Fixed bug with request extensions. Don't override user input extensions with default extensions.

author: Ted Trask <ttrask01@yahoo.com> 2009-05-14 16:45:11 +0000
committer: Ted Trask <ttrask01@yahoo.com> 2009-05-14 16:45:11 +0000
commit: 4efb4213c7f855a84107a6e038a94d4faaea07b4 (patch)
tree: 11ba31311bff2c30358b9a3c30ad6ed17268a139 /openssl-model.lua
parent: 3898014eabac2bed98d652af08ff8669d1a97e96 (diff)
download: acf-openssl-4efb4213c7f855a84107a6e038a94d4faaea07b4.tar.bz2
acf-openssl-4efb4213c7f855a84107a6e038a94d4faaea07b4.tar.xz
1 files changed, 9 insertions, 18 deletions
diff --git a/openssl-model.lua b/openssl-model.lua
index 5f4debd..e8f9f45 100644
--- a/openssl-model.lua
+++ b/openssl-model.lua
@@ -385,30 +385,21 @@ submitrequest = function(defaults, user)
 		-- Generate a temp config file for this request
 		local fileval = fs.read_file(configfile) or ""
 		config = config or format.parse_ini_file(fileval)
-		local temp = format.dostounix(defaults.value.extensions.value)
-		local ext_section
-		if not config.req or not config.req.req_extensions then
-			ext_section = "v3_req"
-			while config[ext_section] do ext_section = "v3_req_"..tostring(os.time()) end
-		else
-			ext_section = config.req.req_extensions
-			for name,value in pairs(config[ext_section] or {}) do
-				temp = format.update_ini_file(temp, "", name, value)
-			end
-		end
+		local ext_section = "v3_req"
+		while config[ext_section] do ext_section = "v3_req_"..tostring(os.time()) end
+		local content = format.dostounix(defaults.value.extensions.value)
+		-- Override with the extensions for this cert type
 		if config[defaults.value.certtype.value].x509_extensions then
-			ext_section = config[defaults.value.certtype.value].x509_extensions
-			for name,value in pairs(config[ext_section] or {}) do
+			local temp = config[defaults.value.certtype.value].x509_extensions
+			for name,value in pairs(config[temp] or {}) do
 				if not string.find(value, "issuer") then
-					temp = format.update_ini_file(temp, "", name, value)
+					content = format.update_ini_file(content, "", name, value)
 				end
 			end
 		end
 		
-		if temp ~= "" then
-			fileval = format.set_ini_section(fileval, ext_section, temp)
-			fileval = format.update_ini_file(fileval, "req", "req_extensions", ext_section)
-		end
+		fileval = format.set_ini_section(fileval, ext_section, content)
+		fileval = format.update_ini_file(fileval, "req", "req_extensions", ext_section)
 		fs.write_file(reqname..".cfg", fileval)
 		
 		local cmd = path .. "openssl req -nodes -new -config "..format.escapespecialcharacters(reqname)..".cfg -keyout "..format.escapespecialcharacters(reqname)..".pem -out "..format.escapespecialcharacters(reqname)..'.csr -subj "'..subject..'" 2>&1'
author	Ted Trask <ttrask01@yahoo.com>	2009-05-14 16:45:11 +0000
committer	Ted Trask <ttrask01@yahoo.com>	2009-05-14 16:45:11 +0000
commit	4efb4213c7f855a84107a6e038a94d4faaea07b4 (patch)
tree	11ba31311bff2c30358b9a3c30ad6ed17268a139 /openssl-model.lua
parent	3898014eabac2bed98d652af08ff8669d1a97e96 (diff)
download	acf-openssl-4efb4213c7f855a84107a6e038a94d4faaea07b4.tar.bz2 acf-openssl-4efb4213c7f855a84107a6e038a94d4faaea07b4.tar.xz