country
-=item contact
+=item cert_contact
-contact
+contact email
=back
'city' => { label=>'City', %dis, },
'state' => { label=>'State', %dis, },
'country' => { label=>'Country', %dis, },
- 'cert_contact' => { label=>'Contact', %dis, },
+ 'cert_contact' => { label=>'Contact email', %dis, },
#'another_field' => {
# 'label' => 'Description',
|| $self->ut_textn('city')
|| $self->ut_textn('state')
|| $self->ut_textn('country') #XXX char(2) or NULL
- || $self->ut_textn('contact')
+ || $self->ut_textn('cert_contact')
;
return $error if $error;
);
}
-sub generate_csr {
+sub _file {
my $self = shift;
- my $in = $self->privatekey;
+ my $field = shift;
my $dir = $FS::UID::conf_dir. "/cache.". $FS::UID::datasrc; #XXX actual cache dir
my $fh = new File::Temp(
- TEMPLATE => 'certkey.'. '.XXXXXXXX',
+ TEMPLATE => 'cert.'. '.XXXXXXXX',
DIR => $dir,
) or die "can't open temp file: $!\n";
+ print $fh $self->$field;
+ close $fh;
+ $fh;
+}
+
+sub generate_csr {
+ my $self = shift;
+
+ my $fh = $self->_file('privatekey');
run( [qw( openssl req -new -key ), $fh->filename, '-subj', $self->subj ],
'>pipe'=>\*OUT, '2>'=>'/dev/null'
$self->csr($csr);
}
+#sub check_csr {
+# my $self = shift;
+#}
+
+sub generate_selfsigned {
+ my $self = shift;
+
+ my $days = 730;
+
+ my $key = $self->_file('privatekey');
+ my $csr = $self->_file('csr');
+
+ run( [qw( openssl req -x509 -nodes ),
+ '-days' => $days,
+ '-key' => $key->filename,
+ '-in' => $csr->filename,
+ ],
+ '>pipe'=>\*OUT, '2>'=>'/dev/null'
+ )
+ or die "error running openssl: $!";
+ #XXX error checking
+ my $csr = join('', <OUT>);
+ $self->certificate($csr);
+}
+
+#openssl x509 -in cert -noout -subject -issuer -dates -serial
+#subject= /CN=cn.example.com/ST=AK/O=Tofuy/OU=Soybean dept./C=US/L=Tofutown
+#issuer= /CN=cn.example.com/ST=AK/O=Tofuy/OU=Soybean dept./C=US/L=Tofutown
+#notBefore=Nov 7 05:07:42 2010 GMT
+#notAfter=Nov 6 05:07:42 2012 GMT
+#serial=B1DBF1A799EF207B
+
+sub check_certificate {
+ my $self = shift;
+
+ my $in = $self->certificate;
+ run( [qw( openssl x509 -noout -subject -issuer -dates -serial )],
+ '<'=>\$in,
+ '>pipe'=>\*OUT, '2>'=>'/dev/null'
+ )
+ or die "error running openssl: $!";
+ #XXX error checking
+
+ my %hash = ();
+ while (<OUT>) {
+ warn $_;
+ /^\s*(\w+)=\s*(.*)\s*$/ or next;
+ $hash{$1} = $2;
+ }
+
+ %hash;
+}
+
=back
=head1 BUGS
% $cgi->param('error', $error);
<% $cgi->redirect(popurl(2). "svc_cert.cgi?". $cgi->query_string ) %>
%} else {
-%#change link when we make a non-generic view
-%#<% $cgi->redirect(popurl(3). "view/svc_cert.cgi?$svcnum") %>
-<% $cgi->redirect(popurl(3). "view/svc_Common.html?svcdb=svc_cert;svcnum=$svcnum") %>
+<% $cgi->redirect(popurl(3). "view/svc_cert.cgi?$svcnum") %>
% }
<%init>
if ( $svcnum ) {
$old = qsearchs('svc_cert', { 'svcnum' => $svcnum } ) #agent virt;
or die 'unknown svcnum';
- $new->$_( $old->$_ ) for grep $old->$_, qw( privatekey );
+ $new->$_( $old->$_ ) for grep $old->$_, qw( privatekey csr certificate cacert );
}
my $popup = 0;
$new->privatekey( $cgi->param('privatekey') );
-} #elsif ( $cgi->param('privatekey') eq '_clear' ) { #import
+} #elsif ( $cgi->param('privatekey') eq '_clear' ) { #clear
my $error = '';
if ($cgi->param('svcnum')) {
<% include('/elements/error.html') %>
-<FORM ACTION="<% $p1 %>process/svc_cert.cgi" METHOD=POST>
+<FORM ACTION="<% $p %>edit/process/svc_cert.cgi" METHOD=POST>
<INPUT TYPE="hidden" NAME="svcnum" VALUE="<% $svcnum %>">
<INPUT TYPE="hidden" NAME="pkgnum" VALUE="<% $pkgnum %>">
<INPUT TYPE="hidden" NAME="svcpart" VALUE="<% $svcpart %>">
<% ntable("#cccccc",2) %>
+<TR>
+ <TD ALIGN="right">Private key</TD>
+ <TD BGCOLOR="#ffffff">
+
+% if ( $svc_cert->privatekey && $svc_cert->check_privatekey ) {
+
+ <FONT COLOR="#33ff33">Verification OK</FONT>
+% # remove key & cert link? just unprovision?
+
+ </TD></TR>
+
+% if (0) { #( $svc_cert->csr_submitted ) { #XXX add field? date? }
+
+% # just show the fields once the csr has been submitted
+
+% } else {
+
+% my $cust_main = $svc_cert->cust_svc->cust_pkg->cust_main;
+
+ <TR>
+ <TD ALIGN="right">Common name</TD>
+ <TD><INPUT TYPE="text" NAME="common_name" SIZE=40 MAXLENGTH=80 VALUE="<% $svc_cert->common_name |h %>"></TD>
+ </TR>
+
+ <TR>
+ <TD ALIGN="right">Organization</TD>
+ <TD><INPUT TYPE="text" NAME="organization" SIZE=40 MAXLENGTH=80 VALUE="<% $svc_cert->organization || $cust_main->company |h %>"></TD>
+ </TR>
+
+ <TR>
+ <TD ALIGN="right">Organization Unit</TD>
+ <TD><INPUT TYPE="text" NAME="organization_unit" SIZE=40 MAXLENGTH=80 VALUE="<% $svc_cert->organization_unit |h %>"></TD>
+ </TR>
+
+ <TR>
+ <TD ALIGN="right">City</TD>
+ <TD><% include('/elements/city.html',
+ 'city' => $svc_cert->city || $cust_main->city,
+ 'state' => $svc_cert->state || $cust_main->state,
+ 'country' => $svc_cert->country || $cust_main->country,
+ )
+ %>
+ </TD>
+ </TR>
+
+ <TR>
+ <TD ALIGN="right">State</TD>
+ <TD><% include('/elements/select-state.html',
+ 'city' => $svc_cert->city || $cust_main->city,
+ 'state' => $svc_cert->state || $cust_main->state,
+ 'country' => $svc_cert->country || $cust_main->country,
+ )
+ %>
+ </TD>
+ </TR>
+
+ <TR>
+ <TD ALIGN="right">Country</TD>
+ <TD><% include('/elements/select-country.html',
+ 'city' => $svc_cert->city || $cust_main->city,
+ 'state' => $svc_cert->state || $cust_main->state,
+ 'country' => $svc_cert->country || $cust_main->country,
+ )
+ %>
+ </TD>
+ </TR>
+
+ <TR>
+ <TD ALIGN="right">Contact email</TD>
+ <TD><INPUT TYPE="text" NAME="cert_contact" SIZE=40 MAXLENGTH=80 VALUE="<% $svc_cert->cert_contact || ($cust_main->invoicing_list_emailonly)[0] |h %>"></TD>
+ </TR>
+
+% }
+
+% } else {
+% my $re = '';
+% if ( $svc_cert->privatekey ) {
+ <FONT COLOR="#ff0000">Verification error</FONT>
+% $re = 'Clear and Re-';
+% }
+ <% include('/elements/popup_link.html', {
+ 'action' => "svc_cert/generate_privatekey.html$link_query",
+ 'label' => $re.'Generate',
+ 'actionlabel' => 'Generate private key',
+ #opt
+ 'width' => '350',
+ 'height' => '150'
+ #'color' => '#ff0000',
+ #'closetext' => 'Go Away', # the value '' removes the link
+ })%>
+
+ or
+
+ <% include('/elements/popup_link.html', {
+ 'action' => "svc_cert/import_privatekey.html$link_query",
+ 'label' => $re.'Import',
+ 'actionlabel' => 'Import private key',
+ #opt
+ 'width' => '544',
+ 'height' => '368',
+ #'color' => '#ff0000',
+ #'closetext' => 'Go Away', # the value '' removes the link
+ })%>
+% if ( $svc_cert->privatekey ) {
+ <PRE><% $svc_cert->privatekey |h %></PRE>
+% }
+ </TD>
+</TR>
+% }
+
</TABLE>
<BR>
die "access denied"
unless $FS::CurrentUser::CurrentUser->access_right('Provision customer service'); #something else more specific?
-#my $conf = new FS::Conf;
+my $conf = new FS::Conf;
+
+my($svcnum, $pkgnum, $svcpart, $part_svc, $svc_cert );
+if ( $cgi->param('error') ) {
+
+ $svc_cert = new FS::svc_cert ( {
+ map { $_, scalar($cgi->param($_)) } fields('svc_cert')
+ } );
+ $svcnum = $svc_cert->svcnum;
+ $pkgnum = $cgi->param('pkgnum');
+ $svcpart = $cgi->param('svcpart');
+ $part_svc = qsearchs('part_svc', { 'svcpart' => $svcpart } );
+ die "No part_svc entry!" unless $part_svc;
+
+} elsif ( $cgi->param('pkgnum') && $cgi->param('svcpart') ) { #adding
+
+ $cgi->param('pkgnum') =~ /^(\d+)$/ or die 'unparsable pkgnum';
+ $pkgnum = $1;
+ $cgi->param('svcpart') =~ /^(\d+)$/ or die 'unparsable svcpart';
+ $svcpart = $1;
+
+ $part_svc=qsearchs('part_svc',{'svcpart'=>$svcpart});
+ die "No part_svc entry!" unless $part_svc;
+
+ $svc_cert = new FS::svc_cert({});
+
+ $svcnum='';
+
+ $svc_cert->set_default_and_fixed;
+
+} else { #editing
+
+ my($query) = $cgi->keywords;
+ $query =~ /^(\d+)$/ or die "unparsable svcnum";
+ $svcnum=$1;
+ $svc_cert=qsearchs('svc_cert',{'svcnum'=>$svcnum})
+ or die "Unknown (svc_cert) svcnum!";
+
+ my($cust_svc)=qsearchs('cust_svc',{'svcnum'=>$svcnum})
+ or die "Unknown (cust_svc) svcnum!";
+
+ $pkgnum=$cust_svc->pkgnum;
+ $svcpart=$cust_svc->svcpart;
+
+ $part_svc=qsearchs('part_svc',{'svcpart'=>$svcpart});
+ die "No part_svc entry!" unless $part_svc;
+
+}
+my $action = $svcnum ? 'Edit' : 'Add';
+
+my $svc = $part_svc->getfield('svc');
+
+#my $otaker = getotaker;
+my $p1 = popurl(1);
+my $link_query = "?svcnum=$svcnum;pkgnum=$pkgnum;svcpart=$svcpart";
</%init>
--- /dev/null
+% if ($error) {
+% errorpage($error);
+%} else {
+<% $cgi->redirect($p."view/svc_cert.cgi?$svcnum") %>
+%}
+<%init>
+
+$cgi->param('svcnum') =~ /^(\d+)$/ or die 'illegal svcnum';
+my $svcnum = $1;
+
+my $svc_cert = qsearchs('svc_cert', { 'svcnum' => $svcnum } )
+ or die 'unknown svcnum';
+
+my $error = '';
+if ( $cgi->param('action') eq 'generate_csr' ) {
+ $svc_cert->generate_csr;
+ $error = $svc_cert->replace;
+} elsif ( $cgi->param('action') eq 'generate_selfsigned' ) {
+ $svc_cert->generate_selfsigned;
+ $error = $svc_cert->replace;
+} else {
+ die 'unknown action';
+}
+
+</%init>
<% include('elements/svc_Common.html',
- 'table' => 'svc_pbx',
- 'edit_url' => $p."edit/svc_Common.html?svcdb=svc_pbx;svcnum=",
- #'labels' => \%labels,
+ 'table' => 'svc_cert',
+ 'labels' => \%labels,
#'html_foot' => $html_foot,
- 'fields' => []
+ 'fields' => \@fields,
)
%>
<%init>
-#my $fields = FS::svc_pbx->table_info->{'fields'};
-#my %labels = map { $_ => ( ref($fields->{$_})
-# ? $fields->{$_}{'label'}
-# : $fields->{$_}
-# );
-# }
-# keys %$fields;
+my $fields = FS::svc_cert->table_info->{'fields'};
+my %labels = map { $_ => ( ref($fields->{$_})
+ ? $fields->{$_}{'label'}
+ : $fields->{$_}
+ );
+ }
+ keys %$fields;
+
+my @fields = (
+ { field=>'privatekey',
+ value=> sub {
+ my $svc_cert = shift;
+ if ( $svc_cert->privatekey && $svc_cert->check_privatekey ) {
+ '<FONT COLOR="#33ff33">Verification OK</FONT>';
+ } elsif ( $svc_cert->privatekey ) {
+ '<FONT COLOR="#ff0000">Verification error</FONT>';
+ } else {
+ '<I>(none)</I>';
+ }
+ },
+ },
+ qw( common_name organization organization_unit city state country cert_contact
+ ),
+ { 'field'=>'csr',
+ 'value'=> sub {
+ my $svc_cert = shift;
+ if ( $svc_cert->csr ) { #display the subject etc?
+ '<FONT STYLE="font-family:monospace"><PRE>'. $svc_cert->csr.
+ '</PRE></FONT>';
+ } elsif ( $svc_cert->common_name ) {
+ my $svcnum = $svc_cert->svcnum;
+ qq(<A HREF="${p}misc/svc_cert-generate.html?action=generate_csr;svcnum=$svcnum">Generate</A>);
+ } else {
+ '';
+ }
+ },
+ },
+ { 'field'=>'certificate',
+ 'value'=> sub {
+ my $svc_cert = shift;
+ if ( $svc_cert->certificate ) {
+
+ my %hash = $svc_cert->check_certificate;
+ my $out = '<TABLE>'; #XXX better formatting
+ foreach my $key ( keys %hash ) {
+ $out .= "<TR><TD>$key</TD><TD>$hash{$key}</TD></TR>";
+ }
+ $out .= '</TABLE>';
+
+ $out .= '<FONT STYLE="font-family:monospace"><PRE>'.
+ $svc_cert->certificate.
+ '</PRE></FONT>';
+ $out;
+ } elsif ( $svc_cert->csr ) {
+ my $svcnum = $svc_cert->svcnum;
+ qq(<A HREF="${p}misc/svc_cert-generate.html?action=generate_selfsigned;svcnum=$svcnum">Generate self-signed</A>);
+ } else {
+ '';
+ }
+ },
+ },
+);
</%init>