![[BACK]](/icons/back.gif){kind=icon}
Return to SSL.pm CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / loncom / configuration|
Return to SSL.pm CVS log | Up to [LON-CAPA] / loncom / configuration |
1.1 raeburn 1: # The LearningOnline Network with CAPA
2: # Checksum installed LON-CAPA modules and some configuration files
3: #
1.7 ! raeburn 4: # $Id: SSL.pm,v 1.6 2017/05/26 03:43:43 raeburn Exp $
1.1 raeburn 5: #
6: # The LearningOnline Network with CAPA
7: #
8: # Copyright Michigan State University Board of Trustees
9: #
10: # This file is part of the LearningOnline Network with CAPA (LON-CAPA).
11: #
12: # LON-CAPA is free software; you can redistribute it and/or modify
13: # it under the terms of the GNU General Public License as published by
14: # the Free Software Foundation; either version 2 of the License, or
15: # (at your option) any later version.
16: #
17: # LON-CAPA is distributed in the hope that it will be useful,
18: # but WITHOUT ANY WARRANTY; without even the implied warranty of
19: # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20: # GNU General Public License for more details.
21: #
22: # You should have received a copy of the GNU General Public License
23: # along with LON-CAPA; if not, write to the Free Software
24: # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25: #
26: # /home/httpd/html/adm/gpl.txt
27: #
28: # http://www.lon-capa.org/
29: #
30:
31: package LONCAPA::SSL;
32: use strict;
33: use lib '/home/httpd/lib/perl/';
1.7 ! raeburn 34: use Apache::lonlocal;
1.1 raeburn 35: use Apache::lonnet();
36: use Apache::loncommon();
37: use Apache::lonhtmlcommon();
1.4 raeburn 38: use DateTime;
39: use DateTime::Format::x509;
1.1 raeburn 40: use LONCAPA;
41:
42: sub print_certstatus {
43: my ($servers,$target,$context) = @_;
44: return unless (ref($servers) eq 'HASH');
45: my $message;
46: my %lt = &Apache::lonlocal::texthash (
47: 'file' => 'File',
48: 'avai' => 'Available',
49: 'yes' => 'Yes',
50: 'no' => 'No',
1.7 ! raeburn 51: 'cn' => 'Common Name (CN)',
1.1 raeburn 52: 'start' => 'Valid From',
53: 'end' => 'Valid To',
54: 'alg' => 'Signature Algorithm',
55: 'size' => 'Public Key Size',
56: 'status' => 'Status',
57: 'email' => 'E-mail',
58: 'key' => 'Private Key',
59: 'host' => 'Connections Certificate',
60: 'hostname' => 'Replication Certificate',
61: 'ca' => 'LON-CAPA CA Certificate',
1.4 raeburn 62: 'expired' => 'Expired',
63: 'future' => 'Future validity',
1.5 raeburn 64: 'nokey' => 'No key',
1.7 ! raeburn 65: 'otherkey' => 'No matching key',
! 66: 'revoked' => 'Revoked by CA',
! 67: 'wrongcn' => 'Incorrect CN',
1.1 raeburn 68: );
69: my @files = qw(key host hostname ca);
70: my @fields = qw(status cn start end alg size email);
71: foreach my $server (sort(keys(%{$servers}))) {
1.7 ! raeburn 72: my $hostname = $servers->{$server};
! 73: my ($result,$hashref) = &Apache::lonnet::get_servercerts_info($server,
! 74: $hostname,
! 75: $context);
1.1 raeburn 76: if ($result eq 'ok' && ref($hashref) eq 'HASH') {
77: if ($target eq 'web') {
78: $message .= "<fieldset><legend>$hostname ($server)</legend>".
79: &Apache::loncommon::start_data_table().
80: &Apache::loncommon::start_data_table_header_row()."\n";
81: foreach my $item ('file','avai',@fields) {
82: $message .= '<th>'.$lt{$item}.'</th>';
83: }
84: $message .= &Apache::loncommon::end_data_table_header_row()."\n";
85: } else {
86: $message .= $server.':';
87: }
1.7 ! raeburn 88: my %csr;
1.1 raeburn 89: foreach my $file (@files) {
90: if ($target eq 'web') {
91: $message .= &Apache::loncommon::start_data_table_row()."\n".
92: '<td>'.$lt{$file}.'</td>';
93: } else {
94: $message .= $file.'=';
95: }
96: if (ref($hashref->{$file}) eq 'HASH') {
1.4 raeburn 97: my ($starttime,$endtime,$dateinvalid);
1.1 raeburn 98: if ($target eq 'web') {
99: $message .= '<td>'.$lt{'yes'}.'</td>';
100: } else {
1.5 raeburn 101: $message .= 'yes,';
1.1 raeburn 102: }
1.4 raeburn 103: unless ($file eq 'key') {
104: if ($hashref->{$file}->{'end'} ne '') {
105: my $dt = DateTime::Format::x509->parse_datetime($hashref->{$file}->{'end'});
106: if (ref($dt)) {
107: $endtime = $dt->epoch;
108: if ($endtime < time) {
1.5 raeburn 109: if ($target eq 'web') {
110: $dateinvalid = $lt{'expired'};
111: } else {
112: $dateinvalid = 'expired';
113: }
1.4 raeburn 114: }
115: }
116: }
117: if ($hashref->{$file}->{'start'} ne '') {
118: my $dt = DateTime::Format::x509->parse_datetime($hashref->{$file}->{'start'});
119: if (ref($dt)) {
120: $starttime = $dt->epoch;
121: if ($starttime > time) {
122: unless ($dateinvalid) {
1.5 raeburn 123: if ($target eq 'web') {
124: $dateinvalid = $lt{'future'};
125: } else {
126: $dateinvalid = 'future';
127: }
1.4 raeburn 128: }
129: }
130: }
131: }
132: }
1.1 raeburn 133: foreach my $item (@fields) {
134: my $display = $hashref->{$file}->{$item};
1.4 raeburn 135: if ($item eq 'status') {
136: if ($file eq 'key') {
137: if ($display =~ /ok$/) {
138: if ($target eq 'web') {
139: $display = &Apache::lonhtmlcommon::confirm_success($display);
140: }
141: }
142: } elsif ($file eq 'ca') {
143: if ($dateinvalid) {
144: $display = $dateinvalid;
145: } elsif ($target eq 'web') {
146: $display = &Apache::lonhtmlcommon::confirm_success($display);
147: }
148: } elsif ($display =~ /^ok/) {
149: if ($dateinvalid) {
150: $display = $dateinvalid;
151: } elsif ($target eq 'web') {
152: $display = &Apache::lonhtmlcommon::confirm_success($display);
153: }
1.7 ! raeburn 154: } elsif (($display eq 'nokey') || ($display eq 'otherkey') ||
! 155: ($display eq 'revoked') || ($display eq 'expired') ||
! 156: ($display eq 'wrongcn')) {
1.5 raeburn 157: if ($target eq 'web') {
1.7 ! raeburn 158: $display = $lt{$display};
! 159: }
! 160: if (ref($hashref->{$file.'-csr'}) eq 'HASH') {
! 161: if ($hashref->{$file.'-csr'}->{$item} eq 'ok') {
! 162: if ($target eq 'web') {
! 163: $display .= '<br />'.&mt('(New request awaiting signature)');
! 164: }
! 165: $csr{$file} = 1;
! 166: }
1.5 raeburn 167: }
1.4 raeburn 168: }
169: } elsif ($item eq 'start') {
170: if ($starttime) {
171: if ($target eq 'web') {
172: $display = &Apache::lonlocal::locallocaltime($starttime);
173: } else {
174: $display = $starttime;
175: }
176: }
177: } elsif ($item eq 'end') {
178: if ($endtime) {
179: if ($target eq 'web') {
180: $display = &Apache::lonlocal::locallocaltime($endtime);
181: } else {
182: $display = $endtime;
183: }
184: }
185: }
1.1 raeburn 186: if ($target eq 'web') {
187: $message .= "<td>$display</td>";
188: } else {
189: $message .= "$display,";
190: }
191: }
192: } else {
193: if ($target eq 'web') {
1.6 raeburn 194: $message .= '<td>'.$lt{'no'}.'</td>';
1.1 raeburn 195: } else {
1.5 raeburn 196: $message .= 'no,';
1.1 raeburn 197: }
1.7 ! raeburn 198: if ((($file eq 'host') || ($file eq 'hostname')) &&
! 199: (ref($hashref->{$file.'-csr'}) eq 'HASH')) {
! 200: if ($hashref->{$file.'-csr'}->{'status'} eq 'ok') {
! 201: if ($target eq 'web') {
! 202: my $colspan = scalar(@fields);
! 203: $message .= '<td colspan="'.$colspan.'">'.
! 204: &mt('Request for [_1] awaiting signature',
! 205: $lt{$file}).'</td>';
! 206: }
! 207: $csr{$file} = 1;
! 208: }
! 209: }
1.1 raeburn 210: foreach my $item (@fields) {
211: if ($target eq 'web') {
1.7 ! raeburn 212: unless ($csr{$file}) {
! 213: $message .= '<td> </td>';
! 214: }
1.1 raeburn 215: } else {
216: $message .= ',';
217: }
1.2 raeburn 218: }
219: }
220: if ($target eq 'web') {
221: $message .= &Apache::loncommon::end_data_table_row()."\n";
222: } else {
223: $message =~ s/,$//;
224: $message .= '&';
1.1 raeburn 225: }
226: }
227: if ($target eq 'web') {
228: $message .= &Apache::loncommon::end_data_table().'</fieldset>';
229: } else {
1.7 ! raeburn 230: if (keys(%csr)) {
! 231: foreach my $file (keys(%csr)) {
! 232: if (ref($hashref->{$file.'-csr'}) eq 'HASH') {
! 233: $message .= $file.'-csr=yes,';
! 234: foreach my $item (@fields) {
! 235: $message .= $hashref->{$file.'-csr'}->{$item}.',';
! 236: }
! 237: $message =~ s/,$//;
! 238: $message .= '&';
! 239: }
! 240: }
! 241: }
1.1 raeburn 242: $message =~ s/\&$//;
243: }
244: $message .= "\n";
245: } else {
246: if ($target eq 'web') {
1.3 raeburn 247: $message .= "$server:error\n";
1.1 raeburn 248: } else {
1.3 raeburn 249: $message .= "$server:error\n";
1.1 raeburn 250: }
251: }
252: }
253: return $message;
254: }
255:
256: 1;
257: