|
version 1.8.2.1, 2018/09/02 01:58:30
|
version 1.10, 2017/05/18 22:13:52
|
|
Line 37 use lib '/home/httpd/lib/perl/';
|
Line 37 use lib '/home/httpd/lib/perl/';
|
| use LONCAPA; |
use LONCAPA; |
| use Apache::lonnet; |
use Apache::lonnet; |
| use GDBM_File; |
use GDBM_File; |
| |
use Crypt::OpenSSL::X509; |
| |
|
| |
|
| sub dump_with_regexp { |
sub dump_with_regexp { |
|
Line 782 sub dump_profile_database {
|
Line 783 sub dump_profile_database {
|
| return $qresult; |
return $qresult; |
| } |
} |
| |
|
| sub is_course { |
sub server_certs { |
| my ($cdom,$cnum) = @_; |
my ($perlvar) = @_; |
| |
my %pemfiles = ( |
| return unless (($cdom =~ /^$LONCAPA::match_domain$/) && |
key => 'lonnetPrivateKey', |
| ($cnum =~ /^$LONCAPA::match_courseid$/)); |
host => 'lonnetCertificate', |
| my $hashid = $cdom.':'.$cnum; |
hostname => 'lonnetHostnameCertificate', |
| my ($iscourse,$cached) = |
ca => 'lonnetCertificateAuthority', |
| &Apache::lonnet::is_cached_new('iscourse',$hashid); |
); |
| unless (defined($cached)) { |
my (%md5hash,%info); |
| my $hashref = |
if (ref($perlvar) eq 'HASH') { |
| &tie_domain_hash($cdom, "nohist_courseids", &GDBM_WRCREAT()); |
my $certsdir = $perlvar->{'lonCertificateDirectory'}; |
| if (ref($hashref) eq 'HASH') { |
if (-d $certsdir) { |
| my $esc_key = &escape($cdom.'_'.$cnum); |
foreach my $key (keys(%pemfiles)) { |
| if (exists($hashref->{$esc_key})) { |
if ($perlvar->{$pemfiles{$key}}) { |
| $iscourse = 1; |
my $file = $certsdir.'/'.$perlvar->{$pemfiles{$key}}; |
| } else { |
if (-e $file) { |
| $iscourse = 0; |
if ($key eq 'key') { |
| |
if (open(PIPE,"openssl rsa -noout -in $file -check |")) { |
| |
my $check = <PIPE>; |
| |
close(PIPE); |
| |
chomp($check); |
| |
$info{$key}{'status'} = $check; |
| |
} |
| |
if (open(PIPE,"openssl rsa -noout -modulus -in $file | openssl md5 |")) { |
| |
$md5hash{$key} = <PIPE>; |
| |
close(PIPE); |
| |
} |
| |
} else { |
| |
if ($key eq 'ca') { |
| |
if (open(PIPE,"openssl verify -CAfile $file $file |")) { |
| |
my $check = <PIPE>; |
| |
close(PIPE); |
| |
chomp($check); |
| |
if ($check eq "$file: OK") { |
| |
$info{$key}{'status'} = 'ok'; |
| |
} else { |
| |
$check =~ s/^\Q$file\E\:?\s*//; |
| |
$info{$key}{'status'} = $check; |
| |
} |
| |
} |
| |
} else { |
| |
if (open(PIPE,"openssl x509 -noout -modulus -in $file | openssl md5 |")) { |
| |
$md5hash{$key} = <PIPE>; |
| |
close(PIPE); |
| |
} |
| |
} |
| |
my $x509 = Crypt::OpenSSL::X509->new_from_file($file); |
| |
my @items = split(/,\s+/,$x509->subject()); |
| |
foreach my $item (@items) { |
| |
my ($name,$value) = split(/=/,$item); |
| |
if ($name eq 'CN') { |
| |
$info{$key}{'cn'} = $value; |
| |
} |
| |
} |
| |
$info{$key}{'start'} = $x509->notBefore(); |
| |
$info{$key}{'end'} = $x509->notAfter(); |
| |
$info{$key}{'alg'} = $x509->sig_alg_name(); |
| |
$info{$key}{'size'} = $x509->bit_length(); |
| |
$info{$key}{'email'} = $x509->email(); |
| |
} |
| |
} |
| |
} |
| } |
} |
| &Apache::lonnet::do_cache_new('iscourse',$hashid,$iscourse,3600); |
} |
| unless (&untie_domain_hash($hashref)) { |
} |
| &logthis("Failed to untie tied hash for nohist_courseids.db for $cdom"); |
foreach my $key ('host','hostname') { |
| |
if ($md5hash{$key}) { |
| |
if ($md5hash{$key} eq $md5hash{'key'}) { |
| |
$info{$key}{'status'} = 'ok'; |
| |
} elsif ($info{'key'}{'status'} =~ /ok/) { |
| |
$info{$key}{'status'} = 'otherkey'; |
| |
} else { |
| |
$info{$key}{'status'} = 'nokey'; |
| } |
} |
| } else { |
|
| &logthis("Failed to tie hash for nohist_courseids.db for $cdom"); |
|
| } |
} |
| } |
} |
| return $iscourse; |
my $result; |
| |
foreach my $key (keys(%info)) { |
| |
$result .= &escape($key).'='.&Apache::lonnet::freeze_escape($info{$key}).'&'; |
| |
} |
| |
$result =~ s/\&$//; |
| |
return $result; |
| } |
} |
| |
|
| 1; |
1; |
![[BACK]](/icons/back.gif){kind=icon}
Return to Lond.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom