From d3e200cb3f0c7391cac59e2b3462f0c069d54103 Mon Sep 17 00:00:00 2001
From: Luke Stuart <lukestu@gmail.com>
Date: Fri, 7 Oct 2011 09:22:26 +0000
Subject: Updates to Feature #354 incl. security hole fixed and choice of PEM
 or DER cacert download.

---
 openssl-model.lua | 19 +++++++++++++------
 1 file changed, 13 insertions(+), 6 deletions(-)

(limited to 'openssl-model.lua')

diff --git a/openssl-model.lua b/openssl-model.lua
index 9b3a63a..702967f 100755
--- a/openssl-model.lua
+++ b/openssl-model.lua
@@ -696,12 +696,19 @@ getcrl = function(crltype)
 	return crlfile
 end
 
-getpem = function(pem)
-        local f = fs.read_file(pem) or ""
-        local fname = string.gsub(pem, ".*/", "")
-        if validator.is_valid_filename(pem, openssldir) then
-                return cfe({ type="raw", value=f, label=fname, option="application/x-pkcs12" })
-        end
+getca = function(certype)
+	
+	if certype == "der" then
+		local cmd = path .. "openssl x509 -in "..openssldir.."cacert.pem -outform der -out "..openssldir.."cacert.der"
+		local f = io.popen(cmd)
+		f:close()
+	end
+	local fname = "cacert."..certype
+	local dlcert = openssldir..fname	
+	local fread = fs.read_file(dlcert) or ""
+	if validator.is_valid_filename(dlcert, openssldir) then
+		return  cfe({ type="raw", value=fread, label=fname, option="application/x-x509-ca-cert" })
+	end
 end
 
 getnewputca = function()
-- 
cgit v1.2.3