diff options
| author | Luke Stuart <lukestu@gmail.com> | 2011-10-07 09:22:26 +0000 |
|---|---|---|
| committer | Ted Trask <ttrask01@yahoo.com> | 2011-10-07 08:12:19 -0400 |
| commit | d3e200cb3f0c7391cac59e2b3462f0c069d54103 (patch) | |
| tree | 5c438ecce99ef49aab9b7578fe24006f3ad7ceb3 /openssl-model.lua | |
| parent | a628cec21b17c4971c5a7560697bb73e1809ef8b (diff) | |
| download | acf-openssl-d3e200cb3f0c7391cac59e2b3462f0c069d54103.tar.bz2 acf-openssl-d3e200cb3f0c7391cac59e2b3462f0c069d54103.tar.xz | |
Updates to Feature #354 incl. security hole fixed and choice of PEM or DER cacert download.
Diffstat (limited to 'openssl-model.lua')
| -rwxr-xr-x | openssl-model.lua | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/openssl-model.lua b/openssl-model.lua index 9b3a63a..702967f 100755 --- a/openssl-model.lua +++ b/openssl-model.lua @@ -696,12 +696,19 @@ getcrl = function(crltype) return crlfile end -getpem = function(pem) - local f = fs.read_file(pem) or "" - local fname = string.gsub(pem, ".*/", "") - if validator.is_valid_filename(pem, openssldir) then - return cfe({ type="raw", value=f, label=fname, option="application/x-pkcs12" }) - end +getca = function(certype) + + if certype == "der" then + local cmd = path .. "openssl x509 -in "..openssldir.."cacert.pem -outform der -out "..openssldir.."cacert.der" + local f = io.popen(cmd) + f:close() + end + local fname = "cacert."..certype + local dlcert = openssldir..fname + local fread = fs.read_file(dlcert) or "" + if validator.is_valid_filename(dlcert, openssldir) then + return cfe({ type="raw", value=fread, label=fname, option="application/x-x509-ca-cert" }) + end end getnewputca = function() |