diff options
| author | nangel <nangel@iridum.private.net> | 2009-05-21 09:08:20 -0400 |
|---|---|---|
| committer | nangel <nangel@iridum.private.net> | 2009-05-21 09:08:20 -0400 |
| commit | 338fa0e9a214bb7abff2ef08f96054d0310f7eab (patch) | |
| tree | cb692dbf468175c67db7008923446a3171ecdced /openssl-model.lua | |
| parent | f6229742f86e861dbdbe77a01ffc98744db43025 (diff) | |
| download | acf-openssl-338fa0e9a214bb7abff2ef08f96054d0310f7eab.tar.bz2 acf-openssl-338fa0e9a214bb7abff2ef08f96054d0310f7eab.tar.xz | |
Committer: nangel <nangel@tetrasec.net>
listcerts function now forks openssl only once. This saves time
when number of certs is > 100.
Diffstat (limited to 'openssl-model.lua')
| -rw-r--r-- | openssl-model.lua | 36 |
1 files changed, 28 insertions, 8 deletions
diff --git a/openssl-model.lua b/openssl-model.lua index 3db9426..8bc09e9 100644 --- a/openssl-model.lua +++ b/openssl-model.lua @@ -515,25 +515,45 @@ listcerts = function(user) user = user or "*" local list={} local files = posix.glob(certdir..user..".*\\.pfx") or {} + -- Do this in two steps - saves forking openssl for each cert, which + -- speeds things up noticably for > 100 certs + local crtlist = "cat <<-EOF | openssl\n" + local crttab = {} for i,x in ipairs(files) do local name = basename(x,".pfx") - local a,b,c,d = string.match(name, "([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)") - local cmd = path .. "openssl x509 -in "..certdir..format.escapespecialcharacters(name)..".crt -noout -enddate" - local f = io.popen(cmd) - local enddate = f:read("*a") + local a,b,c,d = string.match(name, + "([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)") + list[#list + 1] = {name=name, user=a, certtype=b, + commonName=unhashname(c), serial=d, enddate=enddate, + daysremaining=time} + crtlist = crtlist .. "x509 -in " .. + certdir..format.escapespecialcharacters(name) .. + ".crt -noout -enddate\n" + end + crtlist = crtlist .. "EOF\n" + + local fh=io.popen(crtlist) + + for i,x in ipairs(files) do + local enddate = fh:read("*l") or "notAfter=Jan 1 00:00:01 1970 GMT" enddate = string.match(enddate, "notAfter=(.*)") - f:close() - local month, day, year = string.match(enddate, "(%a+)%s+(%d+)%s+%S+%s+(%d+)") + local month, day, year = + string.match(enddate, "(%a+)%s+(%d+)%s+%S+%s+(%d+)") - local reversemonth = {Jan=1,Feb=2,Mar=3,Apr=4,May=5,Jun=6,Jul=7,Aug=8,Sep=9,Oct=10,Nov=11,Dec=12} + local reversemonth = {Jan=1,Feb=2,Mar=3,Apr=4,May=5,Jun=6, + Jul=7,Aug=8,Sep=9,Oct=10,Nov=11,Dec=12} local time = os.time({year=year, month=reversemonth[month], day=day}) if os.time() > time then time = 0 else time = (time-os.time())/86400 end - list[#list + 1] = {name=name, user=a, certtype=b, commonName=unhashname(c), serial=d, enddate=enddate, daysremaining=time} + list[i].enddate = enddate + list[i].daysremaining = time end + + fh:close() + return cfe({ type="list", value=list, label="List of approved certificates" }) end |