version 1.7, 2015/05/21 23:40:17
|
version 1.10, 2017/05/18 22:13:52
|
Line 37 use lib '/home/httpd/lib/perl/';
|
Line 37 use lib '/home/httpd/lib/perl/';
|
use LONCAPA; |
use LONCAPA; |
use Apache::lonnet; |
use Apache::lonnet; |
use GDBM_File; |
use GDBM_File; |
|
use Crypt::OpenSSL::X509; |
|
|
|
|
sub dump_with_regexp { |
sub dump_with_regexp { |
Line 409 sub dump_course_id_handler {
|
Line 410 sub dump_course_id_handler {
|
unless ($hasuniquecode) { |
unless ($hasuniquecode) { |
$hasuniquecode = '.'; |
$hasuniquecode = '.'; |
} |
} |
|
if ($reqinstcode ne '') { |
|
$reqinstcode = &unescape($reqinstcode); |
|
} |
my $unpack = 1; |
my $unpack = 1; |
if ($description eq '.' && $instcodefilter eq '.' && $ownerfilter eq '.' && |
if ($description eq '.' && $instcodefilter eq '.' && $ownerfilter eq '.' && |
$typefilter eq '.') { |
$typefilter eq '.') { |
Line 779 sub dump_profile_database {
|
Line 783 sub dump_profile_database {
|
return $qresult; |
return $qresult; |
} |
} |
|
|
|
sub server_certs { |
|
my ($perlvar) = @_; |
|
my %pemfiles = ( |
|
key => 'lonnetPrivateKey', |
|
host => 'lonnetCertificate', |
|
hostname => 'lonnetHostnameCertificate', |
|
ca => 'lonnetCertificateAuthority', |
|
); |
|
my (%md5hash,%info); |
|
if (ref($perlvar) eq 'HASH') { |
|
my $certsdir = $perlvar->{'lonCertificateDirectory'}; |
|
if (-d $certsdir) { |
|
foreach my $key (keys(%pemfiles)) { |
|
if ($perlvar->{$pemfiles{$key}}) { |
|
my $file = $certsdir.'/'.$perlvar->{$pemfiles{$key}}; |
|
if (-e $file) { |
|
if ($key eq 'key') { |
|
if (open(PIPE,"openssl rsa -noout -in $file -check |")) { |
|
my $check = <PIPE>; |
|
close(PIPE); |
|
chomp($check); |
|
$info{$key}{'status'} = $check; |
|
} |
|
if (open(PIPE,"openssl rsa -noout -modulus -in $file | openssl md5 |")) { |
|
$md5hash{$key} = <PIPE>; |
|
close(PIPE); |
|
} |
|
} else { |
|
if ($key eq 'ca') { |
|
if (open(PIPE,"openssl verify -CAfile $file $file |")) { |
|
my $check = <PIPE>; |
|
close(PIPE); |
|
chomp($check); |
|
if ($check eq "$file: OK") { |
|
$info{$key}{'status'} = 'ok'; |
|
} else { |
|
$check =~ s/^\Q$file\E\:?\s*//; |
|
$info{$key}{'status'} = $check; |
|
} |
|
} |
|
} else { |
|
if (open(PIPE,"openssl x509 -noout -modulus -in $file | openssl md5 |")) { |
|
$md5hash{$key} = <PIPE>; |
|
close(PIPE); |
|
} |
|
} |
|
my $x509 = Crypt::OpenSSL::X509->new_from_file($file); |
|
my @items = split(/,\s+/,$x509->subject()); |
|
foreach my $item (@items) { |
|
my ($name,$value) = split(/=/,$item); |
|
if ($name eq 'CN') { |
|
$info{$key}{'cn'} = $value; |
|
} |
|
} |
|
$info{$key}{'start'} = $x509->notBefore(); |
|
$info{$key}{'end'} = $x509->notAfter(); |
|
$info{$key}{'alg'} = $x509->sig_alg_name(); |
|
$info{$key}{'size'} = $x509->bit_length(); |
|
$info{$key}{'email'} = $x509->email(); |
|
} |
|
} |
|
} |
|
} |
|
} |
|
} |
|
foreach my $key ('host','hostname') { |
|
if ($md5hash{$key}) { |
|
if ($md5hash{$key} eq $md5hash{'key'}) { |
|
$info{$key}{'status'} = 'ok'; |
|
} elsif ($info{'key'}{'status'} =~ /ok/) { |
|
$info{$key}{'status'} = 'otherkey'; |
|
} else { |
|
$info{$key}{'status'} = 'nokey'; |
|
} |
|
} |
|
} |
|
my $result; |
|
foreach my $key (keys(%info)) { |
|
$result .= &escape($key).'='.&Apache::lonnet::freeze_escape($info{$key}).'&'; |
|
} |
|
$result =~ s/\&$//; |
|
return $result; |
|
} |
|
|
1; |
1; |
|
|