diff options
| author | Ted Trask <ttrask01@yahoo.com> | 2015-01-31 11:35:25 -0500 |
|---|---|---|
| committer | Ted Trask <ttrask01@yahoo.com> | 2015-01-31 11:35:25 -0500 |
| commit | 04feaaceb5de55bf95dfc712ab97641b194a222b (patch) | |
| tree | cfe683f7dfb73e55ddb59cdc2692d9e87e7af908 | |
| parent | aac2c6c96fe4be58b4ad7de8840542471903e806 (diff) | |
| download | acf-openssl-04feaaceb5de55bf95dfc712ab97641b194a222b.tar.bz2 acf-openssl-04feaaceb5de55bf95dfc712ab97641b194a222b.tar.xz | |
Updated the three download/stream actions to properly handle clientdata in the model
Relies on acf-core-0.19 update to template-stream.html
| -rw-r--r-- | openssl-controller.lua | 6 | ||||
| -rw-r--r-- | openssl-model.lua | 91 | ||||
| -rw-r--r-- | openssl-status-html.lsp | 4 |
3 files changed, 64 insertions, 37 deletions
diff --git a/openssl-controller.lua b/openssl-controller.lua index 994c00b..450332c 100644 --- a/openssl-controller.lua +++ b/openssl-controller.lua @@ -72,7 +72,7 @@ end -- Get the specified cert mymodule.getcert = function(self) - return self.model.getcert(self.clientdata.cert) + return self.model.getcert(self, self.clientdata) end -- Revoke the specified cert @@ -97,7 +97,7 @@ end -- Get the revoked list mymodule.getrevoked = function(self) - return self.model.getcrl(self.clientdata.crltype) + return self.model.getcrl(self, self.clientdata) end -- Put the CA cert @@ -106,7 +106,7 @@ mymodule.putcacert = function(self) end mymodule.downloadcacert = function(self) - return self.model.getca(self.clientdata.certtype) + return self.model.getca(self, self.clientdata) end -- Generate a self-signed CA diff --git a/openssl-model.lua b/openssl-model.lua index 5dd159f..bb33e35 100644 --- a/openssl-model.lua +++ b/openssl-model.lua @@ -625,11 +625,20 @@ mymodule.viewcert = function(self, clientdata) return retval end -mymodule.getcert = function(cert) - local f = fs.read_file(openssldir..certdir..cert..".pfx") or "" - local a,b,c,d = string.match(cert, "([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)") - c = string.gsub(unhashname(c), "[^%w_-]", "") - return cfe({ type="raw", value=f, label=c..".pfx", option="application/x-pkcs12" }) +mymodule.getcert = function(self, clientdata) + local retval = cfe({ type="group", value={}, label="Certificate" }) + retval.value.cert = cfe({ label="Certificate", key=true }) + self.handle_clientdata(retval, clientdata) + + local cert = retval.value.cert.value + if cert ~= "" then + local f = fs.read_file(openssldir..certdir..cert..".pfx") or "" + local a,b,c,d = string.match(cert, "([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)") + c = string.gsub(unhashname(c), "[^%w_-]", "") + retval.value.details = cfe({ type="raw", value=f, label=c..".pfx", option="application/x-pkcs12" }) + end + + return retval end mymodule.getrevokecert = function(self, clientdata) @@ -717,37 +726,55 @@ mymodule.renewcert = function(self, recert, submit, approve) return recert end -mymodule.getcrl = function(crltype) - local crlfile = cfe({ type="raw", option="application/pkix-crl" }) - modelfunctions.run_executable({"openssl", "ca", "-config", openssldir..configfile, "-gencrl", "-out", openssldir.."ca-crl.crl"}) - modelfunctions.run_executable({"openssl", "crl", "-in", openssldir.."ca-crl.crl", "-out", openssldir.."ca-der-crl.crl", "-outform", "DER"}) - if string.lower(crltype or "") == "der" then - crlfile.label = "ca-der-crl.crl" - crlfile.value = fs.read_file(crlfile.label) or "" - elseif string.lower(crltype or "") == "pem" then - crlfile.label = "ca-crl.crl" - crlfile.value = fs.read_file(crlfile.label) or "" - else - crlfile.value = fs.read_file("ca-der-crl.crl") or "" +mymodule.getcrl = function(self, clientdata) + local retval = cfe({ type="group", value={}, label="Certificate Revocation List" }) + retval.value.crltype = cfe({ type="select", value="", option={"", "DER", "PEM"}, label="CRL Type", key=true }) + self.handle_clientdata(retval, clientdata) + + local crltype = retval.value.crltype.value + if modelfunctions.validateselect(retval.value.crltype) then + retval.value.details = cfe({ type="raw", option="application/pkix-crl" }) + modelfunctions.run_executable({"openssl", "ca", "-config", openssldir..configfile, "-gencrl", "-out", openssldir.."ca-crl.crl"}) + modelfunctions.run_executable({"openssl", "crl", "-in", openssldir.."ca-crl.crl", "-out", openssldir.."ca-der-crl.crl", "-outform", "DER"}) + if crltype == "DER" then + retval.value.details.label = "ca-der-crl.crl" + retval.value.details.value = fs.read_file(retval.value.details.label) or "" + elseif crltype == "PEM" then + retval.value.details.label = "ca-crl.crl" + retval.value.details.value = fs.read_file(retval.value.details.label) or "" + else + retval.value.details.value = fs.read_file("ca-der-crl.crl") or "" + end end - return crlfile + + return retval end -mymodule.getca = function(certtype) - local result = cfe({ type="raw", option="application/x-x509-ca-cert" }) - local fname = "cacert." - if string.lower(certtype or "") == "der" then - modelfunctions.run_executable({"openssl", "x509", "-in", openssldir.."cacert.pem", "-outform", "der", "-out", openssldir.."cacert.der"}) - fname = fname.."der" - result.label = fname - elseif string.lower(certtype or "") == "pem" then - fname = fname.."pem" - result.label = fname - else - fname = fname.."pem" +mymodule.getca = function(self, clientdata) + local retval = cfe({ type="group", value={}, label="CA Certificate" }) + retval.value.certtype = cfe({ type="select", value="", option={"", "DER", "PEM"}, label="Certificate Type", key=true }) + self.handle_clientdata(retval, clientdata) + + local certtype = retval.value.certtype.value + if modelfunctions.validateselect(retval.value.certtype) then + retval.value.details = cfe({ type="raw", option="application/x-x509-ca-cert" }) + local fname = "cacert." + if certtype == "DER" then + if not posix.stat(openssldir.."cacert.der") then + modelfunctions.run_executable({"openssl", "x509", "-in", openssldir.."cacert.pem", "-outform", "der", "-out", openssldir.."cacert.der"}) + end + fname = fname.."der" + retval.value.details.label = fname + elseif certtype == "PEM" then + fname = fname.."pem" + retval.value.details.label = fname + else + fname = fname.."pem" + end + retval.value.details.value = fs.read_file(fname) or "" end - result.value = fs.read_file(fname) or "" - return result + + return retval end mymodule.getnewputca = function() diff --git a/openssl-status-html.lsp b/openssl-status-html.lsp index 3dfb813..e980114 100644 --- a/openssl-status-html.lsp +++ b/openssl-status-html.lsp @@ -45,8 +45,8 @@ end <% if not view.value.cacert.errtxt and viewlibrary.check_permission("downloadcacert") then htmlviewfunctions.displaysectionstart(cfe({label="Download CA Cert"}), page_info, header_level) - htmlviewfunctions.displayitem(cfe({type="link", value={certtype=cfe({type="hidden", value="pem"}), viewtype=cfe({type="hidden", value="stream"})}, label="", option="Download PEM", action="downloadcacert"}), page_info, -1) - htmlviewfunctions.displayitem(cfe({type="link", value={certtype=cfe({type="hidden", value="der"}), viewtype=cfe({type="hidden", value="stream"})}, label="", option="Download DER", action="downloadcacert"}), page_info, -1) + htmlviewfunctions.displayitem(cfe({type="link", value={certtype=cfe({type="hidden", value="PEM"}), viewtype=cfe({type="hidden", value="stream"})}, label="", option="Download PEM", action="downloadcacert"}), page_info, -1) + htmlviewfunctions.displayitem(cfe({type="link", value={certtype=cfe({type="hidden", value="DER"}), viewtype=cfe({type="hidden", value="stream"})}, label="", option="Download DER", action="downloadcacert"}), page_info, -1) htmlviewfunctions.displaysectionend(header_level) end %> |