From e50b6ec8d63afe4c04ae33384758d8786fcc7cfe Mon Sep 17 00:00:00 2001 From: ivan Date: Mon, 8 Nov 2010 00:01:58 +0000 Subject: [PATCH] certificates ala communigate, RT#7515 --- FS/FS/svc_cert.pm | 9 ++-- httemplate/edit/process/svc_cert.cgi | 8 ++++ httemplate/edit/svc_cert/import_cacert.html | 22 ++++++++++ httemplate/view/svc_cert.cgi | 67 ++++++++++++++++++++++++++++- 4 files changed, 102 insertions(+), 4 deletions(-) create mode 100644 httemplate/edit/svc_cert/import_cacert.html diff --git a/FS/FS/svc_cert.pm b/FS/FS/svc_cert.pm index 36e7582a6..b77ff521d 100644 --- a/FS/FS/svc_cert.pm +++ b/FS/FS/svc_cert.pm @@ -335,10 +335,13 @@ sub generate_selfsigned { #notAfter=Nov 6 05:07:42 2012 GMT #serial=B1DBF1A799EF207B -sub check_certificate { - my $self = shift; +sub check_certificate { shift->check_x509('certificate'); } +sub check_cacert { shift->check_x509('cacert'); } + +sub check_x509 { + my( $self, $field ) = ( shift, shift ); - my $in = $self->certificate; + my $in = $self->$field; run( [qw( openssl x509 -noout -subject -issuer -dates -serial )], '<'=>\$in, '>pipe'=>\*OUT, '2>'=>'/dev/null' diff --git a/httemplate/edit/process/svc_cert.cgi b/httemplate/edit/process/svc_cert.cgi index a8dc0ca8a..0e6037e31 100644 --- a/httemplate/edit/process/svc_cert.cgi +++ b/httemplate/edit/process/svc_cert.cgi @@ -66,6 +66,14 @@ if ( $cgi->param('privatekey') eq '_generate' ) { #generate $new->certificate( $cgi->param('certificate') ); $new->$_( $old->$_ ) for grep $old->$_, qw( recnum common_name organization organization_unit city state country cert_contact ); +} elsif ( $cgi->param('cacert') ) { + + $popup = 'view'; + $title = 'Certificate authority chain imported'; + + $new->cacert( $cgi->param('cacert') ); + $new->$_( $old->$_ ) for grep $old->$_, qw( recnum common_name organization organization_unit city state country cert_contact ); + } my $error = ''; diff --git a/httemplate/edit/svc_cert/import_cacert.html b/httemplate/edit/svc_cert/import_cacert.html new file mode 100644 index 000000000..bc6f4e7f3 --- /dev/null +++ b/httemplate/edit/svc_cert/import_cacert.html @@ -0,0 +1,22 @@ +<% include('/elements/header-popup.html', 'Import certificate authority chain' ) %> + +<% include('/elements/error.html') %> + +
+ + + + + +

+ + +
+ + +<%init> + +$cgi->param('svcnum') =~ /^(\d*)$/ or die 'illegal svcnum'; +my $svcnum = $1; + + diff --git a/httemplate/view/svc_cert.cgi b/httemplate/view/svc_cert.cgi index 28a269bcc..48494d2d2 100644 --- a/httemplate/view/svc_cert.cgi +++ b/httemplate/view/svc_cert.cgi @@ -83,8 +83,9 @@ my @fields = ( "$hash{notBefore} - $hash{notAfter}". ''; + my $svcnum = $svc_cert->svcnum; + if ( $hash{'selfsigned'} ) { - my $svcnum = $svc_cert->svcnum; $out .= qq(
Re-generate self-signed). '   '. include('/elements/popup_link.html', { @@ -113,6 +114,70 @@ my @fields = ( } }, }, + { 'field'=>'cacert', + 'value'=> sub { + my $svc_cert = shift; + if ( $svc_cert->cacert ) { + + my %hash = $svc_cert->check_cacert; + + tie my %w, 'Tie::IxHash', + 'subject' => 'Issued to', + 'issuer' => 'Issued by', + ; + + my $out = '
'; + + foreach my $w ( keys %w ) { + + $out .= include('/elements/table-grid.html'). #''. + ''; + + my $col = $svc_cert->subj_col; + + my $subj = $hash{$w}; + foreach my $key (keys %$col) { #( keys %$subj ) { + $out .= "". + ""; + } + + $out .= '
'. + $w{$w}. '
". $labels{$col->{$key}}. "". $subj->{$key}. "
'; + } + $out .= '
'; + + $out .= ''. + ''. + "". + ''. + "". + '
Serial number$hash{serial}
Valid$hash{notBefore} - $hash{notAfter}
'; + + $out .= '
'.
+                $svc_cert->certificate.
+                '
';
+
+        $out;
+
+      } else {
+
+        my $svcnum = $svc_cert->svcnum;
+
+        include('/elements/popup_link.html', {
+          'action'      => $p."edit/svc_cert/import_cacert.html".
+                           "?svcnum=$svcnum",
+          'label'       => 'Import certificate authority chain',#link
+          'actionlabel' => 'Import certificate authority chain',#title
+          #opt
+          'width'       => '544',
+          'height'      => '368',
+          #'color'       => '#ff0000',
+        }). ' (optional)'.
+        '
';
+
+      }
+    },
+  },
 );
 
 
-- 
2.11.0