upstream/opnsense-plugins
1
0
Fork 0
mirror of https://github.com/opnsense/plugins.git synced 2026-05-28 04:34:15 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

security/acme-client: finish version 1.9 via sync from master

Browse source
This commit is contained in:
Franco Fichtner 2017-08-16 19:01:10 +02:00
parent 9d59ea4c44
commit fbcea7cf64
5 changed files with 222 additions and 86 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
security/acme-client/Makefile
View file

@ -1,6 +1,5 @@
PLUGIN_NAME= acme-client
PLUGIN_VERSION= 1.9
PLUGIN_REVISION= 1
PLUGIN_COMMENT= Let's Encrypt client
PLUGIN_MAINTAINER= opnsense@moov.de
PLUGIN_DEPENDS= acme.sh bind911

216
security/acme-client/src/opnsense/mvc/app/controllers/OPNsense/AcmeClient/forms/dialogValidation.xml
View file

@ -32,7 +32,6 @@
<id>validation.http_service</id>
<label>HTTP Service</label>
<type>dropdown</type>
<help></help>
</field>
<field>
<label>OPNsense Web Service</label>
@ -88,7 +87,6 @@
<id>validation.dns_service</id>
<label>DNS Service</label>
<type>dropdown</type>
<help></help>
</field>
<field>
<id>validation.dns_sleep</id>
@ -105,7 +103,6 @@
<id>validation.dns_ad_key</id>
<label>Key</label>
<type>text</type>
<help></help>
</field>
<field>
<label>aliyun</label>
@ -116,13 +113,11 @@
<id>validation.dns_ali_key</id>
<label>Key</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_ali_secret</id>
<label>Secret</label>
<type>text</type>
<help></help>
</field>
<field>
<label>AWS Route53</label>
@ -133,13 +128,11 @@
<id>validation.dns_aws_id</id>
<label>AWS ID</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_aws_secret</id>
<label>AWS Secret</label>
<type>text</type>
<help></help>
</field>
<field>
<label>Cloudflare</label>
@ -150,13 +143,11 @@
<id>validation.dns_cf_email</id>
<label>CF E-Mail</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_cf_key</id>
<label>CF Key</label>
<type>text</type>
<help></help>
</field>
<field>
<label>CloudXNS</label>
@ -167,49 +158,61 @@
<id>validation.dns_cx_key</id>
<label>Key</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_cx_secret</id>
<label>Secret</label>
<type>text</type>
<help></help>
</field>
<field>
<label>cyon</label>
<type>header</type>
<style>table_dns table_dns_cyon</style>
<help></help>
<label>cyon</label>
<type>header</type>
<style>table_dns table_dns_cyon</style>
</field>
<field>
<id>validation.dns_cyon_user</id>
<label>User</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_cyon_password</id>
<label>Password</label>
<type>text</type>
<help></help>
</field>
<field>
<label>Domain-Offensive</label>
<type>header</type>
<style>table_dns table_dns_do</style>
<help></help>
<label>DigitalOcean</label>
<type>header</type>
<style>table_dns table_dns_dgon</style>
</field>
<field>
<id>validation.dns_dgon_key</id>
<label>API Key</label>
<type>text</type>
</field>
<field>
<label>DNSimple</label>
<type>header</type>
<style>table_dns table_dns_dnsimple</style>
</field>
<field>
<id>validation.dns_dnsimple_token</id>
<label>OAuth Token</label>
<type>text</type>
</field>
<field>
<label>Domain-Offensive</label>
<type>header</type>
<style>table_dns table_dns_do</style>
</field>
<field>
<id>validation.dns_do_pid</id>
<label>Partner ID</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_do_password</id>
<label>Password</label>
<type>text</type>
<help></help>
</field>
<field>
<label>DNSPod</label>
@ -220,43 +223,81 @@
<id>validation.dns_dp_id</id>
<label>ID</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_dp_key</id>
<label>Key</label>
<type>text</type>
<help></help>
</field>
<field>
<label>FreeDNS</label>
<type>header</type>
<style>table_dns table_dns_freedns</style>
<help></help>
<label>DuckDNS.org</label>
<type>header</type>
<style>table_dns table_dns_duckdns</style>
</field>
<field>
<id>validation.dns_duckdns_token</id>
<label>API Token</label>
<type>text</type>
</field>
<field>
<label>Dyn Managed DNS API</label>
<type>header</type>
<style>table_dns table_dns_dyn</style>
</field>
<field>
<id>validation.dns_dyn_customer</id>
<label>Customer</label>
<type>text</type>
</field>
<field>
<id>validation.dns_dyn_user</id>
<label>User</label>
<type>text</type>
</field>
<field>
<id>validation.dns_dyn_password</id>
<label>Password</label>
<type>text</type>
</field>
<field>
<label>Dynu</label>
<type>header</type>
<style>table_dns table_dns_dynu</style>
</field>
<field>
<id>validation.dns_dynu_clientid</id>
<label>Client ID</label>
<type>text</type>
</field>
<field>
<id>validation.dns_dynu_secret</id>
<label>Secret</label>
<type>text</type>
</field>
<field>
<label>FreeDNS</label>
<type>header</type>
<style>table_dns table_dns_freedns</style>
</field>
<field>
<id>validation.dns_freedns_user</id>
<label>User</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_freedns_password</id>
<label>Password</label>
<type>text</type>
<help></help>
</field>
<field>
<label>Gandi LiveDNS</label>
<type>header</type>
<style>table_dns table_dns_gandi_livedns</style>
<help></help>
<label>Gandi LiveDNS</label>
<type>header</type>
<style>table_dns table_dns_gandi_livedns</style>
</field>
<field>
<id>validation.dns_gandi_livedns_key</id>
<label>Key</label>
<type>text</type>
<help></help>
</field>
<field>
<label>GoDaddy</label>
@ -267,13 +308,43 @@
<id>validation.dns_gd_key</id>
<label>Key</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_gd_secret</id>
<label>Secret</label>
<type>text</type>
<help></help>
</field>
<field>
<label>Hurricane Electric</label>
<type>header</type>
<style>table_dns table_dns_he</style>
</field>
<field>
<id>validation.dns_he_user</id>
<label>User</label>
<type>text</type>
</field>
<field>
<id>validation.dns_he_password</id>
<label>Password</label>
<type>text</type>
</field>
<field>
<label>Infoblox</label>
<type>header</type>
<style>table_dns table_dns_infoblox</style>
</field>
<field>
<id>validation.dns_infoblox_credentials</id>
<label>Credentials</label>
<type>text</type>
<help>Use the following format: username:password</help>
</field>
<field>
<id>validation.dns_infoblox_server</id>
<label>Server</label>
<type>text</type>
<help>Enter either the IP address or FQDN of your Infoblox appliance.</help>
</field>
<field>
<label>IPSConfig</label>
@ -284,25 +355,21 @@
<id>validation.dns_ispconfig_user</id>
<label>User</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_ispconfig_password</id>
<label>Password</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_ispconfig_api</id>
<label>API URL</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_ispconfig_insecure</id>
<label>Disable SSL Verification</label>
<type>checkbox</type>
<help></help>
</field>
<field>
<label>lexicon</label>
@ -313,31 +380,26 @@
<id>validation.dns_lexicon_provider</id>
<label>Provider</label>
<type>dropdown</type>
<help></help>
</field>
<field>
<id>validation.dns_lexicon_user</id>
<label>User</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_lexicon_token</id>
<label>Token</label>
<type>text</type>
<help></help>
</field>
<field>
<label>Linode</label>
<type>header</type>
<style>table_dns table_dns_linode</style>
<help></help>
<label>Linode</label>
<type>header</type>
<style>table_dns table_dns_linode</style>
</field>
<field>
<id>validation.dns_linode_key</id>
<label>Key</label>
<type>text</type>
<help></help>
</field>
<field>
<label>LuaDNS</label>
@ -348,13 +410,11 @@
<id>validation.dns_lua_email</id>
<label>E-Mail</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_lua_key</id>
<label>Key</label>
<type>text</type>
<help></help>
</field>
<field>
<label>DNSMadeEasy</label>
@ -365,13 +425,36 @@
<id>validation.dns_me_key</id>
<label>Key</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_me_secret</id>
<label>Secret</label>
<type>text</type>
<help></help>
</field>
<field>
<label>Name.com</label>
<type>header</type>
<style>table_dns table_dns_namecom</style>
</field>
<field>
<id>validation.dns_namecom_user</id>
<label>User</label>
<type>text</type>
</field>
<field>
<id>validation.dns_namecom_token</id>
<label>API Token</label>
<type>text</type>
</field>
<field>
<label>NS1.com</label>
<type>header</type>
<style>table_dns table_dns_nsone</style>
</field>
<field>
<id>validation.dns_nsone_key</id>
<label>API Key</label>
<type>text</type>
</field>
<field>
<label>nsupdate</label>
@ -382,7 +465,6 @@
<id>validation.dns_nsupdate_server</id>
<label>Server (FQDN)</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_nsupdate_key</id>
@ -399,19 +481,16 @@
<id>validation.dns_ovh_app_key</id>
<label>Application Key</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_ovh_app_secret</id>
<label>Application Secret</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_ovh_consumer_key</id>
<label>Consumer Key</label>
<type>text</type>
<help></help>
</field>
<field>
<id>validation.dns_ovh_endpoint</id>
@ -440,6 +519,25 @@
<id>validation.dns_pdns_token</id>
<label>Token</label>
<type>text</type>
<help></help>
</field>
<field>
<label>Vscale</label>
<type>header</type>
<style>table_dns table_dns_vscale</style>
</field>
<field>
<id>validation.dns_vscale_key</id>
<label>API Key</label>
<type>text</type>
</field>
<field>
<label>Yandex</label>
<type>header</type>
<style>table_dns table_dns_yandex</style>
</field>
<field>
<id>validation.dns_yandex_token</id>
<label>API Token</label>
<type>text</type>
</field>
</form>

15
security/acme-client/src/opnsense/mvc/app/models/OPNsense/AcmeClient/AcmeClient.xml
View file

@ -325,19 +325,30 @@
<dns_cf>CloudFlare.com API</dns_cf>
<dns_cx>CloudXNS.com API</dns_cx>
<dns_cyon>cyon.ch API</dns_cyon>
<dns_do>Domain-Offensive API</dns_do>
<dns_dgon>DigitalOcean API</dns_dgon>
<dns_dnsimple>DNSimple API</dns_dnsimple>
<dns_me>DNSMadeEasy.com API</dns_me>
<dns_do>Domain-Offensive/Resellerinterface/Domainrobot API</dns_do>
<dns_dp>DNSPod.cn API</dns_dp>
<dns_duckdns>DuckDNS API</dns_duckdns>
<dns_dyn>Dyn Managed DNS API</dns_dyn>
<dns_dynu>Dynu API</dns_dynu>
<dns_freedns>FreeDNS API</dns_freedns>
<dns_gandi_livedns>Gandi LiveDNS API</dns_gandi_livedns>
<dns_gd>GoDaddy.com API</dns_gd>
<dns_he>Hurricane Electric</dns_he>
<dns_infoblox>Infoblox API</dns_infoblox>
<dns_ispconfig>ISPConfig 3.1+ API</dns_ispconfig>
<dns_lexicon>lexicon DNS API</dns_lexicon>
<dns_linode>Linode API</dns_linode>
<dns_lua>LuaDNS.com API</dns_lua>
<dns_me>DNSMadeEasy.com API</dns_me>
<dns_namecom>Name.com API</dns_namecom>
<dns_nsone>NS1.com API</dns_nsone>
<dns_nsupdate>nsupdate (RFC 2136)</dns_nsupdate>
<dns_ovh>OVH, kimsufi, soyoustart and runabove API</dns_ovh>
<dns_pdns>PowerDNS.com API</dns_pdns>
<dns_vscale>Vscale API</dns_vscale>
<dns_yandex>Yandex PDD API</dns_yandex>
</OptionValues>
</dns_service>
<dns_sleep type="IntegerField">

37
security/acme-client/src/opnsense/mvc/app/views/OPNsense/AcmeClient/certificates.volt
View file

@ -119,25 +119,6 @@ POSSIBILITY OF SUCH DAMAGE.
},
};
/**
* standard dialog when confirmation is required, wrapper around BootstrapDialog
*/
function stdDialogConfirmation(message, callback) {
BootstrapDialog.confirm({
title: 'Confirmation Required',
message: message,
type:BootstrapDialog.TYPE_DANGER,
btnCancelLabel: 'Cancel',
btnOKLabel: 'Yes',
btnOKClass: 'btn-primary',
callback: function(result) {
if(result) {
callback();
}
}
});
}
/**
* reload bootgrid, return to current selected page
*/
@ -198,7 +179,9 @@ POSSIBILITY OF SUCH DAMAGE.
// link delete selected items action
$(this).find("*[data-action=deleteSelected]").click(function(){
if ( gridParams['del'] != undefined) {
stdDialogRemoveItem("Remove selected items?",function(){
stdDialogConfirm('{{ lang._('Confirm removal') }}',
'{{ lang._('Do you want to remove the selected item?') }}',
'{{ lang._('Yes') }}', '{{ lang._('Cancel') }}', function () {
var rows =$("#"+gridId).bootgrid('getSelectedRows');
if (rows != undefined){
var deferreds = [];
@ -300,7 +283,9 @@ POSSIBILITY OF SUCH DAMAGE.
{
if (gridParams['del'] != undefined) {
var uuid=$(this).data("row-id");
stdDialogRemoveItem('Remove selected item?',function() {
stdDialogConfirm('{{ lang._('Confirm removal') }}',
'{{ lang._('Do you want to remove the selected item?') }}',
'{{ lang._('Yes') }}', '{{ lang._('Cancel') }}', function () {
ajaxCall(url=gridParams['del'] + uuid,
sendData={},callback=function(data,status){
// reload grid after delete
@ -334,7 +319,9 @@ POSSIBILITY OF SUCH DAMAGE.
{
if (gridParams['sign'] != undefined) {
var uuid=$(this).data("row-id");
stdDialogConfirmation('Forcefully (re-)issue the selected certificate?',function() {
stdDialogConfirm('{{ lang._('Confirmation Required') }}',
'{{ lang._('Forcefully (re-)issue the selected certificate?') }}',
'{{ lang._('Yes') }}', '{{ lang._('Cancel') }}', function() {
// Handle HAProxy integration (no-op if not applicable)
ajaxCall(url="/api/acmeclient/settings/fetchHAProxyIntegration", sendData={}, callback=function(data,status) {
ajaxCall(url=gridParams['sign'] + uuid,sendData={},callback=function(data,status){
@ -354,13 +341,15 @@ POSSIBILITY OF SUCH DAMAGE.
{
if (gridParams['revoke'] != undefined) {
var uuid=$(this).data("row-id");
stdDialogConfirmation('Revoke selected certificate?',function() {
stdDialogConfirm('{{ lang._('Confirmation Required') }}',
'{{ lang._('Revoke selected certificate?') }}',
'{{ lang._('Yes') }}', '{{ lang._('Cancel') }}', function() {
ajaxCall(url=gridParams['revoke'] + uuid,
sendData={},callback=function(data,status){
// reload grid after sign
$("#"+gridId).bootgrid("reload");
});
});
}, 'danger');
} else {
console.log("[grid] action revoke missing")
}

39
security/acme-client/src/opnsense/scripts/OPNsense/AcmeClient/certhelper.php
View file

@ -607,6 +607,12 @@ function run_acme_validation($certObj, $valObj, $acctObj)
$proc_env['CY_Username'] = (string)$valObj->dns_cyon_user;
$proc_env['CY_Password'] = (string)$valObj->dns_cyon_user;
break;
case 'dns_dgon':
$proc_env['DO_API_KEY'] = (string)$valObj->dns_dgon_key;
break;
case 'dns_dnsimple':
$proc_env['DNSimple_OAUTH_TOKEN'] = (string)$valObj->dns_dnsimple_token;
break;
case 'dns_do':
$proc_env['DO_PID'] = (string)$valObj->dns_do_pid;
$proc_env['DO_PW'] = (string)$valObj->dns_do_password;
@ -615,6 +621,18 @@ function run_acme_validation($certObj, $valObj, $acctObj)
$proc_env['DP_Id'] = (string)$valObj->dns_dp_id;
$proc_env['DP_Key'] = (string)$valObj->dns_dp_key;
break;
case 'dns_duckdns':
$proc_env['DuckDNS_Token'] = (string)$valObj->dns_duckdns_token;
break;
case 'dns_dyn':
$proc_env['DYN_Customer'] = (string)$valObj->dns_dyn_customer;
$proc_env['DYN_Username'] = (string)$valObj->dns_dyn_user;
$proc_env['DYN_Password'] = (string)$valObj->dns_dyn_password;
break;
case 'dns_dynu':
$proc_env['Dynu_ClientId'] = (string)$valObj->dns_dynu_clientid;
$proc_env['Dynu_Secret'] = (string)$valObj->dns_dynu_secret;
break;
case 'dns_freedns':
$proc_env['FREEDNS_User'] = (string)$valObj->dns_freedns_user;
$proc_env['FREEDNS_Password'] = (string)$valObj->dns_freedns_password;
@ -626,6 +644,14 @@ function run_acme_validation($certObj, $valObj, $acctObj)
$proc_env['GD_Key'] = (string)$valObj->dns_gd_key;
$proc_env['GD_Secret'] = (string)$valObj->dns_gd_secret;
break;
case 'dns_he':
$proc_env['HE_Username'] = (string)$valObj->dns_he_user;
$proc_env['HE_Password'] = (string)$valObj->dns_he_password;
break;
case 'dns_infoblox':
$proc_env['Infoblox_Creds'] = (string)$valObj->dns_infoblox_credentials;
$proc_env['Infoblox_Server'] = (string)$valObj->dns_infoblox_server;
break;
case 'dns_ispconfig':
$proc_env['ISPC_User'] = (string)$valObj->dns_ispconfig_user;
$proc_env['ISPC_Password'] = (string)$valObj->dns_ispconfig_password;
@ -655,6 +681,13 @@ function run_acme_validation($certObj, $valObj, $acctObj)
$proc_env['ME_Key'] = (string)$valObj->dns_me_key;
$proc_env['ME_Secret'] = (string)$valObj->dns_me_secret;
break;
case 'dns_namecom':
$proc_env['Namecom_Username'] = (string)$valObj->dns_namecom_user;
$proc_env['Namecom_Token'] = (string)$valObj->dns_namecom_token;
break;
case 'dns_nsone':
$proc_env['NS1_Key'] = (string)$valObj->dns_nsone_key;
break;
case 'dns_nsupdate':
// Write secret key to filesystem
$secret_key_data = (string)$valObj->dns_nsupdate_key . "\n";
@ -674,6 +707,12 @@ function run_acme_validation($certObj, $valObj, $acctObj)
$proc_env['PDNS_ServerId'] = (string)$valObj->dns_pdns_serverid;
$proc_env['PDNS_Token'] = (string)$valObj->dns_pdns_token;
break;
case 'dns_vscale':
$proc_env['VSCALE_API_KEY'] = (string)$valObj->dns_vscale_key;
break;
case 'dns_yandex':
$proc_env['PDD_Token'] = (string)$valObj->dns_yandex_token;
break;
default:
log_error("AcmeClient: invalid DNS-01 service specified: " . (string)$valObj->dns_service);
return(1);