55 lines
1.9 KiB
Bash
Executable File
55 lines
1.9 KiB
Bash
Executable File
#!/bin/bash
|
|
# FILE: dashboard/ssl
|
|
# DESCRIPTION: Get a user's SSL certs and keys
|
|
# USAGE: ssl remote_ip querystring
|
|
# QUERYSTRING: ?host=$hostname&ext=crt
|
|
|
|
source /etc/wagon/config
|
|
ip="${1}"; qs="$(<<<"${2}" tr '&' '\n' | sed 's/?//')"
|
|
|
|
# Parse querystring
|
|
hostname="$(<<<"${qs}" grep -oP 'host=(.*)' | sed 's/^host=//' | xargs)"
|
|
ext="$(<<<"${qs}" grep -oP 'ext=(.*)' | sed 's/^ext=//' | xargs)"
|
|
|
|
if ! file="${hostname:?}/server.${ext:?}"; then
|
|
printf 'ERROR! Hostname "%s" or extension "%s" missing!\n' "${hostname}" "${ext}" >&2
|
|
printf 'Hostname or extension missing!\n' | /usr/lib/wagon/http_res 400; exit
|
|
else
|
|
printf 'User %s requested SSL file %s\n' "${ip}" "${file}" >&2
|
|
fi
|
|
|
|
# Make sure extension is 'crt' or 'key'
|
|
if [ "${ext}" != 'crt' ] && [ "${ext}" != 'key' ]; then
|
|
printf 'Invalid extension: %s\n' "${ext}" | tee >(cat 1>&2) | /usr/lib/wagon/http_res 400; exit
|
|
fi
|
|
|
|
# Get username
|
|
if ! domain="$(/usr/lib/wagon/ns_lookup_rdns "${ip}")"; then
|
|
printf 'ERROR! Failed to lookup domain from user IP %s\n' "${ip}" | tee >(cat 1>&2) | /usr/lib/wagon/http_res 500
|
|
exit 7
|
|
fi; if ! username="$(<<<"${domain}" cut -d'.' -f2)"; then
|
|
printf 'ERROR! Failed to parse username from domain "%s"\n' "${domain}" >&2
|
|
/usr/lib/wagon/http_res 500; exit
|
|
else
|
|
printf 'User %s is "%s"\n' "${ip}" "${username}" >&2
|
|
fi
|
|
|
|
if ! path="${SSL_CONFIG_DIR:?}/${username:?}/${file}"; then
|
|
printf 'ERROR! Username "%s" or SSL_CONFIG_DIR "%s" missing!\n' "${username}" "${SSL_CONFIG_DIR}" >&2
|
|
/usr/lib/wagon/http_res 500; exit
|
|
fi
|
|
|
|
# Check that the file exists
|
|
if ! [ -f "${path}" ]; then
|
|
printf 'ERROR! File missing: "%s"\n' "${path}" >&2
|
|
/usr/lib/wagon/http_res 500; exit
|
|
fi
|
|
|
|
# Try to return it to the user
|
|
if <"${path}" /usr/lib/wagon/http_res 200; then
|
|
printf 'Sent SSL file "%s" to %s\n' "${path}" "${username}" >&2
|
|
else
|
|
printf 'ERROR! Failed to return file: "%s"\n' "${path}" >&2
|
|
/usr/lib/wagon/http_res 500; exit
|
|
fi
|