| 1 | <% @header [("title", ["SSL certificate signing requests"])]; |
| 2 | |
| 3 | val admin = Group.inGroupName "server"; |
| 4 | |
| 5 | if $"new" <> "" then |
| 6 | val req = $"req"; |
| 7 | val key = $"key"; |
| 8 | val days = Web.stoi ($"days"); |
| 9 | val domain = $"domain"; |
| 10 | val msg = $"msg"; |
| 11 | |
| 12 | if req = "" then |
| 13 | %><h3>Please fill in a path to a certificate request.</h3><% |
| 14 | elseif key = "" then |
| 15 | %><h3>Please fill in a path to a key.</h3><% |
| 16 | elseif days <= 0 then |
| 17 | %><h3>Please give a positive number of days for the certificate to live.</h3><% |
| 18 | elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then |
| 19 | %><h3>You don't have permissions on domain <tt><% Web.html domain %></tt>.</h3><% |
| 20 | else |
| 21 | %>Are you sure you want to ask for permissions on an SSL certificate |
| 22 | <li> with request <tt><% Web.html req %></tt>,</li> |
| 23 | <li> with key <tt><% Web.html key %></tt>,</li> |
| 24 | <li> for domain <tt><% domain %></tt>,</li> |
| 25 | <li> lasting <% days %> days?</li> |
| 26 | <a href="?cmd=request&req=<% Web.html req %>&key=<% Web.html key %>&days=<% days %>&domain=<% Web.html domain %>&msg=<% Web.urlEncode msg %>">Yes, I want to request that.</a><% |
| 27 | end |
| 28 | elseif $"cmd" = "request" then |
| 29 | val req = $"req"; |
| 30 | val key = $"key"; |
| 31 | val days = Web.stoi ($"days"); |
| 32 | val domain = $"domain"; |
| 33 | val msg = $"msg"; |
| 34 | |
| 35 | if req = "" then |
| 36 | %><h3>Please fill in a path to a certificate request.</h3><% |
| 37 | elseif key = "" then |
| 38 | %><h3>Please fill in a path to a key.</h3><% |
| 39 | elseif days <= 0 then |
| 40 | %><h3>Please give a positive number of days for the certificate to live.</h3><% |
| 41 | elseif not (ChooseDomain.yourDomain {user = Init.getUserName (), domain = domain}) then |
| 42 | %><h3>You don't have permissions on domain <tt><% Web.html domain %></tt>.</h3><% |
| 43 | else |
| 44 | val gen = req; |
| 45 | |
| 46 | val text = "/afs/hcoop.net/common/etc/scripts/ca-sign " |
| 47 | ^ Int.toString days ^ " " |
| 48 | ^ req ^ " " |
| 49 | ^ key ^ " " |
| 50 | ^ gen ^ " " |
| 51 | ^ domain; |
| 52 | |
| 53 | val id = Sign.add (Init.getUserId (), text, msg); |
| 54 | if not (Sign.notifyNew id) then |
| 55 | %><h3>Error sending e-mail notification</h3><% |
| 56 | end |
| 57 | %><h3>Request added</h3><% |
| 58 | end |
| 59 | elseif $"cmd" = "open" then |
| 60 | %><h3>Open requests</h3> |
| 61 | <a href="?cmd=list">List all requests</a><% |
| 62 | |
| 63 | foreach (name, req) in Sign.listOpen () do %> |
| 64 | <br><hr><br> |
| 65 | <table class="blanks"> |
| 66 | <tr> <td>By:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr> |
| 67 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr> |
| 68 | <tr> <td>Request:</td> <td><tt><% #data req %></tt></td> </tr> |
| 69 | <tr> <td>Reason:</td> <td><% Web.html (#msg req) %></td> </tr> |
| 70 | </table> |
| 71 | |
| 72 | <% if admin then %> |
| 73 | <br> |
| 74 | <a href="?mod=<% #id req %>">[Modify]</a> |
| 75 | <a href="?del=<% #id req %>">[Delete]</a><br> |
| 76 | <% end %> |
| 77 | |
| 78 | <% end |
| 79 | |
| 80 | elseif $"cmd" = "list" then |
| 81 | %><h3>All requests</h3><% |
| 82 | |
| 83 | foreach (name, req) in Sign.list () do %> |
| 84 | <br><hr><br> |
| 85 | <table class="blanks"> |
| 86 | <tr> <td>By:</td> <td><a href="user?id=<% #usr req %>"><% name %></a></td> </tr> |
| 87 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr> |
| 88 | <tr> <td>Request:</td> <td><tt><% #data req %></tt></td> </tr> |
| 89 | <tr> <td>Reason:</td> <td><% Web.html (#msg req) %></td> </tr> |
| 90 | </table> |
| 91 | |
| 92 | <% if admin then %> |
| 93 | <br> |
| 94 | <a href="?mod=<% #id req %>">[Modify]</a> |
| 95 | <a href="?del=<% #id req %>">[Delete]</a> |
| 96 | <% end %> |
| 97 | |
| 98 | <% end |
| 99 | |
| 100 | elseif $"mod" <> "" then |
| 101 | Group.requireGroupName "server"; |
| 102 | val id = Web.stoi ($"mod"); |
| 103 | val req = Sign.lookup id; |
| 104 | val user = Init.lookupUser (#usr req) %> |
| 105 | <h3>Handle request</h3> |
| 106 | |
| 107 | <form method="post"> |
| 108 | <input type="hidden" name="save" value="<% id %>"> |
| 109 | <table class="blanks"> |
| 110 | <tr> <td>Requestor:</td> <td><a href="user?id=<% #usr req %>"><% #name user %></a></td> </tr> |
| 111 | <tr> <td>Time:</td> <td><% #stamp req %> (<% Util.diffFromNow (#stamp req) %> ago)</td> </tr> |
| 112 | <tr> <td>Status:</td> <td><select name="status"> |
| 113 | <option value="0"<% if #status req = Sign.NEW then %> selected<% end %>>New</option> |
| 114 | <option value="1"<% if #status req = Sign.INSTALLED then %> selected<% end %>>Installed</option> |
| 115 | <option value="2"<% if #status req = Sign.REJECTED then %> selected<% end %>>Rejected</option> |
| 116 | </select></td> </tr> |
| 117 | <tr> <td>Request:</td> <td><input name="req" size="60" value="<% Web.html (#data req) %>"></td> </tr> |
| 118 | <tr> <td>Message:</td> <td><textarea name="msg" rows="10" cols="80" wrap="soft"><% Web.html (#msg req) %></textarea></td> </tr> |
| 119 | <tr> <td><input type="submit" value="Save"></td> </tr> |
| 120 | </table> |
| 121 | </form> |
| 122 | |
| 123 | <% elseif $"save" <> "" then |
| 124 | Group.requireGroupName "server"; |
| 125 | val id = Web.stoi ($"save"); |
| 126 | val req = Sign.lookup id; |
| 127 | val oldStatus = #status req; |
| 128 | val newStatus = Sign.statusFromInt (Web.stoi ($"status")); |
| 129 | Sign.modify {req with data = $"req", msg = $"msg", status = newStatus}; |
| 130 | if not (Sign.notifyMod (oldStatus, newStatus, Init.getUserName(), id)) then |
| 131 | %><h3>Error sending e-mail notification</h3><% |
| 132 | end |
| 133 | %><h3>Request modified</h3> |
| 134 | Back to: <a href="?cmd=open">open requests</a>, <a href="?cmd=list">all requests</a> |
| 135 | |
| 136 | <% elseif $"del" <> "" then |
| 137 | Group.requireGroupName "server"; |
| 138 | val id = Web.stoi ($"del"); |
| 139 | val req = Sign.lookup id; |
| 140 | val user = Init.lookupUser (#usr req) |
| 141 | %><h3>Are you sure you want to delete request by <% #name user %> for <tt><% #data req %></tt>?</h3> |
| 142 | <a href="?del2=<% id %>">Yes, I'm sure!</a> |
| 143 | |
| 144 | <% elseif $"del2" <> "" then |
| 145 | Group.requireGroupName "server"; |
| 146 | val id = Web.stoi ($"del2"); |
| 147 | Sign.delete id |
| 148 | %><h3>Request deleted</b><h3> |
| 149 | Back to: <a href="?cmd=open">open requests</a>, <a href="?cmd=list">all requests</a> |
| 150 | |
| 151 | <% else %> |
| 152 | |
| 153 | <h3>Request SSL certificate signing</h3> |
| 154 | |
| 155 | <p>Use this form to request that we sign an an SSL certificate with our certificate authority. Give the location of your certificate request (<tt>.csr</tt> file) and key (<tt>.key</tt> file) within <tt>/afs/hcoop.net</tt>.</p> |
| 156 | |
| 157 | <p>The <a href="http://wiki.hcoop.net/MemberManual/ServingWebsites/SslCert">instructions on our wiki for creating SSL certificates</a> may be helpful.</p> |
| 158 | |
| 159 | <form method="post"> |
| 160 | <input type="hidden" name="new" value="1"> |
| 161 | <table class="blanks"> |
| 162 | <tr> <td>Domain:</td> <td><% @chooseDomain[] %></td> </tr> |
| 163 | <tr> <td>OpenSSL request file:</td> <td><input name="req" size="60"></td> </tr> |
| 164 | <tr> <td>OpenSSL key file:</td> <td><input name="key" size="60"></td> </tr> |
| 165 | <tr> <td>Certificate lifetime, in days:</td> <td><input name="days" size="5" value="3650"></td></tr> |
| 166 | <tr> <td>Additional comments:</td> <td><textarea name="msg" rows="5" cols="80" wrap="soft"></textarea></td> </tr> |
| 167 | <tr> <td><input type="submit" value="Request"></td> </tr> |
| 168 | </table> |
| 169 | </form> |
| 170 | |
| 171 | <% end %> |
| 172 | |
| 173 | <% @footer[] %> |