password) ));
} else {
return new Alternc_Api_Response(array("content" => false));
}
}
function check_password($password, $hash) {
if ($hash == '') { // no password
return FALSE;
}
if ($hash{0} != '{') { // plaintext or crypt() password ?
if ($hash{0} == '$' ) {
if (crypt($password,$hash)==$hash)
return TRUE;
} else { // plaintext ? (NOT RECOMMENDED !!!)
if ($password == $hash)
return TRUE;
}
return FALSE;
}
if (substr($hash,0,7) == '{crypt}') {
if (crypt($password, substr($hash,7)) == substr($hash,7))
return TRUE;
return FALSE;
}
elseif (substr($hash,0,5) == '{MD5}') {
$encrypted_password = '{MD5}' . base64_encode(md5( $password,TRUE));
}
elseif (substr($hash,0,6) == '{SHA1}') {
$encrypted_password = '{SHA}' . base64_encode(sha1( $password, TRUE ));
}
elseif (substr($hash,0,6) == '{SSHA}') {
$salt = substr(base64_decode(substr($hash,6)),20);
$encrypted_password = '{SSHA}' . base64_encode(sha1( $password.$salt, TRUE ). $salt);
} else {
echo "Unsupported password hash format";
return FALSE;
}
if ($hash == $encrypted_password)
return TRUE;
return FALSE;
}
}
// class Alternc_Api_Object_Mail

210
lib/Alternc/Api/Object/Mysql.php Normal file
View File

@ -0,0 +1,210 @@
<?php
/**
* Account Api of AlternC, used by alternc-api package
*/
class Alternc_Api_Object_Mysql extends Alternc_Api_Legacyobject {
protected $mysql;
function __construct($service) {
global $mysql;
parent::__construct($service);
$this->mysql = $mysql;
}
/** API Method from legacy class method admin->add_mem()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: login, pass, nom, prenom, mail,
* non-mandatory: canpass, type, duration, notes, force, create_dom, db_server_id
* @return Alternc_Api_Response whose content is the newly created UID
*/
function add($options) {
$mandatory = array("login", "pass", "nom", "prenom", "mail");
$defaults = array("canpass" => 1, "type" => "default", "duration" => 0, "notes" => "", "force" => 0, "create_dom" => "");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
foreach ($defaults as $key => $value) {
if (!isset($options[$key])) {
$options[$key] = $value;
}
}
if (!isset($options["db_server_id"])) {
$stmt = $this->db->prepare("SELECT MIN(db_servers.id) AS id FROM db_servers;");
$stmt->execute();
$me = $stmt->fetch(PDO::FETCH_OBJ);
$options["db_server_id"] = $me->id;
}
$uid = $this->admin->add_mem($options["login"], $options["pass"], $options["nom"], $options["prenom"], $options["mail"], $options["canpass"], $options["type"], $options["duration"], $options["notes"], $options["force"], $options["create_dom"], $options["db_server_id"]);
if (!$uid) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $uid));
}
}
/** API Method from legacy class method admin->update_mem()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: nom, prenom, mail,
* non-mandatory: pass, canpass, type, duration, notes, force, create_dom, db_server_id
* @return Alternc_Api_Response whose content is the updated UID
*/
function update($options) {
$defaults = array("nom", "prenom", "mail", "canpass", "enabled", "type", "duration", "notes");
if (!isset($options["uid"])) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: UID"));
}
$uid = intval($options["uid"]);
$old = $this->admin->get($uid);
if (!$old) {
return new Alternc_Api_Response(array("code" => self::ERR_NOT_FOUND, "message" => "User not found"));
}
foreach ($defaults as $key) {
if (!isset($options[$key])) {
$options[$key] = $old[$key];
}
}
if (!isset($options["pass"]))
$options["pass"] = "";
$uid = $this->admin->update_mem($uid, $options["mail"], $options["nom"], $options["prenom"], $options["pass"], $options["enabled"], $options["canpass"], $options["type"], $options["duration"], $options["notes"]);
if (!$uid) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $uid));
}
}
/** API Method from legacy class method admin->del_mem()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: uid
* @return Alternc_Api_Response TRUE if the account has been deleted.
*/
function del($options) {
if (!isset($options["uid"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: UID"));
}
$result = $this->admin->del_mem(intval($options["uid"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method admin->lock_mem()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: uid
* @return Alternc_Api_Response TRUE if the account has been locked
*/
function lock($options) {
if (!isset($options["uid"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: UID"));
}
$result = $this->admin->lock_mem(intval($options["uid"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method admin->unlock_mem()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: uid
* @return Alternc_Api_Response TRUE if the account has been unlocked
*/
function unlock($options) {
if (!isset($options["uid"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: UID"));
}
$result = $this->admin->unlock_mem(intval($options["uid"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method admin->normal2su()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: uid
* @return Alternc_Api_Response TRUE if the account has been set to be an administator
*/
function setAdmin($options) {
if (!isset($options["uid"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: UID"));
}
$result = $this->admin->normal2su(intval($options["uid"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method admin->su2normal()
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: uid
* @return Alternc_Api_Response TRUE if the account has been set to NOT be an administrator
*/
function unsetAdmin($options) {
if (!isset($options["uid"])) {
return new Alternc_Api_Response(array("code" => self::ERR_ALTERNC_FUNCTION, "message" => "Missing or invalid argument: UID"));
}
$result = $this->admin->su2normal(intval($options["uid"]));
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method admin->get_list()
* @param $options a hash with parameters transmitted to legacy call
* non-mandatory parameters: ONE OF:
* uid(strict), login(like %%), domain(like %%), creator(strict, by uid),
* Any of: offset(int=0), count(int=+inf)
* @return Alternc_Api_Response An array with all matching users informations as hashes
*/
function find($options) {
$result = false;
if (!$result && isset($options["uid"])) {
$result = $this->admin->get(intval($options["uid"]));
if ($result)
$result = array($result);
}
if (!$result && isset($options["login"])) {
$result = $this->admin->get_list(1/* ALL */, "", $options["login"], "login");
}
if (!$result && isset($options["domain"])) {
$result = $this->admin->get_list(1/* ALL */, "", $options["domain"], "domaine");
}
if (!$result && isset($options["creator"])) {
$result = $this->admin->get_list(1/* ALL */, intval($options["creator"]));
}
if (!$result) { // everybody
$result = $this->admin->get_list(1/* ALL */, "");
}
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
list($offset, $count) = $this->offsetAndCount($options, count($result));
if ($offset != -1 || $count != -1) {
$result = array_slice($result, $offset, $count);
}
return new Alternc_Api_Response(array("content" => $result));
}
}
}
// class Alternc_Api_Object_Mysql

73
lib/Alternc/Api/Object/Policy.php Normal file
View File

@ -0,0 +1,73 @@
<?php
/**
* Passowrd Policy Api of AlternC, used by alternc-api package
*/
class Alternc_Api_Object_Policy extends Alternc_Api_Legacyobject {
/** API Method from legacy class method admin->editPolicy($policy,$minsize,$maxsize,$classcount,$allowlogin)
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: policy minsize maxsize classcount allowlogin
* @return Alternc_Api_Response TRUE if the password policy has been updated
*/
function update($options) {
$mandatory = array("policy", "minsize", "maxsize", "classcount", "allowlogin");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
$result = $this->admin->editPolicy($options["policy"], $options["minsize"], $options["maxsize"], $options["classcount"], $options["allowlogin"]);
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
/** API Method from legacy class method admin->listPasswordPolicies()
* @param $options a hash with parameters transmitted to legacy call
* no options is used.
* @return Alternc_Api_Response An array with all password policies
*/
function find($options) {
$result = $this->admin->listPasswordPolicies();
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => $result));
}
}
/** API Method from legacy class method admin->checkPolicy($policy,$login,$password)
* @param $options a hash with parameters transmitted to legacy call
* mandatory parameters: policy login password
* @return Alternc_Api_Response TRUE if the password match the policy
*/
function check($options) {
$mandatory = array("policy", "login", "password");
$missing = "";
foreach ($mandatory as $key) {
if (!isset($options[$key])) {
$missing.=$key . " ";
}
}
if ($missing) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: " . $missing));
}
$result = $this->admin->checkPolicy($options["policy"], $options["login"], $options["password"]);
if (!$result) {
return $this->alterncLegacyErrorManager();
} else {
return new Alternc_Api_Response(array("content" => true));
}
}
}
// class Alternc_Api_Object_Account

103
lib/Alternc/Api/Request.php Normal file
View File

@ -0,0 +1,103 @@
<?php
/**
* Standard Request object for the AlternC API
*
* Helps streamlining the calls by checking parameters
*/
class Alternc_Api_Request {
/**
*
* @var Alternc_Api_Token object
*/
public $token;
/**
*
* @var string a token hash (to be authenticated)
*/
public $token_hash;
/**
* must link to a Alternc_Api_Object_Interface
*
* @var string
*/
public $object;
/**
* must link to a Alternc_Api_Object_Interface method
*
* @var string
*/
public $action;
/**
* bag of data
*
* @var array
*/
public $options;
/**
*
* Bag of data
*
* @var array
*/
public $metadata;
const ERR_MISSING_PARAMETER = 111801;
function __construct($options) {
// Attempts to retrieve object
if (isset($options["object"]) && is_string($options["object"])) {
$this->object = $options["object"];
} else {
throw new \Exception("Missing parameter object", self::ERR_MISSING_PARAMETER);
}
// Attempts to retrieve action
if (isset($options["action"]) && is_string($options["action"])) {
$this->action = $options["action"];
} else {
throw new \Exception("Missing parameter action", self::ERR_MISSING_PARAMETER);
}
// Attempts to retrieve options
if (isset($options["options"])) {
if (is_array($options)) {
$this->options = $options["options"];
} else {
throw new \Exception("Missing parameter options", self::ERR_MISSING_PARAMETER);
}
} else {
$this->options = array();
}
// Attempts to retrieve token
if (isset($options["token"])) {
if (is_a($options["token"], Alternc_Api_Token)) {
$this->token = $options["token"];
} else {
throw new \Exception("Bad parameter token", self::ERR_MISSING_PARAMETER);
}
} else {
// Attempts to retrieve token_hash then
if (isset($options["token_hash"]) && is_string($options["token_hash"])) {
$this->token_hash = $options["token_hash"];
} else {
throw new \Exception("Missing parameter token OR token_hash", self::ERR_MISSING_PARAMETER);
}
}
// Attempts to retrieve metadata (eg: API version)
if (isset($options["metadata"])) {
$this->metadata = $options["metadata"];
}
}
}

67
lib/Alternc/Api/Response.php Normal file
View File

@ -0,0 +1,67 @@
<?php
/**
* Standard Response object for the AlternC API
*
*/
class Alternc_Api_Response {
/**
* Error codes
*/
const ERR_DISABLED_ACCOUNT = 221801;
const ERR_INVALID_AUTH = 221802;
/**
* Result code. 0 means success
*
* @var int
*/
public $code;
/**
* Result message. May be empty
*
* @var string
*/
public $message;
/**
* Result data
*
* @var array
*/
public $content;
/**
* Result metadata
*
* @var array
*/
public $metadata;
/**
* initialize a response object
* @param options any of the public above
*/
public function __construct($options = array()) {
$os = array("code", "message", "content", "metadata");
foreach ($os as $o) {
if (isset($options[$o]))
$this->$o = $options[$o];
}
}
/**
* Formats response to json
*
* @return string
*/
public function toJson() {
return json_encode(get_object_vars($this));
}
}
// class Alternc_Api_Response

223
lib/Alternc/Api/Service.php Normal file
View File

@ -0,0 +1,223 @@
<?php
/* TODO: implements logger !
*/
/**
* Service API used by server to export API methods
* this class can be used to implement an API service / endpoint
* a REST and POST api is provided as an example
*/
class Alternc_Api_Service {
public $db; // PDO object
private $loggerList; // List of loggers
private $allowedAuth; // list of allowed authenticators
public $token; // Token (useful for called classes)
const ERR_INVALID_ARGUMENT = 111801;
const ERR_METHOD_DENIED = 111802;
const ERR_INVALID_ANSWER = 111803;
const ERR_SETUID_FORBIDDEN = 111804;
const ERR_SETUID_USER_NOT_FOUND = 111805;
const ERR_OBJECT_NOT_FOUND = 111806;
const ERR_ACTION_NOT_FOUND = 111807;
const ERR_INVALID_TOKEN = 111808;
/**
* Constructor of the Api Service Wrapper
*
* @param $options an hash with
* databaseAdapter: an already initialized PDO object
* see http://php.net/PDO
* loginAdapterList: (not mandatory) list of allowed authentication adapters (their codename)
* see Alternc/Api/Auth/*
* loggerAdapter: (not mandatory), a PSR3-Interface-compliant class or a list of it.
* see https://github.com/php-fig/fig-standards/blob/master/accepted/PSR-3-logger-interface.md for more information
*
* @return create the object
*/
function __construct($options) {
// What DB shall we connect to?
// Note: it MUST be in this mode : $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
if (isset($options["databaseAdapter"]) && $options["databaseAdapter"] instanceof PDO) {
$this->db = $options["databaseAdapter"];
} else {
throw new \Exception("Missing required parameter databaseAdapter", self::ERR_INVALID_ARGUMENT);
}
// Which login is allowed?
$this->allowedAuth = array();
if (isset($options["loginAdapterList"]) && is_array($options["loginAdapterList"])) {
foreach ($options["loginAdapterList"] as $lal) {
$this->allowedAuth[] = (string) $lal;
}
}
// To which logger(s) shall we log to?
if (isset($options["loggerAdapter"])) {
if (!is_array($options["loggerAdapter"]))
$options["loggerAdapter"] = array($options["loggerAdapter"]);
foreach ($options["loggerAdapter"] as $la) {
if ($la instanceof Psr\Log\LoggerInterface)
$this->loggerList[] = $la;
}
}
}
/**
* Authenticate into an AlternC server
* @param $auth hash with
* method: string describing the authentication name (in Alternc_Api_Auth_xxx)
* options: array list of parameters for the corresponding auth.
* if 'uid' is set in the option hash, the account MUST be an administrator one
* and as a result, the returned Api_Token will be set to this UID and not the admin one.
* @return Alternc_Api_Token an API Token
*/
function auth($auth) {
if (!isset($auth["method"]) || !is_string($auth["method"])) {
throw new \Exception("Missing required parameter method", self::ERR_INVALID_ARGUMENT);
}
if (!isset($auth["options"]) || !is_array($auth["options"])) {
throw new \Exception("Missing required parameter options", self::ERR_INVALID_ARGUMENT);
}
if (count($this->allowedAuth) && !in_array($auth["method"], $this->allowedAuth)) {
throw new \Exception("Method not allowed", self::ERR_METHOD_DENIED);
}
if (isset($auth["options"]["uid"]) && !intval($auth["options"]["uid"])) {
throw new \Exception("Invalid UID", self::ERR_INVALID_ARGUMENT);
}
$adapterName = "Alternc_Api_Auth_" . ucfirst(strtolower($auth["method"]));
$authAdapter = new $adapterName($this);
$token = $authAdapter->auth($auth["options"]);
// something went wrong user-side
if ($token instanceof Alternc_Api_Response)
return $token;
// something went *really* wrong (bad type):
if (!$token instanceof Alternc_Api_Token)
throw new \Exception("Invalid answer from Api_Auth_Interface", self::ERR_INVALID_ANSWER);
if (isset($auth["options"]["uid"])) {
if (!$token->isAdmin) {
// Non-admin are not allowed to setuid
return new Alternc_Api_Response(array("code" => self::ERR_SETUID_FORBIDDEN, "message" => "This user is not allowed to set his uid"));
}
// Search for the requested user. We allow using *disabled* account here since we are admin
foreach ($this->db->query("SELECT uid FROM membres WHERE uid=" . intval($auth["options"]["uid"])) as $setuid) {
$token->uid = intval($setuid['uid']);
$stmt = $this->db->prepare("UPDATE token SET data=? WHERE token=?");
$stmt->execute(array($token->toJson(), $token->token));
return $token;
}
return new Alternc_Api_Response(array("code" => self::ERR_SETUID_USER_NOT_FOUND, "message" => "Can't find the user you want to setuid to"));
}
return $token;
}
/**
* Manage an API Call
* @param Alternc_Api_Request $request The API call
* the request must have "object" and "action" elements, and a "token" to authenticate
* "options" are sent as it is to the Api Call.
* @return Alternc_Api_Response an API response
*/
function call($request) {
if (!$request instanceof Alternc_Api_Request)
throw new \Exception("request must be an Alternc_Api_Request object", self::ERR_INVALID_ARGUMENT);
// we set the token in the Service object, so that other classes can use it :)
$this->token = Alternc_Api_Token::tokenGet($request->token_hash, $this->db);
if ($this->token instanceof Alternc_Api_Response) // bad token
return $this->token;
$className = "Alternc_Api_Object_" . ucfirst(strtolower($request->object));
if (!class_exists($className))
return new Alternc_Api_Response(array("code" => self::ERR_OBJECT_NOT_FOUND, "message" => "Object not found in this AlternC's instance"));
$object = new $className($this);
$action = $request->action;
if (strpos($action, "-") !== false) {
// replace - by an uppercase letter:
$action = lcfirst(str_replace(" ", "", implode("", array_map("ucfirst", explode("-", $action)))));
}
if (!method_exists($object, $action))
return new Alternc_Api_Response(array("code" => self::ERR_ACTION_NOT_FOUND, "message" => "Action not found for this object in this AlternC's instance"));
$request->token = $this->token; // we receive $request->token_hash as a STRING, but we transmit its object as an Alternc_Api_Token.
// TODO: log this Api Call
return $object->$action($request->options);
}
/**
* Return documentation of the API, either general (no parameters)
* or for a specific action or auth class
* @param string $element the name of the object for which documentation is requested
* @return array a documentation hash (key/value)
*/
function doc($element) {
if (substr($element, 0, 5) == "auth/") {
$adapterName = "Alternc_Api_Auth_" . ucfirst(strtolower(substr($element, 5)));
if (!class_exists($adapterName))
return false;
$authAdapter = new $adapterName($this);
return $authAdapter->documentation();
} else {
list($class, $action) = explode("/", $element);
$className = "Alternc_Api_Object_" . ucfirst(strtolower($class));
if (!class_exists($className))
return false;
$object = new $className($this);
if (!$action) {
return $authAdapter->documentation();
} else {
return $authAdapter->documentation($action);
}
}
}
/**
* Return documentation of the API, either general (no parameters)
* or for a specific action or auth class
* @param string $element the name of the object for which documentation is requested
* @return array a documentation hash (key/value)
*/
function doc($element) {
if (substr($element, 0, 5) == "auth/") {
$adapterName = "Alternc_Api_Auth_" . ucfirst(strtolower(substr($element, 5)));
if (!class_exists($adapterName))
return false;
$authAdapter = new $adapterName($this);
return $authAdapter->documentation();
} else {
list($class, $action) = explode("/", $element);
$className = "Alternc_Api_Object_" . ucfirst(strtolower($class));
if (!class_exists($className))
return false;
$object = new $className($this);
if (!$action) {
return $authAdapter->documentation();
} else {
return $authAdapter->documentation($action);
}
}
}
/**
* Getter for the databaseAdapter
* (used by authAdapter)
*/
function getDb() {
return $this->db;
}
}
// class Alternc_Api_Service

132
lib/Alternc/Api/Token.php Normal file
View File

@ -0,0 +1,132 @@
<?php
/**
* Standard Token object for the AlternC API
*
*/
class Alternc_Api_Token {
const ERR_DATABASE_ERROR = 112001;
const ERR_INVALID_ARGUMENT = 112002;
const ERR_MISSING_ARGUMENT = 112003;
const ERR_INVALID_TOKEN = 112004;
/**
* AlternC User-Id
*
* @var int
*/
public $uid;
/**
* Is this an admin account ?
*
* @var boolean
*/
public $isAdmin;
/**
* The Token itself
*
* @var string
*/
public $token;
/**
* how long (seconds) is a token valid
*
* @var int
*/
public $tokenDuration = 2678400; // default is a month
/**
* initialize a token object
* @param options any of the public above
* may contain a dbAdapter, in that case create() will be available
*/
public function __construct($options = array()) {
if (isset($options["uid"]) && is_int($options["uid"]))
$this->uid = $options["uid"];
if (isset($options["isAdmin"]) && is_bool($options["isAdmin"]))
$this->isAdmin = $options["isAdmin"];
}
/**
* Formats response to json
*
* @return string
*/
public function toJson() {
return json_encode(
array("uid" => $this->uid,
"isAdmin" => $this->isAdmin,
"token" => $this->token)
);
}
/**
* Create a new token in the DB for the associated user/admin
*
* @return string the token (32 chars)
*/
public static function tokenGenerate($options, $db) {
if (!($db instanceof PDO)) {
throw new \Exception("No DB Object, can't create", self::ERR_DATABASE_ERROR);
}
if (!isset($options["uid"]) || !isset($options["isAdmin"])) {
throw new \Exception("Missing Arguments (uid,isAdmin)", self::ERR_MISSING_ARGUMENT);
}
$token = new Alternc_Api_Token($options);
do {
$token->token = $token->tokenRandom();
$stmt = $db->prepare("INSERT IGNORE INTO token SET token=?, expire=DATE_ADD(NOW(), INTERVAL ? SECOND), data=?");
$stmt->execute(array($token->token, $token->tokenDuration, $token->toJson()));
$rows = $stmt->rowCount();
} while ($rows == 0); // prevent collisions
return $token;
}
/**
* Check and return a token
* @param $token string a 32-chars token
* @param $db PDO a PDO object for token table access
*
* @return Alternc_Api_Token object or NULL
*/
public static function tokenGet($token, $db) {
if (!($db instanceof PDO)) {
throw new \Exception("No DB Object, can't create", self::ERR_DATABASE_ERROR);
}
if (!is_string($token) || !preg_match("#^[a-zA-Z0-9]{32}$#", $token)) {
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token"));
}
$stmt = $db->prepare("SELECT * FROM token WHERE token=?");
$stmt->execute(array($token));
if ($tok = $stmt->fetch(PDO::FETCH_OBJ)) {
return new Alternc_Api_Token(json_decode($tok->data, true));
}
return new Alternc_Api_Response(array("code" => self::ERR_INVALID_TOKEN, "message" => "Invalid token"));
}
/**
* Generate a new random token
* @return string
*/
public function tokenRandom() {
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
$s = "";
for ($i = 0; $i < 32; $i++)
$s.=substr($chars, rand(0, 61), 1);
return $s;
}
}
// class Alternc_Api_Response

54
ssl/Makefile Executable file
View File

@ -0,0 +1,54 @@
# ----------------------------------------------------------------------
# LICENSE
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License (GPL)
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# To read the license please visit http://www.gnu.org/copyleft/gpl.html
# ----------------------------------------------------------------------
# Purpose of file: Install the files of alternc-ssl packages
# ----------------------------------------------------------------------
install:
install -m 0644 -g root -o root ssl.sql $(DESTDIR)/usr/share/alternc/install/
install -m 0755 -g root -o root alternc-ssl.install.php $(DESTDIR)/usr/lib/alternc/install.d/alternc-ssl
install -m 0644 -g root -o root README.txt $(DESTDIR)/var/lib/alternc/ssl/private/
install -m 0644 -g root -o root apache2.conf $(DESTDIR)/etc/apache2/conf.d/alternc-ssl-alias.conf
# incron
install -m 0755 -g root -o root ssl_alias_manager.sh $(DESTDIR)/usr/lib/alternc/
install -m 0644 -g root -o root alternc-ssl.incron.d $(DESTDIR)/etc/incron.d/alternc-ssl
install -m 0644 -g 1999 -o root panel/class/m_ssl.php $(DESTDIR)/usr/share/alternc/panel/class/
install -m 0644 -g 1999 -o root panel/admin/*.php $(DESTDIR)/usr/share/alternc/panel/admin/
install -m 0644 -g 1999 -o root panel/admin/images/* $(DESTDIR)/usr/share/alternc/panel/admin/images/
# locales
install -m 0644 -g 1999 -o root panel/locales/pt_BR/LC_MESSAGES/ssl.po $(DESTDIR)/usr/share/alternc/panel/locales/pt_BR/LC_MESSAGES/ssl.po
install -m 0644 -g 1999 -o root panel/locales/fr_FR/LC_MESSAGES/ssl.po $(DESTDIR)/usr/share/alternc/panel/locales/fr_FR/LC_MESSAGES/ssl.po
install -m 0644 -g 1999 -o root panel/locales/en_US/LC_MESSAGES/ssl.po $(DESTDIR)/usr/share/alternc/panel/locales/en_US/LC_MESSAGES/ssl.po
install -m 0644 -g 1999 -o root panel/locales/de_DE/LC_MESSAGES/ssl.po $(DESTDIR)/usr/share/alternc/panel/locales/de_DE/LC_MESSAGES/ssl.po
install -m 0644 -g 1999 -o root panel/locales/it_IT/LC_MESSAGES/ssl.po $(DESTDIR)/usr/share/alternc/panel/locales/it_IT/LC_MESSAGES/ssl.po
install -m 0644 -g 1999 -o root panel/locales/nl_NL/LC_MESSAGES/ssl.po $(DESTDIR)/usr/share/alternc/panel/locales/nl_NL/LC_MESSAGES/ssl.po
install -m 0644 -g 1999 -o root panel/locales/es_ES/LC_MESSAGES/ssl.po $(DESTDIR)/usr/share/alternc/panel/locales/es_ES/LC_MESSAGES/ssl.po
# FIXME: how can we do that properly ??
# install -m 0644 -g 1999 -o root panel/admin/styles/* $(DESTDIR)/usr/share/alternc/panel/admin/styles/
install -m 0644 -g 1999 -o root templates/* $(DESTDIR)/etc/alternc/templates/apache2/
install -m 0644 -g 1999 -o root ssl.conf $(DESTDIR)/etc/alternc/templates/apache2/mods-available/
install -m 0644 -g 1999 -o root openssl.cnf $(DESTDIR)/etc/alternc/
install -m 0755 -g 1999 -o root hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/
ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_panel-ssl.sh
ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_vhost-mixssl.sh
ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_roundcube-ssl.sh
ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_squirrelmail-ssl.sh
ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_php52-ssl.sh
ln -s hosting_vhost-ssl.sh $(DESTDIR)/etc/alternc/functions_hosting/hosting_php52-mixssl.sh
# api
install -m 0644 -g root -o root api/Ssl.php $(DESTDIR)/usr/share/php/Alternc/Api/Object/

4
ssl/README.txt Normal file
View File

@ -0,0 +1,4 @@
This folder will contains the SSL certificates,
chained certificates and private keys of VHOSTS
used by Apache to serve HTTPS pages.

1
ssl/alternc-ssl.incron.d Normal file
View File

@ -0,0 +1 @@
/var/run/alternc-ssl IN_CREATE,IN_ATTRIB,IN_NO_LOOP /usr/lib/alternc/ssl_alias_manager.sh

83
ssl/alternc-ssl.install.php Normal file
View File

@ -0,0 +1,83 @@
#!/usr/bin/php
<?php
/*
at alternc.install time
synchronize the required domain templates with the current install
(do they have php52, roundcube, squirrelmail, etc.?)
*/
if ($argv[1] == "templates") {
// install ssl.conf
echo "[alternc-ssl] Installing ssl.conf template\n";
copy("/etc/alternc/templates/apache2/mods-available/ssl.conf","/etc/apache2/mods-available/ssl.conf");
mkdir("/var/run/alternc-ssl");
chown("/var/run/alternc-ssl","alterncpanel");
chgrp("/var/run/alternc-ssl","alterncpanel");
// replace open_basedir line if necessary :
exec('sed -i -e "s#:/var/run/alternc#:/var/run#" -e "s#:/run/alternc#:/run#" /etc/alternc/apache2.conf /etc/alternc/templates/alternc/apache2.conf');
}
if ($argv[1] == "before-reload") {
// Bootstrap
require_once("/usr/share/alternc/panel/class/config_nochk.php");
echo "[alternc-ssl] Installing domaines-types\n";
$db->query("INSERT IGNORE INTO `domaines_type` (name, description, target, entry, compatibility, enable, only_dns, need_dns, advanced ) VALUES
('vhost-ssl', 'Locally hosted forcing HTTPS', 'DIRECTORY', '%SUB% IN A @@PUBLIC_IP@@', 'vhost,url,txt,defmx,defmx2,mx,mx2', 'ALL', 0, 0, 0);");
$db->query("INSERT IGNORE INTO `domaines_type` (name, description, target, entry, compatibility, enable, only_dns, need_dns, advanced ) VALUES
('vhost-mixssl', 'Locally hosted HTTP and HTTPS', 'DIRECTORY', '%SUB% IN A @@PUBLIC_IP@@', 'vhost,url,txt,defmx,defmx2,mx,mx2', 'ALL', 0, 0, 1);");
$db->query("INSERT IGNORE INTO `domaines_type` (name, description, target, entry, compatibility, enable, only_dns, need_dns, advanced ) VALUES
('panel-ssl', 'HTTPS AlternC panel access', 'NONE', '%SUB% IN A @@PUBLIC_IP@@', 'ip,ipv6,cname,txt,mx,mx2,defmx,defmx2', 'ALL', 0, 0, 1);");
$db->query("SELECT * FROM domaines_type WHERE name='roundcube';");
if ($db->next_record()) {
$db->query("INSERT IGNORE INTO `domaines_type` (name, description, target, entry, compatibility, enable, only_dns, need_dns, advanced ) VALUES
('roundcube-ssl', 'HTTPS Roundcube Webmail', 'NONE', '%SUB% IN A @@PUBLIC_IP@@', 'mx,mx2,defmx,defmx2,txt', 'ALL', 0, 0, 1;");
} else {
$db->query("DELETE FROM domaines_type WHERE name='roundcube-ssl';");
$db->query("UPDATE sub_domaines SET web_action='DELETE' WHERE type='roundcube-ssl';");
}
$db->query("SELECT * FROM domaines_type WHERE name='squirrelmail';");
if ($db->next_record()) {
$db->query("INSERT IGNORE INTO `domaines_type` (name, description, target, entry, compatibility, enable, only_dns, need_dns, advanced ) VALUES
('squirrelmail-ssl', 'HTTPS Squirrelmail Webmail', 'NONE', '%SUB% IN A @@PUBLIC_IP@@', 'mx,mx2,defmx,defmx2,txt', 'ALL', 0, 0, 1);");
} else {
$db->query("DELETE FROM domaines_type WHERE name='squirrelmail-ssl';");
$db->query("UPDATE sub_domaines SET web_action='DELETE' WHERE type='squirrelmail-ssl';");
}
$db->query("SELECT * FROM domaines_type WHERE name='php52';");
if ($db->next_record()) {
$db->query("INSERT IGNORE INTO `domaines_type` (name, description, target, entry, compatibility, enable, only_dns, need_dns, advanced ) VALUES
('php52-ssl', 'php52 forcing HTTPS', 'DIRECTORY', '%SUB% IN A @@PUBLIC_IP@@', 'vhost,url,txt,defmx,defmx2,mx,mx2', 'ALL', 0, 0, 0);");
$db->query("INSERT IGNORE INTO `domaines_type` (name, description, target, entry, compatibility, enable, only_dns, need_dns, advanced ) VALUES
('php52-mixssl', 'php52 HTTP and HTTPS', 'DIRECTORY', '%SUB% IN A @@PUBLIC_IP@@', 'vhost,url,txt,defmx,defmx2,mx,mx2', 'ALL', 0, 0, 0);");
} else {
$db->query("DELETE FROM domaines_type WHERE name='php52-ssl';");
$db->query("UPDATE sub_domaines SET web_action='DELETE' WHERE type='php52-ssl';");
$db->query("DELETE FROM domaines_type WHERE name='php52-mixssl';");
$db->query("UPDATE sub_domaines SET web_action='DELETE' WHERE type='php52-mixssl';");
}
// Enable name-based virtual hosts in Apache2 :
$f = fopen("/etc/apache2/ports.conf", "rb");
if (!$f) {
echo "FATAL: there is no /etc/apache2/ports.conf ! I can't configure name-based virtual hosts\n";
} else {
$found = false;
while ($s = fgets($f, 1024)) {
if (preg_match(":^[^#]*NameVirtualHost.*443:", $s)) {
$found = true;
break;
}
}
fclose($f);
if (!$found) {
$f = fopen("/etc/apache2/ports.conf", "ab");
fputs($f, "\n<IfModule mod_ssl.c>\n NameVirtualHost *:443\n\n</IfModule>\n");
fclose($f);
}
}
} // before-reload

5
ssl/apache2.conf Normal file
View File

@ -0,0 +1,5 @@
<Directory /var/lib/alternc/ssl-cert-alias/>
allow from all
</Directory>

187
ssl/api/Ssl.php Normal file
View File

@ -0,0 +1,187 @@
<?php
/**
* SSL Api of AlternC, used by alternc-api package
*/
class Alternc_Api_Object_Ssl extends Alternc_Api_Legacyobject {
protected $ssl;
function __construct($service) {
global $ssl;
parent::__construct($service);
// We use the global $ssl from AlternC legacy classes
$this->ssl=$ssl;
}
/** API Method from legacy class get_list()
* @param $options a hash with parameters transmitted to legacy call
* filter = the kind of ssl certificates to show or not show
* @return Alternc_Api_Response whose content is an array of hashes containing all corresponding certificates informations
*/
function getList($options) {
if (isset($options["filter"]) && intval($options["filter"])) {
$filter=intval($options["filter"]);
} else {
$filter=null;
}
$ssllist=$this->ssl->get_list($filter);
return new Alternc_Api_Response( array("content" => $ssllist) );
}
/** API Method from legacy class new_csr()
* @param $options a hash with parameters transmitted to legacy call
* fqdn = the DNS name to create a CSR to
* @return Alternc_Api_Response whose content is the CSR ID in the certificate database
*/
function newCsr($options) {
if (!isset($options["fqdn"]) || !is_string($options["fqdn"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: FQDN") );
}
$certid=$this->ssl->new_csr($options["fqdn"]);
if ($certid===false) {
return $this->alterncLegacyErrorManager();
}
return new Alternc_Api_Response( array("content" => $certid) );
}
/** API Method from legacy class get_certificate()
* @param $options a hash with parameters transmitted to legacy call
* id = the ID of the certificate in the certifiate table to get
* @return Alternc_Api_Response whose content is a hash with all informations for that certificate
*/
function getCertificate($options) {
if (!isset($options["id"]) || !intval($options["id"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ID") );
}
$certinfo=$this->ssl->get_certificate(intval($options["id"]));
if ($certinfo===false) {
return $this->alterncLegacyErrorManager();
}
return new Alternc_Api_Response( array("content" => $certinfo) );
}
/** API Method from legacy class share()
* @param $options a hash with parameters transmitted to legacy call
* id = the ID of the certificate to share or unshare
* action = boolean telling to share(true) or unshare(false) this certificate
* @return Alternc_Api_Response true.
*/
function share($options) {
if (!isset($options["id"]) || !intval($options["id"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ID") );
}
if (!isset($options["action"]) ) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ACTION") );
}
$isok=$this->ssl->share(intval($options["id"]), (intval($options["action"]))? true : false );
if ($isok===false) {
return $this->alterncLegacyErrorManager();
}
return new Alternc_Api_Response( array("content" => $isok) );
}
/** API Method from legacy class import_cert()
* @param $options a hash with parameters transmitted to legacy call
* key, crt, chain = key and crt (both mandatory) and chain (not mandatory) to import
* @return Alternc_Api_Response the ID of the newly created certificate in the table.
*/
function importCert($options) {
if (!isset($options["key"]) || !is_string($options["key"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: KEY") );
}
if (!isset($options["crt"]) || !is_string($options["crt"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: CRT") );
}
if (isset($options["chain"])) {
if (!is_string($options["chain"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Invalid argument: CHAIN") );
}
} else {
$options["chain"]="";
}
$certid=$this->ssl->import_cert($options["key"],$options["crt"],$options["chain"]);
if ($certid===false) {
return $this->alterncLegacyErrorManager();
}
return new Alternc_Api_Response( array("content" => $certid) );
}
/** API Method from legacy class finalize()
* @param $options a hash with parameters transmitted to legacy call
* second part of the new_csr() call, finalize a certificate creation
* id = ID of the certificate to finalize in the table.
* crt = Certificate data
* chain = Chained Certificate date (not mandatory)
* @return Alternc_Api_Response the ID of the updated certificate in the table.
*/
function finalize($options) {
if (!isset($options["id"]) || !intval($options["id"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: ID") );
}
if (!isset($options["crt"]) || !is_string($options["crt"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: CRT") );
}
if (isset($options["chain"])) {
if (!is_string($options["chain"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Invalid argument: CHAIN") );
}
} else {
$options["chain"]="";
}
$certid=$this->ssl->finalize(intval($options["id"]),$options["crt"],$options["chain"]);
if ($certid===false) {
return $this->alterncLegacyErrorManager();
}
return new Alternc_Api_Response( array("content" => $certid) );
}
/** API Method from legacy class alias_add()
* @param $options a hash with parameters transmitted to legacy call
* add the alias 'name' with the content value 'value' in the global apache configuration
* @return Alternc_Api_Response true
*/
function aliasAdd($options) {
if (!isset($options["name"]) || !is_string($options["name"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: NAME") );
}
if (!isset($options["content"]) || !is_string($options["content"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: CONTENT") );
}
$isok=$this->ssl->alias_add($options["name"],$options["content"]);
if ($isok===false) {
return $this->alterncLegacyErrorManager();
}
return new Alternc_Api_Response( array("content" => $isok) );
}
/** API Method from legacy class alias_del()
* @param $options a hash with parameters transmitted to legacy call
* del the alias 'name' in the global apache configuration
* @return Alternc_Api_Response true
*/
function aliasDel($options) {
if (!isset($options["name"]) || !is_string($options["name"])) {
return new Alternc_Api_Response( array("code" => self::ERR_INVALID_ARGUMENT, "message" => "Missing or invalid argument: NAME") );
}
$isok=$this->ssl->alias_del($options["name"]);
if ($isok===false) {
return $this->alterncLegacyErrorManager();
}
return new Alternc_Api_Response( array("content" => $isok) );
}
} // class Alternc_Api_Object_Ssl

30
ssl/gen-ssl-templates.sh Executable file
View File

@ -0,0 +1,30 @@
#!/bin/bash
# this script regenerate the SSL-* templates from the ORIGINAL non-ssl in parent folder
# launch it if you know that some templates has been changed in parent folder.
function convert {
src=$1
dst=$2
(cat ../etc/alternc/templates/apache2/url.conf | sed -e 's#%%redirect%%#https://%%fqdn%%#'
cat $src |
sed -e 's#:80#:443#' \
-e "s#</VirtualHost># SSLEngine On\n SSLCertificateFile %%CRT%%\n SSLCertificateKeyFile %%KEY%%\n %%CHAINLINE%%\n\n</VirtualHost>#i" \
) >$dst
}
# Those 3 are redirects from http://%%fqdn%% to https://%%fqdn%% PLUS the https://%%fqdn%% VHOST
convert "../roundcube/templates/apache2/roundcube.conf" "templates/roundcube-ssl.conf"
convert "../squirrelmail/templates/apache2/squirrelmail.conf" "templates/squirrelmail-ssl.conf"
convert "../etc/alternc/templates/apache2/panel.conf" "templates/panel-ssl.conf"
convert "../etc/alternc/templates/apache2/vhost.conf" "templates/vhost-ssl.conf"
# manual case : BOTH http and https are normal vhosts pointing to the same DocumentRoot
(cat ../etc/alternc/templates/apache2/vhost.conf
cat ../etc/alternc/templates/apache2/vhost.conf |
sed -e 's#:80#:443#' \
-e "s#</VirtualHost># SSLEngine On\n SSLCertificateFile %%CRT%%\n SSLCertificateKeyFile %%KEY%%\n %%CHAINLINE%%\n\n</VirtualHost>#i"
) >templates/vhost-mixssl.conf

54
ssl/hosting_vhost-ssl.sh Executable file
View File

@ -0,0 +1,54 @@
#!/usr/bin/php
<?php
/*
function called as a hook during alternc update_domains.sh as follow:
(launched by functions_hosting.sh in launch_hook() shell function)
create a host: launch_hooks "create" "$1" "$2" "$3" "$4" (type domain mail value)
at the end of host creation: launch_hooks "postinst" "$1" "$2" "$3" "$4"
enable or disable a host: launch_hooks "enable|disable" "$1" "$2" "$3" (type domain value)
at host deletion: launch_hooks "delete" "$1" "$2" "$3" "$4" (type fqdn)
also, after reloading apache :
run-parts --arg=web_reload /usr/lib/alternc/reload.d
also, dns functions are:
after reconfiguring bind (rndc reconfig) : run-parts --arg=dns_reconfig /usr/lib/alternc/reload.d
(may need to *redo* rndc reconfig... a "before_dns_reconfig" would be better !)
before reloading a zone : run-parts --arg=dns_reload_zone --arg="$domain" /usr/lib/alternc/reload.d
*/
// Bootstrap
require_once("/usr/share/alternc/panel/class/config_nochk.php");
if (!isset($ssl)) {
echo "OUPS: hosting_vhost-ssl.sh launched, but ssl module not installed, exiting\n";
exit();
}
if (!isset($argv[1])) {
echo "FATAL: must be launched from functions_hosting.sh !\n";
exit();
}
if ( ($argv[1]=="create" || $argv[1]=="postinst" || $argv[1]=="delete") ) {
if (count($argv)<5) {
echo "FATAL: create/postinst/delete need 4 parameters: type domain mail value\n";
print_r($argv);
exit();
}
$ssl->updateDomain($argv[1], $argv[2], $argv[3], $argv[4]);
exit();
}
if ( ($argv[1]=="enable" || $argv[1]=="disable") ) {
if (count($argv)<4) {
echo "FATAL: enable/disable need 3 parameters: type domain value\n";
print_r($argv);
exit();
}
$ssl->updateDomain($argv[1], $argv[2], $argv[3] );
exit();
}
echo "FATAL: action unknown, must be launched from functions_hosting.sh !\n";
print_r($argv);
exit();

16
ssl/openssl.cnf Normal file
View File

@ -0,0 +1,16 @@
HOME = .
RANDFILE = $ENV::HOME/.rnd
oid_section = new_oids
[ new_oids ]
[ req ]
default_md = sha256
default_bits = 2048
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
string_mask = nombstr
[ req_distinguished_name ]
commonName = Your domain name
commonName_max = 256
[ req_attributes ]

BIN
ssl/panel/admin/images/ssl.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 561 B

48
ssl/panel/admin/ssl_delete.php Normal file
View File

@ -0,0 +1,48 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2002 by the AlternC Development Team.
http://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Benjamin Sonntag
Purpose of file: DELETE an ssl certificate
----------------------------------------------------------------------
*/
require_once("../class/config.php");
$fields = array(
"id" => array("post", "integer", ""),
"delete" => array("post", "string", ""),
"confirm" => array("post", "string", ""),
);
getFields($fields);
if (!isset($delete)) {
require_once("ssl_list.php");
exit();
}
$ok = $ssl->del_certificate($id);
if ($ok) $info=_("Your SSL Certificate has been deleted");
$error = $err->errstr();
require_once("ssl_list.php");

53
ssl/panel/admin/ssl_doimport.php Normal file
View File

@ -0,0 +1,53 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2002 by the AlternC Development Team.
http://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Benjamin Sonntag
Purpose of file: Create / Import an SSL Certificate
----------------------------------------------------------------------
*/
require_once("../class/config.php");
if (!isset($is_include)) {
$fields = array(
"key" => array("post", "string", ""),
"crt" => array("post", "string", ""),
"chain" => array("post", "string", ""),
);
getFields($fields);
}
if (!$key && !$crt) {
$error = _("Please enter an ssl key and a certificate");
require_once("ssl_new.php");
exit();
}
$id = $ssl->import_cert($key, $crt, $chain);
$error = $err->errstr();
if ($error) {
require_once("ssl_new.php");
exit();
}
header("Location: /ssl_view.php?id=" . $id);

57
ssl/panel/admin/ssl_donew.php Normal file
View File

@ -0,0 +1,57 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2002 by the AlternC Development Team.
http://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Benjamin Sonntag
Purpose of file: Create / Import an SSL Certificate
----------------------------------------------------------------------
*/
require_once("../class/config.php");
if (!isset($is_include)) {
$fields = array(
"fqdn" => array("request", "string", ""),
"fqdnt" => array("request", "string", ""),
);
getFields($fields);
}
if (!$fqdn && !$fqdnt) {
$error = _("Please enter a proper domain name");
require_once("ssl_new.php");
exit();
}
if ($fqdnt)
$d = $fqdnt;
if ($fqdn)
$d = $fqdn;
$id = $ssl->new_csr($d);
$error = $err->errstr();
if ($error) {
require_once("ssl_new.php");
exit();
}
$is_include = true;
require_once("ssl_view.php");

51
ssl/panel/admin/ssl_finalize.php Normal file
View File

@ -0,0 +1,51 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2002 by the AlternC Development Team.
http://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Benjamin Sonntag
Purpose of file: Create / Import an SSL Certificate
----------------------------------------------------------------------
*/
require_once("../class/config.php");
$fields = array(
"id" => array("post", "integer", ""),
"crt" => array("post", "string", ""),
"chain" => array("post", "string", ""),
"delete" => array("post","string",""),
);
getFields($fields);
if ($delete!="") {
require_once("ssl_delete.php");
exit();
}
$cert = $ssl->finalize($id, $crt, $chain);
$error = $err->errstr();
if ($error) {
require_once("ssl_list.php");
exit();
}
$info = _("Your ssl certificate has been imported successfully");
require_once("ssl_view.php");

144
ssl/panel/admin/ssl_list.php Normal file
View File

@ -0,0 +1,144 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2002 by the AlternC Development Team.
http://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Benjamin Sonntag
Purpose of file: Create / Import an SSL Certificate
----------------------------------------------------------------------
*/
require_once("../class/config.php");
if (!isset($is_include)) {
$fields = array(
"filter" => array("request", "integer", null),
"filter1" => array("request", "integer", 0),
"filter2" => array("request", "integer", 0),
"filter4" => array("request", "integer", 0),
"filter8" => array("request", "integer", 0),
);
getFields($fields);
}
if (isset($filter1) && isset($filter2) && isset($filter4) && isset($filter8)) {
$filter = $filter1 + $filter2 + $filter4 + $filter8;
if ($filter == 0)
$filter = null;
}
$r = $ssl->get_list($filter);
if (!$error)
$error.=$err->errstr();
$astatus = array(
$ssl::STATUS_PENDING => _("Pending Certificate"),
$ssl::STATUS_OK => _("Valid"),
$ssl::STATUS_EXPIRED => "<span style=\"color: red; font-weight:bold\">" . _("Expired") . "</span>",
);
$vhosts = $ssl->get_vhosts();
foreach ($vhosts as $v) {
if ($v["certif"] == 0) {
$info=_("Some of your hosting are using a <b>self-signed</b> certificate. <br>Your browser will not let you surf those domains properly<br>To fix this, buy a properly signed certificate")."<br>".$info;
}
}
include_once("head.php");
if ($error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
if ($info) {
echo "<p class=\"alert alert-info\">$info</p>";
}
?>
<h3><?php __("Your Certificates"); ?></h3>
<p><?php __("Please find below your SSL Certificates. Some may be provided by the administrator of the server, some may be Expired or Pending (waiting for a CRT from your Certificate Provider)"); ?></p>
<form method="get" action="ssl_list.php" name="filter">
<p><?php __("Only show the following certificates:"); ?> <br />
<label for="filter1"><input type="checkbox" onclick="document.forms['filter'].submit()" name="filter1" id="filter1" value="1" <?php cbox($filter & $ssl::FILTER_PENDING); ?>><?php __("Pending Certificates"); ?></label>
<label for="filter2"><input type="checkbox" onclick="document.forms['filter'].submit()" name="filter2" id="filter2" value="2" <?php cbox($filter & $ssl::FILTER_OK); ?>><?php __("Valid Certificates"); ?></label>
<label for="filter4"><input type="checkbox" onclick="document.forms['filter'].submit()" name="filter4" id="filter4" value="4" <?php cbox($filter & $ssl::FILTER_EXPIRED); ?>><?php __("Expired Certificates"); ?></label>
<br />
<label for="filter8"><input type="checkbox" onclick="document.forms['filter'].submit()" name="filter8" id="filter8" value="8" <?php cbox($filter & $ssl::FILTER_SHARED); ?>><?php __("Certificates Shared by the Administrator"); ?></label>
&nbsp; &nbsp;
<input type="submit" name="go" value="<?php __("Filter"); ?>"/>
</form>
<table class="tlist">
<tr><th></th><th><?php __("Domain Name"); ?></th><th><?php __("Status"); ?></th><th><?php __("Validity period"); ?></th><th><?php __("Used by"); ?></th></tr>
<?php
reset($r);
while (list($key, $val) = each($r)) {
?>
<tr class="lst">
<td><div class="ina edit"><a href="ssl_view.php?id=<?php echo $val["id"] ?>"><?php __("Details"); ?></a></div></td>
<td><?php echo $val["fqdn"]; ?></td>
<td><?php
echo $astatus[$val["status"]];
if ($val["shared"])
echo " <i>" . _("(shared)") . "</i>";
?></td>
<?php
if ($val["status"] != $ssl::STATUS_PENDING) {
?>
<td><?php echo format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'), date("Y-m-d H:i:s", $val["validstartts"])); ?><br>
<?php
if ($val["validendts"] < (time() + 86400 * 31))
echo "<span style=\"color: red; font-weight:bold\">";
echo format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'), date("Y-m-d H:i:s", $val["validendts"]));
if ($val["validendts"] < (time() + 86400 * 31))
echo "</span>";
?></td>
<?php } else { ?>
<td><?php __("Requested on: "); ?><br>
<?php echo format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'), date("Y-m-d H:i:s", $val["validstartts"])); ?></td>
<?php } ?>
<td><?php
foreach ($vhosts as $v) {
if ($v["certif"] == $val["id"]) {
$v["fqdn"] = (($v["sub"]) ? ($v["sub"] . ".") : "") . $v["domaine"];
echo "<a href=\"dom_edit.php?domain=" . $v["domaine"] . "\">" . $v["fqdn"] . "</a><br>\n";
}
}
?></td>
</tr>
<?php
}
// Now we enumerate self-signed certificates
foreach ($vhosts as $v) {
if ($v["certif"] == 0) {
$v["fqdn"] = (($v["sub"]) ? ($v["sub"] . ".") : "") . $v["domaine"];
echo "<tr><td><div class=\"ina add\"><a href=\"ssl_new.php?fqdn=" . $v["fqdn"] . "\">" . _("Create one") . "</a></div></td>";
echo "<td colspan=\"3\"><span style=\"color: red; font-weight:bold\">" . _("This hosting has no valid certificate<br>a self-signed one has been created") . "</span></td>";
echo "<td><a href=\"dom_edit.php?domain=" . $v["domaine"] . "\">" . $v["fqdn"] . "</a></td>";
echo "</tr>";
}
}
?>
</table>
<p>&nbsp;</p>
<p>
<span class="inb add"><a href="ssl_new.php"><?php __("Create or Import a new SSL Certificate"); ?></a></span>
</p>
<?php include_once("foot.php"); ?>

164
ssl/panel/admin/ssl_new.php Normal file
View File

@ -0,0 +1,164 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2002 by the AlternC Development Team.
http://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Benjamin Sonntag
Purpose of file: Create / Import an SSL Certificate
----------------------------------------------------------------------
*/
require_once("../class/config.php");
include_once("head.php");
if (!isset($is_include)) {
$fields = array(
"fqdnt" => array("request", "string", ""),
"key" => array("request", "string", ""),
"crt" => array("request", "string", ""),
"chain" => array("request", "string", ""),
);
getFields($fields);
}
$advice = $ssl->get_new_advice();
?>
<h3><?php __("New SSL Certificate"); ?></h3>
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
?>
<p>
<?php __("An SSL certificate is a file which must be obtained from a Certificate Authority, and allow you to enable HTTPS encryption on a domain name."); ?>
</p>
<p>
<?php __("To obtain one, you need to generate a <i>Certificate Request</i> (CSR) and a <i>RSA Key</i> (KEY) here, then give the CSR to the Certificate Authority, which will give you a certificate (CRT) and also often a chained certificate (CHAIN)."); ?>
</p>
<p>
<?php __("If you already know what it is and already have all those files (CRT/KEY/CHAIN) You can import them here too."); ?>
</p>
<div id="content">
<div id="tabsssl">
<ul>
<li class="add"><a href="#tabsssl-create"><?php __("Create a CSR/KEY"); ?></a></li>
<li class="settings"><a href="#tabsssl-import"><?php __("Import existing files"); ?></a></li>
</ul>
<div id="tabsssl-create">
<h3><?php __("Create a CSR/KEY for a given domain name"); ?></h3>
<p><?php __("Use this form to generate a <i>Certificate Request file</i> (CSR) and a <i>RSA Key file</i> (KEY) for a given domain name"); ?></p>
<script type="text/javascript">
function switchmanual() {
if ($("#fqdn").val() == -1) {
$("#fqdn").hide();
$("#fqdnt").show();
$("#relist").show();
$("#fqdn").val("");
$("#fqdnt").focus();
}
}
function switchlist() {
$("#fqdn").show();
$("#fqdnt").hide();
$("#relist").hide();
$("#fqdnt").val("");
$("#fqdn").val("");
$("#fqdn").focus();
}
</script>
<form method="post" action="ssl_donew.php" name="main" id="main">
<table border="1" cellspacing="0" cellpadding="4" class="tedit">
<tr><td colspan="2">
<?php __("Please choose the domain name for which you want a SSL Certificate, or enter it manually"); ?>
</td></tr>
<tr>
<th><label for="fqdn"><?php __("Fully Qualified Domain Name"); ?></label></th>
<td>
<select name="fqdn" id="fqdn" onchange="switchmanual()"<?php if ($fqdnt != "") echo " style=\"display: none\""; ?>>
<option value=""><?php __("--- Choose here ---"); ?></option>
<?php
foreach ($advice as $a) {
echo "<option>" . $a . "</option>";
}
?>
<option value="-1" style="font-style: italic; padding-left: 80px"> <?php __("... or click here to enter it manually"); ?></option>
</select>
<input<?php if ($fqdnt == "") echo " style=\"display: none\""; ?> type="text" class="int" name="fqdnt" id="fqdnt" value="" size="40" maxlength="64" /><input <?php if ($fqdnt == "") echo " style=\"display: none\""; ?> type="button" id="relist" name="relist" value=" list v " onclick="switchlist()" />
</td>
</tr>
</table>
<p>
<input type="submit" class="inb ok" name="submit" value="<?php __("Save"); ?>"/> &nbsp;
<input type="button" class="inb cancel" name="cancel" value="<?php __("Cancel"); ?>" onclick="document.location = 'ssl_list.php'"/>
</p>
</form>
<div style="padding-left: 40px; margin-top: 20px; background: url(/images/warning.png) 5px 5px no-repeat">
<p><?php __("Please note that a SSL Certificate is only valid for one fully qualified domain name. As a result, a certificate for <code>www.example.com</code> is NOT valid for <code>intranet.example.com</code> or <code>intranet.www.example.com</code> !"); ?> <br /><?php __("<i>(If you want to get a valid certificate for all the subdomains of a domain, use a wildcard notation (eg: *.example.com). Please note that a wildcard certificate is usually more expensive than normal one.)</i>"); ?></p>
</div>
</div> <!-- create -->
<div id="tabsssl-import">
<h3><?php __("Import existing Key Certificate and Chain files"); ?></h3>
<p><?php __("If you already have a RSA Key file, a Certificate for this key and (maybe) a Chained certificate, please paste their content here."); ?></p>
<p><?php __("We will verify the content of those files and add them in your certificate repository"); ?></p>
<form method="post" action="ssl_doimport.php" name="main" id="main">
<table border="1" cellspacing="0" cellpadding="4" class="tedit">
<tr>
<th><label for="key"><?php __("RSA Key"); ?></label></th>
<td><textarea class="int" name="key" id="key" style="width: 420px; height: 120px;"></textarea></td>
</tr>
<tr>
<th><label for="crt"><?php __("SSL Certificate"); ?></label></th>
<td><textarea class="int" name="crt" id="crt" style="width: 420px; height: 120px;"></textarea></td>
</tr>
<tr>
<th><label for="chain"><?php __("Chained Certificate<br />(not mandatory)"); ?></label></th>
<td><textarea class="int" name="chain" id="chain" style="width: 420px; height: 120px;"></textarea></td>
</tr>
</table>
<p>
<input type="submit" class="inb ok" name="submit" value="<?php __("Save"); ?>"/> &nbsp;
<input type="button" class="inb cancel" name="cancel" value="<?php __("Cancel"); ?>" onclick="document.location = 'ssl_list.php'"/>
</p>
</form>
</div> <!-- create -->
</div>
</div>
<script type="text/javascript">
$("#tabsssl").tabs(<?php if ($crt != "" and $key != "") echo "{ active: 'tabsssl-import' }"; ?>);
</script>
<?php
include_once("foot.php");
?>

45
ssl/panel/admin/ssl_share.php Normal file
View File

@ -0,0 +1,45 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2002 by the AlternC Development Team.
http://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Benjamin Sonntag
Purpose of file: Create / Import an SSL Certificate
----------------------------------------------------------------------
*/
require_once("../class/config.php");
if (!$admin->enabled) {
__("This page is restricted to authorized staff");
exit();
}
$fields = array(
"id" => array("request", "integer", 0),
"action" => array("request", "integer", 0),
);
getFields($fields);
if ($ssl->share($id, $action)) {
require_once("ssl_view.php");
} else {
require_once("ssl_list.php");
}

224
ssl/panel/admin/ssl_view.php Normal file
View File

@ -0,0 +1,224 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2002 by the AlternC Development Team.
http://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Original Author of file: Benjamin Sonntag
Purpose of file: Create / Import an SSL Certificate
----------------------------------------------------------------------
*/
require_once("../class/config.php");
if (!isset($is_include)) {
$fields = array(
"id" => array("request", "integer", ""),
);
getFields($fields);
}
$cert = $ssl->get_certificate($id);
$error = $err->errstr();
if ($error) {
require_once("ssl_list.php");
exit();
}
include_once("head.php");
if ($info) {
echo "<p class=\"alert alert-info\">$info</p>";
}
if ($cert["status"] == $ssl::STATUS_PENDING) {
?>
<h3><?php __("Pending Certificate"); ?></h3>
<p><?php __("Your <i>Certificate Request File</i> (CSR) has been created, along with its <i>private RSA Key</i> (KEY). Please find below the CSR you must send to your SSL Certificate provider."); ?></p>
<p><?php __("Once you'll have your <i>Certificate File</i> (CRT) and a <i>Chained Certificate File</i> (CHAIN), please paste them here to finish the enrollment."); ?></p>
<form method="post" action="ssl_finalize.php" name="main" id="main">
<input type="hidden" name="id" id="id" value="<?php echo $cert["id"]; ?>"/>
<table border="1" cellspacing="0" cellpadding="4" class="tedit">
<tr>
<th><label for="fqdn"><?php __("Fully Qualified Domain Name"); ?></label></th>
<td><?php echo $cert["fqdn"]; ?></td>
</tr>
<tr>
<th><label for="validstart"><?php __("Date of the request"); ?></label></th>
<td><?php echo format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'), date("Y-m-d H:i:s", $cert["validstartts"])); ?></td>
</tr>
<tr>
<th><label for="csr"><?php __("Certificate Request File"); ?></label></th>
<td><textarea readonly="readonly" onclick="this.focus();
this.select()" class="int cert" name="csr" id="csr" style="width: 500px; height: 120px;"><?php echo $cert["sslcsr"]; ?></textarea></td>
</tr>
<tr>
<th><label for="crt"><?php __("SSL Certificate"); ?></label></th>
<td><textarea class="int cert" name="crt" id="crt" style="width: 500px; height: 120px;"><?php echo $cert["sslcrt"]; ?></textarea></td>
</tr>
<tr>
<th><label for="chain"><?php __("Chained Certificate<br />(not mandatory)"); ?></label></th>
<td><textarea class="int cert" name="chain" id="chain" style="width: 500px; height: 120px;"><?php echo $cert["sslchain"]; ?></textarea></td>
</tr>
</table>
<p>
<input type="submit" class="inb ok" name="submit" value="<?php __("Save"); ?>"/> &nbsp;
<input type="button" class="inb cancel" name="cancel" value="<?php __("Cancel"); ?>" onclick="document.location = 'ssl_list.php'"/>
</p><p>
<input type="submit" class="inb delete" name="delete" value="<?php __("Delete"); ?>" onclick="return confirm('<?php
echo addslashes(_("Please confirm that you want to delete this certificate request AND ITS PRIVATE KEY!"));
?>');"/>
</p>
</form>
<?php
} else {
if ($cert["status"] == $ssl::STATUS_OK) {
?>
<h3><?php __("Valid Certificate"); ?></h3>
<p><?php __("Please find below your valid certificate data."); ?></p>
<?php
}
if ($cert["status"] == $ssl::STATUS_EXPIRED) {
?>
<h3><?php __("EXPIRED Certificate"); ?></h3>
<p><?php __("Your certificate is EXPIRED. You should not use it for any purpose. Please find below its data."); ?></p>
<?php
}
?>
<p>
<span class="inb ok"><a href="ssl_list.php"><?php __("Back to my SSL Certificates"); ?></a></span>
</p>
<table border="1" cellspacing="0" cellpadding="4" class="tedit">
<tr>
<th><?php __("Valid From:"); ?></th>
<td><?php
echo format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'), date("Y-m-d H:i:s", $cert["validstartts"]));
echo " ";
$days = intval((time() - $cert["validstartts"]) / 86400);
if ($days < 60) {
printf(_("(%d days ago)"), $days);
} else {
$month = intval($days / 30);
printf(_("(%d month ago)"), $month);
}
?></td>
</tr>
<tr>
<th><?php __("Valid Until:"); ?></th>
<td><?php
echo format_date(_('%3$d-%2$d-%1$d %4$d:%5$d'), date("Y-m-d H:i:s", $cert["validendts"]));
echo " ";
$days = intval(($cert["validendts"] - time()) / 86400);
if ($days < 60) {
printf(_("(%d days from now)"), $days);
} else {
$month = intval($days / 30);
printf(_("(%d month from now)"), $month);
}
?></td>
</tr>
<tr>
<th><?php __("FQDN:"); ?></th>
<td><?php echo $cert["fqdn"]; ?></td>
</tr>
<tr>
<th><?php __("Other Valid FQDN:"); ?></th>
<td><?php echo nl2br($cert["altnames"]); ?></td>
</tr>
<tr>
<th><label for="csr"><?php __("Certificate Request File"); ?></label></th>
<td><textarea readonly="readonly" onclick="this.focus();
this.select()" class="int cert" name="csr" id="csr" style="width: 500px; height: 120px;"><?php echo $cert["sslcsr"]; ?></textarea></td>
</tr>
<tr>
<th><label for="crt"><?php __("SSL Certificate"); ?></label></th>
<td><textarea readonly="readonly" onclick="this.focus();
this.select()" class="int cert" name="crt" id="crt" style="width: 500px; height: 120px;"><?php echo $cert["sslcrt"]; ?></textarea></td>
</tr>
<tr>
<th><label for="chain"><?php __("Chained Certificate<br />(not mandatory)"); ?></label></th>
<td><textarea readonly="readonly" onclick="this.focus();
this.select()" class="int cert" name="chain" id="chain" style="width: 500px; height: 120px;"><?php echo $cert["sslchain"]; ?></textarea></td>
</tr>
</table>
<?php
// The admin is allowed to share (or not share) his valid certificates
if ($admin->enabled) {
?>
<p><?php __("As an administrator you can allow any account on this server to use this certificate to host his services. <br />(This is only useful for wildcard or multi-domain certificates)."); ?></p>
<p>
<?php
if ($cert["shared"]) {
echo _("This certificate is currently <b>shared</b>");
if ($cert["uid"] == $cuid) {
?>
</p>
<form method="post" action="ssl_share.php">
<input type="hidden" name="id" id="id" value="<?php echo $cert["id"]; ?>"/>
<input type="hidden" name="action" id="action" value="0" />
<input class="inb cancel" type="submit" name="unshare" value="<?php __("Click here to stop sharing this certificate"); ?>" />
</form>
<?php
} else {
?>
<p><?php __("You are not the owner of this certificate, only its owner can share/unshare this certificate."); ?></p>
<?php
}
} else {
echo _("This certificate is currently <b>NOT shared</b>");
if ($cert["uid"] == $cuid) {
?>
</p>
<form method="post" action="ssl_share.php">
<input type="hidden" name="id" id="id" value="<?php echo $cert["id"]; ?>"/>
<input type="hidden" name="action" id="action" value="1" />
<input class="inb ok" type="submit" name="unshare" value="<?php __("Click here to share this certificate"); ?>" />
</form>
<?php
} else {
?>
<p><?php __("You are not the owner of this certificate, only its owner can share/unshare this certificate."); ?></p>
<?php
}
}
}
if ($cert["uid"] == $cuid) {
?>
<p>
<input type="submit" class="inb delete" name="delete" value="<?php __("Delete"); ?>" onclick="return confirm('<?php
echo addslashes(_("Please confirm that you want to delete this certificate AND ITS PRIVATE KEY!"));
?>');"/>
</p>
<?php
}
} // pending or OK ?
?>
<?php include_once("foot.php"); ?>

1072
ssl/panel/admin/styles/style.css Normal file
View File

File diff suppressed because it is too large Load Diff

819
ssl/panel/class/m_ssl.php Normal file
View File

@ -0,0 +1,819 @@
<?php
/*
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright (C) 2000-2014 by the AlternC Development Team.
https://alternc.org/
----------------------------------------------------------------------
LICENSE
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License (GPL)
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
To read the license please visit http://www.gnu.org/copyleft/gpl.html
----------------------------------------------------------------------
Purpose of file: Manage SSL Certificates and HTTPS Hosting
----------------------------------------------------------------------
*/
// -----------------------------------------------------------------
/**
* SSL Certificates management class
*/
class m_ssl {
const STATUS_PENDING = 0; // we have a key / csr, but no CRT
const STATUS_OK = 1; // we have the key, csr, crt, chain
const STATUS_EXPIRED = 99; // The certificate is now expired.
public $error = "";
// Includes one or more of those flags to see only those certificates
// when listing them:
const FILTER_PENDING = 1;
const FILTER_OK = 2;
const FILTER_EXPIRED = 4;
const FILTER_SHARED = 8;
const SSL_INCRON_FILE = "/var/run/alternc-ssl/generate_certif_alias";
var $myDomainesTypes = array("vhost-ssl", "vhost-mixssl", "panel-ssl", "roundcube-ssl", "squirrelmail-ssl", "php52-ssl", "php52-mixssl");
const KEY_REPOSITORY = "/var/lib/alternc/ssl/private";
// -----------------------------------------------------------------
/**
* Constructor
*/
function m_ssl() {
}
// -----------------------------------------------------------------
/**
* Hook to add the "ssl certificate" menu in the Panel
*/
function hook_menu() {
global $quota, $db, $cuid;
$q = $quota->getquota("ssl");
$obj = null;
if ($q['t'] > 0) {
$obj = array(
'title' => _("SSL Certificates"),
'ico' => 'images/ssl.png',
'link' => 'toggle',
'pos' => 130,
'links' => array(),
);
if ($quota->cancreate("ssl")) {
$obj['links'][] = array(
'ico' => 'images/new.png',
'txt' => _("New SSL certificate"),
'url' => "ssl_new.php",
'class' => '',
);
}
// or admin shared >0 !
$db->query("SELECT COUNT(*) AS cnt FROM certificates WHERE uid='$cuid' OR shared=1");
$used = $q['u'];
if ($db->next_record()) {
$used = $db->f("cnt");
}
if ($used > 0) { // if there are some SSL certificates
$obj['links'][] = array(
'txt' => _("List SSL Certificates"),
'url' => "ssl_list.php"
);
}
}
return $obj;
}
// -----------------------------------------------------------------
/** Return all the SSL certificates for an account (or the searched one)
* @param $filter an integer telling which certificate we want to see (see FILTER_* constants above)
* the default is showing all certificate, but only Pending and OK certificates, not expired or shared one
* when there is more than 10.
* @return array all the ssl certificate this user can use
* (each array is the content of the certificates table)
*/
function get_list(&$filter = null) {
global $db, $err, $cuid;
$err->log("ssl", "get_list");
// Expire expired certificates:
$db->query("UPDATE certificates SET status=".self::STATUS_EXPIRED." WHERE status=".self::STATUS_OK." AND validend<NOW();");
$r = array();
// If we have no filter, we filter by default on pending and ok certificates if there is more than 10 of them for the same user.
if (is_null($filter)) {
$db->query("SELECT count(*) AS cnt FROM certificates WHERE uid='$cuid' OR shared=1;");
$db->next_record();
if ($db->f("cnt") > 10) {
$filter = (self::FILTER_PENDING | self::FILTER_OK);
} else {
$filter = (self::FILTER_PENDING | self::FILTER_OK | self::FILTER_EXPIRED | self::FILTER_SHARED);
}
}
// filter the filter values :)
$filter = ($filter & (self::FILTER_PENDING | self::FILTER_OK | self::FILTER_EXPIRED | self::FILTER_SHARED));
// Here filter can't be null (and will be returned to the caller !)
$sql = "";
if ($filter & self::FILTER_SHARED) {
$sql = " (uid='$cuid' OR shared=1) ";
} else {
$sql = " uid='$cuid' ";
}
$sql.=" AND status IN (-1";
if ($filter & self::FILTER_PENDING) {
$sql.="," . self::STATUS_PENDING;
}
if ($filter & self::FILTER_OK) {
$sql.="," . self::STATUS_OK;
}
if ($filter & self::FILTER_EXPIRED) {
$sql.="," . self::STATUS_EXPIRED;
}
$sql.=") ";
$db->query("SELECT *, UNIX_TIMESTAMP(validstart) AS validstartts, UNIX_TIMESTAMP(validend) AS validendts FROM certificates WHERE $sql ORDER BY shared, fqdn;");
if ($db->num_rows()) {
while ($db->next_record()) {
$r[] = $db->Record;
}
return $r;
} else {
$err->raise("ssl", _("No SSL certificates available"));
return array();
}
}
// -----------------------------------------------------------------
/** Return all the Vhosts of this user using SSL certificates
* @return array all the ssl certificate and hosts of this user
*/
function get_vhosts() {
global $db, $err, $cuid;
$err->log("ssl", "get_vhosts");
$r=array();
$db->query("SELECT ch.*, UNIX_TIMESTAMP(c.validstart) AS validstartts, UNIX_TIMESTAMP(c.validend) AS validendts, sd.domaine, sd.sub "
. "FROM certif_hosts ch LEFT JOIN certificates c ON ch.certif=c.id "
. ", sub_domaines sd WHERE sd.id=ch.sub AND ch.uid=$cuid "
. "ORDER BY sd.domaine, sd.sub;");
if ($db->num_rows()) {
while ($db->next_record()) {
$r[] = $db->Record;
}
return $r;
} else {
$err->raise("ssl", _("You currently have no hosting using SSL certificate"));
return array();
}
}
// -----------------------------------------------------------------
/** Generate a new CSR, a new Private RSA Key, for FQDN.
* @param $fqdn string the FQDN of the domain name for which we want a CSR.
* a wildcard certificate must start by *.
* @return integer the Certificate ID created in the MySQL database
* or false if an error occurred
*/
function new_csr($fqdn) {
global $db, $err, $cuid;
$err->log("ssl", "new_csr");
if (substr($fqdn, 0, 2) == "*.") {
$f = substr($fqdn, 2);
} else {
$f = $fqdn;
}
if (checkfqdn($f)) {
$err->raise("ssl", _("Bad FQDN domain name"));
return false;
}
putenv("OPENSSL_CONF=/etc/alternc/openssl.cnf");
$pkey = openssl_pkey_new();
if (!$pkey) {
$err->raise("ssl", _("Can't generate a private key (1)"));
return false;
}
$privKey = "";
if (!openssl_pkey_export($pkey, $privKey)) {
$err->raise("ssl", _("Can't generate a private key (2)"));
return false;
}
$dn = array("commonName" => $fqdn);
// override the (not taken from openssl.cnf) digest to use SHA-2 / SHA256 and not SHA-1 or MD5 :
$config = array("digest_alg" => "sha256");
$csr = openssl_csr_new($dn, $pkey, $config);
$csrout = "";
openssl_csr_export($csr, $csrout);
$db->query("INSERT INTO certificates SET uid='$cuid', status=" . self::STATUS_PENDING . ", shared=0, fqdn='" . addslashes($fqdn) . "', altnames='', validstart=NOW(), sslcsr='" . addslashes($csrout) . "', sslkey='" . addslashes($privKey) . "';");
if (!($id = $db->lastid())) {
$err->raise("ssl", _("Can't generate a CSR"));
return false;
}
return $id;
}
// -----------------------------------------------------------------
/** Return all informations of a given certificate for the current user.
* @return array all the informations of the current certificate as a hash.
*/
function get_certificate($id) {
global $db, $err, $cuid;
$err->log("ssl", "get_certificate");
$id = intval($id);
$db->query("SELECT *, UNIX_TIMESTAMP(validstart) AS validstartts, UNIX_TIMESTAMP(validend) AS validendts FROM certificates WHERE (uid='$cuid' OR (shared=1 AND status=" . self::STATUS_OK . ") ) AND id='$id';");
if (!$db->next_record()) {
$err->raise("ssl", _("Can't find this Certificate"));
return false;
}
return $db->Record;
}
// -----------------------------------------------------------------
/** Delete a Certificate for the current user.
* @return boolean TRUE if the certificate has been deleted successfully.
*/
function del_certificate($id) {
global $db, $err, $cuid;
$err->log("ssl", "del_certificate");
$id = intval($id);
$db->query("SELECT * FROM certificates WHERE uid='$cuid' AND id='$id';");
if (!$db->next_record()) {
$err->raise("ssl", _("Can't find this Certificate"));
return false;
}
$fqdn = $db->Record["fqdn"];
$altnames = $db->Record["altnames"];
$db->query("DELETE FROM certificates WHERE uid='$cuid' AND id='$id';");
// Update any existing VHOST using this cert/key
$this->updateTrigger($fqdn, $altnames);
return true;
}
// -----------------------------------------------------------------
/** Share (or unshare) an ssl certificate
* @param $id integer the id of the certificate in the table.
* @param $action integer share (1) or unshare (0) this certificate
* @return boolean
*/
function share($id, $action = 1) {
global $db, $err, $cuid;
$err->log("ssl", "share");
$id = intval($id);
$db->query("SELECT * FROM certificates WHERE uid='$cuid' AND status=" . self::STATUS_OK . " AND id='$id';");
if (!$db->next_record()) {
$err->raise("ssl", _("Can't find this Certificate"));
return false;
}
if ($action) {
$action = 1;
$this->updateTrigger($db->Record["fqdn"], $db->Record["altnames"]);
} else {
$action = 0;
}
$db->query("UPDATE certificates SET shared=$action WHERE id='$id';");
return true;
}
// -----------------------------------------------------------------
/** Return all the subdomains that can be ssl-enabled for the current account.
* @return array of strings : all the subdomains.
* Excludes the one for which a cert is already available
*/
function get_new_advice() {
global $db, $err, $cuid;
$err->log("ssl", "get_new_advice");
$r = array();
// my certificates, either OK or PENDING (not expired) or the SHARED one (only OK then)
$db->query("SELECT fqdn FROM certificates WHERE
(uid='$cuid' AND status IN (" . self::STATUS_PENDING . "," . self::STATUS_OK . ") )
OR (shared=1 AND status=" . self::STATUS_OK . ")
ORDER BY shared, fqdn;");
$r = array();
while ($db->next_record()) {
$r[] = $db->f("fqdn");
}
// Now we get all our subdomains for certain domaines_types
$db->query("SELECT sub,domaine FROM sub_domaines WHERE compte='$cuid' AND type IN ('vhost', 'url', 'roundcube', 'squirrelmail', 'panel', 'php52');");
$advice = array();
while ($db->next_record()) {
$me = $db->f("sub");
if ($me) {
$me.=".";
}
$me.=$db->f("domaine");
if (!in_array($me, $r) && !in_array($me, $advice)) {
$advice[] = $me;
}
if (!in_array("*." . $db->f("domaine"), $r) && !in_array("*." . $db->f("domaine"), $advice)) {
$advice[] = "*." . $db->f("domaine");
}
}
sort($advice);
return($advice);
}
// -----------------------------------------------------------------
/** Import an existing ssl Key, Certificate and (maybe) a Chained Cert
* @param $key string the X.509 PEM-encoded RSA key
* @param $crt string the X.509 PEM-encoded certificate, which *must*
* be the one signinf the private RSA key in $key
* @param $chain string the X.509 PEM-encoded list of SSL Certificate chain if intermediate authorities
* @return integer the ID of the newly created certificate in the table
* or false if an error occurred
*/
function import_cert($key, $crt, $chain = "") {
global $cuid, $err, $db;
$err->log("ssl", "import_cert");
$result = $this->check_cert($crt, $chain, $key);
if ($result === false) {
$err->raise("ssl", $this->error);
return false;
}
list($crt, $chain, $key, $crtdata) = $result;
$validstart = $crtdata['validFrom_time_t'];
$validend = $crtdata['validTo_time_t'];
$fqdn = $crtdata["subject"]["CN"];
$altnames = $this->parseAltNames($crtdata["extensions"]["subjectAltName"]);
// Everything is PERFECT and has been thoroughly checked, let's insert those in the DB !
$sql = "INSERT INTO certificates SET uid='$cuid', status=" . self::STATUS_OK . ", shared=0, fqdn='" . addslashes($fqdn) . "', altnames='" . addslashes($altnames) . "', validstart=FROM_UNIXTIME(" . intval($validstart) . "), validend=FROM_UNIXTIME(" . intval($validend) . "), sslkey='" . addslashes($key) . "', sslcrt='" . addslashes($crt) . "', sslchain='" . addslashes($chain) . "';";
$db->query($sql);
if (!($id = $db->lastid())) {
$err->raise("ssl", _("Can't save the Key/Crt/Chain now. Please try later."));
return false;
}
$this->updateTrigger($fqdn, $altnames);
return $id;
}
// -----------------------------------------------------------------
/** Import an ssl certificate into an existing certificate entry in the DB.
* (finalize an enrollment process)
* @param $certid integer the ID in the database of the SSL Certificate
* @param $crt string the X.509 PEM-encoded certificate, which *must*
* be the one signing the private RSA key in certificate $certid
* @param $chain string the X.509 PEM-encoded list of SSL Certificate chain if intermediate authorities
* @return integer the ID of the updated certificate in the table
* or false if an error occurred
*/
function finalize($certid, $crt, $chain) {
global $cuid, $err, $db;
$err->log("ssl", "finalize");
$certid = intval($certid);
$result = $this->check_cert($crt, $chain, "", $certid);
if ($result === false) {
$err->raise("ssl", $this->error);
return false;
}
list($crt, $chain, $key, $crtdata) = $result;
$validstart = $crtdata['validFrom_time_t'];
$validend = $crtdata['validTo_time_t'];
$fqdn = $crtdata["subject"]["CN"];
$altnames = $this->parseAltNames($crtdata["extensions"]["subjectAltName"]);
// Everything is PERFECT and has been thoroughly checked, let's insert those in the DB !
$sql = "UPDATE certificates SET status=" . self::STATUS_OK . ", shared=0, fqdn='" . addslashes($fqdn) . "', altnames='" . addslashes($altnames) . "', validstart=FROM_UNIXTIME(" . intval($validstart) . "), validend=FROM_UNIXTIME(" . intval($validend) . "), sslcrt='" . addslashes($crt) . "', sslchain='" . addslashes($chain) . "' WHERE id='$certid' ;";
if (!$db->query($sql)) {
$err->raise("ssl", _("Can't save the Crt/Chain now. Please try later."));
return false;
}
$this->updateTrigger($fqdn, $altnames);
return $certid;
}
// -----------------------------------------------------------------
/** Function called by a hook when an AlternC member is deleted.
* @access private
* TODO: delete unused ssl certificates ?? > do this in the crontab.
*/
function alternc_del_member() {
global $db, $err, $cuid;
$err->log("ssl", "alternc_del_member");
$db->query("UPDATE certificates SET ssl_action='DELETE' WHERE uid='$cuid'");
return true;
}
// -----------------------------------------------------------------
/** Hook which returns the used quota for the $name service for the current user.
* @param $name string name of the quota
* @return integer the number of service used or false if an error occured
* @access private
*/
function hook_quota_get() {
global $db, $err, $cuid;
$err->log("ssl", "getquota");
$q = Array("name" => "ssl", "description" => _("SSL Certificates"), "used" => 0);
$db->query("SELECT COUNT(*) AS cnt FROM certificates WHERE uid='$cuid' AND status!=" . self::STATUS_EXPIRED);
if ($db->next_record()) {
$q['used'] = $db->f("cnt");
}
return $q;
}
// -----------------------------------------------------------------
/** Launched by functions in this class
* when a certificate is validated, expired or shared.
* so that existing vhost using expired or self-signed certificates
* may have the chance to use a proper one automagically
* @param string $fqdn the FQDN of the certificate
* @param string $altnames any alternative names this certificate may have.
*/
public function updateTrigger($fqdn, $altnames = "") {
global $db;
$fqdns = array($fqdn);
$an = explode("\n", $altnames);
foreach ($an as $a)
if (trim($a))
$fqdns[] = trim($a);
$db->query("UPDATE sub_domaines SET web_action='UPDATE' WHERE "
. "if(LENGTH(sub)>0,CONCAT(sub,'.',domaine),domaine) IN ('" . implode("','", $fqdns) . "') "
. "AND type LIKE '%ssl';");
}
// -----------------------------------------------------------------
/** Launched by hosting_functions.sh launched by update_domaines.sh
* Action may be create/postinst/delete/enable/disable
* Change the template for this domain name to have the proper CERTIFICATE
* An algorithm determine the best possible certificate, which may be a BAD one
* (like a generic admin-shared or self-signed for localhost as a last chance)
*/
public function updateDomain($action, $type, $fqdn, $mail = 0, $value = "") {
global $db, $err;
$err->log("ssl", "update_domain($action,$type,$fqdn)");
if (!in_array($type, $this->myDomainesTypes)) {
return; // nothing to do : the type is not our to start with ;)
}
if ($action == "postinst") {
$err->log("ssl", "update_domain:CREATE($action,$type,$fqdn)");
$offset = 0;
$found = false;
do { // try each subdomain (strtok-style) and search them in sub_domaines table:
$db->query("SELECT * FROM sub_domaines WHERE "
. "sub='" . substr($fqdn, 0, $offset) . "' AND domaine='" . substr($fqdn, $offset + ($offset != 0)) . "' "
. "AND web_action NOT IN ('','OK') AND type='" . $type . "';");
if ($db->next_record()) {
$found = true;
break;
}
$offset = strpos($fqdn, ".", $offset);
} while (true);
if (!$found) {
echo "FATAL: didn't found fqdn $fqdn in sub_domaines table !\n";
return;
}
// found and $db point to it:
$subdom = $db->Record;
$TARGET_FILE = "/var/lib/alternc/apache-vhost/" . substr($subdom["compte"], -1) . "/" . $subdom["compte"] . "/" . $fqdn . ".conf";
$cert = $this->searchBestCert($subdom["compte"], $fqdn);
// DEBUG echo "Return from searchBestCert(" . $subdom["compte"] . "," . $fqdn . ") is "; print_r($cert);
// Save crt/key/chain into KEY_REPOSITORY
$CRTDIR = self::KEY_REPOSITORY . "/" . $subdom["compte"];
@mkdir($CRTDIR);
// Don't *overwrite* existing self-signed certificates in KEY_REPOSITORY
if (isset($cert["selfsigned"]) &&
file_exists($CRTDIR . "/" . $fqdn . ".crt") &&
file_exists($CRTDIR . "/" . $fqdn . ".key")) {
echo "Self-Signed certificate reused...\n";
} else {
file_put_contents($CRTDIR . "/" . $fqdn . ".crt", $cert["sslcrt"]);
file_put_contents($CRTDIR . "/" . $fqdn . ".key", $cert["sslkey"]);
if (isset($cert["sslchain"]) && $cert["sslchain"]) {
file_put_contents($CRTDIR . "/" . $fqdn . ".chain", $cert["sslchain"]);
}
}
// edit apache conf file to set the certificate:
$s = file_get_contents($TARGET_FILE);
$s = str_replace("%%CRT%%", $CRTDIR . "/" . $fqdn . ".crt", $s);
$s = str_replace("%%KEY%%", $CRTDIR . "/" . $fqdn . ".key", $s);
if (isset($cert["sslchain"]) && $cert["sslchain"]) {
$s = str_replace("%%CHAINLINE%%", "SSLCertificateChainFile " . $CRTDIR . "/" . $fqdn . ".chain", $s);
} else {
$s = str_replace("%%CHAINLINE%%", "", $s);
}
file_put_contents($TARGET_FILE, $s);
// Edit certif_hosts:
$db->query("DELETE FROM certif_hosts WHERE sub=" . $subdom["id"] . ";");
$db->query("INSERT INTO certif_hosts SET "
. "sub=" . intval($subdom["id"]) . ", "
. "certif=" . intval($cert["id"]) . ", "
. "uid=" . intval($subdom["compte"]) . ";");
} // action==create
if ($action == "delete") {
$err->log("ssl", "update_domain:DELETE($action,$type,$fqdn)");
$offset = 0;
$found = false;
do { // try each subdomain (strtok-style) and search them in sub_domaines table:
$db->query("SELECT * FROM sub_domaines WHERE "
. "sub='" . substr($fqdn, 0, $offset) . "' AND domaine='" . substr($fqdn, $offset + ($offset != 0)) . "' "
. "AND web_action NOT IN ('','OK') AND type='" . $type . "';");
if ($db->next_record()) {
$found = true;
break;
}
$offset = strpos($fqdn, ".", $offset);
} while (true);
if (!$found) {
echo "FATAL: didn't found fqdn $fqdn in sub_domaines table !\n";
return;
}
// found and $db point to it:
$subdom = $db->Record;
$db->query("DELETE FROM certif_hosts WHERE sub=" . $subdom["id"] . ";");
}
}
// ----------------------------------------------------------------
/** Search for the best certificate for a user and a fqdn
* Return a hash with sslcrt, sslkey and maybe sslchain.
* return ANYWAY : if necessary, return a newly created (and stored in KEY_REPOSITORY localhost self-signed certificate...
*/
public function searchBestCert($uid, $fqdn) {
global $db;
$uid = intval($uid);
// 1st search for a valid certificate in my account or shared by the admin:
// the ORDER BY make it so that we try VALID then EXPIRED one (sad)
$wildcard = "*." . substr($fqdn, strpos($fqdn, ".") + 1);
$db->query("SELECT * FROM certificates WHERE (status=".self::STATUS_OK." OR status=".self::STATUS_EXPIRED.") "
. "AND (uid=" . $uid . " OR shared=1) "
. "AND (fqdn='" . $fqdn . "' OR fqdn='" . $wildcard . "' OR altnames LIKE '%" . $fqdn . "%') "
. "ORDER BY (validstart<=NOW() AND validend>=NOW()) DESC, validstart DESC ");
while ($db->next_record()) {
// name
if ($db->Record["fqdn"] == $fqdn) {
return $db->Record;
}
// or alternative names
$altnames = explode("\n", $db->Record["altnames"]);
foreach ($altnames as $altname) {
if (trim($altname) == $fqdn) {
return $db->Record;
}
}
// or wildcard
if ($db->Record["fqdn"] == $wildcard) {
return $db->Record;
}
}
// not found, we generate a one-time self-signed certificate for this host.
$crt = $this->selfSigned($fqdn);
$crt["uid"] = $uid;
return $crt;
}
// -----------------------------------------------------------------
/** Export every information for an AlternC's account
* @access private
* EXPERIMENTAL 'sid' function ;)
*/
function alternc_export_conf() {
global $db, $err, $cuid;
$err->log("ssl", "export");
$str = " <ssl>";
$db->query("SELECT COUNT(*) AS cnt FROM certificates WHERE uid='$cuid' AND status!=" . self::STATUS_EXPIRED);
while ($db->next_record()) {
$str.=" <id>" . ($db->Record["id"]) . "</id>\n";
$str.=" <csr>" . ($db->Record["sslcsr"]) . "</key>\n";
$str.=" <key>" . ($db->Record["sslkey"]) . "<key>\n";
$str.=" <crt>" . ($db->Record["sslcrt"]) . "</crt>\n";
$str.=" <chain>" . ($db->Record["sslchain"]) . "<chain>\n";
}
$str.=" </ssl>\n";
return $str;
}
// -----------------------------------------------------------------
/** Returns the list of alternate names of an X.509 SSL Certificate
* from the attribute list.
* @param $str string the $crtdata["extensions"]["subjectAltName"] from openssl
* @return array an array of FQDNs
*/
function parseAltNames($str) {
$mat = array();
if (preg_match_all("#DNS:([^,]*)#", $str, $mat, PREG_PATTERN_ORDER)) {
return implode("\n", $mat[1]);
} else {
return "";
}
}
// -----------------------------------------------------------------
/** Add (immediately) a global alias to the HTTP
* certif_alias table and add it to apache configuration
* by launching a incron action.
* name is the name of the alias, starting by /
* content is the content of the filename stored at this location
* If an alias with the same name already exists, return false.
* if the alias has been properly defined, return true.
* @return boolean
*/
function alias_add($name, $content) {
global $err, $cuid, $db;
$db->query("SELECT name FROM certif_alias WHERE name='" . addslashes($name) . "';");
if ($db->next_record()) {
$err->raise("ssl", _("Alias already exists"));
return false;
}
$db->query("INSERT INTO certif_alias SET name='" . addslashes($name) . "', content='" . addslashes($content) . "', uid=" . intval($cuid) . ";");
touch(self::SSL_INCRON_FILE);
return true;
}
// -----------------------------------------------------------------
/** Removes (immediately) a global alias to the HTTP
* certif_alias table and add it to apache configuration
* by launching a incron action.
* name is the name of the alias, starting by /
* @return boolean
*/
function alias_del($name) {
global $err, $cuid, $db;
$db->query("SELECT name FROM certif_alias WHERE name='" . addslashes($name) . "' AND uid=" . intval($cuid) . ";");
if (!$db->next_record()) {
$err->raise("ssl", _("Alias not found"));
return false;
}
$db->query("DELETE FROM certif_alias WHERE name='" . addslashes($name) . "' AND uid=" . intval($cuid) . ";");
touch(self::SSL_INCRON_FILE);
return true;
}
// -----------------------------------------------------------------
/** Check that a crt is a proper certificate
* @param $crt string an SSL Certificate
* @param $chain string is a list of certificates
* @param $key string is a rsa key associated with certificate
* @param $certid if no key is specified, use it from this certificate ID in the table
* @return array the crt, chain, key, crtdata(array) after a proper reformatting
* or false if an error occurred (in that case $this->error is filled)
*/
function check_cert($crt, $chain, $key = "", $certid = null) {
global $db;
// Check that the key crt and chain are really SSL certificates and keys
$crt = trim(str_replace("\r\n", "\n", $crt)) . "\n";
$key = trim(str_replace("\r\n", "\n", $key)) . "\n";
$chain = trim(str_replace("\r\n", "\n", $chain)) . "\n";
$this->error = "";
if (trim($key) == "" && !is_null($certid)) {
// find it in the DB :
$db->query("SELECT sslkey FROM certificates WHERE id=" . intval($certid) . ";");
if (!$db->next_record()) {
$this->error.=_("Can't find the private key in the certificate table, please check your form.");
return false;
}
$key = $db->f("sslkey");
$key = trim(str_replace("\r\n", "\n", $key)) . "\n";
}
if (substr($crt, 0, 28) != "-----BEGIN CERTIFICATE-----\n" ||
substr($crt, -26, 26) != "-----END CERTIFICATE-----\n") {
$this->error.=_("The certificate must begin by BEGIN CERTIFICATE and end by END CERTIFICATE lines. Please check you pasted it in PEM form.") . "<br>\n";
}
if ($chain &&
(substr($chain, 0, 28) != "-----BEGIN CERTIFICATE-----\n" ||
substr($chain, -26, 26) != "-----END CERTIFICATE-----\n")) {
$this->error.=_("The chained certificate must begin by BEGIN CERTIFICATE and end by END CERTIFICATE lines. Please check you pasted it in PEM form.") . "<br>\n";
}
if ((substr($key, 0, 32) != "-----BEGIN RSA PRIVATE KEY-----\n" ||
substr($key, -30, 30) != "-----END RSA PRIVATE KEY-----\n") &&
(substr($key, 0, 28) != "-----BEGIN PRIVATE KEY-----\n" ||
substr($key, -26, 26) != "-----END PRIVATE KEY-----\n")) {
$this->error.=_("The private key must begin by BEGIN (RSA )PRIVATE KEY and end by END (RSA )PRIVATE KEY lines. Please check you pasted it in PEM form.") . "<br>\n";
}
if ($this->error) {
return false;
}
// We split the chained certificates in individuals certificates :
$chains = array();
$status = 0;
$new = "";
$lines = explode("\n", $chain);
foreach ($lines as $line) {
if ($line == "-----BEGIN CERTIFICATE-----" && $status == 0) {
$status = 1;
$new = $line . "\n";
continue;
}
if ($line == "-----END CERTIFICATE-----" && $status == 1) {
$status = 0;
$new.=$line . "\n";
$chains[] = $new;
$new = "";
continue;
}
if ($status == 1) {
$new.=$line . "\n";
}
}
// here chains contains all the ssl certificates in the chained certs.
// Now we check those using Openssl functions (real check :) )
$rchains = array();
$i = 0;
foreach ($chains as $tmpcert) {
$i++;
$tmpr = openssl_x509_read($tmpcert);
if ($tmpr === false) {
$this->error.=sprintf(_("The %d-th certificate in the chain is invalid"), $i) . "<br>\n";
} else {
$rchains[] = $tmpr;
}
}
$rcrt = openssl_x509_read($crt);
$crtdata = openssl_x509_parse($crt);
if ($rcrt === false || $crtdata === false) {
$this->error.=_("The certificate is invalid.") . "<br>\n";
}
$rkey = openssl_pkey_get_private($key);
if ($rkey === false) {
$this->error.=_("The private key is invalid.") . "<br>\n";
}
if (!$this->error) {
// check that the private key and the certificates are matching :
if (!openssl_x509_check_private_key($rcrt, $rkey)) {
$this->error.=_("The private key is not the one signed inside the certificate.") . "<br>\n";
}
}
if (!$this->error) {
// Everything is fine, let's recreate crt, chain, key from our internal OpenSSL structures:
if (!openssl_x509_export($rcrt, $crt)) {
$this->error.=_("Can't export your certificate as a string, please check its syntax.") . "<br>\n";
}
$chain = "";
foreach ($rchains as $r) {
if (!openssl_x509_export($r, $tmp)) {
$this->error.=_("Can't export one of your chained certificates as a string, please check its syntax.") . "<br>\n";
} else {
$chain.=$tmp;
}
}
if (!openssl_pkey_export($rkey, $key)) {
$this->error.=_("Can't export your private key as a string, please check its syntax.") . "<br>\n";
}
}
return array($crt, $chain, $key, $crtdata);
}
// -----------------------------------------------------------------
/** Generate a self-signed certificate
*
* @param string $fqdn the fully qualified domain name to set as commonName for the certificate
* @return hash an array similar to a certificate DB row containing everything (sslcrt, sslcsr, sslkey, sslchain)
*/
private function selfSigned($fqdn) {
global $err;
putenv("OPENSSL_CONF=/etc/alternc/openssl.cnf");
$pkey = openssl_pkey_new();
if (!$pkey) {
$err->raise("ssl", _("Can't generate a private key (1)"));
return false;
}
$privKey = "";
if (!openssl_pkey_export($pkey, $privKey)) {
$err->raise("ssl", _("Can't generate a private key (2)"));
return false;
}
$dn = array("commonName" => $fqdn);
// override the (not taken from openssl.cnf) digest to use SHA-2 / SHA256 and not SHA-1 or MD5 :
$config = array("digest_alg" => "sha256");
$csr = openssl_csr_new($dn, $pkey, $config);
$csrout = "";
openssl_csr_export($csr, $csrout);
$crt = openssl_csr_sign($csr, null, $pkey, 3650, $config);
$crtout = "";
openssl_x509_export($crt, $crtout);
return array("id" => 0, "status" => 1, "shared" => 0, "fqdn" => $fqdn, "altnames" => "",
"validstart" => date("Y-m-d H:i:s"), "validend" => date("Y-m-d H:i:s", time() + 86400 * 10 * 365.249),
"sslcsr" => $csrout, "sslcrt" => $crtout, "sslkey" => $privKey, "sslchain" => "",
"selfsigned" => true,
);
}
function dummy() {
_("Locally hosted forcing HTTPS");
_("Locally hosted HTTP and HTTPS");
_("HTTPS AlternC panel access");
_("HTTPS Roundcube Webmail");
_("HTTPS Squirrelmail Webmail");
_("php52 forcing HTTPS");
_("php52 HTTP and HTTPS");
}
}
/* Class m_ssl */

3
ssl/panel/index.php Normal file
View File

@ -0,0 +1,3 @@
<?php
header("location: admin/");
?>

8
ssl/panel/locales/Makefile Normal file
View File

@ -0,0 +1,8 @@
all: ssl.pot */LC_MESSAGES/ssl.po
ssl.pot: ../*/*.php
[ -r $@ ] || touch $@
xgettext --copyright-holder="AlternC Team" --package-name="AlternC" --package-version="2.0" --msgid-bugs-address="i18n@alternc.org" --force-po -o $@ --keyword=__ --keyword=_ -L PHP -F --from-code UTF-8 $^
%/LC_MESSAGES/ssl.po: ssl.pot
msgmerge -v -U $@ $^

46
ssl/panel/locales/README Normal file
View File

@ -0,0 +1,46 @@
Le système de langue fonctionne ainsi :
dans bureau/locales/ on trouve un DOSSIER par langue sous la forme
major_minor/
exemple : fr_FR en_US ...
dans lequel on a un sous-dossier LC_MESSAGES
dans lequel on a des fichiers .po en vrac (normalement 1 ou 2 fichiers .po par module d'AlternC.)
Le fichier alternc.mo est donc construit à partir de TOUS les fichiers .po d'une même langue.
Pour mettre a jour les fichiers .po a partir des sources :
cd bureau/locales
make
puis allez voir les fichiers .po pour les mettre a jour (cherchez les fuzzy et les msgstr vide a remplir)
une fois les modifications effectuees, lancer svn commit pour valider vos modifications dans les sources officielles d'AlternC.
Howto translate AlternC in a new language
=========================================
This folder contains po and pot files, who are templates that allows you
to translate AlternC in any language.
1. How to add a language :
- create a folder with your iso language code (ex: de_DE for
German from Germany see `dpkg-reconfigure locales` for available codes.)
- create a subfolder LC_MESSAGES in this folder
- copy .po and .pot files and rename .pot to .po
- Translate them ;)
- Send them to us so that we can add them to the next release or as a language pack.
2. How to update language files.
When the programm is updated, the po files in locales/ are changed to
reflect the new developped features.
You can just call the makefile to have the files regenerated:
cd bureau/locales
make
from "locales/" to update your language po files. New strings will have
an empty "msgstr" value, and obsoletes one will be commented out with
#~

833
ssl/panel/locales/de_DE/LC_MESSAGES/ssl.po Normal file
View File

@ -0,0 +1,833 @@
# translation of alternc.po to Espagnol
# This file is distributed under the same license as the PACKAGE package.
# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER.
# Bruno Marmier <bruno@marmier.net>, 2004.
#
msgid ""
msgstr ""
"Project-Id-Version: alternc\n"
"Report-Msgid-Bugs-To: i18n@alternc.org\n"
"POT-Creation-Date: 2015-02-13 18:04+0100\n"
"PO-Revision-Date: 2004-02-14 19:53-0400\n"
"Last-Translator: Bruno Marmier <bruno@marmier.net>\n"
"Language-Team: Espagnol <i18n@alternc.org>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: KBabel 1.0.2\n"
#: ../admin/ssl_delete.php:43
msgid "Your SSL Certificate has been deleted"
msgstr ""
#: ../admin/ssl_doimport.php:39
msgid "Please enter an ssl key and a certificate"
msgstr ""
#: ../admin/ssl_donew.php:38
msgid "Please enter a proper domain name"
msgstr ""
#: ../admin/ssl_finalize.php:49
msgid "Your ssl certificate has been imported successfully"
msgstr ""
#: ../admin/ssl_list.php:51 ../admin/ssl_view.php:50
msgid "Pending Certificate"
msgstr ""
#: ../admin/ssl_list.php:52
msgid "Valid"
msgstr ""
#: ../admin/ssl_list.php:53
msgid "Expired"
msgstr ""
#: ../admin/ssl_list.php:59
msgid ""
"Some of your hosting are using a <b>self-signed</b> certificate. <br>Your "
"browser will not let you surf those domains properly<br>To fix this, buy a "
"properly signed certificate"
msgstr ""
#: ../admin/ssl_list.php:71
msgid "Your Certificates"
msgstr ""
#: ../admin/ssl_list.php:73
msgid ""
"Please find below your SSL Certificates. Some may be provided by the "
"administrator of the server, some may be Expired or Pending (waiting for a "
"CRT from your Certificate Provider)"
msgstr ""
#: ../admin/ssl_list.php:75
msgid "Only show the following certificates:"
msgstr ""
#: ../admin/ssl_list.php:76
msgid "Pending Certificates"
msgstr ""
#: ../admin/ssl_list.php:77
msgid "Valid Certificates"
msgstr ""
#: ../admin/ssl_list.php:78
msgid "Expired Certificates"
msgstr ""
#: ../admin/ssl_list.php:80
msgid "Certificates Shared by the Administrator"
msgstr ""
#: ../admin/ssl_list.php:82
msgid "Filter"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Domain Name"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Status"
msgstr ""
#: ../admin/ssl_list.php:85
#, fuzzy
msgid "Used by"
msgstr "Benützt"
#: ../admin/ssl_list.php:85
msgid "Validity period"
msgstr ""
#: ../admin/ssl_list.php:91
msgid "Details"
msgstr ""
#: ../admin/ssl_list.php:97
msgid "(shared)"
msgstr ""
#: ../admin/ssl_list.php:102 ../admin/ssl_list.php:106
#: ../admin/ssl_list.php:112 ../admin/ssl_view.php:65
#: ../admin/ssl_view.php:119 ../admin/ssl_view.php:133
#, php-format
msgid "%3$d-%2$d-%1$d %4$d:%5$d"
msgstr ""
#: ../admin/ssl_list.php:111
msgid "Requested on: "
msgstr ""
#: ../admin/ssl_list.php:129
#, fuzzy
msgid "Create one"
msgstr "Miglied '%s' existiert nicht"
#: ../admin/ssl_list.php:130
msgid ""
"This hosting has no valid certificate<br>a self-signed one has been created"
msgstr ""
#: ../admin/ssl_list.php:140
msgid "Create or Import a new SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:42
msgid "New SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:50
msgid ""
"An SSL certificate is a file which must be obtained from a Certificate "
"Authority, and allow you to enable HTTPS encryption on a domain name."
msgstr ""
#: ../admin/ssl_new.php:53
msgid ""
"To obtain one, you need to generate a <i>Certificate Request</i> (CSR) and a "
"<i>RSA Key</i> (KEY) here, then give the CSR to the Certificate Authority, "
"which will give you a certificate (CRT) and also often a chained certificate "
"(CHAIN)."
msgstr ""
#: ../admin/ssl_new.php:56
msgid ""
"If you already know what it is and already have all those files (CRT/KEY/"
"CHAIN) You can import them here too."
msgstr ""
#: ../admin/ssl_new.php:64
msgid "Create a CSR/KEY"
msgstr ""
#: ../admin/ssl_new.php:65
msgid "Import existing files"
msgstr ""
#: ../admin/ssl_new.php:69
msgid "Create a CSR/KEY for a given domain name"
msgstr ""
#: ../admin/ssl_new.php:71
msgid ""
"Use this form to generate a <i>Certificate Request file</i> (CSR) and a "
"<i>RSA Key file</i> (KEY) for a given domain name"
msgstr ""
#: ../admin/ssl_new.php:98
msgid ""
"Please choose the domain name for which you want a SSL Certificate, or enter "
"it manually"
msgstr ""
#: ../admin/ssl_new.php:101 ../admin/ssl_view.php:60
msgid "Fully Qualified Domain Name"
msgstr ""
#: ../admin/ssl_new.php:104
msgid "--- Choose here ---"
msgstr ""
#: ../admin/ssl_new.php:110
msgid "... or click here to enter it manually"
msgstr ""
#: ../admin/ssl_new.php:117 ../admin/ssl_new.php:151 ../admin/ssl_view.php:82
msgid "Save"
msgstr "Speichern"
#: ../admin/ssl_new.php:118 ../admin/ssl_new.php:152 ../admin/ssl_view.php:83
msgid "Cancel"
msgstr ""
#: ../admin/ssl_new.php:123
msgid ""
"<i>(If you want to get a valid certificate for all the subdomains of a "
"domain, use a wildcard notation (eg: *.example.com). Please note that a "
"wildcard certificate is usually more expensive than normal one.)</i>"
msgstr ""
#: ../admin/ssl_new.php:123
msgid ""
"Please note that a SSL Certificate is only valid for one fully qualified "
"domain name. As a result, a certificate for <code>www.example.com</code> is "
"NOT valid for <code>intranet.example.com</code> or <code>intranet.www."
"example.com</code> !"
msgstr ""
#: ../admin/ssl_new.php:130
msgid "Import existing Key Certificate and Chain files"
msgstr ""
#: ../admin/ssl_new.php:132
msgid ""
"If you already have a RSA Key file, a Certificate for this key and (maybe) a "
"Chained certificate, please paste their content here."
msgstr ""
#: ../admin/ssl_new.php:133
msgid ""
"We will verify the content of those files and add them in your certificate "
"repository"
msgstr ""
#: ../admin/ssl_new.php:138
msgid "RSA Key"
msgstr ""
#: ../admin/ssl_new.php:142 ../admin/ssl_view.php:73 ../admin/ssl_view.php:159
msgid "SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:146 ../admin/ssl_view.php:77 ../admin/ssl_view.php:164
msgid "Chained Certificate<br />(not mandatory)"
msgstr ""
#: ../admin/ssl_share.php:30
msgid "This page is restricted to authorized staff"
msgstr ""
#: ../admin/ssl_view.php:52
msgid ""
"Your <i>Certificate Request File</i> (CSR) has been created, along with its "
"<i>private RSA Key</i> (KEY). Please find below the CSR you must send to "
"your SSL Certificate provider."
msgstr ""
#: ../admin/ssl_view.php:54
msgid ""
"Once you'll have your <i>Certificate File</i> (CRT) and a <i>Chained "
"Certificate File</i> (CHAIN), please paste them here to finish the "
"enrollment."
msgstr ""
#: ../admin/ssl_view.php:64
msgid "Date of the request"
msgstr ""
#: ../admin/ssl_view.php:68 ../admin/ssl_view.php:154
msgid "Certificate Request File"
msgstr ""
#: ../admin/ssl_view.php:85 ../admin/ssl_view.php:213
msgid "Delete"
msgstr ""
#: ../admin/ssl_view.php:86
msgid ""
"Please confirm that you want to delete this certificate request AND ITS "
"PRIVATE KEY!"
msgstr ""
#: ../admin/ssl_view.php:97
msgid "Valid Certificate"
msgstr ""
#: ../admin/ssl_view.php:98
msgid "Please find below your valid certificate data."
msgstr ""
#: ../admin/ssl_view.php:104
msgid "EXPIRED Certificate"
msgstr ""
#: ../admin/ssl_view.php:105
msgid ""
"Your certificate is EXPIRED. You should not use it for any purpose. Please "
"find below its data."
msgstr ""
#: ../admin/ssl_view.php:113
msgid "Back to my SSL Certificates"
msgstr ""
#: ../admin/ssl_view.php:117
msgid "Valid From:"
msgstr ""
#: ../admin/ssl_view.php:123
#, php-format
msgid "(%d days ago)"
msgstr ""
#: ../admin/ssl_view.php:126
#, php-format
msgid "(%d month ago)"
msgstr ""
#: ../admin/ssl_view.php:131
msgid "Valid Until:"
msgstr ""
#: ../admin/ssl_view.php:137
#, php-format
msgid "(%d days from now)"
msgstr ""
#: ../admin/ssl_view.php:140
#, php-format
msgid "(%d month from now)"
msgstr ""
#: ../admin/ssl_view.php:145
msgid "FQDN:"
msgstr ""
#: ../admin/ssl_view.php:149
msgid "Other Valid FQDN:"
msgstr ""
#: ../admin/ssl_view.php:173
msgid ""
"As an administrator you can allow any account on this server to use this "
"certificate to host his services. <br />(This is only useful for wildcard or "
"multi-domain certificates)."
msgstr ""
#: ../admin/ssl_view.php:177
msgid "This certificate is currently <b>shared</b>"
msgstr ""
#: ../admin/ssl_view.php:184
msgid "Click here to stop sharing this certificate"
msgstr ""
#: ../admin/ssl_view.php:189 ../admin/ssl_view.php:205
msgid ""
"You are not the owner of this certificate, only its owner can share/unshare "
"this certificate."
msgstr ""
#: ../admin/ssl_view.php:193
msgid "This certificate is currently <b>NOT shared</b>"
msgstr ""
#: ../admin/ssl_view.php:200
msgid "Click here to share this certificate"
msgstr ""
#: ../admin/ssl_view.php:214
msgid ""
"Please confirm that you want to delete this certificate AND ITS PRIVATE KEY!"
msgstr ""
#: ../class/m_ssl.php:69 ../class/m_ssl.php:418
msgid "SSL Certificates"
msgstr ""
#: ../class/m_ssl.php:79
msgid "New SSL certificate"
msgstr ""
#: ../class/m_ssl.php:93
msgid "List SSL Certificates"
msgstr ""
#: ../class/m_ssl.php:152
msgid "No SSL certificates available"
msgstr ""
#: ../class/m_ssl.php:175
msgid "You currently have no hosting using SSL certificate"
msgstr ""
#: ../class/m_ssl.php:196
msgid "Bad FQDN domain name"
msgstr ""
#: ../class/m_ssl.php:202 ../class/m_ssl.php:774
msgid "Can't generate a private key (1)"
msgstr ""
#: ../class/m_ssl.php:207 ../class/m_ssl.php:779
msgid "Can't generate a private key (2)"
msgstr ""
#: ../class/m_ssl.php:218
msgid "Can't generate a CSR"
msgstr ""
#: ../class/m_ssl.php:234 ../class/m_ssl.php:250 ../class/m_ssl.php:273
msgid "Can't find this Certificate"
msgstr ""
#: ../class/m_ssl.php:353
msgid "Can't save the Key/Crt/Chain now. Please try later."
msgstr ""
#: ../class/m_ssl.php:390
msgid "Can't save the Crt/Chain now. Please try later."
msgstr ""
#: ../class/m_ssl.php:618
#, fuzzy
msgid "Alias already exists"
msgstr "Miglied '%s' existiert nicht"
#: ../class/m_ssl.php:637
#, fuzzy
msgid "Alias not found"
msgstr "Miglied '%s' existiert nicht"
#: ../class/m_ssl.php:666
msgid ""
"Can't find the private key in the certificate table, please check your form."
msgstr ""
#: ../class/m_ssl.php:675
msgid ""
"The certificate must begin by BEGIN CERTIFICATE and end by END CERTIFICATE "
"lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:680
msgid ""
"The chained certificate must begin by BEGIN CERTIFICATE and end by END "
"CERTIFICATE lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:686
msgid ""
"The private key must begin by BEGIN (RSA )PRIVATE KEY and end by END (RSA )"
"PRIVATE KEY lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:722
#, php-format
msgid "The %d-th certificate in the chain is invalid"
msgstr ""
#: ../class/m_ssl.php:730
msgid "The certificate is invalid."
msgstr ""
#: ../class/m_ssl.php:735
msgid "The private key is invalid."
msgstr ""
#: ../class/m_ssl.php:740
msgid "The private key is not the one signed inside the certificate."
msgstr ""
#: ../class/m_ssl.php:746
msgid "Can't export your certificate as a string, please check its syntax."
msgstr ""
#: ../class/m_ssl.php:751
msgid ""
"Can't export one of your chained certificates as a string, please check its "
"syntax."
msgstr ""
#: ../class/m_ssl.php:757
msgid "Can't export your private key as a string, please check its syntax."
msgstr ""
#: ../class/m_ssl.php:800
msgid "Locally hosted forcing HTTPS"
msgstr ""
#: ../class/m_ssl.php:801
msgid "Locally hosted HTTP and HTTPS"
msgstr ""
#: ../class/m_ssl.php:802
msgid "HTTPS AlternC panel access"
msgstr ""
#: ../class/m_ssl.php:803
msgid "HTTPS Roundcube Webmail"
msgstr ""
#: ../class/m_ssl.php:804
msgid "HTTPS Squirrelmail Webmail"
msgstr ""
#: ../class/m_ssl.php:805
msgid "php52 forcing HTTPS"
msgstr ""
#: ../class/m_ssl.php:806
msgid "php52 HTTP and HTTPS"
msgstr ""
#, fuzzy
#~ msgid "Old Password:"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "New Password:"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "Change Password"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "Help: "
#~ msgstr "Hilfe"
#~ msgid "No"
#~ msgstr "Nein"
#~ msgid "Yes"
#~ msgstr "Ja"
#, fuzzy
#~ msgid "Notes"
#~ msgstr "Bytes"
#~ msgid "First Name"
#~ msgstr "Vorname"
#~ msgid "Surname"
#~ msgstr "Name"
#, fuzzy
#~ msgid "Name"
#~ msgstr "Neuer Mitglied"
#, fuzzy
#~ msgid "Users"
#~ msgstr "Benützt"
#, fuzzy
#~ msgid "User does not exist"
#~ msgstr "Miglied '%s' existiert nicht"
#~ msgid "Quotas"
#~ msgstr "Quotas"
#~ msgid "Member '%s' does not exist"
#~ msgstr "Miglied '%s' existiert nicht"
#~ msgid "Password"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "Password change allowed?"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "Password Policies"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "Password Kind"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "Password Policy"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "failed"
#~ msgstr "Datei"
#~ msgid "File browser"
#~ msgstr "Dateimanager"
#~ msgid "File"
#~ msgstr "Datei"
#, fuzzy
#~ msgid "Filename"
#~ msgstr "Datei"
#, fuzzy
#~ msgid "File Type"
#~ msgstr "Datei"
#, fuzzy
#~ msgid "The domain field seems to be empty"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "Enter the domain name you want to import"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "Password do not match"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "Server:"
#~ msgstr "Datei"
#, fuzzy
#~ msgid "User/password:"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "Enter a POP/IMAP password"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "Server name: "
#~ msgstr "Datei"
#, fuzzy
#~ msgid "Normal password"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "Normal Password"
#~ msgstr "Passwört"
#~ msgid "Help"
#~ msgstr "Hilfe"
#, fuzzy
#~ msgid "Site name"
#~ msgstr "Datei"
#, fuzzy
#~ msgid "This right does not exist"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "quota_web"
#~ msgstr "quota_"
#, fuzzy
#~ msgid "Quotas status"
#~ msgstr "Quotas"
#~ msgid "Bytes"
#~ msgstr "Bytes"
#~ msgid "Byte"
#~ msgstr "Byte"
#~ msgid "Kb"
#~ msgstr "Kb"
#~ msgid "Mb"
#~ msgstr "Mb"
#~ msgid "Gb"
#~ msgstr "Gb"
#~ msgid "Tb"
#~ msgstr "Tb"
#, fuzzy
#~ msgid "years"
#~ msgstr "Bytes"
#, fuzzy
#~ msgid "User Quotas"
#~ msgstr "Quotas"
#, fuzzy
#~ msgid "This TLD does not exist"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "This directory do not exist"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "The domain already exist"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "The sub-domain does not exist"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "The folder you entered is incorrect or does not exist"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "The name you entered is incorrect"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "The TXT value you entered is incorrect"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "The domain name %s does not exist"
#~ msgstr "Miglied '%s' existiert nicht"
#~ msgid "err_"
#~ msgstr "err_"
#, fuzzy
#~ msgid "This account do not exist or is not of this account"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "No FTP account found"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "This FTP account does not exist"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "FTP login is incorrect"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "This FTP account already exists"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "Password can't be empty"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "The folder '%s' does not exist"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "This email address already exists"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "The slave MX account was not found"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "Missing password"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "Directory does not exist"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "The password is mandatory"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "Database user not found"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "The database user already exists"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "The passwords do not match"
#~ msgstr "Passwört"
#, fuzzy
#~ msgid "The username was not found"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "Piwik Users"
#~ msgstr "Benützt"
#~ msgid "quota_"
#~ msgstr "quota_"
#, fuzzy
#~ msgid "The database user was not found"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "Password does not match"
#~ msgstr "Miglied '%s' existiert nicht"
#, fuzzy
#~ msgid "Password match"
#~ msgstr "Passwört"
#~ msgid "New member"
#~ msgstr "Neuer Mitglied"
#~ msgid "Member"
#~ msgstr "Mitglied"
#~ msgid "mode"
#~ msgstr "mode"
#, fuzzy
#~ msgid "You can use a different language: "
#~ msgstr "Für eine andere Sprache, click über die Fahne"
#, fuzzy
#~ msgid "Front page"
#~ msgstr "Vorname"
#~ msgid "_"
#~ msgstr "_"
#, fuzzy
#~ msgid "New Name:"
#~ msgstr "Neuer Mitglied"
#~ msgid "If you want to use a different language, click on the flag below"
#~ msgstr "Für eine andere Sprache, click über die Fahne"
#~ msgid "lang"
#~ msgstr "lang"

1
ssl/panel/locales/en_GB Symbolic link
View File

@ -0,0 +1 @@
/en_US

513
ssl/panel/locales/en_US/LC_MESSAGES/ssl.po Normal file
View File

@ -0,0 +1,513 @@
# English AlternC Translation
# Copyright (c) 2008 the AlternC Development Team
# <dev@alternc.org>
# $Id: admin.po,v 1.10 2004/11/01 15:55:44 anonymous Exp $
msgid ""
msgstr ""
"Project-Id-Version: $Id: admin.po,v 1.10 2004/11/01 15:55:44 anonymous Exp "
"$\n"
"Report-Msgid-Bugs-To: i18n@alternc.org\n"
"POT-Creation-Date: 2015-02-13 18:04+0100\n"
"PO-Revision-Date: 2002-06-16 13:50CEST\n"
"Last-Translator: Benjamin Sonntag <benjamin@alternc.org>\n"
"Language-Team: French <i18n@alternc.org>\n"
"Language: fr\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Generator: Emacs 21\n"
#: ../admin/ssl_delete.php:43
msgid "Your SSL Certificate has been deleted"
msgstr ""
#: ../admin/ssl_doimport.php:39
msgid "Please enter an ssl key and a certificate"
msgstr ""
#: ../admin/ssl_donew.php:38
msgid "Please enter a proper domain name"
msgstr ""
#: ../admin/ssl_finalize.php:49
msgid "Your ssl certificate has been imported successfully"
msgstr ""
#: ../admin/ssl_list.php:51 ../admin/ssl_view.php:50
msgid "Pending Certificate"
msgstr ""
#: ../admin/ssl_list.php:52
msgid "Valid"
msgstr ""
#: ../admin/ssl_list.php:53
msgid "Expired"
msgstr ""
#: ../admin/ssl_list.php:59
msgid ""
"Some of your hosting are using a <b>self-signed</b> certificate. <br>Your "
"browser will not let you surf those domains properly<br>To fix this, buy a "
"properly signed certificate"
msgstr ""
#: ../admin/ssl_list.php:71
msgid "Your Certificates"
msgstr ""
#: ../admin/ssl_list.php:73
msgid ""
"Please find below your SSL Certificates. Some may be provided by the "
"administrator of the server, some may be Expired or Pending (waiting for a "
"CRT from your Certificate Provider)"
msgstr ""
#: ../admin/ssl_list.php:75
msgid "Only show the following certificates:"
msgstr ""
#: ../admin/ssl_list.php:76
msgid "Pending Certificates"
msgstr ""
#: ../admin/ssl_list.php:77
msgid "Valid Certificates"
msgstr ""
#: ../admin/ssl_list.php:78
msgid "Expired Certificates"
msgstr ""
#: ../admin/ssl_list.php:80
msgid "Certificates Shared by the Administrator"
msgstr ""
#: ../admin/ssl_list.php:82
msgid "Filter"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Domain Name"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Status"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Used by"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Validity period"
msgstr ""
#: ../admin/ssl_list.php:91
msgid "Details"
msgstr ""
#: ../admin/ssl_list.php:97
msgid "(shared)"
msgstr ""
#: ../admin/ssl_list.php:102 ../admin/ssl_list.php:106
#: ../admin/ssl_list.php:112 ../admin/ssl_view.php:65
#: ../admin/ssl_view.php:119 ../admin/ssl_view.php:133
#, php-format
msgid "%3$d-%2$d-%1$d %4$d:%5$d"
msgstr ""
#: ../admin/ssl_list.php:111
msgid "Requested on: "
msgstr ""
#: ../admin/ssl_list.php:129
msgid "Create one"
msgstr ""
#: ../admin/ssl_list.php:130
msgid ""
"This hosting has no valid certificate<br>a self-signed one has been created"
msgstr ""
#: ../admin/ssl_list.php:140
msgid "Create or Import a new SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:42
msgid "New SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:50
msgid ""
"An SSL certificate is a file which must be obtained from a Certificate "
"Authority, and allow you to enable HTTPS encryption on a domain name."
msgstr ""
#: ../admin/ssl_new.php:53
msgid ""
"To obtain one, you need to generate a <i>Certificate Request</i> (CSR) and a "
"<i>RSA Key</i> (KEY) here, then give the CSR to the Certificate Authority, "
"which will give you a certificate (CRT) and also often a chained certificate "
"(CHAIN)."
msgstr ""
#: ../admin/ssl_new.php:56
msgid ""
"If you already know what it is and already have all those files (CRT/KEY/"
"CHAIN) You can import them here too."
msgstr ""
#: ../admin/ssl_new.php:64
msgid "Create a CSR/KEY"
msgstr ""
#: ../admin/ssl_new.php:65
msgid "Import existing files"
msgstr ""
#: ../admin/ssl_new.php:69
msgid "Create a CSR/KEY for a given domain name"
msgstr ""
#: ../admin/ssl_new.php:71
msgid ""
"Use this form to generate a <i>Certificate Request file</i> (CSR) and a "
"<i>RSA Key file</i> (KEY) for a given domain name"
msgstr ""
#: ../admin/ssl_new.php:98
msgid ""
"Please choose the domain name for which you want a SSL Certificate, or enter "
"it manually"
msgstr ""
#: ../admin/ssl_new.php:101 ../admin/ssl_view.php:60
msgid "Fully Qualified Domain Name"
msgstr ""
#: ../admin/ssl_new.php:104
msgid "--- Choose here ---"
msgstr ""
#: ../admin/ssl_new.php:110
msgid "... or click here to enter it manually"
msgstr ""
#: ../admin/ssl_new.php:117 ../admin/ssl_new.php:151 ../admin/ssl_view.php:82
msgid "Save"
msgstr ""
#: ../admin/ssl_new.php:118 ../admin/ssl_new.php:152 ../admin/ssl_view.php:83
msgid "Cancel"
msgstr ""
#: ../admin/ssl_new.php:123
msgid ""
"<i>(If you want to get a valid certificate for all the subdomains of a "
"domain, use a wildcard notation (eg: *.example.com). Please note that a "
"wildcard certificate is usually more expensive than normal one.)</i>"
msgstr ""
#: ../admin/ssl_new.php:123
msgid ""
"Please note that a SSL Certificate is only valid for one fully qualified "
"domain name. As a result, a certificate for <code>www.example.com</code> is "
"NOT valid for <code>intranet.example.com</code> or <code>intranet.www."
"example.com</code> !"
msgstr ""
#: ../admin/ssl_new.php:130
msgid "Import existing Key Certificate and Chain files"
msgstr ""
#: ../admin/ssl_new.php:132
msgid ""
"If you already have a RSA Key file, a Certificate for this key and (maybe) a "
"Chained certificate, please paste their content here."
msgstr ""
#: ../admin/ssl_new.php:133
msgid ""
"We will verify the content of those files and add them in your certificate "
"repository"
msgstr ""
#: ../admin/ssl_new.php:138
msgid "RSA Key"
msgstr ""
#: ../admin/ssl_new.php:142 ../admin/ssl_view.php:73 ../admin/ssl_view.php:159
msgid "SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:146 ../admin/ssl_view.php:77 ../admin/ssl_view.php:164
msgid "Chained Certificate<br />(not mandatory)"
msgstr ""
#: ../admin/ssl_share.php:30
msgid "This page is restricted to authorized staff"
msgstr ""
#: ../admin/ssl_view.php:52
msgid ""
"Your <i>Certificate Request File</i> (CSR) has been created, along with its "
"<i>private RSA Key</i> (KEY). Please find below the CSR you must send to "
"your SSL Certificate provider."
msgstr ""
#: ../admin/ssl_view.php:54
msgid ""
"Once you'll have your <i>Certificate File</i> (CRT) and a <i>Chained "
"Certificate File</i> (CHAIN), please paste them here to finish the "
"enrollment."
msgstr ""
#: ../admin/ssl_view.php:64
msgid "Date of the request"
msgstr ""
#: ../admin/ssl_view.php:68 ../admin/ssl_view.php:154
msgid "Certificate Request File"
msgstr ""
#: ../admin/ssl_view.php:85 ../admin/ssl_view.php:213
msgid "Delete"
msgstr ""
#: ../admin/ssl_view.php:86
msgid ""
"Please confirm that you want to delete this certificate request AND ITS "
"PRIVATE KEY!"
msgstr ""
#: ../admin/ssl_view.php:97
msgid "Valid Certificate"
msgstr ""
#: ../admin/ssl_view.php:98
msgid "Please find below your valid certificate data."
msgstr ""
#: ../admin/ssl_view.php:104
msgid "EXPIRED Certificate"
msgstr ""
#: ../admin/ssl_view.php:105
msgid ""
"Your certificate is EXPIRED. You should not use it for any purpose. Please "
"find below its data."
msgstr ""
#: ../admin/ssl_view.php:113
msgid "Back to my SSL Certificates"
msgstr ""
#: ../admin/ssl_view.php:117
msgid "Valid From:"
msgstr ""
#: ../admin/ssl_view.php:123
#, php-format
msgid "(%d days ago)"
msgstr ""
#: ../admin/ssl_view.php:126
#, php-format
msgid "(%d month ago)"
msgstr ""
#: ../admin/ssl_view.php:131
msgid "Valid Until:"
msgstr ""
#: ../admin/ssl_view.php:137
#, php-format
msgid "(%d days from now)"
msgstr ""
#: ../admin/ssl_view.php:140
#, php-format
msgid "(%d month from now)"
msgstr ""
#: ../admin/ssl_view.php:145
msgid "FQDN:"
msgstr ""
#: ../admin/ssl_view.php:149
msgid "Other Valid FQDN:"
msgstr ""
#: ../admin/ssl_view.php:173
msgid ""
"As an administrator you can allow any account on this server to use this "
"certificate to host his services. <br />(This is only useful for wildcard or "
"multi-domain certificates)."
msgstr ""
#: ../admin/ssl_view.php:177
msgid "This certificate is currently <b>shared</b>"
msgstr ""
#: ../admin/ssl_view.php:184
msgid "Click here to stop sharing this certificate"
msgstr ""
#: ../admin/ssl_view.php:189 ../admin/ssl_view.php:205
msgid ""
"You are not the owner of this certificate, only its owner can share/unshare "
"this certificate."
msgstr ""
#: ../admin/ssl_view.php:193
msgid "This certificate is currently <b>NOT shared</b>"
msgstr ""
#: ../admin/ssl_view.php:200
msgid "Click here to share this certificate"
msgstr ""
#: ../admin/ssl_view.php:214
msgid ""
"Please confirm that you want to delete this certificate AND ITS PRIVATE KEY!"
msgstr ""
#: ../class/m_ssl.php:69 ../class/m_ssl.php:418
msgid "SSL Certificates"
msgstr ""
#: ../class/m_ssl.php:79
msgid "New SSL certificate"
msgstr ""
#: ../class/m_ssl.php:93
msgid "List SSL Certificates"
msgstr ""
#: ../class/m_ssl.php:152
msgid "No SSL certificates available"
msgstr ""
#: ../class/m_ssl.php:175
msgid "You currently have no hosting using SSL certificate"
msgstr ""
#: ../class/m_ssl.php:196
msgid "Bad FQDN domain name"
msgstr ""
#: ../class/m_ssl.php:202 ../class/m_ssl.php:774
msgid "Can't generate a private key (1)"
msgstr ""
#: ../class/m_ssl.php:207 ../class/m_ssl.php:779
msgid "Can't generate a private key (2)"
msgstr ""
#: ../class/m_ssl.php:218
msgid "Can't generate a CSR"
msgstr ""
#: ../class/m_ssl.php:234 ../class/m_ssl.php:250 ../class/m_ssl.php:273
msgid "Can't find this Certificate"
msgstr ""
#: ../class/m_ssl.php:353
msgid "Can't save the Key/Crt/Chain now. Please try later."
msgstr ""
#: ../class/m_ssl.php:390
msgid "Can't save the Crt/Chain now. Please try later."
msgstr ""
#: ../class/m_ssl.php:618
msgid "Alias already exists"
msgstr ""
#: ../class/m_ssl.php:637
msgid "Alias not found"
msgstr ""
#: ../class/m_ssl.php:666
msgid ""
"Can't find the private key in the certificate table, please check your form."
msgstr ""
#: ../class/m_ssl.php:675
msgid ""
"The certificate must begin by BEGIN CERTIFICATE and end by END CERTIFICATE "
"lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:680
msgid ""
"The chained certificate must begin by BEGIN CERTIFICATE and end by END "
"CERTIFICATE lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:686
msgid ""
"The private key must begin by BEGIN (RSA )PRIVATE KEY and end by END (RSA )"
"PRIVATE KEY lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:722
#, php-format
msgid "The %d-th certificate in the chain is invalid"
msgstr ""
#: ../class/m_ssl.php:730
msgid "The certificate is invalid."
msgstr ""
#: ../class/m_ssl.php:735
msgid "The private key is invalid."
msgstr ""
#: ../class/m_ssl.php:740
msgid "The private key is not the one signed inside the certificate."
msgstr ""
#: ../class/m_ssl.php:746
msgid "Can't export your certificate as a string, please check its syntax."
msgstr ""
#: ../class/m_ssl.php:751
msgid ""
"Can't export one of your chained certificates as a string, please check its "
"syntax."
msgstr ""
#: ../class/m_ssl.php:757
msgid "Can't export your private key as a string, please check its syntax."
msgstr ""
#: ../class/m_ssl.php:800
msgid "Locally hosted forcing HTTPS"
msgstr ""
#: ../class/m_ssl.php:801
msgid "Locally hosted HTTP and HTTPS"
msgstr ""
#: ../class/m_ssl.php:802
msgid "HTTPS AlternC panel access"
msgstr ""
#: ../class/m_ssl.php:803
msgid "HTTPS Roundcube Webmail"
msgstr ""
#: ../class/m_ssl.php:804
msgid "HTTPS Squirrelmail Webmail"
msgstr ""
#: ../class/m_ssl.php:805
msgid "php52 forcing HTTPS"
msgstr ""
#: ../class/m_ssl.php:806
msgid "php52 HTTP and HTTPS"
msgstr ""

3571
ssl/panel/locales/es_ES/LC_MESSAGES/ssl.po Normal file
View File

File diff suppressed because it is too large Load Diff

1
ssl/panel/locales/fr_CA Symbolic link
View File

@ -0,0 +1 @@
/fr_FR

583
ssl/panel/locales/fr_FR/LC_MESSAGES/ssl.po Normal file
View File

@ -0,0 +1,583 @@
# French AlternC Translation
# Copyright (c) 2002 the AlternC Development Team
# <tech@alternc.org>
# $Id: admin.po,v 1.10 2004/11/01 15:55:44 anonymous Exp $
# Benjamin Sonntag <benjamin@sonntag.fr>, 2012.
#
msgid ""
msgstr ""
"Project-Id-Version: $Id: admin.po,v 1.10 2004/11/01 15:55:44 anonymous Exp "
"$\n"
"Report-Msgid-Bugs-To: i18n@alternc.org\n"
"POT-Creation-Date: 2015-02-13 18:04+0100\n"
"PO-Revision-Date: 2012-10-17 09:52+0200\n"
"Last-Translator: Benjamin Sonntag <benjamin@sonntag.fr>\n"
"Language-Team: français <team@alternc.org>\n"
"Language: fr\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bits\n"
"X-Generator: Emacs 21\n"
"Plural-Forms: nplurals=2; plural=(n!=1);\n"
#: ../admin/ssl_delete.php:43
msgid "Your SSL Certificate has been deleted"
msgstr "Votre certificat SSL a été effacé"
#: ../admin/ssl_doimport.php:39
msgid "Please enter an ssl key and a certificate"
msgstr "Veuillez entrer une clé ssl et un certificat"
#: ../admin/ssl_donew.php:38
msgid "Please enter a proper domain name"
msgstr "Veuillez entrer un nom de domaine"
#: ../admin/ssl_finalize.php:49
msgid "Your ssl certificate has been imported successfully"
msgstr "Votre certificat ssl a été importé avec succès"
#: ../admin/ssl_list.php:51 ../admin/ssl_view.php:50
msgid "Pending Certificate"
msgstr "Certificats en attente"
#: ../admin/ssl_list.php:52
msgid "Valid"
msgstr "Valide"
#: ../admin/ssl_list.php:53
msgid "Expired"
msgstr "Expiré"
#: ../admin/ssl_list.php:59
msgid ""
"Some of your hosting are using a <b>self-signed</b> certificate. <br>Your "
"browser will not let you surf those domains properly<br>To fix this, buy a "
"properly signed certificate"
msgstr ""
"Certains de vos hébergements utilisent un certificat <b>autosigné</b>."
"<br>Votre navigateur ne vous laissera pas surfer sur ces domaines<br>Pour "
"corriger cela, achetez un certificat signé auprès d'une autorité."
#: ../admin/ssl_list.php:71
msgid "Your Certificates"
msgstr "Vos certificats"
#: ../admin/ssl_list.php:73
msgid ""
"Please find below your SSL Certificates. Some may be provided by the "
"administrator of the server, some may be Expired or Pending (waiting for a "
"CRT from your Certificate Provider)"
msgstr ""
"Vous trouverez ci-dessous vos certificats SSL. Certains peuvent être fournis "
"par l'administrateur de votre serveur, ou peuvent être expirés ou en attente "
"(attente du CRT de votre fournisseur de certificats)"
#: ../admin/ssl_list.php:75
msgid "Only show the following certificates:"
msgstr "Ne montrer que les certificats :"
#: ../admin/ssl_list.php:76
msgid "Pending Certificates"
msgstr "En attente"
#: ../admin/ssl_list.php:77
msgid "Valid Certificates"
msgstr "Valide"
#: ../admin/ssl_list.php:78
msgid "Expired Certificates"
msgstr "Expiré"
#: ../admin/ssl_list.php:80
msgid "Certificates Shared by the Administrator"
msgstr "Partagés par l'administrateur"
#: ../admin/ssl_list.php:82
msgid "Filter"
msgstr "Filtrer"
#: ../admin/ssl_list.php:85
msgid "Domain Name"
msgstr "Nom de domaine"
#: ../admin/ssl_list.php:85
msgid "Status"
msgstr "État"
#: ../admin/ssl_list.php:85
msgid "Used by"
msgstr "Utilisé par"
#: ../admin/ssl_list.php:85
msgid "Validity period"
msgstr "Pếriode de validité"
#: ../admin/ssl_list.php:91
msgid "Details"
msgstr "Détails"
#: ../admin/ssl_list.php:97
msgid "(shared)"
msgstr "(partagé)"
#: ../admin/ssl_list.php:102 ../admin/ssl_list.php:106
#: ../admin/ssl_list.php:112 ../admin/ssl_view.php:65
#: ../admin/ssl_view.php:119 ../admin/ssl_view.php:133
#, php-format
msgid "%3$d-%2$d-%1$d %4$d:%5$d"
msgstr "%1$d/%2$d/%3$d %4$dh%5$d"
#: ../admin/ssl_list.php:111
msgid "Requested on: "
msgstr "Demandé le :"
#: ../admin/ssl_list.php:129
msgid "Create one"
msgstr "En créer un"
#: ../admin/ssl_list.php:130
msgid ""
"This hosting has no valid certificate<br>a self-signed one has been created"
msgstr ""
"Cet hébergement n'a pas de certificat valide<br>Un certificat autosigné a été "
"créé"
#: ../admin/ssl_list.php:140
msgid "Create or Import a new SSL Certificate"
msgstr "Créer ou Importer un nouveau certificat SSL"
#: ../admin/ssl_new.php:42
msgid "New SSL Certificate"
msgstr "Nouveau certificat SSL"
#: ../admin/ssl_new.php:50
msgid ""
"An SSL certificate is a file which must be obtained from a Certificate "
"Authority, and allow you to enable HTTPS encryption on a domain name."
msgstr ""
"Un certificat SSL est un fichier qui peut être obtenu auprès d'une autorité "
"de certification, et permet d'activer HTTPS sur un nom de domaine"
#: ../admin/ssl_new.php:53
msgid ""
"To obtain one, you need to generate a <i>Certificate Request</i> (CSR) and a "
"<i>RSA Key</i> (KEY) here, then give the CSR to the Certificate Authority, "
"which will give you a certificate (CRT) and also often a chained certificate "
"(CHAIN)."
msgstr ""
"pour obtenir un certificat, vous devez générer une <i>Requête de certificat</"
"i> (CSR) et une <i>Clé RSA</i> (KEY) ici, et fournir la CSR à l'autorité de "
"certification, qui vous renverra un certificat (CRT), souvent accompagné "
"d'un certificat chaîné (CHAIN)."
#: ../admin/ssl_new.php:56
msgid ""
"If you already know what it is and already have all those files (CRT/KEY/"
"CHAIN) You can import them here too."
msgstr ""
"Si vous savez déjà de quoi il s'agit et disposez déjà des fichiers (CRT/KEY/"
"CHAIN) vous pouvez les importer ici aussi."
#: ../admin/ssl_new.php:64
msgid "Create a CSR/KEY"
msgstr "Créer une CSR/KEY"
#: ../admin/ssl_new.php:65
msgid "Import existing files"
msgstr "Importer des fichiers existants"
#: ../admin/ssl_new.php:69
msgid "Create a CSR/KEY for a given domain name"
msgstr "Créer une CSR/KEY pour ce nom de domaine"
#: ../admin/ssl_new.php:71
msgid ""
"Use this form to generate a <i>Certificate Request file</i> (CSR) and a "
"<i>RSA Key file</i> (KEY) for a given domain name"
msgstr ""
"Utilisez ce formulaire pour générer une <i>Requête de certificat</i> (CSR) "
"et une <i>Clé RSA</i> (KEY) pour ce nom de domaine"
#: ../admin/ssl_new.php:98
msgid ""
"Please choose the domain name for which you want a SSL Certificate, or enter "
"it manually"
msgstr ""
"Merci de choisir le nom de domaine pour lequel vous souhaitez un certificat "
"SSL, ou entrez-le manuellement"
#: ../admin/ssl_new.php:101 ../admin/ssl_view.php:60
msgid "Fully Qualified Domain Name"
msgstr "Nom de domaine complet"
#: ../admin/ssl_new.php:104
msgid "--- Choose here ---"
msgstr "--- Choisir ici ---"
#: ../admin/ssl_new.php:110
msgid "... or click here to enter it manually"
msgstr "... ou cliquez ici pour en entrer un manuellement"
#: ../admin/ssl_new.php:117 ../admin/ssl_new.php:151 ../admin/ssl_view.php:82
msgid "Save"
msgstr "Enregistrer"
#: ../admin/ssl_new.php:118 ../admin/ssl_new.php:152 ../admin/ssl_view.php:83
msgid "Cancel"
msgstr "Annuler"
#: ../admin/ssl_new.php:123
msgid ""
"<i>(If you want to get a valid certificate for all the subdomains of a "
"domain, use a wildcard notation (eg: *.example.com). Please note that a "
"wildcard certificate is usually more expensive than normal one.)</i>"
msgstr ""
"<i>(Si vous voulez obtenir un certificat pour tous les sous-domaines de "
"premier niveau d'un nom de domaine, utilisez la notation 'wildcard' (ex: *."
"example.com). Notez que les certificats wildcard sont généralement plus "
"chers que les normaux)</i>"
#: ../admin/ssl_new.php:123
msgid ""
"Please note that a SSL Certificate is only valid for one fully qualified "
"domain name. As a result, a certificate for <code>www.example.com</code> is "
"NOT valid for <code>intranet.example.com</code> or <code>intranet.www."
"example.com</code> !"
msgstr ""
"Notez qu'un certificat SSL n'est valide que pour le nom de domaine complet "
"seul. Par conséquent, un certificat valable pour <code>www.example.com</"
"code> ne l'est PAS pour <code>intranet.example.com</code> ou <code>intranet."
"www.example.com</code> !"
#: ../admin/ssl_new.php:130
msgid "Import existing Key Certificate and Chain files"
msgstr "Importer une Clé, un Certificat et une Chaîne existants"
#: ../admin/ssl_new.php:132
msgid ""
"If you already have a RSA Key file, a Certificate for this key and (maybe) a "
"Chained certificate, please paste their content here."
msgstr ""
"Si vous disposez déjà d'une clé RSA, d'un Certificat et (peut-être) d'un "
"Certificat Chaîné, collez leur contenu ici."
#: ../admin/ssl_new.php:133
msgid ""
"We will verify the content of those files and add them in your certificate "
"repository"
msgstr ""
"Nous vérifierons le contenu de ces fichiers et les ajouteront à vos "
"certificats"
#: ../admin/ssl_new.php:138
msgid "RSA Key"
msgstr "Clé RSA"
#: ../admin/ssl_new.php:142 ../admin/ssl_view.php:73 ../admin/ssl_view.php:159
msgid "SSL Certificate"
msgstr "Certificat SSL"
#: ../admin/ssl_new.php:146 ../admin/ssl_view.php:77 ../admin/ssl_view.php:164
msgid "Chained Certificate<br />(not mandatory)"
msgstr "Certificat Chaîné<br />(facultatif)"
#: ../admin/ssl_share.php:30
msgid "This page is restricted to authorized staff"
msgstr "Cette page est réservée aux administrateurs"
#: ../admin/ssl_view.php:52
msgid ""
"Your <i>Certificate Request File</i> (CSR) has been created, along with its "
"<i>private RSA Key</i> (KEY). Please find below the CSR you must send to "
"your SSL Certificate provider."
msgstr ""
"Votre <i>Requête de certificat</i> (CSR) a été créée, accompagnée de sa "
"<i>Clé privée RSA</i> (KEY). Vous trouverez ci-dessous la CSR que vous "
"pourrez envoyer à votre fournisseur de certificat."
#: ../admin/ssl_view.php:54
msgid ""
"Once you'll have your <i>Certificate File</i> (CRT) and a <i>Chained "
"Certificate File</i> (CHAIN), please paste them here to finish the "
"enrollment."
msgstr ""
"Une fois que vous aurez obtenu votre <i>Fichier Certificat</i> (CRT) et un "
"<i>Certificat Chaîné</i> (CHAIN), collez-les ici pour valider votre "
"certificat."
#: ../admin/ssl_view.php:64
msgid "Date of the request"
msgstr "Date de la requête"
#: ../admin/ssl_view.php:68 ../admin/ssl_view.php:154
msgid "Certificate Request File"
msgstr "Fichier requête de Certificat"
#: ../admin/ssl_view.php:85 ../admin/ssl_view.php:213
msgid "Delete"
msgstr "Effacer"
#: ../admin/ssl_view.php:86
msgid ""
"Please confirm that you want to delete this certificate request AND ITS "
"PRIVATE KEY!"
msgstr ""
"Merci de confirmer que vous voulez effacer cette requête de certificat AINSI "
"QUE SA CLÉ PRIVÉE !"
#: ../admin/ssl_view.php:97
msgid "Valid Certificate"
msgstr "Certificat Valide"
#: ../admin/ssl_view.php:98
msgid "Please find below your valid certificate data."
msgstr "Voici les données de votre certificat."
#: ../admin/ssl_view.php:104
msgid "EXPIRED Certificate"
msgstr "Certificat EXPIRÉ"
#: ../admin/ssl_view.php:105
msgid ""
"Your certificate is EXPIRED. You should not use it for any purpose. Please "
"find below its data."
msgstr ""
"Votre certificat est EXPIRÉ. Vous ne devriez pas l'utiliser. Voici ses "
"données."
#: ../admin/ssl_view.php:113
msgid "Back to my SSL Certificates"
msgstr "Retour à mes certificats SSL"
#: ../admin/ssl_view.php:117
msgid "Valid From:"
msgstr "Valid du :"
#: ../admin/ssl_view.php:123
#, php-format
msgid "(%d days ago)"
msgstr "(il y a %d jours)"
#: ../admin/ssl_view.php:126
#, php-format
msgid "(%d month ago)"
msgstr "(il y a %d mois)"
#: ../admin/ssl_view.php:131
msgid "Valid Until:"
msgstr "Valid jusqu'au :"
#: ../admin/ssl_view.php:137
#, php-format
msgid "(%d days from now)"
msgstr "(dans %d jours)"
#: ../admin/ssl_view.php:140
#, php-format
msgid "(%d month from now)"
msgstr "(dans %d mois)"
#: ../admin/ssl_view.php:145
msgid "FQDN:"
msgstr "FQDN:"
#: ../admin/ssl_view.php:149
msgid "Other Valid FQDN:"
msgstr "Autres FQDN valides:"
#: ../admin/ssl_view.php:173
msgid ""
"As an administrator you can allow any account on this server to use this "
"certificate to host his services. <br />(This is only useful for wildcard or "
"multi-domain certificates)."
msgstr ""
"En tant qu'administrateur, vous pouvez autoriser n'importe quel compte de ce "
"serveur à utiliser votre certificat pour héberger ses services<br />(Cela "
"n'est utile généralement que pour les certificats wildcard ou multidomaines)."
#: ../admin/ssl_view.php:177
msgid "This certificate is currently <b>shared</b>"
msgstr "Ce certificat est <b>partagé</b>"
#: ../admin/ssl_view.php:184
msgid "Click here to stop sharing this certificate"
msgstr "Cliquez ici pour ne plus partager ce certificat"
#: ../admin/ssl_view.php:189 ../admin/ssl_view.php:205
msgid ""
"You are not the owner of this certificate, only its owner can share/unshare "
"this certificate."
msgstr ""
"Vous n'êtes pas le propriétaire de ce certificat, seul son propriétaire peut "
"le partager"
#: ../admin/ssl_view.php:193
msgid "This certificate is currently <b>NOT shared</b>"
msgstr "Ce certificat <b>n'est pas partagé</b>"
#: ../admin/ssl_view.php:200
msgid "Click here to share this certificate"
msgstr "Cliquez ici pour partager ce certificat."
#: ../admin/ssl_view.php:214
msgid ""
"Please confirm that you want to delete this certificate AND ITS PRIVATE KEY!"
msgstr ""
"Merci de confirmer que vous souhaitez effacer ce certificat ET SA CLÉ "
"PRIVÉE !"
#: ../class/m_ssl.php:69 ../class/m_ssl.php:418
msgid "SSL Certificates"
msgstr "Certificats SSL"
#: ../class/m_ssl.php:79
msgid "New SSL certificate"
msgstr "Nouveau Certificat SSL"
#: ../class/m_ssl.php:93
msgid "List SSL Certificates"
msgstr "Liste des Certificats SSL"
#: ../class/m_ssl.php:152
msgid "No SSL certificates available"
msgstr "Aucun Certificat SSL"
#: ../class/m_ssl.php:175
msgid "You currently have no hosting using SSL certificate"
msgstr "Vous n'avez pas d'hébergement utilisant des certificats SSL"
#: ../class/m_ssl.php:196
msgid "Bad FQDN domain name"
msgstr "Mauvais Nom de domaine"
#: ../class/m_ssl.php:202 ../class/m_ssl.php:774
msgid "Can't generate a private key (1)"
msgstr "Impossible de générer une clé privée (1)"
#: ../class/m_ssl.php:207 ../class/m_ssl.php:779
msgid "Can't generate a private key (2)"
msgstr "Impossible de générer une clé privée (2)"
#: ../class/m_ssl.php:218
msgid "Can't generate a CSR"
msgstr "Impossible de générer une CSR"
#: ../class/m_ssl.php:234 ../class/m_ssl.php:250 ../class/m_ssl.php:273
msgid "Can't find this Certificate"
msgstr "Impossible de trouver ce Certificat"
#: ../class/m_ssl.php:353
msgid "Can't save the Key/Crt/Chain now. Please try later."
msgstr ""
"Impossible de sauver les Key/Crt/Chain pour l'instant. Merci de réessayer "
"ultérieurement."
#: ../class/m_ssl.php:390
msgid "Can't save the Crt/Chain now. Please try later."
msgstr ""
"Impossible de sauver les Crt/Chain pour l'instant. Merci de réessayer "
"ultérieurement."
#: ../class/m_ssl.php:618
msgid "Alias already exists"
msgstr "Cet alias existe déjà"
#: ../class/m_ssl.php:637
msgid "Alias not found"
msgstr "Alias non trouvé"
#: ../class/m_ssl.php:666
msgid ""
"Can't find the private key in the certificate table, please check your form."
msgstr ""
"Impossible de trouver la clé privée dans la table des certificats, merci de "
"vérifier votre formulaire."
#: ../class/m_ssl.php:675
msgid ""
"The certificate must begin by BEGIN CERTIFICATE and end by END CERTIFICATE "
"lines. Please check you pasted it in PEM form."
msgstr ""
"Ce certificat doit commencer par BEGIN CERTIFICATE et terminer par END "
"CERTIFICATE. Merci de vérifier que vous avez bien collé un fichier PEM"
#: ../class/m_ssl.php:680
msgid ""
"The chained certificate must begin by BEGIN CERTIFICATE and end by END "
"CERTIFICATE lines. Please check you pasted it in PEM form."
msgstr ""
"Ce certificat Chaîné doit commencer par BEGIN CERTIFICATE et terminer par "
"END CERTIFICATE. Merci de vérifier que vous avez bien collé un fichier PEM"
#: ../class/m_ssl.php:686
msgid ""
"The private key must begin by BEGIN (RSA )PRIVATE KEY and end by END (RSA )"
"PRIVATE KEY lines. Please check you pasted it in PEM form."
msgstr ""
"La clé privée doit commencer par BEGIN (RSA )PRIVATE KEY et terminer par END "
"(RSA ) PRIVATE KEY. Merci de vérifier que vous avez bien collé un fichier PEM"
#: ../class/m_ssl.php:722
#, php-format
msgid "The %d-th certificate in the chain is invalid"
msgstr "Le %dième certificat dans la chaîne est invalide"
#: ../class/m_ssl.php:730
msgid "The certificate is invalid."
msgstr "Le certificat est invalide."
#: ../class/m_ssl.php:735
msgid "The private key is invalid."
msgstr "La clé privée est invalide."
#: ../class/m_ssl.php:740
msgid "The private key is not the one signed inside the certificate."
msgstr "La clé privée n'est pas celle correspondant au certificat."
#: ../class/m_ssl.php:746
msgid "Can't export your certificate as a string, please check its syntax."
msgstr ""
"Impossible d'exporter votre certificat sous forme de chaîne, merci de "
"vérifier sa syntaxe."
#: ../class/m_ssl.php:751
msgid ""
"Can't export one of your chained certificates as a string, please check its "
"syntax."
msgstr ""
"Impossible d'exporter votre certificat chaîné sous forme de chaîne, merci de "
"vérifier sa syntaxe."
#: ../class/m_ssl.php:757
msgid "Can't export your private key as a string, please check its syntax."
msgstr ""
"Impossible d'exporter votre clé privée sous forme de chaîne, merci de "
"vérifier sa syntaxe."
#: ../class/m_ssl.php:800
msgid "Locally hosted forcing HTTPS"
msgstr "Hébergement local HTTPS obligatoire"
#: ../class/m_ssl.php:801
msgid "Locally hosted HTTP and HTTPS"
msgstr "Hébergement local HTTP et HTTPS"
#: ../class/m_ssl.php:802
msgid "HTTPS AlternC panel access"
msgstr "Accès au panel AlternC via HTTPS"
#: ../class/m_ssl.php:803
msgid "HTTPS Roundcube Webmail"
msgstr "Webmail Roundcube avec HTTPS"
#: ../class/m_ssl.php:804
msgid "HTTPS Squirrelmail Webmail"
msgstr "Webmail Squirrelmail avec HTTPS"
#: ../class/m_ssl.php:805
msgid "php52 forcing HTTPS"
msgstr "php5.2 HTTPS obligatoire"
#: ../class/m_ssl.php:806
msgid "php52 HTTP and HTTPS"
msgstr "php5.2 HTTP et HTTPS"

513
ssl/panel/locales/it_IT/LC_MESSAGES/ssl.po Normal file
View File

@ -0,0 +1,513 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR AlternC Team
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: AlternC 2.0\n"
"Report-Msgid-Bugs-To: i18n@alternc.org\n"
"POT-Creation-Date: 2015-02-13 18:04+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: it_IT\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#: ../admin/ssl_delete.php:43
msgid "Your SSL Certificate has been deleted"
msgstr ""
#: ../admin/ssl_doimport.php:39
msgid "Please enter an ssl key and a certificate"
msgstr ""
#: ../admin/ssl_donew.php:38
msgid "Please enter a proper domain name"
msgstr ""
#: ../admin/ssl_finalize.php:49
msgid "Your ssl certificate has been imported successfully"
msgstr ""
#: ../admin/ssl_list.php:51 ../admin/ssl_view.php:50
msgid "Pending Certificate"
msgstr ""
#: ../admin/ssl_list.php:52
msgid "Valid"
msgstr ""
#: ../admin/ssl_list.php:53
msgid "Expired"
msgstr ""
#: ../admin/ssl_list.php:59
msgid ""
"Some of your hosting are using a <b>self-signed</b> certificate. <br>Your "
"browser will not let you surf those domains properly<br>To fix this, buy a "
"properly signed certificate"
msgstr ""
#: ../admin/ssl_list.php:71
msgid "Your Certificates"
msgstr ""
#: ../admin/ssl_list.php:73
msgid ""
"Please find below your SSL Certificates. Some may be provided by the "
"administrator of the server, some may be Expired or Pending (waiting for a "
"CRT from your Certificate Provider)"
msgstr ""
#: ../admin/ssl_list.php:75
msgid "Only show the following certificates:"
msgstr ""
#: ../admin/ssl_list.php:76
msgid "Pending Certificates"
msgstr ""
#: ../admin/ssl_list.php:77
msgid "Valid Certificates"
msgstr ""
#: ../admin/ssl_list.php:78
msgid "Expired Certificates"
msgstr ""
#: ../admin/ssl_list.php:80
msgid "Certificates Shared by the Administrator"
msgstr ""
#: ../admin/ssl_list.php:82
msgid "Filter"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Domain Name"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Status"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Used by"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Validity period"
msgstr ""
#: ../admin/ssl_list.php:91
msgid "Details"
msgstr ""
#: ../admin/ssl_list.php:97
msgid "(shared)"
msgstr ""
#: ../admin/ssl_list.php:102 ../admin/ssl_list.php:106
#: ../admin/ssl_list.php:112 ../admin/ssl_view.php:65
#: ../admin/ssl_view.php:119 ../admin/ssl_view.php:133
#, php-format
msgid "%3$d-%2$d-%1$d %4$d:%5$d"
msgstr ""
#: ../admin/ssl_list.php:111
msgid "Requested on: "
msgstr ""
#: ../admin/ssl_list.php:129
msgid "Create one"
msgstr ""
#: ../admin/ssl_list.php:130
msgid ""
"This hosting has no valid certificate<br>a self-signed one has been created"
msgstr ""
#: ../admin/ssl_list.php:140
msgid "Create or Import a new SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:42
msgid "New SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:50
msgid ""
"An SSL certificate is a file which must be obtained from a Certificate "
"Authority, and allow you to enable HTTPS encryption on a domain name."
msgstr ""
#: ../admin/ssl_new.php:53
msgid ""
"To obtain one, you need to generate a <i>Certificate Request</i> (CSR) and a "
"<i>RSA Key</i> (KEY) here, then give the CSR to the Certificate Authority, "
"which will give you a certificate (CRT) and also often a chained certificate "
"(CHAIN)."
msgstr ""
#: ../admin/ssl_new.php:56
msgid ""
"If you already know what it is and already have all those files (CRT/KEY/"
"CHAIN) You can import them here too."
msgstr ""
#: ../admin/ssl_new.php:64
msgid "Create a CSR/KEY"
msgstr ""
#: ../admin/ssl_new.php:65
msgid "Import existing files"
msgstr ""
#: ../admin/ssl_new.php:69
msgid "Create a CSR/KEY for a given domain name"
msgstr ""
#: ../admin/ssl_new.php:71
msgid ""
"Use this form to generate a <i>Certificate Request file</i> (CSR) and a "
"<i>RSA Key file</i> (KEY) for a given domain name"
msgstr ""
#: ../admin/ssl_new.php:98
msgid ""
"Please choose the domain name for which you want a SSL Certificate, or enter "
"it manually"
msgstr ""
#: ../admin/ssl_new.php:101 ../admin/ssl_view.php:60
msgid "Fully Qualified Domain Name"
msgstr ""
#: ../admin/ssl_new.php:104
msgid "--- Choose here ---"
msgstr ""
#: ../admin/ssl_new.php:110
msgid "... or click here to enter it manually"
msgstr ""
#: ../admin/ssl_new.php:117 ../admin/ssl_new.php:151 ../admin/ssl_view.php:82
msgid "Save"
msgstr ""
#: ../admin/ssl_new.php:118 ../admin/ssl_new.php:152 ../admin/ssl_view.php:83
msgid "Cancel"
msgstr ""
#: ../admin/ssl_new.php:123
msgid ""
"<i>(If you want to get a valid certificate for all the subdomains of a "
"domain, use a wildcard notation (eg: *.example.com). Please note that a "
"wildcard certificate is usually more expensive than normal one.)</i>"
msgstr ""
#: ../admin/ssl_new.php:123
msgid ""
"Please note that a SSL Certificate is only valid for one fully qualified "
"domain name. As a result, a certificate for <code>www.example.com</code> is "
"NOT valid for <code>intranet.example.com</code> or <code>intranet.www."
"example.com</code> !"
msgstr ""
#: ../admin/ssl_new.php:130
msgid "Import existing Key Certificate and Chain files"
msgstr ""
#: ../admin/ssl_new.php:132
msgid ""
"If you already have a RSA Key file, a Certificate for this key and (maybe) a "
"Chained certificate, please paste their content here."
msgstr ""
#: ../admin/ssl_new.php:133
msgid ""
"We will verify the content of those files and add them in your certificate "
"repository"
msgstr ""
#: ../admin/ssl_new.php:138
msgid "RSA Key"
msgstr ""
#: ../admin/ssl_new.php:142 ../admin/ssl_view.php:73 ../admin/ssl_view.php:159
msgid "SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:146 ../admin/ssl_view.php:77 ../admin/ssl_view.php:164
msgid "Chained Certificate<br />(not mandatory)"
msgstr ""
#: ../admin/ssl_share.php:30
msgid "This page is restricted to authorized staff"
msgstr ""
#: ../admin/ssl_view.php:52
msgid ""
"Your <i>Certificate Request File</i> (CSR) has been created, along with its "
"<i>private RSA Key</i> (KEY). Please find below the CSR you must send to "
"your SSL Certificate provider."
msgstr ""
#: ../admin/ssl_view.php:54
msgid ""
"Once you'll have your <i>Certificate File</i> (CRT) and a <i>Chained "
"Certificate File</i> (CHAIN), please paste them here to finish the "
"enrollment."
msgstr ""
#: ../admin/ssl_view.php:64
msgid "Date of the request"
msgstr ""
#: ../admin/ssl_view.php:68 ../admin/ssl_view.php:154
msgid "Certificate Request File"
msgstr ""
#: ../admin/ssl_view.php:85 ../admin/ssl_view.php:213
msgid "Delete"
msgstr ""
#: ../admin/ssl_view.php:86
msgid ""
"Please confirm that you want to delete this certificate request AND ITS "
"PRIVATE KEY!"
msgstr ""
#: ../admin/ssl_view.php:97
msgid "Valid Certificate"
msgstr ""
#: ../admin/ssl_view.php:98
msgid "Please find below your valid certificate data."
msgstr ""
#: ../admin/ssl_view.php:104
msgid "EXPIRED Certificate"
msgstr ""
#: ../admin/ssl_view.php:105
msgid ""
"Your certificate is EXPIRED. You should not use it for any purpose. Please "
"find below its data."
msgstr ""
#: ../admin/ssl_view.php:113
msgid "Back to my SSL Certificates"
msgstr ""
#: ../admin/ssl_view.php:117
msgid "Valid From:"
msgstr ""
#: ../admin/ssl_view.php:123
#, php-format
msgid "(%d days ago)"
msgstr ""
#: ../admin/ssl_view.php:126
#, php-format
msgid "(%d month ago)"
msgstr ""
#: ../admin/ssl_view.php:131
msgid "Valid Until:"
msgstr ""
#: ../admin/ssl_view.php:137
#, php-format
msgid "(%d days from now)"
msgstr ""
#: ../admin/ssl_view.php:140
#, php-format
msgid "(%d month from now)"
msgstr ""
#: ../admin/ssl_view.php:145
msgid "FQDN:"
msgstr ""
#: ../admin/ssl_view.php:149
msgid "Other Valid FQDN:"
msgstr ""
#: ../admin/ssl_view.php:173
msgid ""
"As an administrator you can allow any account on this server to use this "
"certificate to host his services. <br />(This is only useful for wildcard or "
"multi-domain certificates)."
msgstr ""
#: ../admin/ssl_view.php:177
msgid "This certificate is currently <b>shared</b>"
msgstr ""
#: ../admin/ssl_view.php:184
msgid "Click here to stop sharing this certificate"
msgstr ""
#: ../admin/ssl_view.php:189 ../admin/ssl_view.php:205
msgid ""
"You are not the owner of this certificate, only its owner can share/unshare "
"this certificate."
msgstr ""
#: ../admin/ssl_view.php:193
msgid "This certificate is currently <b>NOT shared</b>"
msgstr ""
#: ../admin/ssl_view.php:200
msgid "Click here to share this certificate"
msgstr ""
#: ../admin/ssl_view.php:214
msgid ""
"Please confirm that you want to delete this certificate AND ITS PRIVATE KEY!"
msgstr ""
#: ../class/m_ssl.php:69 ../class/m_ssl.php:418
msgid "SSL Certificates"
msgstr ""
#: ../class/m_ssl.php:79
msgid "New SSL certificate"
msgstr ""
#: ../class/m_ssl.php:93
msgid "List SSL Certificates"
msgstr ""
#: ../class/m_ssl.php:152
msgid "No SSL certificates available"
msgstr ""
#: ../class/m_ssl.php:175
msgid "You currently have no hosting using SSL certificate"
msgstr ""
#: ../class/m_ssl.php:196
msgid "Bad FQDN domain name"
msgstr ""
#: ../class/m_ssl.php:202 ../class/m_ssl.php:774
msgid "Can't generate a private key (1)"
msgstr ""
#: ../class/m_ssl.php:207 ../class/m_ssl.php:779
msgid "Can't generate a private key (2)"
msgstr ""
#: ../class/m_ssl.php:218
msgid "Can't generate a CSR"
msgstr ""
#: ../class/m_ssl.php:234 ../class/m_ssl.php:250 ../class/m_ssl.php:273
msgid "Can't find this Certificate"
msgstr ""
#: ../class/m_ssl.php:353
msgid "Can't save the Key/Crt/Chain now. Please try later."
msgstr ""
#: ../class/m_ssl.php:390
msgid "Can't save the Crt/Chain now. Please try later."
msgstr ""
#: ../class/m_ssl.php:618
msgid "Alias already exists"
msgstr ""
#: ../class/m_ssl.php:637
msgid "Alias not found"
msgstr ""
#: ../class/m_ssl.php:666
msgid ""
"Can't find the private key in the certificate table, please check your form."
msgstr ""
#: ../class/m_ssl.php:675
msgid ""
"The certificate must begin by BEGIN CERTIFICATE and end by END CERTIFICATE "
"lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:680
msgid ""
"The chained certificate must begin by BEGIN CERTIFICATE and end by END "
"CERTIFICATE lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:686
msgid ""
"The private key must begin by BEGIN (RSA )PRIVATE KEY and end by END (RSA )"
"PRIVATE KEY lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:722
#, php-format
msgid "The %d-th certificate in the chain is invalid"
msgstr ""
#: ../class/m_ssl.php:730
msgid "The certificate is invalid."
msgstr ""
#: ../class/m_ssl.php:735
msgid "The private key is invalid."
msgstr ""
#: ../class/m_ssl.php:740
msgid "The private key is not the one signed inside the certificate."
msgstr ""
#: ../class/m_ssl.php:746
msgid "Can't export your certificate as a string, please check its syntax."
msgstr ""
#: ../class/m_ssl.php:751
msgid ""
"Can't export one of your chained certificates as a string, please check its "
"syntax."
msgstr ""
#: ../class/m_ssl.php:757
msgid "Can't export your private key as a string, please check its syntax."
msgstr ""
#: ../class/m_ssl.php:800
msgid "Locally hosted forcing HTTPS"
msgstr ""
#: ../class/m_ssl.php:801
msgid "Locally hosted HTTP and HTTPS"
msgstr ""
#: ../class/m_ssl.php:802
msgid "HTTPS AlternC panel access"
msgstr ""
#: ../class/m_ssl.php:803
msgid "HTTPS Roundcube Webmail"
msgstr ""
#: ../class/m_ssl.php:804
msgid "HTTPS Squirrelmail Webmail"
msgstr ""
#: ../class/m_ssl.php:805
msgid "php52 forcing HTTPS"
msgstr ""
#: ../class/m_ssl.php:806
msgid "php52 HTTP and HTTPS"
msgstr ""

513
ssl/panel/locales/nl_NL/LC_MESSAGES/ssl.po Normal file
View File

@ -0,0 +1,513 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR AlternC Team
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
msgid ""
msgstr ""
"Report-Msgid-Bugs-To: i18n@alternc.org\n"
"POT-Creation-Date: 2015-02-13 18:04+0100\n"
"PO-Revision-Date: 2012-10-17 09:52+0200\n"
"Last-Translator: Benjamin Sonntag <benjamin@sonntag.fr>\n"
"Language-Team: Dutch <team@alternc.org>\n"
"Language: nl\n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bits\n"
"X-Generator: Emacs 21\n"
"Plural-Forms: nplurals=2; plural=(n!=1);\n"
#: ../admin/ssl_delete.php:43
msgid "Your SSL Certificate has been deleted"
msgstr ""
#: ../admin/ssl_doimport.php:39
msgid "Please enter an ssl key and a certificate"
msgstr ""
#: ../admin/ssl_donew.php:38
msgid "Please enter a proper domain name"
msgstr ""
#: ../admin/ssl_finalize.php:49
msgid "Your ssl certificate has been imported successfully"
msgstr ""
#: ../admin/ssl_list.php:51 ../admin/ssl_view.php:50
msgid "Pending Certificate"
msgstr ""
#: ../admin/ssl_list.php:52
msgid "Valid"
msgstr ""
#: ../admin/ssl_list.php:53
msgid "Expired"
msgstr ""
#: ../admin/ssl_list.php:59
msgid ""
"Some of your hosting are using a <b>self-signed</b> certificate. <br>Your "
"browser will not let you surf those domains properly<br>To fix this, buy a "
"properly signed certificate"
msgstr ""
#: ../admin/ssl_list.php:71
msgid "Your Certificates"
msgstr ""
#: ../admin/ssl_list.php:73
msgid ""
"Please find below your SSL Certificates. Some may be provided by the "
"administrator of the server, some may be Expired or Pending (waiting for a "
"CRT from your Certificate Provider)"
msgstr ""
#: ../admin/ssl_list.php:75
msgid "Only show the following certificates:"
msgstr ""
#: ../admin/ssl_list.php:76
msgid "Pending Certificates"
msgstr ""
#: ../admin/ssl_list.php:77
msgid "Valid Certificates"
msgstr ""
#: ../admin/ssl_list.php:78
msgid "Expired Certificates"
msgstr ""
#: ../admin/ssl_list.php:80
msgid "Certificates Shared by the Administrator"
msgstr ""
#: ../admin/ssl_list.php:82
msgid "Filter"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Domain Name"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Status"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Used by"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Validity period"
msgstr ""
#: ../admin/ssl_list.php:91
msgid "Details"
msgstr ""
#: ../admin/ssl_list.php:97
msgid "(shared)"
msgstr ""
#: ../admin/ssl_list.php:102 ../admin/ssl_list.php:106
#: ../admin/ssl_list.php:112 ../admin/ssl_view.php:65
#: ../admin/ssl_view.php:119 ../admin/ssl_view.php:133
#, php-format
msgid "%3$d-%2$d-%1$d %4$d:%5$d"
msgstr ""
#: ../admin/ssl_list.php:111
msgid "Requested on: "
msgstr ""
#: ../admin/ssl_list.php:129
msgid "Create one"
msgstr ""
#: ../admin/ssl_list.php:130
msgid ""
"This hosting has no valid certificate<br>a self-signed one has been created"
msgstr ""
#: ../admin/ssl_list.php:140
msgid "Create or Import a new SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:42
msgid "New SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:50
msgid ""
"An SSL certificate is a file which must be obtained from a Certificate "
"Authority, and allow you to enable HTTPS encryption on a domain name."
msgstr ""
#: ../admin/ssl_new.php:53
msgid ""
"To obtain one, you need to generate a <i>Certificate Request</i> (CSR) and a "
"<i>RSA Key</i> (KEY) here, then give the CSR to the Certificate Authority, "
"which will give you a certificate (CRT) and also often a chained certificate "
"(CHAIN)."
msgstr ""
#: ../admin/ssl_new.php:56
msgid ""
"If you already know what it is and already have all those files (CRT/KEY/"
"CHAIN) You can import them here too."
msgstr ""
#: ../admin/ssl_new.php:64
msgid "Create a CSR/KEY"
msgstr ""
#: ../admin/ssl_new.php:65
msgid "Import existing files"
msgstr ""
#: ../admin/ssl_new.php:69
msgid "Create a CSR/KEY for a given domain name"
msgstr ""
#: ../admin/ssl_new.php:71
msgid ""
"Use this form to generate a <i>Certificate Request file</i> (CSR) and a "
"<i>RSA Key file</i> (KEY) for a given domain name"
msgstr ""
#: ../admin/ssl_new.php:98
msgid ""
"Please choose the domain name for which you want a SSL Certificate, or enter "
"it manually"
msgstr ""
#: ../admin/ssl_new.php:101 ../admin/ssl_view.php:60
msgid "Fully Qualified Domain Name"
msgstr ""
#: ../admin/ssl_new.php:104
msgid "--- Choose here ---"
msgstr ""
#: ../admin/ssl_new.php:110
msgid "... or click here to enter it manually"
msgstr ""
#: ../admin/ssl_new.php:117 ../admin/ssl_new.php:151 ../admin/ssl_view.php:82
msgid "Save"
msgstr ""
#: ../admin/ssl_new.php:118 ../admin/ssl_new.php:152 ../admin/ssl_view.php:83
msgid "Cancel"
msgstr ""
#: ../admin/ssl_new.php:123
msgid ""
"<i>(If you want to get a valid certificate for all the subdomains of a "
"domain, use a wildcard notation (eg: *.example.com). Please note that a "
"wildcard certificate is usually more expensive than normal one.)</i>"
msgstr ""
#: ../admin/ssl_new.php:123
msgid ""
"Please note that a SSL Certificate is only valid for one fully qualified "
"domain name. As a result, a certificate for <code>www.example.com</code> is "
"NOT valid for <code>intranet.example.com</code> or <code>intranet.www."
"example.com</code> !"
msgstr ""
#: ../admin/ssl_new.php:130
msgid "Import existing Key Certificate and Chain files"
msgstr ""
#: ../admin/ssl_new.php:132
msgid ""
"If you already have a RSA Key file, a Certificate for this key and (maybe) a "
"Chained certificate, please paste their content here."
msgstr ""
#: ../admin/ssl_new.php:133
msgid ""
"We will verify the content of those files and add them in your certificate "
"repository"
msgstr ""
#: ../admin/ssl_new.php:138
msgid "RSA Key"
msgstr ""
#: ../admin/ssl_new.php:142 ../admin/ssl_view.php:73 ../admin/ssl_view.php:159
msgid "SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:146 ../admin/ssl_view.php:77 ../admin/ssl_view.php:164
msgid "Chained Certificate<br />(not mandatory)"
msgstr ""
#: ../admin/ssl_share.php:30
msgid "This page is restricted to authorized staff"
msgstr ""
#: ../admin/ssl_view.php:52
msgid ""
"Your <i>Certificate Request File</i> (CSR) has been created, along with its "
"<i>private RSA Key</i> (KEY). Please find below the CSR you must send to "
"your SSL Certificate provider."
msgstr ""
#: ../admin/ssl_view.php:54
msgid ""
"Once you'll have your <i>Certificate File</i> (CRT) and a <i>Chained "
"Certificate File</i> (CHAIN), please paste them here to finish the "
"enrollment."
msgstr ""
#: ../admin/ssl_view.php:64
msgid "Date of the request"
msgstr ""
#: ../admin/ssl_view.php:68 ../admin/ssl_view.php:154
msgid "Certificate Request File"
msgstr ""
#: ../admin/ssl_view.php:85 ../admin/ssl_view.php:213
msgid "Delete"
msgstr ""
#: ../admin/ssl_view.php:86
msgid ""
"Please confirm that you want to delete this certificate request AND ITS "
"PRIVATE KEY!"
msgstr ""
#: ../admin/ssl_view.php:97
msgid "Valid Certificate"
msgstr ""
#: ../admin/ssl_view.php:98
msgid "Please find below your valid certificate data."
msgstr ""
#: ../admin/ssl_view.php:104
msgid "EXPIRED Certificate"
msgstr ""
#: ../admin/ssl_view.php:105
msgid ""
"Your certificate is EXPIRED. You should not use it for any purpose. Please "
"find below its data."
msgstr ""
#: ../admin/ssl_view.php:113
msgid "Back to my SSL Certificates"
msgstr ""
#: ../admin/ssl_view.php:117
msgid "Valid From:"
msgstr ""
#: ../admin/ssl_view.php:123
#, php-format
msgid "(%d days ago)"
msgstr ""
#: ../admin/ssl_view.php:126
#, php-format
msgid "(%d month ago)"
msgstr ""
#: ../admin/ssl_view.php:131
msgid "Valid Until:"
msgstr ""
#: ../admin/ssl_view.php:137
#, php-format
msgid "(%d days from now)"
msgstr ""
#: ../admin/ssl_view.php:140
#, php-format
msgid "(%d month from now)"
msgstr ""
#: ../admin/ssl_view.php:145
msgid "FQDN:"
msgstr ""
#: ../admin/ssl_view.php:149
msgid "Other Valid FQDN:"
msgstr ""
#: ../admin/ssl_view.php:173
msgid ""
"As an administrator you can allow any account on this server to use this "
"certificate to host his services. <br />(This is only useful for wildcard or "
"multi-domain certificates)."
msgstr ""
#: ../admin/ssl_view.php:177
msgid "This certificate is currently <b>shared</b>"
msgstr ""
#: ../admin/ssl_view.php:184
msgid "Click here to stop sharing this certificate"
msgstr ""
#: ../admin/ssl_view.php:189 ../admin/ssl_view.php:205
msgid ""
"You are not the owner of this certificate, only its owner can share/unshare "
"this certificate."
msgstr ""
#: ../admin/ssl_view.php:193
msgid "This certificate is currently <b>NOT shared</b>"
msgstr ""
#: ../admin/ssl_view.php:200
msgid "Click here to share this certificate"
msgstr ""
#: ../admin/ssl_view.php:214
msgid ""
"Please confirm that you want to delete this certificate AND ITS PRIVATE KEY!"
msgstr ""
#: ../class/m_ssl.php:69 ../class/m_ssl.php:418
msgid "SSL Certificates"
msgstr ""
#: ../class/m_ssl.php:79
msgid "New SSL certificate"
msgstr ""
#: ../class/m_ssl.php:93
msgid "List SSL Certificates"
msgstr ""
#: ../class/m_ssl.php:152
msgid "No SSL certificates available"
msgstr ""
#: ../class/m_ssl.php:175
msgid "You currently have no hosting using SSL certificate"
msgstr ""
#: ../class/m_ssl.php:196
msgid "Bad FQDN domain name"
msgstr ""
#: ../class/m_ssl.php:202 ../class/m_ssl.php:774
msgid "Can't generate a private key (1)"
msgstr ""
#: ../class/m_ssl.php:207 ../class/m_ssl.php:779
msgid "Can't generate a private key (2)"
msgstr ""
#: ../class/m_ssl.php:218
msgid "Can't generate a CSR"
msgstr ""
#: ../class/m_ssl.php:234 ../class/m_ssl.php:250 ../class/m_ssl.php:273
msgid "Can't find this Certificate"
msgstr ""
#: ../class/m_ssl.php:353
msgid "Can't save the Key/Crt/Chain now. Please try later."
msgstr ""
#: ../class/m_ssl.php:390
msgid "Can't save the Crt/Chain now. Please try later."
msgstr ""
#: ../class/m_ssl.php:618
msgid "Alias already exists"
msgstr ""
#: ../class/m_ssl.php:637
msgid "Alias not found"
msgstr ""
#: ../class/m_ssl.php:666
msgid ""
"Can't find the private key in the certificate table, please check your form."
msgstr ""
#: ../class/m_ssl.php:675
msgid ""
"The certificate must begin by BEGIN CERTIFICATE and end by END CERTIFICATE "
"lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:680
msgid ""
"The chained certificate must begin by BEGIN CERTIFICATE and end by END "
"CERTIFICATE lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:686
msgid ""
"The private key must begin by BEGIN (RSA )PRIVATE KEY and end by END (RSA )"
"PRIVATE KEY lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:722
#, php-format
msgid "The %d-th certificate in the chain is invalid"
msgstr ""
#: ../class/m_ssl.php:730
msgid "The certificate is invalid."
msgstr ""
#: ../class/m_ssl.php:735
msgid "The private key is invalid."
msgstr ""
#: ../class/m_ssl.php:740
msgid "The private key is not the one signed inside the certificate."
msgstr ""
#: ../class/m_ssl.php:746
msgid "Can't export your certificate as a string, please check its syntax."
msgstr ""
#: ../class/m_ssl.php:751
msgid ""
"Can't export one of your chained certificates as a string, please check its "
"syntax."
msgstr ""
#: ../class/m_ssl.php:757
msgid "Can't export your private key as a string, please check its syntax."
msgstr ""
#: ../class/m_ssl.php:800
msgid "Locally hosted forcing HTTPS"
msgstr ""
#: ../class/m_ssl.php:801
msgid "Locally hosted HTTP and HTTPS"
msgstr ""
#: ../class/m_ssl.php:802
msgid "HTTPS AlternC panel access"
msgstr ""
#: ../class/m_ssl.php:803
msgid "HTTPS Roundcube Webmail"
msgstr ""
#: ../class/m_ssl.php:804
msgid "HTTPS Squirrelmail Webmail"
msgstr ""
#: ../class/m_ssl.php:805
msgid "php52 forcing HTTPS"
msgstr ""
#: ../class/m_ssl.php:806
msgid "php52 HTTP and HTTPS"
msgstr ""

3425
ssl/panel/locales/pt_BR/LC_MESSAGES/ssl.po Normal file
View File

File diff suppressed because it is too large Load Diff

513
ssl/panel/locales/ssl.pot Normal file
View File

@ -0,0 +1,513 @@
# SOME DESCRIPTIVE TITLE.
# Copyright (C) YEAR AlternC Team
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: AlternC 2.0\n"
"Report-Msgid-Bugs-To: i18n@alternc.org\n"
"POT-Creation-Date: 2015-02-13 18:04+0100\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=CHARSET\n"
"Content-Transfer-Encoding: 8bit\n"
#: ../admin/ssl_delete.php:43
msgid "Your SSL Certificate has been deleted"
msgstr ""
#: ../admin/ssl_doimport.php:39
msgid "Please enter an ssl key and a certificate"
msgstr ""
#: ../admin/ssl_donew.php:38
msgid "Please enter a proper domain name"
msgstr ""
#: ../admin/ssl_finalize.php:49
msgid "Your ssl certificate has been imported successfully"
msgstr ""
#: ../admin/ssl_list.php:51 ../admin/ssl_view.php:50
msgid "Pending Certificate"
msgstr ""
#: ../admin/ssl_list.php:52
msgid "Valid"
msgstr ""
#: ../admin/ssl_list.php:53
msgid "Expired"
msgstr ""
#: ../admin/ssl_list.php:59
msgid ""
"Some of your hosting are using a <b>self-signed</b> certificate. <br>Your "
"browser will not let you surf those domains properly<br>To fix this, buy a "
"properly signed certificate"
msgstr ""
#: ../admin/ssl_list.php:71
msgid "Your Certificates"
msgstr ""
#: ../admin/ssl_list.php:73
msgid ""
"Please find below your SSL Certificates. Some may be provided by the "
"administrator of the server, some may be Expired or Pending (waiting for a "
"CRT from your Certificate Provider)"
msgstr ""
#: ../admin/ssl_list.php:75
msgid "Only show the following certificates:"
msgstr ""
#: ../admin/ssl_list.php:76
msgid "Pending Certificates"
msgstr ""
#: ../admin/ssl_list.php:77
msgid "Valid Certificates"
msgstr ""
#: ../admin/ssl_list.php:78
msgid "Expired Certificates"
msgstr ""
#: ../admin/ssl_list.php:80
msgid "Certificates Shared by the Administrator"
msgstr ""
#: ../admin/ssl_list.php:82
msgid "Filter"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Domain Name"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Status"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Used by"
msgstr ""
#: ../admin/ssl_list.php:85
msgid "Validity period"
msgstr ""
#: ../admin/ssl_list.php:91
msgid "Details"
msgstr ""
#: ../admin/ssl_list.php:97
msgid "(shared)"
msgstr ""
#: ../admin/ssl_list.php:102 ../admin/ssl_list.php:106
#: ../admin/ssl_list.php:112 ../admin/ssl_view.php:65
#: ../admin/ssl_view.php:119 ../admin/ssl_view.php:133
#, php-format
msgid "%3$d-%2$d-%1$d %4$d:%5$d"
msgstr ""
#: ../admin/ssl_list.php:111
msgid "Requested on: "
msgstr ""
#: ../admin/ssl_list.php:129
msgid "Create one"
msgstr ""
#: ../admin/ssl_list.php:130
msgid ""
"This hosting has no valid certificate<br>a self-signed one has been created"
msgstr ""
#: ../admin/ssl_list.php:140
msgid "Create or Import a new SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:42
msgid "New SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:50
msgid ""
"An SSL certificate is a file which must be obtained from a Certificate "
"Authority, and allow you to enable HTTPS encryption on a domain name."
msgstr ""
#: ../admin/ssl_new.php:53
msgid ""
"To obtain one, you need to generate a <i>Certificate Request</i> (CSR) and a "
"<i>RSA Key</i> (KEY) here, then give the CSR to the Certificate Authority, "
"which will give you a certificate (CRT) and also often a chained certificate "
"(CHAIN)."
msgstr ""
#: ../admin/ssl_new.php:56
msgid ""
"If you already know what it is and already have all those files (CRT/KEY/"
"CHAIN) You can import them here too."
msgstr ""
#: ../admin/ssl_new.php:64
msgid "Create a CSR/KEY"
msgstr ""
#: ../admin/ssl_new.php:65
msgid "Import existing files"
msgstr ""
#: ../admin/ssl_new.php:69
msgid "Create a CSR/KEY for a given domain name"
msgstr ""
#: ../admin/ssl_new.php:71
msgid ""
"Use this form to generate a <i>Certificate Request file</i> (CSR) and a "
"<i>RSA Key file</i> (KEY) for a given domain name"
msgstr ""
#: ../admin/ssl_new.php:98
msgid ""
"Please choose the domain name for which you want a SSL Certificate, or enter "
"it manually"
msgstr ""
#: ../admin/ssl_new.php:101 ../admin/ssl_view.php:60
msgid "Fully Qualified Domain Name"
msgstr ""
#: ../admin/ssl_new.php:104
msgid "--- Choose here ---"
msgstr ""
#: ../admin/ssl_new.php:110
msgid "... or click here to enter it manually"
msgstr ""
#: ../admin/ssl_new.php:117 ../admin/ssl_new.php:151 ../admin/ssl_view.php:82
msgid "Save"
msgstr ""
#: ../admin/ssl_new.php:118 ../admin/ssl_new.php:152 ../admin/ssl_view.php:83
msgid "Cancel"
msgstr ""
#: ../admin/ssl_new.php:123
msgid ""
"<i>(If you want to get a valid certificate for all the subdomains of a "
"domain, use a wildcard notation (eg: *.example.com). Please note that a "
"wildcard certificate is usually more expensive than normal one.)</i>"
msgstr ""
#: ../admin/ssl_new.php:123
msgid ""
"Please note that a SSL Certificate is only valid for one fully qualified "
"domain name. As a result, a certificate for <code>www.example.com</code> is "
"NOT valid for <code>intranet.example.com</code> or <code>intranet.www."
"example.com</code> !"
msgstr ""
#: ../admin/ssl_new.php:130
msgid "Import existing Key Certificate and Chain files"
msgstr ""
#: ../admin/ssl_new.php:132
msgid ""
"If you already have a RSA Key file, a Certificate for this key and (maybe) a "
"Chained certificate, please paste their content here."
msgstr ""
#: ../admin/ssl_new.php:133
msgid ""
"We will verify the content of those files and add them in your certificate "
"repository"
msgstr ""
#: ../admin/ssl_new.php:138
msgid "RSA Key"
msgstr ""
#: ../admin/ssl_new.php:142 ../admin/ssl_view.php:73 ../admin/ssl_view.php:159
msgid "SSL Certificate"
msgstr ""
#: ../admin/ssl_new.php:146 ../admin/ssl_view.php:77 ../admin/ssl_view.php:164
msgid "Chained Certificate<br />(not mandatory)"
msgstr ""
#: ../admin/ssl_share.php:30
msgid "This page is restricted to authorized staff"
msgstr ""
#: ../admin/ssl_view.php:52
msgid ""
"Your <i>Certificate Request File</i> (CSR) has been created, along with its "
"<i>private RSA Key</i> (KEY). Please find below the CSR you must send to "
"your SSL Certificate provider."
msgstr ""
#: ../admin/ssl_view.php:54
msgid ""
"Once you'll have your <i>Certificate File</i> (CRT) and a <i>Chained "
"Certificate File</i> (CHAIN), please paste them here to finish the "
"enrollment."
msgstr ""
#: ../admin/ssl_view.php:64
msgid "Date of the request"
msgstr ""
#: ../admin/ssl_view.php:68 ../admin/ssl_view.php:154
msgid "Certificate Request File"
msgstr ""
#: ../admin/ssl_view.php:85 ../admin/ssl_view.php:213
msgid "Delete"
msgstr ""
#: ../admin/ssl_view.php:86
msgid ""
"Please confirm that you want to delete this certificate request AND ITS "
"PRIVATE KEY!"
msgstr ""
#: ../admin/ssl_view.php:97
msgid "Valid Certificate"
msgstr ""
#: ../admin/ssl_view.php:98
msgid "Please find below your valid certificate data."
msgstr ""
#: ../admin/ssl_view.php:104
msgid "EXPIRED Certificate"
msgstr ""
#: ../admin/ssl_view.php:105
msgid ""
"Your certificate is EXPIRED. You should not use it for any purpose. Please "
"find below its data."
msgstr ""
#: ../admin/ssl_view.php:113
msgid "Back to my SSL Certificates"
msgstr ""
#: ../admin/ssl_view.php:117
msgid "Valid From:"
msgstr ""
#: ../admin/ssl_view.php:123
#, php-format
msgid "(%d days ago)"
msgstr ""
#: ../admin/ssl_view.php:126
#, php-format
msgid "(%d month ago)"
msgstr ""
#: ../admin/ssl_view.php:131
msgid "Valid Until:"
msgstr ""
#: ../admin/ssl_view.php:137
#, php-format
msgid "(%d days from now)"
msgstr ""
#: ../admin/ssl_view.php:140
#, php-format
msgid "(%d month from now)"
msgstr ""
#: ../admin/ssl_view.php:145
msgid "FQDN:"
msgstr ""
#: ../admin/ssl_view.php:149
msgid "Other Valid FQDN:"
msgstr ""
#: ../admin/ssl_view.php:173
msgid ""
"As an administrator you can allow any account on this server to use this "
"certificate to host his services. <br />(This is only useful for wildcard or "
"multi-domain certificates)."
msgstr ""
#: ../admin/ssl_view.php:177
msgid "This certificate is currently <b>shared</b>"
msgstr ""
#: ../admin/ssl_view.php:184
msgid "Click here to stop sharing this certificate"
msgstr ""
#: ../admin/ssl_view.php:189 ../admin/ssl_view.php:205
msgid ""
"You are not the owner of this certificate, only its owner can share/unshare "
"this certificate."
msgstr ""
#: ../admin/ssl_view.php:193
msgid "This certificate is currently <b>NOT shared</b>"
msgstr ""
#: ../admin/ssl_view.php:200
msgid "Click here to share this certificate"
msgstr ""
#: ../admin/ssl_view.php:214
msgid ""
"Please confirm that you want to delete this certificate AND ITS PRIVATE KEY!"
msgstr ""
#: ../class/m_ssl.php:69 ../class/m_ssl.php:418
msgid "SSL Certificates"
msgstr ""
#: ../class/m_ssl.php:79
msgid "New SSL certificate"
msgstr ""
#: ../class/m_ssl.php:93
msgid "List SSL Certificates"
msgstr ""
#: ../class/m_ssl.php:152
msgid "No SSL certificates available"
msgstr ""
#: ../class/m_ssl.php:175
msgid "You currently have no hosting using SSL certificate"
msgstr ""
#: ../class/m_ssl.php:196
msgid "Bad FQDN domain name"
msgstr ""
#: ../class/m_ssl.php:202 ../class/m_ssl.php:774
msgid "Can't generate a private key (1)"
msgstr ""
#: ../class/m_ssl.php:207 ../class/m_ssl.php:779
msgid "Can't generate a private key (2)"
msgstr ""
#: ../class/m_ssl.php:218
msgid "Can't generate a CSR"
msgstr ""
#: ../class/m_ssl.php:234 ../class/m_ssl.php:250 ../class/m_ssl.php:273
msgid "Can't find this Certificate"
msgstr ""
#: ../class/m_ssl.php:353
msgid "Can't save the Key/Crt/Chain now. Please try later."
msgstr ""
#: ../class/m_ssl.php:390
msgid "Can't save the Crt/Chain now. Please try later."
msgstr ""
#: ../class/m_ssl.php:618
msgid "Alias already exists"
msgstr ""
#: ../class/m_ssl.php:637
msgid "Alias not found"
msgstr ""
#: ../class/m_ssl.php:666
msgid ""
"Can't find the private key in the certificate table, please check your form."
msgstr ""
#: ../class/m_ssl.php:675
msgid ""
"The certificate must begin by BEGIN CERTIFICATE and end by END CERTIFICATE "
"lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:680
msgid ""
"The chained certificate must begin by BEGIN CERTIFICATE and end by END "
"CERTIFICATE lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:686
msgid ""
"The private key must begin by BEGIN (RSA )PRIVATE KEY and end by END (RSA )"
"PRIVATE KEY lines. Please check you pasted it in PEM form."
msgstr ""
#: ../class/m_ssl.php:722
#, php-format
msgid "The %d-th certificate in the chain is invalid"
msgstr ""
#: ../class/m_ssl.php:730
msgid "The certificate is invalid."
msgstr ""
#: ../class/m_ssl.php:735
msgid "The private key is invalid."
msgstr ""
#: ../class/m_ssl.php:740
msgid "The private key is not the one signed inside the certificate."
msgstr ""
#: ../class/m_ssl.php:746
msgid "Can't export your certificate as a string, please check its syntax."
msgstr ""
#: ../class/m_ssl.php:751
msgid ""
"Can't export one of your chained certificates as a string, please check its "
"syntax."
msgstr ""
#: ../class/m_ssl.php:757
msgid "Can't export your private key as a string, please check its syntax."
msgstr ""
#: ../class/m_ssl.php:800
msgid "Locally hosted forcing HTTPS"
msgstr ""
#: ../class/m_ssl.php:801
msgid "Locally hosted HTTP and HTTPS"
msgstr ""
#: ../class/m_ssl.php:802
msgid "HTTPS AlternC panel access"
msgstr ""
#: ../class/m_ssl.php:803
msgid "HTTPS Roundcube Webmail"
msgstr ""
#: ../class/m_ssl.php:804
msgid "HTTPS Squirrelmail Webmail"
msgstr ""
#: ../class/m_ssl.php:805
msgid "php52 forcing HTTPS"
msgstr ""
#: ../class/m_ssl.php:806
msgid "php52 HTTP and HTTPS"
msgstr ""

91
ssl/ssl.conf Normal file
View File

@ -0,0 +1,91 @@
# ############################################################################
# WARNING : this file is overwritten by alternc.install.
# Edit /etc/alternc/templates/apache2/mods-available/ instead.
# ############################################################################
<IfModule mod_ssl.c>
#
# Pseudo Random Number Generator (PRNG):
# Configure one or more sources to seed the PRNG of the SSL library.
# The seed data should be of good random quality.
# WARNING! On some platforms /dev/random blocks if not enough entropy
# is available. This means you then cannot use the /dev/random device
# because it would lead to very long connection times (as long as
# it requires to make more entropy available). But usually those
# platforms additionally provide a /dev/urandom device which doesn't
# block. So, if available, use this one instead. Read the mod_ssl User
# Manual for more details.
#
SSLRandomSeed startup builtin
SSLRandomSeed startup file:/dev/urandom 512
SSLRandomSeed connect builtin
SSLRandomSeed connect file:/dev/urandom 512
##
## SSL Global Context
##
## All SSL configuration in this context applies both to
## the main server and all SSL-enabled virtual hosts.
##
#
# Some MIME-types for downloading Certificates and CRLs
#
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
# Pass Phrase Dialog:
# Configure the pass phrase gathering process.
# The filtering dialog program (`builtin' is a internal
# terminal dialog) has to provide the pass phrase on stdout.
SSLPassPhraseDialog builtin
# Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism
# to use and second the expiring timeout (in seconds).
# (The mechanism dbm has known memory leaks and should not be used).
#SSLSessionCache dbm:${APACHE_RUN_DIR}/ssl_scache
SSLSessionCache shmcb:${APACHE_RUN_DIR}/ssl_scache(512000)
SSLSessionCacheTimeout 300
# Semaphore:
# Configure the path to the mutual exclusion semaphore the
# SSL engine uses internally for inter-process synchronization.
SSLMutex file:${APACHE_RUN_DIR}/ssl_mutex
# SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate. See the
# ciphers(1) man page from the openssl package for list of all available
# options.
# Enable only secure ciphers:
#SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCipherSuite ALL:!aNULL:!eNULL:!LOW:!EXP:!RC4:!3DES:+HIGH:+MEDIUM
# Other possible ciphersuite (requires wheezy-version of apache2 at least)
#SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"
# Speed-optimized SSL Cipher configuration:
# If speed is your main concern (on busy HTTPS servers e.g.),
# you might want to force clients to specific, performance
# optimized ciphers. In this case, prepend those ciphers
# to the SSLCipherSuite list, and enable SSLHonorCipherOrder.
# Caveat: by giving precedence to RC4-SHA and AES128-SHA
# (as in the example below), most connections will no longer
# have perfect forward secrecy - if the server's key is
# compromised, captures of past or future traffic must be
# considered compromised, too.
#SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5
SSLHonorCipherOrder on
# enable only secure protocols: SSLv3 and TLSv1, but not SSLv2
#SSLProtocol all -SSLv2
SSLProtocol all -SSLv2 -SSLv3
# Allow insecure renegotiation with clients which do not yet support the
# secure renegotiation protocol. Default: Off
#SSLInsecureRenegotiation on
# Whether to forbid non-SNI clients to access name based virtual hosts.
# Default: Off
SSLStrictSNIVHostCheck Off
</IfModule>

39
ssl/ssl.sql Normal file
View File

@ -0,0 +1,39 @@
CREATE TABLE `certificates` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`uid` int(10) unsigned NOT NULL,
`status` tinyint(3) unsigned NOT NULL,
`shared` tinyint(3) unsigned NOT NULL,
`fqdn` varchar(255) NOT NULL,
`altnames` text NOT NULL,
`validstart` datetime NOT NULL,
`validend` datetime NOT NULL,
`sslcsr` text NOT NULL,
`sslkey` text NOT NULL,
`sslcrt` text NOT NULL,
`sslchain` text NOT NULL,
`ssl_action` varchar(32) NOT NULL,
`ssl_result` varchar(32) NOT NULL,
PRIMARY KEY (`id`),
KEY `uid` (`uid`),
KEY `ssl_action` (`ssl_action`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE IF NOT EXISTS `certif_alias` (
`name` varchar(255) NOT NULL,
`content` text NOT NULL,
`uid` int(10) unsigned NOT NULL,
`created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`name`),
KEY `uid` (`uid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='Global aliases defined for SSL certificates FILE validation processes';
CREATE TABLE IF NOT EXISTS `certif_hosts` (
`certif` int(10) unsigned NOT NULL,
`sub` int(10) unsigned NOT NULL,
`uid` int(10) unsigned NOT NULL,
PRIMARY KEY (`certif`,`sub`),
KEY `uid` (`uid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 COMMENT='VHosts of a user using defined or self-signed certificates';
INSERT IGNORE INTO defquotas VALUES ('ssl', 0, 'default');

31
ssl/ssl_alias_manager.sh Executable file
View File

@ -0,0 +1,31 @@
#!/bin/bash
rm -f /var/run/alternc-ssl/generate_certif_alias
# Launched by incron when /tmp/generate_certif_alias exists
# regenerate the list of global aliases used by Comodo for certificate ownership validation
# FIXME: how do we lock that, ensuring we don't launch this more than once ?
APACHECONF=/etc/apache2/conf.d/alternc-ssl_cert-alias.conf
TMP=/tmp/alternc-ssl_cert-alias_${$}.tmp
FILEDIR=/var/lib/alternc/ssl-cert-alias
rm -f "$TMP"
mkdir -p "$FILEDIR"
echo "# this file is autogenerated from /usr/lib/alternc/ssl_alias_manager.sh" >$TMP
echo "# Please do not edit, your changes will be overwritten" >>$TMP
mysql --defaults-file=/etc/alternc/my.cnf --skip-column-names -B -e "SELECT name,content FROM certif_alias;" | while read name content
do
echo "alias /$name ${FILEDIR}/${name}" >>$TMP
echo "$content" >"${FILEDIR}/${name}"
done
if ! diff -q "$TMP" "$APACHECONF"
then
mv -f "$TMP" "$APACHECONF"
service apache2 reload
else
rm -f "$TMP"
fi

42
ssl/templates/panel-ssl.conf Normal file
View File

@ -0,0 +1,42 @@
<Virtualhost *:80>
ServerName %%fqdn%%
AssignUserId #%%UID%% #%%GID%%
SetEnv LOGIN "%%UID%%-%%LOGIN%%"
KeepAlive Off
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !/cgi-bin/
RewriteRule ^/(.*)$ https://%%fqdn%%/$1 [R=301,L]
</Virtualhost>
<VirtualHost *:443>
DocumentRoot /usr/share/alternc/panel/admin
AssignUserId alterncpanel alterncpanel
SetEnv LOGIN "%%UID%%-%%LOGIN%%"
ServerName %%fqdn%%
RewriteEngine on
RewriteRule ^/admin/(.*) /$1
alias /alternc-sql /usr/share/phpmyadmin
RewriteEngine On
RewriteRule ^webmail /webmail-redirect.php [L]
# Mail autoconfig
RewriteRule ^mail/mailautoconfig.xml$ /mailautoconfig_thunderbird.php [L]
RewriteRule ^mail/config-v1.1.xml$ /mailautoconfig_thunderbird.php [L]
RewriteRule ^autodiscover/autodiscover.xml$ /mailautoconfig_outlook.php [L]
RewriteRule ^Autodiscover/Autodiscover.xml$ /mailautoconfig_outlook.php [L]
RewriteRule ^Autodiscover.xml$ mailautoconfig_outlook.php [L]
RewriteRule ^autodiscover.xml$ mailautoconfig_outlook.php [L]
# will be used to define aliases such as /javascript /squirrelmail ...
Include /etc/alternc/apache-panel.d/*.conf
SSLEngine On
SSLCertificateFile %%CRT%%
SSLCertificateKeyFile %%KEY%%
%%CHAINLINE%%
</VirtualHost>

70
ssl/templates/roundcube-ssl.conf Normal file
View File

@ -0,0 +1,70 @@
<Virtualhost *:80>
ServerName %%fqdn%%
AssignUserId #%%UID%% #%%GID%%
SetEnv LOGIN "%%UID%%-%%LOGIN%%"
KeepAlive Off
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !/cgi-bin/
RewriteRule ^/(.*)$ https://%%fqdn%%/$1 [R=301,L]
</Virtualhost>
<VirtualHost *:443>
ServerName %%fqdn%%
AssignUserId www-data www-data
SetEnv LOGIN "0000-roundcube"
DocumentRoot /var/lib/roundcube
# Access to tinymce files
<Directory "/usr/share/tinymce/www/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order allow,deny
allow from all
</Directory>
<Directory /var/lib/roundcube/>
Options +FollowSymLinks
# This is needed to parse /var/lib/roundcube/.htaccess. See its
# content before setting AllowOverride to None.
AllowOverride All
order allow,deny
allow from all
</Directory>
# Protecting basic directories:
<Directory /var/lib/roundcube/config>
Options -FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/lib/roundcube/temp>
Options -FollowSymLinks
AllowOverride None
Order allow,deny
Deny from all
</Directory>
<Directory /var/lib/roundcube/logs>
Options -FollowSymLinks
AllowOverride None
Order allow,deny
Deny from all
</Directory>
Alias /javascript /usr/share/javascript/
<Directory "/usr/share/javascript/">
Options FollowSymLinks MultiViews
Order allow,deny
Allow from all
</Directory>
SSLEngine On
SSLCertificateFile %%CRT%%
SSLCertificateKeyFile %%KEY%%
%%CHAINLINE%%
</VirtualHost>

38
ssl/templates/squirrelmail-ssl.conf Normal file
View File

@ -0,0 +1,38 @@
<Virtualhost *:80>
ServerName %%fqdn%%
AssignUserId #%%UID%% #%%GID%%
SetEnv LOGIN "%%UID%%-%%LOGIN%%"
KeepAlive Off
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !/cgi-bin/
RewriteRule ^/(.*)$ https://%%fqdn%%/$1 [R=301,L]
</Virtualhost>
<VirtualHost *:443>
ServerName %%fqdn%%
AssignUserId alternc-squirrelmail nogroup
SetEnv LOGIN "%%UID%%-%%LOGIN%%"
DocumentRoot /usr/share/squirrelmail
<Directory /usr/share/squirrelmail>
php_value open_basedir /usr/share/squirrelmail:/etc/squirrelmail/:/var/lib/squirrelmail/data/:/var/spool/squirrelmail/:/etc/mailname
php_admin_flag safe_mode off
Options Indexes FollowSymLinks
</Directory>
Alias /javascript /usr/share/javascript/
<Directory "/usr/share/javascript/">
Options FollowSymLinks MultiViews
Order allow,deny
Allow from all
</Directory>
SSLEngine On
SSLCertificateFile %%CRT%%
SSLCertificateKeyFile %%KEY%%
%%CHAINLINE%%
</VirtualHost>

39
ssl/templates/vhost-mixssl.conf Normal file
View File

@ -0,0 +1,39 @@
<VirtualHost *:80>
ServerName %%fqdn%%
DocumentRoot "%%document_root%%"
AssignUserId #%%UID%% #%%GID%%
SetEnv LOGIN "%%UID%%-%%LOGIN%%"
<Directory "%%document_root%%">
php_admin_value open_basedir "%%account_root%%:/usr/share/php/"
php_admin_value upload_tmp_dir %%account_root%%/tmp
php_admin_value sendmail_path '/usr/lib/alternc/sendmail "%%mail_account%%" '
php_admin_flag mail.add_x_header on
Options +MultiViews -FollowSymLinks +SymLinksIfOwnerMatch
AllowOverride AuthConfig FileInfo Limit Options Indexes
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerName %%fqdn%%
DocumentRoot "%%document_root%%"
AssignUserId #%%UID%% #%%GID%%
SetEnv LOGIN "%%UID%%-%%LOGIN%%"
<Directory "%%document_root%%">
php_admin_value open_basedir "%%account_root%%:/usr/share/php/"
php_admin_value upload_tmp_dir %%account_root%%/tmp
php_admin_value sendmail_path '/usr/lib/alternc/sendmail "%%mail_account%%" '
php_admin_flag mail.add_x_header on
Options +MultiViews -FollowSymLinks +SymLinksIfOwnerMatch
AllowOverride AuthConfig FileInfo Limit Options Indexes
</Directory>
SSLEngine On
SSLCertificateFile %%CRT%%
SSLCertificateKeyFile %%KEY%%
%%CHAINLINE%%
</VirtualHost>

34
ssl/templates/vhost-ssl.conf Normal file
View File

@ -0,0 +1,34 @@
<Virtualhost *:80>
ServerName %%fqdn%%
AssignUserId #%%UID%% #%%GID%%
SetEnv LOGIN "%%UID%%-%%LOGIN%%"
KeepAlive Off
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !/cgi-bin/
RewriteRule ^/(.*)$ https://%%fqdn%%/$1 [R=301,L]
</Virtualhost>
<VirtualHost *:443>
ServerName %%fqdn%%
DocumentRoot "%%document_root%%"
AssignUserId #%%UID%% #%%GID%%
SetEnv LOGIN "%%UID%%-%%LOGIN%%"
<Directory "%%document_root%%">
php_admin_value open_basedir "%%account_root%%:/usr/share/php/"
php_admin_value upload_tmp_dir %%account_root%%/tmp
php_admin_value sendmail_path '/usr/lib/alternc/sendmail "%%mail_account%%" '
php_admin_flag mail.add_x_header on
Options +MultiViews -FollowSymLinks +SymLinksIfOwnerMatch
AllowOverride AuthConfig FileInfo Limit Options Indexes
</Directory>
SSLEngine On
SSLCertificateFile %%CRT%%
SSLCertificateKeyFile %%KEY%%
%%CHAINLINE%%
</VirtualHost>