servnest/fn/ht.php

<?php

function checkDomainFormat($domain) {
	// If the domain must end without a dot
	if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match('/^([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$/D', $domain))
		output(403, _('Domain malformed.'));
}

function formatDomain($domain) {
	$domain = rtrim(strtolower($domain), '.');
	checkDomainFormat($domain);
	return $domain;
}

function listFsDirs($username) {
	$absoluteDirs = glob(CONF['ht']['ht_path'] . '/' . $username . '/*/', GLOB_ONLYDIR);
	$dirs = [];
	foreach ($absoluteDirs as $absoluteDir)
		if (preg_match('/^[a-zA-Z0-9_-]{1,64}$/D', basename($absoluteDir)))
			array_push($dirs, basename($absoluteDir));
	return $dirs;
}

function addSite($username, $siteDir, $address, $type) {
	insert('sites', [
		'username' => $username,
		'site_dir' => $siteDir,
		'address' => $address,
		'type' => $type,
		'creation_date' => date('Y-m-d H:i:s'),
	]);
}

function dirsStatuses($type) {
	if (isset($_SESSION['id']) !== true)
		return [];
	$dbDirs = query('select', 'sites', [
		'username' => $_SESSION['id'],
		'type' => $type,
	], 'site_dir');
	$dirs = [];
	foreach (listFsDirs($_SESSION['id']) as $fsDir)
		$dirs[$fsDir] = in_array($fsDir, $dbDirs);
	return $dirs;
}

function htDeleteSite($address, $type) {
	match ($type) {
		'onion', 'dns' => htDeleteDedicatedSite($address, $type),
		'subpath', 'subdomain' => htDeleteSubSite($address, $type)
	};
}

function htDeleteSubSite($address, $type) {
	if (unlink(CONF['ht'][$type . '_path'] . '/' . $address) !== true)
		output(500, 'Unable to delete symlink.');

	query('delete', 'sites', [
		'username' => $_SESSION['id'],
		'type' => $type,
		'address' => $address,
	]);
}

function htDeleteDedicatedSite($address, $type) {
	$dir = query('select', 'sites', [
		'address' => $address,
		'type' => $type,
	], 'site_dir')[0];

	if ($type === 'onion') {
		// Delete Tor config
		if (unlink(CONF['ht']['tor_config_path'] . '/' . $_SESSION['id'] . '/' . $dir) !== true)
			output(500, 'Failed to delete Tor configuration.');

		// Reload Tor
		exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['tor_reload_cmd'], $output, $code);
		if ($code !== 0)
			output(500, 'Failed to reload Tor.');

		// Delete Tor keys
		exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['rm_path'] . ' --recursive ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['id'] . '/' . $dir, $output, $code);
		if ($code !== 0)
			output(500, 'Failed to delete Tor keys.');
	}

	// Delete Nginx config
	if (unlink(CONF['ht']['nginx_config_path'] . '/' . $address . '.conf') !== true)
		output(500, 'Failed to delete Nginx configuration.');

	// Reload Nginx
	exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['nginx_reload_cmd'], result_code: $code);
	if ($code !== 0)
		output(500, 'Failed to reload Nginx.');

	if ($type === 'dns') {
		// Delete Let's Encrypt certificate
		exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['certbot_path'] . ' delete --quiet --cert-name ' . $address, $output, $code);
		if ($code !== 0)
			output(500, 'Certbot failed to delete the Let\'s Encrypt certificate.');
	}

	// Delete from database
	query('delete', 'sites', [
		'username' => $_SESSION['id'],
		'type' => $type,
		'site_dir' => $dir,
	]);
}
?, more checks on ht/ 2021-02-16 19:20:19 +01:00			`<?php`

Better segmentation between services 2022-04-23 01:57:43 +02:00			`function checkDomainFormat($domain) {`
			`// If the domain must end without a dot`
Fix regDeleteDomain security flaw + D regex modifier regDeleteDomain() in fn/reg.php used too loose pattern matching for data deletion, that also deleted other domains that included the deleted domain 2022-11-20 18:17:03 +01:00			`if (!filter_var($domain, FILTER_VALIDATE_DOMAIN) OR !preg_match('/^([a-z0-9_-]{1,63}\.){1,126}[a-z0-9]{1,63}$/D', $domain))`
Gettext internationalization and english translation 2023-01-21 01:27:52 +01:00			`output(403, _('Domain malformed.'));`
ht: Allow domains ending with a dot 2022-09-14 13:49:15 +02:00			`}`

			`function formatDomain($domain) {`
			`$domain = rtrim(strtolower($domain), '.');`
			`checkDomainFormat($domain);`
			`return $domain;`
Better segmentation between services 2022-04-23 01:57:43 +02:00			`}`

?, more checks on ht/ 2021-02-16 19:20:19 +01:00			`function listFsDirs($username) {`
Use single quotes instead of double quotes 2022-11-20 15:11:54 +01:00			`$absoluteDirs = glob(CONF['ht']['ht_path'] . '/' . $username . '/*/', GLOB_ONLYDIR);`
del-http-onion.php + query() 2022-06-11 23:42:48 +02:00			`$dirs = [];`
Cleaner ht.php 2022-06-10 16:42:55 +02:00			`foreach ($absoluteDirs as $absoluteDir)`
ht: More restrictive directory names 2022-11-28 17:16:30 +01:00			`if (preg_match('/^[a-zA-Z0-9_-]{1,64}$/D', basename($absoluteDir)))`
Cleaner ht.php 2022-06-10 16:42:55 +02:00			`array_push($dirs, basename($absoluteDir));`
			`return $dirs;`
?, more checks on ht/ 2021-02-16 19:20:19 +01:00			`}`

ht: subdomain and subpath on shared domain 2022-12-22 01:44:57 +01:00			`function addSite($username, $siteDir, $address, $type) {`
Factorize "INSERT INTO" SQL queries with insert() 2022-09-14 17:19:17 +02:00			`insert('sites', [`
			`'username' => $username,`
			`'site_dir' => $siteDir,`
ht: subdomain and subpath on shared domain 2022-12-22 01:44:57 +01:00			`'address' => $address,`
			`'type' => $type,`
Use single quotes instead of double quotes 2022-11-20 15:11:54 +01:00			`'creation_date' => date('Y-m-d H:i:s'),`
Factorize "INSERT INTO" SQL queries with insert() 2022-09-14 17:19:17 +02:00			`]);`
?, more checks on ht/ 2021-02-16 19:20:19 +01:00			`}`

ht: subdomain and subpath on shared domain 2022-12-22 01:44:57 +01:00			`function dirsStatuses($type) {`
Internal ID, Argon2 for usernames, username changes 2022-11-30 23:12:42 +01:00			`if (isset($_SESSION['id']) !== true)`
ht: More restrictive directory names 2022-11-28 17:16:30 +01:00			`return [];`
del-http-onion.php + query() 2022-06-11 23:42:48 +02:00			`$dbDirs = query('select', 'sites', [`
Internal ID, Argon2 for usernames, username changes 2022-11-30 23:12:42 +01:00			`'username' => $_SESSION['id'],`
ht: subdomain and subpath on shared domain 2022-12-22 01:44:57 +01:00			`'type' => $type,`
del-http-onion.php + query() 2022-06-11 23:42:48 +02:00			`], 'site_dir');`
			`$dirs = [];`
Internal ID, Argon2 for usernames, username changes 2022-11-30 23:12:42 +01:00			`foreach (listFsDirs($_SESSION['id']) as $fsDir)`
del-http-onion.php + query() 2022-06-11 23:42:48 +02:00			`$dirs[$fsDir] = in_array($fsDir, $dbDirs);`
New directories listing format 2022-05-21 02:15:36 +02:00			`return $dirs;`
			`}`
Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00
ht: subdomain and subpath on shared domain 2022-12-22 01:44:57 +01:00			`function htDeleteSite($address, $type) {`
			`match ($type) {`
			`'onion', 'dns' => htDeleteDedicatedSite($address, $type),`
			`'subpath', 'subdomain' => htDeleteSubSite($address, $type)`
			`};`
			`}`

			`function htDeleteSubSite($address, $type) {`
			`if (unlink(CONF['ht'][$type . '_path'] . '/' . $address) !== true)`
			`output(500, 'Unable to delete symlink.');`

			`query('delete', 'sites', [`
			`'username' => $_SESSION['id'],`
			`'type' => $type,`
			`'address' => $address,`
			`]);`
			`}`

			`function htDeleteDedicatedSite($address, $type) {`
			`$dir = query('select', 'sites', [`
			`'address' => $address,`
			`'type' => $type,`
			`], 'site_dir')[0];`
Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00
ht: subdomain and subpath on shared domain 2022-12-22 01:44:57 +01:00			`if ($type === 'onion') {`
Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00			`// Delete Tor config`
Internal ID, Argon2 for usernames, username changes 2022-11-30 23:12:42 +01:00			`if (unlink(CONF['ht']['tor_config_path'] . '/' . $_SESSION['id'] . '/' . $dir) !== true)`
fn success/userError/serverError > output($code) 2022-09-15 19:17:48 +02:00			`output(500, 'Failed to delete Tor configuration.');`
Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00
			`// Reload Tor`
Make services reloading systemd-agnostic 2022-11-23 22:21:34 +01:00			`exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['tor_reload_cmd'], $output, $code);`
Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00			`if ($code !== 0)`
fn success/userError/serverError > output($code) 2022-09-15 19:17:48 +02:00			`output(500, 'Failed to reload Tor.');`
Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00
			`// Delete Tor keys`
Internal ID, Argon2 for usernames, username changes 2022-11-30 23:12:42 +01:00			`exec(CONF['ht']['sudo_path'] . ' -u ' . CONF['ht']['tor_user'] . ' ' . CONF['ht']['rm_path'] . ' --recursive ' . CONF['ht']['tor_keys_path'] . '/' . $_SESSION['id'] . '/' . $dir, $output, $code);`
Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00			`if ($code !== 0)`
fn success/userError/serverError > output($code) 2022-09-15 19:17:48 +02:00			`output(500, 'Failed to delete Tor keys.');`
Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00			`}`

			`// Delete Nginx config`
ht: subdomain and subpath on shared domain 2022-12-22 01:44:57 +01:00			`if (unlink(CONF['ht']['nginx_config_path'] . '/' . $address . '.conf') !== true)`
fn success/userError/serverError > output($code) 2022-09-15 19:17:48 +02:00			`output(500, 'Failed to delete Nginx configuration.');`
Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00
			`// Reload Nginx`
Make services reloading systemd-agnostic 2022-11-23 22:21:34 +01:00			`exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['nginx_reload_cmd'], result_code: $code);`
Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00			`if ($code !== 0)`
fn success/userError/serverError > output($code) 2022-09-15 19:17:48 +02:00			`output(500, 'Failed to reload Nginx.');`
Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00
ht: subdomain and subpath on shared domain 2022-12-22 01:44:57 +01:00			`if ($type === 'dns') {`
Integrate Let's Encrypt into (add\|del)-http-dns.php 2022-09-06 02:40:18 +02:00			`// Delete Let's Encrypt certificate`
ht: subdomain and subpath on shared domain 2022-12-22 01:44:57 +01:00			`exec(CONF['ht']['sudo_path'] . ' ' . CONF['ht']['certbot_path'] . ' delete --quiet --cert-name ' . $address, $output, $code);`
Integrate Let's Encrypt into (add\|del)-http-dns.php 2022-09-06 02:40:18 +02:00			`if ($code !== 0)`
fn success/userError/serverError > output($code) 2022-09-15 19:17:48 +02:00			`output(500, 'Certbot failed to delete the Let\'s Encrypt certificate.');`
Integrate Let's Encrypt into (add\|del)-http-dns.php 2022-09-06 02:40:18 +02:00			`}`

Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00			`// Delete from database`
			`query('delete', 'sites', [`
Internal ID, Argon2 for usernames, username changes 2022-11-30 23:12:42 +01:00			`'username' => $_SESSION['id'],`
ht: subdomain and subpath on shared domain 2022-12-22 01:44:57 +01:00			`'type' => $type,`
Add form to delete account Move service-specific deletion code to functions 2022-06-18 04:22:05 +02:00			`'site_dir' => $dir,`
			`]);`
			`}`