loncom/configuration/SSL.pm - diff

Return to SSL.pm CVS log

Up to [LON-CAPA] / loncom / configuration

Diff for /loncom/configuration/SSL.pm between versions 1.6 and 1.10

version 1.6, 2017/05/26 03:43:43	version 1.10, 2019/07/11 18:12:06
Line 31	Line 31
package LONCAPA::SSL;	package LONCAPA::SSL;
use strict;	use strict;
use lib '/home/httpd/lib/perl/';	use lib '/home/httpd/lib/perl/';
use Apache::lonlocal();	use Apache::lonlocal;
use Apache::lonnet();	use Apache::lonnet();
use Apache::loncommon();	use Apache::loncommon();
use Apache::lonhtmlcommon();	use Apache::lonhtmlcommon();
Line 48 sub print_certstatus {	Line 48 sub print_certstatus {
'avai' => 'Available',	'avai' => 'Available',
'yes' => 'Yes',	'yes' => 'Yes',
'no' => 'No',	'no' => 'No',
'cn' => 'Common Name',	'cn' => 'Common Name (CN)',
'start' => 'Valid From',	'start' => 'Valid From',
'end' => 'Valid To',	'end' => 'Valid To',
'alg' => 'Signature Algorithm',	'alg' => 'Signature Algorithm',
Line 58 sub print_certstatus {	Line 58 sub print_certstatus {
'key' => 'Private Key',	'key' => 'Private Key',
'host' => 'Connections Certificate',	'host' => 'Connections Certificate',
'hostname' => 'Replication Certificate',	'hostname' => 'Replication Certificate',
	'crl' => 'Revocations List',
'ca' => 'LON-CAPA CA Certificate',	'ca' => 'LON-CAPA CA Certificate',
'expired' => 'Expired',	'expired' => 'Expired',
'future' => 'Future validity',	'future' => 'Future validity',
'nokey' => 'No key',	'nokey' => 'No key',
'otherkey' => 'No matching key',	'otherkey' => 'No matching key',
	'revoked' => 'Revoked by CA',
	'wrongcn' => 'Incorrect CN',
	'mismatch' => 'Mismatched Issuer',
);	);
my @files = qw(key host hostname ca);	my @files = qw(key host hostname ca crl);
my @fields = qw(status cn start end alg size email);	my @fields = qw(status cn start end alg size email);
foreach my $server (sort(keys(%{$servers}))) {	foreach my $server (sort(keys(%{$servers}))) {
my ($result,$hashref) = &Apache::lonnet::get_servercerts_info($server,$context);	my $hostname = $servers->{$server};
	my ($result,$hashref) = &Apache::lonnet::get_servercerts_info($server,
	$hostname,
	$context);
if ($result eq 'ok' && ref($hashref) eq 'HASH') {	if ($result eq 'ok' && ref($hashref) eq 'HASH') {
if ($target eq 'web') {	if ($target eq 'web') {
my $hostname = &Apache::lonnet::hostname($server);
$message .= "<fieldset><legend>$hostname ($server)</legend>".	$message .= "<fieldset><legend>$hostname ($server)</legend>".
&Apache::loncommon::start_data_table().	&Apache::loncommon::start_data_table().
&Apache::loncommon::start_data_table_header_row()."\n";	&Apache::loncommon::start_data_table_header_row()."\n";
Line 81 sub print_certstatus {	Line 87 sub print_certstatus {
} else {	} else {
$message .= $server.':';	$message .= $server.':';
}	}
	my %csr;
foreach my $file (@files) {	foreach my $file (@files) {
if ($target eq 'web') {	if ($target eq 'web') {
$message .= &Apache::loncommon::start_data_table_row()."\n".	$message .= &Apache::loncommon::start_data_table_row()."\n".
Line 88 sub print_certstatus {	Line 95 sub print_certstatus {
} else {	} else {
$message .= $file.'=';	$message .= $file.'=';
}	}
if (ref($hashref->{$file}) eq 'HASH') {	if ((ref($hashref->{$file}) eq 'HASH') && (keys(%{$hashref->{$file}}) > 0)) {
my ($starttime,$endtime,$dateinvalid);	my ($starttime,$endtime,$dateinvalid);
if ($target eq 'web') {	if ($target eq 'web') {
$message .= '<td>'.$lt{'yes'}.'</td>';	$message .= '<td>'.$lt{'yes'}.'</td>';
Line 97 sub print_certstatus {	Line 104 sub print_certstatus {
}	}
unless ($file eq 'key') {	unless ($file eq 'key') {
if ($hashref->{$file}->{'end'} ne '') {	if ($hashref->{$file}->{'end'} ne '') {
my $dt = DateTime::Format::x509->parse_datetime($hashref->{$file}->{'end'});	if ($file eq 'crl') {
if (ref($dt)) {	$endtime = $hashref->{$file}->{'end'};
$endtime = $dt->epoch;	} else {
if ($endtime < time) {	my $dt = DateTime::Format::x509->parse_datetime($hashref->{$file}->{'end'});
if ($target eq 'web') {	if (ref($dt)) {
$dateinvalid = $lt{'expired'};	$endtime = $dt->epoch;
} else {
$dateinvalid = 'expired';
}
}	}
}	}
	if (($endtime ne '') && ($endtime < time)) {
	$dateinvalid = 'expired';
	}
}	}
if ($hashref->{$file}->{'start'} ne '') {	if ($hashref->{$file}->{'start'} ne '') {
my $dt = DateTime::Format::x509->parse_datetime($hashref->{$file}->{'start'});	if ($file eq 'crl') {
if (ref($dt)) {	$starttime = $hashref->{$file}->{'start'};
$starttime = $dt->epoch;	} else {
if ($starttime > time) {	my $dt = DateTime::Format::x509->parse_datetime($hashref->{$file}->{'start'});
unless ($dateinvalid) {	if (ref($dt)) {
if ($target eq 'web') {	$starttime = $dt->epoch;
$dateinvalid = $lt{'future'};	}
} else {	}
$dateinvalid = 'future';	if ($starttime > time) {
}	unless ($dateinvalid) {
}	$dateinvalid = 'future';
}	}
}	}
}	}
Line 134 sub print_certstatus {	Line 141 sub print_certstatus {
$display = &Apache::lonhtmlcommon::confirm_success($display);	$display = &Apache::lonhtmlcommon::confirm_success($display);
}	}
}	}
	} elsif ($file eq 'crl') {
	if ($dateinvalid) {
	if (($target eq 'web') && (exists($lt{$dateinvalid}))) {
	$display = $lt{$dateinvalid};
	} else {
	$display = $dateinvalid;
	}
	} elsif ($target eq 'web') {
	if ($display ne '') {
	$display = &Apache::lonhtmlcommon::confirm_success($display);
	}
	my $details = $hashref->{$file}->{details};
	if ($details ne '') {
	$display .= ' '.$details;
	}
	}
} elsif ($file eq 'ca') {	} elsif ($file eq 'ca') {
if ($dateinvalid) {	if ($dateinvalid) {
$display = $dateinvalid;	if (($target eq 'web') && (exists($lt{$dateinvalid}))) {
	$display = $lt{$dateinvalid};
	} else {
	$display = $dateinvalid;
	}
} elsif ($target eq 'web') {	} elsif ($target eq 'web') {
$display = &Apache::lonhtmlcommon::confirm_success($display);	if ($display ne '') {
	$display = &Apache::lonhtmlcommon::confirm_success($display);
	}
}	}
} elsif ($display =~ /^ok/) {	} elsif ($display =~ /^ok/) {
if ($dateinvalid) {	if ($dateinvalid) {
$display = $dateinvalid;	if (($target eq 'web') && (exists($lt{$dateinvalid}))) {
	$display = $lt{$dateinvalid};
	} else {
	$display = $dateinvalid;
	}
} elsif ($target eq 'web') {	} elsif ($target eq 'web') {
$display = &Apache::lonhtmlcommon::confirm_success($display);	$display = &Apache::lonhtmlcommon::confirm_success($display);
}	}
} elsif (($display eq 'nokey') \|\| ($display eq 'otherkey')) {	} elsif (($display eq 'nokey') \|\| ($display eq 'otherkey') \|\|
if ($target eq 'web') {	($display eq 'revoked') \|\| ($display eq 'expired') \|\|
$display = $lt{$display};	($display eq 'wrongcn') \|\| ($display eq 'mismatch') \|\|
	($display eq '')) {
	if (($target eq 'web') && ($display ne '') && (exists($lt{$display}))) {
	$display = $lt{$display};
	}
	if (ref($hashref->{$file.'-csr'}) eq 'HASH') {
	if ($hashref->{$file.'-csr'}->{$item} eq 'ok') {
	if ($target eq 'web') {
	$display .= (($display ne '')? '<br />':'').
	&mt('(New request awaiting signature)');
	}
	$csr{$file} = 1;
	}
}	}
}	}
} elsif ($item eq 'start') {	} elsif ($item eq 'start') {
Line 180 sub print_certstatus {	Line 225 sub print_certstatus {
} else {	} else {
$message .= 'no,';	$message .= 'no,';
}	}
	if ((($file eq 'host') \|\| ($file eq 'hostname')) &&
	(ref($hashref->{$file.'-csr'}) eq 'HASH')) {
	if ($hashref->{$file.'-csr'}->{'status'} eq 'ok') {
	if ($target eq 'web') {
	my $colspan = scalar(@fields);
	$message .= '<td colspan="'.$colspan.'">'.
	&mt('Request for [_1] awaiting signature',
	$lt{$file}).'</td>';
	}
	$csr{$file} = 1;
	}
	}
foreach my $item (@fields) {	foreach my $item (@fields) {
if ($target eq 'web') {	if ($target eq 'web') {
$message .= '<td> </td>';	unless ($csr{$file}) {
	$message .= '<td> </td>';
	}
} else {	} else {
$message .= ',';	$message .= ',';
}	}
Line 198 sub print_certstatus {	Line 257 sub print_certstatus {
if ($target eq 'web') {	if ($target eq 'web') {
$message .= &Apache::loncommon::end_data_table().'</fieldset>';	$message .= &Apache::loncommon::end_data_table().'</fieldset>';
} else {	} else {
	if (keys(%csr)) {
	foreach my $file (keys(%csr)) {
	if (ref($hashref->{$file.'-csr'}) eq 'HASH') {
	$message .= $file.'-csr=yes,';
	foreach my $item (@fields) {
	$message .= $hashref->{$file.'-csr'}->{$item}.',';
	}
	$message =~ s/,$//;
	$message .= '&';
	}
	}
	}
$message =~ s/\&$//;	$message =~ s/\&$//;
}	}
$message .= "\n";	$message .= "\n";

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>

Removed from v.1.6
changed lines
	Added in v.1.10