This repository has been archived on 2024-04-08. You can view files and clone it, but cannot push or open issues or pull requests.

76 lines
2.5 KiB
PHP

<?php defined('SYSPATH') or die('No direct access allowed.');
/**
* This class provides User SSL functions
*
* @package SSL
* @category Controllers/User
* @author Deon George
* @copyright (c) 2009-2013 Open Source Billing
* @license http://dev.osbill.net/license.html
*/
class Controller_User_Ssl extends Controller_Ssl {
protected $auth_required = TRUE;
protected $secure_actions = array(
'download'=>TRUE,
'key'=>TRUE,
);
public function action_download() {
$so = ORM::factory('Service',$this->request->post('sid'));
if (! $so->loaded() OR ! Auth::instance()->authorised($so->account))
throw HTTP_Exception::factory(403,'Service either doesnt exist, or you are not authorised to see it');
$passwd = $this->request->post('passwd');
if (! Auth::instance()->get_user()->isAdmin() AND strlen($passwd) < Kohana::$config->load('ssl')->minpass_length) {
SystemMessage::add(array(
'title'=>_('Validation failed'),
'type'=>'error',
'body'=>_('Your requested password is too short.'),
));
HTTP::redirect(URL::link('user','service/view/'.$so->id));
}
// Log the download
$smo = $so->service_memo;
$smo->service_id = $so->id;
$smo->account_id = $this->ao->id;
$smo->type = 'download';
$smo->memo = sprintf('SSL Certificate %s Downloaded.',$so->plugin()->serial());
$smo->save();
$file = sprintf('%s/%s.pkcs12',Kohana::$config->load('config')->tmpdir,$so->name());
openssl_pkcs12_export_to_file($so->plugin()->cert,$file,$so->plugin()->pk,$passwd,array('extracerts'=>$so->plugin()->cacerts()));
$x = file_get_contents($file);
unlink($file);
$this->auto_render = FALSE;
$this->response->headers('Content-Type','application/pks12');
$this->response->headers('Content-Disposition','attachment; filename="'.basename($file).'"');
$this->response->body($x);
}
/**
* Render the private key of a service
*/
public function action_key() {
$so = ORM::factory('Service',$this->request->param('id'));
if (! $so->loaded() OR ! Auth::instance()->authorised($so->account))
throw HTTP_Exception::factory(403,'Service either doesnt exist, or you are not authorised to see it');
if ($so->plugin() instanceof Model_Service_Plugin)
$this->response->body($so->plugin()->pk."\n");
$this->response->headers(array('Content-Type' => 'text/plain'));
if ($so->loaded() AND ! is_null($this->request->query('download')))
$this->response->headers('Content-Disposition','attachment; filename="'.$so->id.'.key"');
$this->auto_render = FALSE;
}
}
?>