--- /dev/null
+#!/usr/local/bin/perl
+# Actually generate the cert
+
+require './ldap-server-lib.pl';
+&local_ldap_server() == 1 || &error($text{'slapd_elocal'});
+&foreign_require("webmin", "webmin-lib.pl");
+&ReadParse();
+&error_setup($text{'gencert_err'});
+$conf = &get_config();
+
+# Work out dest files
+if ($in{'dest_def'}) {
+ $keyfile = &find_value("TLSCertificateKeyFile", $conf);
+ $certfile = &find_value("TLSCertificateFile", $conf);
+ }
+else {
+ # In some dir
+ -d $in{'dest'} || &error($text{'gencert_edest'});
+ $keyfile = $in{'dest'}."/ldap.key";
+ $certfile = $in{'dest'}."/ldap.cert";
+ }
+
+# Do it
+$err = &webmin::parse_ssl_key_form(\%in, $keyfile, $certfile);
+&error($err) if ($err);
+
+# Update config to use them
+&lock_file($config{'config_file'});
+&save_directive($conf, "TLSCertificateFile", $certfile);
+&save_directive($conf, "TLSCertificateKeyFile", $keyfile);
+&flush_file_lines($config{'config_file'});
+&unlock_file($config{'config_file'});
+
+&webmin_log("gencert");
+&redirect("");
+
require './ldap-server-lib.pl';
&local_ldap_server() == 1 || &error($text{'slapd_elocal'});
+&foreign_require("webmin", "webmin-lib.pl");
&ui_print_header(undef, $text{'gencert_title'}, "");
+print $text{'gencert_desc'},"<p>\n";
+print &ui_form_start("gencert.cgi", "post");
+print &ui_table_start($text{'gencert_header'}, undef, 2, [ "width=30%" ]);
+
+# Generic key options
+print &webmin::show_ssl_key_form(
+ &get_display_hostname(), undef,
+ "LDAP server on ".&get_display_hostname());
+
+# Destination files
+$conf = &get_config();
+$cert = &find_value("TLSCertificateFile", $conf);
+if ($cert) {
+ print &ui_table_row($text{'gencert_dest'},
+ &ui_opt_textbox("dest", undef, 40, $text{'gencert_same'},
+ $text{'gencert_dir'}));
+ }
+else {
+ print &ui_table_row($text{'gencert_dest2'},
+ &ui_textbox("dest", &get_config_dir(), 40));
+ }
+
+print &ui_table_end();
+print &ui_form_end([ [ "", $text{'gencert_create'} ] ]);
&ui_print_footer("", $text{'index_return'});
log_apply=Applied configuration
log_slapd=Changed LDAP server configuration
+gencert_title=Generate SSL Certificate
+gencert_header=New SSL certificate details
+gencert_create=Create Certificate
+gencert_desc=This page allows you to generate a new TLS certificate for your LDAP server. Without a certificate running in TLS encrypted mode is not possible.
+gencert_dest=Location for certificate and key files
+gencert_dest2=Directory for certificate and key files
+gencert_same=Current config files
+gencert_dir=Directory
+gencert_err=Failed to generate certificate
+gencert_edest=Destination directory does not exist
# XXX initial setup
# XXX install ldap server
# XXX default configs for various systems (include search max of 100)
-# XXX button to generate SSL cert / key
# XXX LDAP logging in more detail, like we do for SQL
# XXX spam, postfix and ldap-useradmin too
}
}
+sub get_config_dir
+{
+if ($config{'config_file'} =~ /^(\S+)\/([^\/]+)$/) {
+ return $1;
+ }
+return undef;
+}
+
1;