#!/usr/bin/perl # The LearningOnline Network # CrGrant.pl - Grant a loncapa SSL certificate. # # $Id: CrGrant.pl,v 1.1 2004/07/02 10:51:18 foxr Exp $ # # Copyright Michigan State University Board of Trustees # # This file is part of the LearningOnline Network with CAPA (LON-CAPA). # # LON-CAPA is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # LON-CAPA is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with LON-CAPA; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # /home/httpd/html/adm/gpl.txt # # http://www.lon-capa.org/ # # This script operates on a certificate request that has been # extracted from the attachment sent to the loncapa certificate # administrator and: # # 1. Creates an ssl certificate corresponding to the request. # 2. Constructs an installation script that will install # the certificate along with the certificate authority's # certificate in a loncapa system. # 3. Constructs an email which contains a cover letter # describing what to do with the attachment, and an # attachment that consists of the installation script # created in step 2. # 4. Emails the message to the email address in the certificate # request. # # There are some assumptions we need to make in order to # get this all to work: # - The certificate authority is installed on a # loncapa system with configuration files that specify # the same certificate directory and certificate filenames # as the target system (otherwise we can't generate the # installation script). # - The loncapa certificate authority configuration file is # $SSLDir/loncapaca.cnf and that it specifies that: # o The certificate authority files are in $SSLDir/loncapaca # o The certificate authority certificate is in: # $SSLDir/loncapaca/cacert.pem # o The certificate authority maintains a certificate index file # $SSLDIR/loncapaca/index.txt # o Only one instance of this script will be run at a time!!!!! # (otherwise the last line of the index file may not be the # index to our certificate. We'll do some rudimentary # error checking, but have no idea how to recover in case # of problems). # o The generated certificates are stored in $SSLDIR/loncapaca/certs # o The person that runs this script knows the passphrase # for the loncapa certificate authority's private key # which remains encrypted for security reasons. # # # Import section: use strict; use lib '/home/httpd/lib/perl'; use MIME::Entity; use LONCAPA::Configuration; # Global variable declarations # Debug/log support my $DEBUG=1; sub Debug { my $msg = shift; if($DEBUG) { print STDERR "$msg\n"; } } # Support subs: sub Usage {} sub CreateCertificate { my $RequestFile = shift; return 'fox@nscl.msu.edu'; # Stub.. } sub CreateInstallScript {} sub CreateEmail { return "Dummy message"; # Stub. } sub SendEmail { my ($EmailAddress, $Message) = @_; } sub Cleanup {} # Program entry point # The usage is: # CrGrant.pl {request_file} # my $argc = @ARGV; # Count number of command parameters. if($argc != 1) { Usage; exit -1; } my $CertificateRequest = $ARGV[0]; my $EmailAddress = CreateCertificate($CertificateRequest); CreateInstallScript; my $Message = CreateEmail; SendEmail($EmailAddress, $Message); Cleanup; # POD documentation.