5 require './webmin-lib.pl';
6 &ui_print_header(undef, $text{'ssl_title'}, "");
8 &get_miniserv_config(\%miniserv);
10 # Check if we even *have* SSL support
12 eval "use Net::SSLeay";
14 print &text('ssl_essl', "http://www.webmin.com/ssl.html"),"<p>\n";
15 if (&foreign_available("cpan")) {
16 print &text('ssl_cpan', "../cpan/download.cgi?source=3&cpan=Net::SSLeay&mode=2&return=/$module_name/&returndesc=".&urlize($text{'index_return'})),"<p>\n";
19 $err =~ s/\s+at.*line\s+\d+[\000-\377]*$//;
20 print &text('ssl_emessage', "<tt>$err</tt>"),"<p>\n";
21 &ui_print_footer("", $text{'index_return'});
26 @tabs = map { [ $_, $text{'ssl_tab'.$_}, "edit_ssl.cgi?mode=$_" ] }
27 ( "ssl", "current", "ips", "create", "upload" );
28 print &ui_tabs_start(\@tabs, "mode", $in{'mode'} || $tabs[0]->[0], 1);
31 print &ui_tabs_start_tab("mode", "ssl");
32 print $text{'ssl_desc1'},"<p>\n";
33 print $text{'ssl_desc2'},"<p>\n";
35 print &ui_form_start("change_ssl.cgi", "post");
36 print &ui_table_start($text{'ssl_header'}, undef, 2);
38 print &ui_table_row($text{'ssl_on'},
39 &ui_yesno_radio("ssl", $miniserv{'ssl'}));
41 print &ui_table_row($text{'ssl_key'},
42 &ui_textbox("key", $miniserv{'keyfile'}, 40)." ".
43 &file_chooser_button("key"));
45 print &ui_table_row($text{'ssl_cert'},
46 &ui_opt_textbox("cert", $miniserv{'certfile'}, 40,
47 $text{'ssl_cert_def'}."<br>",$text{'ssl_cert_oth'})." ".
48 &file_chooser_button("cert"));
50 print &ui_table_row($text{'ssl_redirect'},
51 &ui_yesno_radio("ssl_redirect", $miniserv{'ssl_redirect'}));
53 print &ui_table_row($text{'ssl_version'},
54 &ui_opt_textbox("version", $miniserv{'ssl_version'}, 4,
57 $clist = $miniserv{'ssl_cipher_list'};
58 $cmode = !$clist ? 1 :
59 $clist eq $strong_ssl_ciphers ? 2 : 0;
60 print &ui_table_row($text{'ssl_cipher_list'},
61 &ui_radio("cipher_list_def", $cmode,
62 [ [ 1, $text{'ssl_auto'}."<br>" ],
63 [ 2, $text{'ssl_strong'}."<br>" ],
64 [ 0, $text{'ssl_clist'}." ".
65 &ui_textbox("cipher_list",
66 $cmode == 0 ? $clist : "", 30) ] ]));
68 print &ui_table_row($text{'ssl_extracas'},
69 &ui_textarea("extracas", join("\n",split(/\s+/, $miniserv{'extracas'})),
71 &file_chooser_button("extracas", 0, undef, undef, 1));
73 print &ui_table_end();
74 print &ui_form_end([ [ "", $text{'save'} ] ]);
75 print &ui_tabs_end_tab();
77 # Page showing current cert
78 print &ui_tabs_start_tab("mode", "current");
79 print "$text{'ssl_current'}<p>\n";
80 print &ui_table_start($text{'ssl_cheader'}, undef, 4);
81 $info = &cert_info($miniserv{'certfile'} || $miniserv{'keyfile'});
82 foreach $i ('cn', 'o', 'email', 'issuer_cn', 'issuer_o', 'issuer_email',
85 print &ui_table_row($text{'ca_'.$i}, $info->{$i});
89 "<a href='download_cert.cgi/cert.pem'>".
90 "$text{'ssl_pem'}</a>",
91 "<a href='download_cert.cgi/cert.p12'>".
92 "$text{'ssl_pkcs12'}</a>"
94 print &ui_table_row($text{'ssl_download'}, &ui_links_row(\@clinks));
95 print &ui_table_end();
96 print &ui_tabs_end_tab();
98 # Table listing per-IP SSL certs
99 print &ui_tabs_start_tab("mode", "ips");
100 print "$text{'ssl_ipkeys'}<p>\n";
101 @ipkeys = &get_ipkeys(\%miniserv);
103 print &ui_columns_start([ $text{'ssl_ips'}, $text{'ssl_key'},
104 $text{'ssl_cert'} ]);
105 foreach $k (@ipkeys) {
106 print &ui_columns_row([
107 "<a href='edit_ipkey.cgi?idx=$k->{'index'}'>".
108 join(", ", @{$k->{'ips'}})."</a>",
109 "<tt>$k->{'key'}</tt>",
110 $k->{'cert'} ? "<tt>$k->{'cert'}</tt>"
111 : $text{'ssl_cert_def'},
114 print &ui_columns_end();
117 print "<b>$text{'ssl_ipkeynone'}</b><p>\n";
119 print "<a href='edit_ipkey.cgi?new=1'>$text{'ssl_addipkey'}</a><p>\n";
120 print &ui_tabs_end_tab();
122 # SSL key generation form
123 print &ui_tabs_start_tab("mode", "create");
124 print "$text{'ssl_newkey'}<p>\n";
125 my $curkey = &read_file_contents($miniserv{'keyfile'});
126 my $origkey = &read_file_contents("$root_directory/miniserv.pem");
127 if ($curkey eq $origkey) {
128 # System is using the original (insecure) Webmin key!
129 print "<b>$text{'ssl_hole'}</b><p>\n";
132 print &ui_form_start("newkey.cgi");
133 print &ui_table_start($text{'ssl_header1'}, undef, 2);
135 $host = $ENV{'HTTP_HOST'};
137 print &show_ssl_key_form($host, undef,
138 "Webmin Webserver on ".&get_system_hostname());
140 print &ui_table_row($text{'ssl_newfile'},
141 &ui_textbox("newfile", "$config_directory/miniserv.pem", 40));
143 print &ui_table_row($text{'ssl_usenew'},
144 &ui_yesno_radio("usenew", 1));
146 print &ui_table_end();
147 print &ui_form_end([ [ "", $text{'ssl_create'} ] ]);
148 print &ui_tabs_end_tab();
150 # SSL key upload form
151 print &ui_tabs_start_tab("mode", "upload");
152 print "$text{'ssl_savekey'}<p>\n";
153 print &ui_form_start("savekey.cgi", "form-data");
154 print &ui_table_start($text{'ssl_saveheader'}, undef, 2);
156 print &ui_table_row($text{'ssl_privkey'},
157 &ui_textarea("key", undef, 7, 70)."<br>\n".
158 "<b>$text{'ssl_upload'}</b>\n".
159 &ui_upload("keyfile"));
161 print &ui_table_row($text{'ssl_privcert'},
162 &ui_radio("cert_def", 1,
163 [ [ 1, $text{'ssl_same'} ],
164 [ 0, $text{'ssl_below'} ] ])."<br>\n".
165 &ui_textarea("cert", undef, 7, 70)."<br>\n".
166 "<b>$text{'ssl_upload'}</b>\n".
167 &ui_upload("certfile"));
169 print &ui_table_row($text{'ssl_privchain'},
170 &ui_radio("chain_def", 1,
171 [ [ 1, $miniserv{'extracas'} ? $text{'ssl_leavechain'}
172 : $text{'ssl_nochain'} ],
173 [ 0, $text{'ssl_below'} ] ])."<br>\n".
174 &ui_textarea("chain", undef, 7, 70)."<br>\n".
175 "<b>$text{'ssl_upload'}</b>\n".
176 &ui_upload("chainfile"));
178 print &ui_table_end();
179 print &ui_form_end([ [ "save", $text{'save'} ] ]);
180 print &ui_tabs_end_tab();
182 print &ui_tabs_end(1);
184 &ui_print_footer("", $text{'index_return'});