summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Sommerseth <dazo@users.sourceforge.net>2008-12-20 01:17:40 +0100
committerDavid Sommerseth <dazo@users.sourceforge.net>2008-12-20 01:17:40 +0100
commit726a4e4c303d1e553e342491e3700162d982fe10 (patch)
tree38742d46edbc66ccc94f5d99ab665f65283405a8
parent01b1bb4bbad0d815365935cd0390226f1874ede7 (diff)
downloadeurephia-726a4e4c303d1e553e342491e3700162d982fe10.tar.gz
eurephia-726a4e4c303d1e553e342491e3700162d982fe10.tar.xz
eurephia-726a4e4c303d1e553e342491e3700162d982fe10.zip
certs command: Added a simple add certificate function
-rw-r--r--eurephiadm/commands/certificates.c154
1 files changed, 153 insertions, 1 deletions
diff --git a/eurephiadm/commands/certificates.c b/eurephiadm/commands/certificates.c
index 8a73c11..3b87e28 100644
--- a/eurephiadm/commands/certificates.c
+++ b/eurephiadm/commands/certificates.c
@@ -22,6 +22,7 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
+#include <ctype.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
@@ -72,8 +73,159 @@ int help_Certificates2(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *
return 0;
}
+int register_certificate(eurephiaCTX *ctx, int depth, const char *digest,
+ const char *cname, const char *org, const char *email)
+{
+ xmlDoc *cert_xml = NULL;
+ xmlNode *cert_n = NULL;
+ char tmp[66];
+ int rc = 0;
+
+ assert( ctx != NULL );
+
+ eurephiaXML_CreateDoc(ctx, 1, "register_certificate", &cert_xml, &cert_n);
+ assert( (cert_xml != NULL) || (cert_n != NULL) );
+
+ cert_n = xmlNewChild(cert_n, NULL, (xmlChar *) "fieldMapping", NULL);
+ xmlNewProp(cert_n, (xmlChar *) "table", (xmlChar *) "certificates");
+
+ memset(&tmp, 0, 66);
+ snprintf(tmp, 64, "%i", depth);
+
+ xmlNewChild(cert_n, NULL, (xmlChar *) "depth", (xmlChar *) tmp);
+ xmlNewChild(cert_n, NULL, (xmlChar *) "digest", (xmlChar *) digest);
+ xmlNewChild(cert_n, NULL, (xmlChar *) "common_name", (xmlChar *) cname);
+ xmlNewChild(cert_n, NULL, (xmlChar *) "organisation", (xmlChar *) org);
+ xmlNewChild(cert_n, NULL, (xmlChar *) "email", (xmlChar *) email);
+
+ // Register the certificate
+ xmlSaveFormatFileEnc("-", cert_xml, "UTF-8", 1);
+ rc = eDBadminAddCertificate(ctx, cert_xml);
+ fprintf(stdout, "%s: %s\n", MODULE,
+ (rc == 1 ? "Certificate registered successfully" : "Failed to register certificate"));
+ xmlFreeDoc(cert_xml);
+
+ return (rc != 1);
+}
+
int add_cert(eurephiaCTX *ctx, eurephiaSESSION *sess, eurephiaVALUES *cfg, int argc, char **argv) {
- return 1;
+ char *digest = NULL, *cname = NULL, *org = NULL, *email = NULL, *certfile = NULL;
+ int depth = -1, i = 0, j = 0, chk = 0, certfile_format = 0;
+ struct stat cert_stat;
+
+ e_options addcertargs[] = {
+ {"--depth", "-d", 1},
+ {"--digest", "-D", 1},
+ {"--common-name", "-C", 1},
+ {"--organisation", "-O", 1},
+ {"--email", "-E", 1},
+ {"--certfile", "-f", 1},
+ {"--pkcs12", "-p", 0},
+ {"--help", "-h", 0},
+ {NULL, NULL, 0}
+ };
+
+ for( i = 1; i < argc ; i++ ) {
+ switch( eurephia_getopt(&i, argc, argv, addcertargs) ) {
+ case 'd': // Certificate depth
+
+ // Check if argument is a number
+ chk = 1;
+ for( j = 0; j < strlen_nullsafe(optargs[0]); j++ ) {
+ if( !isdigit(optargs[0][j]) ) {
+ chk = 0;
+ break;
+ }
+ }
+ if( chk == 0 ) {
+ fprintf(stderr, "%s: Certificate depth must be a number\n", MODULE);
+ return 1;
+ }
+
+ depth = atoi_nullsafe(optargs[0]);
+ if( (depth < 0) || (depth > 99) ) {
+ fprintf(stderr, "%s: Certificate depth must be between 0-99\n", MODULE);
+ return 1;
+ }
+ break;
+
+ case 'D': // Certificate digest
+ digest = optargs[0];
+ break;
+ case 'C': // Certificate - common_name / CN
+ cname = optargs[0];
+ break;
+ case 'O': // Certificate - organisation / O
+ org = optargs[0];
+ break;
+ case 'E': // Certificate - e-mail / emailAddr
+ email = optargs[0];
+ break;
+
+ case 'p': // Certfile is in PKCS#12 format
+ certfile_format = 1;
+ break;
+
+ case 'f': // Load certificate info from a certificate file
+ if( strlen_nullsafe(optargs[0]) < 1 ) {
+ fprintf(stderr, "%s: certfile is too short\n", MODULE);
+ return 1;
+ }
+ certfile = optargs[0];
+
+ if( stat(certfile, &cert_stat) == -1 ) {
+ fprintf(stderr, "%s: Could not access certfile: %s (%s)\n", MODULE,
+ certfile, strerror(errno));
+ return 1;
+ }
+
+ if( cert_stat.st_size == 0 ) {
+ fprintf(stderr, "%s: certfile '%s' is empty\n", MODULE, certfile);
+ return 1;
+ }
+
+ case 'h':
+ display_certs_help('A');
+ break;
+ default:
+ return 2;
+ }
+ }
+
+ // Sanity check of input parameters
+ if( (certfile != NULL) && ((depth>-1) || (digest!=NULL)|| (cname!=NULL) || (org!=NULL) || (email!=NULL)) ){
+ fprintf(stderr,
+ "%s: You cannot combine --certfile with --depth, --common-name,\n"
+ "--organisation or --email\n", MODULE);
+ return 1;
+ }
+
+ if( (certfile == NULL) && ((depth<0)||(digest==NULL)||(cname==NULL)||(org==NULL)||(email==NULL)) ) {
+ fprintf(stderr,
+ "%s: You must use either --certfile or --depth, --common-name,\n"
+ "--organisation and --email\n", MODULE);
+ return 1;
+ }
+
+ if( strlen_nullsafe(digest) < 59 ) {
+ fprintf(stderr, "%s: Certificate digest is too short\n", MODULE);
+ return 1;
+ }
+
+ // If we have a certfile - open it and fetch the info we want
+ if( certfile != NULL ) {
+ switch( certfile_format ) {
+ case 0: // PEM/DER format
+ break;
+ case 1: // PKCS#12 format
+ break;
+ default: // Unknown
+ fprintf(stderr, "%s: Unknown certificate file format\n", MODULE);
+ return 1;
+ }
+ }
+
+ return register_certificate(ctx, depth, digest, cname, org, email);
}