#!/usr/local/bin/perl # gencsr.cgi # Generates certificates signing requests (CSRs) require './certmgr-lib.pl'; &ReadParse(); $access{'gencsr'} || &error($text{'ecannot'}); &header($text{'gencsr_title'}, ""); if ($in{'keysize'}==512){$checked[0]=" checked";} elsif ($in{'keysize'}==2048){$checked[2]=" checked";} else {$checked[1]=" checked";} # Default keysize 1024 $in{'c'}=~tr/[a-z]/[A-Z]/; if ($in{'submitted'} eq "generate") { if (!$in{'cn'}) { $error.=$text{'gencert_e_nocn'}."
\n"; } if ($in{'password'} ne $in{'confirm_password'}) { $error.=$text{'gencert_e_badpw'}."
\n"; $in{'password'}=""; $in{'confirm_password'}=""; } if (!($in{'csrfile'} && $in{'keyfile'} )){ $error.=$text{'gencsr_e_nofilename'}."
\n"; } if (!$error) { &process(); exit; } } if ($error) { print "
$text{'gencsr_error'}\n\n$text{'gencsr_pleasefix'}\n"; } else { if (!$in{'csrfile'}) { $in{'csrfile'}=$config{'ssl_csr_dir'}."/". $config{'csr_filename'}; } if (!$in{'keyfile'}) { $in{'keyfile'}=$config{'ssl_key_dir'}."/". $config{'key_filename'}; } if (!$in{'cn'}) { $in{'cn'}=&get_system_hostname(); } if (!$in{'o'}) { $in{'o'}=$config{'default_o'}; } if (!$in{'ou'}) { $in{'ou'}=$config{'default_ou'}; } if (!$in{'l'}) { $in{'l'}=$config{'default_l'}; } if (!$in{'st'}) { $in{'st'}=$config{'default_st'}; } if (!$in{'c'}) { $in{'c'}=$config{'default_c'}; } $in{'c'}=~tr/[a-z]/[A-Z]/; if (!$in{'emailAddress'}) { $in{'emailAddress'}=$config{'default_email'}; } } print &ui_hr(); &print_cert_form("gencsr"); print &ui_hr(); &footer("", $text{'index_return'}); sub process{ $conffilename=&tempname(); $outfile=&tempname(); if (((-e $in{'csrfile'})||(-e $in{'keyfile'}))&&($in{'overwrite'} ne "yes")) { &overwriteprompt(); print &ui_hr(); &footer("", $text{'index_return'}); exit; } open(CONF,">$conffilename"); print CONF <$outfile 2>&1"))) { $error="$e_genfailed: $!"; } else { close(OPENSSL); open(ERROR,"<$outfile"); while(){$out.=$_;} close(ERROR); if (!((-e $in{'csrfile'})&&(-e $in{'keyfile'}))) { $error=$out; } else { $error=0; chmod(0400,$in{'keyfile'}); } } unlink($outfile); unlink($conffilename); print &ui_hr(); if ($error){ print "$text{'gencsr_e_genfailed'}\n
$error
\n
\n";} else { print "$text{'gencsr_genworked'}\n
$out
\n"; $url="\"view.cgi?csrfile=".&my_urlize($in{'csrfile'}).'"'; print "$text{'gencsr_saved_csr'} $in{'csrfile'}
\n"; $url="\"view.cgi?keyfile=".&my_urlize($in{'keyfile'}).'"'; print "$text{'gencert_saved_key'} $in{'keyfile'}
\n"; } print &ui_hr(); &footer("", $text{'index_return'}); } sub overwriteprompt{ my($buffer1,$buffer2,$buffer,$key,$temp_pem,$url); print "\n"; if (-e $in{'csrfile'}) { open(OPENSSL,"$config{'openssl_cmd'} req -in $in{'csrfile'} -text -noout|"); while(){ $buffer1.=$_; } close(OPENSSL); $url="\"view.cgi?csrfile=".&my_urlize($in{'csrfile'}).'"'; print "\n"; } if (-e $in{'keyfile'}) { open(OPENSSL,"$config{'openssl_cmd'} rsa -in $in{'keyfile'} -text -noout|"); while(){ $buffer.=$_; } close(OPENSSL); $url="\"view.cgi?keyfile=".&my_urlize($in{'keyfile'}).'"'; print "\n"; } print "
\n
$in{'csrfile'}
\n"; if (!$buffer1) { print $text{'e_file'};} else { &print_cert_info(0,$buffer1); } print "
\n
$in{'keyfile'}
\n"; if (!$buffer) { print $text{'e_file'};} else { &print_key_info(0,$buffer); } print "
\n"; print "$text{'gencsr_moreinfo'}"; print "
\n$text{'gencsr_overwrite'}\n

\n"; print "

\n"; foreach $key (keys %in) { print "\n"; } print "\n"; print "
\n"; }