Update of /cvsroot/openca/openca-0.9/src/cgi-bin/cmds In directory usw-pr-cvs1:/tmp/cvs-serv32243 Added Files: addCrlToLDAP addCrlToLDAPbyName updateCACertsLDAP updateCertsLDAP updateCRLonLDAP updateCRLonLDAPbyName Log Message: new scripts for better LDAP-support --- NEW FILE: addCrlToLDAP --- ## OpenCA - RA Server Command ## (c) 2000-2001 by Michael Bell and OpenCA Group ## ## File Name: addCrlToLDAP ## Brief: Add a CRL to LDAP server ## Description: Add a CRL to LDAP server ## Parameters: if ( $cmd !~ /addCrlToLDAP/i ) { configError( "Wrong Command Usage ($cmd/addCrlToLDAP)!" ); exit 1; } require "export-import.lib"; print startLogPage ( "Updating the CRL on the LDAP ..."); my $key = $query->param ('key'); if (not $key and ($key != 0)) { print addPreLogLine ("<FONT COLOR=#ff0000>". "No CRL was specified!". " FAILED</FONT>"); closeLogSection (); closePage (); exit 1; } my $crl = $db->getItem ( DATATYPE => "CRL", KEY => $key ); print addLogSection ("CRL ".$crl->getParsed()->{KEY}." ..."); my $result = eximObjectToLDAP ( CRL => $crl ); if ($result and $result->{STATUS}) { print addPreLogLine ( "Added CRL to LDAP\n\tLast Update: " . $crl->getParsed()->{LAST_UPDATE} ."\n" . "\tNext Update: " . $crl->getParsed()->{NEXT_UPDATE} . "\n"); } else { print addPreLogLine ( "<FONT COLOR=#FF0000>". "Cannot write CRL to LDAP\n\tLast Update: ". $crl->getParsed()->{LAST_UPDATE} ."\n" . "\tNext Update: " . $crl->getParsed()->{NEXT_UPDATE} . "\n". "</FONT>"); } print closeLogSection (); closePage (); 1; --- NEW FILE: addCrlToLDAPbyName --- ## OpenCA - RA Server Command ## (c) 2000-2001 by Michael Bell and OpenCA Group ## ## File Name: addCrlToLDAPbyName ## Brief: Add a CRL to LDAP server with changed issuer ## Description: Add a CRL to LDAP server with changed issuer ## Parameters: if ( $cmd !~ /addCrlToLDAPbyName/i ) { configError( "Wrong Command Usage ($cmd/addCrlToLDAPbyName)!" ); exit 1; } require "export-import.lib"; print startLogPage ( "Updating the CRL on the LDAP ..."); my $key = $query->param ('key'); if (not $key and ($key != 0)) { print addPreLogLine ("<FONT COLOR=#ff0000>". "No CRL was specified!". " FAILED</FONT>"); closeLogSection (); closePage (); exit 1; } my $dn = $query->param ('new_dn'); if (not $dn) { print addPreLogLine ("<FONT COLOR=#ff0000>". "No special issuer was specified!". " FAILED</FONT>"); closeLogSection (); closePage (); exit 1; } my $crl = $db->getItem ( DATATYPE => "CRL", KEY => $key ); print addLogSection ("CRL ".$crl->getParsed()->{KEY}." ..."); $crl->{parsedItem}->{ISSUER} = $dn; my $result = eximObjectToLDAP ( CRL => $crl ); if ($result and $result->{STATUS}) { print addPreLogLine ( "Added CRL to LDAP\n\tLast Update: " . $crl->getParsed()->{LAST_UPDATE} ."\n" . "\tNext Update: " . $crl->getParsed()->{NEXT_UPDATE} . "\n"); } else { print addPreLogLine ( "<FONT COLOR=#FF0000>". "Cannot write CRL to LDAP\n\tLast Update: ". $crl->getParsed()->{LAST_UPDATE} ."\n" . "\tNext Update: " . $crl->getParsed()->{NEXT_UPDATE} . "\n". "</FONT>"); } print closeLogSection (); closePage (); 1; --- NEW FILE: updateCACertsLDAP --- ## OpenCA - RA Server Command ## (c) 2000-2001 by Michael Bell and OpenCA Group ## ## File Name: addCertsLDAP ## Brief: Add all certificates to LDAP server ## Description: Add all issued certificates to LDAP server ## Parameters: if ( $cmd !~ /addCertsLDAP/i ) { configError( "Wrong Command Usage ($cmd/addCertsLDAP)!" ); exit 1; } require "export-import.lib"; my $dn = getRequired ('LDAP_CA_DN'); ## ca-certificates print startLogPage ("Exporting valid ca-certificates to LDAP ..."); print addLogSection ("Checking for a special DN where to store CA-certififcates ..."); if ($dn) { print addPreLogLine ("Special DN is \"".$dn."\""); } else { print addPreLogLine ("There is no special DN specified."); } print closeLogSection (); print addLogSection ("Adding valid CA-certificates to the LDAP server ..."); my @items = $db->searchItems ( DATATYPE => "VALID_CA_CERTIFICATE" ); for my $h (@items) { if ($dn) { $h->{parsedItem}->{DN} = $dn; } my $result = eximObjectToLDAP ( AUTHORITY_CERTIFICATE => $h ); if ($result and $result->{STATUS}) { print addPreLogLine ("Certificate ".$h->getSerial()." OK"); } else { print addPreLogLine ("<FONT COLOR=#ff0000>". "Certificate ".$h->getSerial(). " FAILED</FONT>"); } } closeLogSection (); closePage (); 1; --- NEW FILE: updateCertsLDAP --- ## OpenCA - RA Server Command ## (c) 2000-2001 by Michael Bell and OpenCA Group ## ## File Name: addCertsLDAP ## Brief: Add all certificates to LDAP server ## Description: Add all issued certificates to LDAP server ## Parameters: if ( $cmd !~ /addCertsLDAP/i ) { configError( "Wrong Command Usage ($cmd/addCertsLDAP)!" ); exit 1; } require "export-import.lib"; ## certificates print startLogPage ("Exporting valid certificates to LDAP ..."); my @items = $db->searchItems ( DATATYPE => "VALID_CERTIFICATE" ); for my $h (@items) { my $result = eximObjectToLDAP ( CERTIFICATE => $h ); if ($result and $result->{STATUS}) { print addPreLogLine ("Certificate ".$h->getSerial()." OK"); } else { print addPreLogLine ("<FONT COLOR=#ff0000>". "Certificate ".$h->getSerial(). " FAILED</FONT>"); } } closeLogSection (); ## remove revoked certificates print startLogPage ("Removing revoked certificates from LDAP ..."); my @items = $db->searchItems ( DATATYPE => "REVOKED_CERTIFICATE" ); for my $h (@items) { my $result = deleteLDAPattribute ( CERTIFICATE => $h ); if ($result and $result->{STATUS}) { print addPreLogLine ("Certificate ".$h->getSerial()." removed"); } else { print addPreLogLine ("<FONT COLOR=#ff0000>". "Certificate ".$h->getSerial(). " NOT REMOVED</FONT>"); } } closeLogSection (); ## remove revoked certificates print startLogPage ("Removing suspended certificates from LDAP ..."); my @items = $db->searchItems ( DATATYPE => "SUSPENDED_CERTIFICATE" ); for my $h (@items) { my $result = deleteLDAPattribute ( CERTIFICATE => $h ); if ($result and $result->{STATUS}) { print addPreLogLine ("Certificate ".$h->getSerial()." removed"); } else { print addPreLogLine ("<FONT COLOR=#ff0000>". "Certificate ".$h->getSerial(). " NOT REMOVED</FONT>"); } } closeLogSection (); closePage (); 1; --- NEW FILE: updateCRLonLDAP --- ## OpenCA - RA Server Command ## (c) 2000-2001 by Michael Bell and OpenCA Group ## ## File Name: addCrlLDAP ## Brief: Add the most actual CRL to LDAP server ## Description: Add the most actual CRL to LDAP server ## Parameters: if ( $cmd !~ /addCrlLDAP/i ) { configError( "Wrong Command Usage ($cmd/addCrlLDAP)!" ); exit 1; } require "export-import.lib"; print startLogPage ( "Updating the CRL on the LDAP ..."); ## crls my $crl = LDAP_get_crl (); print addLogSection ("CRL ".$crl->getParsed()->{KEY}." ..."); my $result = eximObjectToLDAP ( CRL => $crl ); if ($result and $result->{STATUS}) { print addPreLogLine ( "Added CRL to LDAP\n\tLast Update: " . $crl->getParsed()->{LAST_UPDATE} ."\n" . "\tNext Update: " . $crl->getParsed()->{NEXT_UPDATE} . "\n"); } else { print addPreLogLine ( "<FONT COLOR=#FF0000>". "Cannot write CRL to LDAP\n\tLast Update: ". $crl->getParsed()->{LAST_UPDATE} ."\n" . "\tNext Update: " . $crl->getParsed()->{NEXT_UPDATE} . "\n". "</FONT>"); } print closeLogSection (); closePage (); 1; --- NEW FILE: updateCRLonLDAPbyName --- ## OpenCA - RA Server Command ## (c) 2000-2001 by Michael Bell and OpenCA Group ## ## File Name: addCrlLDAP ## Brief: Add the most actual CRL to LDAP server ## Description: Add the most actual CRL to LDAP server ## Parameters: if ( $cmd !~ /addCrlLDAP/i ) { configError( "Wrong Command Usage ($cmd/addCrlLDAP)!" ); exit 1; } require "export-import.lib"; print startLogPage ( "Updating the CRL on the LDAP ..."); print addLogSection ( "Loading CRL ..."); my $crl = LDAP_get_crl (); if ($crl) { print addPreLogLine ("loaded CRL ".$crl->getSerial()); } else { print addPreLogLine ("<FONT COLOR=#FF0000>Cannot load most actual CRL</FONT>"); print closeLogSection (); print closeLogPage (); exit 1; } print closeLogSection (); print addLogSection ( "Checking the configuration for a special issuer ..."); my $dn = getRequired ('LDAP_CRL_Issuer'); if (not $dn) { print addPreLogLine ("No special issuer was specified!"); } else { print addPreLogLine ("Special issuer is \"".$dn."\""); $crl->{parsedItem}->{ISSUER} = $dn; } print closeLogSection (); print addLogSection ("Pushing CRL ".$crl->getSerial()." to LDAP ..."); my $result = eximObjectToLDAP ( CRL => $crl ); if ($result and $result->{STATUS}) { print addPreLogLine ( "Added CRL to LDAP\n\tLast Update: " . $crl->getParsed()->{LAST_UPDATE} ."\n" . "\tNext Update: " . $crl->getParsed()->{NEXT_UPDATE} . "\n"); } else { print addPreLogLine ( "<FONT COLOR=#FF0000>". "Cannot write CRL to LDAP\n\tLast Update: ". $crl->getParsed()->{LAST_UPDATE} ."\n" . "\tNext Update: " . $crl->getParsed()->{NEXT_UPDATE} . "\n". "</FONT>"); } print closeLogSection (); closePage (); 1; |