Add HTTPS config module for webif, update everything to use FileUtil class, minor fixes

15 files changed, 167 insertions, 40 deletions

diff --git a/lang/de/templates/https/_page.json b/lang/de/templates/https/_page.json
new file mode 100644
index 00000000..7e8c6020
--- /dev/null
+++ b/lang/de/templates/https/_page.json
@@ -0,0 +1,11 @@
+{
+    "lang_caChain": "Optional k\u00f6nnen Sie hier die zum Zertifikat geh\u00f6rende Zertifikatkette (CA-Chain) einf\u00fcgen. Dies wird ben\u00f6tigt, wenn das Zertifikat nicht direkt von einer der in Browsern mitgeliferten CAs signiert wurde. Die Datei enth\u00e4lt ein oder meherere Zertifikatsbl\u00f6cke, im gleichen Format wie das oben gezeigte Zertifikat.",
+    "lang_certificate": "Bitte f\u00fcgen Sie hier das Zertifikat ein. Das Zertifikat wird im Base64-codierten x509-Format erwartet (manchmal pem genannt). Es sieht in etwa wie folgt aus:",
+    "lang_customCert": "Eigenes Zertifikat verwenden",
+    "lang_description": "Hier k\u00f6nnen Sie festlegen, ob das Web-Interface auch per HTTPS erreichbar sein soll, und welches Zertifikat daf\u00fcr verwendet werden soll.",
+    "lang_httpsSettings": "HTTPS-Konfiguration",
+    "lang_noHttps": "HTTPS deaktivieren",
+    "lang_privateKey": "Bitte f\u00fcgen Sie hier den privaten Schl\u00fcssel ein, der zum obigen Zertifikat geh\u00f6rt. Er muss ebenfalls im \u0022pem\u0022-Format vorliegen, und sieht wie folgt aus:",
+    "lang_randomCert": "Neues selbstsigniertes Zertifikat generieren",
+    "lang_save": "Speichern"
+}
\ No newline at end of file
diff --git a/lang/de/templates/https/restart.json b/lang/de/templates/https/restart.json
new file mode 100644
index 00000000..e995a251
--- /dev/null
+++ b/lang/de/templates/https/restart.json
@@ -0,0 +1,4 @@
+{
+    "lang_applyingSettings": "Anwenden der Einstellungen",
+    "lang_installAndRestart": "Zertifikat installieren und Webserver neustarten"
+}
\ No newline at end of file
diff --git a/lang/en/templates/https/_page.json b/lang/en/templates/https/_page.json
new file mode 100644
index 00000000..fc1e8e3e
--- /dev/null
+++ b/lang/en/templates/https/_page.json
@@ -0,0 +1,11 @@
+{
+    "lang_caChain": "Here you can paste an optional certificate chain. It should only be required if you have a certificate that was not directly signed by a certificate authority known by the browsers. It should contain one or more certificate blocks, looking just like the certificate above.",
+    "lang_certificate": "Please paste your certificate below. It has to be in base64 encoded x509 format (sometimes called pem). It should look something like this:",
+    "lang_customCert": "Supply own certificate",
+    "lang_description": "Here you can set whether the web interface should be accessible via https. You can chose if you want to use a random self signed certificate, or supply your own.",
+    "lang_httpsSettings": "HTTPS settings",
+    "lang_noHttps": "Disable HTTPS",
+    "lang_privateKey": "Please paste the private key belonging to the certificate here. It has to be in \u0022pem\u0022 format too, which should look like this:",
+    "lang_randomCert": "Geenrate new self-signed certificate",
+    "lang_save": "Save"
+}
\ No newline at end of file
diff --git a/lang/en/templates/https/restart.json b/lang/en/templates/https/restart.json
new file mode 100644
index 00000000..0a7d4aea
--- /dev/null
+++ b/lang/en/templates/https/restart.json
@@ -0,0 +1,4 @@
+{
+    "lang_applyingSettings": "Applying settings",
+    "lang_installAndRestart": "Installing certificate and restarting web server"
+}
\ No newline at end of file
diff --git a/lang/pt/templates/https/_page.json b/lang/pt/templates/https/_page.json
new file mode 100644
index 00000000..c44dc44f
--- /dev/null
+++ b/lang/pt/templates/https/_page.json
@@ -0,0 +1,3 @@
+[
+
+]
\ No newline at end of file
diff --git a/lang/pt/templates/https/restart.json b/lang/pt/templates/https/restart.json
new file mode 100644
index 00000000..c44dc44f
--- /dev/null
+++ b/lang/pt/templates/https/restart.json
@@ -0,0 +1,3 @@
+[
+
+]
\ No newline at end of file
diff --git a/modules/backup.inc.php b/modules/backup.inc.php
index ecdc3565..e3652ebe 100644
--- a/modules/backup.inc.php
+++ b/modules/backup.inc.php
@@ -84,7 +84,7 @@ class Page_Backup extends Page
 			Util::redirect('?do=Backup');
 		}
 		// Got uploaded file, now shut down all the daemons etc.
-		$parent = $this->stopDaemons(null);
+		$parent = Trigger::stopDaemons(null, &$this->templateData);
 		// Unmount store
 		$task = Taskmanager::submit('MountVmStore', array(
 				'address' => 'null',
@@ -116,36 +116,4 @@ class Page_Backup extends Page
 			$this->templateData['rebootid'] = $task['id'];
 	}
 
-	private function stopDaemons($parent)
-	{
-		$task = Taskmanager::submit('SyncdaemonLauncher', array(
-				'operation' => 'stop',
-				'parentTask' => $parent,
-				'failOnParentFail' => false
-		));
-		if (isset($task['id'])) {
-			$this->templateData['syncid'] = $task['id'];
-			$parent = $task['id'];
-		}
-		$task = Taskmanager::submit('DozmodLauncher', array(
-				'operation' => 'stop',
-				'parentTask' => $parent,
-				'failOnParentFail' => false
-		));
-		if (isset($task['id'])) {
-			$this->templateData['dmsdid'] = $task['id'];
-			$parent = $task['id'];
-		}
-		$task = Taskmanager::submit('LdadpLauncher', array(
-				'ids' => array(),
-				'parentTask' => $parent,
-				'failOnParentFail' => false
-		));
-		if (isset($task['id'])) {
-			$this->templateData['ldadpid'] = $task['id'];
-			$parent = $task['id'];
-		}
-		return $parent;
-	}
-
 }
diff --git a/modules/https.inc.php b/modules/https.inc.php
new file mode 100644
index 00000000..c4ee0288
--- /dev/null
+++ b/modules/https.inc.php
@@ -0,0 +1,60 @@
+<?php
+
+class Page_Https extends Page
+{
+
+	protected function doPreprocess()
+	{
+		User::load();
+		if (!User::hasPermission('superadmin')) {
+			Message::addError('no-permission');
+			Util::redirect('?do=Main');
+		}
+		$task = false;
+		switch (Request::post('mode')) {
+		case 'off':
+			$task = $this->setOff();
+			break;
+		case 'random':
+			$task = $this->setRandom();
+			break;
+		case 'custom':
+			$task = $this->setCustom();
+			break;
+		}
+		if (isset($task['id'])) {
+			Session::set('https-id', $task['id']);
+			Util::redirect('?do=Https&show=update');
+		}
+	}
+
+	protected function doRender()
+	{
+		if (Request::get('show') === 'update') {
+			Render::addTemplate('https/restart', array('taskid' => Session::get('https-id')));
+		}
+		Render::addTemplate('https/_page');
+	}
+	
+	private function setOff()
+	{
+		return Taskmanager::submit('LighttpdHttps', array());
+	}
+	
+	private function setRandom()
+	{
+		return Taskmanager::submit('LighttpdHttps', array(
+			'proxyip' => Property::getServerIp()
+		));
+	}
+	
+	private function setCustom()
+	{
+		return Taskmanager::submit('LighttpdHttps', array(
+			'importcert'  => Request::post('certificate', 'bla'),
+			'importkey'   => Request::post('privatekey', 'bla'),
+			'importchain' => Request::post('cachain', '')
+		));
+	}
+
+}
diff --git a/modules/internetaccess.inc.php b/modules/internetaccess.inc.php
index a292926c..c142285d 100644
--- a/modules/internetaccess.inc.php
+++ b/modules/internetaccess.inc.php
@@ -22,9 +22,9 @@ class Page_InternetAccess extends Page
 				Message::addSuccess('settings-updated');
 				Taskmanager::release(Taskmanager::submit('ReloadProxy'));
 				$taskids = array();
-				Trigger::stopDaemons(NULL, &$taskids);
+				Trigger::stopDaemons(NULL, $taskids);
 				$taskids = array();
-				Trigger::startDaemons(NULL, &$taskids);
+				Trigger::startDaemons(NULL, $taskids);
 				Session::set('ia-restart', $taskids);
 				Util::redirect('?do=InternetAccess&show=update');
 			}
diff --git a/modules/minilinux.inc.php b/modules/minilinux.inc.php
index df2a0839..5027c1b7 100644
--- a/modules/minilinux.inc.php
+++ b/modules/minilinux.inc.php
@@ -65,11 +65,13 @@ class Page_MiniLinux extends Page
 				return;
 			}
 			$file = false;
+			$gpg = false;
 			foreach ($data['systems'] as &$system) {
 				if ($system['id'] !== $id) continue;
 				foreach ($system['files'] as &$f) {
 					if ($f['name'] !== $name) continue;
 					$file = $f;
+					if (isset($f['gpg'])) $gpg = $f['gpg'];
 					break;
 				}
 			}
@@ -79,7 +81,8 @@ class Page_MiniLinux extends Page
 			}
 			$task = Taskmanager::submit('DownloadFile', array(
 				'url' => CONFIG_REMOTE_ML . '/' . $id . '/' . $name,
-				'destination' => CONFIG_HTTP_DIR . '/' . $id . '/' . $name
+				'destination' => CONFIG_HTTP_DIR . '/' . $id . '/' . $name,
+				'gpg' => $gpg
 			));
 			if (!isset($task['id'])) {
 				echo 'Error launching download task: ' . $task['statusCode'];
diff --git a/modules/sysconfig/addmodule_branding.inc.php b/modules/sysconfig/addmodule_branding.inc.php
index a6080d06..9612bedb 100644
--- a/modules/sysconfig/addmodule_branding.inc.php
+++ b/modules/sysconfig/addmodule_branding.inc.php
@@ -105,7 +105,7 @@ class Branding_ProcessFile extends AddModule_Base
 				Message::addError('remote-timeout', $url, $code);
 				return false;
 			}
-			$content = Util::readFile($svgName, 25000);
+			$content = FileUtil::readFile($svgName, 25000);
 			// Is svg file?
 			if (strpos($content, '<svg') !== false)
 				return true; // Found an svg tag - don't try to find links to the actual image
diff --git a/templates/backup/restore.html b/templates/backup/restore.html
index da5a9bce..3e29dbdc 100644
--- a/templates/backup/restore.html
+++ b/templates/backup/restore.html
@@ -9,7 +9,7 @@
 			<div data-tm-id="{{restoreid}}" data-tm-log="messages" data-tm-callback="restoreCb">{{lang_restoreConfig}}</div>
 			<div data-tm-id="{{rebootid}}" data-tm-log="messages">{{lang_reboot}}</div>
 		</div>
-		<div id="restorefailed" style="display:none">
+		<div id="restorefailed" class="alert alert-danger" style="display:none">
 			{{lang_restoreFailed}}
 		</div>
 	</div>
diff --git a/templates/https/_page.html b/templates/https/_page.html
new file mode 100644
index 00000000..bf791526
--- /dev/null
+++ b/templates/https/_page.html
@@ -0,0 +1,54 @@
+<h1>{{lang_httpsSettings}}</h1>
+
+<form action="?do=Https" method="post">
+	<input type="hidden" name="token" value="{{token}}">
+	<div class="panel panel-default">
+		<div class="panel-heading">{{lang_httpsSettings}}</div>
+		<div class="panel-body">
+			<p>{{lang_description}}</p>
+			<div class="input-group" onclick="$('#moff').prop('checked', true)">
+				<span class="input-group-addon"><input id="moff" type="radio" name="mode" value="off"></span>
+				<span class="form-control">
+					{{lang_noHttps}}
+				</span>
+			</div>
+			<div class="input-group" onclick="$('#mrandom').prop('checked', true)">
+				<span class="input-group-addon"><input id="mrandom" type="radio" name="mode" value="random"></span>
+				<span class="form-control">
+					{{lang_randomCert}}
+				</span>
+			</div>
+			<div class="input-group" onclick="$('#mcustom').prop('checked', true);
+					$('#wcustom').show()">
+				<span class="input-group-addon"><input id="mcustom" type="radio" name="mode" value="custom"></span>
+				<span class="form-control">
+					{{lang_customCert}}
+				</span>
+			</div>
+			<div class="well well-sm" style="display:none" id="wcustom">
+				{{lang_certificate}}
+				<pre class="small">
+-----BEGIN CERTIFICATE-----
+MIIFfTCCA...
+.....
+-----END CERTIFICATE-----</pre>
+				<textarea name="certificate" class="form-control small" cols="101" rows="10"></textarea>
+				<hr>
+				{{lang_privateKey}}
+				<pre class="small">
+-----BEGIN PRIVATE KEY-----
+MIIFfTCCA...
+.....
+-----END PRIVATE KEY-----</pre>
+				<textarea name="privatekey" class="form-control small" cols="101" rows="10"></textarea>
+				<hr>
+				{{lang_caChain}}
+				<textarea name="cachain" class="form-control small" cols="101" rows="10"></textarea>
+				<hr>
+			</div>
+			<div class="pull-right">
+				<button type="submit" class="btn btn-primary">{{lang_save}}</button>
+			</div>
+		</div>
+	</div>
+</form>
diff --git a/templates/https/restart.html b/templates/https/restart.html
new file mode 100644
index 00000000..cc84aafb
--- /dev/null
+++ b/templates/https/restart.html
@@ -0,0 +1,6 @@
+<div class="panel panel-default">
+	<div class="panel-heading">{{lang_applyingSettings}}</div>
+	<div class="panel-body">
+		<div data-tm-id="{{taskid}}" data-tm-log="error">{{lang_installAndRestart}}</div>
+	</div>
+</div>
diff --git a/templates/page-login.html b/templates/page-login.html
index 556c162a..247e9a55 100644
--- a/templates/page-login.html
+++ b/templates/page-login.html
@@ -2,9 +2,9 @@
 	<h2 class="form-signin-heading">{{lang_enter}}</h2>
 	<input type="text" name="user" class="form-control" placeholder="{{lang_username}}" autofocus>
 	<input type="password" name="pass" class="form-control" placeholder="{{lang_password}}">
-	<label class="checkbox">
+	<!--label class="checkbox">
 		<input type="checkbox" name="remember" value="remember-me"> {{lang_rememberID}}
-	</label>
+	</label-->
 	<button class="btn btn-lg btn-primary btn-block" type="submit">{{lang_login}}</button>
 	<a class="btn btn-lg btn-primary btn-block" href="?do=AddUser">{{lang_register}}</a>
 	<input type="hidden" name="action" value="login">