#!/bin/sh

. ../common/ajax_common

DNSCONF="/etc/resolv.conf"
TZPATH="/conf/zoneinfo"
TZCONF="${TZPATH}/default_timezone.conf"
WEBACL="${PGETC}/web/webacl.conf"
v6ifadmin="${PGETC}/web/v6ifadmin.conf"


if [ "${PALANG}" = "en" ]; then
	LANG001="Error"		#ʧ
	LANG002="Success"	#ɹ
	LANG003="Edit_ifadmin"	#޸Ĺӿ
fi


load_httpd_conf()
{
	ssl=1
	port=443
	read_timeout=60

	[ -f "${PGETC}/httpd.conf" ] && . ${PGETC}/httpd.conf
	[ "${HTTPS_PORT}" != "" ] && port=${HTTPS_PORT}

	printf "{"
	printf "\"port\":\"${port}\","
	printf "\"ssl\":\"${ssl}\","
	printf "\"read_timeout\":\"${read_timeout}\""
	printf "}"
}


load_webacl()
{
	webexit=1800
	fullexit=0
	verifyCode=0
	maxErr=0
	lockTime=30
	pswdTTL=0
	pswdLEN=8
	number=""
	bword=""
	sword=""
	other=""
	xss_verify=0
	api_enable=""
	quick_menu=0
	sign_query_enable=0
	csrf_verify=0
	pppoepwd_plaintext=1

	[ -f "${WEBACL}" ] && . "${WEBACL}"
	[ -f "${PGETC}/webexit.conf" ] && . ${PGETC}/webexit.conf
	[ -f "${RAMDISK}/web_secure.conf" ] && xss_verify=1
	[ -f "${RAMDISK}/csrf_verify.conf" ] && csrf_verify=1

	webexit=$((${webexit}/60))
	lockTime=$((${lockTime}/60))
	pswdTTL=$((${pswdTTL}/24/60/60))
	
	printf "{"

	printf "\"webexit\":\"${webexit}\""
	printf ",\"fullexit\":\"${fullexit}\""
	printf ",\"verifyCode\":${verifyCode}"
	printf ",\"maxErr\":${maxErr}"
	printf ",\"lockTime\":${lockTime}"
	printf ",\"pswdLEN\":${pswdLEN}"
	printf ",\"pswdTTL\":${pswdTTL}"
	printf ",\"number\":\"${number}\""
	printf ",\"bword\":\"${bword}\""
	printf ",\"sword\":\"${sword}\""
	printf ",\"other\":\"${other}\""
	printf ",\"xss_verify\":\"${xss_verify}\""
	printf ",\"api_enable\":\"${api_enable}\""
	printf ",\"quick_menu\":\"${quick_menu}\""
	printf ",\"sign_query_enable\":\"${sign_query_enable}\""
	printf ",\"sign_query_key\":\"${sign_query_key}\""
	printf ",\"csrf_verify\":\"${csrf_verify}\""
	printf ",\"pppoepwd_plaintext\":\"${pppoepwd_plaintext}\""
	printf "}"
}


load_ifadmin()
{
	ADMIN_IP=`grep "ADMIN_IP" ${PGETC}/ifadmin.conf | cut -d"=" -f2`
	ADMIN_MASK=`grep "ADMIN_MASK" ${PGETC}/ifadmin.conf | cut -d"=" -f2`
	GATEWAY=`grep "GATEWAY" ${PGETC}/ifadmin.conf | cut -d"=" -f2`
	APPEND_IP=`grep "APPEND_IP=" ${PGETC}/ifadmin.conf | cut -d"=" -f2`
	APPEND_IPMASK=`grep "APPEND_IPMASK=" ${PGETC}/ifadmin.conf | cut -d"=" -f2`

	[ "${APPEND_IP}" = "" ] && APPEND_IP="0.0.0.0"
	[ "${APPEND_IPMASK}" = "" ] && APPEND_IPMASK="0.0.0.0"

	if [ "`uname`" = "Linux" ]; then
		mac=`ifconfig ${ADMIN_PORT} | grep "HWaddr " | awk '{print $NF}'`
		[ "${mac}" = "" ] && mac=`ifconfig ${ADMIN_PORT} | grep "ether" | awk '{print $2}'`
		[ "${mac}" = "" ] && mac=`cat /sys/class/net/${ADMIN_PORT}/address`
	else
		mac=`ifconfig ${ADMIN_PORT} | grep "ether " | awk '{print $NF}'`
	fi
	
	if [ -f "${v6ifadmin}" ]; then
		. ${v6ifadmin}
	fi

	#v6ַv6ǰ׺
	have_v6mask=`echo ${v6_ip} | grep "/"`
	if [ "${have_v6mask}" != "" ]; then
		v6_mask=`echo ${v6_ip} | cut -d"/" -f2`
		v6_ip=`echo ${v6_ip} | cut -d"/" -f1`
	fi

	printf "{"
	printf "\"mgif\":\"${ADMIN_PORT}\""
	printf ",\"ip\":\"${ADMIN_IP}\""
	printf ",\"mac\":\"${mac}\""
	printf ",\"mask\":\"${ADMIN_MASK}\""
	printf ",\"gateway\":\"${GATEWAY}\""
	printf ",\"dns1\":\"${dns1}\""
	printf ",\"dns2\":\"${dns2}\""
	printf ",\"append_ip\":\"${APPEND_IP}\""
	printf ",\"append_ipmask\":\"${APPEND_IPMASK}\""
	printf ",\"v6_ip\":\"${v6_ip}\""
	printf ",\"v6_mask\":\"${v6_mask}\""
	printf ",\"v6_gateway\":\"${v6_gateway}\""
	printf "}"
}


load_sys_dns()
{
	tag=1
	dns1="0.0.0.0"
	dns2="0.0.0.0"

	[ ! -f ${DNSCONF} ] && touch ${DNSCONF}

	for ip in `grep ^nameserver ${DNSCONF} | cut -d" " -f2`
	do
		eval dns${tag}=${ip}
		tag=$(($tag+1))
	done

	[ "${dns1}" = "" ] && dns1="0.0.0.0"
	[ "${dns2}" = "" ] && dns2="0.0.0.0"

	printf "{"
	printf "\"dns1\":\"${dns1}\""
	printf ",\"dns2\":\"${dns2}\""
	printf "}"
}


load_vmgt()
{
	if [ "`uname`" = "Linux" ]; then
		mac=`ifconfig vMGT 2>/dev/null | grep HWaddr | awk '{print $NF}'`
	else
		mac=`ifconfig vMGT 2>/dev/null | grep ether | awk '{print $NF}'`
	fi

	printf "{"
	printf "\"mac\":\"${mac}\""

	if [ -f "${PGETC}/web/vmgt.conf" ]; then
		awk -F"=" \
		'{
			printf ",\"%s\":\"%s\"", $1, $2;
		}' ${PGETC}/web/vmgt.conf
	fi

	printf "}"
}


load_time()
{
	ntpsvr="0.0.0.0"
	default_tz="Asia"
	default_bcy="Shanghai"
	default_xcy=""

	if [ -f ${PGETC}/ntp.conf ]; then
		ntpserver_ip=`grep "ntpserver_ip" ${PGETC}/ntp.conf | cut -d"=" -f2`
	fi
	
	[ -f ${TZCONF} ] && . ${TZCONF}
	
	systime=`date +"%Y-%m-%d %H:%M:%S"`
	
	printf "{"
	printf "\"ntp\":\"${ntpserver_ip}\""
	printf ",\"time\":\"${systime}\""
	printf ",\"old_timezone\":\"${default_tz}\""
	printf ",\"old_city1\":\"${default_bcy}\""
	printf ",\"old_city2\":\"${default_xcy}\""
	printf ",\"timezone\":\"${default_tz}\""
	printf ",\"city1\":\"${default_bcy}\""
	printf ",\"city2\":\"${default_xcy}\""
	printf "}"
}


load_sysname()
{
	SYSNAME="Panabit"
	
	[ -f "${PGETC}/sysname.conf" ] && . "${PGETC}/sysname.conf"
	
	printf "{"
	printf "\"webexit\":\"${webexit}\","
	printf "\"curuser\":\"${PANABIT_USER}\","
	printf "\"moreadmin\":\"${DEFAULT_ADMIN}\","
	printf "\"sysname\":\"${SYSNAME}\""
	printf "}"
}


load_common_vmgt()
{
	local ifname=$1
	local mac=`ip link show ${ifname} | awk '/link\/ether/ {print $2}'`
	local conf="${PGETC}/web/common_vmgt_${ifname}.conf"

	printf "{"
	printf "\"mac\":\"${mac}\""

	if [ -f "${conf}" ]; then
		awk -F"=" \
		'{
			printf ",\"%s\":\"%s\"", $1, $2;
		}' ${conf}
	fi

	printf "}"
}


load_sys_conf()
{
	have_kni=""
	if [ `uname` = "Linux" ]; then
		have_kni=`ip link list | grep -E "vMGT1|vMGT0"`
	fi

	printf "{"
	printf "\"httpd\":`load_httpd_conf`"
	printf ",\"ifadmin\":`load_ifadmin`"
	printf ",\"dns\":`load_sys_dns`"
	printf ",\"vmgt\":`load_vmgt`"
	printf ",\"systime\":`load_time`"
	printf ",\"webacl\":`load_webacl`"
	printf ",\"sysname\":`load_sysname`"

	if [ "${have_kni}" != "" ]; then
		printf ",\"common_vmgt0\":`load_common_vmgt vMGT0`"
		printf ",\"common_vmgt1\":`load_common_vmgt vMGT1`"
	fi

	printf "}"
}


set_common_vmgt()
{
	mkdir -p ${PGETC}/web

	conf_file="${PGETC}/web/common_vmgt_${CGI_interface}.conf"

	if [ "${CGI_as_default}" = "on" ]; then
		have_default=`grep "as_default=on" ${PGETC}/web/common_vmgt_vMGT*.conf --with-filename | grep -v "${conf_file}"`
		[ "${have_default}" != "" ] && retjson 1 "ѾvMGTĬ·ɣظѡ"
	fi

	echo "ip=${CGI_ip}" > ${conf_file}
	echo "mask=${CGI_mask}" >> ${conf_file}
	echo "gateway=${CGI_gateway}" >> ${conf_file}
	echo "as_default=${CGI_as_default}" >> ${conf_file}
	echo "route=${CGI_route}" >> ${conf_file}
	
	sendto_webui_pipe vmgt_network

	WEB_LOGGER "${CGI_interface}" "vmgt=${CGI_interface} ip=${CGI_ip}"
	retjson 0 "ɹ"
}


set_ifadmin()
{
	if [ "${CGI_v6_ip}" != "" ]; then
		[ "${CGI_v6_mask}" = "" ] && retjson 1 "v6ǰ׺"
		[ "${CGI_v6_gateway}" = "" ] && retjson 1 "v6"
	fi

	mkdir -p ${PGETC}/web

	echo "ADMIN_IP=${CGI_ip}" > ${PGETC}/ifadmin.conf
	echo "ADMIN_MASK=${CGI_mask}" >> ${PGETC}/ifadmin.conf
	echo "GATEWAY=${CGI_gateway}" >> ${PGETC}/ifadmin.conf

	if [ "${CGI_append_ip}" != "" ]; then
		echo "APPEND_IP=${CGI_append_ip}" >> ${PGETC}/ifadmin.conf
		echo "APPEND_IPMASK=${CGI_append_ipmask}" >> ${PGETC}/ifadmin.conf
	fi

	echo "v6_ip=${CGI_v6_ip}/${CGI_v6_mask}" > ${v6ifadmin}
	echo "v6_gateway=${CGI_v6_gateway}" >> ${v6ifadmin}

	sync
	sync

	if [ "`uname`" = "Linux" ]; then
		ip addr flush dev ${ADMIN_PORT}
		ip addr add ${CGI_ip}/${CGI_mask} dev ${ADMIN_PORT}
		ip link set dev ${ADMIN_PORT} up

		ip route del default 2>&1

		if [ "${CGI_mask}" = "255.255.255.255" ]; then
			ipnet=`echo "${CGI_ip}" | awk -F"." '{printf "%s.%s.%s.0", $1, $2, $3}'`
			ip route add ${ipnet}/255.255.255.0 dev ${ADMIN_PORT}
		fi

		ip route add default via ${CGI_gateway} dev ${ADMIN_PORT} onlink
	else
		ifconfig ${ADMIN_PORT} ${CGI_ip} netmask ${CGI_mask}
		route delete default 2>&1
		route add default ${CGI_gateway} >/dev/null
	fi

	${WEBUICTL} start mgt_network >/dev/null 2>&1 &
	${WEBUICTL} start v6network >/dev/null 2>&1 &
	
	[ $? -ne 0 ] && retjson 1 "${LANG001:=ʧ}:v6ַʧ"

	WEB_LOGGER "${LANG003:=޸Ĺӿ}" "ip=${CGI_ip}"
	retjson 0 "${LANG002:=ɹ}"
}


set_sys_dns()
{
	if [ "${CGI_dns1}" != "" ]; then
		is_ipaddr "${CGI_dns1}"
		[ $? -ne 0 ] && retjson 1 "INV_DNS1"
	fi

	if [ "${CGI_dns2}" != "" ]; then
		is_ipaddr "${CGI_dns2}"
		[ $? -ne 0 ] && retjson 1 "INV_DNS2"
	fi

	echo "nameserver ${CGI_dns1}" > /etc/resolv.conf
	echo "nameserver ${CGI_dns2}" >> /etc/resolv.conf

	WEB_LOGGER "޸ϵͳDNS" "dns1=${CGI_dns1}, dns2=${CGI_dns2}"

	retjson 0 "${LANG002:=ɹ}"
}


set_vmgt()
{
	mkdir -p ${PGETC}/web/

	echo "ip=${CGI_ip}" > ${PGETC}/web/vmgt.conf
	echo "mask=${CGI_mask}" >> ${PGETC}/web/vmgt.conf
	echo "gateway=${CGI_gateway}" >> ${PGETC}/web/vmgt.conf

	sendto_webui_pipe ctel_vmgt

	WEB_LOGGER "޸vMGTӿ" "ip=${CGI_ip}"
	retjson 0 "${LANG002:=ɹ}"
}


set_systime()
{
	[ "${CGI_ntp}" = "" ] && CGI_ntp="0.0.0.0"
	echo "ntpserver_ip=${CGI_ntp}" > ${PGETC}/ntp.conf
	
	sendto_webui_pipe set_sys_time "${CGI_time}"
	WEB_LOGGER "޸ϵͳʱ"

	#set timezone
	if [ "${CGI_old_timezone}" != "${CGI_timezone}" -o "${CGI_old_city1}" != "${CGI_city1}" -o "${CGI_old_city2}" != "${CGI_city2}" ]; then
		zonefile="${TZPATH}/${CGI_timezone}/${CGI_city1}"
		[ "${CGI_city2}" != "" ] && zonefile="${zonefile}/${CGI_city2}"

		if [ ! -f ${zonefile} ]; then
			retjson 1 "δҵʱļʱʧ"
		fi

		cp ${zonefile} /etc/localtime
		adjkerntz -a

		echo "default_tz=${CGI_timezone}" > ${TZCONF}
		echo "default_bcy=${CGI_city1}" >> ${TZCONF}
		echo "default_xcy=${CGI_city2}" >> ${TZCONF}

		WEB_LOGGER "޸ϵͳʱ"
	fi
	
	# ͼʱ
	. /etc/PG.conf
	offset=`date +%z`
	jsmsg="Highcharts.setOptions({global: {timezoneOffset: ('${offset}' / -100) * 60}});"
	echo "${jsmsg}" > ${PGPATH}/admin/img/global_timezone.js
	echo "${jsmsg}" > /usr/ramdisk/admin/img/global_timezone.js
	echo "${jsmsg}" > ${TZPATH}/global_timezone.js
	
	if [ "${OEM}" = "ngntm" ]; then
        ${NGNTM} sync_ntp "${CGI_ntp_on}" "${CGI_ntp}" "${CGI_old_timezone}" "${CGI_old_city1}" "${CGI_old_city2}" "${CGI_timezone}" "${CGI_city1}" "${CGI_city2}" "${CGI_time}"
	fi

	retjson 0 "${LANG002:=ɹ}޸ʱPanaos"
}


set_ntptime()
{
	[ "${CGI_ntp}" = "" ] && CGI_ntp="0.0.0.0"
	echo "ntpserver_ip=${CGI_ntp}" > ${PGETC}/ntp.conf

	if [ "${CGI_ntp}" != "0.0.0.0" ]; then
        ntpdate -t 20 ${CGI_ntp} >/dev/null 2>&1 &
		hwclock -w
    fi

	retjson 0 "${LANG002:=ɹ}"
}


set_web_access()
{
	pswdTTL=0
	pswdLEN=8
	number=""
	bword=""
	sword=""
	other=""

	mkdir -p ${PGETC}/web/
	[ -f ${WEBACL} ] && . ${WEBACL}

	CGI_webexit=$((${CGI_webexit}*60))
	CGI_lockTime=$((${CGI_lockTime}*60))
	
	echo "webexit=${CGI_webexit}" >	${PGETC}/webexit.conf
	echo "fullexit=${CGI_fullexit}" >> ${PGETC}/webexit.conf

	echo "verifyCode=${CGI_verifyCode}"	> ${WEBACL}
	echo "maxErr=${CGI_maxErr}"			>> ${WEBACL}
	echo "lockTime=${CGI_lockTime}"		>> ${WEBACL}
	echo "pswdTTL=${pswdTTL}"			>> ${WEBACL}
	echo "pswdLEN=${pswdLEN}"			>> ${WEBACL}
	echo "number=${number}"				>> ${WEBACL}
	echo "bword=${bword}"				>> ${WEBACL}
	echo "sword=${sword}"				>> ${WEBACL}
	echo "other=${other}"				>> ${WEBACL}
	echo "api_enable=${CGI_api_enable}"	>> ${WEBACL}
	echo "quick_menu=${CGI_quick_menu}"	>> ${WEBACL}
	echo "sign_query_enable=${CGI_sign_query_enable}" >> ${WEBACL}
	echo "sign_query_key=${CGI_sign_query_key}" >> ${WEBACL}
	echo "pppoepwd_plaintext=${CGI_pppoepwd_plaintext}" >> ${WEBACL}

	if [ "${CGI_xss_verify}" = "1" ]; then
		touch ${RAMDISK}/web_secure.conf
		touch ${PGPATH}/web_secure.conf
	else
		[ -f ${RAMDISK}/web_secure.conf ] && rm ${RAMDISK}/web_secure.conf
		[ -f ${PGPATH}/web_secure.conf ] && rm ${PGPATH}/web_secure.conf
	fi

	if [ "${CGI_csrf_verify}" = "1" ]; then
		touch ${RAMDISK}/csrf_verify.conf
		touch ${PGPATH}/csrf_verify.conf
	else
		[ -f ${RAMDISK}/csrf_verify.conf ] && rm ${RAMDISK}/csrf_verify.conf
		[ -f ${PGPATH}/csrf_verify.conf ] && rm ${PGPATH}/csrf_verify.conf
	fi
	
	sendto_webui_pipe start_httpd

	WEB_LOGGER "ϵͳwebʹ"
	retjson 0 "${LANG002:=ɹ}"
}


set_sysname()
{
	echo "SYSNAME=\"${CGI_sysname}\"" > ${PGETC}/sysname.conf

	WEB_LOGGER "ϵͳ" "name=${CGI_sysname}"
	retjson 0 "${LANG002:=ɹ}"
}


set_power()
{
	if [ "${CGI_type}" = "reboot" ]; then
		sendto_webui_pipe sys_reboot
		WEB_LOGGER "ֶ豸"
		retjson 0 "ɹϵͳ"
	elif [ "${CGI_type}" = "shutdown" ]; then
		sendto_webui_pipe sys_shutdown
		WEB_LOGGER "ֶر豸"
		retjson 0 "ɹϵͳر"
	fi

	retjson 1 "INV_TYPE"
}


set_httpd()
{
	port=443
	read_timeout=60
	HTTPD_CONF="${PGETC}/httpd.conf"
	[  -f ${HTTPD_CONF} ] && . ${HTTPD_CONF}

	if [ "${CGI_port}" != "${port}" -o "${CGI_port}" != "${HTTPS_PORT}" ]; then
		[ "${CGI_port}" = "" ] && retjson 1 "INV_PORT"

		old_port=`grep ^port= ${HTTPD_CONF} | cut -d"=" -f2`

		grep -v "^port=" ${HTTPD_CONF} > ${HTTPD_CONF}.bak
		echo "port=${CGI_port}" >> ${HTTPD_CONF}.bak
		mv ${HTTPD_CONF}.bak ${HTTPD_CONF}

		grep -v "^HTTPS_PORT=" /etc/PG.conf > /etc/PG.conf.bak
		mv /etc/PG.conf.bak /etc/PG.conf
		cp /etc/PG.conf /usr/ramdisk/

		# set ifxdp
		run_incloud=`${FLOWEYE} cpu stat | grep run_incloud | cut -d"=" -f2`
		if [ "${run_incloud}" = "1" ]; then
			${FLOWEYE} ifxdp config admin_https_port=${CGI_port}
		fi

		WEB_LOGGER "޸HTTPD˿" "oldport=${old_port} port=${CGI_port}"
	fi

	if [ "${CGI_ssl}" = "1" -o "${CGI_ssl}" = "0" ]; then
		grep -v "^ssl=" ${HTTPD_CONF} > ${HTTPD_CONF}.bak
		echo "ssl=${CGI_ssl}" >> ${HTTPD_CONF}.bak
		mv ${HTTPD_CONF}.bak ${HTTPD_CONF}
	fi

	if [ "${read_timeout}" != "${CGI_read_timeout}" ]; then
		grep -v "^read_timeout=" ${HTTPD_CONF} >  ${HTTPD_CONF}.bak
		echo "read_timeout=${CGI_read_timeout}" >> ${HTTPD_CONF}.bak
		mv ${HTTPD_CONF}.bak ${HTTPD_CONF}
		WEB_LOGGER "޸HTTPDȡʱʱ" "read_timeout=${CGI_read_timeout}"
	fi
	
	sendto_webui_pipe start_httpd

	retjson 0 "${LANG002:=ɹ}"
}


restart_httpd()
{
	sleep 1

	sendto_webui_pipe start_httpd

	retjson 0 "OK"
}


get_snmp_stat()
{
	${FLOWEYE} snmp stat | awk -F"=" \
	'BEGIN{
		dot = "";
		printf "{";
	}{
		printf "%s\"%s\":\"%s\"", dot, $1, $2;
		if(dot == "") dot = ",";
	}END{
		printf "}";
	}'
}


set_snmp()
{
	[ "${CGI_enable}" = "on" ] && enable=1 || enable=0
	[ "${CGI_allowip}" = "" ] && CGI_allowip="any"
	
	cmdargs="enable=${enable} udp_port=${CGI_udp_port} community=${CGI_community} allowip=${CGI_allowip}"
	cmdargs="${cmdargs} version_support=${CGI_version_support}"

	if [ "${CGI_version_support}" != "1" ]; then
		cmdargs="${cmdargs} username=${CGI_username} auth_mode=${CGI_auth_mode} auth_pwd=${CGI_auth_pwd}"
		cmdargs="${cmdargs} priv_mode=${CGI_priv_mode} priv_pwd=${CGI_priv_pwd}"
	fi

	errmsg=`${FLOWEYE} snmp config ${cmdargs}`

	if [ $? -ne 0 ]; then
		retjson 1 "ʧܣ${errmsg}"
	else
		sync_floweye "snmp config ${cmdargs}"
		WEB_LOGGER "SNMP" "${cmdargs}"
		retjson 0 "ɹ"
	fi
}


load_oid_list()
{
	oid_file="${RAMDISK}/etc/snmp_oid.inf"

	if [ ! -f ${oid_file} ]; then
		printf "[]"
		return
	fi

	awk \
	'BEGIN{
		dot = "";
		printf "[";
	}{
		printf "%s\"%s\"", dot, $0;
		if(dot == "") dot = ",";
	}END{
		printf "]";
	}' ${oid_file}
}


cert_show_default()
{
	print_json_head

	cat ${RAMDISK}/admin/admin.pem
}


cert_recover_default()
{
	USER_CERT="${PGETC}/web/admin.pem"

	[ -f ${USER_CERT} ] && rm -rf ${USER_CERT}

	sendto_webui_pipe start_httpd

	retjson 0 "ɹ"
}


cert_upload_user()
{
	check1=`grep "BEGIN CERTIFICATE" ${CGI_file}`
	check2=`grep "END CERTIFICATE" ${CGI_file}`
	check3=`grep "BEGIN RSA PRIVATE KEY" ${CGI_file}`
	check4=`grep "END RSA PRIVATE KEY" ${CGI_file}`

	[ "${check1}" != "-----BEGIN CERTIFICATE-----" ] && retjson 1 "֤ʽ"
	[ "${check2}" != "-----END CERTIFICATE-----" ] && retjson 1 "֤ʽ"
	[ "${check3}" != "-----BEGIN RSA PRIVATE KEY-----" ] && retjson 1 "֤ʽ"
	[ "${check4}" != "-----END RSA PRIVATE KEY-----" ] && retjson 1 "֤ʽ"

	mkdir -p ${PGETC}/web/

	cp ${CGI_file} ${PGETC}/web/admin.pem

	sendto_webui_pipe start_httpd

	retjson 0 "ɹ"
}


case "${CGI_action}" in
	"load_sys_conf")
		retjson 0 "OK" "`load_sys_conf`"
		;;

	"load_webacl")
		retjson 0 "OK" "`load_webacl`"
		;;

	"load_user")
		data=`load_user`
		retjson 0 "OK" ${data}
		;;

	"set_sysname")
		action_check
		set_sysname
		;;

	"set_ifadmin")
		action_check
		set_ifadmin
		;;

	"set_sys_dns")
		action_check
		set_sys_dns
		;;

	"set_vmgt")
		action_check
		set_vmgt
		;;

	"set_systime")
		action_check
		set_systime
		;;

	"set_ntptime")
		action_check
		set_ntptime
		;;

	"set_web_access")
		action_check
		set_web_access
		;;

	"set_httpd")
		action_check
		set_httpd
		;;

	"set_power")
		admin_check
		set_power
		;;

	"restart_httpd")
		action_check
		restart_httpd
		;;

	"get_snmp_stat")
		retjson 0 "OK" "`get_snmp_stat`"
		;;

	"set_snmp")
		action_check
		set_snmp
		;;

	"load_oid_list")
		retjson 0 "OK" "`load_oid_list`"
		;;

	"cert_show_default")
		cert_show_default
		;;

	"cert_recover_default")
		action_check
		cert_recover_default
		;;

	"cert_upload_user")
		action_check
		cert_upload_user
		;;

	"load_ifadmin")
		retjson 0 "OK" "`load_ifadmin`"
		;;

	"set_common_vmgt")
		action_check
		set_common_vmgt
		;;

	*)
		retjson 1 "UNKNOW_ACTION"
		;;
esac
