fic/server
Archived
1
0
Fork 0
Code Issues Pull requests 10 Releases Wiki Activity

Can revoke/generate server certiticate in admin interface

Browse source
This commit is contained in:
nemunaire 2014-11-20 18:04:39 +01:00
commit 4d1424b29b
6 changed files with 122 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

50
onyx/include/admin/certificate.php
View file

@ -27,22 +27,19 @@ function new_client($name, $misc_dir)
//TODO handle if already exist
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
putenv("TOP_DIR=$misc_dir/pki");
$output = shell_exec("$misc_dir/CA.sh -newclient $name");
return $output;
return shell_exec("$misc_dir/CA.sh -newclient $name");
}
function revoke_client($name, $misc_dir)
{
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
putenv("TOP_DIR=$misc_dir/pki");
$output = shell_exec("$misc_dir/CA.sh -revoke $name");
return shell_exec("$misc_dir/CA.sh -revoke $name");
}
if (!empty($p[2]))
{
if (isset($VAR['misc_dir']))
$misc_dir = $VAR['misc_dir'];
else
if (empty($VAR['misc_dir']))
{
erreur("Merci d'ajouter la variable misc_dir dans root.xml");
return "admin/home";
@ -54,7 +51,9 @@ if (!empty($p[2]))
{
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
putenv("TOP_DIR=$misc_dir/pki");
$output = shell_exec("$misc_dir/CA.sh -newca");
$template->assign("output",
shell_exec("$misc_dir/CA.sh -newca"));
return "admin/shell";
}
elseif ($p[2] == "deleteca")
@ -62,16 +61,38 @@ if (!empty($p[2]))
$dir = "$misc_dir/pki";
remove_directory($dir);
}
elseif ($p[2] == "newsrv")
{
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
putenv("TOP_DIR=$misc_dir/pki");
$template->assign("output",
shell_exec("$misc_dir/CA.sh -newserver"));
return "admin/shell";
}
elseif ($p[2] == "revokesrv")
{
putenv("OPENSSL_CONF=$misc_dir/openssl.cnf");
putenv("TOP_DIR=$misc_dir/pki");
$template->assign("output",
shell_exec("$misc_dir/CA.sh -revokeserver"));
return "admin/shell";
}
elseif ($p[2] == "revoke")
{
$name = $_GET['name'];
if (isset($name))
{
$output = revoke_client($name, $misc_dir);
$template->assign("output",
revoke_client($name, $misc_dir));
//TODO Check revocation failed
Team::set_revoked(TRUE, $name);
}
return "admin/shell";
}
// Is new team
elseif ($p[2] == "newclient")
{
@ -80,12 +101,13 @@ if (!empty($p[2]))
//TODO check revoked attribute
if (isset($name))
{
$output = new_client($name, $misc_dir);
$template->assign("output",
new_client($name, $misc_dir));
Team::set_revoked(FALSE, $name);
erreur($output, "sucess");
return "admin/import_users";
return "admin/shell";
}
}
elseif ($p[2] == "get")
{
$name = $_GET['name'];
@ -95,14 +117,15 @@ if (!empty($p[2]))
if (file_exists($path) && is_readable($path))
{
header("Content-Type: application/force-download");
header("Content-Length: ".strval(filesize($path)));
header("Content-Length: ".filesize($path));
header("Content-Disposition: attachment; filename=\"$name.p12\"");
readfile($path);
exit;
}
}
exit;
}
if ($p[2] == "deleteca" || $p[2] == "newca")
{
header("Location: /".SALT_ADMIN."/");
@ -114,4 +137,3 @@ if (!empty($p[2]))
exit;
}
}