]>
Commit | Line | Data |
---|---|---|
ac1cfefa MT |
1 | #!/usr/bin/perl |
2 | # | |
3 | # SmoothWall CGIs | |
4 | # | |
5 | # This code is distributed under the terms of the GPL | |
6 | # | |
7 | # (c) The SmoothWall Team | |
8 | # | |
9 | # $Id: remote.cgi,v 1.6.2.8 2005/02/22 22:21:56 gespinasse Exp $ | |
10 | # | |
11 | ||
12 | use strict; | |
13 | ||
14 | # enable only the following on debugging purpose | |
15 | #use warnings; | |
16 | #use CGI::Carp 'fatalsToBrowser'; | |
17 | ||
986e08d9 | 18 | require '/var/ipfire/general-functions.pl'; |
ac1cfefa MT |
19 | require "${General::swroot}/lang.pl"; |
20 | require "${General::swroot}/header.pl"; | |
21 | ||
22 | my %remotesettings=(); | |
23 | my %checked=(); | |
24 | my $errormessage=''; | |
25 | ||
26 | &Header::showhttpheaders(); | |
27 | ||
28 | $remotesettings{'ENABLE_SSH'} = 'off'; | |
29 | $remotesettings{'ENABLE_SSH_PROTOCOL1'} = 'off'; | |
30 | $remotesettings{'ENABLE_SSH_PORTFW'} = 'off'; | |
31 | $remotesettings{'ACTION'} = ''; | |
32 | &Header::getcgihash(\%remotesettings); | |
33 | ||
34 | if ($remotesettings{'ACTION'} eq $Lang::tr{'save'}) | |
35 | { | |
36 | # not existing here indicates the box is unticked | |
37 | $remotesettings{'ENABLE_SSH_PASSWORDS'} = 'off' unless exists $remotesettings{'ENABLE_SSH_PASSWORDS'}; | |
38 | $remotesettings{'ENABLE_SSH_KEYS'} = 'off' unless exists $remotesettings{'ENABLE_SSH_KEYS'}; | |
39 | ||
40 | ||
41 | &General::writehash("${General::swroot}/remote/settings", \%remotesettings); | |
42 | if ($remotesettings{'ENABLE_SSH'} eq 'on') | |
43 | { | |
44 | &General::log($Lang::tr{'ssh is enabled'}); | |
45 | if ($remotesettings{'ENABLE_SSH_PASSWORDS'} eq 'off' | |
46 | and $remotesettings{'ENABLE_SSH_KEYS'} eq 'off') | |
47 | { | |
48 | $errormessage = $Lang::tr{'ssh no auth'}; | |
49 | } | |
50 | system ('/bin/touch', "${General::swroot}/remote/enablessh"); | |
51 | } | |
52 | else | |
53 | { | |
54 | &General::log($Lang::tr{'ssh is disabled'}); | |
55 | unlink "${General::swroot}/remote/enablessh"; | |
56 | } | |
57 | ||
58 | if ($remotesettings{'ENABLE_SSH_PROTOCOL1'} eq 'on') | |
59 | { | |
60 | &General::log($Lang::tr{'ssh1 enabled'}); | |
61 | } | |
62 | else | |
63 | { | |
64 | &General::log($Lang::tr{'ssh1 disabled'}); | |
65 | } | |
66 | ||
67 | system('/usr/local/bin/restartssh') == 0 | |
68 | or $errormessage = "$Lang::tr{'bad return code'} " . $?/256; | |
69 | } | |
70 | ||
71 | &General::readhash("${General::swroot}/remote/settings", \%remotesettings); | |
72 | ||
73 | # not existing here means they're undefined and the default value should be | |
74 | # used | |
75 | $remotesettings{'ENABLE_SSH_PASSWORDS'} = 'on' unless exists $remotesettings{'ENABLE_SSH_PASSWORDS'}; | |
76 | $remotesettings{'ENABLE_SSH_KEYS'} = 'on' unless exists $remotesettings{'ENABLE_SSH_KEYS'}; | |
77 | ||
78 | $checked{'ENABLE_SSH'}{'off'} = ''; | |
79 | $checked{'ENABLE_SSH'}{'on'} = ''; | |
80 | $checked{'ENABLE_SSH'}{$remotesettings{'ENABLE_SSH'}} = "checked='checked'"; | |
81 | $checked{'ENABLE_SSH_PROTOCOL1'}{'off'} = ''; | |
82 | $checked{'ENABLE_SSH_PROTOCOL1'}{'on'} = ''; | |
83 | $checked{'ENABLE_SSH_PROTOCOL1'}{$remotesettings{'ENABLE_SSH_PROTOCOL1'}} = "checked='checked'"; | |
84 | $checked{'ENABLE_SSH_PORTFW'}{'off'} = ''; | |
85 | $checked{'ENABLE_SSH_PORTFW'}{'on'} = ''; | |
86 | $checked{'ENABLE_SSH_PORTFW'}{$remotesettings{'ENABLE_SSH_PORTFW'}} = "checked='checked'"; | |
87 | $checked{'ENABLE_SSH_PASSWORDS'}{'off'} = ''; | |
88 | $checked{'ENABLE_SSH_PASSWORDS'}{'on'} = ''; | |
89 | $checked{'ENABLE_SSH_PASSWORDS'}{$remotesettings{'ENABLE_SSH_PASSWORDS'}} = "checked='checked'"; | |
90 | $checked{'ENABLE_SSH_KEYS'}{'off'} = ''; | |
91 | $checked{'ENABLE_SSH_KEYS'}{'on'} = ''; | |
92 | $checked{'ENABLE_SSH_KEYS'}{$remotesettings{'ENABLE_SSH_KEYS'}} = "checked='checked'"; | |
93 | ||
94 | ||
95 | &Header::openpage($Lang::tr{'remote access'}, 1, ''); | |
96 | ||
97 | &Header::openbigbox('100%', 'left', '', $errormessage); | |
98 | ||
99 | if ($errormessage) { | |
100 | &Header::openbox('100%', 'left', $Lang::tr{'error messages'}); | |
101 | print "<FONT CLASS='base'>$errormessage </FONT>\n"; | |
102 | &Header::closebox(); | |
103 | } | |
104 | ||
105 | print "<form method='post' action='$ENV{'SCRIPT_NAME'}'>\n"; | |
106 | ||
107 | &Header::openbox('100%', 'left', 'SSH:'); | |
108 | print <<END | |
109 | <table width='100%'> | |
110 | <tr> | |
111 | <td><input type='checkbox' name='ENABLE_SSH' $checked{'ENABLE_SSH'}{'on'} /></td> | |
112 | <td class='base' colspan='2'>$Lang::tr{'ssh access'}</td> | |
113 | </tr> | |
114 | <tr> | |
115 | <td> </td> | |
116 | <td><input type='checkbox' name='ENABLE_SSH_PROTOCOL1' $checked{'ENABLE_SSH_PROTOCOL1'}{'on'} /></td> | |
117 | <td width='100%' class='base'>$Lang::tr{'ssh1 support'}</td> | |
118 | </tr> | |
119 | <tr> | |
120 | <td> </td> | |
121 | <td><input type='checkbox' name='ENABLE_SSH_PORTFW' $checked{'ENABLE_SSH_PORTFW'}{'on'} /></td> | |
122 | <td width='100%' class='base'>$Lang::tr{'ssh portfw'}</td> | |
123 | </tr> | |
124 | <tr> | |
125 | <td> </td> | |
126 | <td><input type='checkbox' name='ENABLE_SSH_PASSWORDS' $checked{'ENABLE_SSH_PASSWORDS'}{'on'} /></td> | |
127 | <td width='100%' class='base'>$Lang::tr{'ssh passwords'}</td> | |
128 | </tr> | |
129 | <tr> | |
130 | <td> </td> | |
131 | <td><input type='checkbox' name='ENABLE_SSH_KEYS' $checked{'ENABLE_SSH_KEYS'}{'on'} /></td> | |
132 | <td width='100%' class='base'>$Lang::tr{'ssh keys'}</td> | |
133 | </tr> | |
134 | <tr> | |
135 | <td colspan='3' align='center'><hr /><input type='submit' name='ACTION' value='$Lang::tr{'save'}' /></td> | |
136 | </tr> | |
137 | </table> | |
138 | END | |
139 | ; | |
140 | &Header::closebox(); | |
141 | ||
142 | print "</form>\n"; | |
143 | ||
144 | &Header::openbox('100%', 'left', $Lang::tr{'ssh host keys'}); | |
145 | ||
146 | print "<table>\n"; | |
147 | ||
148 | print <<END | |
149 | <tr><td class='boldbase'><b>$Lang::tr{'ssh key'}</b></td> | |
150 | <td class='boldbase'><b>$Lang::tr{'ssh fingerprint'}</b></td> | |
151 | <td class='boldbase'><b>$Lang::tr{'ssh key size'}</b></td></tr> | |
152 | END | |
153 | ; | |
154 | ||
155 | &viewkey("/etc/ssh/ssh_host_key.pub","RSA1"); | |
156 | &viewkey("/etc/ssh/ssh_host_rsa_key.pub","RSA2"); | |
157 | &viewkey("/etc/ssh/ssh_host_dsa_key.pub","DSA"); | |
158 | ||
159 | print "</table>\n"; | |
160 | ||
161 | &Header::closebox(); | |
162 | ||
163 | &Header::closebigbox(); | |
164 | ||
165 | &Header::closepage(); | |
166 | ||
167 | ||
168 | sub viewkey | |
169 | { | |
170 | my $key = $_[0]; | |
171 | my $name = $_[1]; | |
172 | ||
173 | if ( -e $key ) | |
174 | { | |
175 | my @temp = split(/ /,`/usr/bin/ssh-keygen -l -f $key`); | |
176 | my $keysize = &Header::cleanhtml($temp[0],"y"); | |
177 | my $fingerprint = &Header::cleanhtml($temp[1],"y"); | |
178 | print "<tr><td>$key ($name)</td><td><code>$fingerprint</code></td><td align='center'>$keysize</td></tr>\n"; | |
179 | } | |
180 | } |