Added revoking support to openssl

git-svn-id: svn://svn.alpinelinux.org/acf/openssl/trunk@1178 ab2d0c66-481e-0410-8bed-d214d4d58bed

1 files changed, 56 insertions, 26 deletions

diff --git a/openssl-html.lsp b/openssl-html.lsp
index 192f7ce..9c61259 100644
--- a/openssl-html.lsp
+++ b/openssl-html.lsp
@@ -7,7 +7,7 @@ io.write(html.cfe_unpack(view))
 <? if view.value.cmdresult then ?>
 <H1>Command Result</H1>
 <DL>
-<?= view.value.cmdresult.value ?>
+<?= string.gsub(view.value.cmdresult.value, "\n", "<BR>") ?>
 </DL>
 <? end ?>
 
@@ -42,6 +42,13 @@ io.write(html.cfe_unpack(view))
 </TABLE>
 <? end ?>
 
+<? local reverserevoked = {}
+if view.value.revoked then
+	for i,serial in ipairs(view.value.revoked.value) do
+		reverserevoked[serial] = i
+	end
+end ?>
+	
 <H1>Approved certificate requests<? if view.value.user then?> for <?= view.value.user.value ?><? end ?></H1>
 <? if not view.value.approved or #view.value.approved.value == 0 then ?>
 	No certificates approved
@@ -54,36 +61,59 @@ io.write(html.cfe_unpack(view))
 		<TD style="padding-right:20px;white-space:nowrap;" class="header">Common Name</TD>
 		<TD style="white-space:nowrap;" class="header">Serial Num</TD>
 	<? for i,cert in ipairs(view.value.approved.value) do ?>
-		<TR>
-		<TD>
-		<? if session.permissions.openssl.viewcert then ?>
-			<?= html.link{value="viewcert?cert="..cert.name, label="View "} ?>
-		<? end ?>
-		<? if session.permissions.openssl.getcert then ?>
-			<?= html.link{value="getcert?cert="..cert.name, label="Download "} ?>
-		<? end ?>
-		<? if session.permissions.openssl.revoke then ?>
-			<?= html.link{value="revoke?cert="..cert.name, label="Revoke "} ?>
+		<? if not reverserevoked[cert.serial] then ?>
+			<TR>
+			<TD>
+			<? if session.permissions.openssl.viewcert then ?>
+				<?= html.link{value="viewcert?cert="..cert.name, label="View "} ?>
+			<? end ?>
+			<? if session.permissions.openssl.getcert then ?>
+				<?= html.link{value="getcert?cert="..cert.name, label="Download "} ?>
+			<? end ?>
+			<? if session.permissions.openssl.revoke then ?>
+				<?= html.link{value="revoke?cert="..cert.name, label="Revoke "} ?>
+			<? end ?>
+			<? if session.permissions.openssl.deletecert then ?>
+				<?= html.link{value="deletecert?cert="..cert.name, label="Delete "} ?>
+			<? end ?>
+			</TD>
+			<TD><?= cert.user ?></TD>
+			<TD><?= cert.certtype ?></TD>
+			<TD><?= cert.commonName ?></TD>
+			<TD><?= cert.serial ?></TD>
+			</TR>
 		<? end ?>
-		<? if session.permissions.openssl.deletecert then ?>
-			<?= html.link{value="deletecert?cert="..cert.name, label="Delete "} ?>
-		<? end ?>
-		</TD>
-		<TD><?= cert.user ?></TD>
-		<TD><?= cert.certtype ?></TD>
-		<TD><?= cert.commonName ?></TD>
-		<TD><?= cert.serial ?></TD>
-		</TR>
 	<? end ?>
 </TABLE>
 <? end ?>
-	
+
 <H1>Revoked certificates<? if view.value.user then?> for <?= view.value.user.value ?><? end ?></H1>
 <? if not view.value.revoked or #view.value.revoked.value == 0 then ?>
 	No certificates revoked
-<? else
-	for i,name in ipairs(view.value.revoked.value) do
-		io.write(name..'<br>')
-	end
-end ?>
+<? else ?>
+<TABLE>
+	<TR style="background:#eee;font-weight:bold;">
+		<TD style="padding-right:20px;white-space:nowrap;" class="header">User</TD>
+		<TD style="padding-right:20px;white-space:nowrap;" class="header">Cert Type</TD>
+		<TD style="padding-right:20px;white-space:nowrap;" class="header">Common Name</TD>
+		<TD style="white-space:nowrap;" class="header">Serial Num</TD>
+	<? for i,cert in ipairs(view.value.approved.value) do ?>
+		<? if reverserevoked[cert.serial] then ?>
+			<TR>
+			<TD><?= cert.user ?></TD>
+			<TD><?= cert.certtype ?></TD>
+			<TD><?= cert.commonName ?></TD>
+			<TD><?= cert.serial ?></TD>
+			</TR>
+		<? end ?>
+	<? end ?>
+</TABLE>
+<? end ?>
+
+<? if session.permissions.openssl.getrevoked then ?>
+<H1>Get revoked list (crl)</H1>
+<?= html.link{value="getrevoked?crltype=PEM", label="Download PEM "} ?><BR>
+<?= html.link{value="getrevoked?crltype=DER", label="Download DER "} ?><BR>
+<?= html.link{value="getrevoked", label="Import to Firefox"} ?><BR>
 
+<? end ?>