fic/server
2
0
Fork 0
Code Issues Pull Requests 1 Releases Wiki Activity

Rename TOP_DIR to PKI_DIR

Browse Source
This commit is contained in:
nemunaire 2015-01-13 15:34:52 +01:00 committed by Nemunaire
parent 3aedea2cab
commit 1d65c5a836
2 changed files with 27 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
misc/CA.sh
View File

@ -2,16 +2,16 @@
cd $(dirname "$0") cd $(dirname "$0")
if [ -z "${TOP_DIR}" ]; then if [ -z "${PKI_DIR}" ]; then
TOP_DIR=pki PKI_DIR=pki
fi fi
if [ -z "${OPENSSL_CONF}" ]; then if [ -z "${OPENSSL_CONF}" ]; then
OPENSSL_CONF=openssl.cnf OPENSSL_CONF=openssl.cnf
fi fi
CAKEY=${TOP_DIR}/private/cakey.key CAKEY=${PKI_DIR}/private/cakey.key
CAREQ=${TOP_DIR}/careq.csr CAREQ=${PKI_DIR}/careq.csr
CACRT=./shared/cacert.crt CACRT=./shared/cacert.crt
SRVKEY=./shared/server.key SRVKEY=./shared/server.key
@ -47,16 +47,16 @@ usage()
clean() clean()
{ {
if [ "$1" = "ca" ]; then if [ "$1" = "ca" ]; then
rm -rf ${TOP_DIR} ./shared/* rm -rf ${PKI_DIR}/* ./shared/*
mkdir -p ${TOP_DIR}/certs mkdir -p ${PKI_DIR}/certs
mkdir -p ${TOP_DIR}/crl mkdir -p ${PKI_DIR}/crl
mkdir -p ${TOP_DIR}/newcerts mkdir -p ${PKI_DIR}/newcerts
mkdir -p ${TOP_DIR}/private mkdir -p ${PKI_DIR}/private
mkdir -p ${TOP_DIR}/pkcs mkdir -p ${PKI_DIR}/pkcs
mkdir -p ./shared mkdir -p ./shared
echo "01" > ${TOP_DIR}/crlnumber echo "01" > ${PKI_DIR}/crlnumber
elif [ "$1" = "client" ]; then elif [ "$1" = "client" ]; then
rm -rf ${TOP_DIR}/${2}.key ${TOP_DIR}/${2}.csr rm -rf ${PKI_DIR}/${2}.key ${PKI_DIR}/${2}.csr
fi fi
rm -rf $OUTPUT rm -rf $OUTPUT
} }
@ -81,9 +81,9 @@ case $1 in
echo $ECHO_OPTS "${GREEN}Create the directories, take care this will delete the old directories ${COLOR_RST}" echo $ECHO_OPTS "${GREEN}Create the directories, take care this will delete the old directories ${COLOR_RST}"
clean "ca" clean "ca"
touch ${TOP_DIR}/index.txt touch ${PKI_DIR}/index.txt
ESCAPED=$(echo "${TOP_DIR}" | sed 's/[\/\.]/\\&/g') ESCAPED=$(echo "${PKI_DIR}" | sed 's/[\/\.]/\\&/g')
echo $ECHO_OPTS "${GREEN}Making CA key and csr${COLOR_RST}" echo $ECHO_OPTS "${GREEN}Making CA key and csr${COLOR_RST}"
sed -i 's/=.*#COMMONNAME/= FIC CA #COMMONNAME/' $OPENSSL_CONF sed -i 's/=.*#COMMONNAME/= FIC CA #COMMONNAME/' $OPENSSL_CONF
@ -178,15 +178,15 @@ case $1 in
fi fi
CLTNAM=$2 CLTNAM=$2
CLTREQ=${TOP_DIR}/${CLTNAM}.csr CLTREQ=${PKI_DIR}/${CLTNAM}.csr
CLTCRT=${TOP_DIR}/certs/${CLTNAM}.crt CLTCRT=${PKI_DIR}/certs/${CLTNAM}.crt
CLTKEY=${TOP_DIR}/${CLTNAM}.key CLTKEY=${PKI_DIR}/${CLTNAM}.key
CLTP12=${TOP_DIR}/pkcs/${CLTNAM}.p12 CLTP12=${PKI_DIR}/pkcs/${CLTNAM}.p12
echo "==============================================================" echo "=============================================================="
echo $ECHO_OPTS "${GREEN}Making the client key and csr of ${BOLD}${2}${END_BOLD}${COLOR_RST}" echo $ECHO_OPTS "${GREEN}Making the client key and csr of ${BOLD}${2}${END_BOLD}${COLOR_RST}"
ESCAPED=$(echo "${TOP_DIR}" | sed 's/[\/\.]/\\&/g') ESCAPED=$(echo "${PKI_DIR}" | sed 's/[\/\.]/\\&/g')
sed -i "s/=.*#DIR/= ${ESCAPED} #DIR/" $OPENSSL_CONF sed -i "s/=.*#DIR/= ${ESCAPED} #DIR/" $OPENSSL_CONF
if ! [ -f ${CAKEY} ]; then if ! [ -f ${CAKEY} ]; then
@ -232,7 +232,7 @@ case $1 in
else else
echo $ECHO_OPTS "Exported pkcs12 file is ${CLTP12}" echo $ECHO_OPTS "Exported pkcs12 file is ${CLTP12}"
fi fi
echo "$CLTNAM:$pass" >> ${TOP_DIR}/../teams.pass echo "$CLTNAM:$pass" >> ${PKI_DIR}/../teams.pass
echo "$CLTNAM:$pass" echo "$CLTNAM:$pass"
clean "client" ${CLTNAM} clean "client" ${CLTNAM}
;; ;;
@ -244,8 +244,8 @@ case $1 in
fi fi
CLTNAM=$2 CLTNAM=$2
CLTCRT=${TOP_DIR}/certs/${CLTNAM}.crt CLTCRT=${PKI_DIR}/certs/${CLTNAM}.crt
CLTP12=${TOP_DIR}/pkcs/${CLTNAM}.p12 CLTP12=${PKI_DIR}/pkcs/${CLTNAM}.p12
echo $ECHO_OPTS "${GREEN}Revocate ${BOLD}${CLTNAM}${END_BOLD}${COLOR_RST}" echo $ECHO_OPTS "${GREEN}Revocate ${BOLD}${CLTNAM}${END_BOLD}${COLOR_RST}"
if ! openssl ca -revoke "${CLTCRT}" -config "${OPENSSL_CONF}" \ if ! openssl ca -revoke "${CLTCRT}" -config "${OPENSSL_CONF}" \

10
onyx/include/admin/certificate.php
View File

@ -26,14 +26,14 @@ function new_client($name, $misc_dir)
{ {
//TODO handle if already exist //TODO handle if already exist
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf"); putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
putenv("TOP_DIR=$misc_dir/pki"); putenv("PKI_DIR=$misc_dir/pki");
return shell_exec("$misc_dir/CA.sh -newclient $name"); return shell_exec("$misc_dir/CA.sh -newclient $name");
} }
function revoke_client($name, $misc_dir) function revoke_client($name, $misc_dir)
{ {
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf"); putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
putenv("TOP_DIR=$misc_dir/pki"); putenv("PKI_DIR=$misc_dir/pki");
return shell_exec("$misc_dir/CA.sh -revoke $name"); return shell_exec("$misc_dir/CA.sh -revoke $name");
} }
@ -50,7 +50,7 @@ if (!empty($p[2]))
if ($p[2] == "newca") if ($p[2] == "newca")
{ {
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf"); putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
putenv("TOP_DIR=$misc_dir/pki"); putenv("PKI_DIR=$misc_dir/pki");
$template->assign("output", $template->assign("output",
shell_exec("$misc_dir/CA.sh -newca")); shell_exec("$misc_dir/CA.sh -newca"));
return "admin/shell"; return "admin/shell";
@ -65,7 +65,7 @@ if (!empty($p[2]))
elseif ($p[2] == "newsrv") elseif ($p[2] == "newsrv")
{ {
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf"); putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
putenv("TOP_DIR=$misc_dir/pki"); putenv("PKI_DIR=$misc_dir/pki");
$template->assign("output", $template->assign("output",
shell_exec("$misc_dir/CA.sh -newserver")); shell_exec("$misc_dir/CA.sh -newserver"));
return "admin/shell"; return "admin/shell";
@ -74,7 +74,7 @@ if (!empty($p[2]))
elseif ($p[2] == "revokesrv") elseif ($p[2] == "revokesrv")
{ {
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf"); putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
putenv("TOP_DIR=$misc_dir/pki"); putenv("PKI_DIR=$misc_dir/pki");
$template->assign("output", $template->assign("output",
shell_exec("$misc_dir/CA.sh -revokeserver")); shell_exec("$misc_dir/CA.sh -revokeserver"));
return "admin/shell"; return "admin/shell";