diff options
author | Ted Trask <ttrask01@yahoo.com> | 2013-10-20 01:00:20 +0000 |
---|---|---|
committer | Ted Trask <ttrask01@yahoo.com> | 2013-10-20 01:00:20 +0000 |
commit | f211ddaa5e5dfb9b923b086901c328e83c7730e8 (patch) | |
tree | d685835d02884a9b88d37cb6685f03aa49ff42c6 | |
parent | 9b6f535853515cd9a0d1cec4b8d688184819f559 (diff) | |
download | acf-openssl-f211ddaa5e5dfb9b923b086901c328e83c7730e8.tar.bz2 acf-openssl-f211ddaa5e5dfb9b923b086901c328e83c7730e8.tar.xz |
Remove all calls to 'module' in preparation for move to Lua 5.2
Use mymodule parameter for module definition.
This was also helpful in revealing places where the code relied on the global environment.
-rw-r--r-- | openssl-controller.lua | 54 | ||||
-rw-r--r-- | openssl-model.lua | 82 |
2 files changed, 70 insertions, 66 deletions
diff --git a/openssl-controller.lua b/openssl-controller.lua index 45efb71..d34cdee 100644 --- a/openssl-controller.lua +++ b/openssl-controller.lua @@ -1,12 +1,12 @@ -- the openssl certificates controller -module (..., package.seeall) +local mymodule = {} -default_action = "status" +mymodule.default_action = "status" local sslstatus -mvc={} -mvc.pre_exec = function(self) +mymodule.mvc={} +mymodule.mvc.pre_exec = function(self) self.model.set_umask() sslstatus = self.model.getstatus() if not self.redirect then @@ -17,17 +17,17 @@ mvc.pre_exec = function(self) or (sslstatus.value.environment.errtxt and self.conf.action ~= "status" and self.conf.action ~= "editconfigfile" and self.conf.action ~= "checkenvironment") or ((sslstatus.value.cacert.errtxt or sslstatus.value.cakey.errtxt) and self.conf.action ~= "status" and self.conf.action ~= "editconfigfile" and self.conf.action ~= "putcacert" and self.conf.action ~= "generatecacert" and self.conf.action ~= "checkenvironment" and self.conf.action ~= "editdefaults") then - redirect(self) + self.redirect(self) end end -- Show openssl status -status = function(self) +mymodule.status = function(self) return sslstatus end -- View all pending and approved requests and revoked certificates -readall = function(self) +mymodule.readall = function(self) local pending = self.model.listrequests() local approved = self.model.listcerts() local revoked = self.model.listrevoked() @@ -36,7 +36,7 @@ readall = function(self) end -- Return all certificates (pending, approved, and revoked) for this user -read = function(self) +mymodule.read = function(self) local user = cfe({ value=self.sessiondata.userinfo.userid, label="User Name" }) local pending = self.model.listrequests(self.sessiondata.userinfo.userid) local approved = self.model.listcerts(self.sessiondata.userinfo.userid) @@ -46,88 +46,90 @@ read = function(self) end -- Form to request a new cert -request = function(self) +mymodule.request = function(self) return self.handle_form(self, self.model.getnewrequest, function(self, value) return self.model.submitrequest(value, self.sessiondata.userinfo.userid) end, self.clientdata, "Submit", "Request Certificate", "Request Submitted") end -- Form to edit request defaults -editdefaults = function(self) +mymodule.editdefaults = function(self) return self.handle_form(self, self.model.getreqdefaults, self.model.setreqdefaults, self.clientdata, "Save", "Edit Certificate Defaults", "Defaults Set") end -- View request details -viewrequest = function(self) +mymodule.viewrequest = function(self) return self.model.viewrequest(self.clientdata.request) end -- Approve the specified request -approve = function(self) +mymodule.approve = function(self) return self.handle_form(self, self.model.getapproverequest, self.model.approverequest, self.clientdata, "Approve", "Approve Request") end -- Delete the specified request -deleterequest = function(self) +mymodule.deleterequest = function(self) return self.handle_form(self, self.model.getdeleterequest, function(self, value) return self.model.deleterequest(self, value, nil) end, self.clientdata, "Delete", "Delete Request", "Request Deleted") end -- Delete the specified request -deletemyrequest = function(self) +mymodule.deletemyrequest = function(self) return self.handle_form(self, self.model.getdeleterequest, function(self, value) return self.model.deleterequest(self, value, self.sessiondata.userinfo.userid) end, self.clientdata, "Delete", "Delete Request", "Request Deleted") end -- View certificate details -viewcert = function(self) +mymodule.viewcert = function(self) return self.model.viewcert(self.clientdata.cert) end -- Get the specified cert -getcert = function(self) +mymodule.getcert = function(self) return self.model.getcert(self.clientdata.cert) end -- Revoke the specified cert -revoke = function(self) +mymodule.revoke = function(self) return self.handle_form(self, self.model.getrevokecert, self.model.revokecert, self.clientdata, "Revoke", "Revoke Certificate", "Certificate Revoked") end -- Delete the specified certificate -deletecert = function(self) +mymodule.deletecert = function(self) return self.handle_form(self, self.model.getdeletecert, self.model.deletecert, self.clientdata, "Delete", "Delete Certificate", "Certificate Deleted") end -- Submit request to renew the specified certificate -requestrenewcert = function(self) +mymodule.requestrenewcert = function(self) return self.handle_form(self, self.model.getrenewcert, self.model.renewcert, self.clientdata, "Renew", "Renew Certificate") end -- Renew the specified certificate -renewcert = function(self) +mymodule.renewcert = function(self) local retval = self.handle_form(self, self.model.getrenewcert, function(self, value, submit) return self.model.renewcert(self, value, submit, true) end, self.clientdata, "Renew", "Renew Certificate") end -- Get the revoked list -getrevoked = function(self) +mymodule.getrevoked = function(self) return self.model.getcrl(self.clientdata.crltype) end -- Put the CA cert -putcacert = function(self) +mymodule.putcacert = function(self) return self.handle_form(self, self.model.getnewputca, self.model.putca, self.clientdata, "Upload", "Upload CA Certificate", "Certificate Uploaded") end -downloadcacert = function(self) +mymodule.downloadcacert = function(self) return self.model.getca(self.clientdata.certtype) end -- Generate a self-signed CA -generatecacert = function(self) +mymodule.generatecacert = function(self) return self.handle_form(self, self.model.getnewcarequest, self.model.generateca, self.clientdata, "Generate", "Generate CA Certificate", "Certificate Generated") end -editconfigfile = function(self) +mymodule.editconfigfile = function(self) return self.handle_form(self, self.model.getconfigfile, self.model.setconfigfile, self.clientdata, "Save", "Edit Config File", "Config File Saved") end -checkenvironment = function(self) +mymodule.checkenvironment = function(self) return self.handle_form(self, self.model.getenvironment, self.model.setenvironment, self.clientdata, "Configure", "Configure Environment", "Environment Configured") end + +return mymodule diff --git a/openssl-model.lua b/openssl-model.lua index c2bcbf5..1df9b13 100644 --- a/openssl-model.lua +++ b/openssl-model.lua @@ -1,4 +1,4 @@ -module(..., package.seeall) +local mymodule = {} posix = require("posix") modelfunctions = require("modelfunctions") @@ -251,7 +251,7 @@ local unhashname = function(hashstring) return string.char(unpack(hash)) end -getstatus = function() +mymodule.getstatus = function() processinfo = require("acf.processinfo") -- set the working directory once for model posix.chdir(openssldir) @@ -298,16 +298,16 @@ getstatus = function() end end end - local environment = checkenvironment() + local environment = mymodule.checkenvironment() return cfe({ type="group", value={version=version, conffile=conffile, environment=environment, cacert=cacert, cacertcontents=cacertcontents, cakey=cakey}, label="openssl status" }) end -set_umask = function() +mymodule.set_umask = function() return posix.umask("rw-------") end -getreqdefaults = function() +mymodule.getreqdefaults = function() local defaults = getdefaults() --Add in the encryption bit default @@ -333,7 +333,7 @@ getreqdefaults = function() return defaults end -setreqdefaults = function(self, defaults) +mymodule.setreqdefaults = function(self, defaults) local success, defaults = validate_request(defaults, true) -- If success, write the values to the config file @@ -363,15 +363,15 @@ setreqdefaults = function(self, defaults) return defaults end -getnewrequest = function() - local values = getreqdefaults() +mymodule.getnewrequest = function() + local values = mymodule.getreqdefaults() -- In addition to the request defaults, we need a password and confirmation values.value.password = cfe({ type="password", label="Password", seq=98 }) values.value.password_confirm = cfe({ type="password", label="Password confirmation", seq=99 }) return values end -submitrequest = function(defaults, user) +mymodule.submitrequest = function(defaults, user) local success, defaults = validate_request(defaults) -- Must have a common name @@ -447,7 +447,7 @@ submitrequest = function(defaults, user) return defaults end -listrequests = function(user) +mymodule.listrequests = function(user) user = user or "*" local list={} local files = posix.glob(requestdir..user..".*\\.csr") or {} @@ -459,7 +459,7 @@ listrequests = function(user) return cfe({ type="list", value=list, label="List of pending requests" }) end -viewrequest = function(request) +mymodule.viewrequest = function(request) local reqpath = requestdir .. request local cmdresult = modelfunctions.run_executable({"openssl", "req", "-in", reqpath..".csr", "-text", "-noout"}) local a,b,c = string.match(request, "([^%.]*)%.([^%.]*)%.([^%.]*)") @@ -467,13 +467,13 @@ viewrequest = function(request) return request end -getapproverequest = function(self, clientdata) +mymodule.getapproverequest = function(self, clientdata) local retval = {} retval.request = cfe({ value=clientdata.request or "", label="Request" }) return cfe({ type="group", value=retval, label="Approve Request" }) end -approverequest = function(self, apprequest) +mymodule.approverequest = function(self, apprequest) local reqpath = requestdir .. apprequest.value.request.value if fs.is_file(reqpath..".csr") then -- Request file exists, so try to sign @@ -521,13 +521,13 @@ approverequest = function(self, apprequest) return apprequest end -getdeleterequest = function(self, clientdata) +mymodule.getdeleterequest = function(self, clientdata) local retval = {} retval.request = cfe({ value=clientdata.request or "", label="Request" }) return cfe({ type="group", value=retval, label="Delete Request" }) end -deleterequest = function(self, delrequest, user) +mymodule.deleterequest = function(self, delrequest, user) user = user or ".*" if (not fs.is_file(requestdir..delrequest.value.request.value..".csr")) or (not string.find(delrequest.value.request.value, "^"..user.."%.")) then delrequest.value.request.errtxt = "Request not found" @@ -543,7 +543,7 @@ deleterequest = function(self, delrequest, user) return delrequest end -listcerts = function(user) +mymodule.listcerts = function(user) user = user or "*" local list={} local files = posix.glob(certdir..user..".*\\.pfx") or {} @@ -583,37 +583,37 @@ listcerts = function(user) return cfe({ type="list", value=list, label="List of approved certificates" }) end -viewcert = function(cert) +mymodule.viewcert = function(cert) local cmdresult = modelfunctions.run_executable({"openssl", "x509", "-in", certdir..cert..".crt", "-noout", "-text"}) local a,b,c,d = string.match(cert, "([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)") return cfe({ type="table", value={name=name, user=a, certtype=b, commonName=c, serial=d, value=cmdresult}, label="Certificate" }) end -getcert = function(cert) +mymodule.getcert = function(cert) local f = fs.read_file(certdir..cert..".pfx") or "" local a,b,c,d = string.match(cert, "([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)") c = string.gsub(unhashname(c), "[^%w_-]", "") return cfe({ type="raw", value=f, label=c..".pfx", option="application/x-pkcs12" }) end -getrevokecert = function(self, clientdata) +mymodule.getrevokecert = function(self, clientdata) retval = {} retval.cert = cfe({ value=clientdata.cert or "", label="Certificate" }) return cfe({ type="group", value=retval, label="Revoke Certificate" }) end -revokecert = function(self, revreq) +mymodule.revokecert = function(self, revreq) revreq.descr, revreq.errtxt = modelfunctions.run_executable({"openssl", "ca", "-config", configfile, "-revoke", certdir..revreq.value.cert.value..".crt", "-batch"}, true) return revreq end -getdeletecert = function(self, clientdata) +mymodule.getdeletecert = function(self, clientdata) retval = {} retval.cert = cfe({ value=clientdata.cert or "", label="Certificate" }) return cfe({ type="group", value=retval, label="Delete Certificate" }) end -deletecert = function(self, delcert) +mymodule.deletecert = function(self, delcert) -- The certificate will still be in the ca directories and index.txt, just not available for web interface local certname = certdir..delcert.value.cert.value os.remove(certname..".cfg") @@ -625,13 +625,13 @@ deletecert = function(self, delcert) return delcert end -getrenewcert = function(self, clientdata) +mymodule.getrenewcert = function(self, clientdata) retval = {} retval.cert = cfe({ value=clientdata.cert or "", label="Certificate" }) return cfe({ type="group", value=retval, label="Renew Certificate" }) end -renewcert = function(self, recert, submit, approve) +mymodule.renewcert = function(self, recert, submit, approve) local success = true local user,certtype,commonName,serialnum = string.match(recert.value.cert.value, "([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)") local reqname = requestdir..user.."."..certtype.."."..commonName @@ -670,9 +670,9 @@ renewcert = function(self, recert, submit, approve) end if success and approve then - local tmp = getapproverequest(self, {}) + local tmp = mymodule.getapproverequest(self, {}) tmp.value.request.value = posix.basename(reqname) - tmp = approverequest(self, tmp) + tmp = mymodule.approverequest(self, tmp) if tmp.errtxt then recert.descr = recert.descr.."\n"..tmp.errtxt end @@ -681,7 +681,7 @@ renewcert = function(self, recert, submit, approve) return recert end -listrevoked = function() +mymodule.listrevoked = function() config = config or format.parse_ini_file(fs.read_file(configfile) or "") local databasepath = getconfigentry(config.ca.default_ca, "database") local revoked = {} @@ -694,7 +694,7 @@ listrevoked = function() return cfe({ type="list", value=revoked, label="Revoked serial numbers" }) end -getcrl = function(crltype) +mymodule.getcrl = function(crltype) local crlfile = cfe({ type="raw", option="application/pkix-crl" }) modelfunctions.run_executable({"openssl", "ca", "-config", configfile, "-gencrl", "-out", openssldir.."ca-crl.crl"}) modelfunctions.run_executable({"openssl", "crl", "-in", openssldir.."ca-crl.crl", "-out", openssldir.."ca-der-crl.crl", "-outform", "DER"}) @@ -710,7 +710,7 @@ getcrl = function(crltype) return crlfile end -getca = function(certtype) +mymodule.getca = function(certtype) local result = cfe({ type="raw", option="application/x-x509-ca-cert" }) local fname = "cacert." if string.lower(certtype or "") == "der" then @@ -727,13 +727,13 @@ getca = function(certtype) return result end -getnewputca = function() +mymodule.getnewputca = function() local ca = cfe({ type="raw", value=0, label="CA Certificate", descr='File must be a password protected ".pfx" file' }) local password = cfe({ label="Certificate Password" }) return cfe({ type="group", value={ca=ca, password=password} }) end -putca = function(self, newca) +mymodule.putca = function(self, newca) local success = true -- Trying to upload a cert/key -- The way haserl works, ca contains the temporary file name @@ -790,14 +790,14 @@ putca = function(self, newca) return newca end -getnewcarequest = function() +mymodule.getnewcarequest = function() request = getdefaults() -- In addition to the distinguished name defaults, we need days request.value.days = cfe({ value="365", label="Number of days to certify", seq=95 }) return request end -generateca = function(self, defaults) +mymodule.generateca = function(self, defaults) local success, defaults = validate_request(defaults) if not validator.is_integer(defaults.value.days.value) then @@ -836,34 +836,34 @@ generateca = function(self, defaults) return defaults end -getconfigfile = function() +mymodule.getconfigfile = function() return modelfunctions.getfiledetails(configfile) end -setconfigfile = function(self, filedetails) +mymodule.setconfigfile = function(self, filedetails) -- validate return modelfunctions.setfiledetails(self, filedetails, {configfile}) end -getenvironment = function(self, clientdata) +mymodule.getenvironment = function(self, clientdata) local retval = {} - retval.status = checkenvironment() + retval.status = mymodule.checkenvironment() return cfe({ type="group", value=retval, label="Check Environment" }) end -setenvironment = function(self, setenv) +mymodule.setenvironment = function(self, setenv) -- loop through the cmdline and execute for x,cmd in ipairs(setenv.value.status.cmdline) do cmd() end - setenv.value.status = checkenvironment() + setenv.value.status = mymodule.checkenvironment() if setenv.value.status.errtxt then setenv.errtxt = "Failed to Configure Environment" end return setenv end -checkenvironment = function() +mymodule.checkenvironment = function() local errtxt = {} local cmdline = {} @@ -917,3 +917,5 @@ checkenvironment = function() end return cfe({ value=value, errtxt=errtxt, cmdline=cmdline, label="Environment" }) end + +return mymodule |