From 3b09210006490f8f2b0a9ba930ec963af2b21ee3 Mon Sep 17 00:00:00 2001 From: Ted Trask Date: Tue, 8 Jan 2013 15:00:09 +0000 Subject: Replace io.popen calls with modelfunctions.run_executable --- openvpn-model.lua | 39 +++++++++++---------------------------- 1 file changed, 11 insertions(+), 28 deletions(-) (limited to 'openvpn-model.lua') diff --git a/openvpn-model.lua b/openvpn-model.lua index 6a7d7bb..94a78c2 100644 --- a/openvpn-model.lua +++ b/openvpn-model.lua @@ -14,8 +14,6 @@ local configfile = "/etc/openvpn/openvpn.conf" local baseurl = "/etc/openvpn/" local certurl = "/etc/openvpn/openvpn_certs/" -local path = "PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin " - function set_processname(p) processname = p configfile = "/etc/openvpn/"..processname..".conf" @@ -245,15 +243,12 @@ function upload_cert(self, newcert) -- Trying to upload a cert/key -- The way haserl works, cert contains the temporary file name -- First, get the cert - local cmd, f, cmdresult + local cmd, f, cmdresult, errtxt if validator.is_valid_filename(newcert.value.cert.value, "/tmp/") and fs.is_file(newcert.value.cert.value) then - cmd = path .. "openssl pkcs12 -in "..format.escapespecialcharacters(newcert.value.cert.value).." -out "..format.escapespecialcharacters(newcert.value.cert.value).."cert.pem -password pass:"..format.escapespecialcharacters(newcert.value.password.value).." -nokeys -clcerts 2>&1" - f = io.popen(cmd) - cmdresult = f:read("*a") - f:close() + cmdresult, errtxt = modelfunctions.run_executable({"openssl", "pkcs12", "-in", newcert.value.cert.value, "-out", newcert.value.cert.value.."cert.pem", "-password", "pass:"..newcert.value.password.value, "-nokeys", "-clcerts"}, true) local filestats = posix.stat(newcert.value.cert.value.."cert.pem") if not filestats or filestats.size == 0 then - newcert.value.cert.errtxt = "Could not open certificate\n"..cmdresult + newcert.value.cert.errtxt = "Could not open certificate\n"..(errtxt or cmdresult) success = false end else @@ -263,23 +258,17 @@ function upload_cert(self, newcert) -- Now, get the key and the ca certs if success then - cmd = path .. "openssl pkcs12 -in "..format.escapespecialcharacters(newcert.value.cert.value).." -out "..format.escapespecialcharacters(newcert.value.cert.value).."key.pem -password pass:"..format.escapespecialcharacters(newcert.value.password.value).." -nocerts -nodes 2>&1" - f = io.popen(cmd) - cmdresult = f:read("*a") - f:close() + cmdresult, errtxt = modelfunctions.run_executable({"openssl", "pkcs12", "-in", newcert.value.cert.value, "-out", newcert.value.cert.value.."key.pem", "-password", "pass:"..newcert.value.password.value, "-nocerts", "-nodes"}, true) filestats = posix.stat(newcert.value.cert.value.."key.pem") if not filestats or filestats.size == 0 then - newcert.value.cert.errtxt = "Could not find key\n"..cmdresult + newcert.value.cert.errtxt = "Could not find key\n"..(errtxt or cmdresult) success = false end - cmd = path .. "openssl pkcs12 -in "..format.escapespecialcharacters(newcert.value.cert.value).." -out "..format.escapespecialcharacters(newcert.value.cert.value).."ca.pem -password pass:"..format.escapespecialcharacters(newcert.value.password.value).." -nokeys -cacerts 2>&1" - f = io.popen(cmd) - cmdresult = f:read("*a") - f:close() + cmdresult, errtxt = modelfunctions.run_executable({"openssl", "pkcs12", "-in", newcert.value.cert.value, "-out", newcert.value.cert.value.."ca.pem", "-password", "pass:"..newcert.value.password.value, "-nokeys", "-cacerts"}, true) filestats = posix.stat(newcert.value.cert.value.."ca.pem") if not filestats or filestats.size == 0 then - newcert.value.cert.errtxt = "Could not find CA certs\n"..cmdresult + newcert.value.cert.errtxt = "Could not find CA certs\n"..(errtxt or cmdresult) success = false end end @@ -317,17 +306,15 @@ end view_cert = function(certname) local cmdresult = "Invalid cert name" + local errtxt if not string.find(certname, "/") then certname = certurl..certname end if validator.is_valid_filename(certname, certurl) or validator.is_valid_filename(certname, baseurl) then - local cmd = path .. "openssl x509 -in "..format.escapespecialcharacters(certname).." -noout -text" - local f = io.popen(cmd) - cmdresult = f:read("*a") - f:close() + cmdresult, errtxt = modelfunctions.run_executable({"openssl", "x509", "-in", certname, "-noout", "-text"}) cmdresult = cmdresult .. "Content:\n" .. (fs.read_file(certname) or "") end - return cfe({ type="table", value={name=certname, value=cmdresult}, label="Certificate" }) + return cfe({ type="table", value={name=certname, value=cmdresult}, label="Certificate", errtxt=errtxt }) end get_generate_dh_params = function(self, clientdata) @@ -336,10 +323,6 @@ get_generate_dh_params = function(self, clientdata) end generate_dh_params = function(self, gen) - local cmd = path .. "openssl dhparam -out "..certurl.."dh1024.pem 1024 2>&1" - f = io.popen(cmd) - gen.descr = f:read("*a") - f:close() - + gen.descr, gen.errtxt = modelfunctions.run_executable({"openssl", "dhparam", "-out", certurl.."dh1024.pem", "1024"}, true) return gen end -- cgit v1.2.3