|
version 1.3, 2016/08/01 18:03:53
|
version 1.7, 2018/08/18 22:07:53
|
|
Line 31
|
Line 31
|
| package LONCAPA::SSL; |
package LONCAPA::SSL; |
| use strict; |
use strict; |
| use lib '/home/httpd/lib/perl/'; |
use lib '/home/httpd/lib/perl/'; |
| use Apache::lonlocal(); |
use Apache::lonlocal; |
| use Apache::lonnet(); |
use Apache::lonnet(); |
| use Apache::loncommon(); |
use Apache::loncommon(); |
| use Apache::lonhtmlcommon(); |
use Apache::lonhtmlcommon(); |
| |
use DateTime; |
| |
use DateTime::Format::x509; |
| use LONCAPA; |
use LONCAPA; |
| |
|
| sub print_certstatus { |
sub print_certstatus { |
|
Line 46 sub print_certstatus {
|
Line 48 sub print_certstatus {
|
| 'avai' => 'Available', |
'avai' => 'Available', |
| 'yes' => 'Yes', |
'yes' => 'Yes', |
| 'no' => 'No', |
'no' => 'No', |
| 'cn' => 'Common Name', |
'cn' => 'Common Name (CN)', |
| 'start' => 'Valid From', |
'start' => 'Valid From', |
| 'end' => 'Valid To', |
'end' => 'Valid To', |
| 'alg' => 'Signature Algorithm', |
'alg' => 'Signature Algorithm', |
|
Line 57 sub print_certstatus {
|
Line 59 sub print_certstatus {
|
| 'host' => 'Connections Certificate', |
'host' => 'Connections Certificate', |
| 'hostname' => 'Replication Certificate', |
'hostname' => 'Replication Certificate', |
| 'ca' => 'LON-CAPA CA Certificate', |
'ca' => 'LON-CAPA CA Certificate', |
| |
'expired' => 'Expired', |
| |
'future' => 'Future validity', |
| |
'nokey' => 'No key', |
| |
'otherkey' => 'No matching key', |
| |
'revoked' => 'Revoked by CA', |
| |
'wrongcn' => 'Incorrect CN', |
| ); |
); |
| my @files = qw(key host hostname ca); |
my @files = qw(key host hostname ca); |
| my @fields = qw(status cn start end alg size email); |
my @fields = qw(status cn start end alg size email); |
| foreach my $server (sort(keys(%{$servers}))) { |
foreach my $server (sort(keys(%{$servers}))) { |
| my ($result,$hashref) = &Apache::lonnet::get_servercerts_info($server,$context); |
my $hostname = $servers->{$server}; |
| |
my ($result,$hashref) = &Apache::lonnet::get_servercerts_info($server, |
| |
$hostname, |
| |
$context); |
| if ($result eq 'ok' && ref($hashref) eq 'HASH') { |
if ($result eq 'ok' && ref($hashref) eq 'HASH') { |
| if ($target eq 'web') { |
if ($target eq 'web') { |
| my $hostname = &Apache::lonnet::hostname($server); |
|
| $message .= "<fieldset><legend>$hostname ($server)</legend>". |
$message .= "<fieldset><legend>$hostname ($server)</legend>". |
| &Apache::loncommon::start_data_table(). |
&Apache::loncommon::start_data_table(). |
| &Apache::loncommon::start_data_table_header_row()."\n"; |
&Apache::loncommon::start_data_table_header_row()."\n"; |
|
Line 75 sub print_certstatus {
|
Line 85 sub print_certstatus {
|
| } else { |
} else { |
| $message .= $server.':'; |
$message .= $server.':'; |
| } |
} |
| |
my %csr; |
| foreach my $file (@files) { |
foreach my $file (@files) { |
| if ($target eq 'web') { |
if ($target eq 'web') { |
| $message .= &Apache::loncommon::start_data_table_row()."\n". |
$message .= &Apache::loncommon::start_data_table_row()."\n". |
|
Line 83 sub print_certstatus {
|
Line 94 sub print_certstatus {
|
| $message .= $file.'='; |
$message .= $file.'='; |
| } |
} |
| if (ref($hashref->{$file}) eq 'HASH') { |
if (ref($hashref->{$file}) eq 'HASH') { |
| |
my ($starttime,$endtime,$dateinvalid); |
| if ($target eq 'web') { |
if ($target eq 'web') { |
| $message .= '<td>'.$lt{'yes'}.'</td>'; |
$message .= '<td>'.$lt{'yes'}.'</td>'; |
| } else { |
} else { |
| $message .= $lt{'yes'}.','; |
$message .= 'yes,'; |
| |
} |
| |
unless ($file eq 'key') { |
| |
if ($hashref->{$file}->{'end'} ne '') { |
| |
my $dt = DateTime::Format::x509->parse_datetime($hashref->{$file}->{'end'}); |
| |
if (ref($dt)) { |
| |
$endtime = $dt->epoch; |
| |
if ($endtime < time) { |
| |
if ($target eq 'web') { |
| |
$dateinvalid = $lt{'expired'}; |
| |
} else { |
| |
$dateinvalid = 'expired'; |
| |
} |
| |
} |
| |
} |
| |
} |
| |
if ($hashref->{$file}->{'start'} ne '') { |
| |
my $dt = DateTime::Format::x509->parse_datetime($hashref->{$file}->{'start'}); |
| |
if (ref($dt)) { |
| |
$starttime = $dt->epoch; |
| |
if ($starttime > time) { |
| |
unless ($dateinvalid) { |
| |
if ($target eq 'web') { |
| |
$dateinvalid = $lt{'future'}; |
| |
} else { |
| |
$dateinvalid = 'future'; |
| |
} |
| |
} |
| |
} |
| |
} |
| |
} |
| } |
} |
| foreach my $item (@fields) { |
foreach my $item (@fields) { |
| my $display = $hashref->{$file}->{$item}; |
my $display = $hashref->{$file}->{$item}; |
| if ($target eq 'web') { |
if ($item eq 'status') { |
| if ($item eq 'status') { |
if ($file eq 'key') { |
| $display = &Apache::lonhtmlcommon::confirm_success($display); |
if ($display =~ /ok$/) { |
| |
if ($target eq 'web') { |
| |
$display = &Apache::lonhtmlcommon::confirm_success($display); |
| |
} |
| |
} |
| |
} elsif ($file eq 'ca') { |
| |
if ($dateinvalid) { |
| |
$display = $dateinvalid; |
| |
} elsif ($target eq 'web') { |
| |
$display = &Apache::lonhtmlcommon::confirm_success($display); |
| |
} |
| |
} elsif ($display =~ /^ok/) { |
| |
if ($dateinvalid) { |
| |
$display = $dateinvalid; |
| |
} elsif ($target eq 'web') { |
| |
$display = &Apache::lonhtmlcommon::confirm_success($display); |
| |
} |
| |
} elsif (($display eq 'nokey') || ($display eq 'otherkey') || |
| |
($display eq 'revoked') || ($display eq 'expired') || |
| |
($display eq 'wrongcn')) { |
| |
if ($target eq 'web') { |
| |
$display = $lt{$display}; |
| |
} |
| |
if (ref($hashref->{$file.'-csr'}) eq 'HASH') { |
| |
if ($hashref->{$file.'-csr'}->{$item} eq 'ok') { |
| |
if ($target eq 'web') { |
| |
$display .= '<br />'.&mt('(New request awaiting signature)'); |
| |
} |
| |
$csr{$file} = 1; |
| |
} |
| |
} |
| |
} |
| |
} elsif ($item eq 'start') { |
| |
if ($starttime) { |
| |
if ($target eq 'web') { |
| |
$display = &Apache::lonlocal::locallocaltime($starttime); |
| |
} else { |
| |
$display = $starttime; |
| |
} |
| |
} |
| |
} elsif ($item eq 'end') { |
| |
if ($endtime) { |
| |
if ($target eq 'web') { |
| |
$display = &Apache::lonlocal::locallocaltime($endtime); |
| |
} else { |
| |
$display = $endtime; |
| |
} |
| } |
} |
| |
} |
| |
if ($target eq 'web') { |
| $message .= "<td>$display</td>"; |
$message .= "<td>$display</td>"; |
| } else { |
} else { |
| $message .= "$display,"; |
$message .= "$display,"; |
| } |
} |
| } |
} |
| |
|
| } else { |
} else { |
| if ($target eq 'web') { |
if ($target eq 'web') { |
| $message .= '<td>'.$lt{'no'}.'<td>'; |
$message .= '<td>'.$lt{'no'}.'</td>'; |
| } else { |
} else { |
| $message .= $lt{'no'}.','; |
$message .= 'no,'; |
| |
} |
| |
if ((($file eq 'host') || ($file eq 'hostname')) && |
| |
(ref($hashref->{$file.'-csr'}) eq 'HASH')) { |
| |
if ($hashref->{$file.'-csr'}->{'status'} eq 'ok') { |
| |
if ($target eq 'web') { |
| |
my $colspan = scalar(@fields); |
| |
$message .= '<td colspan="'.$colspan.'">'. |
| |
&mt('Request for [_1] awaiting signature', |
| |
$lt{$file}).'</td>'; |
| |
} |
| |
$csr{$file} = 1; |
| |
} |
| } |
} |
| foreach my $item (@fields) { |
foreach my $item (@fields) { |
| if ($target eq 'web') { |
if ($target eq 'web') { |
| $message .= '<td> </td>'; |
unless ($csr{$file}) { |
| |
$message .= '<td> </td>'; |
| |
} |
| } else { |
} else { |
| $message .= ','; |
$message .= ','; |
| } |
} |
|
Line 124 sub print_certstatus {
|
Line 227 sub print_certstatus {
|
| if ($target eq 'web') { |
if ($target eq 'web') { |
| $message .= &Apache::loncommon::end_data_table().'</fieldset>'; |
$message .= &Apache::loncommon::end_data_table().'</fieldset>'; |
| } else { |
} else { |
| |
if (keys(%csr)) { |
| |
foreach my $file (keys(%csr)) { |
| |
if (ref($hashref->{$file.'-csr'}) eq 'HASH') { |
| |
$message .= $file.'-csr=yes,'; |
| |
foreach my $item (@fields) { |
| |
$message .= $hashref->{$file.'-csr'}->{$item}.','; |
| |
} |
| |
$message =~ s/,$//; |
| |
$message .= '&'; |
| |
} |
| |
} |
| |
} |
| $message =~ s/\&$//; |
$message =~ s/\&$//; |
| } |
} |
| $message .= "\n"; |
$message .= "\n"; |
![[BACK]](/icons/back.gif){kind=icon}
Return to SSL.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / configuration