Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

admin/mnet/index: Allow admins to expire an SSL key

Author: Donal McMullan <donal@catalyst.net.nz>
  • Loading branch information...
commit a9308edef365302183787a5a594307a971d56c25 1 parent 0947d69
martinlanghoff authored
Showing with 69 additions and 5 deletions.
  1. +23 −0 admin/mnet/index.html
  2. +46 −5 admin/mnet/index.php
View
23 admin/mnet/index.html
@@ -27,6 +27,29 @@
</tr>
</table>
</form>
+<form method="post" action="index.php">
+ <table align="center" width="635" class="generalbox" border="0" cellpadding="5" cellspacing="0">
+ <tr>
+ <td class="generalboxcontent">
+ <table cellpadding="9" cellspacing="0" >
+ <tr valign="top">
+ <td colspan="2" class="header" cellpadding="0"><span><?php print_string('expireyourkey', 'mnet'); ?></span></td>
+ </tr>
+ <tr valign="top">
+ <td colspan="2" cellpadding="0"><span><?php print_string('expireyourkeyexplain', 'mnet'); ?></span></td>
+ </tr>
+ <tr valign="top">
+ <td align="left" width="10" nowrap><?php print_string('expireyourkey', 'mnet'); ?></td>
+ <td align="left"><input type="hidden" name="sesskey" value="<?php echo $USER->sesskey ?>" />
+ <input type="hidden" name="deleteKey" value="" />
+ <input type="submit" name="submit" value="<?php print_string('delete'); ?>" />
+ </td>
+ </tr>
+ </table>
+ </td>
+ </tr>
+ </table>
+</form>
</center>
<?php
admin_externalpage_print_footer($adminroot);
View
51 admin/mnet/index.php
@@ -26,12 +26,53 @@
/// If data submitted, process and store
if (($form = data_submitted()) && confirm_sesskey()) {
- if (in_array($form->mode, array("off", "strict", "promiscuous"))) {
- if (set_config('mnet_dispatcher_mode', $form->mode)) {
- redirect('index.php', get_string('changessaved'));
- } else {
- error('Invalid action parameter.', 'index.php');
+ if (!empty($form->submit) && $form->submit == get_string('savechanges')) {
+ if (in_array($form->mode, array("off", "strict", "promiscuous"))) {
+ if (set_config('mnet_dispatcher_mode', $form->mode)) {
+ redirect('index.php', get_string('changessaved'));
+ } else {
+ error('Invalid action parameter.', 'index.php');
+ }
}
+ } elseif (!empty($form->submit) && $form->submit == get_string('delete')) {
+ $MNET->get_private_key();
+ $_SESSION['mnet_confirm_delete_key'] = md5(sha1($MNET->keypair['keypair_PEM'])).':'.time();
+ notice_yesno(get_string("deletekeycheck", "mnet"),
+ "index.php?sesskey=$USER->sesskey&amp;confirm=".md5($MNET->public_key),
+ "index.php",
+ array('sesskey' => $USER->sesskey),
+ NULL,
+ 'post',
+ 'get');
+ exit;
+ } else {
+ // We're deleting
+
+
+ if (!isset($_SESSION['mnet_confirm_delete_key'])) {
+ // fail - you're being attacked?
+ }
+
+ $key = '';
+ $time = '';
+ @list($key, $time) = explode(':',$_SESSION['mnet_confirm_delete_key']);
+ $MNET->get_private_key();
+
+ if($time < time() - 60) {
+ // fail - you're out of time.
+ print_error ('deleteoutoftime', 'mnet', 'index.php');
+ exit;
+ }
+
+ if ($key != md5(sha1($MNET->keypair['keypair_PEM']))) {
+ // fail - you're being attacked?
+ print_error ('deletewrongkeyvalue', 'mnet', 'index.php');
+ exit;
+ }
+
+ $MNET->replace_keys();
+ redirect('index.php', get_string('keydeleted','mnet'));
+ exit;
}
}
$hosts = get_records_select('mnet_host', " id != '{$CFG->mnet_localhost_id}' AND deleted = '0' ",'wwwroot ASC' );
Please sign in to comment.
Something went wrong with that request. Please try again.