summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTed Trask <ttrask01@yahoo.com>2013-10-20 01:00:20 +0000
committerTed Trask <ttrask01@yahoo.com>2013-10-20 01:00:20 +0000
commitf211ddaa5e5dfb9b923b086901c328e83c7730e8 (patch)
treed685835d02884a9b88d37cb6685f03aa49ff42c6
parent9b6f535853515cd9a0d1cec4b8d688184819f559 (diff)
downloadacf-openssl-f211ddaa5e5dfb9b923b086901c328e83c7730e8.tar.bz2
acf-openssl-f211ddaa5e5dfb9b923b086901c328e83c7730e8.tar.xz
Remove all calls to 'module' in preparation for move to Lua 5.2
Use mymodule parameter for module definition. This was also helpful in revealing places where the code relied on the global environment.
-rw-r--r--openssl-controller.lua54
-rw-r--r--openssl-model.lua82
2 files changed, 70 insertions, 66 deletions
diff --git a/openssl-controller.lua b/openssl-controller.lua
index 45efb71..d34cdee 100644
--- a/openssl-controller.lua
+++ b/openssl-controller.lua
@@ -1,12 +1,12 @@
-- the openssl certificates controller
-module (..., package.seeall)
+local mymodule = {}
-default_action = "status"
+mymodule.default_action = "status"
local sslstatus
-mvc={}
-mvc.pre_exec = function(self)
+mymodule.mvc={}
+mymodule.mvc.pre_exec = function(self)
self.model.set_umask()
sslstatus = self.model.getstatus()
if not self.redirect then
@@ -17,17 +17,17 @@ mvc.pre_exec = function(self)
or (sslstatus.value.environment.errtxt and self.conf.action ~= "status" and self.conf.action ~= "editconfigfile" and self.conf.action ~= "checkenvironment")
or ((sslstatus.value.cacert.errtxt or sslstatus.value.cakey.errtxt) and self.conf.action ~= "status" and self.conf.action ~= "editconfigfile" and self.conf.action ~= "putcacert" and self.conf.action ~= "generatecacert" and self.conf.action ~= "checkenvironment" and self.conf.action ~= "editdefaults")
then
- redirect(self)
+ self.redirect(self)
end
end
-- Show openssl status
-status = function(self)
+mymodule.status = function(self)
return sslstatus
end
-- View all pending and approved requests and revoked certificates
-readall = function(self)
+mymodule.readall = function(self)
local pending = self.model.listrequests()
local approved = self.model.listcerts()
local revoked = self.model.listrevoked()
@@ -36,7 +36,7 @@ readall = function(self)
end
-- Return all certificates (pending, approved, and revoked) for this user
-read = function(self)
+mymodule.read = function(self)
local user = cfe({ value=self.sessiondata.userinfo.userid, label="User Name" })
local pending = self.model.listrequests(self.sessiondata.userinfo.userid)
local approved = self.model.listcerts(self.sessiondata.userinfo.userid)
@@ -46,88 +46,90 @@ read = function(self)
end
-- Form to request a new cert
-request = function(self)
+mymodule.request = function(self)
return self.handle_form(self, self.model.getnewrequest, function(self, value) return self.model.submitrequest(value, self.sessiondata.userinfo.userid) end, self.clientdata, "Submit", "Request Certificate", "Request Submitted")
end
-- Form to edit request defaults
-editdefaults = function(self)
+mymodule.editdefaults = function(self)
return self.handle_form(self, self.model.getreqdefaults, self.model.setreqdefaults, self.clientdata, "Save", "Edit Certificate Defaults", "Defaults Set")
end
-- View request details
-viewrequest = function(self)
+mymodule.viewrequest = function(self)
return self.model.viewrequest(self.clientdata.request)
end
-- Approve the specified request
-approve = function(self)
+mymodule.approve = function(self)
return self.handle_form(self, self.model.getapproverequest, self.model.approverequest, self.clientdata, "Approve", "Approve Request")
end
-- Delete the specified request
-deleterequest = function(self)
+mymodule.deleterequest = function(self)
return self.handle_form(self, self.model.getdeleterequest, function(self, value) return self.model.deleterequest(self, value, nil) end, self.clientdata, "Delete", "Delete Request", "Request Deleted")
end
-- Delete the specified request
-deletemyrequest = function(self)
+mymodule.deletemyrequest = function(self)
return self.handle_form(self, self.model.getdeleterequest, function(self, value) return self.model.deleterequest(self, value, self.sessiondata.userinfo.userid) end, self.clientdata, "Delete", "Delete Request", "Request Deleted")
end
-- View certificate details
-viewcert = function(self)
+mymodule.viewcert = function(self)
return self.model.viewcert(self.clientdata.cert)
end
-- Get the specified cert
-getcert = function(self)
+mymodule.getcert = function(self)
return self.model.getcert(self.clientdata.cert)
end
-- Revoke the specified cert
-revoke = function(self)
+mymodule.revoke = function(self)
return self.handle_form(self, self.model.getrevokecert, self.model.revokecert, self.clientdata, "Revoke", "Revoke Certificate", "Certificate Revoked")
end
-- Delete the specified certificate
-deletecert = function(self)
+mymodule.deletecert = function(self)
return self.handle_form(self, self.model.getdeletecert, self.model.deletecert, self.clientdata, "Delete", "Delete Certificate", "Certificate Deleted")
end
-- Submit request to renew the specified certificate
-requestrenewcert = function(self)
+mymodule.requestrenewcert = function(self)
return self.handle_form(self, self.model.getrenewcert, self.model.renewcert, self.clientdata, "Renew", "Renew Certificate")
end
-- Renew the specified certificate
-renewcert = function(self)
+mymodule.renewcert = function(self)
local retval = self.handle_form(self, self.model.getrenewcert, function(self, value, submit) return self.model.renewcert(self, value, submit, true) end, self.clientdata, "Renew", "Renew Certificate")
end
-- Get the revoked list
-getrevoked = function(self)
+mymodule.getrevoked = function(self)
return self.model.getcrl(self.clientdata.crltype)
end
-- Put the CA cert
-putcacert = function(self)
+mymodule.putcacert = function(self)
return self.handle_form(self, self.model.getnewputca, self.model.putca, self.clientdata, "Upload", "Upload CA Certificate", "Certificate Uploaded")
end
-downloadcacert = function(self)
+mymodule.downloadcacert = function(self)
return self.model.getca(self.clientdata.certtype)
end
-- Generate a self-signed CA
-generatecacert = function(self)
+mymodule.generatecacert = function(self)
return self.handle_form(self, self.model.getnewcarequest, self.model.generateca, self.clientdata, "Generate", "Generate CA Certificate", "Certificate Generated")
end
-editconfigfile = function(self)
+mymodule.editconfigfile = function(self)
return self.handle_form(self, self.model.getconfigfile, self.model.setconfigfile, self.clientdata, "Save", "Edit Config File", "Config File Saved")
end
-checkenvironment = function(self)
+mymodule.checkenvironment = function(self)
return self.handle_form(self, self.model.getenvironment, self.model.setenvironment, self.clientdata, "Configure", "Configure Environment", "Environment Configured")
end
+
+return mymodule
diff --git a/openssl-model.lua b/openssl-model.lua
index c2bcbf5..1df9b13 100644
--- a/openssl-model.lua
+++ b/openssl-model.lua
@@ -1,4 +1,4 @@
-module(..., package.seeall)
+local mymodule = {}
posix = require("posix")
modelfunctions = require("modelfunctions")
@@ -251,7 +251,7 @@ local unhashname = function(hashstring)
return string.char(unpack(hash))
end
-getstatus = function()
+mymodule.getstatus = function()
processinfo = require("acf.processinfo")
-- set the working directory once for model
posix.chdir(openssldir)
@@ -298,16 +298,16 @@ getstatus = function()
end
end
end
- local environment = checkenvironment()
+ local environment = mymodule.checkenvironment()
return cfe({ type="group", value={version=version, conffile=conffile, environment=environment, cacert=cacert, cacertcontents=cacertcontents, cakey=cakey}, label="openssl status" })
end
-set_umask = function()
+mymodule.set_umask = function()
return posix.umask("rw-------")
end
-getreqdefaults = function()
+mymodule.getreqdefaults = function()
local defaults = getdefaults()
--Add in the encryption bit default
@@ -333,7 +333,7 @@ getreqdefaults = function()
return defaults
end
-setreqdefaults = function(self, defaults)
+mymodule.setreqdefaults = function(self, defaults)
local success, defaults = validate_request(defaults, true)
-- If success, write the values to the config file
@@ -363,15 +363,15 @@ setreqdefaults = function(self, defaults)
return defaults
end
-getnewrequest = function()
- local values = getreqdefaults()
+mymodule.getnewrequest = function()
+ local values = mymodule.getreqdefaults()
-- In addition to the request defaults, we need a password and confirmation
values.value.password = cfe({ type="password", label="Password", seq=98 })
values.value.password_confirm = cfe({ type="password", label="Password confirmation", seq=99 })
return values
end
-submitrequest = function(defaults, user)
+mymodule.submitrequest = function(defaults, user)
local success, defaults = validate_request(defaults)
-- Must have a common name
@@ -447,7 +447,7 @@ submitrequest = function(defaults, user)
return defaults
end
-listrequests = function(user)
+mymodule.listrequests = function(user)
user = user or "*"
local list={}
local files = posix.glob(requestdir..user..".*\\.csr") or {}
@@ -459,7 +459,7 @@ listrequests = function(user)
return cfe({ type="list", value=list, label="List of pending requests" })
end
-viewrequest = function(request)
+mymodule.viewrequest = function(request)
local reqpath = requestdir .. request
local cmdresult = modelfunctions.run_executable({"openssl", "req", "-in", reqpath..".csr", "-text", "-noout"})
local a,b,c = string.match(request, "([^%.]*)%.([^%.]*)%.([^%.]*)")
@@ -467,13 +467,13 @@ viewrequest = function(request)
return request
end
-getapproverequest = function(self, clientdata)
+mymodule.getapproverequest = function(self, clientdata)
local retval = {}
retval.request = cfe({ value=clientdata.request or "", label="Request" })
return cfe({ type="group", value=retval, label="Approve Request" })
end
-approverequest = function(self, apprequest)
+mymodule.approverequest = function(self, apprequest)
local reqpath = requestdir .. apprequest.value.request.value
if fs.is_file(reqpath..".csr") then
-- Request file exists, so try to sign
@@ -521,13 +521,13 @@ approverequest = function(self, apprequest)
return apprequest
end
-getdeleterequest = function(self, clientdata)
+mymodule.getdeleterequest = function(self, clientdata)
local retval = {}
retval.request = cfe({ value=clientdata.request or "", label="Request" })
return cfe({ type="group", value=retval, label="Delete Request" })
end
-deleterequest = function(self, delrequest, user)
+mymodule.deleterequest = function(self, delrequest, user)
user = user or ".*"
if (not fs.is_file(requestdir..delrequest.value.request.value..".csr")) or (not string.find(delrequest.value.request.value, "^"..user.."%.")) then
delrequest.value.request.errtxt = "Request not found"
@@ -543,7 +543,7 @@ deleterequest = function(self, delrequest, user)
return delrequest
end
-listcerts = function(user)
+mymodule.listcerts = function(user)
user = user or "*"
local list={}
local files = posix.glob(certdir..user..".*\\.pfx") or {}
@@ -583,37 +583,37 @@ listcerts = function(user)
return cfe({ type="list", value=list, label="List of approved certificates" })
end
-viewcert = function(cert)
+mymodule.viewcert = function(cert)
local cmdresult = modelfunctions.run_executable({"openssl", "x509", "-in", certdir..cert..".crt", "-noout", "-text"})
local a,b,c,d = string.match(cert, "([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)")
return cfe({ type="table", value={name=name, user=a, certtype=b, commonName=c, serial=d, value=cmdresult}, label="Certificate" })
end
-getcert = function(cert)
+mymodule.getcert = function(cert)
local f = fs.read_file(certdir..cert..".pfx") or ""
local a,b,c,d = string.match(cert, "([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)")
c = string.gsub(unhashname(c), "[^%w_-]", "")
return cfe({ type="raw", value=f, label=c..".pfx", option="application/x-pkcs12" })
end
-getrevokecert = function(self, clientdata)
+mymodule.getrevokecert = function(self, clientdata)
retval = {}
retval.cert = cfe({ value=clientdata.cert or "", label="Certificate" })
return cfe({ type="group", value=retval, label="Revoke Certificate" })
end
-revokecert = function(self, revreq)
+mymodule.revokecert = function(self, revreq)
revreq.descr, revreq.errtxt = modelfunctions.run_executable({"openssl", "ca", "-config", configfile, "-revoke", certdir..revreq.value.cert.value..".crt", "-batch"}, true)
return revreq
end
-getdeletecert = function(self, clientdata)
+mymodule.getdeletecert = function(self, clientdata)
retval = {}
retval.cert = cfe({ value=clientdata.cert or "", label="Certificate" })
return cfe({ type="group", value=retval, label="Delete Certificate" })
end
-deletecert = function(self, delcert)
+mymodule.deletecert = function(self, delcert)
-- The certificate will still be in the ca directories and index.txt, just not available for web interface
local certname = certdir..delcert.value.cert.value
os.remove(certname..".cfg")
@@ -625,13 +625,13 @@ deletecert = function(self, delcert)
return delcert
end
-getrenewcert = function(self, clientdata)
+mymodule.getrenewcert = function(self, clientdata)
retval = {}
retval.cert = cfe({ value=clientdata.cert or "", label="Certificate" })
return cfe({ type="group", value=retval, label="Renew Certificate" })
end
-renewcert = function(self, recert, submit, approve)
+mymodule.renewcert = function(self, recert, submit, approve)
local success = true
local user,certtype,commonName,serialnum = string.match(recert.value.cert.value, "([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)")
local reqname = requestdir..user.."."..certtype.."."..commonName
@@ -670,9 +670,9 @@ renewcert = function(self, recert, submit, approve)
end
if success and approve then
- local tmp = getapproverequest(self, {})
+ local tmp = mymodule.getapproverequest(self, {})
tmp.value.request.value = posix.basename(reqname)
- tmp = approverequest(self, tmp)
+ tmp = mymodule.approverequest(self, tmp)
if tmp.errtxt then
recert.descr = recert.descr.."\n"..tmp.errtxt
end
@@ -681,7 +681,7 @@ renewcert = function(self, recert, submit, approve)
return recert
end
-listrevoked = function()
+mymodule.listrevoked = function()
config = config or format.parse_ini_file(fs.read_file(configfile) or "")
local databasepath = getconfigentry(config.ca.default_ca, "database")
local revoked = {}
@@ -694,7 +694,7 @@ listrevoked = function()
return cfe({ type="list", value=revoked, label="Revoked serial numbers" })
end
-getcrl = function(crltype)
+mymodule.getcrl = function(crltype)
local crlfile = cfe({ type="raw", option="application/pkix-crl" })
modelfunctions.run_executable({"openssl", "ca", "-config", configfile, "-gencrl", "-out", openssldir.."ca-crl.crl"})
modelfunctions.run_executable({"openssl", "crl", "-in", openssldir.."ca-crl.crl", "-out", openssldir.."ca-der-crl.crl", "-outform", "DER"})
@@ -710,7 +710,7 @@ getcrl = function(crltype)
return crlfile
end
-getca = function(certtype)
+mymodule.getca = function(certtype)
local result = cfe({ type="raw", option="application/x-x509-ca-cert" })
local fname = "cacert."
if string.lower(certtype or "") == "der" then
@@ -727,13 +727,13 @@ getca = function(certtype)
return result
end
-getnewputca = function()
+mymodule.getnewputca = function()
local ca = cfe({ type="raw", value=0, label="CA Certificate", descr='File must be a password protected ".pfx" file' })
local password = cfe({ label="Certificate Password" })
return cfe({ type="group", value={ca=ca, password=password} })
end
-putca = function(self, newca)
+mymodule.putca = function(self, newca)
local success = true
-- Trying to upload a cert/key
-- The way haserl works, ca contains the temporary file name
@@ -790,14 +790,14 @@ putca = function(self, newca)
return newca
end
-getnewcarequest = function()
+mymodule.getnewcarequest = function()
request = getdefaults()
-- In addition to the distinguished name defaults, we need days
request.value.days = cfe({ value="365", label="Number of days to certify", seq=95 })
return request
end
-generateca = function(self, defaults)
+mymodule.generateca = function(self, defaults)
local success, defaults = validate_request(defaults)
if not validator.is_integer(defaults.value.days.value) then
@@ -836,34 +836,34 @@ generateca = function(self, defaults)
return defaults
end
-getconfigfile = function()
+mymodule.getconfigfile = function()
return modelfunctions.getfiledetails(configfile)
end
-setconfigfile = function(self, filedetails)
+mymodule.setconfigfile = function(self, filedetails)
-- validate
return modelfunctions.setfiledetails(self, filedetails, {configfile})
end
-getenvironment = function(self, clientdata)
+mymodule.getenvironment = function(self, clientdata)
local retval = {}
- retval.status = checkenvironment()
+ retval.status = mymodule.checkenvironment()
return cfe({ type="group", value=retval, label="Check Environment" })
end
-setenvironment = function(self, setenv)
+mymodule.setenvironment = function(self, setenv)
-- loop through the cmdline and execute
for x,cmd in ipairs(setenv.value.status.cmdline) do
cmd()
end
- setenv.value.status = checkenvironment()
+ setenv.value.status = mymodule.checkenvironment()
if setenv.value.status.errtxt then
setenv.errtxt = "Failed to Configure Environment"
end
return setenv
end
-checkenvironment = function()
+mymodule.checkenvironment = function()
local errtxt = {}
local cmdline = {}
@@ -917,3 +917,5 @@ checkenvironment = function()
end
return cfe({ value=value, errtxt=errtxt, cmdline=cmdline, label="Environment" })
end
+
+return mymodule