doc/loncapafiles/updatequery.piml - diff

Return to updatequery.piml CVS log

Up to [LON-CAPA] / doc / loncapafiles

Diff for /doc/loncapafiles/updatequery.piml between versions 1.89 and 1.90

version 1.89, 2018/06/19 12:26:32	version 1.90, 2018/08/18 22:08:05
Line 537 sub get_ssldesc {	Line 537 sub get_ssldesc {
}	}

sub get_cert_status {	sub get_cert_status {
my ($lonHostID,$perlvarstatic) = @_;	my ($lonHostID,$hostname,$perlvarstatic) = @_;
my $currcerts = &LONCAPA::SSL::print_certstatus({$lonHostID => 1,},'text','cgi');	my $currcerts = &LONCAPA::SSL::print_certstatus({$lonHostID => $hostname,},'text','cgi');
my ($lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,%sslstatus);	my ($lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,%sslstatus);
my $output = '';	my $output = '';
if ($currcerts eq "$lonHostID:error") {	if ($currcerts eq "$lonHostID:error") {
Line 553 sub get_cert_status {	Line 553 sub get_cert_status {
} else {	} else {
my %sslnames = &get_sslnames();	my %sslnames = &get_sslnames();
my %ssldesc = &get_ssldesc();	my %ssldesc = &get_ssldesc();
	my %csr;
my ($lonhost,$info) = split(/\:/,$currcerts,2);	my ($lonhost,$info) = split(/\:/,$currcerts,2);
if ($lonhost eq $lonHostID) {	if ($lonhost eq $lonHostID) {
my @items = split(/\&/,$info);	my @items = split(/\&/,$info);
foreach my $item (@items) {	foreach my $item (@items) {
my ($key,$value) = split(/=/,$item,2);	my ($key,$value) = split(/=/,$item,2);
	if ($key =~ /^(host(?:\|name))\-csr$/) {
	$csr{$1} = $value;
	}
my @data = split(/,/,$value);	my @data = split(/,/,$value);
if (grep(/^\Q$key\E$/,keys(%sslnames))) {	if (grep(/^\Q$key\E$/,keys(%sslnames))) {
	my ($checkcsr,$comparecsr);
if (lc($data[0]) eq 'yes') {	if (lc($data[0]) eq 'yes') {
$output .= "$ssldesc{$key} ".$perlvarstatic->{$sslnames{$key}}." available with status = $data[1]\n";	$output .= "$ssldesc{$key} ".$perlvarstatic->{$sslnames{$key}}." available with status = $data[1]\n";
if ($key eq 'key') {	if ($key eq 'key') {
Line 587 sub get_cert_status {	Line 592 sub get_cert_status {
$lonhostnamecertstatus = "status: created with missing key";	$lonhostnamecertstatus = "status: created with missing key";
}	}
}	}
	if ($setstatus) {
	$comparecsr = 1;
	}
}	}
unless ($setstatus) {	unless ($setstatus) {
if ($data[1] eq 'expired') {	if ($data[1] eq 'expired') {
Line 606 sub get_cert_status {	Line 614 sub get_cert_status {
} else {	} else {
$sslstatus{$key} = 0;	$sslstatus{$key} = 0;
$output .= "$ssldesc{$key} ".$perlvarstatic->{$sslnames{$key}}." not available\n";	$output .= "$ssldesc{$key} ".$perlvarstatic->{$sslnames{$key}}." not available\n";
if (($key eq 'host') \|\| ($key eq 'hostname')) {	if ($key eq 'key') {
my $csr = $perlvarstatic->{$sslnames{$key}};	$lonkeystatus = 'still needed';
$csr =~s /\.pem$/.csr/;	} elsif (($key eq 'host') \|\| ($key eq 'hostname')) {
my $csrstatus;	$checkcsr = 1;
if (-e $perlvarstatic->{'lonCertificateDirectory'}."/$csr") {	}
open(PIPE,"openssl req -text -noout -verify -in ".$perlvarstatic->{'lonCertificateDirectory'}."/$csr 2>&1 \|");	}
while(<PIPE>) {	if (($checkcsr) \|\| ($comparecsr)) {
chomp();	my $csrfile = $perlvarstatic->{$sslnames{$key}};
$csrstatus = $_;	$csrfile =~s /\.pem$/.csr/;
last;	my $csrstatus;
}	if (-e $perlvarstatic->{'lonCertificateDirectory'}."/$csrfile") {
close(PIPE);	open(PIPE,"openssl req -text -noout -verify -in ".$perlvarstatic->{'lonCertificateDirectory'}."/$csrfile 2>&1 \|");
	while(<PIPE>) {
	chomp();
	$csrstatus = $_;
	last;
	}
	close(PIPE);
	if ((($comparecsr) && ($csr{$key})) \|\| ($checkcsr)) {
$output .= "Certificate signing request for $ssldesc{$key} available with status = $csrstatus\n\n";	$output .= "Certificate signing request for $ssldesc{$key} available with status = $csrstatus\n\n";
if ($key eq 'host') {	if ($key eq 'host') {
$lonhostcertstatus = 'awaiting signature';	$lonhostcertstatus = 'awaiting signature';
Line 625 sub get_cert_status {	Line 640 sub get_cert_status {
$lonhostnamecertstatus = 'awaiting signature';	$lonhostnamecertstatus = 'awaiting signature';
}	}
$sslstatus{$key} = 3;	$sslstatus{$key} = 3;
	}
	} elsif ($checkcsr) {
	$output .= "No certificate signing request available for $ssldesc{$key}\n\n";
	if ($key eq 'host') {
	$lonhostcertstatus = 'still needed';
} else {	} else {
$output .= "No certificate signing request available for $ssldesc{$key}\n\n";	$lonhostnamecertstatus = 'still needed';
if ($key eq 'host') {
$lonhostcertstatus = 'still needed';
} else {
$lonhostnamecertstatus = 'still needed';
}
}	}
} elsif ($key eq 'key') {
$lonkeystatus = 'still needed';
}	}
}	}
}	}
Line 1601 if ($supportmail) {	Line 1614 if ($supportmail) {

print "\nRetrieving status information for SSL key and certificates ...\n\n";	print "\nRetrieving status information for SSL key and certificates ...\n\n";
my ($certinfo,$lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,$sslref) =	my ($certinfo,$lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,$sslref) =
&get_cert_status($perlvar{'lonHostID'},$perlvarstatic);	&get_cert_status($perlvar{'lonHostID'},$desiredhostname,$perlvarstatic);
print $certinfo;	print $certinfo;
my %sslstatus;	my %sslstatus;
if (ref($sslref) eq 'HASH') {	if (ref($sslref) eq 'HASH') {
Line 1918 END	Line 1931 END
&make_key($certsdir,$privkey,$sslkeypass);	&make_key($certsdir,$privkey,$sslkeypass);
print "\nRetrieving status information for SSL key and certificates ...\n\n";	print "\nRetrieving status information for SSL key and certificates ...\n\n";
($certinfo,$lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,$sslref) =	($certinfo,$lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,$sslref) =
&get_cert_status($perlvar{'lonHostID'},$perlvarstatic);	&get_cert_status($perlvar{'lonHostID'},$desiredhostname,$perlvarstatic);
if (ref($sslref) eq 'HASH') {	if (ref($sslref) eq 'HASH') {
%sslstatus = %{$sslref};	%sslstatus = %{$sslref};
}	}
Line 1957 END	Line 1970 END
&mail_csr('host',$lonCluster,$perlvar{'lonHostID'},$desiredhostname,$certsdir,$connectcsr,$replicatecsr,$perlvarstatic);	&mail_csr('host',$lonCluster,$perlvar{'lonHostID'},$desiredhostname,$certsdir,$connectcsr,$replicatecsr,$perlvarstatic);
print "\nRetrieving status information for SSL key and certificates ...\n\n";	print "\nRetrieving status information for SSL key and certificates ...\n\n";
($certinfo,$lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,$sslref) =	($certinfo,$lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,$sslref) =
&get_cert_status($perlvar{'lonHostID'},$perlvarstatic);	&get_cert_status($perlvar{'lonHostID'},$desiredhostname,$perlvarstatic);
if (ref($sslref) eq 'HASH') {	if (ref($sslref) eq 'HASH') {
%sslstatus = %{$sslref};	%sslstatus = %{$sslref};
}	}
Line 2002 END	Line 2015 END
&mail_csr('host',$lonCluster,$perlvar{'lonHostID'},$desiredhostname,$certsdir,$connectcsr,$replicatecsr,$perlvarstatic);	&mail_csr('host',$lonCluster,$perlvar{'lonHostID'},$desiredhostname,$certsdir,$connectcsr,$replicatecsr,$perlvarstatic);
print "\nRetrieving status information for SSL key and certificates ...\n\n";	print "\nRetrieving status information for SSL key and certificates ...\n\n";
($certinfo,$lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,$sslref) =	($certinfo,$lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,$sslref) =
&get_cert_status($perlvar{'lonHostID'},$perlvarstatic);	&get_cert_status($perlvar{'lonHostID'},$desiredhostname,$perlvarstatic);
if (ref($sslref) eq 'HASH') {	if (ref($sslref) eq 'HASH') {
%sslstatus = %{$sslref};	%sslstatus = %{$sslref};
}	}
Line 2039 END	Line 2052 END
&mail_csr('hostname',$lonCluster,$perlvar{'lonHostID'},$desiredhostname,$certsdir,$connectcsr,$replicatecsr,$perlvarstatic);	&mail_csr('hostname',$lonCluster,$perlvar{'lonHostID'},$desiredhostname,$certsdir,$connectcsr,$replicatecsr,$perlvarstatic);
print "\nRetrieving status information for SSL key and certificates ...\n\n";	print "\nRetrieving status information for SSL key and certificates ...\n\n";
($certinfo,$lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,$sslref) =	($certinfo,$lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,$sslref) =
&get_cert_status($perlvar{'lonHostID'},$perlvarstatic);	&get_cert_status($perlvar{'lonHostID'},$desiredhostname,$perlvarstatic);
if (ref($sslref) eq 'HASH') {	if (ref($sslref) eq 'HASH') {
%sslstatus = %{$sslref};	%sslstatus = %{$sslref};
}	}
Line 2084 END	Line 2097 END
&mail_csr('hostname',$lonCluster,$perlvar{'lonHostID'},$desiredhostname,$certsdir,$connectcsr,$replicatecsr,$perlvarstatic);	&mail_csr('hostname',$lonCluster,$perlvar{'lonHostID'},$desiredhostname,$certsdir,$connectcsr,$replicatecsr,$perlvarstatic);
print "\nRetrieving status information for SSL key and certificates ...\n\n";	print "\nRetrieving status information for SSL key and certificates ...\n\n";
($certinfo,$lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,$sslref) =	($certinfo,$lonkeystatus,$lonhostcertstatus,$lonhostnamecertstatus,$sslref) =
&get_cert_status($perlvar{'lonHostID'},$perlvarstatic);	&get_cert_status($perlvar{'lonHostID'},$desiredhostname,$perlvarstatic);
if (ref($sslref) eq 'HASH') {	if (ref($sslref) eq 'HASH') {
%sslstatus = %{$sslref};	%sslstatus = %{$sslref};
}	}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.89
changed lines
	Added in v.1.90