summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTed Trask <ttrask01@yahoo.com>2013-01-08 15:00:09 +0000
committerTed Trask <ttrask01@yahoo.com>2013-01-08 15:00:09 +0000
commit3b09210006490f8f2b0a9ba930ec963af2b21ee3 (patch)
tree99a2495853fe83018d9021a923b1981f275ce44c
parenta1acbc6931fd92dcbbef013ea623485909fec8cb (diff)
downloadacf-openvpn-3b09210006490f8f2b0a9ba930ec963af2b21ee3.tar.bz2
acf-openvpn-3b09210006490f8f2b0a9ba930ec963af2b21ee3.tar.xz
Replace io.popen calls with modelfunctions.run_executable
-rw-r--r--openvpn-model.lua39
1 files changed, 11 insertions, 28 deletions
diff --git a/openvpn-model.lua b/openvpn-model.lua
index 6a7d7bb..94a78c2 100644
--- a/openvpn-model.lua
+++ b/openvpn-model.lua
@@ -14,8 +14,6 @@ local configfile = "/etc/openvpn/openvpn.conf"
local baseurl = "/etc/openvpn/"
local certurl = "/etc/openvpn/openvpn_certs/"
-local path = "PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin "
-
function set_processname(p)
processname = p
configfile = "/etc/openvpn/"..processname..".conf"
@@ -245,15 +243,12 @@ function upload_cert(self, newcert)
-- Trying to upload a cert/key
-- The way haserl works, cert contains the temporary file name
-- First, get the cert
- local cmd, f, cmdresult
+ local cmd, f, cmdresult, errtxt
if validator.is_valid_filename(newcert.value.cert.value, "/tmp/") and fs.is_file(newcert.value.cert.value) then
- cmd = path .. "openssl pkcs12 -in "..format.escapespecialcharacters(newcert.value.cert.value).." -out "..format.escapespecialcharacters(newcert.value.cert.value).."cert.pem -password pass:"..format.escapespecialcharacters(newcert.value.password.value).." -nokeys -clcerts 2>&1"
- f = io.popen(cmd)
- cmdresult = f:read("*a")
- f:close()
+ cmdresult, errtxt = modelfunctions.run_executable({"openssl", "pkcs12", "-in", newcert.value.cert.value, "-out", newcert.value.cert.value.."cert.pem", "-password", "pass:"..newcert.value.password.value, "-nokeys", "-clcerts"}, true)
local filestats = posix.stat(newcert.value.cert.value.."cert.pem")
if not filestats or filestats.size == 0 then
- newcert.value.cert.errtxt = "Could not open certificate\n"..cmdresult
+ newcert.value.cert.errtxt = "Could not open certificate\n"..(errtxt or cmdresult)
success = false
end
else
@@ -263,23 +258,17 @@ function upload_cert(self, newcert)
-- Now, get the key and the ca certs
if success then
- cmd = path .. "openssl pkcs12 -in "..format.escapespecialcharacters(newcert.value.cert.value).." -out "..format.escapespecialcharacters(newcert.value.cert.value).."key.pem -password pass:"..format.escapespecialcharacters(newcert.value.password.value).." -nocerts -nodes 2>&1"
- f = io.popen(cmd)
- cmdresult = f:read("*a")
- f:close()
+ cmdresult, errtxt = modelfunctions.run_executable({"openssl", "pkcs12", "-in", newcert.value.cert.value, "-out", newcert.value.cert.value.."key.pem", "-password", "pass:"..newcert.value.password.value, "-nocerts", "-nodes"}, true)
filestats = posix.stat(newcert.value.cert.value.."key.pem")
if not filestats or filestats.size == 0 then
- newcert.value.cert.errtxt = "Could not find key\n"..cmdresult
+ newcert.value.cert.errtxt = "Could not find key\n"..(errtxt or cmdresult)
success = false
end
- cmd = path .. "openssl pkcs12 -in "..format.escapespecialcharacters(newcert.value.cert.value).." -out "..format.escapespecialcharacters(newcert.value.cert.value).."ca.pem -password pass:"..format.escapespecialcharacters(newcert.value.password.value).." -nokeys -cacerts 2>&1"
- f = io.popen(cmd)
- cmdresult = f:read("*a")
- f:close()
+ cmdresult, errtxt = modelfunctions.run_executable({"openssl", "pkcs12", "-in", newcert.value.cert.value, "-out", newcert.value.cert.value.."ca.pem", "-password", "pass:"..newcert.value.password.value, "-nokeys", "-cacerts"}, true)
filestats = posix.stat(newcert.value.cert.value.."ca.pem")
if not filestats or filestats.size == 0 then
- newcert.value.cert.errtxt = "Could not find CA certs\n"..cmdresult
+ newcert.value.cert.errtxt = "Could not find CA certs\n"..(errtxt or cmdresult)
success = false
end
end
@@ -317,17 +306,15 @@ end
view_cert = function(certname)
local cmdresult = "Invalid cert name"
+ local errtxt
if not string.find(certname, "/") then
certname = certurl..certname
end
if validator.is_valid_filename(certname, certurl) or validator.is_valid_filename(certname, baseurl) then
- local cmd = path .. "openssl x509 -in "..format.escapespecialcharacters(certname).." -noout -text"
- local f = io.popen(cmd)
- cmdresult = f:read("*a")
- f:close()
+ cmdresult, errtxt = modelfunctions.run_executable({"openssl", "x509", "-in", certname, "-noout", "-text"})
cmdresult = cmdresult .. "Content:\n" .. (fs.read_file(certname) or "")
end
- return cfe({ type="table", value={name=certname, value=cmdresult}, label="Certificate" })
+ return cfe({ type="table", value={name=certname, value=cmdresult}, label="Certificate", errtxt=errtxt })
end
get_generate_dh_params = function(self, clientdata)
@@ -336,10 +323,6 @@ get_generate_dh_params = function(self, clientdata)
end
generate_dh_params = function(self, gen)
- local cmd = path .. "openssl dhparam -out "..certurl.."dh1024.pem 1024 2>&1"
- f = io.popen(cmd)
- gen.descr = f:read("*a")
- f:close()
-
+ gen.descr, gen.errtxt = modelfunctions.run_executable({"openssl", "dhparam", "-out", certurl.."dh1024.pem", "1024"}, true)
return gen
end