Commit 3cc4b960 authored by Ted Trask's avatar Ted Trask
Browse files

Remove trailing whitespace

parent 79874d7c
......@@ -10,11 +10,11 @@ APP_DIST=\
ETC_DIST=\
openssl-ca-acf.cnf
EXTRA_DIST=README Makefile config.mk
DISTFILES=$(APP_DIST) $(EXTRA_DIST) $(ETC_DIST)
DISTFILES=$(APP_DIST) $(EXTRA_DIST) $(ETC_DIST)
TAR=tar
......@@ -32,7 +32,7 @@ install:
mkdir -p "$(install_dir)"
cp -a $(APP_DIST) "$(install_dir)"
mkdir -p "$(DESTDIR)/etc/ssl"
cp $(ETC_DIST) $(DESTDIR)/etc/ssl/
cp $(ETC_DIST) $(DESTDIR)/etc/ssl/
$(tarball): $(DISTFILES)
rm -rf $(P)
......
......@@ -108,7 +108,7 @@ end
mymodule.downloadcacert = function(self)
return self.model.getca(self, self.clientdata)
end
-- Generate a self-signed CA
mymodule.generatecacert = function(self)
return self.handle_form(self, self.model.getnewcarequest, self.model.generateca, self.clientdata, "Generate", "Generate CA Certificate", "Certificate Generated")
......
......@@ -10,7 +10,7 @@ validator = require("acf.validator")
-- There are two options of how to allow users to specify the type of certificate they want - the request extensions
-- and the ca signing extensions. We have opted for making all requests look the same (same extensions) and defining
-- different ca sections for the different types of certificates. The ca section to use when signing the request is
-- actually stored in the request filename. The request filename is in the following format:
-- 'username'.'ca section name'.'common name'.csr
local packagename = "openssl"
......@@ -303,10 +303,10 @@ local listcerts = function(user)
local crtlist = {}
for i,x in ipairs(files) do
local name = string.gsub(posix.basename(x), ".pfx$", "")
local a,b,c,d = string.match(name,
local a,b,c,d = string.match(name,
"([^%.]*)%.([^%.]*)%.([^%.]*).([^%.]*)")
list[#list + 1] = {cert=name, user=a, certtype=b,
commonName=unhashname(c), serial=d, enddate=enddate,
list[#list + 1] = {cert=name, user=a, certtype=b,
commonName=unhashname(c), serial=d, enddate=enddate,
daysremaining=time}
crtlist[#crtlist+1] = "x509 -in "..basedir..certdir..name..".crt -noout -enddate"
end
......@@ -316,9 +316,9 @@ local listcerts = function(user)
for i,x in ipairs(files) do
local enddate = string.match(outtab[i] or "", "notAfter=(.*)") or "Jan 1 00:00:01 1970 GMT"
local month, day, year =
local month, day, year =
string.match(enddate, "(%a+)%s+(%d+)%s+%S+%s+(%d+)")
local reversemonth = {Jan=1,Feb=2,Mar=3,Apr=4,May=5,Jun=6,
Jul=7,Aug=8,Sep=9,Oct=10,Nov=11,Dec=12}
local time = os.time({year=year, month=reversemonth[month], day=day})
......@@ -350,7 +350,7 @@ end
local checkenvironment = function()
local errtxt = {}
local cmdline = {}
-- First check for the openssl, req, and cert directories
errtxt[#errtxt+1], cmdline[#cmdline+1] = checkdir("openssl directory", basedir)
errtxt[#errtxt+1], cmdline[#cmdline+1] = checkdir("new certificate directory", basedir..certdir)
......@@ -366,16 +366,16 @@ local checkenvironment = function()
local file = getconfigentry(config.ca.default_ca, "certificate")
chkpath = posix.dirname(file)
errtxt[#errtxt+1], cmdline[#cmdline+1] = checkdir("certificate directory", chkpath)
file = getconfigentry(config.ca.default_ca, "private_key")
chkpath = posix.dirname(file)
errtxt[#errtxt+1], cmdline[#cmdline+1] = checkdir("private_key directory", chkpath)
file = getconfigentry(config.ca.default_ca, "database")
chkpath = posix.dirname(file)
errtxt[#errtxt+1], cmdline[#cmdline+1] = checkdir("database directory", chkpath)
errtxt[#errtxt+1], cmdline[#cmdline+1] = checkfile("database", file)
file = getconfigentry(config.ca.default_ca, "serial")
chkpath = posix.dirname(file)
errtxt[#errtxt+1], cmdline[#cmdline+1] = checkdir("serial directory", chkpath)
......@@ -460,13 +460,13 @@ mymodule.getreqdefaults = function(self, clientdata)
--Add in the encryption bit default
local encryption = config.req.default_bits
defaults.value.encryption = cfe({ type="select", label="Encryption Bits", value=encryption, option={"2048", "4096"}, seq=94 })
-- Add in the default days
local validdays = getconfigentry(config.ca.default_ca, "default_days")
defaults.value.validdays = cfe({ type="text", label="Period of Validity (Days)", value=validdays, descr="Number of days this certificate is valid for", seq=95 })
-- Add in the ca type default
defaults.value.certtype = cfe({ type="select", label="Certificate Type",
defaults.value.certtype = cfe({ type="select", label="Certificate Type",
value=config.ca.default_ca, option=find_ca_sections(), seq=96 })
-- Add in the extensions
local extensions = ""
......@@ -476,7 +476,7 @@ mymodule.getreqdefaults = function(self, clientdata)
extensions = format.get_ini_section(content, config.req.req_extensions)
end
defaults.value.extensions = cfe({ type="longtext", label="Additional x509 Extensions", value=extensions, descr="These extensions can be overridden by the Certificate Type", seq=97 })
return defaults
end
......@@ -541,7 +541,7 @@ mymodule.submitrequest = function(self, defaults, submit, user)
defaults.errtxt = "Failed to submit request\nRequest already exists"
success = false
end
if not tonumber(defaults.value.validdays.value) then
defaults.value.validdays.errtxt = "Period of Validity is not a number"
success = false
......@@ -566,13 +566,13 @@ mymodule.submitrequest = function(self, defaults, submit, user)
end
end
end
fileval = format.update_ini_file(fileval, "req","default_bits",defaults.value.encryption.value)
fileval = format.update_ini_file(fileval, "","default_days",defaults.value.validdays.value)
fileval = format.update_ini_file(fileval, "","default_days",defaults.value.validdays.value)
fileval = format.set_ini_section(fileval, ext_section, content)
fileval = format.update_ini_file(fileval, "req", "req_extensions", ext_section)
fs.write_file(reqname..".cfg", fileval)
defaults.descr, defaults.errtxt = modelfunctions.run_executable({"openssl", "req", "-nodes", "-new", "-config", reqname..".cfg", "-keyout", reqname..".pem", "-out", reqname..".csr", "-subj", subject}, true)
local certfilestats = posix.stat(reqname..".csr")
local keyfilestats = posix.stat(reqname..".pem")
......@@ -641,7 +641,7 @@ mymodule.approverequest = function(self, apprequest)
local serialfile = fs.read_file(serialpath) or ""
local serial = string.match(serialfile, "%x+")
local certname = basedir..certdir..apprequest.value.request.value.."."..serial
-- Now, sign the certificate
apprequest.descr, apprequest.errtxt = modelfunctions.run_executable({"openssl", "ca", "-config", reqpath..".cfg", "-in", reqpath..".csr", "-out", certname..".crt", "-name", certtype, "-batch"}, true)
......@@ -897,7 +897,7 @@ mymodule.putca = function(self, newca)
success = false
end
end
-- Now, get the key
if success then
cmdresult = modelfunctions.run_executable({"openssl", "pkcs12", "-in", newca.value.ca.value, "-out", newca.value.ca.value.."key.pem", "-password", "pass:"..newca.value.password.value, "-nocerts", "-nodes"}, true)
......
......@@ -99,7 +99,7 @@ if view.value.revoked and #view.value.revoked.value > 0 then
else
approved = view.value.approved.value
end %>
<% htmlviewfunctions.displaysectionstart(cfe({label="Approved certificate requests"..label}), page_info, header_level) %>
<% if #approved == 0 then %>
<p>No certificates approved</p>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment