3 # Save, create or delete an SSL tunnel
5 require './stunnel-lib.pl';
7 &error_setup($text{'save_err'});
9 if ($in{'idx'} ne '') {
10 @stunnels = &list_stunnels();
11 $st = $stunnels[$in{'idx'}];
16 # Just delete from inetd.conf and xinetd.conf
17 &lock_file($st->{'file'});
18 if (&get_stunnel_version(\$dummy) >= 4) {
19 if ($st->{'args'} =~ /^(\S+)\s+(\S+)/) {
21 if ($cfile =~ /^\Q$module_config_directory\E\//) {
31 $in{'name'} =~ /^[A-z][A-z0-9\_\-]+$/ || &error($text{'save_ename'});
32 $in{'port'} =~ /^\d+$/ || &error($text{'save_eport'});
33 if ($in{'pmode'} == 2) {
34 -r $in{'pem'} || &error(&text('save_epem', $in{'pem'}));
36 if (!$in{'tcpw_def'}) {
37 $in{'tcpw'} =~ /^\S+$/ || &error($text{'save_etcpw'});
39 if (!$in{'iface_def'}) {
40 &to_ipaddress($in{'iface'}) || &to_ip6address($in{'iface'}) ||
41 &error($text{'save_eiface'});
43 if ($in{'mode'} == 0 || $in{'mode'} == 1) {
45 $cmd = $in{'mode'} == 0 ? $in{'cmd0'} : $in{'cmd1'};
46 $args = $in{'mode'} == 0 ? $in{'args0'} : $in{'args1'};
47 &has_command($cmd) || &error($text{'save_ecmd'});
50 # Connecting to remote host and port
51 &to_ipaddress($in{'rhost'}) || &to_ip6address($in{'rhost'}) ||
52 &error($text{'save_erhost'});
53 $in{'rport'} =~ /^\d+$/ || &error($text{'save_erport'});
56 # Create inetd/xinetd config
57 if (&get_stunnel_version(\$dummy) >= 4) {
58 # New-style args format
60 $cfile = "$module_config_directory/$in{'name'}.conf";
63 $st = { 'args' => "$stunnel_shortname $cfile",
64 'command' => $config{'stunnel_path'},
65 'type' => $in{'type'} };
68 if ($st->{'args'} =~ /^(\S+)\s+(\S+)/) {
70 @conf = &get_stunnel_config($cfile);
71 ($conf) = grep { !$_->{'name'} } @conf;
74 $st->{'name'} = $in{'name'};
75 $st->{'port'} = $in{'port'};
76 $st->{'active'} = $in{'active'};
77 if ($in{'pmode'} == 1) {
78 $conf->{'values'}->{'cert'} = $webmin_pem;
80 elsif ($in{'pmode'} == 2) {
81 $conf->{'values'}->{'cert'} = $in{'pem'};
84 delete($conf->{'values'}->{'cert'});
86 $conf->{'values'}->{'client'} = $in{'cmode'} ? 'yes' : 'no';
87 if (!$in{'tcpw_def'}) {
88 $conf->{'values'}->{'service'} = $in{'tcpw'};
91 delete($conf->{'values'}->{'service'});
93 if (!$in{'iface_def'}) {
94 $conf->{'values'}->{'local'} = $in{'iface'};
97 delete($conf->{'values'}->{'local'});
99 if ($in{'mode'} == 0 || $in{'mode'} == 1) {
101 $conf->{'values'}->{'exec'} = $cmd;
102 $conf->{'values'}->{'execargs'} = $args if ($args);
103 $conf->{'values'}->{'pty'} = $in{'mode'} ? 'yes' : 'no';
104 delete($conf->{'values'}->{'connect'});
107 # Connecting to remote host and port
108 if ($in{'rhost'} eq 'localhost') {
109 $conf->{'values'}->{'connect'} = $in{'rport'};
112 $conf->{'values'}->{'connect'} =
113 "$in{'rhost'}:$in{'rport'}";
115 delete($conf->{'values'}->{'exec'});
116 delete($conf->{'values'}->{'execargs'});
117 delete($conf->{'values'}->{'pty'});
120 # Save this stunnel config file
122 &create_stunnel_service($conf, $cfile);
125 &modify_stunnel_service($conf, $cfile);
129 # Old-style args format
131 $st = { 'args' => $stunnel_shortname,
132 'command' => $config{'stunnel_path'},
133 'type' => $in{'type'} };
136 $st->{'args'} = $in{'args'};
138 $st->{'name'} = $in{'name'};
139 $st->{'port'} = $in{'port'};
140 $st->{'active'} = $in{'active'};
141 if ($in{'pmode'} == 1) {
142 $st->{'args'} .= " -p $webmin_pem";
144 elsif ($in{'pmode'} == 2) {
145 $st->{'args'} .= " -p $in{'pem'}";
148 $st->{'args'} .= " -c";
150 if (!$in{'tcpw_def'}) {
151 $st->{'args'} .= " -N $in{'tcpw'}";
153 if (!$in{'iface_def'}) {
154 $st->{'args'} .= " -I $in{'iface'}";
156 if ($in{'mode'} == 0 || $in{'mode'} == 1) {
158 if ($in{'mode'} == 0) {
159 $st->{'args'} .= " -l $cmd";
162 $st->{'args'} .= " -L $cmd";
165 $st->{'args'} .= " -- $args";
169 # Connecting to remote host and port
170 if ($in{'rhost'} eq 'localhost') {
171 $st->{'args'} .= " -r $in{'rport'}";
174 $st->{'args'} .=" -r $in{'rhost'}:$in{'rport'}";
181 &create_stunnel($st);
184 &lock_file($old{'file'});
185 &modify_stunnel(\%old, $st);
189 &webmin_log($in{'delete'} ? "delete" : $in{'new'} ? "create" : "modify",
190 "stunnel", $st->{'name'}, $st);