diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-bridge-2.0/createlinks mezzanine_patched_smeserver-openvpn-bridge-2.0/createlinks --- smeserver-openvpn-bridge-2.0/createlinks 2008-12-10 02:53:47.000000000 +0100 +++ mezzanine_patched_smeserver-openvpn-bridge-2.0/createlinks 2009-01-16 15:32:58.000000000 +0100 @@ -25,4 +25,5 @@ templates2events("/etc/crontab", qw(openvpn-bridge-update)); event_link("openvpn-bridge-reload-ccd", qw(openvpn-bridge-update openvpn-bridge-reload-ccd), "20"); +event_link("openvpn-bridge-update-crl", qw(openvpn-bridge-update openvpn-bridge-reload-ccd), "30"); diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-bridge-2.0/root/etc/e-smith/db/configuration/defaults/openvpn-bridge/CrlUrl mezzanine_patched_smeserver-openvpn-bridge-2.0/root/etc/e-smith/db/configuration/defaults/openvpn-bridge/CrlUrl --- smeserver-openvpn-bridge-2.0/root/etc/e-smith/db/configuration/defaults/openvpn-bridge/CrlUrl 1970-01-01 01:00:00.000000000 +0100 +++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/etc/e-smith/db/configuration/defaults/openvpn-bridge/CrlUrl 2009-01-16 15:32:58.000000000 +0100 @@ -0,0 +1 @@ +http://localhost:940/phpki/index.php?stage=dl_crl_pem diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-bridge-2.0/root/etc/e-smith/events/actions/openvpn-bridge-update-crl mezzanine_patched_smeserver-openvpn-bridge-2.0/root/etc/e-smith/events/actions/openvpn-bridge-update-crl --- smeserver-openvpn-bridge-2.0/root/etc/e-smith/events/actions/openvpn-bridge-update-crl 1970-01-01 01:00:00.000000000 +0100 +++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/etc/e-smith/events/actions/openvpn-bridge-update-crl 2009-01-16 15:32:58.000000000 +0100 @@ -0,0 +1,29 @@ +#!/bin/bash + +URL=$(/sbin/e-smith/db configuration getprop openvpn-bridge CrlUrl) +DOMAIN=$(/sbin/e-smith/db configuration get DomainName) + +/usr/bin/wget $URL -O /tmp/cacrl.pem > /dev/null 2>&1 + +/usr/bin/openssl crl -inform PEM -in /tmp/cacrl.pem -text > /dev/null 2>&1 + +if [ "$?" -eq "0" ]; then + /bin/mv -f /tmp/cacrl.pem /etc/openvpn/bridge/pub/cacrl.pem > /dev/null 2>&1 +else + cat > /tmp/crlmail <> /tmp/crlmail + mail -s 'CRL update failed' admin@$DOMAIN < /tmp/crlmail +fi + +rm -f /tmp/cacrl.pem +rm -f /tmp/crlmail + diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-bridge-2.0/root/etc/e-smith/locale/en/etc/e-smith/web/functions/openvpnbridge mezzanine_patched_smeserver-openvpn-bridge-2.0/root/etc/e-smith/locale/en/etc/e-smith/web/functions/openvpnbridge --- smeserver-openvpn-bridge-2.0/root/etc/e-smith/locale/en/etc/e-smith/web/functions/openvpnbridge 2009-01-16 15:33:54.000000000 +0100 +++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/etc/e-smith/locale/en/etc/e-smith/web/functions/openvpnbridge 2009-01-16 15:32:58.000000000 +0100 @@ -397,5 +397,43 @@ The bridge service must be enabled.
The following commands will enable it:
db configuration setprop bridge status enabled
/etc/init.d/bridge start

]]>
+ + NOT_A_VALID_URL + "{$string}" isn't a valid URL + + + + DESC_CRL_URL + Enter here the URL to update the CRL. (if phpki runs on the same server, you can let the default value) + + + + LABEL_CRL_URL + URL to update the CRL + + + + LABEL_CA_PEM + CA certificate + + + LABEL_CRT_PEM + Server certificate + + + + LABEL_KEY_PEM + Server private key + + + + LABEL_DH_PEM + DH parameters + + + + LABEL_TA_PEM + Static key + diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-bridge-2.0/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/openvpnbridge mezzanine_patched_smeserver-openvpn-bridge-2.0/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/openvpnbridge --- smeserver-openvpn-bridge-2.0/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/openvpnbridge 2009-01-16 15:33:54.000000000 +0100 +++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/etc/e-smith/locale/fr/etc/e-smith/web/functions/openvpnbridge 2009-01-16 15:32:58.000000000 +0100 @@ -395,4 +395,45 @@ Le service bridge doit être activé.
Les commandes suivantes permettrons de l'activer:
db configuration setprop bridge status enabled
/etc/init.d/bridge start

]]>
+ + NOT_A_VALID_URL + "{$string}" n'est pas une URL valide + + + + DESC_CRL_URL + Entrez ici l'URL de mise à jour de la CRL. (si phpki est installé sur la même machine, vous pouvez laisser la valeur par défaut) + + + + LABEL_CRL_URL + URL de mise à jour de la CRL + + + + LABEL_CA_PEM + Certificat autoritaire + + + + LABEL_CRT_PEM + Certificat serveur + + + + LABEL_KEY_PEM + Clé privée du serveur + + + + LABEL_DH_PEM + Paramètres DH + + + + LABEL_TA_PEM + Clé statique + + + diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-bridge-2.0/root/etc/e-smith/templates/etc/crontab/openvpn-bridge-crl mezzanine_patched_smeserver-openvpn-bridge-2.0/root/etc/e-smith/templates/etc/crontab/openvpn-bridge-crl --- smeserver-openvpn-bridge-2.0/root/etc/e-smith/templates/etc/crontab/openvpn-bridge-crl 2008-12-10 02:54:47.000000000 +0100 +++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/etc/e-smith/templates/etc/crontab/openvpn-bridge-crl 2009-01-16 15:33:17.000000000 +0100 @@ -2,7 +2,6 @@ my $url = ${'openvpn-bridge'}{'CrlUrl'} || ''; if ($url =~ /^http(s)?:\/\/.*$/){ $OUT .= "# Update OpenVPN bridge's CRL\n"; - $OUT .= "5 * * * * root /usr/bin/ovpn-bridge-update-crl 2>&1 /dev/null\n"; - + $OUT .= "5 * * * * root /etc/e-smith/events/actions/openvpn-bridge-update-crl 2>&1 /dev/null\n"; } } diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-bridge-2.0/root/etc/e-smith/web/functions/openvpnbridge mezzanine_patched_smeserver-openvpn-bridge-2.0/root/etc/e-smith/web/functions/openvpnbridge --- smeserver-openvpn-bridge-2.0/root/etc/e-smith/web/functions/openvpnbridge 2008-12-10 03:56:57.000000000 +0100 +++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/etc/e-smith/web/functions/openvpnbridge 2009-01-16 15:32:58.000000000 +0100 @@ -255,34 +255,50 @@ pre-event="turn_off_buttons()" post-event="write_pem()"> - DESC_CRT_CONFIG_PAGE + + + + + DESC_CRL_URL - + + + DESC_CA_PEM + DESC_CRT_PEM + DESC_KEY_PEM - + + DESC_DH_PEM - + + DESC_TA_PEM - + diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-bridge-2.0/root/usr/bin/ovpn-bridge-update-crl mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/bin/ovpn-bridge-update-crl --- smeserver-openvpn-bridge-2.0/root/usr/bin/ovpn-bridge-update-crl 2008-12-10 03:08:19.000000000 +0100 +++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/bin/ovpn-bridge-update-crl 1970-01-01 01:00:00.000000000 +0100 @@ -1,29 +0,0 @@ -#!/bin/bash - -URL=$(/sbin/e-smith/db configuration getprop openvpn-bridge CrlUrl) -DOMAIN=$(/sbin/e-smith/db configuration get DomainName) - -/usr/bin/wget $URL -O /tmp/cacrl.pem > /dev/null 2>&1 - -/usr/bin/openssl crl -inform PEM -in /tmp/cacrl.pem -text > /dev/null 2>&1 - -if [ "$?" -eq "0" ]; then - /bin/mv -f /tmp/cacrl.pem /etc/openvpn/bridge/pub/cacrl.pem -else - cat > /tmp/crlmail <> /tmp/crlmail - mail -s 'CRL update failed' admin@$DOMAIN < /tmp/crlmail -fi - -rm -f /tmp/cacrl.pem -rm -f /tmp/crlmail - diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm --- smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm 2009-01-16 15:33:54.000000000 +0100 +++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm 2009-01-16 15:32:58.000000000 +0100 @@ -634,6 +634,8 @@ my $dh = $q->param('dhpar_pem'); my $ta = $q->param('ta_pem'); + $config_db->set_prop('openvpn-bridge', 'CrlUrl', $q->param('crl_url')); + if (! open (CA, ">$pubdir/cacert.pem")){ $fm->error('ERROR_OPEN_CA','FIRST'); # Tell the user something bad has happened @@ -769,5 +771,16 @@ return "OK"; } +sub is_url +{ + my ($fm, $url) = @_; + + unless ($url =~ /^(http:\/\/)|(https:\/\/)/){ + return $fm->localise('NOT_A_VALID_URL',{string => $url}); + } + return "OK"; + +} + 1;