X-Original-To: alpine-devel@lists.alpinelinux.org Delivered-To: alpine-devel@mail.alpinelinux.org Received: from nm13.bullet.mail.bf1.yahoo.com (nm13.bullet.mail.bf1.yahoo.com [98.139.212.172]) by mail.alpinelinux.org (Postfix) with SMTP id 196F4152124F for ; Tue, 5 Jul 2011 23:17:55 +0000 (UTC) Received: from [98.139.212.151] by nm13.bullet.mail.bf1.yahoo.com with NNFMP; 05 Jul 2011 23:17:43 -0000 Received: from [98.139.212.207] by tm8.bullet.mail.bf1.yahoo.com with NNFMP; 05 Jul 2011 23:17:43 -0000 Received: from [127.0.0.1] by omp1016.mail.bf1.yahoo.com with NNFMP; 05 Jul 2011 23:17:43 -0000 X-Yahoo-Newman-Property: ymail-3 X-Yahoo-Newman-Id: 655121.19382.bm@omp1016.mail.bf1.yahoo.com Received: (qmail 21818 invoked by uid 60001); 5 Jul 2011 23:17:42 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1309907862; bh=DSoVBRmoXa6x8jCCBQisqekG5XYW8D2xdiqw1AB1KJs=; h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=al4hyCMzujQ1J7F56O7YFFM3QZgASnf63nXnfyXg8N2lYTB4/WrN3d/8BbMlkPu3bujCgE4ggESqe1S/dMLE0rqGzt8aHfjk7FU8PDj+eC1TD5KdI5DQFLcXNlmaNo36hdDSl3iUMFflxxFIUILp13+L1HddphOXLFIqHkX4OUI= DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:X-Mailer:References:Message-ID:Date:From:Reply-To:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=06biOfAbXKYhzRQRCwUwAIbM0sog8F+a6MU0MLGAZ4po16VV9xA0kSVVpw56vz/k6OTdToczPQcnfbMBdsdAJ5qhDAaxxtVUf4/+xy5A5CWTjih3Bs09Pwhs3kzJqyW3rljy4Prb/MNdcfFX9DrkrCGYExm7H5v9MmcvfnK5J+8=; X-YMail-OSG: 0MPJ8QoVM1lvKv.MWxNWaxXzngHt7kIwy9WkOkns6B96WPM MZtyzE5R.0oP77r6588vKU5wEI3r2XsEN.cix8mmHM.zeI61A_WnbcvdlOuY B1GEfFdveI1Y3EjewgW_rQ5HgsVUqg5VOJZ0Ch2_Ibm_hxByiX0PK429a8lB rxuXUDKfHeMSuZzctiFjHeRVRV7lJ0nc7AQffooETGXnFLUyQw4cKMRxWwPX SWdQYN3EsUS9.OzfahywgISpilsy6bgdWaI0REVcooDbc_ynJtBZfVscBhyn kJEI0_0PO0I3qt_T8duk6reNmWeM4f6AKSXHPc6oFXnC63hHFCA7OOy6smvM J_xfzP8_ixo.goxbpNZWVHN1UH6w_59hMIKpadSZ0e34Jdn1HboVXXJbQLYP HPqlYz1BsAGYS9WqY84JQE_.eCtc8EIRhKcmFjuhHSLkTVfmNPowFR.lTMLS JQ8FIm4BP4tkbafDY Received: from [208.74.141.254] by web130112.mail.mud.yahoo.com via HTTP; Tue, 05 Jul 2011 16:17:42 PDT X-Mailer: YahooMailWebService/0.8.112.307740 References: <1308831937-19564-1-git-send-email-lukestu@gmail.com> Message-ID: <1309907862.21790.YahooMailNeo@web130112.mail.mud.yahoo.com> Date: Tue, 5 Jul 2011 16:17:42 -0700 (PDT) From: Ted Trask Reply-To: Ted Trask Subject: Re: [alpine-devel] [PATCH] acf-openssl: as per feature request #354: download cert plus set encryption bits and period of validity To: Luke Stuart , "alpine-devel@lists.alpinelinux.org" In-Reply-To: X-Mailinglist: alpine-devel Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="0-969923404-1309907862=:21790" --0-969923404-1309907862=:21790 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable I tried to apply the patch, but ran into trouble. I kept getting line wraps= and HTML tags and other garbage. Since I tried it with two different mail = clients, I'm wondering if it was a problem when sending the patch. Can you = please try again using 'git send-email'?=0A=0AOr, can someone else help me = to apply the patch?=0A=0AThanks.=0A=0A=0ATed=0A=0A=0A=0A=0A________________= ________________=0AFrom: Luke Stuart =0ATo: alpine-devel= @lists.alpinelinux.org=0ASent: Thursday, June 23, 2011 8:30 AM=0ASubject: [= alpine-devel] [PATCH] acf-openssl: as per feature request #354: download ce= rt plus set encryption bits and period of validity=0A=0A---=0A=A0openssl-co= ntroller.lua =A0 =A0 =A0 =A0| =A0 =A05 +++++=0A=A0openssl-editdefaults-html= .lsp | =A0 =A02 +-=0A=A0openssl-model.lua =A0 =A0 =A0 =A0 =A0 =A0 | =A0 32 = ++++++++++++++++++++++++++++----=0A=A0openssl-request-html.lsp =A0 =A0 =A0|= =A0 =A02 +-=0A=A0openssl-status-html.lsp =A0 =A0 =A0 | =A0 =A03 ++-=0A=A0o= penssl.roles =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 | =A0 =A06 +++---=0A=A06 files= changed, 40 insertions(+), 10 deletions(-)=0A=0Adiff --git a/openssl-contr= oller.lua b/openssl-controller.lua=0Aindex 7d9ae9a..3f8750b 100755=0A--- a/= openssl-controller.lua=0A+++ b/openssl-controller.lua=0A@@ -116,6 +116,11 @= @ putcacert =3D function(self)=0A=A0 =A0 =A0 =A0return controllerfunctions.= handle_form(self,=0Aself.model.getnewputca, self.model.putca, self.clientda= ta, "Upload",=0A"Upload CA Certificate", "Certificate Uploaded")=0A=A0end= =0A=0A+downloadpem =3D function(self)=0A+ =A0 =A0 =A0 =A0self.conf.viewtype= =3D"stream"=0A+ =A0 =A0 =A0 =A0return self.model.getpem(self.clientdata.dlp= ath)=0A+end=0A+=0A=A0-- Generate a self-signed CA=0A=A0generatecacert =3D f= unction(self)=0A=A0 =A0 =A0 =A0return controllerfunctions.handle_form(self,= =0Aself.model.getnewcarequest, self.model.generateca, self.clientdata,=0A"G= enerate", "Generate CA Certificate", "Certificate Generated")=0Adiff --git = a/openssl-editdefaults-html.lsp b/openssl-editdefaults-html.lsp=0Aindex 905= 2213..b73b0a8 100644=0A--- a/openssl-editdefaults-html.lsp=0A+++ b/openssl-= editdefaults-html.lsp=0A@@ -6,7 +6,7 @@=0A=A0 =A0 =A0 =A0form.action =3D pa= ge_info.script .. page_info.prefix ..=0Apage_info.controller .. "/" .. page= _info.action=0A=A0 =A0 =A0 =A0local order =3D { "countryName", "C", "stateO= rProvinceName",=0A"ST", "localityName", "L", "organizationName", "O",=0A=A0= =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0"organizationalUnitName", "OU",= "commonName",=0A"CN", "emailAddress" }=0A- =A0 =A0 =A0 local finishingorde= r =3D { "certtype", "extensions" }=0A+ =A0 =A0 =A0 local finishingorder =3D= { "encryption", "validdays",=0A"certtype", "extensions" }=0A=A0 =A0 =A0 = =A0displayform(form, order, finishingorder)=0A=A0%>=0A=0Adiff --git a/opens= sl-model.lua b/openssl-model.lua=0Aindex b5a84a6..a9b6f83 100755=0A--- a/op= enssl-model.lua=0A+++ b/openssl-model.lua=0A@@ -30,7 +30,7 @@ local short_n= ames =3D { countryName=3D"C",=0AstateOrProvinceName=3D"ST", localityName=3D= "L=0A=A0local extensions =3D { "basicConstraints", "nsCertType", "nsComment= ",=0A"keyUsage", "subjectKeyIdentifier",=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0"authorityKeyIdentifier", "subjectAltName",=0A"issuerAltName= " }=0A=A0-- list of entries that must be found in ca section (used to defin= e=0Aour certificate types)=0A-local ca_mandatory_entries =3D { "new_certs_d= ir", "certificate",=0A"private_key", "default_md", "database", "serial", "p= olicy" }=0A+local ca_mandatory_entries =3D { "new_certs_dir", "certificate"= ,=0A"private_key", "default_md", "database", "serial", "policy",=0A"default= _days" }=0A=0A=A0-- Create a cfe with the distinguished name defaults=0A=A0= local getdefaults =3D function()=0A@@ -308,6 +308,14 @@ end=0A=A0getreqdefa= ults =3D function()=0A=A0 =A0 =A0 =A0local defaults =3D getdefaults()=0A=0A= + =A0 =A0 =A0 =A0--Add in the encryption bit default=0A+ =A0 =A0 =A0 =A0 lo= cal encryption =3D config.req.default_bits=0A+ =A0 =A0 =A0 =A0 defaults.val= ue.encryption =3D cfe({ type=3D"select",=0Alabel=3D"Encryption Bits", value= =3Dencryption, option=3D{"2048", "4096"} })=0A+=0A+ =A0 =A0 =A0 =A0 -- Add = in the default days=0A+ =A0 =A0 =A0 =A0 local validdays =3D getconfigentry(= config.ca.default_ca, "default_days")=0A+ =A0 =A0 =A0 =A0 defaults.value.va= liddays =3D cfe({ type=3D"text", label=3D"Period=0Aof Validity (Days)", val= ue=3Dvaliddays, descr=3D"Number of days this=0Acertificate is valid for" })= =0A+=0A=A0 =A0 =A0 =A0-- Add in the ca type default=0A=A0 =A0 =A0 =A0defaul= ts.value.certtype =3D cfe({ type=3D"select", label=3D"Certificate Type",=0A= =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0value=3Dconfig.ca.default_ca, option=3Dfind_= ca_sections() })=0A@@ -339,9 +347,10 @@ setreqdefaults =3D function(default= s)=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0ext_section =3D config.= req.req_extensions=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0end=0A=A0 =A0 =A0 =A0 = =A0 =A0 =A0 =A0config =3D nil=0A+ =A0 =A0 =A0 =A0 =A0 =A0 =A0 fileval =3D= =0Aformat.update_ini_file(fileval,"","default_days",defaults.value.validday= s.value)=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0fileval =3D format.set_ini_sectio= n(fileval, ext_section,=0Aformat.dostounix(defaults.value.extensions.value)= )=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0fileval =3D format.update_ini_file(filev= al, "ca",=0A"default_ca", defaults.value.certtype.value)=0A- =A0 =A0 =A0 = =A0 =A0 =A0 =A0 fileval =3D write_distinguished_names(fileval, defaults,=0A= {"certtype", "extensions"})=0A+ =A0 =A0 =A0 =A0 =A0 =A0 =A0 fileval =3D wri= te_distinguished_names(fileval, defaults,=0A{"certtype", "extensions", "val= iddays"})=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0fs.write_file(configfile, fileva= l)=0A=A0 =A0 =A0 =A0end=0A=0A@@ -383,6 +392,11 @@ submitrequest =3D functio= n(defaults, user)=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0defaults.errtxt =3D "Fai= led to submit request\nRequest=0Aalready exists"=0A=A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0success =3D false=0A=A0 =A0 =A0 =A0end=0A+=0A+ =A0 =A0 =A0 if not to= number(defaults.value.validdays.value) then=0A+ =A0 =A0 =A0 =A0 =A0 =A0 =A0= defaults.value.validdays.errtxt =3D "Period of Validity=0Ais not a number"= =0A+ =A0 =A0 =A0 =A0 =A0 =A0 =A0 success =3D false=0A+ =A0 =A0 =A0 end=0A= =0A=A0 =A0 =A0 =A0if success then=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0-- Submi= t the request=0A@@ -403,7 +417,9 @@ submitrequest =3D function(defaults, us= er)=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0end=0A= =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0end=0A=A0 =A0 =A0 =A0 =A0 = =A0 =A0 =A0end=0A-=0A+=0A+ =A0 =A0 =A0 =A0 =A0 =A0 =A0 fileval =3D format.u= pdate_ini_file(fileval,=0A"req","default_bits",defaults.value.encryption.va= lue)=0A+ =A0 =A0 =A0 =A0 =A0 =A0 =A0 fileval =3D format.update_ini_file(fil= eval,=0A"","default_days",defaults.value.validdays.value)=0A=A0 =A0 =A0 =A0= =A0 =A0 =A0 =A0fileval =3D format.set_ini_section(fileval, ext_section, co= ntent)=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0fileval =3D format.update_ini_file(= fileval, "req",=0A"req_extensions", ext_section)=0A=A0 =A0 =A0 =A0 =A0 =A0 = =A0 =A0fs.write_file(reqname..".cfg", fileval)=0A@@ -470,7 +486,7 @@ approv= erequest =3D function(request)=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0local certn= ame =3D certdir..request.."."..serial=0A=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0-= - Now, sign the certificate=0A- =A0 =A0 =A0 =A0 =A0 =A0 =A0 local cmd =3D p= ath .. "openssl ca -config=0A"..configfile.." -in "..format.escapespecialch= aracters(reqpath)..".csr=0A-out "..format.escapespecialcharacters(certname)= ..".crt -name=0A"..format.escapespecialcharacters(certtype).." -batch 2>&1"= =0A+ =A0 =A0 =A0 =A0 =A0 =A0 =A0 local cmd =3D path .. "openssl ca -config= =0A"..format.escapespecialcharacters(reqpath)..".cfg -in=0A"..format.escape= specialcharacters(reqpath)..".csr -out=0A"..format.escapespecialcharacters(= certname)..".crt -name=0A"..format.escapespecialcharacters(certtype).." -ba= tch 2>&1"=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0local f =3D io.popen(cmd)=0A=A0 = =A0 =A0 =A0 =A0 =A0 =A0 =A0cmdresult.value =3D f:read("*a")=0A=A0 =A0 =A0 = =A0 =A0 =A0 =A0 =A0f:close()=0A@@ -680,6 +696,14 @@ getcrl =3D function(crl= type)=0A=A0 =A0 =A0 =A0return crlfile=0A=A0end=0A=0A+getpem =3D function(pe= m)=0A+ =A0 =A0 =A0 =A0local f =3D fs.read_file(pem) or ""=0A+ =A0 =A0 =A0 = =A0local fname =3D string.gsub(pem, ".*/", "")=0A+ =A0 =A0 =A0 =A0if valida= tor.is_valid_filename(pem, openssldir) then=0A+ =A0 =A0 =A0 =A0 =A0 =A0 =A0= =A0return cfe({ type=3D"raw", value=3Df, label=3Dfname,=0Aoption=3D"applic= ation/x-pkcs12" })=0A+ =A0 =A0 =A0 =A0end=0A+end=0A+=0A=A0getnewputca =3D f= unction()=0A=A0 =A0 =A0 =A0local ca =3D cfe({ type=3D"raw", value=3D0, labe= l=3D"CA Certificate",=0Adescr=3D'File must be a password protected ".pfx" f= ile' })=0A=A0 =A0 =A0 =A0local password =3D cfe({ label=3D"Certificate Pass= word" })=0Adiff --git a/openssl-request-html.lsp b/openssl-request-html.lsp= =0Aindex 2bc3af9..acbe8ed 100644=0A--- a/openssl-request-html.lsp=0A+++ b/o= penssl-request-html.lsp=0A@@ -8,7 +8,7 @@=0A=A0 =A0 =A0 =A0form.value.passw= ord_confirm.type =3D "password"=0A=A0 =A0 =A0 =A0local order =3D { "country= Name", "C", "stateOrProvinceName",=0A"ST", "localityName", "L", "organizati= onName", "O",=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0"organizatio= nalUnitName", "OU", "commonName",=0A"CN", "emailAddress" }=0A- =A0 =A0 =A0 = local finishingorder =3D { "certtype", "extensions", "password",=0A"passwor= d_confirm" }=0A+ =A0 =A0 =A0 local finishingorder =3D { "certtype", "validd= ays",=0A"extensions", "password", "password_confirm" }=0A=A0 =A0 =A0 =A0dis= playform(form, order, finishingorder)=0A=A0%>=0A=0Adiff --git a/openssl-sta= tus-html.lsp b/openssl-status-html.lsp=0Aindex 1837ab0..0f73d35 100644=0A--= - a/openssl-status-html.lsp=0A+++ b/openssl-status-html.lsp=0A@@ -32,4 +32,= 5 @@=0A=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0end=0A=A0 =A0 =A0 =A0end=0A=A0end %>= =0A-=0A+<% if viewlibrary.check_permission("downloadpem") then %>

Downl= oad=0A+Certificate

<%=3D=0Ahtml.link{value=3D"downloadpem?dlpath= =3D"..html.html_escape(view.value.cacert.value),=0Alabel=3D"Download "..vie= w.value.cacert.value } %>
<% end %>=0Adiff --git a/openssl.roles b= /openssl.roles=0Aindex eb63818..03f5df1 100644=0A--- a/openssl.roles=0A+++ = b/openssl.roles=0A@@ -1,6 +1,6 @@=0A=A0USER=3Dopenssl:status,openssl:getrev= oked=0A=A0EDITOR=3Dopenssl:editdefaults=0A=A0CERT_REQUESTER=3Dopenssl:read,= openssl:request,openssl:viewrequest,openssl:deletemyrequest,openssl:viewcer= t,openssl:getcert,openssl:requestrenewcert=0A-CERT_APPROVER=3Dopenssl:reada= ll,openssl:approve,openssl:viewrequest,openssl:deleterequest,openssl:revoke= ,openssl:viewcert,openssl:getcert,openssl:deletecert,openssl:renewcert=0A-E= XPERT=3Dopenssl:putcacert,openssl:generatecacert,openssl:editconfigfile,ope= nssl:checkenvironment=0A-ADMIN=3Dopenssl:status,openssl:getrevoked,openssl:= editdefaults,openssl:read,openssl:request,openssl:viewrequest,openssl:delet= emyrequest,openssl:viewcert,openssl:getcert,openssl:requestrenewcert,openss= l:editdefaults,openssl:readall,openssl:approve,openssl:deleterequest,openss= l:revoke,openssl:deletecert,openssl:renewcert,openssl:putcacert,openssl:gen= eratecacert,openssl:editconfigfile,openssl:checkenvironment=0A+CERT_APPROVE= R=3Dopenssl:readall,openssl:approve,openssl:viewrequest,openssl:deletereque= st,openssl:revoke,openssl:viewcert,openssl:getcert,openssl:deletecert,opens= sl:renewcert,openssl:downloadpem=0A+EXPERT=3Dopenssl:putcacert,openssl:gene= ratecacert,openssl:editconfigfile,openssl:checkenvironment,openssl:download= pem=0A+ADMIN=3Dopenssl:status,openssl:getrevoked,openssl:editdefaults,opens= sl:read,openssl:request,openssl:viewrequest,openssl:deletemyrequest,openssl= :viewcert,openssl:getcert,openssl:requestrenewcert,openssl:editdefaults,ope= nssl:readall,openssl:approve,openssl:deleterequest,openssl:revoke,openssl:d= eletecert,openssl:renewcert,openssl:putcacert,openssl:generatecacert,openss= l:editconfigfile,openssl:checkenvironment,openssl:downloadpem=0A--=0A1.7.5.= 4=0A=0A=0A---=0AUnsubscribe:=A0 alpine-devel+unsubscribe@lists.alpinelinux.= org=0AHelp:=A0 =A0 =A0 =A0 alpine-devel+help@lists.alpinelinux.org=0A--- --0-969923404-1309907862=:21790 Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable
I tried to= apply the patch, but ran into trouble. I kept getting line wraps and HTML = tags and other garbage. Since I tried it with two different mail clients, I= 'm wondering if it was a problem when sending the patch. Can you please try= again using 'git send-email'?

Or, can someone else help me to apply the patch?
Thanks.

Ted


From: Luke Stuart <lukestu@gmail.com>
To: alpine-devel@lists.alpinelinux.org
Sent: Thursday, June 23, 2011 8:30 AM
Subject: [alpine-devel] [PATCH] acf-open= ssl: as per feature request #354: download cert plus set encryption bits an= d period of validity

---
 openssl-controller.lua &nbs= p;      |    5 +++++
 openssl-editdefaults= -html.lsp |    2 +-
 openssl-model.lua     &nbs= p;       |   32 ++++++++++++++++++++++++++++----
&nb= sp;openssl-request-html.lsp      |    2 +-
&nbs= p;openssl-status-html.lsp       |    3 ++-
&nbs= p;openssl.roles                 | &= nbsp;  6 +++---
 6 files changed, 40 insertions(+), 10 deletions(-)

diff --git a/openssl-controller.lua b/openssl-controll= er.lua
index 7d9ae9a..3f8750b 100755
--- a/openssl-controller.lua
= +++ b/openssl-controller.lua
@@ -116,6 +116,11 @@ putcacert =3D function= (self)
       return controllerfunctions.handle_form= (self,
self.model.getnewputca, self.model.putca, self.clientdata, "Uploa= d",
"Upload CA Certificate", "Certificate Uploaded")
 end
+downloadpem =3D function(self)
+        self.conf.= viewtype=3D"stream"
+        return self.model.getpe= m(self.clientdata.dlpath)
+end
+
 -- Generate a self-signed C= A
 generatecacert =3D function(self)
       = return controllerfunctions.handle_form(self,
self.model.getnewcarequest,= self.model.generateca, self.clientdata,
"Generate", "Generate CA Certif= icate", "Certificate Generated")
diff --git a/openssl-editdefaults-html.lsp b/openssl-editdefaults-html.lsp
index 9= 052213..b73b0a8 100644
--- a/openssl-editdefaults-html.lsp
+++ b/open= ssl-editdefaults-html.lsp
@@ -6,7 +6,7 @@
       = form.action =3D page_info.script .. page_info.prefix ..
page_info.contro= ller .. "/" .. page_info.action
       local order = =3D { "countryName", "C", "stateOrProvinceName",
"ST", "localityName", "= L", "organizationName", "O",
            &= nbsp;          "organizationalUnitName", "OU", "co= mmonName",
"CN", "emailAddress" }
-       local finish= ingorder =3D { "certtype", "extensions" }
+       local f= inishingorder =3D { "encryption", "validdays",
"certtype", "extensions" = }
       displayform(form, order, finishingorder) %>

diff --git a/openssl-model.lua b/openssl-model.lua
index b5a84a6..a9b6f83 100755
--- a/openssl-mode= l.lua
+++ b/openssl-model.lua
@@ -30,7 +30,7 @@ local short_names =3D= { countryName=3D"C",
stateOrProvinceName=3D"ST", localityName=3D"L
&= nbsp;local extensions =3D { "basicConstraints", "nsCertType", "nsComment",<= br>"keyUsage", "subjectKeyIdentifier",
         = ;              "authorityKeyIdentifier",= "subjectAltName",
"issuerAltName" }
 -- list of entries that mu= st be found in ca section (used to define
our certificate types)
-loc= al ca_mandatory_entries =3D { "new_certs_dir", "certificate",
"private_k= ey", "default_md", "database", "serial", "policy" }
+local ca_mandatory_= entries =3D { "new_certs_dir", "certificate",
"private_key", "default_md= ", "database", "serial", "policy",
"default_days" }

 -- Crea= te a cfe with the distinguished name defaults
 local getdefaults = =3D function()
@@ -308,6 +308,14 @@ end
 getreqdefaults =3D functio= n()
       local defaults =3D getdefaults()

+=        --Add in the encryption bit default
+  =       local encryption =3D config.req.default_bits
+ &nb= sp;       defaults.value.encryption =3D cfe({ type=3D"select= ",
label=3D"Encryption Bits", value=3Dencryption, option=3D{"2048", "409= 6"} })
+
+         -- Add in the default days
= +         local validdays =3D getconfigentry(config.ca.= default_ca, "default_days")
+         defaults.value= .validdays =3D cfe({ type=3D"text", label=3D"Period
of Validity (Days)",= value=3Dvaliddays, descr=3D"Number of days this
certificate is valid fo= r" })
+
       -- Add in the ca type default
&= nbsp;      defaults.value.certtype =3D cfe({ type=3D"select"= , label=3D"Certificate Type",
               value=3Dc= onfig.ca.default_ca, option=3Dfind_ca_sections() })
@@ -339,9 +347,10 @@= setreqdefaults =3D function(defaults)
         = ;              ext_section =3D config.re= q.req_extensions
               = end
               config =3D ni= l
+               fileval =3D
form= at.update_ini_file(fileval,"","default_days",defaults.value.validdays.value= )
               fileval =3D for= mat.set_ini_section(fileval, ext_section,
format.dostounix(defaults.valu= e.extensions.value))
              &n= bsp;fileval =3D format.update_ini_file(fileval, "ca",
"default_ca", defa= ults.value.certtype.value)
-             &= nbsp; fileval =3D write_distinguished_names(fileval, defaults,
{"certtype", "= extensions"})
+               fileval= =3D write_distinguished_names(fileval, defaults,
{"certtype", "extensio= ns", "validdays"})
              &nbs= p;fs.write_file(configfile, fileval)
       end
<= br>@@ -383,6 +392,11 @@ submitrequest =3D function(defaults, user)
 = ;              defaults.errtxt =3D "Fail= ed to submit request\nRequest
already exists"
      &n= bsp;        success =3D false
      &= nbsp;end
+
+       if not tonumber(defaults.value.vali= ddays.value) then
+               def= aults.value.validdays.errtxt =3D "Period of Validity
is not a number"+               success =3D false
+ =       end

       if success then
&nb= sp;              -- Submit the request@@ -403,7 +417,9 @@ submitrequest =3D function(defaults, user)
  =                      = ;        end
          &nbs= p;            end
      &nb= sp;        end
-
+
+       &nbs= p;       fileval =3D format.update_ini_file(fileval,
"req= ","default_bits",defaults.value.encryption.value)
+      =         fileval =3D format.update_ini_file(fileval,"","default_days",defaults.value.validdays.value)
      =          fileval =3D format.set_ini_section(fileva= l, ext_section, content)
             = ;  fileval =3D format.update_ini_file(fileval, "req",
"req_extension= s", ext_section)
               = fs.write_file(reqname..".cfg", fileval)
@@ -470,7 +486,7 @@ approvereque= st =3D function(request)
             = ;  local certname =3D certdir..request.."."..serial

  &nbs= p;            -- Now, sign the certificate-               local cmd =3D path .. "= openssl ca -config
"..configfile.." -in "..format.escapespecialcharacter= s(reqpath)..".csr
-out "..format.escapespecialcharacters(certname)..".cr= t -name
"..format.escapespecialcharacters(certtype).." -batch 2>&= 1"
+               local cmd =3D path= .. "openssl ca -config
"..format.escapespecialcharacters(reqpath)..".cf= g -in
"..format.escapespecialcharacters(reqpath)..".csr -out
"..format.escapespecialcharacters(certname)..".crt -name
"..for= mat.escapespecialcharacters(certtype).." -batch 2>&1"
  &nbs= p;            local f =3D io.popen(cmd)
&n= bsp;              cmdresult.value =3D f:= read("*a")
               f:clos= e()
@@ -680,6 +696,14 @@ getcrl =3D function(crltype)
    &= nbsp;  return crlfile
 end

+getpem =3D function(pem)+        local f =3D fs.read_file(pem) or ""
+ &nbs= p;      local fname =3D string.gsub(pem, ".*/", "")
+ &nb= sp;      if validator.is_valid_filename(pem, openssldir) the= n
+                return cfe({ = type=3D"raw", value=3Df, label=3Dfname,
option=3D"application/x-pkcs12" = })
+        end
+end
+
 getnewputca = =3D function()
       local ca =3D cfe({ type=3D"raw", = value=3D0, label=3D"CA Certificate",
descr=3D'File must be a password pr= otected ".pfx" file' })
       local password =3D cf= e({ label=3D"Certificate Password" })
diff --git a/openssl-request-html.= lsp b/openssl-request-html.lsp
index 2bc3af9..acbe8ed 100644
--- a/op= enssl-request-html.lsp
+++ b/openssl-request-html.lsp
@@ -8,7 +8,7 @@=
       form.value.password_confirm.type =3D "passwo= rd"
       local order =3D { "countryName", "C", "st= ateOrProvinceName",
"ST", "localityName", "L", "organizationName", "O",<= br>                    &n= bsp;  "organizationalUnitName", "OU", "commonName",
"CN", "emailAdd= ress" }
-       local finishingorder =3D { "certtype", "e= xtensions", "password",
"password_confirm" }
+       l= ocal finishingorder =3D { "certtype", "validdays",
"extensions", "password",= "password_confirm" }
       displayform(form, order= , finishingorder)
 %>

diff --git a/openssl-status-html.ls= p b/openssl-status-html.lsp
index 1837ab0..0f73d35 100644
--- a/opens= sl-status-html.lsp
+++ b/openssl-status-html.lsp
@@ -32,4 +32,5 @@               end
   = ;    end
 end %>
-
+<% if viewlibrary.check_p= ermission("downloadpem") then %> <H1>Download
+Certificate</= H1> <DL> <%=3D
html.link{value=3D"downloadpem?dlpath=3D"..ht= ml.html_escape(view.value.cacert.value),
label=3D"Download "..view.value= .cacert.value } %><BR> </DL><% end %>
diff --git a/= openssl.roles b/openssl.roles
index eb63818..03f5df1 100644
--- a/ope= nssl.roles
+++ b/openssl.roles
@@ -1,6 +1,6 @@
 USER=3Dopenssl:status,openssl:getrevoked
 EDITOR=3Dope= nssl:editdefaults
 CERT_REQUESTER=3Dopenssl:read,openssl:request,op= enssl:viewrequest,openssl:deletemyrequest,openssl:viewcert,openssl:getcert,= openssl:requestrenewcert
-CERT_APPROVER=3Dopenssl:readall,openssl:approv= e,openssl:viewrequest,openssl:deleterequest,openssl:revoke,openssl:viewcert= ,openssl:getcert,openssl:deletecert,openssl:renewcert
-EXPERT=3Dopenssl:= putcacert,openssl:generatecacert,openssl:editconfigfile,openssl:checkenviro= nment
-ADMIN=3Dopenssl:status,openssl:getrevoked,openssl:editdefaults,op= enssl:read,openssl:request,openssl:viewrequest,openssl:deletemyrequest,open= ssl:viewcert,openssl:getcert,openssl:requestrenewcert,openssl:editdefaults,= openssl:readall,openssl:approve,openssl:deleterequest,openssl:revoke,openss= l:deletecert,openssl:renewcert,openssl:putcacert,openssl:generatecacert,ope= nssl:editconfigfile,openssl:checkenvironment
+CERT_APPROVER=3Dopenssl:re= adall, openssl:approve,openssl:viewrequest,openssl:deleterequest,openssl:revoke,op= enssl:viewcert,openssl:getcert,openssl:deletecert,openssl:renewcert,openssl= :downloadpem
+EXPERT=3Dopenssl:putcacert,openssl:generatecacert,openssl:= editconfigfile,openssl:checkenvironment,openssl:downloadpem
+ADMIN=3Dope= nssl:status,openssl:getrevoked,openssl:editdefaults,openssl:read,openssl:re= quest,openssl:viewrequest,openssl:deletemyrequest,openssl:viewcert,openssl:= getcert,openssl:requestrenewcert,openssl:editdefaults,openssl:readall,opens= sl:approve,openssl:deleterequest,openssl:revoke,openssl:deletecert,openssl:= renewcert,openssl:putcacert,openssl:generatecacert,openssl:editconfigfile,o= penssl:checkenvironment,openssl:downloadpem
--
1.7.5.4


---=
Unsubscribe:  alpine-devel+unsubscr= ibe@lists.alpinelinux.org
Help:       =20 alpine-devel+help@lists.alpinelinux.org
---


--0-969923404-1309907862=:21790-- --- Unsubscribe: alpine-devel+unsubscribe@lists.alpinelinux.org Help: alpine-devel+help@lists.alpinelinux.org ---