beenull/servnest
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

2 spaces > tab

Browse source
This commit is contained in:
Miraty 2022-04-18 16:05:00 +02:00
parent 5e73c9fea9
commit eb4ce11c9f
43 changed files with 1929 additions and 1929 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
auth/index.php
View file

@ -7,11 +7,11 @@
<a class="authButton" href="password">Changer la clé de passe</a>
<?php } else { ?>
Vous devez être authentifié·e pour utiliser Niver
<br>
<a class="authButton" href="register">Créer un compte</a>
<br>
<a class="authButton" href="login">Se connecter</a>
Vous devez être authentifié·e pour utiliser Niver
<br>
<a class="authButton" href="register">Créer un compte</a>
<br>
<a class="authButton" href="login">Se connecter</a>
<?php } ?>
<?php require "../bottom.inc.php"; ?>

58
auth/login.php
View file

@ -1,15 +1,15 @@
<?php require "../top.inc.php"; ?>
<form method="post">
<label for="username">Identifiant</label><br>
<input required="" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" id="username" name="username" type="text" placeholder="lain">
<br>
<label for="username">Identifiant</label><br>
<input required="" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" id="username" name="username" type="text" placeholder="lain">
<br>
<label for="password">Clé de passe</label><br>
<input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="password" name="password" type="password" placeholder="************************">
<br>
<label for="password">Clé de passe</label><br>
<input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="password" name="password" type="password" placeholder="************************">
<br>
<input type="submit">
<input type="submit">
</form>
Pas de compte ? <a class="authButton" href="register">En créer un</a>
@ -18,34 +18,34 @@ Pas de compte ? <a class="authButton" href="register">En créer un</a>
if (isset($_POST['username']) AND isset($_POST['password'])) {
antiCSRF();
antiCSRF();
if (!checkPasswordFormat($_POST['password']))
exit("Le format du mot de passe n'est pas valide !");
if (!checkPasswordFormat($_POST['password']))
exit("Le format du mot de passe n'est pas valide !");
if (!checkUsernameFormat($_POST['username']))
exit("Le format du nom du compte n'est pas valide !");
if (!checkUsernameFormat($_POST['username']))
exit("Le format du nom du compte n'est pas valide !");
if (checkPassword($_POST['username'], $_POST['password'])) {
if (checkPassword($_POST['username'], $_POST['password'])) {
$_SESSION['username'] = htmlspecialchars($_POST['username']);
$_SESSION['sftp_enabled'] = sftpStatus($_SESSION['username']);
$_SESSION['username'] = htmlspecialchars($_POST['username']);
$_SESSION['sftp_enabled'] = sftpStatus($_SESSION['username']);
if (outdatedPasswordHash($_SESSION['username']))
changePassword($_SESSION['username'], $_POST['password']);
if (outdatedPasswordHash($_SESSION['username']))
changePassword($_SESSION['username'], $_POST['password']);
if (isset($_GET['redir'])) {
if (preg_match("/^[0-9a-z\/-]+$/", $_GET['redir']))
header('Location: ' . PREFIX . "/" . $_GET['redir']);
else
exit("ERROR : Wrong character in redir argument");
} else {
header('Location: ' . PREFIX);
}
exit;
} else {
echo "<br>Connexion impossible : mot de passe invalide";
}
if (isset($_GET['redir'])) {
if (preg_match("/^[0-9a-z\/-]+$/", $_GET['redir']))
header('Location: ' . PREFIX . "/" . $_GET['redir']);
else
exit("ERROR : Wrong character in redir argument");
} else {
header('Location: ' . PREFIX);
}
exit;
} else {
echo "<br>Connexion impossible : mot de passe invalide";
}
}

40
auth/password.php
View file

@ -1,45 +1,45 @@
<?php require "../top.inc.php"; ?>
<p>
Vous pouvez ici changer le mot de passe permettant d'accéder à votre compte Niver.
Vous pouvez ici changer le mot de passe permettant d'accéder à votre compte Niver.
</p>
<form method="post">
<label for="currentPassword">Mot de passe actuel</label><br>
<input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="currentPassword" name="currentPassword" type="password" placeholder="************"><br>
<label for="currentPassword">Mot de passe actuel</label><br>
<input required="" autocomplete="current-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="currentPassword" name="currentPassword" type="password" placeholder="************"><br>
<label for="newPassword">Nouveau mot de passe</label><br>
<input required="" autocomplete="new-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="newPassword" name="newPassword" type="password" placeholder="************"><br>
<label for="newPassword">Nouveau mot de passe</label><br>
<input required="" autocomplete="new-password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" id="newPassword" name="newPassword" type="password" placeholder="************"><br>
<input type="submit">
<input type="submit">
</form>
<?php
if (isset($_SESSION['username']) AND isset($_POST['newPassword']) AND isset($_POST['currentPassword'])) {
antiCSRF();
antiCSRF();
if (checkPassword($_SESSION['username'], $_POST['currentPassword'])) {
if (checkPassword($_SESSION['username'], $_POST['currentPassword'])) {
if (!checkPasswordFormat($_POST['newPassword']))
exit("Erreur : Le format du nouveau mot de passe n'est pas bon !");
if (!checkPasswordFormat($_POST['newPassword']))
exit("Erreur : Le format du nouveau mot de passe n'est pas bon !");
$username = $_SESSION['username'];
$newPassword = password_hash($_POST['newPassword'], PASSWORD_DEFAULT);
$username = $_SESSION['username'];
$newPassword = password_hash($_POST['newPassword'], PASSWORD_DEFAULT);
$db = new PDO('sqlite:' . DB_PATH);
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("UPDATE users SET password = :password WHERE username = :username");
$stmt = $db->prepare("UPDATE users SET password = :password WHERE username = :username");
$stmt->bindParam(':username', $username);
$stmt->bindParam(':password', $newPassword);
$stmt->bindParam(':username', $username);
$stmt->bindParam(':password', $newPassword);
$stmt->execute();
$stmt->execute();
} else {
echo "<br>Le mot de passe actuel n'est pas bon !";
}
} else {
echo "<br>Le mot de passe actuel n'est pas bon !";
}
}

86
auth/register.php
View file

@ -4,68 +4,68 @@
if (isset($_POST['username']) AND isset($_POST['password'])) {
antiCSRF();
antiCSRF();
if (!checkPasswordFormat($_POST['password']))
exit("Le format du mot de passe n'est pas valide !");
if (!checkPasswordFormat($_POST['password']))
exit("Le format du mot de passe n'est pas valide !");
if (!checkUsernameFormat($_POST['username']))
exit("Le format du nom du compte n'est pas valide !");
if (!checkUsernameFormat($_POST['username']))
exit("Le format du nom du compte n'est pas valide !");
$username = $_POST['username'];
$userExist = userExist($username);
if (!$userExist) {
$username = $_POST['username'];
$userExist = userExist($username);
if (!$userExist) {
$password = hashPassword($_POST['password']);
$password = hashPassword($_POST['password']);
$db = new PDO('sqlite:' . DB_PATH);
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO users(username, password, sftp_enabled, registration_date) VALUES(:username, :password, 0, :registration_date)");
$stmt = $db->prepare("INSERT INTO users(username, password, sftp_enabled, registration_date) VALUES(:username, :password, 0, :registration_date)");
$time = date("Y-m-d H:i:s");
$time = date("Y-m-d H:i:s");
$stmt->bindParam(':username', $username);
$stmt->bindParam(':password', $password);
$stmt->bindParam(':registration_date', $time);
$stmt->bindParam(':username', $username);
$stmt->bindParam(':password', $password);
$stmt->bindParam(':registration_date', $time);
$stmt->execute();
$stmt->execute();
$_SESSION['username'] = $username;
$_SESSION['sftp_enabled'] = false;
header('Location: ' . PREFIX . '/');
exit;
}
$_SESSION['username'] = $username;
$_SESSION['sftp_enabled'] = false;
header('Location: ' . PREFIX . '/');
exit;
}
}
?>
<form method="post">
<label for="username">
<details>
<summary>Identifiant</summary>
Uniquement composé de lettres minuscules.
</details>
<input id="username" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" required="" name="username" type="text" placeholder="lain"><span></span><br>
</label>
<?php
if (isset($userExist) AND $userExist == true) {
echo "<br>Cet identifiant est déjà utilisé. Choisissez-en un autre.";
}
?>
<label for="password">
<details>
<summary>Clé de passe</summary>
Une clé de passe sécurisée est trop compliquée à deviner pour une attaque qui testerais automatiquement plein de clés de passe tout en connaissant d'autres informations et secrets sur vous.
<br>
Minimum 8 caractères si elle contient minuscule, majuscule et chiffre, ou minimum 10 caractères sinon.
</details>
<label for="username">
<details>
<summary>Identifiant</summary>
Uniquement composé de lettres minuscules.
</details>
<input id="username" minlength="4" maxlength="32" pattern="<?= USERNAME_REGEX ?>" required="" name="username" type="text" placeholder="lain"><span></span><br>
</label>
<?php
if (isset($userExist) AND $userExist == true) {
echo "<br>Cet identifiant est déjà utilisé. Choisissez-en un autre.";
}
?>
<label for="password">
<details>
<summary>Clé de passe</summary>
Une clé de passe sécurisée est trop compliquée à deviner pour une attaque qui testerais automatiquement plein de clés de passe tout en connaissant d'autres informations et secrets sur vous.
<br>
Minimum 8 caractères si elle contient minuscule, majuscule et chiffre, ou minimum 10 caractères sinon.
</details>
<input autocomplete="new-password" id="password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" required="" name="password" type="password" placeholder="************"><span title="Le format nest pas valide"></span><br>
<input autocomplete="new-password" id="password" minlength="8" maxlength="1024" pattern="<?= PASSWORD_REGEX ?>" required="" name="password" type="password" placeholder="************"><span title="Le format nest pas valide"></span><br>
</label>
</label>
<input type="submit">
<input type="submit">
</form>
Déjà un compte ? <a class="authButton" href="login">Se connecter</a>

26
bottom.inc.php
View file

@ -1,17 +1,17 @@
<?php
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
exit("This file is meant to be included.");
?>
</main>
<footer>
<small>
<?php if (isset($_SESSION['username'])) {
echo "Connecté·e en tant que " . $_SESSION['username'] . "<br><a class='authButton' href='" . PREFIX . "/auth/logout'>Se déconnecter</a>";
} else { ?>
Vous n'êtes pas connecté·e à un compte Niver
<br><a class="authButton" href="<?= PREFIX ?>/auth/login?redir=<?= SERVICE ?>/<?= PAGE ?>">Se connecter</a>
<?php } ?>
</small>
</footer>
</body>
</main>
<footer>
<small>
<?php if (isset($_SESSION['username'])) {
echo "Connecté·e en tant que " . $_SESSION['username'] . "<br><a class='authButton' href='" . PREFIX . "/auth/logout'>Se déconnecter</a>";
} else { ?>
Vous n'êtes pas connecté·e à un compte Niver
<br><a class="authButton" href="<?= PREFIX ?>/auth/login?redir=<?= SERVICE ?>/<?= PAGE ?>">Se connecter</a>
<?php } ?>
</small>
</footer>
</body>
</html>

122
ht/gemini-domain.php
View file

@ -1,87 +1,87 @@
<?php require "../top.inc.php"; ?>
<p>
Ajouter un domaine sur un dossier de site<br>
Le domaine doit pointer vers ces adresses IP :
<br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
<br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
Ajouter un domaine sur un dossier de site<br>
Le domaine doit pointer vers ces adresses IP :
<br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
<br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
</p>
<form method="post">
<label for="domain">Domaine sur lequel répondre</label><br>
<input required="" placeholder="capsule.<?= DOMAIN_EXAMPLE ?>" id="domain" name="domain" type="text"><br>
<label for="dir">Dossier ciblé</label><br>
<select required="" name="dir" id="dir">
<option value="" disabled="" selected="">---</option>
<label for="domain">Domaine sur lequel répondre</label><br>
<input required="" placeholder="capsule.<?= DOMAIN_EXAMPLE ?>" id="domain" name="domain" type="text"><br>
<label for="dir">Dossier ciblé</label><br>
<select required="" name="dir" id="dir">
<option value="" disabled="" selected="">---</option>
<?php
<?php
$fsDirs = listFsDirs($_SESSION['username']);
$dbUsedDirs = listDbDirs($_SESSION['username'], "dns", "gemini");
$i = 0;
$j = 0;
$alreadyEnabledDirs = NULL;
$notYetEnabledDirs = NULL;
if ($fsDirs) {
foreach ($fsDirs as $fsDir) {
if ($dbUsedDirs AND in_array($fsDir, $dbUsedDirs)) {
$alreadyEnabledDirs[$i] = $fsDir;
$i++;
} else {
$notYetEnabledDirs[$j] = $fsDir;
$j++;
}
}
$fsDirs = listFsDirs($_SESSION['username']);
$dbUsedDirs = listDbDirs($_SESSION['username'], "dns", "gemini");
$i = 0;
$j = 0;
$alreadyEnabledDirs = NULL;
$notYetEnabledDirs = NULL;
if ($fsDirs) {
foreach ($fsDirs as $fsDir) {
if ($dbUsedDirs AND in_array($fsDir, $dbUsedDirs)) {
$alreadyEnabledDirs[$i] = $fsDir;
$i++;
} else {
$notYetEnabledDirs[$j] = $fsDir;
$j++;
}
}
if (!is_null($notYetEnabledDirs)) {
foreach ($notYetEnabledDirs as $dir) {
echo "<option value='" . $dir . "'>" . $dir . "</option>";
}
}
if (!is_null($notYetEnabledDirs)) {
foreach ($notYetEnabledDirs as $dir) {
echo "<option value='" . $dir . "'>" . $dir . "</option>";
}
}
if (!is_null($alreadyEnabledDirs)) {
foreach ($alreadyEnabledDirs as $dir) {
echo "<option disabled='' value='" . $dir . "'>" . $dir . "</option>";
}
}
}
?>
</select>
<br>
<input value="Valider" type="submit">
if (!is_null($alreadyEnabledDirs)) {
foreach ($alreadyEnabledDirs as $dir) {
echo "<option disabled='' value='" . $dir . "'>" . $dir . "</option>";
}
}
}
?>
</select>
<br>
<input value="Valider" type="submit">
</form>
<?php
if (isset($_POST['domain']) AND isset($_POST['dir']) AND isset($_SESSION['username'])) {
antiCSRF();
antiCSRF();
checkDomainFormat($_POST['domain']);
checkDomainFormat($_POST['domain']);
if (!in_array($_POST['dir'], $notYetEnabledDirs))
exit("ERROR : Wrong value for dir");
if (!in_array($_POST['dir'], $notYetEnabledDirs))
exit("ERROR : Wrong value for dir");
addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "gemini");
addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "gemini");
// Generate tls keys
exec(SUDO_PATH . " " . MANIVER_PATH . " gemini-new-certificate " . $_POST['domain']);
// Generate tls keys
exec(SUDO_PATH . " " . MANIVER_PATH . " gemini-new-certificate " . $_POST['domain']);
// Add to Twins configuration
$conf = "
" . $_POST['domain'] . ":
cert: " . TWINS_PATH . "/tls/" . $_POST['domain'] . ".crt
key: " . TWINS_PATH . "/tls/" . $_POST['domain'] . ".key
paths:
-
path: /
root: " . HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'];
file_put_contents(TWINS_PATH . "/twins.conf", $conf, FILE_APPEND);
// Add to Twins configuration
$conf = "
" . $_POST['domain'] . ":
cert: " . TWINS_PATH . "/tls/" . $_POST['domain'] . ".crt
key: " . TWINS_PATH . "/tls/" . $_POST['domain'] . ".key
paths:
-
path: /
root: " . HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'];
file_put_contents(TWINS_PATH . "/twins.conf", $conf, FILE_APPEND);
// Reload Twins daemon
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-twins");
// Reload Twins daemon
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-twins");
echo "Accès par domaine ajouté sur ce dossier !";
echo "Accès par domaine ajouté sur ce dossier !";
}
?>

142
ht/gemini-onion.php
View file

@ -1,100 +1,100 @@
<?php require "../top.inc.php"; ?>
<p>
Ajouter un accès en .onion sur un dossier
Ajouter un accès en .onion sur un dossier
</p>
<form method="post">
<label for="dir">Dossier ciblé</label><br>
<select required="" name="dir" id="dir">
<option value="" disabled="" selected="">---</option>
<label for="dir">Dossier ciblé</label><br>
<select required="" name="dir" id="dir">
<option value="" disabled="" selected="">---</option>
<?php
<?php
$fsDirs = listFsDirs($_SESSION['username']);
$dbUsedDirs = listDbDirs($_SESSION['username'], "onion", "gemini");
$i = 0;
$j = 0;
$alreadyEnabledDirs = NULL;
$notYetEnabledDirs = NULL;
if ($fsDirs) {
foreach ($fsDirs as $fsDir) {
if ($dbUsedDirs AND in_array($fsDir, $dbUsedDirs)) {
$alreadyEnabledDirs[$i] = $fsDir;
$i++;
} else {
$notYetEnabledDirs[$j] = $fsDir;
$j++;
}
}
$fsDirs = listFsDirs($_SESSION['username']);
$dbUsedDirs = listDbDirs($_SESSION['username'], "onion", "gemini");
$i = 0;
$j = 0;
$alreadyEnabledDirs = NULL;
$notYetEnabledDirs = NULL;
if ($fsDirs) {
foreach ($fsDirs as $fsDir) {
if ($dbUsedDirs AND in_array($fsDir, $dbUsedDirs)) {
$alreadyEnabledDirs[$i] = $fsDir;
$i++;
} else {
$notYetEnabledDirs[$j] = $fsDir;
$j++;
}
}
if (!is_null($notYetEnabledDirs)) {
foreach ($notYetEnabledDirs as $dir) {
echo "<option value='" . $dir . "'>" . $dir . "</option>";
}
}
if (!is_null($notYetEnabledDirs)) {
foreach ($notYetEnabledDirs as $dir) {
echo "<option value='" . $dir . "'>" . $dir . "</option>";
}
}
if (!is_null($alreadyEnabledDirs)) {
foreach ($alreadyEnabledDirs as $dir) {
echo "<option disabled='' value='" . $dir . "'>" . $dir . "</option>";
}
}
}
?>
</select>
<br>
<input value="Valider" type="submit">
if (!is_null($alreadyEnabledDirs)) {
foreach ($alreadyEnabledDirs as $dir) {
echo "<option disabled='' value='" . $dir . "'>" . $dir . "</option>";
}
}
}
?>
</select>
<br>
<input value="Valider" type="submit">
</form>
<?php
if (isset($_POST['dir']) AND isset($_SESSION['username'])) {
antiCSRF();
antiCSRF();
if (!in_array($_POST['dir'], $notYetEnabledDirs))
exit("ERROR : Wrong value for dir");
if (!in_array($_POST['dir'], $notYetEnabledDirs))
exit("ERROR : Wrong value for dir");
// Generate a .onion address
$torConf = file_get_contents(TOR_CONFIG_PATH);
$torConf = $torConf . "\nHiddenServiceDir " . TOR_KEYS_PATH . "/" . $_POST['dir'] . "/\nHiddenServicePort 1965 [::1]:1965";
file_put_contents(TOR_CONFIG_PATH, $torConf);
// Generate a .onion address
$torConf = file_get_contents(TOR_CONFIG_PATH);
$torConf = $torConf . "\nHiddenServiceDir " . TOR_KEYS_PATH . "/" . $_POST['dir'] . "/\nHiddenServicePort 1965 [::1]:1965";
file_put_contents(TOR_CONFIG_PATH, $torConf);
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-tor", $output);
addNiverLog("Tor reloaded by " . $_SESSION['username'], $output);
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-tor", $output);
addNiverLog("Tor reloaded by " . $_SESSION['username'], $output);
// Copy generated address to a location readable by PHP
exec(SUDO_PATH . " " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
addNiverLog("Tor data exported by " . $_SESSION['username'], $output);
// Copy generated address to a location readable by PHP
exec(SUDO_PATH . " " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
addNiverLog("Tor data exported by " . $_SESSION['username'], $output);
// Wait
sleep(1);
// Wait
sleep(1);
// Get the address generated by Tor
$onion = file_get_contents(HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'] . "/hostname");
$onion = str_replace(array("\r", "\n"), "", $onion);
// Get the address generated by Tor
$onion = file_get_contents(HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'] . "/hostname");
$onion = str_replace(array("\r", "\n"), "", $onion);
// Store it in the database
addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "gemini");
// Store it in the database
addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "gemini");
// Generate tls keys
exec(SUDO_PATH . " " . MANIVER_PATH . " gemini-new-certificate " . $onion);
// Generate tls keys
exec(SUDO_PATH . " " . MANIVER_PATH . " gemini-new-certificate " . $onion);
// Add to Twins configuration
$conf = "
" . $onion . ":
cert: " . TWINS_PATH . "/tls/" . $onion . ".crt
key: " . TWINS_PATH . "/tls/" . $onion . ".key
paths:
-
path: /
root: " . HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'];
file_put_contents(TWINS_PATH . "/twins.conf", $conf, FILE_APPEND);
// Add to Twins configuration
$conf = "
" . $onion . ":
cert: " . TWINS_PATH . "/tls/" . $onion . ".crt
key: " . TWINS_PATH . "/tls/" . $onion . ".key
paths:
-
path: /
root: " . HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'];
file_put_contents(TWINS_PATH . "/twins.conf", $conf, FILE_APPEND);
// Reload Twins daemon
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-twins");
// Reload Twins daemon
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-twins");
// Tell the user their site address
echo "<p>L'adresse de votre capsule Onion Gemini est : <br><a href='gemini://" . $onion . "'<code>gemini://" . $onion . "</code></a></p>";
// Tell the user their site address
echo "<p>L'adresse de votre capsule Onion Gemini est : <br><a href='gemini://" . $onion . "'<code>gemini://" . $onion . "</code></a></p>";
}

132
ht/http-onion.php
View file

@ -1,94 +1,94 @@
<?php require "../top.inc.php"; ?>
<p>
Ajouter un accès en .onion sur un dossier
Ajouter un accès en .onion sur un dossier
</p>
<form method="post">
<label for="dir">Dossier ciblé</label><br>
<select required="" name="dir" id="dir">
<option value="" disabled="" selected="">---</option>
<label for="dir">Dossier ciblé</label><br>
<select required="" name="dir" id="dir">
<option value="" disabled="" selected="">---</option>
<?php
<?php
$fsDirs = listFsDirs($_SESSION['username']);
$dbUsedDirs = listDbDirs($_SESSION['username'], "onion", "http");
$i = 0;
$j = 0;
$alreadyEnabledDirs = NULL;
$notYetEnabledDirs = NULL;
if ($fsDirs) {
foreach ($fsDirs as $fsDir) {
if ($dbUsedDirs AND in_array($fsDir, $dbUsedDirs)) {
$alreadyEnabledDirs[$i] = $fsDir;
$i++;
} else {
$notYetEnabledDirs[$j] = $fsDir;
$j++;
}
}
$fsDirs = listFsDirs($_SESSION['username']);
$dbUsedDirs = listDbDirs($_SESSION['username'], "onion", "http");
$i = 0;
$j = 0;
$alreadyEnabledDirs = NULL;
$notYetEnabledDirs = NULL;
if ($fsDirs) {
foreach ($fsDirs as $fsDir) {
if ($dbUsedDirs AND in_array($fsDir, $dbUsedDirs)) {
$alreadyEnabledDirs[$i] = $fsDir;
$i++;
} else {
$notYetEnabledDirs[$j] = $fsDir;
$j++;
}
}
if (!is_null($notYetEnabledDirs)) {
foreach ($notYetEnabledDirs as $dir) {
echo "<option value='" . $dir . "'>" . $dir . "</option>";
}
}
if (!is_null($notYetEnabledDirs)) {
foreach ($notYetEnabledDirs as $dir) {
echo "<option value='" . $dir . "'>" . $dir . "</option>";
}
}
if (!is_null($alreadyEnabledDirs)) {
foreach ($alreadyEnabledDirs as $dir) {
echo "<option disabled='' value='" . $dir . "'>" . $dir . "</option>";
}
}
}
?>
</select>
<br>
<input value="Valider" type="submit">
if (!is_null($alreadyEnabledDirs)) {
foreach ($alreadyEnabledDirs as $dir) {
echo "<option disabled='' value='" . $dir . "'>" . $dir . "</option>";
}
}
}
?>
</select>
<br>
<input value="Valider" type="submit">
</form>
<?php
if (isset($_POST['dir']) AND isset($_SESSION['username'])) {
antiCSRF();
antiCSRF();
if (!in_array($_POST['dir'], $notYetEnabledDirs))
exit("ERROR : Wrong value for dir");
if (!in_array($_POST['dir'], $notYetEnabledDirs))
exit("ERROR : Wrong value for dir");
// Generate a .onion address
$torConf = file_get_contents(TOR_CONFIG_PATH);
$torConf = $torConf . "\nHiddenServiceDir " . TOR_KEYS_PATH . "/" . $_POST['dir'] . "/\nHiddenServicePort 80 [::1]:80";
file_put_contents(TOR_CONFIG_PATH, $torConf);
// Generate a .onion address
$torConf = file_get_contents(TOR_CONFIG_PATH);
$torConf = $torConf . "\nHiddenServiceDir " . TOR_KEYS_PATH . "/" . $_POST['dir'] . "/\nHiddenServicePort 80 [::1]:80";
file_put_contents(TOR_CONFIG_PATH, $torConf);
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-tor", $output);
addNiverLog("Tor reloaded by " . $_SESSION['username'], $output);
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-tor", $output);
addNiverLog("Tor reloaded by " . $_SESSION['username'], $output);
// Copy generated address to a location readable by PHP
exec(SUDO_PATH . " " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
addNiverLog("Tor data exported by " . $_SESSION['username'], $output);
// Copy generated address to a location readable by PHP
exec(SUDO_PATH . " " . MANIVER_PATH . " export-tor " . $_SESSION['username'] . " " . $_POST['dir'], $output);
addNiverLog("Tor data exported by " . $_SESSION['username'], $output);
// Wait
sleep(1);
// Wait
sleep(1);
// Get the address generated by Tor
$onion = file_get_contents(HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'] . "/hostname");
$onion = str_replace(array("\r", "\n"), "", $onion);
// Get the address generated by Tor
$onion = file_get_contents(HT_PATH . "/" . $_SESSION['username'] . "/ht/" . $_POST['dir'] . "/hostname");
$onion = str_replace(array("\r", "\n"), "", $onion);
// Store it in the database
addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "http");
// Store it in the database
addSite($_SESSION['username'], $_POST['dir'], $onion, "onion", "http");
// Add it to Nginx
$nginxConf = file_get_contents(NIVER_TEMPLATE_PATH . "/nginx/onion.template");
$nginxConf = preg_replace("#DOMAIN#", $onion, $nginxConf);
$nginxConf = preg_replace("#DIR#", $_POST['dir'], $nginxConf);
$nginxConf = preg_replace("#USER#", $_SESSION['username'], $nginxConf);
file_put_contents(NGINX_CONFIG_PATH . "/" . $_POST['dir'] . ".conf", $nginxConf);
// Add it to Nginx
$nginxConf = file_get_contents(NIVER_TEMPLATE_PATH . "/nginx/onion.template");
$nginxConf = preg_replace("#DOMAIN#", $onion, $nginxConf);
$nginxConf = preg_replace("#DIR#", $_POST['dir'], $nginxConf);
$nginxConf = preg_replace("#USER#", $_SESSION['username'], $nginxConf);
file_put_contents(NGINX_CONFIG_PATH . "/" . $_POST['dir'] . ".conf", $nginxConf);
// Reload Nginx
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-nginx", $output);
addNiverLog("Nginx reloaded by " . $_SESSION['username'], $output);
// Reload Nginx
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-nginx", $output);
addNiverLog("Nginx reloaded by " . $_SESSION['username'], $output);
// Tell the user their site address
echo "<p>L'adresse de votre site Onion HTTP est :<br><a href='http://" . $onion . "'<code>http://" . $onion . "</code></a></p>";
// Tell the user their site address
echo "<p>L'adresse de votre site Onion HTTP est :<br><a href='http://" . $onion . "'<code>http://" . $onion . "</code></a></p>";
}

108
ht/https-domain.php
View file

@ -1,80 +1,80 @@
<?php require "../top.inc.php"; ?>
<p>
Ajouter un domaine sur un dossier de site<br>
Le domaine doit pointer vers ces adresses IP :
<br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
<br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
Ajouter un domaine sur un dossier de site<br>
Le domaine doit pointer vers ces adresses IP :
<br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
<br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
</p>
<form method="post">
<label for="domain">Domaine sur lequel répondre</label><br>
<input required="" placeholder="site.<?= DOMAIN_EXAMPLE ?>" id="domain" name="domain" type="text"><br>
<label for="dir">Dossier ciblé</label><br>
<select required="" name="dir" id="dir">
<option value="" disabled="" selected="">---</option>
<label for="domain">Domaine sur lequel répondre</label><br>
<input required="" placeholder="site.<?= DOMAIN_EXAMPLE ?>" id="domain" name="domain" type="text"><br>
<label for="dir">Dossier ciblé</label><br>
<select required="" name="dir" id="dir">
<option value="" disabled="" selected="">---</option>
<?php
<?php
$fsDirs = listFsDirs($_SESSION['username']);
$dbUsedDirs = listDbDirs($_SESSION['username'], "dns", "http");
$i = 0;
$j = 0;
$alreadyEnabledDirs = NULL;
$notYetEnabledDirs = NULL;
if ($fsDirs) {
foreach ($fsDirs as $fsDir) {
if ($dbUsedDirs AND in_array($fsDir, $dbUsedDirs)) {
$alreadyEnabledDirs[$i] = $fsDir;
$i++;
} else {
$notYetEnabledDirs[$j] = $fsDir;
$j++;
}
}
$fsDirs = listFsDirs($_SESSION['username']);
$dbUsedDirs = listDbDirs($_SESSION['username'], "dns", "http");
$i = 0;
$j = 0;
$alreadyEnabledDirs = NULL;
$notYetEnabledDirs = NULL;
if ($fsDirs) {
foreach ($fsDirs as $fsDir) {
if ($dbUsedDirs AND in_array($fsDir, $dbUsedDirs)) {
$alreadyEnabledDirs[$i] = $fsDir;
$i++;
} else {
$notYetEnabledDirs[$j] = $fsDir;
$j++;
}
}
if (!is_null($notYetEnabledDirs)) {
foreach ($notYetEnabledDirs as $dir) {
echo "<option value='" . $dir . "'>" . $dir . "</option>";
}
}
if (!is_null($notYetEnabledDirs)) {
foreach ($notYetEnabledDirs as $dir) {
echo "<option value='" . $dir . "'>" . $dir . "</option>";
}
}
if (!is_null($alreadyEnabledDirs)) {
foreach ($alreadyEnabledDirs as $dir) {
echo "<option disabled='' value='" . $dir . "'>" . $dir . "</option>";
}
}
}
if (!is_null($alreadyEnabledDirs)) {
foreach ($alreadyEnabledDirs as $dir) {
echo "<option disabled='' value='" . $dir . "'>" . $dir . "</option>";
}
}
}
?>
</select>
<br>
<input value="Valider" type="submit">
?>
</select>
<br>
<input value="Valider" type="submit">
</form>
<?php
if (isset($_POST['domain']) AND isset($_POST['dir']) AND isset($_SESSION['username'])) {
antiCSRF();
antiCSRF();
checkDomainFormat($_POST['domain']);
checkDomainFormat($_POST['domain']);
if (!in_array($_POST['dir'], $notYetEnabledDirs))
exit("ERROR : Wrong value for dir");
if (!in_array($_POST['dir'], $notYetEnabledDirs))
exit("ERROR : Wrong value for dir");
addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");
addSite($_SESSION['username'], $_POST['dir'], $_POST['domain'], "dns", "http");
$conf = file_get_contents(NIVER_TEMPLATE_PATH . "/nginx/dns.template");
$conf = preg_replace("#DOMAIN#", $_POST['domain'], $conf);
$conf = preg_replace("#DIR#", $_POST['dir'], $conf);
$conf = preg_replace("#USER#", $_SESSION['username'], $conf);
file_put_contents(NGINX_CONFIG_PATH . "/" . $_POST['domain'] . ".conf", $conf);
$conf = file_get_contents(NIVER_TEMPLATE_PATH . "/nginx/dns.template");
$conf = preg_replace("#DOMAIN#", $_POST['domain'], $conf);
$conf = preg_replace("#DIR#", $_POST['dir'], $conf);
$conf = preg_replace("#USER#", $_SESSION['username'], $conf);
file_put_contents(NGINX_CONFIG_PATH . "/" . $_POST['domain'] . ".conf", $conf);
// Reload Nginx
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-nginx");
// Reload Nginx
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-nginx");
echo "Accès HTTP par domaine ajouté sur ce dossier !";
echo "Accès HTTP par domaine ajouté sur ce dossier !";
}
?>

48
ht/index.php
View file

@ -1,30 +1,30 @@
<?php require "../top.inc.php"; ?>
<dl>
<dt><a class="htButton" href="sftp">Gérer l'accès SFTP</a></dt>
<dd>
Accéder à son espace SFTP, pour publier et mettre à jour ses sites
</dd>
<dt><a class="htButton" href="http-onion">Accès HTTP en Onion</a></dt>
<dd>
Un site HTML, accessible par Tor, avec une adresse en .onion
</dd>
<dt><a class="htButton" href="https-domain">Accès HTTPS par DNS</a></dt>
<dd>
Un site HTML, accessible directement, par un nom de domaine
</dd>
<dt><a class="htButton" href="gemini-onion">Accès Gemini en Onion</a></dt>
<dd>
Une capsule Gemini, accessible par Tor, avec une adresse en .onion
</dd>
<dt><a class="htButton" href="gemini-domain">Accès Gemini par DNS</a></dt>
<dd>
Une capsule Gemini, accessible directement, par un nom de domaine
</dd>
<dt><a class="htButton" href="le">Let's Encrypt</a></dt>
<dd>
Installer un certificat Let's Encrypt sur un domaine
</dd>
<dt><a class="htButton" href="sftp">Gérer l'accès SFTP</a></dt>
<dd>
Accéder à son espace SFTP, pour publier et mettre à jour ses sites
</dd>
<dt><a class="htButton" href="http-onion">Accès HTTP en Onion</a></dt>
<dd>
Un site HTML, accessible par Tor, avec une adresse en .onion
</dd>
<dt><a class="htButton" href="https-domain">Accès HTTPS par DNS</a></dt>
<dd>
Un site HTML, accessible directement, par un nom de domaine
</dd>
<dt><a class="htButton" href="gemini-onion">Accès Gemini en Onion</a></dt>
<dd>
Une capsule Gemini, accessible par Tor, avec une adresse en .onion
</dd>
<dt><a class="htButton" href="gemini-domain">Accès Gemini par DNS</a></dt>
<dd>
Une capsule Gemini, accessible directement, par un nom de domaine
</dd>
<dt><a class="htButton" href="le">Let's Encrypt</a></dt>
<dd>
Installer un certificat Let's Encrypt sur un domaine
</dd>
</dl>
<?php require "../bottom.inc.php"; ?>

64
ht/le.php
View file

@ -1,53 +1,53 @@
<?php require "../top.inc.php"; ?>
<p>
Installer un certificat Let's Encrypt
Installer un certificat Let's Encrypt
</p>
<form method="post">
<label for="domain">Domaine ciblé</label><br>
<select required="" name="domain">
<option value="" disabled="" selected="">---</option>
<?php
$sites = selectSites($_SESSION['username'], "dns", "http", false);
$leAvailable = selectSites($_SESSION['username'], "dns", "http", true);
foreach ($sites as $site) { ?>
<option value="<?= $site['domain'] ?>"><?= $site['domain'] . " (/ht/" . $site['siteDir'] . ")" ?></option>
<?php } ?>
</select>
<br>
<input value="Valider" type="submit">
<label for="domain">Domaine ciblé</label><br>
<select required="" name="domain">
<option value="" disabled="" selected="">---</option>
<?php
$sites = selectSites($_SESSION['username'], "dns", "http", false);
$leAvailable = selectSites($_SESSION['username'], "dns", "http", true);
foreach ($sites as $site) { ?>
<option value="<?= $site['domain'] ?>"><?= $site['domain'] . " (/ht/" . $site['siteDir'] . ")" ?></option>
<?php } ?>
</select>
<br>
<input value="Valider" type="submit">
</form>
<?php
if (isset($_POST['domain']) AND isset($_SESSION['username'])) {
antiCSRF();
antiCSRF();
// Use maniver to use Certbot
exec(SUDO_PATH . " " . MANIVER_PATH . " le-install " . $_POST['domain'], $output, $returnCode);
// Use maniver to use Certbot
exec(SUDO_PATH . " " . MANIVER_PATH . " le-install " . $_POST['domain'], $output, $returnCode);
// Log Certbot response
addNiverLog($_SESSION['username'] . " installed a Let's Encrypt certificate on their site", $output, $returnCode);
// Log Certbot response
addNiverLog($_SESSION['username'] . " installed a Let's Encrypt certificate on their site", $output, $returnCode);
// Abort if Certbot failed
if ($returnCode !== 0)
exit("Let's Encrypt certificate obtention failed. Try again later, or contact an administrator.");
// Abort if Certbot failed
if ($returnCode !== 0)
exit("Let's Encrypt certificate obtention failed. Try again later, or contact an administrator.");
// Replace self-signed certificate by Let's Encrypt certificate in Nginx configuration
$conf = file_get_contents(NGINX_CONFIG_PATH . "/" . $_POST['domain'] . ".conf");
$conf = preg_replace("#/etc/ssl/certs/niver\.crt#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/fullchain.pem", $conf);
$conf = preg_replace("#/etc/ssl/private/niver\.key#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/privkey.pem", $conf);
file_put_contents(NGINX_CONFIG_PATH . "/" . $_POST['domain'] . ".conf", $conf);
// Replace self-signed certificate by Let's Encrypt certificate in Nginx configuration
$conf = file_get_contents(NGINX_CONFIG_PATH . "/" . $_POST['domain'] . ".conf");
$conf = preg_replace("#/etc/ssl/certs/niver\.crt#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/fullchain.pem", $conf);
$conf = preg_replace("#/etc/ssl/private/niver\.key#", "/etc/letsencrypt/live/" . $_POST['domain'] . "/privkey.pem", $conf);
file_put_contents(NGINX_CONFIG_PATH . "/" . $_POST['domain'] . ".conf", $conf);
// Reload Nginx
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-nginx", $output, $returnCode);
// Reload Nginx
exec(SUDO_PATH . " " . MANIVER_PATH . " reload-nginx", $output, $returnCode);
// Abort if Maniver failed to reload Nginx
if ($returnCode !== 0)
exit("Nginx configuration reload failed. Try again later, or contact an administrator.");
// Abort if Maniver failed to reload Nginx
if ($returnCode !== 0)
exit("Nginx configuration reload failed. Try again later, or contact an administrator.");
echo "Succès : La connexion avec votre site utilise désomais un certificat TLS émis par Let's Encrypt.";
echo "Succès : La connexion avec votre site utilise désomais un certificat TLS émis par Let's Encrypt.";
}
?>

262
ht/sftp.php
View file

@ -3,166 +3,166 @@
<?php
if ($_SESSION['sftp_enabled'] == false) { ?>
<p>
Pour que vous puissiez mettre en ligne votre site via <abbr title="SSH File Transfert Protocol">SFTP</abbr>, veuillez définir un mot de passe.
<br>Il sera loggué en clair dans le système et il ne pourra pas être modifié.
Pour que vous puissiez mettre en ligne votre site via <abbr title="SSH File Transfert Protocol">SFTP</abbr>, veuillez définir un mot de passe.
<br>Il sera loggué en clair dans le système et il ne pourra pas être modifié.
</p>
<form method="post">
<label for="password">Créer le mot de passe</label><br>
<input required="" placeholder="**********" pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])[a-zA-Z0-9]{8,}|.{10,1024}$" id="password" name="password" type="password"><br>
<label for="password">Créer le mot de passe</label><br>
<input required="" placeholder="**********" pattern="^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])[a-zA-Z0-9]{8,}|.{10,1024}$" id="password" name="password" type="password"><br>
<input value="Activer" type="submit">
<input value="Activer" type="submit">
</form>
<?php
if (isset($_SESSION['username']) AND isset($_POST['password'])) {
if (isset($_SESSION['username']) AND isset($_POST['password'])) {
antiCSRF();
antiCSRF();
// Setup SFTP access
exec(SUDO_PATH . " " . MANIVER_PATH . " setup-user " . $_SESSION['username'] . " " . $_POST['password'], $output);
addNiverLog($_SESSION['username'] . " enabled SFTP on their account", $output);
enableSftp($_SESSION['username']);
$_SESSION['sftp_enabled'] = true;
header('Location: ' . PREFIX . '/' . SERVICE . '/' . PAGE . '', true, 302);
exit();
}
// Setup SFTP access
exec(SUDO_PATH . " " . MANIVER_PATH . " setup-user " . $_SESSION['username'] . " " . $_POST['password'], $output);
addNiverLog($_SESSION['username'] . " enabled SFTP on their account", $output);
enableSftp($_SESSION['username']);
$_SESSION['sftp_enabled'] = true;
header('Location: ' . PREFIX . '/' . SERVICE . '/' . PAGE . '', true, 302);
exit();
}
} else if ($_SESSION['sftp_enabled'] == true) { ?>
Vous avez désormais accès à un espace <abbr title="SSH File Transfert Protocol">SFTP</abbr>. Vous pouvez téléverser vos sites dans <code>/ht/&lt;nom du site&gt;/*</code>.
<br>
<section>
<h2>Quota</h2>
L'espace est limité au total à 10Kio de stockage et 10 fichiers/dossiers.
</section>
<section>
<h2>Clients SFTP</h2>
<strong>Dolphin</strong> et <strong>GNOME Fichiers</strong> (<em>Nautilus</em>) sont disponibles sur la plupart des distributions GNU et sont installés par défaut respectivement sur les environnements de bureau KDE et GNOME. <a href="https://filezilla-project.org/"><strong>FileZilla</strong></a> est disponible aussi pour les autres systèmes d'exploitation de bureau.
<br>
C'est aussi possible d'utiliser le client <code>sftp</code> en ligne de commande.
</section>
<section>
<h2>Informations de connexion</h2>
Vous avez désormais accès à un espace <abbr title="SSH File Transfert Protocol">SFTP</abbr>. Vous pouvez téléverser vos sites dans <code>/ht/&lt;nom du site&gt;/*</code>.
<br>
<section>
<h2>Quota</h2>
L'espace est limité au total à 10Kio de stockage et 10 fichiers/dossiers.
</section>
<section>
<h2>Clients SFTP</h2>
<strong>Dolphin</strong> et <strong>GNOME Fichiers</strong> (<em>Nautilus</em>) sont disponibles sur la plupart des distributions GNU et sont installés par défaut respectivement sur les environnements de bureau KDE et GNOME. <a href="https://filezilla-project.org/"><strong>FileZilla</strong></a> est disponible aussi pour les autres systèmes d'exploitation de bureau.
<br>
C'est aussi possible d'utiliser le client <code>sftp</code> en ligne de commande.
</section>
<section>
<h2>Informations de connexion</h2>
<div>
<a href="sftp://<?= $_SESSION['username'] ?>@sftp.niver.4.niv.re/">sftp://<?= $_SESSION['username'] ?>@sftp.niver.4.niv.re/</a>
</div>
<div>
<a href="sftp://<?= $_SESSION['username'] ?>@sftp.niver.4.niv.re/">sftp://<?= $_SESSION['username'] ?>@sftp.niver.4.niv.re/</a>
</div>
Indiquez les données ci-dessous à votre client <abbr title="SSH File Transfert Protocol">SFTP</abbr> pour y accéder.
Indiquez les données ci-dessous à votre client <abbr title="SSH File Transfert Protocol">SFTP</abbr> pour y accéder.
<dl>
<dt>Utilisataire</dt>
<dd>
<code><?= $_SESSION['username'] ?></code>
</dd>
<dl>
<dt>Utilisataire</dt>
<dd>
<code><?= $_SESSION['username'] ?></code>
</dd>
<dt>Clé de passe</dt>
<dd>
celle que vous avez définit lors de l'activation de l'accès <abbr title="SSH File Transfert Protocol">SFTP</abbr>
</dd>
<dt>Clé de passe</dt>
<dd>
celle que vous avez définit lors de l'activation de l'accès <abbr title="SSH File Transfert Protocol">SFTP</abbr>
</dd>
<dt>Serveur</dt>
<dd>
<code>sftp.niver.4.niv.re</code>
</dd>
<dt>Serveur</dt>
<dd>
<code>sftp.niver.4.niv.re</code>
</dd>
<dt>Port</dt>
<dd>
<code>22</code> (par défaut)
</dd>
<dt>Port</dt>
<dd>
<code>22</code> (par défaut)
</dd>
<dt>Dossier</dt>
<dd>
<code>/</code>
</dd>
</dl>
<dt>Dossier</dt>
<dd>
<code>/</code>
</dd>
</dl>
</section>
</section>
<section>
<h2>Vérifier la connexion</h2>
<section>
<h3>Ed25519</h3>
<ul>
<li>
<code class="breakable">
SHA256:k5gzcFr5BbOhNUgS6Nbyy15dXPpw6pmTo8OLZ5mLRmA
</code>
</li>
<li>
<code class="breakable">
AAAAC3NzaC1lZDI1NTE5AAAAIF3RT3r6bYGw88TQ190PIZz1UUVV3Xt5SLOo39G+ShjR
</code>
</li>
<li>
<details>
<summary>Image ASCII</summary>
<samp>
<pre>
<section>
<h2>Vérifier la connexion</h2>
<section>
<h3>Ed25519</h3>
<ul>
<li>
<code class="breakable">
SHA256:k5gzcFr5BbOhNUgS6Nbyy15dXPpw6pmTo8OLZ5mLRmA
</code>
</li>
<li>
<code class="breakable">
AAAAC3NzaC1lZDI1NTE5AAAAIF3RT3r6bYGw88TQ190PIZz1UUVV3Xt5SLOo39G+ShjR
</code>
</li>
<li>
<details>
<summary>Image ASCII</summary>
<samp>
<pre>
+--[ED25519 256]--+
| .oo..* |
| . ..+ * |
| . .. = . . . |
| + E= + + o |
| . +..= S = . |
| . .+ o = |
| . o...o... |
| o..oB.+o |
| ...oo+=+o |
| .oo..* |
| . ..+ * |
| . .. = . . . |
| + E= + + o |
| . +..= S = . |
| . .+ o = |
| . o...o... |
| o..oB.+o |
| ...oo+=+o |
+----[SHA256]-----+
</pre>
</samp>
</details>
</li>
</ul>
</section>
<section>
<h3>RSA 3072 bits</h3>
<ul>
<li>
<code class="breakable">
SHA256:yu9PGTGpeCyjaDDG0RiInsMIa1w6t2c6Gv6oemzeFN4
</code>
</li>
<li>
<details>
<summary>Clé publique</summary>
<code class="breakable">
AAAAB3NzaC1yc2EAAAADAQABAAABgQC5Zj5nghhFpdFsyxS6LZd+cYejGR82kow2UsnoRtQ20SU6ro36f4HnFkRcJyY4uPeTyUECX9uBircpKsizfkdfzJf3sTtjrAwghVVdH8EXsK1UjWTt4rRaav3F+g86DEcx7mqMva6zpnoxONjzA+Inm3SD89VuvSl1ZmZBBEEsqsIifNPYVPG1LQg62OEY1gpe89w92CXeEM7rGarp04ux76ORxN93BwnH27q9yjyBensZ/AjL6OmTtDHD8wWG0G6E3gqsyVUiELysyvwW4z3bfSOLRTwtwFaHe7WRjf9iy53h+ZcYZeA+Xe1eTffj0JGtNX2Fh6DWgso1yOeVV0Nziw4wI3Cpr2iO1x4oxeT8qwgklYMuJTAlNaahLXmENtmeq7BkaDKVZb/IW+uLj517c7WnOEUtr1xUcw4yuXXFVRBspmHzkwEvHsix/ZNmofkqo7ZZv5MIoRW1ad6peb8ApkxZ8UNVGcxmJgZmOrW1GBlCpyJdwwSMrLfQH5Zw8dk=
</code>
</details>
</li>
<li>
<details>
<summary>Image ASCII</summary>
<samp>
<pre>
</pre>
</samp>
</details>
</li>
</ul>
</section>
<section>
<h3>RSA 3072 bits</h3>
<ul>
<li>
<code class="breakable">
SHA256:yu9PGTGpeCyjaDDG0RiInsMIa1w6t2c6Gv6oemzeFN4
</code>
</li>
<li>
<details>
<summary>Clé publique</summary>
<code class="breakable">
AAAAB3NzaC1yc2EAAAADAQABAAABgQC5Zj5nghhFpdFsyxS6LZd+cYejGR82kow2UsnoRtQ20SU6ro36f4HnFkRcJyY4uPeTyUECX9uBircpKsizfkdfzJf3sTtjrAwghVVdH8EXsK1UjWTt4rRaav3F+g86DEcx7mqMva6zpnoxONjzA+Inm3SD89VuvSl1ZmZBBEEsqsIifNPYVPG1LQg62OEY1gpe89w92CXeEM7rGarp04ux76ORxN93BwnH27q9yjyBensZ/AjL6OmTtDHD8wWG0G6E3gqsyVUiELysyvwW4z3bfSOLRTwtwFaHe7WRjf9iy53h+ZcYZeA+Xe1eTffj0JGtNX2Fh6DWgso1yOeVV0Nziw4wI3Cpr2iO1x4oxeT8qwgklYMuJTAlNaahLXmENtmeq7BkaDKVZb/IW+uLj517c7WnOEUtr1xUcw4yuXXFVRBspmHzkwEvHsix/ZNmofkqo7ZZv5MIoRW1ad6peb8ApkxZ8UNVGcxmJgZmOrW1GBlCpyJdwwSMrLfQH5Zw8dk=
</code>
</details>
</li>
<li>
<details>
<summary>Image ASCII</summary>
<samp>
<pre>
+---[RSA 3072]----+
|o. |
|+ +. . |
|*++. + |
|+X.. o . o |
|+o+ o + S . |
|.o + B = o |
| oo B E o |
|..*= . . |
|=B+.o .o.. |
|o. |
|+ +. . |
|*++. + |
|+X.. o . o |
|+o+ o + S . |
|.o + B = o |
| oo B E o |
|..*= . . |
|=B+.o .o.. |
+----[SHA256]-----+
</pre>
</samp>
</details>
</li>
</ul>
</section>
N'acceptez la connexion que si votre client vous montre l'une de ces signatures !
</section>
<br>
</pre>
</samp>
</details>
</li>
</ul>
</section>
N'acceptez la connexion que si votre client vous montre l'une de ces signatures !
</section>
<br>
<?php
} else {
exit("Wrong value for sftp_enabled");
exit("Wrong value for sftp_enabled");
}
?>

62
inc/all.inc.php
View file

@ -1,49 +1,49 @@
<?php
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
exit("This file is meant to be included.");
function addNiverLog($message, $outputLines, $returnCode = false) {
$logs = "\n" . date("Y-m-d H:i:s") . " " . $message . "\n";
if ($returnCode !== false)
$logs = $logs . "Return code: " . $returnCode . "\n";
else
$logs = $logs . "No return code logged\n";
foreach ($outputLines as $outputLine) {
$logs = $logs . " " . $outputLine . "\n";
}
file_put_contents(ROOT_PATH . "/niver.log", $logs, FILE_APPEND);
$logs = "\n" . date("Y-m-d H:i:s") . " " . $message . "\n";
if ($returnCode !== false)
$logs = $logs . "Return code: " . $returnCode . "\n";
else
$logs = $logs . "No return code logged\n";
foreach ($outputLines as $outputLine) {
$logs = $logs . " " . $outputLine . "\n";
}
file_put_contents(ROOT_PATH . "/niver.log", $logs, FILE_APPEND);
}
function appendLog($log) {
file_put_contents(ROOT_PATH . "/niver.log", date("Y-m-d H:i:s") . var_dump($log) . "\n", FILE_APPEND);
file_put_contents(ROOT_PATH . "/niver.log", date("Y-m-d H:i:s") . var_dump($log) . "\n", FILE_APPEND);
}
function checkAction($action) {
if ($action === "delete")
return "un";
else if ($action === "add")
return "";
else
exit("ERROR: wrong value for action");
if ($action === "delete")
return "un";
else if ($action === "add")
return "";
else
exit("ERROR: wrong value for action");
}
function userExist($username) {
$usernameArray[0] = $username;
$usernameArray[0] = $username;
$db = new PDO('sqlite:' . DB_PATH);
$db = new PDO('sqlite:' . DB_PATH);
$op = $db->prepare('SELECT username FROM users WHERE username = ?');
$op->execute($usernameArray);
$op = $db->prepare('SELECT username FROM users WHERE username = ?');
$op->execute($usernameArray);
$data = $op->fetch();
if (isset($data['username']))
$dbUsername = $data['username'];
else
$dbUsername = NULL;
$data = $op->fetch();
if (isset($data['username']))
$dbUsername = $data['username'];
else
$dbUsername = NULL;
if (isset($dbUsername)) {
return true;
} else {
return false;
}
if (isset($dbUsername)) {
return true;
} else {
return false;
}
}

52
inc/auth.inc.php
View file

@ -1,59 +1,59 @@
<?php
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
exit("This file is meant to be included.");
function hashPassword($password) {
return password_hash($password, ALGO_PASSWORD, OPTIONS_PASSWORD);
return password_hash($password, ALGO_PASSWORD, OPTIONS_PASSWORD);
}
function checkPassword($username, $password) {
$username2[0] = $username;
$username2[0] = $username;
$db = new PDO('sqlite:' . DB_PATH);
$db = new PDO('sqlite:' . DB_PATH);
$op = $db->prepare('SELECT username, password FROM users WHERE username = ?');
$op->execute($username2);
$op = $db->prepare('SELECT username, password FROM users WHERE username = ?');
$op->execute($username2);
$dbPassword = $op->fetch()['password'];
$dbPassword = $op->fetch()['password'];
return password_verify($password, $dbPassword);
return password_verify($password, $dbPassword);
}
function outdatedPasswordHash($username) {
$username2[0] = $username;
$username2[0] = $username;
$db = new PDO('sqlite:' . DB_PATH);
$db = new PDO('sqlite:' . DB_PATH);
$op = $db->prepare('SELECT username, password FROM users WHERE username = ?');
$op->execute($username2);
$op = $db->prepare('SELECT username, password FROM users WHERE username = ?');
$op->execute($username2);
$dbPassword = $op->fetch()['password'];
$dbPassword = $op->fetch()['password'];
return password_needs_rehash($dbPassword, ALGO_PASSWORD, OPTIONS_PASSWORD);
return password_needs_rehash($dbPassword, ALGO_PASSWORD, OPTIONS_PASSWORD);
}
function changePassword($username, $password) {
$password = hashPassword($password);
$password = hashPassword($password);
$db = new PDO('sqlite:' . DB_PATH);
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("UPDATE users SET password = :password WHERE username = :username");
$stmt = $db->prepare("UPDATE users SET password = :password WHERE username = :username");
$stmt->bindParam(':username', $username);
$stmt->bindParam(':password', $password);
$stmt->bindParam(':username', $username);
$stmt->bindParam(':password', $password);
$stmt->execute();
$stmt->execute();
}
function antiCSRF() {
if (!isset($_SERVER['HTTP_SEC_FETCH_SITE']) AND !isset($_SERVER['HTTP_ORIGIN']))
exit("ERROR: Browser sent neither Sec-Fetch-Site nor Origin HTTP headers, so anti-CSRF verification can't be done.");
if (!isset($_SERVER['HTTP_SEC_FETCH_SITE']) AND !isset($_SERVER['HTTP_ORIGIN']))
exit("ERROR: Browser sent neither Sec-Fetch-Site nor Origin HTTP headers, so anti-CSRF verification can't be done.");
if (isset($_SERVER['HTTP_ORIGIN']) AND $_SERVER['HTTP_ORIGIN'] !== ORIGIN)
exit("ERROR: Anti-CSRF verification failed");
if (isset($_SERVER['HTTP_ORIGIN']) AND $_SERVER['HTTP_ORIGIN'] !== ORIGIN)
exit("ERROR: Anti-CSRF verification failed");
if (isset($_SERVER['HTTP_SEC_FETCH_SITE']) AND $_SERVER['HTTP_SEC_FETCH_SITE'] !== "same-origin")
exit("ERROR: Anti-CSRF verification failed");
if (isset($_SERVER['HTTP_SEC_FETCH_SITE']) AND $_SERVER['HTTP_SEC_FETCH_SITE'] !== "same-origin")
exit("ERROR: Anti-CSRF verification failed");
}

34
inc/const.inc.php
View file

@ -1,6 +1,6 @@
<?php
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
exit("This file is meant to be included.");
// --- Constants definitions ---
@ -46,30 +46,30 @@ define("SUBDOMAIN_REGEX", "^[a-z]{4,63}$");
// Password storage security
define("ALGO_PASSWORD", PASSWORD_ARGON2ID);
define("OPTIONS_PASSWORD", array(
"memory_cost" => 65536,
"time_cost" => 24,
"threads" => 64,
"memory_cost" => 65536,
"time_cost" => 24,
"threads" => 64,
));
// Color scheme
define("THEME", array(
// Displayed on light theme
'darkRegColor' => "#D100D1",
'darkNsColor' => "#006DFF",
'darkHtColor' => "#008768",
'darkAuthColor' => "#EE0000",
// Displayed on light theme
'darkRegColor' => "#D100D1",
'darkNsColor' => "#006DFF",
'darkHtColor' => "#008768",
'darkAuthColor' => "#EE0000",
// Displayed on dark theme
'lightRegColor' => "#FF50FF",
'lightNsColor' => "#00FFFF",
'lightHtColor' => "#FFFF00",
'lightAuthColor' => "#00FF00",
// Displayed on dark theme
'lightRegColor' => "#FF50FF",
'lightNsColor' => "#00FFFF",
'lightHtColor' => "#FFFF00",
'lightAuthColor' => "#00FF00",
'lightColor' => '#FFFFFF',
'darkColor' => '#000000',
'lightColor' => '#FFFFFF',
'darkColor' => '#000000',
));
// Public suffixes
define("SUFFIXES", array(
REGISTRY,
REGISTRY,
));

94
inc/form/form.ns.inc.php
View file

@ -1,59 +1,59 @@
<label for="action">Action</label>
<select name="action" id="action">
<option value="add">Ajouter</option>
<option value="delete">Retirer</option>
<option value="add">Ajouter</option>
<option value="delete">Retirer</option>
</select>
<br>
<fieldset>
<legend>Domaine</legend>
<div>
<label for="subdomain">Sous-domaine</label>
<br>
<input id="subdomain" size="16" placeholder="www" pattern="^(([a-z0-9_-]{1,63}\.?){1,127})|(@){1}$" name="subdomain" type="text">
</div>
<div>
<label for="zone">Zone</label>
<br>
<select required="" name="zone" id="zone">
<option value="" disabled="" selected="">-</option>
<legend>Domaine</legend>
<div>
<label for="subdomain">Sous-domaine</label>
<br>
<input id="subdomain" size="16" placeholder="www" pattern="^(([a-z0-9_-]{1,63}\.?){1,127})|(@){1}$" name="subdomain" type="text">
</div>
<div>
<label for="zone">Zone</label>
<br>
<select required="" name="zone" id="zone">
<option value="" disabled="" selected="">-</option>
<?php
$zones = nsListUserZones($_SESSION['username']);
<?php
$zones = nsListUserZones($_SESSION['username']);
if (!empty($zones)) {
foreach ($zones as $zone)
echo "<option value='" . $zone . "'>" . $zone . "</option>";
}
?>
</select>
</div>
if (!empty($zones)) {
foreach ($zones as $zone)
echo "<option value='" . $zone . "'>" . $zone . "</option>";
}
?>
</select>
</div>
</fieldset>
<fieldset>
<legend><abbr title="Time To Live">TTL</abbr></legend>
<div>
<label for="ttl-value">Valeur</label>
<br>
<input required="" id="ttl-value" list="ttls" name="ttl-value" size="6" type="number" min="1" max="432000" value="10800" placeholder="10800">
<datalist id="ttls">
<option value="900">
<option value="1800">
<option value="3600">
<option value="10800">
<option value="21600">
<option value="86400">
<option value="432000">
</datalist>
</div>
<div>
<label for="ttl-multiplier">Unité</label>
<br>
<select required="" name="ttl-multiplier" id="ttl-multiplier">
<option value="1">seconde</option>
<option value="60">minute</option>
<option value="3600">heure</option>
<option value="86400">jour</option>
</select>
</div>
<legend><abbr title="Time To Live">TTL</abbr></legend>
<div>
<label for="ttl-value">Valeur</label>
<br>
<input required="" id="ttl-value" list="ttls" name="ttl-value" size="6" type="number" min="1" max="432000" value="10800" placeholder="10800">
<datalist id="ttls">
<option value="900">
<option value="1800">
<option value="3600">
<option value="10800">
<option value="21600">
<option value="86400">
<option value="432000">
</datalist>
</div>
<div>
<label for="ttl-multiplier">Unité</label>
<br>
<select required="" name="ttl-multiplier" id="ttl-multiplier">
<option value="1">seconde</option>
<option value="60">minute</option>
<option value="3600">heure</option>
<option value="86400">jour</option>
</select>
</div>
</fieldset>

30
inc/format.inc.php
View file

@ -1,32 +1,32 @@
<?php
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
exit("This file is meant to be included.");
function checkIpFormat($ip) {
if (!filter_var($ip, FILTER_VALIDATE_IP))
exit("ERROR: wrong IP address");
if (!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE))
exit("ERROR: IP address is on the private range");
if (!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE))
exit("ERROR: IP address is on the reserved range");
if (!filter_var($ip, FILTER_VALIDATE_IP))
exit("ERROR: wrong IP address");
if (!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE))
exit("ERROR: IP address is on the private range");
if (!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_RES_RANGE))
exit("ERROR: IP address is on the reserved range");
}
function checkAbsoluteDomainFormat($domain) {
// If the domain must end with a dot
if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match("/^([a-z0-9_-]{1,63}\.){2,127}$/", $domain))
exit("ERROR: wrong domain");
// If the domain must end with a dot
if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match("/^([a-z0-9_-]{1,63}\.){2,127}$/", $domain))
exit("ERROR: wrong domain");
}
function checkDomainFormat($domain) {
// If the domain must end without a dot
if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match("/^([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$/", $domain))
exit("ERROR: wrong domain");
// If the domain must end without a dot
if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match("/^([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$/", $domain))
exit("ERROR: wrong domain");
}
function checkPasswordFormat($password) {
return preg_match("/" . PASSWORD_REGEX . "/", $password);
return preg_match("/" . PASSWORD_REGEX . "/", $password);
}
function checkUsernameFormat($username) {
return preg_match("/" . USERNAME_REGEX . "/", $username);
return preg_match("/" . USERNAME_REGEX . "/", $username);
}

176
inc/ht.inc.php
View file

@ -1,126 +1,126 @@
<?php
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
exit("This file is meant to be included.");
function listFsDirs($username) {
exec(LS_PATH . " --format=single-column -d " . HT_PATH . "/" . $username . "/ht/*/", $absoluteDirs);
$relativeDirs = false;
foreach ($absoluteDirs as $i => $absoluteDir) {
$tree = explode("/", $absoluteDir); // The last key is NULL
end($tree);
$relativeDirs[$i] = prev($tree); // The name of the site dir is the before last key
}
return $relativeDirs;
exec(LS_PATH . " --format=single-column -d " . HT_PATH . "/" . $username . "/ht/*/", $absoluteDirs);
$relativeDirs = false;
foreach ($absoluteDirs as $i => $absoluteDir) {
$tree = explode("/", $absoluteDir); // The last key is NULL
end($tree);
$relativeDirs[$i] = prev($tree); // The name of the site dir is the before last key
}
return $relativeDirs;
}
function addSite($username, $siteDir, $domain, $domainType, $protocol) {
$db = new PDO('sqlite:' . DB_PATH);
$db = new PDO('sqlite:' . DB_PATH);
$op = $db->prepare("INSERT INTO sites(username, site_dir, domain, domain_type, protocol, creation_date, le_enabled) VALUES(:username, :site_dir, :domain, :domain_type, :protocol, :creation_date, :le_enabled)");
$op = $db->prepare("INSERT INTO sites(username, site_dir, domain, domain_type, protocol, creation_date, le_enabled) VALUES(:username, :site_dir, :domain, :domain_type, :protocol, :creation_date, :le_enabled)");
$time = date("Y-m-d H:i:s");
if ($domainType === "dns" AND $protocol === "http")
$le_enabled = 0;
else
$le_enabled = NULL;
$time = date("Y-m-d H:i:s");
if ($domainType === "dns" AND $protocol === "http")
$le_enabled = 0;
else
$le_enabled = NULL;
$op->bindParam(':username', $username);
$op->bindParam(':site_dir', $siteDir);
$op->bindParam(':domain', $domain);
$op->bindParam(':domain_type', $domainType);
$op->bindParam(':protocol', $protocol);
$op->bindParam(':creation_date', $time);
$op->bindParam(':le_enabled', $le_enabled);
$op->bindParam(':username', $username);
$op->bindParam(':site_dir', $siteDir);
$op->bindParam(':domain', $domain);
$op->bindParam(':domain_type', $domainType);
$op->bindParam(':protocol', $protocol);
$op->bindParam(':creation_date', $time);
$op->bindParam(':le_enabled', $le_enabled);
$op->execute();
$op->execute();
}
function listDbDirs($username, $domainType, $protocol) {
$db = new PDO('sqlite:' . DB_PATH);
$usernameArray[0] = $username;
$db = new PDO('sqlite:' . DB_PATH);
$usernameArray[0] = $username;
$op = $db->prepare('SELECT site_dir FROM sites WHERE username = :username AND domain_type = :domain_type AND protocol = :protocol');
$op->bindParam(':username', $username);
$op->bindParam(':domain_type', $domainType);
$op->bindParam(':protocol', $protocol);
$op->execute();
$op = $db->prepare('SELECT site_dir FROM sites WHERE username = :username AND domain_type = :domain_type AND protocol = :protocol');
$op->bindParam(':username', $username);
$op->bindParam(':domain_type', $domainType);
$op->bindParam(':protocol', $protocol);
$op->execute();
$i = 0;
$data = $op->fetch();
if (isset($data['site_dir']))
$siteDir = $data['site_dir'];
else
$siteDir = NULL;
$i = 0;
$data = $op->fetch();
if (isset($data['site_dir']))
$siteDir = $data['site_dir'];
else
$siteDir = NULL;
while ($siteDir != NULL) {
$siteDirs[$i] = $siteDir;
$i++;
$data = $op->fetch();
if (isset($data['site_dir']))
$siteDir = $data['site_dir'];
else
$siteDir = NULL;
}
if (isset($siteDirs))
return $siteDirs;
else
return false;
while ($siteDir != NULL) {
$siteDirs[$i] = $siteDir;
$i++;
$data = $op->fetch();
if (isset($data['site_dir']))
$siteDir = $data['site_dir'];
else
$siteDir = NULL;
}
if (isset($siteDirs))
return $siteDirs;
else
return false;
}
function sftpStatus($username) {
$db = new PDO('sqlite:' . DB_PATH);
$usernameArr[0] = $username;
$db = new PDO('sqlite:' . DB_PATH);
$usernameArr[0] = $username;
$op = $db->prepare('SELECT sftp_enabled FROM users WHERE username = ?');
$op->execute($usernameArr);
$op = $db->prepare('SELECT sftp_enabled FROM users WHERE username = ?');
$op->execute($usernameArr);
$status = $op->fetch()['sftp_enabled'];
$status = $op->fetch()['sftp_enabled'];
if ($status == "0") {
return false;
} else if ($status == "1") {
return true;
} else {
exit("Wrong value for sftp_enabled");
}
if ($status == "0") {
return false;
} else if ($status == "1") {
return true;
} else {
exit("Wrong value for sftp_enabled");
}
}
function enableSftp($username) {
$db = new PDO('sqlite:' . DB_PATH);
$db = new PDO('sqlite:' . DB_PATH);
$op = $db->prepare("UPDATE users SET sftp_enabled = 1 WHERE username = :username");
$op = $db->prepare("UPDATE users SET sftp_enabled = 1 WHERE username = :username");
$op->bindParam(':username', $username);
$op->bindParam(':username', $username);
$op->execute();
$op->execute();
}
function selectSites($username, $domainType, $protocol, $onlyLeAvailable) {
$db = new PDO('sqlite:' . DB_PATH);
$usernameArray[0] = $username;
$db = new PDO('sqlite:' . DB_PATH);
$usernameArray[0] = $username;
$query = "SELECT site_dir,domain FROM sites WHERE username = :username AND domain_type = :domain_type AND protocol = :protocol";
$query = "SELECT site_dir,domain FROM sites WHERE username = :username AND domain_type = :domain_type AND protocol = :protocol";
if ($onlyLeAvailable === true)
$query = $query . " AND le_enabled = 0";
if ($onlyLeAvailable === true)
$query = $query . " AND le_enabled = 0";
$op = $db->prepare($query);
$op->bindParam(':username', $username);
$op->bindParam(':domain_type', $domainType);
$op->bindParam(':protocol', $protocol);
$op->execute();
$op = $db->prepare($query);
$op->bindParam(':username', $username);
$op->bindParam(':domain_type', $domainType);
$op->bindParam(':protocol', $protocol);
$op->execute();
$i = 0;
$entry = $op->fetch();
while (isset($entry['site_dir'])) {
$result[$i]["siteDir"] = $entry['site_dir'];
$result[$i]["domain"] = $entry['domain'];
$i++;
$entry = $op->fetch();
}
$i = 0;
$entry = $op->fetch();
while (isset($entry['site_dir'])) {
$result[$i]["siteDir"] = $entry['site_dir'];
$result[$i]["domain"] = $entry['domain'];
$i++;
$entry = $op->fetch();
}
if (isset($result))
return $result;
else
return false;
if (isset($result))
return $result;
else
return false;
}

108
inc/ns.inc.php
View file

@ -1,83 +1,83 @@
<?php
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
exit("This file is meant to be included.");
function nsCommonRequirements() {
if (isset($_POST['action'])
AND isset($_POST['zone'])
AND isset($_POST['ttl-value'])
AND isset($_POST['ttl-multiplier'])
AND isset($_SESSION['username'])
) {
antiCSRF();
return true;
}
if (isset($_POST['action'])
AND isset($_POST['zone'])
AND isset($_POST['ttl-value'])
AND isset($_POST['ttl-multiplier'])
AND isset($_SESSION['username'])
) {
antiCSRF();
return true;
}
}
function nsParseCommonRequirements() {
$values['action'] = checkAction($_POST['action']);
$values['action'] = checkAction($_POST['action']);
nsCheckZonePossession($_POST['zone']);
nsCheckZonePossession($_POST['zone']);
if (($_POST['subdomain'] === "") OR ($_POST['subdomain'] === "@"))
$values['domain'] = $_POST['zone'];
else
$values['domain'] = $_POST['subdomain'] . "." . $_POST['zone'];
checkAbsoluteDomainFormat($values['domain']);
if (($_POST['subdomain'] === "") OR ($_POST['subdomain'] === "@"))
$values['domain'] = $_POST['zone'];
else
$values['domain'] = $_POST['subdomain'] . "." . $_POST['zone'];
checkAbsoluteDomainFormat($values['domain']);
$values['ttl'] = $_POST['ttl-value'] * $_POST['ttl-multiplier'];
$values['ttl'] = $_POST['ttl-value'] * $_POST['ttl-multiplier'];
if (!($values['ttl'] >= 300 AND $values['ttl'] <= 432000))
exit("Erreur : le TTL doit être compris entre 5 minutes et 5 jours (entre 300 et 432000 secondes)");
if (!($values['ttl'] >= 300 AND $values['ttl'] <= 432000))
exit("Erreur : le TTL doit être compris entre 5 minutes et 5 jours (entre 300 et 432000 secondes)");
return $values;
return $values;
}
function nsListUserZones($username) {
$db = new PDO('sqlite:' . DB_PATH);
$usernameArray[0] = $username;
$db = new PDO('sqlite:' . DB_PATH);
$usernameArray[0] = $username;
$op = $db->prepare('SELECT zone FROM zones WHERE username = ?');
$op->execute($usernameArray);
$op = $db->prepare('SELECT zone FROM zones WHERE username = ?');
$op->execute($usernameArray);
$data = $op->fetch();
if (isset($data['zone']))
$zone = $data['zone'];
else
$zone = NULL;
$data = $op->fetch();
if (isset($data['zone']))
$zone = $data['zone'];
else
$zone = NULL;
$i = 0;
$zones = NULL;
$i = 0;
$zones = NULL;
while ($zone != NULL) {
$zones[$i] = $zone;
$i++;
$data = $op->fetch();
if (isset($data['zone']))
$zone = $data['zone'];
else
$zone = NULL;
}
while ($zone != NULL) {
$zones[$i] = $zone;
$i++;
$data = $op->fetch();
if (isset($data['zone']))
$zone = $data['zone'];
else
$zone = NULL;
}
return $zones;
return $zones;
}
function nsCheckZonePossession($submittedZone) {
checkAbsoluteDomainFormat($submittedZone);
checkAbsoluteDomainFormat($submittedZone);
$db = new PDO('sqlite:' . DB_PATH);
$username[0] = $_SESSION['username'];
$db = new PDO('sqlite:' . DB_PATH);
$username[0] = $_SESSION['username'];
$op = $db->prepare('SELECT zone FROM zones WHERE username = ?');
$op->execute($username);
$op = $db->prepare('SELECT zone FROM zones WHERE username = ?');
$op->execute($username);
$dbZone = $op->fetch()['zone'];
$dbZone = $op->fetch()['zone'];
while ($dbZone != NULL) {
if ($dbZone === $submittedZone) return;
$dbZone = $op->fetch()['zone'];
}
while ($dbZone != NULL) {
if ($dbZone === $submittedZone) return;
$dbZone = $op->fetch()['zone'];
}
// If there is no entry in the database for the user matching the submitted zone
exit("ERROR: You don't own this zone on the nameserver");
// If there is no entry in the database for the user matching the submitted zone
exit("ERROR: You don't own this zone on the nameserver");
}

216
inc/pages.inc.php
View file

@ -1,117 +1,117 @@
<?php
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
exit("This file is meant to be included.");
switch (SERVICE) {
case "ns":
$page['service'] = "Serveurs de noms";
switch (PAGE) {
case "index":
$page['title'] = $page['service'];
break;
case "dnssec":
$page['title'] = "Obtenir les enregistrements DS";
break;
case "ip":
$page['title'] = "Enregistrements A et AAAA";
break;
case "ns":
$page['title'] = "Enregistrement NS";
break;
case "txt":
$page['title'] = "Enregistrement TXT";
break;
case "caa":
$page['title'] = "Enregistrement CAA";
break;
case "srv":
$page['title'] = "Enregistrement SRV";
break;
case "mx":
$page['title'] = "Enregistrement MX";
break;
case "sshfp":
$page['title'] = "Enregistrement SSHFP";
break;
case "tlsa":
$page['title'] = "Enregistrement TLSA";
break;
case "zone":
$page['title'] = "Gérer ses zones";
break;
}
break;
case "ns":
$page['service'] = "Serveurs de noms";
switch (PAGE) {
case "index":
$page['title'] = $page['service'];
break;
case "dnssec":
$page['title'] = "Obtenir les enregistrements DS";
break;
case "ip":
$page['title'] = "Enregistrements A et AAAA";
break;
case "ns":
$page['title'] = "Enregistrement NS";
break;
case "txt":
$page['title'] = "Enregistrement TXT";
break;
case "caa":
$page['title'] = "Enregistrement CAA";
break;
case "srv":
$page['title'] = "Enregistrement SRV";
break;
case "mx":
$page['title'] = "Enregistrement MX";
break;
case "sshfp":
$page['title'] = "Enregistrement SSHFP";
break;
case "tlsa":
$page['title'] = "Enregistrement TLSA";
break;
case "zone":
$page['title'] = "Gérer ses zones";
break;
}
break;
case "reg":
$page['service'] = "Registre";
switch (PAGE) {
case "index":
$page['title'] = $page['service'];
break;
case "ns":
$page['title'] = "Ajouter un enregistrement NS";
break;
case "register":
$page['title'] = "Enregistrer un nouveau domaine";
break;
case "glue":
$page['title'] = "Créer un Glue Record";
break;
case "ds":
$page['title'] = "Ajouter un enregistrement DS";
break;
}
break;
case "reg":
$page['service'] = "Registre";
switch (PAGE) {
case "index":
$page['title'] = $page['service'];
break;
case "ns":
$page['title'] = "Ajouter un enregistrement NS";
break;
case "register":
$page['title'] = "Enregistrer un nouveau domaine";
break;
case "glue":
$page['title'] = "Créer un Glue Record";
break;
case "ds":
$page['title'] = "Ajouter un enregistrement DS";
break;
}
break;
case "auth":
$page['service'] = "Authentification";
switch (PAGE) {
case "index":
$page['title'] = $page['service'];
break;
case "login":
$page['title'] = "Se connecter";
break;
case "register":
$page['title'] = "Créer un compte";
break;
case "password":
$page['title'] = "Changer la clé de passe";
break;
case "logout":
$page['title'] = "Déconnexion";
break;
}
break;
case "auth":
$page['service'] = "Authentification";
switch (PAGE) {
case "index":
$page['title'] = $page['service'];
break;
case "login":
$page['title'] = "Se connecter";
break;
case "register":
$page['title'] = "Créer un compte";
break;
case "password":
$page['title'] = "Changer la clé de passe";
break;
case "logout":
$page['title'] = "Déconnexion";
break;
}
break;
case "ht":
$page['service'] = "Hypertexte";
switch (PAGE) {
case "mkdir":
$page['title'] = "Créer un dossier de site";
break;
case "gemini-onion":
$page['title'] = "Accès Gemini en Onion";
break;
case "gemini-domain":
$page['title'] = "Accès Gemini par domaine";
break;
case "http-onion":
$page['title'] = "Accès HTTP en Onion";
break;
case "https-domain":
$page['title'] = "Accès HTTPS par domaine";
break;
case "le":
$page['title'] = "Installer un certificat Let's Encrypt";
break;
case "index":
$page['title'] = $page['service'];
break;
case "sftp":
$page['title'] = "Gérer l'accès SFTP";
break;
}
break;
case "ht":
$page['service'] = "Hypertexte";
switch (PAGE) {
case "mkdir":
$page['title'] = "Créer un dossier de site";
break;
case "gemini-onion":
$page['title'] = "Accès Gemini en Onion";
break;
case "gemini-domain":
$page['title'] = "Accès Gemini par domaine";
break;
case "http-onion":
$page['title'] = "Accès HTTP en Onion";
break;
case "https-domain":
$page['title'] = "Accès HTTPS par domaine";
break;
case "le":
$page['title'] = "Installer un certificat Let's Encrypt";
break;
case "index":
$page['title'] = $page['service'];
break;
case "sftp":
$page['title'] = "Gérer l'accès SFTP";
break;
}
break;
}

94
inc/reg.inc.php
View file

@ -1,78 +1,78 @@
<?php
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
exit("This file is meant to be included.");
function regGetUpperDomain($domain) {
// Remove anything before the first dot and the first dot itself
return preg_replace("/^[^.]+\./", "", $domain);
// Remove anything before the first dot and the first dot itself
return preg_replace("/^[^.]+\./", "", $domain);
}
function regListUserDomains($username) {
$db = new PDO('sqlite:' . DB_PATH);
$usernameArray[0] = $username;
$db = new PDO('sqlite:' . DB_PATH);
$usernameArray[0] = $username;
$op = $db->prepare('SELECT domain FROM registry WHERE username = ?');
$op->execute($usernameArray);
$op = $db->prepare('SELECT domain FROM registry WHERE username = ?');
$op->execute($usernameArray);
$domains = false;
$i = 0;
$data = $op->fetch();
$domain = $data['domain'];
$domains = false;
$i = 0;
$data = $op->fetch();
$domain = $data['domain'];
while ($domain != NULL) {
$domains[$i] = $domain;
while ($domain != NULL) {
$domains[$i] = $domain;
$data = $op->fetch();
if (isset($data['domain']))
$domain = $data['domain'];
else
$domain = NULL;
$data = $op->fetch();
if (isset($data['domain']))
$domain = $data['domain'];
else
$domain = NULL;
$i++;
}
$i++;
}
return $domains;
return $domains;
}
function regCheckDomainPossession($domain) {
checkAbsoluteDomainFormat($domain);
checkAbsoluteDomainFormat($domain);
$db = new PDO('sqlite:' . DB_PATH);
$username[0] = $_SESSION['username'];
$db = new PDO('sqlite:' . DB_PATH);
$username[0] = $_SESSION['username'];
$op = $db->prepare('SELECT domain FROM registry WHERE username = ?');
$op->execute($username);
$op = $db->prepare('SELECT domain FROM registry WHERE username = ?');
$op->execute($username);
$dbDomain = $op->fetch()['domain'];
$dbDomain = $op->fetch()['domain'];
$owned = false;
while ($dbDomain != NULL) {
if ($dbDomain === $domain) {
$owned = true;
break;
}
$dbDomain = $op->fetch()['domain'];
}
$owned = false;
while ($dbDomain != NULL) {
if ($dbDomain === $domain) {
$owned = true;
break;
}
$dbDomain = $op->fetch()['domain'];
}
if (!($owned === true))
exit("Erreur : Vous ne possédez pas ce domaine sur le registre !");
if (!($owned === true))
exit("Erreur : Vous ne possédez pas ce domaine sur le registre !");
}
function regIsFree($domain) {
$domainArray[0] = $domain;
$domainArray[0] = $domain;
$db = new PDO('sqlite:' . DB_PATH);
$db = new PDO('sqlite:' . DB_PATH);
$req = $db->prepare('SELECT domain FROM registry WHERE domain = ?');
$req->execute($domainArray);
$req = $db->prepare('SELECT domain FROM registry WHERE domain = ?');
$req->execute($domainArray);
$data = $req->fetch();
$data = $req->fetch();
if (isset($data['domain'])) {
return false;
} else {
return true;
}
if (isset($data['domain'])) {
return false;
} else {
return true;
}
}

32
index.php
View file

@ -1,22 +1,22 @@
<?php require "top.inc.php"; ?>
<dl>
<dt><a class="regButton" href="reg/">Registre <code><?= REGISTRY ?></code></a></dt>
<dd>
Demander l'attribution d'un sous-domaine de <code><?= REGISTRY ?></code>
</dd>
<dt><a class="nsButton" href="ns/">Serveurs de noms</a></dt>
<dd>
Utiliser le serveur de noms de Niver pour héberger ses zones
</dd>
<dt><a class="htButton" href="ht/">Hypertexte</a></dt>
<dd>
Mettre en ligne son site statique sur un espace <abbr title="SSH File Transfert Protocol">SFTP</abbr>, et le faire répondre en <abbr title="HyperText Transfert Protocol">HTTP</abbr> ou Gemini par le DNS ou Tor
</dd>
<dt><a class="authButton" href="auth/">Authentification</a></dt>
<dd>
Gérer son compte Niver
</dd>
<dt><a class="regButton" href="reg/">Registre <code><?= REGISTRY ?></code></a></dt>
<dd>
Demander l'attribution d'un sous-domaine de <code><?= REGISTRY ?></code>
</dd>
<dt><a class="nsButton" href="ns/">Serveurs de noms</a></dt>
<dd>
Utiliser le serveur de noms de Niver pour héberger ses zones
</dd>
<dt><a class="htButton" href="ht/">Hypertexte</a></dt>
<dd>
Mettre en ligne son site statique sur un espace <abbr title="SSH File Transfert Protocol">SFTP</abbr>, et le faire répondre en <abbr title="HyperText Transfert Protocol">HTTP</abbr> ou Gemini par le DNS ou Tor
</dd>
<dt><a class="authButton" href="auth/">Authentification</a></dt>
<dd>
Gérer son compte Niver
</dd>
</dl>
<?php require "bottom.inc.php"; ?>

264
less/buttons.less
View file

@ -1,160 +1,160 @@
.button {
font-size: 35px;
font-weight: 600;
border-width: 4px;
border-style: solid;
text-decoration: none;
border-radius: 20px;
padding: 14px 18px 16px 18px;
margin: 10px;
margin-left: 0px;
display: inline-block;
font-size: 35px;
font-weight: 600;
border-width: 4px;
border-style: solid;
text-decoration: none;
border-radius: 20px;
padding: 14px 18px 16px 18px;
margin: 10px;
margin-left: 0px;
display: inline-block;
}
.htButton {
.button();
.button();
@media @light {
border-color: @darkHtColor;
color: @darkHtColor;
&:hover, &:focus {
background-color: @darkHtColor;
&::selection {
color: @darkHtColor;
}
}
&::selection {
background-color: @darkHtColor;
}
}
@media @light {
border-color: @darkHtColor;
color: @darkHtColor;
&:hover, &:focus {
background-color: @darkHtColor;
&::selection {
color: @darkHtColor;
}
}
&::selection {
background-color: @darkHtColor;
}
}
@media @dark {
border-color: @lightHtColor;
color: @lightHtColor;
&:hover, &:focus {
background-color: @lightHtColor;
&::selection {
color: @lightHtColor;
}
}
&::selection {
background-color: @lightHtColor;
}
}
@media @dark {
border-color: @lightHtColor;
color: @lightHtColor;
&:hover, &:focus {
background-color: @lightHtColor;
&::selection {
color: @lightHtColor;
}
}
&::selection {
background-color: @lightHtColor;
}
}
}
.regButton {
.button();
.button();
@media @light {
border-color: @darkRegColor;
color: @darkRegColor;
&:hover, &:focus {
background-color: @darkRegColor;
&::selection {
color: @darkRegColor;
}
}
&::selection {
background-color: @darkRegColor;
}
}
@media @light {
border-color: @darkRegColor;
color: @darkRegColor;
&:hover, &:focus {
background-color: @darkRegColor;
&::selection {
color: @darkRegColor;
}
}
&::selection {
background-color: @darkRegColor;
}
}
@media @dark {
border-color: @lightRegColor;
color: @lightRegColor;
&:hover, &:focus {
background-color: @lightRegColor;
&::selection {
color: @lightRegColor;
}
}
&::selection {
background-color: @lightRegColor;
}
}
@media @dark {
border-color: @lightRegColor;
color: @lightRegColor;
&:hover, &:focus {
background-color: @lightRegColor;
&::selection {
color: @lightRegColor;
}
}
&::selection {
background-color: @lightRegColor;
}
}
}
.nsButton {
.button();
.button();
@media @light {
border-color: @darkNsColor;
color: @darkNsColor;
&:hover, &:focus {
background-color: @darkNsColor;
&::selection {
color: @darkNsColor;
}
}
&::selection {
background-color: @darkNsColor;
}
}
@media @light {
border-color: @darkNsColor;
color: @darkNsColor;
&:hover, &:focus {
background-color: @darkNsColor;
&::selection {
color: @darkNsColor;
}
}
&::selection {
background-color: @darkNsColor;
}
}
@media @dark {
border-color: @lightNsColor;
color: @lightNsColor;
&:hover, &:focus {
background-color: @lightNsColor;
&::selection {
color: @lightNsColor;
}
}
&::selection {
background-color: @lightNsColor;
}
}
@media @dark {
border-color: @lightNsColor;
color: @lightNsColor;
&:hover, &:focus {
background-color: @lightNsColor;
&::selection {
color: @lightNsColor;
}
}
&::selection {
background-color: @lightNsColor;
}
}
}
.authButton {
.button();
.button();
@media @light {
border-color: @darkAuthColor;
color: @darkAuthColor;
&:hover, &:focus {
background-color: @darkAuthColor;
&::selection {
color: @darkAuthColor;
}
}
&::selection {
background-color: @darkAuthColor;
}
}
@media @light {
border-color: @darkAuthColor;
color: @darkAuthColor;
&:hover, &:focus {
background-color: @darkAuthColor;
&::selection {
color: @darkAuthColor;
}
}
&::selection {
background-color: @darkAuthColor;
}
}
@media @dark {
border-color: @lightAuthColor;
color: @lightAuthColor;
&:hover, &:focus {
background-color: @lightAuthColor;
&::selection {
color: @lightAuthColor;
}
}
&::selection {
background-color: @lightAuthColor;
}
}
@media @dark {
border-color: @lightAuthColor;
color: @lightAuthColor;
&:hover, &:focus {
background-color: @lightAuthColor;
&::selection {
color: @lightAuthColor;
}
}
&::selection {
background-color: @lightAuthColor;
}
}
}
@media @light {
.htButton:hover, .regButton:hover, .nsButton:hover, .authButton:hover,
.htButton:focus, .regButton:focus, .nsButton:focus, .authButton:focus {
color: @lightColor;
&::selection {
background-color: @lightColor;
}
}
.htButton:hover, .regButton:hover, .nsButton:hover, .authButton:hover,
.htButton:focus, .regButton:focus, .nsButton:focus, .authButton:focus {
color: @lightColor;
&::selection {
background-color: @lightColor;
}
}
}
@media @dark {
.htButton:hover, .regButton:hover, .nsButton:hover, .authButton:hover,
.htButton:focus, .regButton:focus, .nsButton:focus, .authButton:focus {
color: @darkColor;
&::selection {
background-color: @darkColor;
}
}
.htButton:hover, .regButton:hover, .nsButton:hover, .authButton:hover,
.htButton:focus, .regButton:focus, .nsButton:focus, .authButton:focus {
color: @darkColor;
&::selection {
background-color: @darkColor;
}
}
}

118
less/form.less
View file

@ -1,103 +1,103 @@
form {
margin-left: 50px;
margin-right: 50px;
text-align: center;
@media (max-width: 500px) {
margin-left: 0px;
margin-right: 0px;
}
margin-left: 50px;
margin-right: 50px;
text-align: center;
@media (max-width: 500px) {
margin-left: 0px;
margin-right: 0px;
}
}
input, select {
border-radius: 12px;
font-size: @fontSize;
margin: 5px;
padding: 10px;
border-style: solid;
border-width: 2px;
border-radius: 12px;
font-size: @fontSize;
margin: 5px;
padding: 10px;
border-style: solid;
border-width: 2px;
&:hover {
border-width: 3px;
padding: 9px;
}
&:focus {
border-width: 4px;
padding: 8px;
}
&:hover {
border-width: 3px;
padding: 9px;
}
&:focus {
border-width: 4px;
padding: 8px;
}
@media @light {
background-color: @lightColor;
color: @darkColor;
border-color: @darkColor;
}
@media @light {
background-color: @lightColor;
color: @darkColor;
border-color: @darkColor;
}
@media @dark {
background-color: @darkColor;
color: @lightColor;
border-color: @lightColor;
}
@media @dark {
background-color: @darkColor;
color: @lightColor;
border-color: @lightColor;
}
}
input[type=text] {
font-family: monospace;
font-family: monospace;
}
input[type=submit] {
margin: 22px;
margin: 22px;
}
input#subdomain, input#ttl-value {
text-align: right;
text-align: right;
}
#password {
width: 32ch;
text-align: center;
width: 32ch;
text-align: center;
}
#username {
width: 16ch;
width: 16ch;
}
#keytag {
width: 7ch;
width: 7ch;
}
input:invalid+span::after {
content: '✖';
content: '✖';
}
input:valid+span::after {
content: ''; // ✓
content: ''; // ✓
}
input+span::after {
display: inline-block;
width: 20px;
font-size: 30px;
padding-left: 20px;
font-family: monospace;
display: inline-block;
width: 20px;
font-size: 30px;
padding-left: 20px;
font-family: monospace;
}
label.aboutInputCondition {
display: block;
font-size: @fontSize - 10%;
display: block;
font-size: @fontSize - 10%;
}
fieldset {
border-radius: 20px;
border-width: 2px;
border-style: solid;
display: flex;
flex-direction: row;
justify-content: center;
border-radius: 20px;
border-width: 2px;
border-style: solid;
display: flex;
flex-direction: row;
justify-content: center;
@media @light {
border-color: @darkColor;
}
@media @light {
border-color: @darkColor;
}
@media @dark {
border-color: @lightColor;
}
@media @dark {
border-color: @lightColor;
}
}

94
less/main.less
View file

@ -4,89 +4,89 @@
@dark: ~"(prefers-color-scheme: dark)";
html {
margin: 0px;
line-height: @fontSize + 6%;
margin: 0px;
line-height: @fontSize + 6%;
}
h1 {
font-size: @fontSize + 25px;
line-height: @fontSize + 30px
font-size: @fontSize + 25px;
line-height: @fontSize + 30px
}
body {
margin: 0px;
font-family: system-ui, sans-serif;
font-size: @fontSize;
margin: 0px;
font-family: system-ui, sans-serif;
font-size: @fontSize;
}
header, main, footer {
margin-left: 20%;
margin-right: 20%;
@media (max-width: 500px) {
margin-left: 20px;
margin-right: 20px;
}
margin-left: 20%;
margin-right: 20%;
@media (max-width: 500px) {
margin-left: 20px;
margin-right: 20px;
}
}
code {
line-height: @fontSize + 6%;
font-size: @fontSize;
line-height: @fontSize + 6%;
font-size: @fontSize;
}
nav {
display: inline-block;
margin-left: 20px;
margin-right: 20px;
display: inline-block;
margin-left: 20px;
margin-right: 20px;
}
header {
text-align: center;
margin-top: 20px;
text-align: center;
margin-top: 20px;
}
p {
margin: 0px;
margin-bottom: 15px;
margin: 0px;
margin-bottom: 15px;
}
h2 {
margin: 0px;
padding: 0px;
margin: 0px;
padding: 0px;
}
.breakable {
word-break: break-all;
word-break: break-all;
}
@media @light {
html {
background-color: @lightColor;
color: @darkColor;
}
html {
background-color: @lightColor;
color: @darkColor;
}
::selection {
background-color: @darkColor;
color: @lightColor;
}
::selection {
background-color: @darkColor;
color: @lightColor;
}
a {
color: @darkColor;
}
a {
color: @darkColor;
}
}
@media @dark {
html {
background-color: @darkColor;
color: @lightColor;
}
html {
background-color: @darkColor;
color: @lightColor;
}
::selection {
background-color: @lightColor;
color: @darkColor;
}
::selection {
background-color: @lightColor;
color: @darkColor;
}
a {
color: @lightColor;
}
a {
color: @lightColor;
}
}

60
ns/caa.php
View file

@ -2,47 +2,47 @@
<form method="post">
<?php require "../inc/form/form.ns.inc.php"; ?>
<?php require "../inc/form/form.ns.inc.php"; ?>
<br>
<label for="flag">Flag</label>
<br>
<input id="flag" min="0" max="127" placeholder="0" name="flag" type="number">
<br>
<label for="tag">Tag</label>
<br>
<input id="tag" minlenght="1" maxlength="128" pattern="^[a-z]{1,128}$" placeholder="issue" name="tag" type="text">
<br>
<label for="value">Valeur</label>
<br>
<input id="value" minlenght="3" maxlength="1024" pattern="^[a-z0-9.-]{3,1024}$" placeholder="letsencrypt.org" name="value" type="text">
<br>
<input value="Valider" type="submit">
<br>
<label for="flag">Flag</label>
<br>
<input id="flag" min="0" max="127" placeholder="0" name="flag" type="number">
<br>
<label for="tag">Tag</label>
<br>
<input id="tag" minlenght="1" maxlength="128" pattern="^[a-z]{1,128}$" placeholder="issue" name="tag" type="text">
<br>
<label for="value">Valeur</label>
<br>
<input id="value" minlenght="3" maxlength="1024" pattern="^[a-z0-9.-]{3,1024}$" placeholder="letsencrypt.org" name="value" type="text">
<br>
<input value="Valider" type="submit">
</form>
<?php
if (nsCommonRequirements()
AND isset($_POST['flag'])
AND isset($_POST['tag'])
AND isset($_POST['value'])
) {
AND isset($_POST['flag'])
AND isset($_POST['tag'])
AND isset($_POST['value'])
) {
$values = nsParseCommonRequirements();
$values = nsParseCommonRequirements();
if (!($_POST['flag'] >= 0 AND $_POST['flag'] <= 255))
exit("ERROR: Wrong value for flag");
if (!($_POST['flag'] >= 0 AND $_POST['flag'] <= 255))
exit("ERROR: Wrong value for flag");
if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
exit("ERROR: Wrong value for tag");
if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
exit("ERROR: Wrong value for tag");
if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
exit("ERROR: Wrong value for value");
if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
exit("ERROR: Wrong value for value");
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN CAA " . $_POST['flag'] . " " . $_POST['tag'] . " " . $_POST['value']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN CAA " . $_POST['flag'] . " " . $_POST['tag'] . " " . $_POST['value']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}

90
ns/dnssec.php
View file

@ -3,72 +3,72 @@
Afin d'activer DNSSEC, vous devez indiquer un enregistrement DS à la zone parente.
<form method="post">
<select required="" name="zone" id="zone">
<option value="" disabled="" selected="">---</option>
<select required="" name="zone" id="zone">
<option value="" disabled="" selected="">---</option>
<?php
$zones = nsListUserZones($_SESSION['username']);
<?php
$zones = nsListUserZones($_SESSION['username']);
if ($zones) {
foreach($zones as $zone) {
echo "<option value='" . $zone . "'>" . $zone . "</option>";
}
}
if ($zones) {
foreach($zones as $zone) {
echo "<option value='" . $zone . "'>" . $zone . "</option>";
}
}
?>
</select>
<br>
<input value="Valider" type="submit">
?>
</select>
<br>
<input value="Valider" type="submit">
</form>
<?php
if (isset($_POST['zone']) AND isset($_SESSION['username'])) {
antiCSRF();
antiCSRF();
nsCheckZonePossession($_POST['zone']);
nsCheckZonePossession($_POST['zone']);
exec(KEYMGR_PATH . " " . $_POST['zone'] . " ds", $output);
exec(KEYMGR_PATH . " " . $_POST['zone'] . " ds", $output);
$l0 = explode(" ", $output[0]);
$l1 = explode(" ", $output[1]);
$l0 = explode(" ", $output[0]);
$l1 = explode(" ", $output[1]);
?>
?>
<dl>
<dl>
<dt>Zone</dt>
<dd>
<code><?= $_POST['zone'] ?></code>
</dd>
<dt>Zone</dt>
<dd>
<code><?= $_POST['zone'] ?></code>
</dd>
<dt>Tag</dt>
<dd>
<code><?= $l0[2] ?></code>
</dd>
<dt>Tag</dt>
<dd>
<code><?= $l0[2] ?></code>
</dd>
<dt>Algorithme</dt>
<dd>
<code>15</code> (Ed25519)
</dd>
<dt>Algorithme</dt>
<dd>
<code>15</code> (Ed25519)
</dd>
<dt>Condensat de type <code>2</code> (SHA-256)</dt>
<dd>
<code><?= $l0[5] ?></code>
</dd>
<dt>Condensat de type <code>2</code> (SHA-256)</dt>
<dd>
<code><?= $l0[5] ?></code>
</dd>
<dt>Condensat de type <code>4</code> (SHA-384 ; optionnel)</dt>
<dd>
<code><?= $l1[5] ?></code>
</dd>
<dt>Condensat de type <code>4</code> (SHA-384 ; optionnel)</dt>
<dd>
<code><?= $l1[5] ?></code>
</dd>
</dl>
</dl>
<details>
<summary>Données brutes</summary>
<code><?= $output[0] ?></code><br><code><?= $output[1] ?></code>
</details>
<details>
<summary>Données brutes</summary>
<code><?= $output[0] ?></code><br><code><?= $output[1] ?></code>
</details>
<?php } ?>

106
ns/index.php
View file

@ -1,61 +1,61 @@
<?php require "../top.inc.php"; ?>
<dl>
<dt><a class="nsButton" href="zone">Gérer ses zones</a></dt>
<dd>
Pour qu'elle soit gérée par le serveur de noms de Niver
</dd>
<dt><a class="nsButton" href="dnssec">Obtenir les enregistrements <abbr title="Delegation Signer">DS</abbr></a></dt>
<dd>
À indiquer à la zone parente pour activer <abbr title="Domain Name System Security Extensions">DNSSEC</abbr>
</dd>
<dt><a class="nsButton" href="ns">Enregistrement <abbr title="Name Server">NS</abbr></a></dt>
<dd>
Indiquer le serveur de noms d'une zone
</dd>
<dt><a class="nsButton" href="ip">Enregistrements A et AAAA</a></dt>
<dd>
Indiquer l'adresse IP d'un domaine
</dd>
<dt><a class="nsButton" href="txt">Enregistrement TXT</a></dt>
<dd>
Associer du texte à un domaine
</dd>
<dt><a class="nsButton" href="zone">Gérer ses zones</a></dt>
<dd>
Pour qu'elle soit gérée par le serveur de noms de Niver
</dd>
<dt><a class="nsButton" href="dnssec">Obtenir les enregistrements <abbr title="Delegation Signer">DS</abbr></a></dt>
<dd>
À indiquer à la zone parente pour activer <abbr title="Domain Name System Security Extensions">DNSSEC</abbr>
</dd>
<dt><a class="nsButton" href="ns">Enregistrement <abbr title="Name Server">NS</abbr></a></dt>
<dd>
Indiquer le serveur de noms d'une zone
</dd>
<dt><a class="nsButton" href="ip">Enregistrements A et AAAA</a></dt>
<dd>
Indiquer l'adresse IP d'un domaine
</dd>
<dt><a class="nsButton" href="txt">Enregistrement TXT</a></dt>
<dd>
Associer du texte à un domaine
</dd>
<dt><a class="nsButton" href="srv">Enregistrement SRV</a></dt>
<dd>
Indiquer un serveur pour un domaine
</dd>
<dt><a class="nsButton" href="mx">Enregistrement <abbr title="Mail eXchanger">MX</abbr></a></dt>
<dd>
Indiquer le serveur mail pour un domaine
</dd>
<dt><a class="nsButton" href="caa">Enregistrement <abbr title="Certification Authority Authorization">CAA</abbr></a></dt>
<dd>
Indiquer les seules autorités de certifications autorisée à signer les domaines
</dd>
<dt><a class="nsButton" href="tlsa">Enregistrement <abbr title="Transport Layer Security Association">TLSA</abbr></a></dt>
<dd>
Mettre en place <abbr title="DNS-based Authentication of Named Entities">DANE</abbr> en indiquant l'empreinte d'un certificat <abbr title="Transport Layer Security">TLS</abbr>
</dd>
<dt><a class="nsButton" href="sshfp">Enregistrement <abbr title="Secure SHell FingerPrint">SSHFP</abbr></a></dt>
<dd>
Indiquer les empreintes de clés <abbr title="Secure SHell">SSH</abbr> d'un domaine
</dd>
<dt><a class="nsButton" href="loc">NOT DONE : Enregistrement LOC</a></dt>
<dd>
Indiquer des coordonnées géographiques
</dd>
<dt><a class="nsButton" href="srv">Enregistrement SRV</a></dt>
<dd>
Indiquer un serveur pour un domaine
</dd>
<dt><a class="nsButton" href="mx">Enregistrement <abbr title="Mail eXchanger">MX</abbr></a></dt>
<dd>
Indiquer le serveur mail pour un domaine
</dd>
<dt><a class="nsButton" href="caa">Enregistrement <abbr title="Certification Authority Authorization">CAA</abbr></a></dt>
<dd>
Indiquer les seules autorités de certifications autorisée à signer les domaines
</dd>
<dt><a class="nsButton" href="tlsa">Enregistrement <abbr title="Transport Layer Security Association">TLSA</abbr></a></dt>
<dd>
Mettre en place <abbr title="DNS-based Authentication of Named Entities">DANE</abbr> en indiquant l'empreinte d'un certificat <abbr title="Transport Layer Security">TLS</abbr>
</dd>
<dt><a class="nsButton" href="sshfp">Enregistrement <abbr title="Secure SHell FingerPrint">SSHFP</abbr></a></dt>
<dd>
Indiquer les empreintes de clés <abbr title="Secure SHell">SSH</abbr> d'un domaine
</dd>
<dt><a class="nsButton" href="loc">NOT DONE : Enregistrement LOC</a></dt>
<dd>
Indiquer des coordonnées géographiques
</dd>
<!--
<dt><a class="nsButton" href="cname">Enregistrement <abbr title="Canonical NAME">CNAME</abbr></a></dt>
<dd>
Définir un domaine comme étant l'alias d'un autre
</dd>
<dt><a class="nsButton" href="dname">Enregistrement <abbr title="Delegation NAME">DNAME</abbr></a></dt>
<dd>
Définir les sous-domaines d'un domaine comme étant les alias des sous-domaines d'un autre domaine
</dd>-->
<!--
<dt><a class="nsButton" href="cname">Enregistrement <abbr title="Canonical NAME">CNAME</abbr></a></dt>
<dd>
Définir un domaine comme étant l'alias d'un autre
</dd>
<dt><a class="nsButton" href="dname">Enregistrement <abbr title="Delegation NAME">DNAME</abbr></a></dt>
<dd>
Définir les sous-domaines d'un domaine comme étant les alias des sous-domaines d'un autre domaine
</dd>-->
</dl>
<?php require "../bottom.inc.php"; ?>

46
ns/ip.php
View file

@ -1,41 +1,41 @@
<?php require "../top.inc.php"; ?>
<p>
Ici vous pouvez ajouter ou enlever des adresses IP dans une zone déjà enregistrée sur le serveur de noms de Niver
<br>Le format IPv4 (<code>A</code>) ou IPv6 (<code>AAAA</code>) sera détecté automatiquement.
<br>Si vous souhaitez utiliser un service d'hébergement hypertexte de Niver, voici les adresses à renseigner :
<br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
<br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
Ici vous pouvez ajouter ou enlever des adresses IP dans une zone déjà enregistrée sur le serveur de noms de Niver
<br>Le format IPv4 (<code>A</code>) ou IPv6 (<code>AAAA</code>) sera détecté automatiquement.
<br>Si vous souhaitez utiliser un service d'hébergement hypertexte de Niver, voici les adresses à renseigner :
<br>IPv4 : <code><?= IPV4_ADDRESS ?></code>
<br>IPv6 : <code><?= IPV6_ADDRESS ?></code>
</p>
<form method="post">
<?php require "../inc/form/form.ns.inc.php"; ?>
<label for="ip">Adresse IP</label><br>
<input required="" pattern="^[a-f0-9:.]+$" id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="<?= IPV6_EXAMPLE ?> ou <?= IPV4_EXAMPLE ?>"><br>
<input value="Valider" type="submit">
<?php require "../inc/form/form.ns.inc.php"; ?>
<label for="ip">Adresse IP</label><br>
<input required="" pattern="^[a-f0-9:.]+$" id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="<?= IPV6_EXAMPLE ?> ou <?= IPV4_EXAMPLE ?>"><br>
<input value="Valider" type="submit">
</form>
<?php
if (nsCommonRequirements()
AND isset($_POST['ip'])
) {
AND isset($_POST['ip'])
) {
$values = nsParseCommonRequirements();
$values = nsParseCommonRequirements();
checkIpFormat($_POST['ip']);
checkIpFormat($_POST['ip']);
if (filter_var($_POST['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))
$record = "A";
else if (filter_var($_POST['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
$record = "AAAA";
else
exit("ERROR: unknown IP format");
if (filter_var($_POST['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))
$record = "A";
else if (filter_var($_POST['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
$record = "AAAA";
else
exit("ERROR: unknown IP format");
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN " . $record . " " . $_POST['ip']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN " . $record . " " . $_POST['ip']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
echo "Enregistrement ajouté";
}
?>

60
ns/loc.php
View file

@ -2,47 +2,47 @@
<form method="post">
<?php require "../inc/form/form.ns.inc.php"; ?>
<?php require "../inc/form/form.ns.inc.php"; ?>
<br>
<label for="flag">Flag</label>
<br>
<input id="flag" min="0" max="127" placeholder="0" name="flag" type="number">
<br>
<label for="tag">Tag</label>
<br>
<input id="tag" minlenght="1" maxlength="128" pattern="^[a-z]{1,128}$" placeholder="issue" name="tag" type="text">
<br>
<label for="value">Valeur</label>
<br>
<input id="value" minlenght="3" maxlength="1024" pattern="^[a-z0-9.-]{3,1024}$" placeholder="letsencrypt.org" name="value" type="text">
<br>
<input value="Valider" type="submit">
<br>
<label for="flag">Flag</label>
<br>
<input id="flag" min="0" max="127" placeholder="0" name="flag" type="number">
<br>
<label for="tag">Tag</label>
<br>
<input id="tag" minlenght="1" maxlength="128" pattern="^[a-z]{1,128}$" placeholder="issue" name="tag" type="text">
<br>
<label for="value">Valeur</label>
<br>
<input id="value" minlenght="3" maxlength="1024" pattern="^[a-z0-9.-]{3,1024}$" placeholder="letsencrypt.org" name="value" type="text">
<br>
<input value="Valider" type="submit">
</form>
<?php
if (nsCommonRequirements()
AND isset($_POST['flag'])
AND isset($_POST['tag'])
AND isset($_POST['value'])
) {
AND isset($_POST['flag'])
AND isset($_POST['tag'])
AND isset($_POST['value'])
) {
$values = nsParseCommonRequirements();
$values = nsParseCommonRequirements();
if (!($_POST['flag'] >= 0 AND $_POST['flag'] <= 255))
exit("ERROR: Wrong value for flag");
if (!($_POST['flag'] >= 0 AND $_POST['flag'] <= 255))
exit("ERROR: Wrong value for flag");
if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
exit("ERROR: Wrong value for tag");
if (!(preg_match("/^[a-z]{1,127}$/", $_POST['tag'])))
exit("ERROR: Wrong value for tag");
if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
exit("ERROR: Wrong value for value");
if (!(preg_match("/^[a-z0-9.-]{1,255}$/", $_POST['value'])))
exit("ERROR: Wrong value for value");
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN CAA " . $_POST['flag'] . " " . $_POST['tag'] . " " . $_POST['value']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN CAA " . $_POST['flag'] . " " . $_POST['tag'] . " " . $_POST['value']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}

44
ns/mx.php
View file

@ -2,42 +2,42 @@
<form method="post">
<?php require "../inc/form/form.ns.inc.php"; ?>
<?php require "../inc/form/form.ns.inc.php"; ?>
<br>
<br>
<label for="priority">Priorité</label>
<br>
<input id="priority" min="0" max="65535" value="0" placeholder="0" name="priority" type="number">
<label for="priority">Priorité</label>
<br>
<input id="priority" min="0" max="65535" value="0" placeholder="0" name="priority" type="number">
<br>
<br>
<label for="host">Hôte</label>
<br>
<input id="host" placeholder="mail.<?= DOMAIN_EXAMPLE ?>." name="host" type="text">
<label for="host">Hôte</label>
<br>
<input id="host" placeholder="mail.<?= DOMAIN_EXAMPLE ?>." name="host" type="text">
<br>
<input value="Valider" type="submit">
<br>
<input value="Valider" type="submit">
</form>
<?php
if (nsCommonRequirements()
AND isset($_POST['priority'])
AND isset($_POST['host'])
) {
AND isset($_POST['priority'])
AND isset($_POST['host'])
) {
$values = nsParseCommonRequirements();
$values = nsParseCommonRequirements();
if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 255))
exit("ERROR: Wrong value for priority");
if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 255))
exit("ERROR: Wrong value for priority");
checkAbsoluteDomainFormat($_POST['host']);
checkAbsoluteDomainFormat($_POST['host']);
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN MX " . $_POST['priority'] . " " . $_POST['host']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN MX " . $_POST['priority'] . " " . $_POST['host']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}
?>

30
ns/ns.php
View file

@ -1,28 +1,28 @@
<?php include "../top.inc.php"; ?>
<form method="post">
<?php require "../inc/form/form.ns.inc.php"; ?>
<br>
<label for="ns">Serveur de nom</label>
<br>
<input id="ns" placeholder="ns1.<?= DOMAIN_EXAMPLE ?>" name="ns" type="text">
<br>
<input value="Procéder" type="submit">
<?php require "../inc/form/form.ns.inc.php"; ?>
<br>
<label for="ns">Serveur de nom</label>
<br>
<input id="ns" placeholder="ns1.<?= DOMAIN_EXAMPLE ?>" name="ns" type="text">
<br>
<input value="Procéder" type="submit">
</form>
<?php
if (nsCommonRequirements()
AND isset($_POST['ns'])
) {
AND isset($_POST['ns'])
) {
$values = nsParseCommonRequirements();
$values = nsParseCommonRequirements();
checkAbsoluteDomainFormat($_POST['ns']);
checkAbsoluteDomainFormat($_POST['ns']);
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN NS " . $_POST['ns']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN NS " . $_POST['ns']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}
?>

72
ns/srv.php
View file

@ -2,62 +2,62 @@
<form method="post">
<?php require "../inc/form/form.ns.inc.php"; ?>
<?php require "../inc/form/form.ns.inc.php"; ?>
<br>
<br>
<label for="priority">Priorité</label>
<br>
<input id="priority" min="0" max="65535" value="0" placeholder="0" name="priority" type="number">
<label for="priority">Priorité</label>
<br>
<input id="priority" min="0" max="65535" value="0" placeholder="0" name="priority" type="number">
<br>
<br>
<label for="weight">Poids</label>
<br>
<input id="weight" min="0" max="65535" value="0" placeholder="0" name="weight" type="number">
<label for="weight">Poids</label>
<br>
<input id="weight" min="0" max="65535" value="0" placeholder="0" name="weight" type="number">
<br>
<br>
<label for="port">Port</label>
<br>
<input id="port" min="0" max="65535" placeholder="32768" name="port" type="number">
<label for="port">Port</label>
<br>
<input id="port" min="0" max="65535" placeholder="32768" name="port" type="number">
<br>
<br>
<label for="target">Cible</label>
<br>
<input id="target" minlenght="1" maxlength="128" placeholder="service.<?= DOMAIN_EXAMPLE ?>." name="target" type="text">
<label for="target">Cible</label>
<br>
<input id="target" minlenght="1" maxlength="128" placeholder="service.<?= DOMAIN_EXAMPLE ?>." name="target" type="text">
<br>
<input value="Valider" type="submit">
<br>
<input value="Valider" type="submit">
</form>
<?php
if (nsCommonRequirements()
AND isset($_POST['priority'])
AND isset($_POST['weight'])
AND isset($_POST['port'])
AND isset($_POST['target'])
) {
AND isset($_POST['priority'])
AND isset($_POST['weight'])
AND isset($_POST['port'])
AND isset($_POST['target'])
) {
$values = nsParseCommonRequirements();
$values = nsParseCommonRequirements();
if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 65535))
exit("ERROR: Wrong value for priority");
if (!($_POST['priority'] >= 0 AND $_POST['priority'] <= 65535))
exit("ERROR: Wrong value for priority");
if (!($_POST['weight'] >= 0 AND $_POST['weight'] <= 65535))
exit("ERROR: Wrong value for weight");
if (!($_POST['weight'] >= 0 AND $_POST['weight'] <= 65535))
exit("ERROR: Wrong value for weight");
if (!($_POST['port'] >= 0 AND $_POST['port'] <= 65535))
exit("ERROR: Wrong value for port");
if (!($_POST['port'] >= 0 AND $_POST['port'] <= 65535))
exit("ERROR: Wrong value for port");
checkAbsoluteDomainFormat($_POST['target']);
checkAbsoluteDomainFormat($_POST['target']);
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN SRV " . $_POST['priority'] . " " . $_POST['weight'] . " " . $_POST['port'] . " " . $_POST['target']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN SRV " . $_POST['priority'] . " " . $_POST['weight'] . " " . $_POST['port'] . " " . $_POST['target']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}
?>

74
ns/sshfp.php
View file

@ -2,59 +2,59 @@
<form method="post">
<?php require "../inc/form/form.ns.inc.php"; ?>
<?php require "../inc/form/form.ns.inc.php"; ?>
<br>
<br>
<label for="algo">Algorithme</label>
<br>
<select required="" name="algo" id="algo">
<option value="1">1 (RSA)</option>
<option value="2" disabled="">2 (DSA)</option>
<option value="3">3 (ECDSA)</option>
<option value="4" selected="">4 (ED25519)</option>
</select>
<label for="algo">Algorithme</label>
<br>
<select required="" name="algo" id="algo">
<option value="1">1 (RSA)</option>
<option value="2" disabled="">2 (DSA)</option>
<option value="3">3 (ECDSA)</option>
<option value="4" selected="">4 (ED25519)</option>
</select>
<br>
<br>
<label for="type">Type de hash</label>
<br>
<select required="" name="type" id="type">
<option value="1" disabled="">1 (SHA-1)</option>
<option value="2" selected="">2 (SHA-256)</option>
</select>
<br>
<label for="type">Type de hash</label>
<br>
<select required="" name="type" id="type">
<option value="1" disabled="">1 (SHA-1)</option>
<option value="2" selected="">2 (SHA-256)</option>
</select>
<br>
<label for="fp">Empreinte</label>
<br>
<input required="" id="fp" size="65" minlenght="64" maxlength="64" placeholder="26e6bbb4796c4fb78632e737d31a8acaba43c3a92d9c047031f04e9b70826e1d" name="fp" type="text">
<label for="fp">Empreinte</label>
<br>
<input required="" id="fp" size="65" minlenght="64" maxlength="64" placeholder="26e6bbb4796c4fb78632e737d31a8acaba43c3a92d9c047031f04e9b70826e1d" name="fp" type="text">
<br>
<input value="Valider" type="submit">
<br>
<input value="Valider" type="submit">
</form>
<?php
if (nsCommonRequirements()
AND isset($_POST['algo'])
AND isset($_POST['fp'])
) {
AND isset($_POST['algo'])
AND isset($_POST['fp'])
) {
$values = nsParseCommonRequirements();
$values = nsParseCommonRequirements();
if (!($_POST['algo'] === "1" OR $_POST['algo'] === "3" OR $_POST['algo'] === "4"))
exit("ERROR: Wrong value for algo");
if (!($_POST['algo'] === "1" OR $_POST['algo'] === "3" OR $_POST['algo'] === "4"))
exit("ERROR: Wrong value for algo");
if (!($_POST['type'] === "2"))
exit("ERROR: Wrong value for type");
if (!($_POST['type'] === "2"))
exit("ERROR: Wrong value for type");
if (!(preg_match("/^[a-z0-9]{64}$/", $_POST['fp'])))
exit("ERROR: Wrong value for fp");
if (!(preg_match("/^[a-z0-9]{64}$/", $_POST['fp'])))
exit("ERROR: Wrong value for fp");
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN SSHFP " . $_POST['algo'] . " " . $_POST['type'] . " " . $_POST['fp']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN SSHFP " . $_POST['algo'] . " " . $_POST['type'] . " " . $_POST['fp']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}
?>

104
ns/tlsa.php
View file

@ -2,73 +2,73 @@
<form method="post">
<?php require "../inc/form/form.ns.inc.php"; ?>
<?php require "../inc/form/form.ns.inc.php"; ?>
<br>
<label for="use">Utilisation</label>
<br>
<select required="" name="use" id="use">
<option value="" selected="" disabled="">-</option>
<option value="0">0 (PKIX-TA, <abbr title="also known as">aka<abbr> CA constraint)</option>
<option value="1">1 (PKIX-EE, <abbr title="also known as">aka<abbr> Service certificate constraint)</option>
<option value="2">2 (DANE-TA, <abbr title="also known as">aka<abbr> Trust Anchor Assertion)</option>
<option value="3">3 (DANE-EE, <abbr title="also known as">aka<abbr> Domain issued certificate)</option>
</select>
<br>
<br>
<label for="use">Utilisation</label>
<br>
<select required="" name="use" id="use">
<option value="" selected="" disabled="">-</option>
<option value="0">0 (PKIX-TA, <abbr title="also known as">aka<abbr> CA constraint)</option>
<option value="1">1 (PKIX-EE, <abbr title="also known as">aka<abbr> Service certificate constraint)</option>
<option value="2">2 (DANE-TA, <abbr title="also known as">aka<abbr> Trust Anchor Assertion)</option>
<option value="3">3 (DANE-EE, <abbr title="also known as">aka<abbr> Domain issued certificate)</option>
</select>
<br>
<label for="selector">Selecteur</label>
<br>
<select required="" name="selector" id="selector">
<option value="" selected="" disabled="">-</option>
<option value="0">0 (le certificat entier doit correspondre)</option>
<option value="1">1 (la clé publique du certificat doit correspondre)</option>
</select>
<br>
<label for="selector">Selecteur</label>
<br>
<select required="" name="selector" id="selector">
<option value="" selected="" disabled="">-</option>
<option value="0">0 (le certificat entier doit correspondre)</option>
<option value="1">1 (la clé publique du certificat doit correspondre)</option>
</select>
<br>
<label for="type">Type de correspondance</label>
<br>
<select required="" name="type" id="type">
<option value="" selected="" disabled="">-</option>
<option value="0">0 (certificat entier)</option>
<option value="1">1 (SHA-256)</option>
<option value="2">2 (SHA-512)</option>
</select>
<br>
<label for="type">Type de correspondance</label>
<br>
<select required="" name="type" id="type">
<option value="" selected="" disabled="">-</option>
<option value="0">0 (certificat entier)</option>
<option value="1">1 (SHA-256)</option>
<option value="2">2 (SHA-512)</option>
</select>
<br>
<label for="content">Contenu</label>
<br>
<input id="content" minlenght="3" maxlength="1024" pattern="^[a-zA-Z0-9.-]{3,1024}$" placeholder="gjioerjgioer" name="content" type="text">
<br>
<input value="Valider" type="submit">
<label for="content">Contenu</label>
<br>
<input id="content" minlenght="3" maxlength="1024" pattern="^[a-zA-Z0-9.-]{3,1024}$" placeholder="gjioerjgioer" name="content" type="text">
<br>
<input value="Valider" type="submit">
</form>
<?php
if (nsCommonRequirements()
AND isset($_POST['use'])
AND isset($_POST['selector'])
AND isset($_POST['type'])
AND isset($_POST['content'])
) {
AND isset($_POST['use'])
AND isset($_POST['selector'])
AND isset($_POST['type'])
AND isset($_POST['content'])
) {
$values = nsParseCommonRequirements();
$values = nsParseCommonRequirements();
if (!($_POST['use'] >= 0 AND $_POST['use'] <= 3))
exit("ERROR: Wrong value for use");
if (!($_POST['use'] >= 0 AND $_POST['use'] <= 3))
exit("ERROR: Wrong value for use");
if (!($_POST['selector'] === "0" OR $_POST['selector'] === "1"))
exit("ERROR: Wrong value for selector");
if (!($_POST['selector'] === "0" OR $_POST['selector'] === "1"))
exit("ERROR: Wrong value for selector");
if (!($_POST['type'] >= 0 OR $_POST['type'] <= 2))
exit("ERROR: Wrong value for type");
if (!($_POST['type'] >= 0 OR $_POST['type'] <= 2))
exit("ERROR: Wrong value for type");
if (!(preg_match("/^[a-zA-Z0-9.-]{1,1024}$/", $_POST['content'])))
exit("ERROR: Wrong value for content");
if (!(preg_match("/^[a-zA-Z0-9.-]{1,1024}$/", $_POST['content'])))
exit("ERROR: Wrong value for content");
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN TLSA " . $_POST['use'] . " " . $_POST['selector'] . " " . $_POST['type'] . " " . $_POST['content']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . " IN TLSA " . $_POST['use'] . " " . $_POST['selector'] . " " . $_POST['type'] . " " . $_POST['content']);
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}

32
ns/txt.php
View file

@ -1,29 +1,29 @@
<?php include "../top.inc.php"; ?>
<form method="post">
<?php require "../inc/form/form.ns.inc.php"; ?>
<br>
<label for="txt">Texte</label>
<br>
<input id="txt" minlenght="5" maxlength="8192" pattern="^[a-zA-Z0-9 =:!%$+/\()[\]_-]{5,8192}$" placeholder="Du texte..." name="txt" type="text">
<br>
<input value="Valider" type="submit">
<?php require "../inc/form/form.ns.inc.php"; ?>
<br>
<label for="txt">Texte</label>
<br>
<input id="txt" minlenght="5" maxlength="8192" pattern="^[a-zA-Z0-9 =:!%$+/\()[\]_-]{5,8192}$" placeholder="Du texte..." name="txt" type="text">
<br>
<input value="Valider" type="submit">
</form>
<?php
if (nsCommonRequirements()
AND isset($_POST['txt'])
) {
AND isset($_POST['txt'])
) {
$values = nsParseCommonRequirements();
$values = nsParseCommonRequirements();
if (!(preg_match("/^[a-zA-Z0-9 =:!%$+\/\()[\]_-]{5,8192}$/", $_POST['txt'])))
exit("ERROR : Wrong caracter or wrong caracter quantity");
if (!(preg_match("/^[a-zA-Z0-9 =:!%$+\/\()[\]_-]{5,8192}$/", $_POST['txt'])))
exit("ERROR : Wrong caracter or wrong caracter quantity");
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . ' IN TXT \"' . $_POST['txt'] . '\"');
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
exec(KNOTC_PATH . " zone-begin " . $_POST['zone']);
exec(KNOTC_PATH . " zone-" . $values['action'] . "set " . $_POST['zone'] . " " . $values['domain'] . " " . $values['ttl'] . ' IN TXT \"' . $_POST['txt'] . '\"');
exec(KNOTC_PATH . " zone-commit " . $_POST['zone']);
echo "Enregistrement ajouté";
}
?>

98
ns/zone.php
View file

@ -1,89 +1,89 @@
<?php require "../top.inc.php"; ?>
<form method="post">
<h2>Ajouter une zone</h2>
<label for="domain">Domaine</label><br>
<input required="" placeholder="domain.<?= DOMAIN_EXAMPLE ?>." id="domain" name="domain" type="text"><br>
<input value="Ajouter" type="submit">
<h2>Ajouter une zone</h2>
<label for="domain">Domaine</label><br>
<input required="" placeholder="domain.<?= DOMAIN_EXAMPLE ?>." id="domain" name="domain" type="text"><br>
<input value="Ajouter" type="submit">
</form>
<?php
if (isset($_POST['domain']) AND isset($_SESSION['username'])) {
antiCSRF();
antiCSRF();
checkAbsoluteDomainFormat($_POST['domain']);
checkAbsoluteDomainFormat($_POST['domain']);
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)");
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO zones(zone, username) VALUES(:zone, :username)");
$stmt->bindParam(':zone', $_POST['domain']);
$stmt->bindParam(':username', $_SESSION['username']);
$stmt->bindParam(':zone', $_POST['domain']);
$stmt->bindParam(':username', $_SESSION['username']);
$stmt->execute();
$stmt->execute();
$knotZonePath = KNOT_ZONES_PATH . "/" . $_POST['domain'] . "zone";
$knotZone = file_get_contents(NIVER_TEMPLATE_PATH . "/knot.template");
$knotZone = preg_replace("/DOMAIN/", $_POST['domain'], $knotZone);
file_put_contents($knotZonePath, $knotZone);
chmod($knotZonePath, 0660);
$knotZonePath = KNOT_ZONES_PATH . "/" . $_POST['domain'] . "zone";
$knotZone = file_get_contents(NIVER_TEMPLATE_PATH . "/knot.template");
$knotZone = preg_replace("/DOMAIN/", $_POST['domain'], $knotZone);
file_put_contents($knotZonePath, $knotZone);
chmod($knotZonePath, 0660);
exec(KNOTC_PATH . " conf-begin");
exec(KNOTC_PATH . " conf-set 'zone[" . $_POST['domain'] . "]'");
exec(KNOTC_PATH . " conf-set 'zone[" . $_POST['domain'] . "].template' 'niver'");
exec(KNOTC_PATH . " conf-commit");
exec(KNOTC_PATH . " conf-begin");
exec(KNOTC_PATH . " conf-set 'zone[" . $_POST['domain'] . "]'");
exec(KNOTC_PATH . " conf-set 'zone[" . $_POST['domain'] . "].template' 'niver'");
exec(KNOTC_PATH . " conf-commit");
echo "La requête a été traitée.";
echo "La requête a été traitée.";
}
?>
<form method="post">
<h2>Supprimer une zone</h2>
<label for="zone">Zone</label>
<select required="" name="zone" id="zone">
<option value="" disabled="" selected="">-</option><?php
$zones = nsListUserZones($_SESSION['username']);
<h2>Supprimer une zone</h2>
<label for="zone">Zone</label>
<select required="" name="zone" id="zone">
<option value="" disabled="" selected="">-</option><?php
$zones = nsListUserZones($_SESSION['username']);
if (!empty($zones)) {
foreach ($zones as $zone)
echo "<option value='" . $zone . "'>" . $zone . "</option>";
}
if (!empty($zones)) {
foreach ($zones as $zone)
echo "<option value='" . $zone . "'>" . $zone . "</option>";
}
?>
</select>
<br>
<input value="Supprimer toutes les données liées à cette zone" type="submit">
</select>
<br>
<input value="Supprimer toutes les données liées à cette zone" type="submit">
</form>
<?php
if (isset($_POST['zone']) AND isset($_SESSION['username'])) {
nsCheckZonePossession($_POST['zone']);
nsCheckZonePossession($_POST['zone']);
// Remove Knot zone file
unlink(KNOT_ZONES_PATH . "/" . $_POST['zone'] . "zone");
// Remove Knot zone file
unlink(KNOT_ZONES_PATH . "/" . $_POST['zone'] . "zone");
// Remove Knot tied data
exec(KNOTC_PATH . " zone-purge" . $_POST['zone']);
// Remove Knot tied data
exec(KNOTC_PATH . " zone-purge" . $_POST['zone']);
// Remove from Knot configuration
exec(KNOTC_PATH . " conf-begin");
exec(KNOTC_PATH . " conf-unset 'zone[" . $_POST['domain'] . "]'");
exec(KNOTC_PATH . " conf-commit");
// Remove from Knot configuration
exec(KNOTC_PATH . " conf-begin");
exec(KNOTC_PATH . " conf-unset 'zone[" . $_POST['domain'] . "]'");
exec(KNOTC_PATH . " conf-commit");
// Remove from Niver's database
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("DELETE FROM zones WHERE zone = :zone AND username = :username");
// Remove from Niver's database
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("DELETE FROM zones WHERE zone = :zone AND username = :username");
$stmt->bindParam(':zone', $_POST['zone']);
$stmt->bindParam(':username', $_SESSION['username']);
$stmt->bindParam(':zone', $_POST['zone']);
$stmt->bindParam(':username', $_SESSION['username']);
$stmt->execute();
$stmt->execute();
echo "La requête a été traitée.";
echo "La requête a été traitée.";
}
?>

162
reg/ds.php
View file

@ -1,104 +1,104 @@
<?php include "../top.inc.php"; ?>
<form method="post">
<label for="action">Action</label>
<select name="action" id="action">
<option value="add">Ajouter</option>
<option value="delete">Retirer</option>
</select>
<br>
<label for="zone">Domaine</label>
<br>
<select required="" name="zone" id="zone">
<option value="" disabled="" selected="">---</option>
<label for="action">Action</label>
<select name="action" id="action">
<option value="add">Ajouter</option>
<option value="delete">Retirer</option>
</select>
<br>
<label for="zone">Domaine</label>
<br>
<select required="" name="zone" id="zone">
<option value="" disabled="" selected="">---</option>
<?php
$domains = regListUserDomains($_SESSION['username']);
<?php
$domains = regListUserDomains($_SESSION['username']);
if ($domains) {
foreach($domains as $domain) {
echo "<option value='" . $domain . "'>" . $domain . "</option>";
}
}
if ($domains) {
foreach($domains as $domain) {
echo "<option value='" . $domain . "'>" . $domain . "</option>";
}
}
?>
?>
</select>
<br>
<label for="keytag">Tag de la clé</label>
<br>
<input required="" id="keytag" placeholder="32768" min="1" max="65535" name="keytag" type="number"><span></span>
<br>
<label for="algo">Algorithme</label>
<br>
<select required="" name="algo" id="algo">
<!-- RFC 8624 : Algorithm Implementation Requirements and Usage Guidance for DNSSEC > Algorithm Selection > DNSKEY Algorithms -->
<!-- https://tools.ietf.org/html/rfc8624.html#section-3.1 -->
<option value="1" disabled="">1 (RSAMD5)</option>
<option value="3" disabled="">3 (DSA)</option>
<option value="5" disabled="">5 (RSASHA1)</option>
<option value="6" disabled="">6 (DSA-NSEC3-SHA1)</option>
<option value="7" disabled="">7 (RSASHA1-NSEC3-SHA1)</option>
<option value="8">8 (RSASHA256)</option>
<option value="10" disabled="">10 (RSASHA512)</option>
<option value="12" disabled="">12 (ECC-GOST)</option>
<option value="13">13 (ECDSAP256SHA256)</option>
<option value="14">14 (ECDSAP384SHA384)</option>
<option value="15" selected="">15 (ED25519)</option>
<option value="16">16 (ED448)</option>
</select>
<br>
<label for="dt">Type de condensat</label>
<br>
<select required="" name="dt" id="dt">
<!-- RFC 8624 : Algorithm Implementation Requirements and Usage Guidance for DNSSEC > Algorithm Selection > DS and CDS Algorithms -->
<!-- https://tools.ietf.org/html/rfc8624.html#section-3.3 -->
<option value="1" disabled="">1 (SHA-1)</option>
<option value="2" selected="">2 (SHA-256)</option>
<option value="3" disabled="">3 (GOST R 34.11-94)</option>
<option value="4">4 (SHA-384)</option>
</select>
<br>
<label for="key">Delegation Signer</label>
<br>
<input id="key" required="" name="key" type="text" placeholder="018F25E4A022463478C9E30136EC53771A1704A0F0B3CE5B883AC9C8A6A55D16B638B4DE70662ACA5295D3669E7CADD9">
<br>
<input value="Valider" type="submit">
</select>
<br>
<label for="keytag">Tag de la clé</label>
<br>
<input required="" id="keytag" placeholder="32768" min="1" max="65535" name="keytag" type="number"><span></span>
<br>
<label for="algo">Algorithme</label>
<br>
<select required="" name="algo" id="algo">
<!-- RFC 8624 : Algorithm Implementation Requirements and Usage Guidance for DNSSEC > Algorithm Selection > DNSKEY Algorithms -->
<!-- https://tools.ietf.org/html/rfc8624.html#section-3.1 -->
<option value="1" disabled="">1 (RSAMD5)</option>
<option value="3" disabled="">3 (DSA)</option>
<option value="5" disabled="">5 (RSASHA1)</option>
<option value="6" disabled="">6 (DSA-NSEC3-SHA1)</option>
<option value="7" disabled="">7 (RSASHA1-NSEC3-SHA1)</option>
<option value="8">8 (RSASHA256)</option>
<option value="10" disabled="">10 (RSASHA512)</option>
<option value="12" disabled="">12 (ECC-GOST)</option>
<option value="13">13 (ECDSAP256SHA256)</option>
<option value="14">14 (ECDSAP384SHA384)</option>
<option value="15" selected="">15 (ED25519)</option>
<option value="16">16 (ED448)</option>
</select>
<br>
<label for="dt">Type de condensat</label>
<br>
<select required="" name="dt" id="dt">
<!-- RFC 8624 : Algorithm Implementation Requirements and Usage Guidance for DNSSEC > Algorithm Selection > DS and CDS Algorithms -->
<!-- https://tools.ietf.org/html/rfc8624.html#section-3.3 -->
<option value="1" disabled="">1 (SHA-1)</option>
<option value="2" selected="">2 (SHA-256)</option>
<option value="3" disabled="">3 (GOST R 34.11-94)</option>
<option value="4">4 (SHA-384)</option>
</select>
<br>
<label for="key">Delegation Signer</label>
<br>
<input id="key" required="" name="key" type="text" placeholder="018F25E4A022463478C9E30136EC53771A1704A0F0B3CE5B883AC9C8A6A55D16B638B4DE70662ACA5295D3669E7CADD9">
<br>
<input value="Valider" type="submit">
</form>
<?php
if (isset($_POST['zone']) AND isset($_POST['keytag']) AND isset($_POST['algo']) AND isset($_POST['key']) AND isset($_SESSION['username'])) {
antiCSRF();
antiCSRF();
if (!($_POST['algo'] === "8")
AND !($_POST['algo'] === "13")
AND !($_POST['algo'] === "14")
AND !($_POST['algo'] === "15")
AND !($_POST['algo'] === "16")
)
exit("Wrong value for algo");
if (!($_POST['algo'] === "8")
AND !($_POST['algo'] === "13")
AND !($_POST['algo'] === "14")
AND !($_POST['algo'] === "15")
AND !($_POST['algo'] === "16")
)
exit("Wrong value for algo");
$_POST['keytag'] = intval($_POST['keytag']);
if ((!preg_match("/^[0-9]{1,6}$/", $_POST['keytag'])) OR !($_POST['keytag'] >= 1) OR !($_POST['keytag'] <= 65535))
exit("Wrong value for keytag");
$_POST['keytag'] = intval($_POST['keytag']);
if ((!preg_match("/^[0-9]{1,6}$/", $_POST['keytag'])) OR !($_POST['keytag'] >= 1) OR !($_POST['keytag'] <= 65535))
exit("Wrong value for keytag");
if (!$_POST['dt'] === "2" AND !$_POST['dt'] === "4")
exit("Wrong value for dt");
if (!$_POST['dt'] === "2" AND !$_POST['dt'] === "4")
exit("Wrong value for dt");
checkAbsoluteDomainFormat($_POST['zone']);
nsCheckZonePossession($_POST['zone']);
regCheckDomainPossession($_POST['zone']);
checkAbsoluteDomainFormat($_POST['zone']);
nsCheckZonePossession($_POST['zone']);
regCheckDomainPossession($_POST['zone']);
$action = checkAction($_POST['action']);
$action = checkAction($_POST['action']);
$suffix = regGetUpperDomain($_POST['zone']);
$suffix = regGetUpperDomain($_POST['zone']);
exec(KNOTC_PATH . " zone-begin " . $suffix);
exec(KNOTC_PATH . " zone-" . $action . "set " . $suffix . " " . $_POST['zone'] . " 86400 IN DS " . $_POST['keytag'] . " " . $_POST['algo'] . " " . $_POST['dt'] . " " . $_POST['key']);
exec(KNOTC_PATH . " zone-commit " . $suffix);
echo "La requête a été envoyée à Knot";
exec(KNOTC_PATH . " zone-begin " . $suffix);
exec(KNOTC_PATH . " zone-" . $action . "set " . $suffix . " " . $_POST['zone'] . " 86400 IN DS " . $_POST['keytag'] . " " . $_POST['algo'] . " " . $_POST['dt'] . " " . $_POST['key']);
exec(KNOTC_PATH . " zone-commit " . $suffix);
echo "La requête a été envoyée à Knot";
}

104
reg/glue.php
View file

@ -1,77 +1,77 @@
<?php require "../top.inc.php"; ?>
<form method="post">
<label for="action">Action</label>
<select name="action" id="action">
<option value="add">Ajouter</option>
<option value="delete">Retirer</option>
</select>
<fieldset>
<legend>Domaine</legend>
<div class="elForm">
<label for="subdomain">Sous-domaine</label>
<br>
<input required="" id="subdomain" placeholder="ns1" name="subdomain" type="text">
</div>
<div class="elForm">
<label for="suffix">Domaine</label>
<br>
<select required="" name="suffix" id="suffix">
<option value="" disabled="" selected="">---</option>
<label for="action">Action</label>
<select name="action" id="action">
<option value="add">Ajouter</option>
<option value="delete">Retirer</option>
</select>
<fieldset>
<legend>Domaine</legend>
<div class="elForm">
<label for="subdomain">Sous-domaine</label>
<br>
<input required="" id="subdomain" placeholder="ns1" name="subdomain" type="text">
</div>
<div class="elForm">
<label for="suffix">Domaine</label>
<br>
<select required="" name="suffix" id="suffix">
<option value="" disabled="" selected="">---</option>
<?php
<?php
$suffixes = regListUserDomains($_SESSION['username']);
$suffixes = regListUserDomains($_SESSION['username']);
if ($suffixes) {
foreach($suffixes as $suffix) {
echo "<option value='" . $suffix . "'>." . $suffix . "</option>";
}
}
if ($suffixes) {
foreach($suffixes as $suffix) {
echo "<option value='" . $suffix . "'>." . $suffix . "</option>";
}
}
?>
</select>
</div>
</fieldset>
<label for="ip">IP</label><br>
<input required="" pattern="^[a-f0-9:.]+$" id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="<?= IPV4_EXAMPLE ?> ou <?= IPV6_EXAMPLE ?>">
<br>
<input value="Valider" type="submit">
?>
</select>
</div>
</fieldset>
<label for="ip">IP</label><br>
<input required="" pattern="^[a-f0-9:.]+$" id="ip" name="ip" minlength="7" maxlength="39" size="40" type="text" placeholder="<?= IPV4_EXAMPLE ?> ou <?= IPV6_EXAMPLE ?>">
<br>
<input value="Valider" type="submit">
</form>
<?php
if (isset($_POST['action']) AND isset($_POST['subdomain']) AND isset($_POST['suffix']) AND isset($_POST['ip']) AND isset($_SESSION['username'])) {
antiCSRF();
antiCSRF();
if (!$suffixes)
exit("ERROR : You don't own any domain");
if (!$suffixes)
exit("ERROR : You don't own any domain");
if (!in_array($_POST['suffix'], $suffixes))
exit("ERROR : You don't own this suffix");
if (!in_array($_POST['suffix'], $suffixes))
exit("ERROR : You don't own this suffix");
$domain = $_POST['subdomain'] . "." . $_POST['suffix'];
$domain = $_POST['subdomain'] . "." . $_POST['suffix'];
checkAbsoluteDomainFormat($domain);
checkAbsoluteDomainFormat($domain);
checkIpFormat($_POST['ip']);
checkIpFormat($_POST['ip']);
if (filter_var($_POST['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))
$record = "A";
else if (filter_var($_POST['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
$record = "AAAA";
else
exit("Unknown error about IP format");
if (filter_var($_POST['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))
$record = "A";
else if (filter_var($_POST['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
$record = "AAAA";
else
exit("Unknown error about IP format");
$action = checkAction($_POST['action']);
$action = checkAction($_POST['action']);
$publicSuffix = regGetUpperDomain($_POST['suffix']);
$publicSuffix = regGetUpperDomain($_POST['suffix']);
exec(KNOTC_PATH . " zone-begin " . $publicSuffix);
exec(KNOTC_PATH . " zone-" . $action . "set " . $publicSuffix . " " . $domain . " 86400 IN " . $record . " " . $_POST['ip']);
exec(KNOTC_PATH . " zone-commit " . $publicSuffix);
echo "Glue record ajouté";
exec(KNOTC_PATH . " zone-begin " . $publicSuffix);
exec(KNOTC_PATH . " zone-" . $action . "set " . $publicSuffix . " " . $domain . " 86400 IN " . $record . " " . $_POST['ip']);
exec(KNOTC_PATH . " zone-commit " . $publicSuffix);
echo "Glue record ajouté";
}
?>

32
reg/index.php
View file

@ -1,22 +1,22 @@
<?php include "../top.inc.php"; ?>
<dl>
<dt><a class="regButton" href="register">Enregistrer un nouveau domaine</a></dt>
<dd>
Prendre possession d'un sous-domaine de <code><?= REGISTRY ?></code>
</dd>
<dt><a class="regButton" href="ns">Enregistrement <abbr title="Name Server">NS</abbr></a></dt>
<dd>
Indiquer les serveurs de noms de son sous-domaine de <code><?= REGISTRY ?></code>
</dd>
<dt><a class="regButton" href="ds">Enregistrement <abbr title="Delegation Signer">DS</abbr></a></dt>
<dd>
Déléguer la confiance <abbr title="Domain Name System Security Extensions">DNSSEC</abbr>
</dd>
<dt><a class="regButton" href="glue">Glue Record</a></dt>
<dd>
Indiquer les IP de ses serveurs de noms de son sous-domaine de <code><?= REGISTRY ?></code> dont les adresses se trouvent sur ce même sous-domaine
</dd>
<dt><a class="regButton" href="register">Enregistrer un nouveau domaine</a></dt>
<dd>
Prendre possession d'un sous-domaine de <code><?= REGISTRY ?></code>
</dd>
<dt><a class="regButton" href="ns">Enregistrement <abbr title="Name Server">NS</abbr></a></dt>
<dd>
Indiquer les serveurs de noms de son sous-domaine de <code><?= REGISTRY ?></code>
</dd>
<dt><a class="regButton" href="ds">Enregistrement <abbr title="Delegation Signer">DS</abbr></a></dt>
<dd>
Déléguer la confiance <abbr title="Domain Name System Security Extensions">DNSSEC</abbr>
</dd>
<dt><a class="regButton" href="glue">Glue Record</a></dt>
<dd>
Indiquer les IP de ses serveurs de noms de son sous-domaine de <code><?= REGISTRY ?></code> dont les adresses se trouvent sur ce même sous-domaine
</dd>
</dl>
<?php include "../bottom.inc.php"; ?>

88
reg/ns.php
View file

@ -1,64 +1,64 @@
<?php include "../top.inc.php"; ?>
<form method="post">
<label for="action">Action</label>
<select name="action" id="action">
<option value="add">Ajouter</option>
<option value="delete">Retirer</option>
</select>
<br>
<label for="domain">Domaine</label>
<br>
<select required="" name="domain" id="domain">
<option value="" disabled="" selected="">---</option>
<label for="action">Action</label>
<select name="action" id="action">
<option value="add">Ajouter</option>
<option value="delete">Retirer</option>
</select>
<br>
<label for="domain">Domaine</label>
<br>
<select required="" name="domain" id="domain">
<option value="" disabled="" selected="">---</option>
<?php
<?php
$domains = regListUserDomains($_SESSION['username']);
$domains = regListUserDomains($_SESSION['username']);
if ($domains) {
foreach($domains as $domain) {
echo "<option value='" . $domain . "'>" . $domain . "</option>";
}
}
if ($domains) {
foreach($domains as $domain) {
echo "<option value='" . $domain . "'>" . $domain . "</option>";
}
}
?>
</select>
<br>
<label for="ns">Serveur de nom</label>
<br>
<input id="ns" placeholder="ns1.<?= DOMAIN_EXAMPLE ?>." name="ns" type="text">
<br>
<input value="Valider" type="submit">
?>
</select>
<br>
<label for="ns">Serveur de nom</label>
<br>
<input id="ns" placeholder="ns1.<?= DOMAIN_EXAMPLE ?>." name="ns" type="text">
<br>
<input value="Valider" type="submit">
</form>
<?php
if (isset($_POST['domain']) AND isset($_POST['action']) AND isset($_POST['ns']) AND isset($_SESSION['username'])) {
antiCSRF();
antiCSRF();
regCheckDomainPossession($_POST['domain']);
checkAbsoluteDomainFormat($_POST['ns']);
regCheckDomainPossession($_POST['domain']);
checkAbsoluteDomainFormat($_POST['ns']);
$action = checkAction($_POST['action']);
$action = checkAction($_POST['action']);
$suffix = regGetUpperDomain($_POST['domain']);
$suffix = regGetUpperDomain($_POST['domain']);
exec(KNOTC_PATH . " zone-begin " . $suffix, $output);
exec(KNOTC_PATH . " zone-" . $action . "set " . $suffix . " " . $_POST['domain'] . " 86400 IN NS " . $_POST['ns'], $output);
exec(KNOTC_PATH . " zone-commit " . $suffix, $output);
foreach ($output as $line) {
if ($line !== "OK") {
$error = true;
}
}
if ($error) {
appendLog($output);
echo "An ERROR occured!";
} else {
echo "Modification effectuée avec succès";
}
exec(KNOTC_PATH . " zone-begin " . $suffix, $output);
exec(KNOTC_PATH . " zone-" . $action . "set " . $suffix . " " . $_POST['domain'] . " 86400 IN NS " . $_POST['ns'], $output);
exec(KNOTC_PATH . " zone-commit " . $suffix, $output);
foreach ($output as $line) {
if ($line !== "OK") {
$error = true;
}
}
if ($error) {
appendLog($output);
echo "An ERROR occured!";
} else {
echo "Modification effectuée avec succès";
}
}
?>

78
reg/register.php
View file

@ -5,61 +5,61 @@ Ce domaine doit être composé uniquement d'au moins 4 lettres latines non accen
<br>
<br>
<form method="post">
<fieldset>
<legend>Domaine</legend>
<div>
<label for="subdomain">Sous-domaine</label>
<br>
<input id="subdomain" pattern="<?= SUBDOMAIN_REGEX ?>" required="" placeholder="niver" name="subdomain" type="text">
</div>
<div>
<label for="suffix">Suffixe</label>
<br>
<select required="" id="suffix" name="suffix">
<option selected="" value="<?= REGISTRY ?>">.<?= REGISTRY ?></option>
</select>
</div>
</fieldset>
<br>
<input value="Valider" type="submit">
<fieldset>
<legend>Domaine</legend>
<div>
<label for="subdomain">Sous-domaine</label>
<br>
<input id="subdomain" pattern="<?= SUBDOMAIN_REGEX ?>" required="" placeholder="niver" name="subdomain" type="text">
</div>
<div>
<label for="suffix">Suffixe</label>
<br>
<select required="" id="suffix" name="suffix">
<option selected="" value="<?= REGISTRY ?>">.<?= REGISTRY ?></option>
</select>
</div>
</fieldset>
<br>
<input value="Valider" type="submit">
</form>
<?php
if (isset($_POST['subdomain']) AND isset($_POST['suffix']) AND isset($_SESSION['username'])) {
antiCSRF();
antiCSRF();
if (preg_match("/" . SUBDOMAIN_REGEX . "/", $_POST['subdomain'])) {
if (preg_match("/" . SUBDOMAIN_REGEX . "/", $_POST['subdomain'])) {
if (!in_array($_POST['suffix'], SUFFIXES))
exit("Wrong value for suffix");
if (!in_array($_POST['suffix'], SUFFIXES))
exit("Wrong value for suffix");
$domain = $_POST['subdomain'] . "." . $_POST['suffix'];
$domain = $_POST['subdomain'] . "." . $_POST['suffix'];
checkAbsoluteDomainFormat($domain);
checkAbsoluteDomainFormat($domain);
if (regIsFree($domain)) {
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO registry(domain, username, last_renewal) VALUES(:domain, :username, :last_renewal)");
$username = $_SESSION['username'];
if (regIsFree($domain)) {
$db = new PDO('sqlite:' . DB_PATH);
$stmt = $db->prepare("INSERT INTO registry(domain, username, last_renewal) VALUES(:domain, :username, :last_renewal)");
$username = $_SESSION['username'];
$time = date("Y-m-d H:i:s");
$time = date("Y-m-d H:i:s");
$stmt->bindParam(':domain', $domain);
$stmt->bindParam(':username', $username);
$stmt->bindParam(':last_renewal', $time);
$stmt->bindParam(':domain', $domain);
$stmt->bindParam(':username', $username);
$stmt->bindParam(':last_renewal', $time);
$stmt->execute();
$stmt->execute();
echo "Nouveau domaine enregistré";
echo "Nouveau domaine enregistré";
} else {
echo "Le domaine " . $domain . " n'est pas disponible à l'enregistrement. Il est réservé ou déjà enregistré.";
}
} else {
echo "Erreur : Le nom de domaine doit être composé uniquement d'entre 4 et 63 lettres minuscules (a-z)";
}
} else {
echo "Le domaine " . $domain . " n'est pas disponible à l'enregistrement. Il est réservé ou déjà enregistré.";
}
} else {
echo "Erreur : Le nom de domaine doit être composé uniquement d'entre 4 et 63 lettres minuscules (a-z)";
}
}
?>

106
top.inc.php
View file

@ -1,6 +1,6 @@
<?php
if (strpos($_SERVER['PHP_SELF'], "inc.php") !== false)
exit("This file is meant to be included.");
exit("This file is meant to be included.");
require "inc/const.inc.php";
// Functions usefull everywhere
@ -16,32 +16,32 @@ require "inc/pages.inc.php";
// Session initialisation (with cookies)
if (
isset($_COOKIE['niver']) // Resume session
OR
(SERVICE === "auth" // Create new session
AND PAGE === "login"
AND isset($_POST['username']))
) {
session_start([
'name' => 'niver',
'sid_length' => 64,
'sid_bits_per_character' => 6,
'cookie_secure' => true,
'cookie_httponly' => true,
'cookie_samesite' => 'Strict',
'cookie_path' => PREFIX . '/',
'cookie_lifetime' => 432000, // = 60*60*24*5 = 5 days
'gc_maxlifetime' => 10800,
'use_strict_mode' => true,
'use_cookies' => true,
'use_only_cookies' => true,
]);
isset($_COOKIE['niver']) // Resume session
OR
(SERVICE === "auth" // Create new session
AND PAGE === "login"
AND isset($_POST['username']))
) {
session_start([
'name' => 'niver',
'sid_length' => 64,
'sid_bits_per_character' => 6,
'cookie_secure' => true,
'cookie_httponly' => true,
'cookie_samesite' => 'Strict',
'cookie_path' => PREFIX . '/',
'cookie_lifetime' => 432000, // = 60*60*24*5 = 5 days
'gc_maxlifetime' => 10800,
'use_strict_mode' => true,
'use_cookies' => true,
'use_only_cookies' => true,
]);
}
// Remove .php from URL (if any)
if (substr($_SERVER['REQUEST_URI'], -4) == ".php") {
header("Location: " . PREFIX . "/" . SERVICE . "/" . PAGE, true, 301); // 301 Moved Permanently
exit;
header("Location: " . PREFIX . "/" . SERVICE . "/" . PAGE, true, 301); // 301 Moved Permanently
exit;
}
// Less > CSS compilation
@ -56,47 +56,47 @@ $relativeLessFiles = array_flip($relativeLessFiles);
// Change relative paths into absolute paths
foreach ($relativeLessFiles as $relativeLessFile => $nothing) {
$absoluteLessFiles[ROOT_PATH . "/less/" . $relativeLessFile] = "";
$absoluteLessFiles[ROOT_PATH . "/less/" . $relativeLessFile] = "";
}
// Generate one minified CSS file into css/ from sources in less/
$options = array(
'cache_dir' => ROOT_PATH . '/css/',
'compress' => true
'cache_dir' => ROOT_PATH . '/css/',
'compress' => true
);
$cssFileName = Less_Cache::Get($absoluteLessFiles, $options, THEME);
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<meta charset="UTF-8">
<title><?php
if (isset($page['title']) AND $page['title'] != "Accueil")
echo $page['title'] . " · ";
if (isset($page['service'])) {
echo $page['service'] . " · ";
} ?>Niver</title>
<link type="text/css" rel="stylesheet" href="<?= PREFIX ?>/css/<?= $cssFileName ?>">
<meta name="viewport" content="width=device-width, initial-scale=1">
</head>
<head>
<meta charset="UTF-8">
<title><?php
if (isset($page['title']) AND $page['title'] != "Accueil")
echo $page['title'] . " · ";
if (isset($page['service'])) {
echo $page['service'] . " · ";
} ?>Niver</title>
<link type="text/css" rel="stylesheet" href="<?= PREFIX ?>/css/<?= $cssFileName ?>">
<meta name="viewport" content="width=device-width, initial-scale=1">
</head>
<body>
<header>
<body>
<header>
<nav>
<a href="<?= PREFIX ?>/">Niver</a><?php
if (isset($page['service'])) {
echo ' > <a href="./">' . $page['service'] . '</a>';
}
if (PAGE != "index")
echo ' > <a href="' . PAGE . '">' . $page['title'] . "</a>";
?>
</nav>
<nav>
<a href="<?= PREFIX ?>/">Niver</a><?php
if (isset($page['service'])) {
echo ' > <a href="./">' . $page['service'] . '</a>';
}
if (PAGE != "index")
echo ' > <a href="' . PAGE . '">' . $page['title'] . "</a>";
?>
</nav>
<?php if (isset($page['title'])) { ?>
<h1><?= $page['title'] ?></h1>
<?php } ?>
<?php if (isset($page['title'])) { ?>
<h1><?= $page['title'] ?></h1>
<?php } ?>
</header>
<main>
</header>
<main>