diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-24 02:27:47 -0500 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-26 11:43:54 -0500 |
commit | 621d9e5c413e561293d7484b93882d985b3fe15f (patch) | |
tree | 638f3d75761c121d9a8fb50b52a12a6686c5ac5c /pki/base/ra/lib/perl/PKI/Request | |
parent | 40d3643b8d91886bf210aa27f711731c81a11e49 (diff) | |
download | pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.gz pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.xz pki-621d9e5c413e561293d7484b93882d985b3fe15f.zip |
Removed unnecessary pki folder.
Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.
Ticket #131
Diffstat (limited to 'pki/base/ra/lib/perl/PKI/Request')
-rw-r--r-- | pki/base/ra/lib/perl/PKI/Request/Plugin/AutoAssign.pm | 52 | ||||
-rw-r--r-- | pki/base/ra/lib/perl/PKI/Request/Plugin/CreatePin.pm | 75 | ||||
-rw-r--r-- | pki/base/ra/lib/perl/PKI/Request/Plugin/EmailNotification.pm | 100 | ||||
-rw-r--r-- | pki/base/ra/lib/perl/PKI/Request/Plugin/RequestToCA.pm | 89 | ||||
-rw-r--r-- | pki/base/ra/lib/perl/PKI/Request/Queue.pm | 387 |
5 files changed, 0 insertions, 703 deletions
diff --git a/pki/base/ra/lib/perl/PKI/Request/Plugin/AutoAssign.pm b/pki/base/ra/lib/perl/PKI/Request/Plugin/AutoAssign.pm deleted file mode 100644 index 671f2418d..000000000 --- a/pki/base/ra/lib/perl/PKI/Request/Plugin/AutoAssign.pm +++ /dev/null @@ -1,52 +0,0 @@ -#!/usr/bin/perl -# -# --- BEGIN COPYRIGHT BLOCK --- -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2007 Red Hat, Inc. -# All rights reserved. -# --- END COPYRIGHT BLOCK --- -# -# -# -# - -####################################### -# This plugins assigns a request to a group. -####################################### -package PKI::Request::Plugin::AutoAssign; - -use DBI; -use PKI::Base::TimeTool; - -####################################### -# Instantiate this plugin -####################################### -sub new { - my $self = {}; - bless ($self); - return $self; -} - -####################################### -# Processes plugin -####################################### -sub process { - my ($self, $cfg, $queue, $prefix, $req) = @_; - - my $assignTo = $cfg->get($prefix . ".assignTo"); - $queue->set_request($req->{'rowid'}, "assigned_to", $assignTo); -} - -1; diff --git a/pki/base/ra/lib/perl/PKI/Request/Plugin/CreatePin.pm b/pki/base/ra/lib/perl/PKI/Request/Plugin/CreatePin.pm deleted file mode 100644 index b90096664..000000000 --- a/pki/base/ra/lib/perl/PKI/Request/Plugin/CreatePin.pm +++ /dev/null @@ -1,75 +0,0 @@ -#!/usr/bin/perl -# -# --- BEGIN COPYRIGHT BLOCK --- -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2007 Red Hat, Inc. -# All rights reserved. -# --- END COPYRIGHT BLOCK --- -# -# -# -# - -####################################### -# This plugins creates a one time pin. -####################################### -package PKI::Request::Plugin::CreatePin; - -use DBI; -use PKI::Base::TimeTool; -use PKI::Base::PinStore; - -####################################### -# Instantiates this plugin -####################################### -sub new { - my $self = {}; - bless ($self); - return $self; -} - -####################################### -# Processes plugin -####################################### -sub process { - my ($self, $cfg, $queue, $prefix, $req) = @_; - - my $pin_store = PKI::Base::PinStore->new(); - $pin_store->open($cfg); - - - my $pin_format = $cfg->get($prefix . ".pinFormat"); - - my $client_id = ""; - my $site_id = ""; - - my $data = $req->{'data'}; - foreach $nv (split(/;/, $data)) { - my ($n, $v) = split(/=/, $nv); - $pin_format =~ s/\$$n/$v/g; - } - my $created_by = "admin"; - my $pin = $pin_store->create_pin($pin_format, $req->{'rowid'}, $created_by); - - # save pin to output - $output = "pin=" . $pin; - $queue->set_request_output($req->{'rowid'}, $output); - - $req->{'output'} = $output; - - $pin_store->close(); -} - -1; diff --git a/pki/base/ra/lib/perl/PKI/Request/Plugin/EmailNotification.pm b/pki/base/ra/lib/perl/PKI/Request/Plugin/EmailNotification.pm deleted file mode 100644 index 95274bfa7..000000000 --- a/pki/base/ra/lib/perl/PKI/Request/Plugin/EmailNotification.pm +++ /dev/null @@ -1,100 +0,0 @@ -#!/usr/bin/perl -# -# --- BEGIN COPYRIGHT BLOCK --- -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2007 Red Hat, Inc. -# All rights reserved. -# --- END COPYRIGHT BLOCK --- -# -# -# -# - -####################################### -# This plugins mails a notification -# to an email specified in the request. -####################################### -package PKI::Request::Plugin::EmailNotification; - -use DBI; -use PKI::Base::TimeTool; - -####################################### -# Instantiate this plugin -####################################### -sub new { - my $self = {}; - bless ($self); - return $self; -} - -sub substitute { - my ($self, $cfg, $queue, $prefix, $req, $line) = @_; - - my $mail_to = $cfg->get($prefix . ".mailTo"); - - # if mail_to starts with $, retrieve value from request - if ($mail_to =~ /^\$/) { - $mail_to =~ s/\$//g; - $mail_to = $req->{$mail_to}; - } - my $machineName = $cfg->get("service.machineName"); - my $securePort = $cfg->get("service.securePort"); - my $unsecurePort = $cfg->get("service.unsecurePort"); - my $nonClientAuthSecurePort = $cfg->get("service.non_clientauth_securePort"); - my $subject_dn = $req->{'subject_dn'}; - - $line =~ s/\$mail_to/$mail_to/g; - $line =~ s/\$request_id/$req->{'rowid'}/g; - $line =~ s/\$machineName/$machineName/g; - $line =~ s/\$securePort/$securePort/g; - $line =~ s/\$unsecurePort/$unsecurePort/g; - $line =~ s/\$subject_dn/$subject_dn/g; - $line =~ s/\$nonClientAuthSecurePort/$nonClientAuthSecurePort/g; - return $line; -} - -####################################### -# Processes plugin -####################################### -sub process { - my ($self, $cfg, $queue, $prefix, $req) = @_; - my $queue = PKI::Request::Queue->new(); - $queue->open($cfg); - my $ref = $queue->read_request($req->{rowid}); - - my $req_err = $ref->{errorString}; - if ($req_err ne "0") { - return; - } - - my $mail_to = $cfg->get($prefix . ".mailTo"); - if ($mail_to eq "") { - return; - } - - my $template_dir = $cfg->get($prefix . ".templateDir"); - my $template_file = $cfg->get($prefix . ".templateFile"); - - open(SENDMAIL, "|/usr/sbin/sendmail -t"); - open(F,"$template_dir/$template_file"); - while (<F>) { - print SENDMAIL $self->substitute($cfg, $queue, $prefix, $ref, $_); - } - close(F); - close(SENDMAIL); -} - -1; diff --git a/pki/base/ra/lib/perl/PKI/Request/Plugin/RequestToCA.pm b/pki/base/ra/lib/perl/PKI/Request/Plugin/RequestToCA.pm deleted file mode 100644 index 1c5b7d6b2..000000000 --- a/pki/base/ra/lib/perl/PKI/Request/Plugin/RequestToCA.pm +++ /dev/null @@ -1,89 +0,0 @@ -#!/usr/bin/perl -# -# --- BEGIN COPYRIGHT BLOCK --- -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2007 Red Hat, Inc. -# All rights reserved. -# --- END COPYRIGHT BLOCK --- -# -# -# -# - -####################################### -# This plugins mails a notification -# to an email specified in the request. -####################################### -package PKI::Request::Plugin::RequestToCA; - -use DBI; -use PKI::Base::TimeTool; -use PKI::Conn::CA; - -####################################### -# Instantiate this plugin -####################################### -sub new { - my $self = {}; - bless ($self); - return $self; -} - -####################################### -# Processes plugin -####################################### -sub process { - my ($self, $cfg, $queue, $prefix, $req) = @_; - - my $ca = $cfg->get($prefix . ".ca"); - my $profile_id = $cfg->get($prefix . ".profileId"); - my $req_type = $cfg->get($prefix . ".reqType"); - - my $server_id = ""; - my $site_id = ""; - my $csr = ""; - my $csr_type = ""; - - my $data = $req->{'data'}; - foreach $nv (split(/;/, $data)) { - my ($n, $v) = split(/=/, $nv); - if ($n eq "server_id") { - $server_id = $v; - } - if ($n eq "site_id") { - $site_id = $v; - } - if ($n eq "csr") { - $csr = $v; - } - if ($n eq "csr_type") { - $csr_type = $v; - } - } - - if ($csr_type ne "") { - $req_type = $csr_type; - } - - my $ca_conn = PKI::Conn::CA->new(); - $ca_conn->open($cfg); - my $cert = $ca_conn->enroll($req->{'rowid'}, $ca, $profile_id, $req_type, $csr); - $queue->set_request($req->{'rowid'}, "output", $cert); - $req->{'output'} = $cert; - $ca_conn->close(); - -} - -1; diff --git a/pki/base/ra/lib/perl/PKI/Request/Queue.pm b/pki/base/ra/lib/perl/PKI/Request/Queue.pm deleted file mode 100644 index dc8418d22..000000000 --- a/pki/base/ra/lib/perl/PKI/Request/Queue.pm +++ /dev/null @@ -1,387 +0,0 @@ -#!/usr/bin/perl -# -# --- BEGIN COPYRIGHT BLOCK --- -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -# -# Copyright (C) 2007 Red Hat, Inc. -# All rights reserved. -# --- END COPYRIGHT BLOCK --- -# -# -# -# -package PKI::Request::Queue; - -use DBI; -use PKI::Base::TimeTool; - -####################################### -# Constructs a request queue -####################################### -sub new { - my $self = {}; - bless ($self); - return $self; -} - -####################################### -# Opens request queue -####################################### -sub open { - my ($self, $cfg) = @_; - $self->{cfg} = $cfg; - my $dbfile = $cfg->get("database.dbfile"); - $self->{dbh} = DBI->connect("dbi:SQLite:dbname=$dbfile","",""); - my $timeout = $self->{dbh}->func("busy_timeout"); - $self->{dbh}->func($timeout * 10, "busy_timeout"); -} - -####################################### -# Creates a new request -####################################### -sub invoke_plugins { - my ($self, $prefix, $type, $ref) = @_; - - my $num_plugins = $self->{cfg}->get($prefix . ".num_plugins"); - for (my $i = 0; $i < $num_plugins; $i++) { - my $plugin = $self->{cfg}->get($prefix . "." . $i . ".plugin"); - eval("require $plugin"); - my $p = $plugin->new(); - $p->process($self->{cfg}, $self, $prefix . "." . $i, $ref); - } -} - -####################################### -# Creates a new request -####################################### -sub create_request { - my ($self, $type, $data, $meta_info, $created_by) = @_; - my $dbh = $self->{dbh}; - - my $timet = PKI::Base::TimeTool->new(); - my $now = $timet->get_time(); - - my $insert = "insert into requests (" . - "type" . "," . - "status" . "," . - "errorString" . "," . - "ip" . "," . - "data" . "," . - "serialno" . "," . - "subject_dn" . "," . - "meta_info" . "," . - "created_by" . "," . - "updated_at" . "," . - "created_at" . - ") values (" . - $dbh->quote($type) . "," . - $dbh->quote("OPEN") . "," . - $dbh->quote("0") . "," . - $dbh->quote($ENV{REMOTE_ADDR}) . "," . - $dbh->quote($data) . "," . - $dbh->quote("unavailable") . "," . - $dbh->quote("unavailable") . "," . - $dbh->quote($meta_info) . "," . - $dbh->quote($created_by) . "," . - $dbh->quote($now) . "," . - $dbh->quote($now) . - ")"; -REDO_CREATE_REQUEST: - eval { - $dbh->do($insert); - }; - if ($dbh->err == 5) { - sleep(1); - goto REDO_CREATE_REQUEST; - } - my $rid = $dbh->func('last_insert_rowid'); - - my $ref = $self->read_request($rid); - - # call plugins - my $prefix = "request." . $type . ".create_request"; - $self->invoke_plugins($prefix, $type, $ref); - - return $rid; -} - -####################################### -# Reads a request -####################################### -sub read_request { - my ($self, $reqid) = @_; - my $dbh = $self->{dbh}; - my $select = "select *,rowid from requests " . - "where rowid=" . $dbh->quote($reqid); - my $sth = $dbh->prepare($select); - $sth->execute(); - my $ref = $sth->fetchrow_hashref(); - $sth->finish(); - return $ref; -} - -sub read_request_by_roles { - my ($self, $roles, $reqid) = @_; - my $dbh = $self->{dbh}; - - my $select; - if (grep /^administrators/, @$roles) { - # administrator see all requests - $select = "select *,rowid from requests " . - "where rowid=" . $dbh->quote($reqid); - } else { - my $filter = $self->get_role_filter($roles); - $select = "select *,rowid from requests where " . - "(" . $filter . ")" . " AND " . - "rowid=" . $dbh->quote($reqid); - } - my $sth = $dbh->prepare($select); - $sth->execute(); - my $ref = $sth->fetchrow_hashref(); - $sth->finish(); - return $ref; -} - -####################################### -# Sets request attributes -####################################### -sub set_request { - my ($self, $reqid, $name, $value) = @_; - my $dbh = $self->{dbh}; - - my $timet = PKI::Base::TimeTool->new(); - my $now = $timet->get_time(); - my $update = "update requests set " . - $name . "=" . $dbh->quote($value) . "," . - "updated_at=" . $dbh->quote($now) . " " . - "where rowid=" . $dbh->quote($reqid); -REDO_SET_REQUEST: - eval { - $dbh->do($update); - }; - if ($dbh->err == 5) { - sleep(1); - goto REDO_SET_REQUEST; - } - - my $select = "select *,rowid from requests " . - "where rowid=" . $dbh->quote($reqid); - my $sth = $dbh->prepare($select); - $sth->execute(); - my $ref = $sth->fetchrow_hashref(); - $sth->finish(); - - return $ref; -} - -####################################### -# Sets output -####################################### -sub set_request_output { - my ($self, $reqid, $output) = @_; - - return $self->set_request($reqid, "output", $output); -} - -####################################### -# Approves a request -####################################### -sub approve_request { - my ($self, $reqid, $processed_by) = @_; - my $dbh = $self->{dbh}; - - # XXX - check assigned_to - - my $timet = PKI::Base::TimeTool->new(); - my $now = $timet->get_time(); - my $update = "update requests set " . - "processed_by=" . $dbh->quote($processed_by) . "," . - "status='APPROVED' " . "," . - "errorString='0' " . "," . - "updated_at=" . $dbh->quote($now) . " " . - "where rowid=" . $dbh->quote($reqid); -REDO_APPROVE_REQUEST: - eval { - $dbh->do($update); - }; - if ($dbh->err == 5) { - sleep(1); - goto REDO_APPROVE_REQUEST; - } - - my $select = "select *,rowid from requests " . - "where rowid=" . $dbh->quote($reqid); - my $sth = $dbh->prepare($select); - $sth->execute(); - my $ref = $sth->fetchrow_hashref(); - $sth->finish(); - - # call plugins - my $prefix = "request." . $ref->{'type'} . ".approve_request"; - $self->invoke_plugins($prefix, $ref->{'type'}, $ref); - - my $select = "select *,rowid from requests " . - "where rowid=" . $dbh->quote($reqid); - my $sth = $dbh->prepare($select); - $sth->execute(); - my $ref = $sth->fetchrow_hashref(); - $sth->finish(); - - return $ref; -} - -####################################### -# Rejects a request -####################################### -sub reject_request { - my ($self, $reqid, $processed_by) = @_; - my $dbh = $self->{dbh}; - - my $timet = PKI::Base::TimeTool->new(); - my $now = $timet->get_time(); - my $update = "update requests set " . - "processed_by=" . $dbh->quote($processed_by) . "," . - "status='REJECTED' " . "," . - "updated_at=" . $dbh->quote($now) . " " . - "where rowid=" . $dbh->quote($reqid); -REDO_REJECT_REQUEST: - eval { - $dbh->do($update); - }; - if ($dbh->err == 5) { - sleep(1); - goto REDO_REJECT_REQUEST; - } - - my $select = "select *,rowid from requests " . - "where rowid=" . $dbh->quote($reqid); - my $sth = $dbh->prepare($select); - $sth->execute(); - my $ref = $sth->fetchrow_hashref(); - $sth->finish(); - - # call plugins - my $prefix = "request." . $ref->{'type'} . ".reject_request"; - $self->invoke_plugins($prefix, $ref->{'type'}, $ref); - - my $select = "select *,rowid from requests " . - "where rowid=" . $dbh->quote($reqid); - my $sth = $dbh->prepare($select); - $sth->execute(); - my $ref = $sth->fetchrow_hashref(); - $sth->finish(); - - return $ref; -} - -sub get_role_filter { - my ($self, $roles) = @_; - my $dbh = $self->{dbh}; - - my $filter = ""; - foreach $rr (@$roles) { - if ($filter eq "") { - $filter = "assigned_to=" . $dbh->quote($rr); - } else { - $filter = $filter . " OR " . "assigned_to=" . $dbh->quote($rr); - } - } - return $filter; -} - -####################################### -# Lists requests -####################################### -sub list_requests { - my ($self, $startpos, $maxcount) = @_; - my $dbh = $self->{dbh}; - my $select = "select *,rowid from requests " . - "order by rowid desc " . - "limit $startpos, $maxcount"; - my $sth = $dbh->prepare($select); - $sth->execute(); - my @reqs; - while (my $ref = $sth->fetchrow_hashref()) { - push(@reqs, $ref); - } - $sth->finish(); - return @reqs; -} - -sub count_requests_by_roles { - my ($self, $roles, $status) = @_; - my $dbh = $self->{dbh}; - - my $select; - - if (grep /^administrators$/, @$roles) { - # administrator sees everything - $select = "select count(*) from requests where " . - "status like '$status%' "; - } else { - # shows requests that are owned by the groups - my $filter = $self->get_role_filter($roles); - $select = "select count(*) from requests where " . - "status like '$status%' AND " . - "(" . $filter . ") "; - } - my $sth = $dbh->prepare($select); - $sth->execute(); - my $ref = $sth->fetchrow_hashref(); - $sth->finish(); - return $ref->{'count(*)'}; -} - -sub list_requests_by_roles { - my ($self, $roles, $status, $startpos, $maxcount) = @_; - my $dbh = $self->{dbh}; - - my $select; - -# if ($roles =~ /administrators/) { - if (grep /^administrators$/, @$roles) { - # administrator sees everything - $select = "select *,rowid from requests where " . - "status like '$status%' " . - "order by rowid desc " . - "limit $startpos, $maxcount"; - } else { - # shows requests that are owned by the groups - my $filter = $self->get_role_filter($roles); - $select = "select *,rowid from requests where " . - "status like '$status%' AND " . - "(" . $filter . ") " . - "order by rowid desc " . - "limit $startpos, $maxcount"; - } - my $sth = $dbh->prepare($select); - $sth->execute(); - my @reqs; - while (my $ref = $sth->fetchrow_hashref()) { - push(@reqs, $ref); - } - $sth->finish(); - return @reqs; -} - -####################################### -# Closes request queue -####################################### -sub close { - my ($self) = @_; - my $dbh = $self->{dbh}; - $dbh->disconnect(); -} - -1; |