Skip to content

Commit a417434

Browse files
author
Kristan Kenney
committed
Add Control Panel UI for Per-Domain Mail SSL
1 parent aa483a4 commit a417434

File tree

5 files changed

+325
-9
lines changed

5 files changed

+325
-9
lines changed

web/edit/mail/index.php

Lines changed: 180 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,25 @@
3939
} else {
4040
$v_status = 'active';
4141
}
42+
43+
$v_ssl = $data[$v_domain]['SSL'];
44+
if (!empty($v_ssl)) {
45+
exec (HESTIA_CMD."v-list-mail-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var);
46+
$ssl_str = json_decode(implode('', $output), true);
47+
unset($output);
48+
$v_ssl_crt = $ssl_str[$v_domain]['CRT'];
49+
$v_ssl_key = $ssl_str[$v_domain]['KEY'];
50+
$v_ssl_ca = $ssl_str[$v_domain]['CA'];
51+
$v_ssl_subject = $ssl_str[$v_domain]['SUBJECT'];
52+
$v_ssl_aliases = $ssl_str[$v_domain]['ALIASES'];
53+
$v_ssl_not_before = $ssl_str[$v_domain]['NOT_BEFORE'];
54+
$v_ssl_not_after = $ssl_str[$v_domain]['NOT_AFTER'];
55+
$v_ssl_signature = $ssl_str[$v_domain]['SIGNATURE'];
56+
$v_ssl_pub_key = $ssl_str[$v_domain]['PUB_KEY'];
57+
$v_ssl_issuer = $ssl_str[$v_domain]['ISSUER'];
58+
}
59+
$v_letsencrypt = $data[$v_domain]['LETSENCRYPT'];
60+
if (empty($v_letsencrypt)) $v_letsencrypt = 'no';
4261
}
4362

4463
// List mail account
@@ -164,6 +183,167 @@
164183
check_return_code($return_var,$output);
165184
unset($output);
166185
}
186+
187+
// Change SSL certificate
188+
if (( $v_letsencrypt == 'no' ) && (empty($_POST['v_letsencrypt'])) && ( $v_ssl == 'yes' ) && (!empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
189+
if (( $v_ssl_crt != str_replace("\r\n", "\n", $_POST['v_ssl_crt'])) || ( $v_ssl_key != str_replace("\r\n", "\n", $_POST['v_ssl_key'])) || ( $v_ssl_ca != str_replace("\r\n", "\n", $_POST['v_ssl_ca']))) {
190+
exec ('mktemp -d', $mktemp_output, $return_var);
191+
$tmpdir = $mktemp_output[0];
192+
193+
// Certificate
194+
if (!empty($_POST['v_ssl_crt'])) {
195+
$fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
196+
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt']));
197+
fwrite($fp, "\n");
198+
fclose($fp);
199+
}
200+
201+
// Key
202+
if (!empty($_POST['v_ssl_key'])) {
203+
$fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
204+
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
205+
fwrite($fp, "\n");
206+
fclose($fp);
207+
}
208+
209+
// CA
210+
if (!empty($_POST['v_ssl_ca'])) {
211+
$fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w');
212+
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
213+
fwrite($fp, "\n");
214+
fclose($fp);
215+
}
216+
217+
exec (HESTIA_CMD."v-change-mail-domain-sslcert ".$user." ".$v_domain." ".$tmpdir." 'no'", $output, $return_var);
218+
check_return_code($return_var,$output);
219+
unset($output);
220+
$restart_web = 'yes';
221+
$restart_proxy = 'yes';
222+
223+
exec (HESTIA_CMD."v-list-mail-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var);
224+
$ssl_str = json_decode(implode('', $output), true);
225+
unset($output);
226+
$v_ssl_crt = $ssl_str[$v_domain]['CRT'];
227+
$v_ssl_key = $ssl_str[$v_domain]['KEY'];
228+
$v_ssl_ca = $ssl_str[$v_domain]['CA'];
229+
$v_ssl_subject = $ssl_str[$v_domain]['SUBJECT'];
230+
$v_ssl_aliases = $ssl_str[$v_domain]['ALIASES'];
231+
$v_ssl_not_before = $ssl_str[$v_domain]['NOT_BEFORE'];
232+
$v_ssl_not_after = $ssl_str[$v_domain]['NOT_AFTER'];
233+
$v_ssl_signature = $ssl_str[$v_domain]['SIGNATURE'];
234+
$v_ssl_pub_key = $ssl_str[$v_domain]['PUB_KEY'];
235+
$v_ssl_issuer = $ssl_str[$v_domain]['ISSUER'];
236+
237+
// Cleanup certificate tempfiles
238+
if (!empty($_POST['v_ssl_crt'])) unlink($tmpdir."/".$_POST['v_domain'].".crt");
239+
if (!empty($_POST['v_ssl_key'])) unlink($tmpdir."/".$_POST['v_domain'].".key");
240+
if (!empty($_POST['v_ssl_ca'])) unlink($tmpdir."/".$_POST['v_domain'].".ca");
241+
rmdir($tmpdir);
242+
}
243+
}
244+
245+
// Delete Lets Encrypt support
246+
if (( $v_letsencrypt == 'yes' ) && (empty($_POST['v_letsencrypt'])) && (empty($_SESSION['error_msg']))) {
247+
exec (HESTIA_CMD."v-delete-letsencrypt-mail-domain ".$user." ".$v_domain." 'no'", $output, $return_var);
248+
check_return_code($return_var,$output);
249+
unset($output);
250+
$v_ssl_crt = '';
251+
$v_ssl_key = '';
252+
$v_ssl_ca = '';
253+
$v_letsencrypt = 'no';
254+
$v_letsencrypt_deleted = 'yes';
255+
$v_ssl = 'no';
256+
$restart_mail = 'yes';
257+
}
258+
259+
// Delete SSL certificate
260+
if (( $v_ssl == 'yes' ) && (empty($_POST['v_ssl'])) && (empty($_SESSION['error_msg']))) {
261+
exec (HESTIA_CMD."v-delete-mail-domain-ssl ".$v_username." ".$v_domain." 'no'", $output, $return_var);
262+
check_return_code($return_var,$output);
263+
unset($output);
264+
$v_ssl_crt = '';
265+
$v_ssl_key = '';
266+
$v_ssl_ca = '';
267+
$v_ssl = 'no';
268+
$restart_mail = 'yes';
269+
}
270+
271+
// Add Lets Encrypt support
272+
if ((!empty($_POST['v_ssl'])) && ( $v_letsencrypt == 'no' ) && (!empty($_POST['v_letsencrypt'])) && empty($_SESSION['error_msg'])) {
273+
$l_aliases = 'mail.' . $v_domain;
274+
exec (HESTIA_CMD."v-add-letsencrypt-mail-domain ".$user." ".$v_domain." '".$l_aliases."' 'no'", $output, $return_var);
275+
check_return_code($return_var,$output);
276+
unset($output);
277+
$v_letsencrypt = 'yes';
278+
$v_ssl = 'yes';
279+
$restart_mail = 'yes';
280+
}
281+
282+
// Add SSL certificate
283+
if (( $v_ssl == 'no' ) && (!empty($_POST['v_ssl'])) && (empty($v_letsencrypt_deleted)) && (empty($_SESSION['error_msg']))) {
284+
if (empty($_POST['v_ssl_crt'])) $errors[] = 'ssl certificate';
285+
if (empty($_POST['v_ssl_key'])) $errors[] = 'ssl key';
286+
if (!empty($errors[0])) {
287+
foreach ($errors as $i => $error) {
288+
if ( $i == 0 ) {
289+
$error_msg = $error;
290+
} else {
291+
$error_msg = $error_msg.", ".$error;
292+
}
293+
}
294+
$_SESSION['error_msg'] = __('Field "%s" can not be blank.',$error_msg);
295+
} else {
296+
exec ('mktemp -d', $mktemp_output, $return_var);
297+
$tmpdir = $mktemp_output[0];
298+
299+
// Certificate
300+
if (!empty($_POST['v_ssl_crt'])) {
301+
$fp = fopen($tmpdir."/".$_POST['v_domain'].".crt", 'w');
302+
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_crt']));
303+
fclose($fp);
304+
}
305+
306+
// Key
307+
if (!empty($_POST['v_ssl_key'])) {
308+
$fp = fopen($tmpdir."/".$_POST['v_domain'].".key", 'w');
309+
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_key']));
310+
fclose($fp);
311+
}
312+
313+
// CA
314+
if (!empty($_POST['v_ssl_ca'])) {
315+
$fp = fopen($tmpdir."/".$_POST['v_domain'].".ca", 'w');
316+
fwrite($fp, str_replace("\r\n", "\n", $_POST['v_ssl_ca']));
317+
fclose($fp);
318+
}
319+
exec (HESTIA_CMD."v-add-mail-domain-ssl ".$user." ".$v_domain." ".$tmpdir." 'no'", $output, $return_var);
320+
check_return_code($return_var,$output);
321+
unset($output);
322+
$v_ssl = 'yes';
323+
$restart_web = 'yes';
324+
$restart_proxy = 'yes';
325+
326+
exec (HESTIA_CMD."v-list-mail-domain-ssl ".$user." '".$v_domain."' json", $output, $return_var);
327+
$ssl_str = json_decode(implode('', $output), true);
328+
unset($output);
329+
$v_ssl_crt = $ssl_str[$_POST['v_domain']]['CRT'];
330+
$v_ssl_key = $ssl_str[$_POST['v_domain']]['KEY'];
331+
$v_ssl_ca = $ssl_str[$_POST['v_domain']]['CA'];
332+
$v_ssl_subject = $ssl_str[$_POST['v_domain']]['SUBJECT'];
333+
$v_ssl_aliases = $ssl_str[$_POST['v_domain']]['ALIASES'];
334+
$v_ssl_not_before = $ssl_str[$_POST['v_domain']]['NOT_BEFORE'];
335+
$v_ssl_not_after = $ssl_str[$_POST['v_domain']]['NOT_AFTER'];
336+
$v_ssl_signature = $ssl_str[$_POST['v_domain']]['SIGNATURE'];
337+
$v_ssl_pub_key = $ssl_str[$_POST['v_domain']]['PUB_KEY'];
338+
$v_ssl_issuer = $ssl_str[$_POST['v_domain']]['ISSUER'];
339+
340+
// Cleanup certificate tempfiles
341+
if (!empty($_POST['v_ssl_crt'])) unlink($tmpdir."/".$_POST['v_domain'].".crt");
342+
if (!empty($_POST['v_ssl_key'])) unlink($tmpdir."/".$_POST['v_domain'].".key");
343+
if (!empty($_POST['v_ssl_ca'])) unlink($tmpdir."/".$_POST['v_domain'].".ca");
344+
rmdir($tmpdir);
345+
}
346+
}
167347

168348
// Set success message
169349
if (empty($_SESSION['error_msg'])) {

web/templates/admin/edit_mail.html

Lines changed: 115 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -81,6 +81,121 @@
8181
<label><input type="checkbox" size="20" class="vst-checkbox" name="v_dkim" <?php if ($v_dkim == 'yes') echo "checked=yes"; ?>> <?php print __('DKIM Support');?></label>
8282
</td>
8383
</tr>
84+
<tr>
85+
<td class="vst-text step-top">
86+
<label><input type="checkbox" size="20" class="vst-checkbox" name="v_ssl" <?php if ($v_ssl == 'yes') echo "checked=yes" ?> onclick="javascript:elementHideShow('ssltable');"> <?php print __('SSL Support');?></label>
87+
</td>
88+
</tr>
89+
<tr>
90+
<td class="step-left">
91+
<table style="display:<?php if ($v_ssl == 'no' ) { echo 'none';} else {echo 'block';}?> ;" id="ssltable">
92+
<tr>
93+
<td class="input-label vst-text">
94+
<label><input type="checkbox" size="20" class="vst-checkbox" name="v_letsencrypt" <?php if($v_letsencrypt == 'yes' || $v_letencrypt == 'on') echo "checked=yes" ?> onclick="App.Actions.WEB.toggle_letsencrypt(this)"> <?php print __('Lets Encrypt Support');?></label>
95+
</td>
96+
</tr>
97+
98+
<tr>
99+
<td class="vst-text input-label">
100+
<?php print __('SSL Certificate');?>
101+
<span id="generate-csr"> / <a class="generate" target="_blank" href="/generate/ssl/?domain=<?=$v_domain?>"><?=__('Generate CSR')?></a></span>
102+
</td>
103+
</tr>
104+
<tr>
105+
<td>
106+
<textarea size="20" class="vst-textinput" name="v_ssl_crt"><?=htmlentities(trim($v_ssl_crt, "'"))?></textarea>
107+
</td>
108+
</tr>
109+
<tr>
110+
<td class="vst-text input-label">
111+
<?php print __('SSL Key');?>
112+
</td>
113+
</tr>
114+
<tr>
115+
<td>
116+
<textarea size="20" class="vst-textinput" name="v_ssl_key"><?=htmlentities(trim($v_ssl_key, "'"))?></textarea>
117+
</td>
118+
</tr>
119+
<tr>
120+
<td class="vst-text input-label">
121+
<?php print __('SSL Certificate Authority / Intermediate');?> <span class="optional">(<?php print __('optional');?>)</span>
122+
</td>
123+
</tr>
124+
<tr>
125+
<td>
126+
<textarea size="20" class="vst-textinput" name="v_ssl_ca"><?=htmlentities(trim($v_ssl_ca, "'"))?></textarea>
127+
</td>
128+
</tr>
129+
<?
130+
if ($v_ssl != 'no' ) { ?>
131+
<tr>
132+
<td>
133+
<table class="additional-info">
134+
<tr>
135+
<td>
136+
<?=__('SUBJECT')?>:
137+
</td>
138+
<td class="details">
139+
<?=$v_ssl_subject?>
140+
</td>
141+
</tr>
142+
<? if($v_ssl_aliases){?>
143+
<tr>
144+
<td>
145+
<?=__('ALIASES')?>:
146+
</td>
147+
<td class="details">
148+
<?=$v_ssl_aliases?>
149+
</td>
150+
</tr>
151+
<? } ?>
152+
<tr>
153+
<td>
154+
<?=__('NOT_BEFORE')?>:
155+
</td>
156+
<td class="details">
157+
<?=$v_ssl_not_before?>
158+
</td>
159+
</tr>
160+
<tr>
161+
<td>
162+
<?=__('NOT_AFTER')?>:
163+
</td>
164+
<td class="details">
165+
<?=$v_ssl_not_after?>
166+
</td>
167+
</tr>
168+
<tr>
169+
<td>
170+
<?=__('SIGNATURE')?>:
171+
</td>
172+
<td class="details">
173+
<?=$v_ssl_signature?>
174+
</td>
175+
</tr>
176+
<tr>
177+
<td>
178+
<?=__('PUB_KEY')?>:
179+
</td>
180+
<td class="details">
181+
<?=$v_ssl_pub_key?>
182+
</td>
183+
</tr>
184+
<tr>
185+
<td>
186+
<?=__('ISSUER')?>
187+
</td>
188+
<td class="details">
189+
<?=$v_ssl_issuer?>
190+
</td>
191+
</tr>
192+
</table>
193+
</td>
194+
</tr>
195+
<? } // if ssl is enabled ?>
196+
</table>
197+
</td>
198+
</tr>
84199
</table>
85200
<table class="data-col2">
86201
<tr>

web/templates/admin/edit_mail_acc.html

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -205,7 +205,7 @@
205205
</tr>
206206
<?
207207
list($http_host, $port) = explode(':', $_SERVER["HTTP_HOST"].":");
208-
$webmail = "http://".$http_host."/webmail/";
208+
$webmail = "http://mail.".$http_host."/";
209209
if (!empty($_SESSION['MAIL_URL'])) $webmail = $_SESSION['MAIL_URL'];
210210
?>
211211
<tr>

0 commit comments

Comments
 (0)