Merge branch 'master' of ssh://git.nemunai.re:6224/fic2014-server

2013-10-26 19:09:06 +02:00 · 2013-10-26 19:09:06 +02:00 · bdf5f0ade2
commit bdf5f0ade2
parent c27a97ce6e eed6c42595
11 changed files with 234 additions and 153 deletions
--- a/db/fic2014.sql
+++ b/db/fic2014.sql
@ -101,7 +101,7 @@ CREATE TABLE IF NOT EXISTS `teams` (
  `team_name` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
  `key_hash` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
  `auth_level` tinyint(1) NOT NULL,
-  `company` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
+  `slogan` varchar(64) COLLATE utf8_unicode_ci NOT NULL,
  PRIMARY KEY (`id`)
 ) ENGINE=InnoDB  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=1 ;
@ -114,9 +114,10 @@ CREATE TABLE IF NOT EXISTS `teams` (
 CREATE TABLE IF NOT EXISTS `team_members` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
  `id_team` int(10) unsigned NOT NULL,
-  `firstname` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
+  `firstname` varchar(32) COLLATE utf8_unicode_ci NOT NULL,
-  `lastname` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
+  `lastname` varchar(32) COLLATE utf8_unicode_ci NOT NULL,
-  `nickname` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
+  `nickname` varchar(32) COLLATE utf8_unicode_ci NOT NULL,
  `company` varchar(32) COLLATE utf8_unicode_ci NOT NULL,
  PRIMARY KEY (`id`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=1 ;
@ -128,6 +129,6 @@ CREATE TABLE IF NOT EXISTS `team_members` (
 CREATE TABLE IF NOT EXISTS `themes` (
  `id` int(10) unsigned NOT NULL AUTO_INCREMENT,
-  `name` varchar(255) COLLATE utf8_unicode_ci NOT NULL,
+  `name` varchar(32) COLLATE utf8_unicode_ci NOT NULL,
  PRIMARY KEY (`id`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci AUTO_INCREMENT=1 ;
--- a/misc/CA.sh
+++ b/misc/CA.sh
@ -0,0 +1,103 @@
 # TODO key usage
 OPENSSL_CONF=$(pwd)/openssl.cnf
 TOP_DIR=fic_pki
 CAKEY=./cakey.key
 CAREQ=./careq.csr
 CACERT=./cacert.crt
 DAYS=365
 GREEN="\033[1;32m"
 RED="\033[1;31m"
 COLOR_RST="\033[0m"
 usage()
 {
    echo "Usage: $0 (-newca|-newserver|-newclient NAME)"
    exit 1
 }
 [ $# -lt 1 ] && usage
 export OPENSSL_CONF=${OPENSSL_CONF}
 case $1 in
    "-newca" )
        echo -e -n "${GREEN}Create the directories, take care this will delete"
        echo -e "the old directories ${COLOR_RST}"
        sleep 1; echo -n "1 "; sleep 1; echo -n "2 "; sleep 1; echo "3"
        rm -rf ${TOP_DIR}
        mkdir -p ${TOP_DIR}/certs
        mkdir -p ${TOP_DIR}/crl
        mkdir -p ${TOP_DIR}/newcerts
        mkdir -p ${TOP_DIR}/private
        touch ${TOP_DIR}/index.txt
        echo -e "${GREEN}Making CA key and csr${COLOR_RST}"
        sed -i 's/=.*#COMMONNAME/= FIC2014 CA #COMMONNAME/' $OPENSSL_CONF
        sed -i "s/=.*#DIR/= ${TOP_DIR} #DIR/" $OPENSSL_CONF
        sed -i "s/=.*#CERTTYPE/= server #CERTTYPE/" $OPENSSL_CONF
        openssl req -batch -new -keyout ${TOP_DIR}/private/${CAKEY}         \
                    -out ${TOP_DIR}/${CAREQ}
        echo -e "${GREEN}Self signes the CA certificate${COLOR_RST}"
        openssl ca -batch -create_serial -out ${TOP_DIR}/${CACERT}          \
                -days ${DAYS} -keyfile ${TOP_DIR}/private/${CAKEY}          \
                -selfsign -extensions v3_ca -infiles ${TOP_DIR}/${CAREQ}
        ;;
    "-newserver" )
        echo -e "${GREEN}Making the Server key and cert${COLOR_RST}"
        if ! [ -f ${TOP_DIR}/private/${CAKEY} ]; then
            echo -e "${RED}Can not found the CA's key${COLOR_RST}"
            exit 2
        fi
        sed -i 's/=.*#COMMONNAME/= FIC2014 Server #COMMONNAME/' $OPENSSL_CONF
        openssl req -batch -new -keyout server.key -out server.csr -days ${DAYS}
        echo -e "${GREEN}Signing the Server crt${COLOR_RST}"
        openssl ca -policy policy_match -out server.crt -infiles server.csr
        if [ $? -ne 0 ]; then
            echo -e "${RED}Signing failed${COLOR_RST}"
            rm -rf server.key server.crt server.csr
            exit 3
        else
            rm server.csr # remove ?
            echo -e "${GREEN}Signed certificate is in server.crt${COLOR_RST}"
        fi
        ;;
    "-newclient" )
        [ $# -ne 2 ] && "Usage: $0 -newclient NAME"
        echo -e "${GREEN}Making the client key and csr${COLOR_RST}"
        if ! [ -f ${TOP_DIR}/private/${CAKEY} ]; then
            echo -e "${RED}Can not found the CA's key${COLOR_RST}"
            exit 2
        fi
        sed -i "s/=.*#COMMONNAME/= $2#COMMONNAME/" $OPENSSL_CONF
        sed -i "s/=.*#CERTTYPE/= client #CERTTYPE/" $OPENSSL_CONF
        openssl req -batch -new -keyout ${2}.key -out ${2}.csr -days ${DAYS}
        echo -e "${GREEN}Signing the Client crt${COLOR_RST}"
        openssl ca -policy policy_match -out ${2}.crt -infiles ${2}.csr
        if [ $? -ne 0 ]; then
            echo -e "${RED}Signing failed${COLOR_RST}"
            exit 3
        fi
        echo -e "${GREEN}Export the Client files to pkcs12${COLOR_RST}"
        openssl pkcs12 -export -inkey ${2}.key  -in ${2}.crt -name ${2} -out ${2}.p12
        if [ $? -ne 0 ]; then
            echo -e "${RED}pkcs12 export failed${COLOR_RST}"
            exit 4
        else
            echo -e "Exported pkcs12 file is ${2}.p12"
        fi
        rm -rf ${2}.key ${2}.csr ${2}.crt
        ;;
    * )
        usage
        ;;
 esac
--- a/misc/certs/CA.sh
+++ b/misc/certs/CA.sh
@ -1,49 +0,0 @@
 # Create CA for client
 #openssl genrsa -des3 -out ca.key 4096
 #openssl req -new -x509 -days 365 -key ca.key -out ca.crt
 #
 ## Server cert
 #openssl genrsa -des3 -out server.key 2028
 #openssl req -new -key server.key -out server.csr
 #
 ## Self sign ??
 #openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
 # TODO serial
 # TODO common name
 OPENSSL_CONF=openssl.cnf
 [ $# -ne 1 ] && echo "Usage: $0 init
                                client NAME"
 case $1 in
    "init" )
        echo "Create CA for signing client certs"
        openssl genrsa -des3 -out ca.key 4096
        sed -i 's/=.*#CommonName/= FIC2014 CA#CommonNameEnd/' $OPENSSL_CONF
        openssl req -batch -new -x509 -days 365 -key ca.key -out ca.crt
        echo "Create server cert"
        openssl genrsa -des3 -out server.key 2048
        sed -i 's/=.*#CommonNameEnd/= FIC2014 Server#CommonNameEnd/' $OPENSSL_CONF
        openssl req -batch -new -key server.key -out server.csr
        openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
        rm server.csr
        ;;
    "client" )
        [ $# -ne 2 ] && "client Usage"
        openssl genrsa -des3 -out client.key 2048
        sed -i "s/=.*#CommonNameEnd/= $2#CommonNameEnd/" $OPENSSL_CONF
        openssl req -batch -new -key client.key -out client.csr
        openssl x509 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crt
        openssl pkcs12 -export -inkey client.key  -in client.crt -name $2 -out ${2}.p12
        rm client.key
        rm client.csr
        rm client.crt
        ;;
    "*" )
        echo "*"
        ;;
 esac
--- a/misc/init_db.sql
+++ b/misc/init_db.sql
@ -1,2 +0,0 @@
 DROP DATABASE IF EXISTS fic2014;
 CREATE DATABASE fic2014;
--- a/misc/install.sh
+++ b/misc/install.sh
@ -1,68 +0,0 @@
 #! /bin/sh
 # Install FIC 2014 server
 # Depends:
 #
 # nginx 1.4.3
 # openssh 6.3p1-1
 # iptables 1.4.19.1-1
 # mariadb 5.5.33.a-1
 # Exit values
 # 0 Everything is good
 # 1 
 # 2 File not found
 # 3 Service not running
 # By default the config dir is ..
 DIR=${PWD%/*}
 CONF="server.conf"
 BASENAME=`basename $0`
 FULL_INSTALL=false
 display_help()
 {
    # By default install only config files
    # --full: install package, enable services, install config
    echo "Usage: $BASENAME [--full] (alpha|beta)"
    exit 1
 }
 HTTP_DIR=""
 DB_TYPE=""
 DB_NAME=""
 DB_USER=""
 DB_PASS=""
 parse_conf()
 {
    if ! [ -f $CONF ]; then
        echo "The configuration file: " $CONF " not found"
        exit 2
    fi
    HTTP_DIR=$(sed -n 's/[ \t]*http_root[ \t]*=[ \t]*\(.*\)[ \t]*/\1/p' $CONF)
    DB_TYPE=$(sed -n 's/[ \t]*db_type[ \t]*=[ \t]*\(.*\)[ \t]*/\1/p' $CONF)
    DB_NAME=$(sed -n 's/[ \t]*db_name[ \t]*=[ \t]*\(.*\)[ \t]*/\1/p' $CONF)
    DB_USER=$(sed -n 's/[ \t]*db_user[ \t]*=[ \t]*\(.*\)[ \t]*/\1/p' $CONF)
    DB_PASS=$(sed -n 's/[ \t]*db_pass[ \t]*=[ \t]*\(.*\)[ \t]*/\1/p' $CONF)
 }
 INIT_DB="init_db.sql"
 init_db()
 {
    if ! [ -f $INIT_DB ]; then
        echo "The configuration file " $INIT_DB " not found"
        exit 2
    fi
    if ! [ -S /var/run/mysqld/mysqld.sock ]; then
        echo "The mysqld service is not running"
        exit 3
    fi
 }
 [ $# -ne 1 ] && display_help
 parse_conf
--- a/misc/certs/openssl.cnf
+++ b/misc/certs/openssl.cnf
@ -39,7 +39,7 @@ default_ca	= CA_default		# The default ca section
 ####################################################################
 [ CA_default ]
-dir		= /etc/ssl		# Where everything is kept
+dir		= fic_pki #DIR 		# Where everything is kept
 certs		= $dir/certs		# Where the issued certs are kept
 crl_dir		= $dir/crl		# Where the issued crl are kept
 database	= $dir/index.txt	# database index file.
@ -47,12 +47,12 @@ database	= $dir/index.txt	# database index file.
 					# several ctificates with same subject.
 new_certs_dir	= $dir/newcerts		# default place for new certs.
-certificate	= $dir/cacert.pem 	# The CA certificate
+certificate	= $dir/cacert.crt 	# The CA certificate
 serial		= $dir/serial 		# The current serial number
 crlnumber	= $dir/crlnumber	# the current crl number
 					# must be commented out to leave a V1 CRL
 crl		= $dir/crl.pem 		# The current CRL
-private_key	= $dir/private/cakey.pem# The private key
+private_key	= $dir/private/cakey.key # The private key
 RANDFILE	= $dir/private/.rand	# private random number file
 x509_extensions	= usr_cert		# The extentions to add to the cert
@ -147,11 +147,12 @@ organizationalUnitName		= Organizational Unit Name (eg, section)
 organizationalUnitName_default	= SRS
 commonName			= Common Name (e.g. server FQDN or YOUR name)
-commonName_default		= tata#CommonNameEndEndEndEndEnd
+commonName_default		= toto#COMMONNAME
 commonName_max			= 64
 emailAddress			= Email Address
 emailAddress_max		= 64
 emailAddress_default		= root@srs.epita.fr
 # SET-ex3			= SET extension number 3
@ -175,7 +176,7 @@ basicConstraints=CA:FALSE
 # the certificate can be used for anything *except* object signing.
 # This is OK for an SSL server.
-# nsCertType			= server
+nsCertType			= client #CERTTYPE
 # For an object signing certificate this would be used.
 # nsCertType = objsign
@ -190,7 +191,7 @@ basicConstraints=CA:FALSE
 # keyUsage = nonRepudiation, digitalSignature, keyEncipherment
 # This will be displayed in Netscape's comment listbox.
-nsComment			= "OpenSSL Generated Certificate"
+nsComment			= "FIC 2014 generated certificates"
 # PKIX recommendations harmless if included in all certificates.
 subjectKeyIdentifier=hash
--- a/misc/server.conf
+++ b/misc/server.conf
@ -1,5 +0,0 @@
 http_root=/srv/http/fic2014-server
 db_type=mysql
 db_name=fic
 db_user=toto
 db_pass=toto42
--- a/onyx/include/common.php
+++ b/onyx/include/common.php
@ -7,6 +7,7 @@ if (empty($sess->values["connected"]) && !defined("xCSRF"))
 require_once("functions.php"); //Inclusion des principales fonctions
 require_once("common/Exercice.class.php");
 require_once("common/Member.class.php");
 require_once("common/Team.class.php");
 require_once("common/Theme.class.php");
--- a/onyx/include/common/Member.class.php
+++ b/onyx/include/common/Member.class.php
@ -0,0 +1,84 @@
 <?php
 if(!defined('ONYX')) exit;
 class Member
 {
  var $id = null;
  var $team = null;
  var $firstname;
  var $lastname;
  var $nickname;
  var $company;
  function Member($id=null, $team=null)
  {
    if (!empty($id))
    {
      $db = new BDD();
      $res = $db->unique_query("SELECT id, id_team, firstname, lastname, nickname, company
        			FROM team_members WHERE id=" . intval($id)) or die($db->erreur());
      $db->deconnexion();
      if (!empty($res))
      {
 	$this->id = $res['id'];
 	if (empty($team))
 	  $this->team = $res['id_team'];
 	else
 	  $this->team = $team;
 	$this->firstname = $res['firstname'];
 	$this->lastname = $res['lastname'];
 	$this->nickname = $res['nickname'];
 	$this->company = $res['company'];
      }
    }
  }
  function update()
  {
    $firstname = $this->firstname;
    $lastname = $this->lastname;
    $nickname = $this->nickname;
    $company = $this->company;
    if (gettype($this->team) != "object")
      $id_team = intval($this->team);
    else
      $id_team = $this->team->id;
    $db = new BDD();
    $db->escape($firstname);
    $db->escape($lastname);
    $db->escape($nickname);
    $db->escape($company);
    if (empty($this->id))
    {
      $db->query("INSERT INTO team_members
       		  VALUES (NULL, ".intval($id_team).", '".$firstname."', '".$lastname."', '".$nickname."', '".$company."')");
      $this->id = $db->insert_id();
      $aff = ($this->id > 0);
    }
    else
    {
      $db->query("UPDATE team_members
     	  	  SET id_team = ".intval($id_team).", firstname = '$firstname', lastname = '$lastname', nickname = '$lastname', company = '$company'
     	  	  WHERE id = ".intval($this->id));
      $aff = $db->affected();
    }
    $db->deconnexion();
    return ($aff == 1);
  }
  function get_team()
  {
    if (gettype($this->team) != "object")
      $this->team = new Team(intval($this->team));
    return $this->team;
  }
 }
 ?>
--- a/onyx/include/common/Team.class.php
+++ b/onyx/include/common/Team.class.php
@ -17,8 +17,8 @@ class Team
  var $id = null;
  var $key_hash;
  var $auth_level;
-  var $company;
+  var $slogan;
-  var $members = null;
+  var $members = array();
  var $points = null;
  // Constructor
@ -27,14 +27,14 @@ class Team
    if (!empty($id))
    {
      $db = new BDD();
-      $res = $db->unique_query("SELECT id, key_hash, company, auth_level
+      $res = $db->unique_query("SELECT id, key_hash, slogan, auth_level
        			FROM teams WHERE id=" . intval($id)) or die($db->erreur());
      if (!empty($res))
      {
 	$this->id = $res['id'];
 	$this->key_hash = $res['key_hash'];
-	$this->company = $res['company'];
+	$this->slogan = $res['slogan'];
 	$this->auth_level = $res['auth_level'];
      }
      $db->deconnexion();
@ -46,23 +46,23 @@ class Team
  {
    $key_hash = $this->key_hash;
    $auth_level = intval($this->auth_level);
-    $company = $this->company;
+    $slogan = $this->slogan;
    $db = new BDD();
    $db->escape($key_hash);
-    $db->escape($company);
+    $db->escape($slogan);
    if (empty($this->id))
    {
      $db->query("INSERT INTO teams
-       		  VALUES (NULL, '".$key_hash."', ".$auth_level.", '".$company."')");
+       		  VALUES (NULL, '".$key_hash."', ".$auth_level.", '".$slogan."')");
      $this->id = $db->insert_id();
      $aff = ($this->id > 0);
    }
    else
    {
-      $db->query("UPDATE users
+      $db->query("UPDATE teams
-     	  	  SET auth_level = ".$auth_level.", key_hash = '".$key_hash."', company = '".$company."'
+     	  	  SET auth_level = ".$auth_level.", key_hash = '".$key_hash."', slogan = '".$slogan."'
     	  	  WHERE id = ".intval($this->id));
      $aff = $db->affected();
    }
@ -75,8 +75,8 @@ class Team
    return $this->id;
  }
-  function get_company() {
+  function get_slogan() {
-    return $this->company;
+    return $this->slogan;
  }
  function get_auth_level() {
@ -85,18 +85,17 @@ class Team
  function get_members()
  {
-    if(!isset($this->members))
+    if(count($this->members) == 0)
    {
      $db = new BDD();
-      $res = $db->query("SELECT id, firstname, lastname, nickname
+      $res = $db->query("SELECT id FROM team_members
 			 FROM team_members
 			 WHERE id_team = " . intval($this->id));
      $db->deconnexion();
-      if (!empty($res))
+      foreach($res as $member)
-	$this->members = $res;
+	$this->members[] = new Member($member["id"], $this);
    }
    return $this->members;
@ -117,9 +116,9 @@ class Team
      $db->deconnexion();
      if (!empty($res))
      {
 	$this->points = $res['sum_points'];
-      }
+      else
 	$this->points = 0;
    }
    return $this->points;
--- a/onyx/tpl/bootstrap/public/team.tpl
+++ b/onyx/tpl/bootstrap/public/team.tpl
@ -0,0 +1,16 @@
 {extends file="layout.tpl"}
 {block name=content}
 <h1>
     {$team->slogan}
 </h1>
 <ul>
    <li><strong>Score :</strong> {$team->get_pts()}</li>
    <li><strong>Membre{if count($team->get_members()) > 1}s{/if} :</strong>
      <ul>
        {foreach from=$team->get_members() item=m}
        <li><span class="font-variant: small-caps;">{$m->lastname}</span> {$m->firstname}</li>
 	{/foreach}
      </ul>
    </li>
 </ul>
 {/block}
		`@ -1,2 +0,0 @@`
			`DROP DATABASE IF EXISTS fic2014;`
			`CREATE DATABASE fic2014;`