# stunnel-lib.pl
# Common functions for accessing inetd or xinetd
BEGIN { push(@INC, ".."); };
use WebminCore;
&init_config();
if ($config{'stunnel_path'} =~ /([^\/]+)$/) {
$stunnel_shortname = $1;
}
$webmin_pem = "$config_directory/miniserv.pem";
if (&foreign_check("inetd")) {
&foreign_require("inetd", "inetd-lib.pl");
$has_inetd = 1;
}
if (&foreign_check("xinetd")) {
&foreign_require("xinetd", "xinetd-lib.pl");
$has_xinetd = 1;
}
# list_stunnels()
# Search the inetd and xinetd configurations for stunnel lines
sub list_stunnels
{
local @rv;
if ($has_inetd) {
# List tunnels from inetd.conf
local %portmap;
foreach $s (&foreign_call("inetd", "list_services")) {
$portmap{$s->[1]} = $s;
foreach $a (split(/\s+/, $s->[4])) {
$portmap{$a} = $s;
}
}
foreach $i (&foreign_call("inetd", "list_inets")) {
if ($i->[8] eq $config{'stunnel_path'} ||
$i->[8] eq $stunnel_shortname) {
push(@rv, { 'type' => 'inetd',
'name' => $i->[3],
'port' => $portmap{$i->[3]}->[2],
'user' => $i->[7],
'active' => $i->[1],
'command' => $i->[8],
'args' => $i->[9],
'index' => scalar(@rv),
'file' => $i->[10],
'line' => $i->[0] });
}
}
}
if ($has_xinetd) {
# List tunnels from xinetd.conf
foreach $x (&foreign_call("xinetd", "get_xinetd_config")) {
next if ($x->{'name'} ne 'service');
local $q = $x->{'quick'};
if ($q->{'server'}->[0] eq $config{'stunnel_path'} ||
$q->{'server'}->[0] eq $stunnel_shortname) {
push(@rv, { 'type' => 'xinetd',
'name' => $x->{'value'},
'port' => &xinet_port($x),
'active' => $q->{'disable'}->[0] ne 'yes',
'command' => $q->{'server'}->[0],
'args' => join(" ", $q->{'server'}->[0],
@{$q->{'server_args'}}),
'index' => scalar(@rv),
'file' => $x->{'file'},
'xindex' => $x->{'index'} } );
}
}
}
return @rv;
}
# create_tunnel(&tunnel)
sub create_stunnel
{
local ($pclash, $nclash);
if ($has_xinetd) {
# Check for xinet clash
foreach $x (&foreign_call("xinetd", "get_xinetd_config")) {
next if ($x->{'name'} ne 'service');
local $q = $x->{'quick'};
&error(&text('save_exinetd', $_[0]->{'name'}))
if ($x->{'value'} eq $_[0]->{'name'});
&error(&text('save_export', $_[0]->{'port'}, $x->{'value'}))
if (&xinet_port($x) == $_[0]->{'port'});
}
}
if ($has_inetd) {
# Check if there is already a service for the port or with the name
($pclash, $nclash) = &find_clashes($_[0]->{'name'}, $_[0]->{'port'});
if (!$pclash && $nclash) {
# The name is taken, but on a different port
&error(&text('save_enclash', $nclash->[2], $nclash->[1]));
}
local $iname = $pclash ? $pclash->[1] : $_[0]->{'name'};
# Check if there is an inetd entry on the name
foreach $i (&foreign_call("inetd", "list_inets")) {
&error(&text('save_einetd', $iname))
if ($i->[3] eq $iname);
}
}
local $addto = $_[0]->{'type'} ? $_[0]->{'type'} :
$has_xinetd ? "xinetd" : "inetd";
if ($addto eq 'xinetd') {
# Just add to xinetd.conf with a custom name and port
local $xinet = { 'name' => 'service',
'values' => [ $_[0]->{'name'} ] };
&foreign_call("xinetd", "set_member_value", $xinet, "port",
$_[0]->{'port'});
&foreign_call("xinetd", "set_member_value", $xinet, "socket_type",
"stream");
&foreign_call("xinetd", "set_member_value", $xinet, "protocol",
"tcp");
&foreign_call("xinetd", "set_member_value", $xinet, "user",
"root");
&foreign_call("xinetd", "set_member_value", $xinet, "wait",
"no");
&foreign_call("xinetd", "set_member_value", $xinet, "disable",
$_[0]->{'active'} ? "no" : "yes");
&foreign_call("xinetd", "set_member_value", $xinet, "type",
"UNLISTED");
&foreign_call("xinetd", "set_member_value", $xinet, "server",
$_[0]->{'command'});
local $args = $_[0]->{'args'};
$args =~ s/^\S+\s+//;
&foreign_call("xinetd", "set_member_value", $xinet, "server_args",
$args);
&foreign_call("xinetd", "create_xinet", $xinet);
}
elsif ($addto eq 'inetd') {
if ($pclash) {
# Use existing /etc/services entry
$_[0]->{'name'} = $pclash->[1];
}
else {
# Create /etc/services entry
&foreign_call("inetd", "create_service", $_[0]->{'name'},
$_[0]->{'port'}, "tcp", undef);
}
# Create inetd.conf entry
&foreign_call("inetd", "create_inet", $_[0]->{'active'},
$_[0]->{'name'}, "stream", "tcp", "nowait", "root",
$_[0]->{'command'}, $_[0]->{'args'});
}
}
# delete_stunnel(&tunnel)
sub delete_stunnel
{
if ($_[0]->{'type'} eq 'inetd') {
# Delete from inetd.conf
&foreign_call("inetd", "delete_inet", $_[0]->{'line'}, $_[0]->{'file'});
if ($_[0]->{'port'} >= 1024) {
# Delete the /etc/services entry as well
local ($oserv) = &find_clashes($_[0]->{'name'},
$_[0]->{'port'});
&foreign_call("inetd", "delete_service", $oserv->[0]);
}
}
elsif ($_[0]->{'type'} eq 'xinetd') {
# Delete from xinetd
local @xinets = &foreign_call("xinetd", "get_xinetd_config");
local $xinet = $xinets[$_[0]->{'xindex'}];
&foreign_call("xinetd", "delete_xinet", $xinet);
}
}
# modify_stunnel(&oldtunnel, &newtunnel)
sub modify_stunnel
{
if ($_[0]->{'type'} eq 'inetd') {
# Check if the name or port has changed
local ($pclash, $nclash) =
&find_clashes($_[1]->{'name'}, $_[1]->{'port'});
local ($oserv) = &find_clashes($_[0]->{'name'}, $_[0]->{'port'});
if ($_[0]->{'name'} ne $_[1]->{'name'}) {
# The name has changed
if ($nclash) {
&error(&text('save_enclash', $nclash->[2],
$_[1]->{'name'}));
}
}
if ($_[0]->{'port'} != $_[1]->{'port'}) {
# The port has changed ..
if ($pclash) {
&error(&text('save_epclash', $_[1]->{'port'},
$pclash->[1]));
}
}
&foreign_call("inetd", "modify_service", $oserv->[0],
$_[1]->{'name'}, $_[1]->{'port'}, $oserv->[3],
$oserv->[4]);
# Update inetd.conf
local @inets = &foreign_call("inetd", "list_inets");
local ($oi) = grep { $_->[0] eq $_[0]->{'line'} &&
$_->[10] eq $_[0]->{'file'} } @inets;
&foreign_call("inetd", "modify_inet", $oi->[0],
$_[1]->{'active'}, $_[1]->{'name'}, $oi->[4],
$oi->[5], $oi->[6], $oi->[7], $oi->[8],
$_[1]->{'args'}, $oi->[10]);
}
elsif ($_[0]->{'type'} eq 'xinetd') {
# Get the old xinetd config
local @xinets = &foreign_call("xinetd", "get_xinetd_config");
local $xinet = $xinets[$_[0]->{'xindex'}];
# Check for name clash
if ($_[0]->{'name'} ne $_[1]->{'name'}) {
foreach $x (@xinets) {
next if ($x->{'name'} ne 'service');
&error(&text('save_exinetd', $_[1]->{'name'}))
if ($x->{'value'} eq $_[1]->{'name'});
}
}
# Check for port clash
if ($_[0]->{'port'} != $_[1]->{'port'}) {
foreach $x (@xinets) {
next if ($x->{'name'} ne 'service');
&error(&text('save_export', $_[1]->{'port'},
$x->{'value'}))
if (&xinet_port($x) == $_[1]->{'port'});
}
}
# If name or port has changed, convert to an UNLISTED service
if ($_[0]->{'name'} ne $_[1]->{'name'} ||
$_[0]->{'port'} != $_[1]->{'port'}) {
$xinet->{'values'} = [ $_[1]->{'name'} ];
&foreign_call("xinetd", "set_member_value", $xinet, "port",
$_[1]->{'port'});
&foreign_call("xinetd", "set_member_value", $xinet, "type",
"UNLISTED");
}
&foreign_call("xinetd", "set_member_value", $xinet, "disable",
$_[1]->{'active'} ? "no" : "yes");
&foreign_call("xinetd", "set_member_value", $xinet, "server",
$_[1]->{'command'});
local $args = $_[1]->{'args'};
$args =~ s/^\S+\s+//;
&foreign_call("xinetd", "set_member_value", $xinet, "server_args",
$args);
&foreign_call("xinetd", "modify_xinet", $xinet);
}
}
# find_clashes(name, port)
sub find_clashes
{
local ($pclash, $nclash);
foreach $s (&foreign_call("inetd", "list_services")) {
local @aliases = split(/\s+/, $s->[4]);
$pclash = $s if ($s->[2] == $_[1]);
$nclash = $s if ($s->[1] eq $_[0] || &indexof($_[0], @aliases) >= 0);
}
return ($pclash, $nclash);
}
# xinet_port(&xinet)
sub xinet_port
{
local $q = $_[0]->{'quick'};
local $p = $q->{'port'};
return $p->[0] if ($p);
local @s = getservbyname($_[0]->{'value'}, $q->{'protocol'}->[0]);
return $s[2];
}
# lock_create_file()
# Lock the file to which new tunnels will be added
sub lock_create_file
{
if ($has_xinetd) {
local %iconfig = &foreign_config("xinetd");
&lock_file($iconfig{'xinetd_conf'});
}
elsif ($has_inetd) {
local %iconfig = &foreign_config("inetd");
&lock_file($iconfig{'inetd_conf_file'});
}
}
# get_stunnel_version(&out)
sub get_stunnel_version
{
local $out = `$config{'stunnel_path'} -V 2>&1`;
if ($?) {
$out = `$config{'stunnel_path'} -version 2>&1`;
}
${$_[0]} = $out;
return $out =~ /stunnel\s+(\S+)/ ? $1 : undef;
}
# get_stunnel_config(file)
# Returns an array of stunnel configuration sections, each of which is a hash
# reference containing the actual settings
sub get_stunnel_config
{
local (@rv, $service);
push(@rv, $service = { 'line' => 0, 'eline' => 0, 'values' => { } });
local $lnum = 0;
open(CONF, "<".$_[0]);
while(<CONF>) {
s/\r|\n//g;
s/^\s*#.*$//;
if (/^\s*\[(.*)\]/) {
push(@rv, $service = { 'name' => $1,
'line' => $lnum,
'eline' => $lnum,
'values' => { } });
}
elsif (/^\s*(\S+)\s*=\s*(.*)/) {
$service->{'eline'} = $lnum;
$service->{'values'}->{lc($1)} = $2;
}
$lnum++;
}
close(CONF);
return @rv;
}
# create_stunnel_service(&service, file)
# Creates a service in an stunnel config file
sub create_stunnel_service
{
local $lref = &read_file_lines($_[1]);
push(@$lref, &stunnel_lines($_[0]));
&flush_file_lines();
}
# modify_stunnel_service(&service, file)
# Modifies an existing service in an stunnel config file
sub modify_stunnel_service
{
local $lref = &read_file_lines($_[1]);
splice(@$lref, $_[0]->{'line'}, $_[0]->{'eline'} - $_[0]->{'line'} + 1,
&stunnel_lines($_[0]));
&flush_file_lines();
}
# stunnel_lines(&service)
sub stunnel_lines
{
local @rv;
push(@rv, "[$_[0]->{'name'}]") if ($_[0]->{'name'});
foreach $k (keys %{$_[0]->{'values'}}) {
push(@rv, $k."=".$_[0]->{'values'}->{$k});
}
return @rv;
}
# apply_configuration()
# Apply the inetd and/or xinetd configuration
sub apply_configuration
{
if ($has_inetd) {
local %iconfig = &foreign_config("inetd");
&system_logged("$iconfig{'restart_command'} >/dev/null 2>&1 </dev/null");
}
if ($has_xinetd) {
local %xconfig = &foreign_config("xinetd");
local $pid;
if (open(PID, "<".$xconfig{'pid_file'})) {
chop($pid = <PID>);
close(PID);
kill('USR2', $pid);
}
}
return undef;
}
1;
| Name | Type | Size | Permission | Actions |
|---|---|---|---|---|
| help | Folder | 0755 |
|
|
| images | Folder | 0755 |
|
|
| lang | Folder | 0755 |
|
|
| CHANGELOG | File | 99 B | 0644 |
|
| apply.cgi | File | 187 B | 0755 |
|
| backup_config.pl | File | 1.09 KB | 0755 |
|
| config | File | 37 B | 0644 |
|
| config-coherent-linux | File | 31 B | 0644 |
|
| config-debian-linux | File | 31 B | 0644 |
|
| config-gentoo-linux | File | 31 B | 0644 |
|
| config-mandrake-linux | File | 31 B | 0644 |
|
| config-openSUSE-Linux-15.0-ALL | File | 31 B | 0644 |
|
| config-openmamba-linux | File | 31 B | 0644 |
|
| config-redhat-linux | File | 31 B | 0644 |
|
| config-redhat-linux-14-ALL | File | 30 B | 0644 |
|
| config-redhat-linux-18.0-ALL | File | 30 B | 0644 |
|
| config-suse-linux-8.2-ALL | File | 31 B | 0644 |
|
| config-syno-linux | File | 37 B | 0644 |
|
| config-trustix-linux | File | 31 B | 0644 |
|
| config-united-linux | File | 31 B | 0644 |
|
| config.info | File | 121 B | 0644 |
|
| config.info.ca | File | 139 B | 0644 |
|
| config.info.cs | File | 76 B | 0644 |
|
| config.info.de | File | 132 B | 0644 |
|
| config.info.es | File | 152 B | 0644 |
|
| config.info.fr | File | 140 B | 0644 |
|
| config.info.ms | File | 127 B | 0644 |
|
| config.info.nl | File | 125 B | 0644 |
|
| config.info.no | File | 119 B | 0644 |
|
| config.info.ru | File | 191 B | 0644 |
|
| config.info.uk | File | 216 B | 0644 |
|
| delete_tunnels.cgi | File | 651 B | 0755 |
|
| edit_stunnel.cgi | File | 5.68 KB | 0755 |
|
| feedback_files.pl | File | 205 B | 0755 |
|
| index.cgi | File | 3.95 KB | 0755 |
|
| install_check.pl | File | 378 B | 0755 |
|
| log_parser.pl | File | 536 B | 0755 |
|
| module.info | File | 188 B | 0644 |
|
| module.info.af | File | 0 B | 0644 |
|
| module.info.af.auto | File | 169 B | 0644 |
|
| module.info.ar | File | 0 B | 0644 |
|
| module.info.ar.auto | File | 179 B | 0644 |
|
| module.info.be | File | 0 B | 0644 |
|
| module.info.be.auto | File | 247 B | 0644 |
|
| module.info.bg | File | 0 B | 0644 |
|
| module.info.bg.auto | File | 210 B | 0644 |
|
| module.info.ca | File | 139 B | 0644 |
|
| module.info.ca.auto | File | 18 B | 0644 |
|
| module.info.cs | File | 19 B | 0644 |
|
| module.info.cs.auto | File | 137 B | 0644 |
|
| module.info.da | File | 0 B | 0644 |
|
| module.info.da.auto | File | 163 B | 0644 |
|
| module.info.de | File | 100 B | 0644 |
|
| module.info.de.auto | File | 15 B | 0644 |
|
| module.info.el | File | 0 B | 0644 |
|
| module.info.el.auto | File | 299 B | 0644 |
|
| module.info.es | File | 21 B | 0644 |
|
| module.info.es.auto | File | 130 B | 0644 |
|
| module.info.eu | File | 0 B | 0644 |
|
| module.info.eu.auto | File | 163 B | 0644 |
|
| module.info.fa | File | 0 B | 0644 |
|
| module.info.fa.auto | File | 227 B | 0644 |
|
| module.info.fi | File | 0 B | 0644 |
|
| module.info.fi.auto | File | 165 B | 0644 |
|
| module.info.fr | File | 20 B | 0644 |
|
| module.info.fr.auto | File | 154 B | 0644 |
|
| module.info.he | File | 0 B | 0644 |
|
| module.info.he.auto | File | 182 B | 0644 |
|
| module.info.hr | File | 0 B | 0644 |
|
| module.info.hr.auto | File | 138 B | 0644 |
|
| module.info.hu | File | 0 B | 0644 |
|
| module.info.hu.auto | File | 224 B | 0644 |
|
| module.info.it | File | 0 B | 0644 |
|
| module.info.it.auto | File | 154 B | 0644 |
|
| module.info.ja | File | 161 B | 0644 |
|
| module.info.ja.auto | File | 21 B | 0644 |
|
| module.info.ko | File | 0 B | 0644 |
|
| module.info.ko.auto | File | 189 B | 0644 |
|
| module.info.lt | File | 0 B | 0644 |
|
| module.info.lt.auto | File | 189 B | 0644 |
|
| module.info.lv | File | 0 B | 0644 |
|
| module.info.lv.auto | File | 168 B | 0644 |
|
| module.info.ms | File | 150 B | 0644 |
|
| module.info.ms.auto | File | 16 B | 0644 |
|
| module.info.mt | File | 0 B | 0644 |
|
| module.info.mt.auto | File | 140 B | 0644 |
|
| module.info.nl | File | 20 B | 0644 |
|
| module.info.nl.auto | File | 130 B | 0644 |
|
| module.info.no | File | 22 B | 0644 |
|
| module.info.no.auto | File | 135 B | 0644 |
|
| module.info.pl | File | 0 B | 0644 |
|
| module.info.pl.auto | File | 156 B | 0644 |
|
| module.info.pt | File | 0 B | 0644 |
|
| module.info.pt.auto | File | 151 B | 0644 |
|
| module.info.pt_BR | File | 0 B | 0644 |
|
| module.info.pt_BR.auto | File | 160 B | 0644 |
|
| module.info.ro | File | 0 B | 0644 |
|
| module.info.ro.auto | File | 158 B | 0644 |
|
| module.info.ru | File | 27 B | 0644 |
|
| module.info.ru.auto | File | 201 B | 0644 |
|
| module.info.sk | File | 0 B | 0644 |
|
| module.info.sk.auto | File | 171 B | 0644 |
|
| module.info.sl | File | 0 B | 0644 |
|
| module.info.sl.auto | File | 147 B | 0644 |
|
| module.info.sv | File | 0 B | 0644 |
|
| module.info.sv.auto | File | 161 B | 0644 |
|
| module.info.th | File | 0 B | 0644 |
|
| module.info.th.auto | File | 219 B | 0644 |
|
| module.info.tr | File | 0 B | 0644 |
|
| module.info.tr.auto | File | 183 B | 0644 |
|
| module.info.uk | File | 0 B | 0644 |
|
| module.info.uk.auto | File | 238 B | 0644 |
|
| module.info.ur | File | 0 B | 0644 |
|
| module.info.ur.auto | File | 256 B | 0644 |
|
| module.info.vi | File | 0 B | 0644 |
|
| module.info.vi.auto | File | 181 B | 0644 |
|
| module.info.zh | File | 0 B | 0644 |
|
| module.info.zh.auto | File | 134 B | 0644 |
|
| module.info.zh_TW | File | 0 B | 0644 |
|
| module.info.zh_TW.auto | File | 143 B | 0644 |
|
| save_stunnel.cgi | File | 4.72 KB | 0755 |
|
| stunnel-lib.pl | File | 10.31 KB | 0755 |
|