Modified openssl to make renew (really rekey) work.

git-svn-id: svn://svn.alpinelinux.org/acf/openssl/trunk@1572 ab2d0c66-481e-0410-8bed-d214d4d58bed

2 files changed, 11 insertions, 8 deletions

diff --git a/openssl-html.lsp b/openssl-html.lsp
index 616bc40..4258171 100644
--- a/openssl-html.lsp
+++ b/openssl-html.lsp
@@ -99,11 +99,11 @@ end %>
 		<% if session.permissions.openssl.getcert then %>
 			<%= html.link{value="getcert?cert="..cert.name, label="Download "} %>
 		<% end %>
-		<% --[[ if session.permissions.openssl.renewcert then %>
+		<% if session.permissions.openssl.renewcert then %>
 			<%= html.link{value="renewcert?cert="..cert.name, label="Renew "} %>
 		<% elseif session.permissions.openssl.requestrenewcert then %>
 			<%= html.link{value="requestrenewcert?cert="..cert.name, label="Renew "} %>
-		<% end --]] %>
+		<% end %>
 		<% if session.permissions.openssl.revoke then %>
 			<%= html.link{value="revoke?cert="..cert.name, label="Revoke "} %>
 		<% end %>
diff --git a/openssl-model.lua b/openssl-model.lua
index 07ab963..01edc07 100644
--- a/openssl-model.lua
+++ b/openssl-model.lua
@@ -334,7 +334,7 @@ setreqdefaults = function(defaults)
 			ext_section = config.req.req_extensions
 		end
 		config = nil
-		fileval = format.set_ini_section(fileval, ext_section, defaults.value.extensions.value)
+		fileval = format.set_ini_section(fileval, ext_section, format.dostounix(defaults.value.extensions.value))
 		fileval = format.update_ini_file(fileval, "ca", "default_ca", defaults.value.certtype.value)
 		fileval = write_distinguished_names(fileval, defaults, {"certtype", "extensions"})
 		fs.write_file(configfile, fileval)
@@ -386,7 +386,7 @@ submitrequest = function(defaults, user)
 		-- Generate a temp config file for this request
 		local fileval = fs.read_file(configfile)
 		config = config or format.parse_ini_file(fileval)
-		local temp = defaults.value.extensions.value
+		local temp = format.dostounix(defaults.value.extensions.value)
 		local ext_section
 		if not config.req or not config.req.req_extensions then
 			ext_section = "v3_req"
@@ -410,9 +410,9 @@ submitrequest = function(defaults, user)
 			fileval = format.set_ini_section(fileval, ext_section, temp)
 			fileval = format.update_ini_file(fileval, "req", "req_extensions", ext_section)
 		end
-		fs.write_file(configfile..".tmp", fileval)
+		fs.write_file(reqname..".cfg", fileval)
 		
-		local cmd = path .. "openssl req -nodes -new -config "..configfile..".tmp -keyout "..reqname..".pem -out "..reqname..".csr -subj '"..subject.."' 2>&1"
+		local cmd = path .. "openssl req -nodes -new -config "..reqname..".cfg -keyout "..reqname..".pem -out "..reqname..".csr -subj '"..subject.."' 2>&1"
 		local f = io.popen(cmd)
 		local cmdresult = f:read("*a")
 		f:close()
@@ -498,6 +498,9 @@ approverequest = function(request)
 			cmd = "cp "..reqpath..".pem "..certname..".pem"
 			f = io.popen(cmd)
 			f:close()
+			cmd = "cp "..reqpath..".cfg "..certname..".cfg"
+			f = io.popen(cmd)
+			f:close()
 			cmd = "rm "..reqpath..".*"
 			f = io.popen(cmd)
 			f:close()
@@ -605,12 +608,12 @@ renewcert = function(cert, approve)
 		cmd = "cp "..certdir..cert..".pwd "..reqname..".pwd"
 		f = io.popen(cmd)
 		f:close()
-		cmd = "cp "..certdir..cert..".pem "..reqname..".pem"
+		cmd = "cp "..certdir..cert..".cfg "..reqname..".cfg"
 		f = io.popen(cmd)
 		f:close()
 
 		-- Next, submit the request
-		cmd = path .. "openssl req -new -config "..configfile.." -key "..reqname..".pem -out "..reqname..".csr -subj '"..subject.."' 2>&1"
+		cmd = path .. "openssl req -nodes -new -config "..reqname..".cfg -keyout "..reqname..".pem -out "..reqname..".csr -subj '"..subject.."' 2>&1"
 		f = io.popen(cmd)
 		cmdresult = f:read("*a")
 		f:close()