deon/khosb
Archived
1
0
Fork 0
Code Issues 6 Pull Requests Packages Projects Releases Wiki Activity

Optimised Service Display, extended SSL module functionality

Browse Source
This commit is contained in:
Deon George
2016-07-27 14:25:17 +10:00
parent 3d3c38b0a0
commit 5ab2d6205f
30 changed files with 455 additions and 258 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/ssl/classes/Controller/Reseller/Service/Ssl.php
View File

@@ -10,6 +10,8 @@
* @license http://dev.osbill.net/license.html
*/
class Controller_Reseller_Service_Ssl extends Controller_Service {
protected $auth_required = TRUE;
protected $secure_actions = array(
'list'=>TRUE,
);

2
modules/ssl/classes/Controller/Reseller/Ssl.php
View File

@@ -10,6 +10,8 @@
* @license http://dev.osbill.net/license.html
*/
class Controller_Reseller_SSL extends Controller_SSL {
protected $auth_required = TRUE;
protected $secure_actions = array(
'add'=>TRUE,
'edit'=>TRUE,

14
modules/ssl/classes/Controller/SSL.php
View File

@@ -1,14 +0,0 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides SSL management
*
* @package SSL
* @category Controllers
* @author Deon George
* @copyright (c) 2009-2013 Open Source Billing
* @license http://dev.osbill.net/license.html
*/
class Controller_SSL extends Controller_TemplateDefault {
}
?>

64
modules/ssl/classes/Controller/Ssl.php Normal file
View File

@@ -0,0 +1,64 @@
<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides SSL management
*
* @package SSL
* @category Controllers
* @author Deon George
* @copyright (c) 2009-2013 Open Source Billing
* @license http://dev.osbill.net/license.html
*/
class Controller_SSL extends Controller_TemplateDefault {
protected $auth_required = false;
/**
* Render out an SSL CA certificate
*/
public function action_ca() {
$o = ORM::factory('SSL_CA',$this->request->param('id'));
$this->response->body($o->loaded() ? $o->sign_cert."\n" : NULL);
$this->response->headers(array('Content-Type' => 'text/plain'));
if ($o->loaded() AND ! is_null($this->request->query('download')))
$this->response->headers('Content-Disposition','attachment; filename="'.$o->id.'.ca.crt"');
$this->auto_render = FALSE;
}
/**
* Render the public certificate of a service
*/
public function action_cert() {
$o = ORM::factory('Service',$this->request->param('id'));
if ($o->loaded() and ($o->plugin() instanceof Model_Service_Plugin))
$this->response->body($o->plugin()->cert."\n");
$this->response->headers(array('Content-Type' => 'text/plain'));
if ($o->loaded() AND ! is_null($this->request->query('download')))
$this->response->headers('Content-Disposition','attachment; filename="'.$o->id.'.crt"');
$this->auto_render = FALSE;
}
/**
* Render out an SSL CA chain
*/
public function action_chain() {
$result = '';
$o = ORM::factory('Service',$this->request->param('id'));
if ($o->loaded() and $o->plugin() instanceof Model_Service_Plugin_Ssl) {
foreach ($o->plugin()->chain() as $cao)
$result .= $cao->sign_cert."\n";
}
$this->response->body($result);
$this->response->headers(array('Content-Type' => 'text/plain'));
if ($o->loaded() AND ! is_null($this->request->query('download')))
$this->response->headers('Content-Disposition','attachment; filename="ca.crts"');
$this->auto_render = FALSE;
}
}
?>

27
modules/ssl/classes/Controller/User/Ssl.php
View File

@@ -9,9 +9,12 @@
* @copyright (c) 2009-2013 Open Source Billing
* @license http://dev.osbill.net/license.html
*/
class Controller_User_SSL extends Controller_SSL {
class Controller_User_Ssl extends Controller_Ssl {
protected $auth_required = TRUE;
protected $secure_actions = array(
'download'=>FALSE,
'download'=>TRUE,
'key'=>TRUE,
);
public function action_download() {
@@ -22,7 +25,7 @@ class Controller_User_SSL extends Controller_SSL {
$passwd = $this->request->post('passwd');
if (strlen($passwd) < Kohana::$config->load('ssl')->minpass_length) {
if (! Auth::instance()->get_user()->isAdmin() AND strlen($passwd) < Kohana::$config->load('ssl')->minpass_length) {
SystemMessage::add(array(
'title'=>_('Validation failed'),
'type'=>'error',
@@ -50,5 +53,23 @@ class Controller_User_SSL extends Controller_SSL {
$this->response->headers('Content-Disposition','attachment; filename="'.basename($file).'"');
$this->response->body($x);
}
/**
* Render the private key of a service
*/
public function action_key() {
$so = ORM::factory('Service',$this->request->param('id'));
if (! $so->loaded() OR ! Auth::instance()->authorised($so->account))
throw HTTP_Exception::factory(403,'Service either doesnt exist, or you are not authorised to see it');
if ($so->plugin() instanceof Model_Service_Plugin)
$this->response->body($so->plugin()->pk."\n");
$this->response->headers(array('Content-Type' => 'text/plain'));
if ($so->loaded() AND ! is_null($this->request->query('download')))
$this->response->headers('Content-Disposition','attachment; filename="'.$so->id.'.key"');
$this->auto_render = FALSE;
}
}
?>

24
modules/ssl/classes/Model/Service/Plugin/Ssl.php
View File

@@ -86,6 +86,7 @@ class Model_Service_Plugin_Ssl extends Model_Service_Plugin {
/**
* Return all our CA Certs for this certificate
* @deprecated Use chain() instead.
*/
public function cacerts() {
$result = array();
@@ -100,15 +101,34 @@ class Model_Service_Plugin_Ssl extends Model_Service_Plugin {
return $result;
}
/**
* Return the Certificate Chain
*
* @return array Of SSL_CA Objects representing the Chain
*/
public function chain() {
$result = array();
// Get the first parent CA certificate
$po = $this->ca;
while ($po AND $po->loaded()) {
array_push($result,$po);
$po = ($po->validParent()) ? $po->parent : NULL;
}
return $result;
}
public function download_button() {
if (! $this->service->status OR ! preg_match('/client/',$this->service->product->plugin()->extensions) OR $this->valid_to() < time())
if (! $this->pk OR ! $this->service->status OR ! preg_match('/client/',$this->service->product->plugin()->extensions) OR $this->valid_to() < time())
return '';
$output = Form::open(URL::link('user','ssl/download'),array('class'=>'form-inline'));
$output .= Form::hidden('sid',$this->service->id);
$output .= '<div class="input-append">';
$output .= Form::password('passwd','',array('placeholder'=>_('Choose a password'),'required','nocg'=>TRUE,'pattern'=>'.{6,}','title'=>'Minimum 6 chars'));
$output .= Form::button('download','Download',array('class'=>'btn btn-default','nocg'=>TRUE));
$output .= Form::button('download','PKCS12',array('class'=>'btn btn-default','nocg'=>TRUE));
$output .= '</div>';
$output .= Form::close();

2
modules/ssl/classes/SSL.php
View File

@@ -108,7 +108,7 @@ class SSL {
if ($i++)
$result .= ',';
$result .= sprintf('%s=%s',$k,$v);
$result .= sprintf('%s=%s',$k,(is_array($v) ? join(','.$k.'=',$v) : $v));
}
return $result;

14
modules/ssl/views/service/admin/plugin/ssl/edit.php
View File

@@ -1,15 +1,7 @@
<fieldset>
<legend>SSL Certificate Service Details</legend>
<div class="row">
<?php echo Form::textarea('plugin[csr]',$o->service->plugin()->csr,array('class'=>'span6','label'=>'CSR','placeholder'=>'CSR','style'=>'font-family: monospace;','rows'=>Form::textarea_rows($o->service->plugin()->csr))); ?>
</div>
<div class="row">
<?php echo Form::textarea('plugin[pk]',$o->service->plugin()->pk,array('class'=>'span6','label'=>'Private Key','placeholder'=>'Private Key','style'=>'font-family: monospace;','rows'=>Form::textarea_rows($o->service->plugin()->pk))); ?>
</div>
<div class="row">
<?php echo Form::textarea('plugin[cert]',$o->service->plugin()->cert,array('class'=>'span6','label'=>'Public Certificate','placeholder'=>'Public Certificate','style'=>'font-family: monospace;','rows'=>Form::textarea_rows($o->service->plugin()->cert))); ?>
</div>
<?php echo Form::textarea('plugin[csr]',$o->service->plugin()->csr,array('label'=>'CSR','placeholder'=>'CSR','style'=>'font-family: monospace;','rows'=>Form::textarea_rows($o->service->plugin()->csr),'cols'=>Form::textarea_width($o->service->plugin()->csr))); ?>
<?php echo Form::textarea('plugin[pk]',$o->service->plugin()->pk,array('label'=>'Private Key','placeholder'=>'Private Key','style'=>'font-family: monospace;','rows'=>Form::textarea_rows($o->service->plugin()->pk),'cols'=>Form::textarea_width($o->service->plugin()->pk))); ?>
<?php echo Form::textarea('plugin[cert]',$o->service->plugin()->cert,array('label'=>'Public Certificate','placeholder'=>'Public Certificate','style'=>'font-family: monospace;','rows'=>Form::textarea_rows($o->service->plugin()->cert),'cols'=>Form::textarea_width($o->service->plugin()->cert))); ?>
</fieldset>

65
modules/ssl/views/service/user/plugin/ssl/view.php
View File

@@ -1,62 +1,3 @@
<div class="span5">
<fieldset>
<legend>Service Details</legend>
<div class="dl-horizontal">
<dt>DN</dt>
<dd><?php echo $o->dn(); ?></dd>
<?php if (! $o->isCSR()) : ?>
<dt>Serial Number</dt>
<dd><?php echo $o->serial(); ?></dd>
<dt>Subject Key Id</dt>
<dd><?php echo $o->ski(); ?></dd>
<dt>Issuer</dt>
<dd>
<?php if ($o->validCA() AND $o->authorised($o->ca)) : ?>
<?php echo HTML::anchor(URL::link('reseller','ssl/edit/').$o->ca->id,$o->issuer()); ?>
<?php else : ?>
<?php echo $o->issuer(); ?>
<?php endif ?>
</dd>
<dt>Issuer Serial</dt>
<dd><?php printf('%s (%s)',$o->aki_keyid(), $o->aki_serial()); ?></dd>
<dt>Valid From</dt>
<dd><?php echo $o->valid_from(TRUE); ?></dd>
<dt>Valid To</dt>
<dd><?php echo $o->valid_to(TRUE); ?></dd>
<dt>Hash</dt>
<dd><?php echo $o->hash(); ?></dd>
<dt>Version</dt>
<dd><?php echo $o->version(); ?></dd>
<dt>Algorithm</dt>
<dd><?php echo $o->algorithm(); ?></dd>
<?php endif ?>
</div> <!-- dl-horizontal -->
</fieldset>
</div> <!-- /span -->
<div class="span6">
<fieldset>
<legend>Certificate</legend>
<pre><?php echo $o->cert; ?></pre>
<?php
echo $o->download_button();
if ($ao=Auth::instance()->get_user() AND ($ao->isAdmin() OR $ao->isReseller()) AND $o->service->status AND ($o->valid_to()-(Kohana::$config->load('ssl.min_renew_days')*86400) <= time()) AND $o->service->paid_to() > time()) :
echo Form::open(URL::link('reseller','ssl/renew/'.$o->service->id));
echo Form::button('submit','Renew',array('class'=>'btn btn-primary'));
endif
?>
</fieldset>
</div> <!-- /span -->
<?php echo View::factory('service/user/plugin/ssl/view/details')->set('o',$o); ?>
<?php echo View::factory('service/user/plugin/ssl/view/chain')->set('o',$o); ?>
<?php echo View::factory('service/user/plugin/ssl/view/certificate')->set('o',$o); ?>

18
modules/ssl/views/service/user/plugin/ssl/view/certificate.php Normal file
View File

@@ -0,0 +1,18 @@
<fieldset>
<legend>Certificate</legend>
<pre><?php echo $o->cert; ?></pre>
<?php
echo $o->download_button();
if ($ao=Auth::instance()->get_user() AND ($ao->isAdmin() OR $ao->isReseller()) AND $o->service->status AND ($o->valid_to()-(Kohana::$config->load('ssl.min_renew_days')*86400) <= time()) AND $o->service->paid_to() > time()) :
echo Form::open(URL::link('reseller','ssl/renew/'.$o->service->id));
echo Form::button('submit','Renew',array('class'=>'btn btn-primary','nocg'=>TRUE));
else : ?>
<a href="<?php echo URL::link('','/ssl/cert/'.$o->service_id,TRUE); ?>" class="btn btn-sm btn-default">Cert Download</a>
<?php if ($o->pk) : ?>
<a href="<?php echo URL::link('user','ssl/key/'.$o->service_id,TRUE); ?>" class="btn btn-sm btn-default">Key Download</a>
<?php endif ?>
<?php endif
?>
</fieldset>

20
modules/ssl/views/service/user/plugin/ssl/view/chain.php Normal file
View File

@@ -0,0 +1,20 @@
<?php if ($o->cert) : ?>
<fieldset>
<legend>Certificate Chain</legend>
<?php echo Table::factory()
->data($o->chain())
->columns(array(
'id'=>'ID',
'subject()'=>'Cert',
'valid_to(TRUE)'=>'Expires',
'issuer()'=>'Issuer',
))
->prepend(array(
'id'=>array('url'=>URL::link('','/ssl/ca/')),
)); ?>
<a href="<?php echo URL::link('','/ssl/chain/'.$o->service_id,TRUE); ?>" class="btn btn-sm btn-default">Download</a>
</fieldset>
<?php endif ?>

44
modules/ssl/views/service/user/plugin/ssl/view/details.php Normal file
View File

@@ -0,0 +1,44 @@
<fieldset>
<legend>Service Details</legend>
<div class="dl-horizontal">
<dt>DN</dt>
<dd><?php echo $o->dn(); ?></dd>
<?php if (! $o->isCSR()) : ?>
<dt>Serial Number</dt>
<dd><?php echo $o->serial(); ?></dd>
<dt>Subject Key Id</dt>
<dd><?php echo $o->ski(); ?></dd>
<dt>Issuer</dt>
<dd>
<?php if ($o->validCA() AND $o->authorised($o->ca)) : ?>
<?php echo HTML::anchor(URL::link('reseller','ssl/edit/').$o->ca->id,$o->issuer()); ?>
<?php else : ?>
<?php echo $o->issuer(); ?>
<?php endif ?>
</dd>
<dt>Issuer Serial</dt>
<dd><?php printf('%s (%s)',$o->aki_keyid(), $o->aki_serial()); ?></dd>
<dt>Valid From</dt>
<dd><?php echo $o->valid_from(TRUE); ?></dd>
<dt>Valid To</dt>
<dd><?php echo $o->valid_to(TRUE); ?></dd>
<dt>Hash</dt>
<dd><?php echo $o->hash(); ?></dd>
<dt>Version</dt>
<dd><?php echo $o->version(); ?></dd>
<dt>Algorithm</dt>
<dd><?php echo $o->algorithm(); ?></dd>
<?php endif ?>
</div> <!-- dl-horizontal -->
</fieldset>