Mercurial Mercurial > prosody > prosody / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
prosodyctl
changeset 6840 13b44929ae49
parent 6787 4da860edc27c
child 6847 8946052e12d2
equal deleted inserted replaced
6837:750a97b45f88 6840:13b44929ae49 
   673 local openssl;
 
   673 local openssl;
 
   674 local lfs;
 
   674 local lfs;
 
   675 
   675 
   676 local cert_commands = {};
 
   676 local cert_commands = {};
 
   677 
   677 
   678 local function ask_overwrite(filename)
 
   678 -- If a file already exists, ask if the user wants to use it or replace it
 
   679 	return lfs.attributes(filename) and not show_yesno("Overwrite "..filename .. "?");
 
   679 -- Backups the old file if replaced
 
       
   680 local function use_existing(filename)
 
       
   681 	local attrs = lfs.attributes(filename);
 
       
   682 	if attrs then
 
       
   683 		if show_yesno(filename .. " exists, do you want to replace it? [y/n]") then
 
       
   684 			local backup = filename..".bkp~"..os.date("%FT%T", attrs.change);
 
       
   685 			os.rename(filename, backup);
 
       
   686 			show_message(filename.." backed up to "..backup);
 
       
   687 		else
 
       
   688 			-- Use the existing file
 
       
   689 			return true;
 
       
   690 		end
 
       
   691 	end
 
   680 end
 
   692 end
 
   681 
   693 
   682 function cert_commands.config(arg)
 
   694 function cert_commands.config(arg)
 
   683 	if #arg >= 1 and arg[1] ~= "--help" then
 
   695 	if #arg >= 1 and arg[1] ~= "--help" then
 
   684 		local conf_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".cnf";
 
   696 		local conf_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".cnf";
 
   685 		if ask_overwrite(conf_filename) then
 
   697 		if use_existing(conf_filename) then
 
   686 			return nil, conf_filename;
 
   698 			return nil, conf_filename;
 
   687 		end
 
   699 		end
 
   688 		local conf = openssl.config.new();
 
   700 		local conf = openssl.config.new();
 
   689 		conf:from_prosody(hosts, config, arg);
 
   701 		conf:from_prosody(hosts, config, arg);
 
   690 		show_message("Please provide details to include in the certificate config file.");
 
   702 		show_message("Please provide details to include in the certificate config file.");
 
   728 end
 
   740 end
 
   729 
   741 
   730 function cert_commands.key(arg)
 
   742 function cert_commands.key(arg)
 
   731 	if #arg >= 1 and arg[1] ~= "--help" then
 
   743 	if #arg >= 1 and arg[1] ~= "--help" then
 
   732 		local key_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".key";
 
   744 		local key_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".key";
 
   733 		if ask_overwrite(key_filename) then
 
   745 		if use_existing(key_filename) then
 
   734 			return nil, key_filename;
 
   746 			return nil, key_filename;
 
   735 		end
 
   747 		end
 
   736 		os.remove(key_filename); -- This file, if it exists is unlikely to have write permissions
 
   748 		os.remove(key_filename); -- This file, if it exists is unlikely to have write permissions
 
   737 		local key_size = tonumber(arg[2] or show_prompt("Choose key size (2048):") or 2048);
 
   749 		local key_size = tonumber(arg[2] or show_prompt("Choose key size (2048):") or 2048);
 
   738 		local old_umask = pposix.umask("0377");
 
   750 		local old_umask = pposix.umask("0377");
 
   750 end
 
   762 end
 
   751 
   763 
   752 function cert_commands.request(arg)
 
   764 function cert_commands.request(arg)
 
   753 	if #arg >= 1 and arg[1] ~= "--help" then
 
   765 	if #arg >= 1 and arg[1] ~= "--help" then
 
   754 		local req_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".req";
 
   766 		local req_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".req";
 
   755 		if ask_overwrite(req_filename) then
 
   767 		if use_existing(req_filename) then
 
   756 			return nil, req_filename;
 
   768 			return nil, req_filename;
 
   757 		end
 
   769 		end
 
   758 		local _, key_filename = cert_commands.key({arg[1]});
 
   770 		local _, key_filename = cert_commands.key({arg[1]});
 
   759 		local _, conf_filename = cert_commands.config(arg);
 
   771 		local _, conf_filename = cert_commands.config(arg);
 
   760 		if openssl.req{new=true, key=key_filename, utf8=true, sha256=true, config=conf_filename, out=req_filename} then
 
   772 		if openssl.req{new=true, key=key_filename, utf8=true, sha256=true, config=conf_filename, out=req_filename} then
 
   768 end
 
   780 end
 
   769 
   781 
   770 function cert_commands.generate(arg)
 
   782 function cert_commands.generate(arg)
 
   771 	if #arg >= 1 and arg[1] ~= "--help" then
 
   783 	if #arg >= 1 and arg[1] ~= "--help" then
 
   772 		local cert_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".crt";
 
   784 		local cert_filename = (CFG_DATADIR or "./certs") .. "/" .. arg[1] .. ".crt";
 
   773 		if ask_overwrite(cert_filename) then
 
   785 		if use_existing(cert_filename) then
 
   774 			return nil, cert_filename;
 
   786 			return nil, cert_filename;
 
   775 		end
 
   787 		end
 
   776 		local _, key_filename = cert_commands.key({arg[1]});
 
   788 		local _, key_filename = cert_commands.key({arg[1]});
 
   777 		local _, conf_filename = cert_commands.config(arg);
 
   789 		local _, conf_filename = cert_commands.config(arg);
 
   778 		local ret;
 
   790 		local ret;
prosody