📄 addcertsldap
字号:
## OpenCA - RA Server Command## (c) 2000-2001 by Michael Bell and OpenCA Group#### File Name: addCertsLDAP## Brief: Add all certificates to LDAP server## Description: Add all issued certificates to LDAP server## Parameters: if ( $cmd !~ /addCertsLDAP/i ) { configError( "Wrong Command Usage ($cmd/importReqs)!" ); exit 1;} my $dataType, $certData, @certsList;# preparing pagemy $uptime = $tools->getDate();## Get required parameters ( return only the value string )# not designed actually# my $sheet = getRequired( $doc );my $sheet = getRequired( 'addallcertssheet' );my $maxItems = getRequired( "maxReturnedItems" );## Get the base Page ( got in $page variable )my $page = $query->getFile( "$sheet" );configError ( "Error loading Page $sheet" ) if ( not $page);# preparing table## Set the column titlesmy @cols;push( @cols, "DN" );push( @cols, "serialNumber" );push( @cols, "DN related failure" );push( @cols, "certificate related failure" );# if ( not $matched ) {# $matched = $db->elements( DATATYPE=>$dataType );# };$table = buildRefs( $query, "", $maxItems );$table .= $query->startTable( COLS=>[ @cols ], WIDTH=>"100%", TITLE_BGCOLOR=>"#DDCCFF" );# pushing the actual CA_CERTIFICATE into the ldap# hey, why have every ca-certificate serialnumber 0# so I cannot put the old ca-certificates into the ldap !!!$serID = 0;$dataType = '(VALID_CA_CERTIFICATE|EXPIRED_CA_CERTIFICATE)'; @certsList = $db->searchItem(DATATYPE=>$dataType, SERIAL=>$serID);foreach $certData (@certsList) { $cert = $certData->{VALUE}; # is this CA-cert perhaps in the directory? # $filter = "(usercertificate=" . $cert . ")"; # $ret = LDAPsearch( FILTER => $filter ); # because this code doesn't work I check for ldap errorcode 68 # which means "Certificate already exists" $parsed = $cert->getParsed(); # print "Adding CA-Certificate [$serID]: " . # $parsed->{EMAIL} . " (0x" . hex($serID) . ")" . "<BR>\n"; $ret = addLDAPcert( CERTIFICATE => $cert, NOPRINT => true); $status = $ret->{STATUS}; $code = $ret->{CODE}; if ( (!$status) && ($code!=20) && ($code!=68)) { my @vals; push( @vals, $parsed->{DN}); $ser_col = "<a href=\"$self?cmd=viewCert&dataType=".$certData->{DATATYPE}. "&key=".$certData->{KEY}."\">".$parsed->{SERIAL} ."</a>"; push( @vals, $ser_col ); push( @vals, "<CENTER>---</CENTER>"); push( @vals, $code); $table .= $query->addTableLine( DATA =>[ @vals ]); }}# now I check in all other certificates$dataType = '(?!CA).._CERTIFICATE';$serID = 1;while (0<(@certsList = $db->searchItem(DATATYPE=>$dataType, SERIAL=>$serID))) { $certData = $certsList [0]; $cert = $certData->{VALUE}; $parsed = $cert->getParsed(); my @vals; push( @vals, $parsed->{DN}); $ser_col = "<a href=\"$self?cmd=viewCert&dataType=".$certData->{DATATYPE}. "&key=".$certData->{KEY}."\">".$parsed->{SERIAL} ."</a>"; push( @vals, $ser_col ); if ( $parsed->{EMAIL} ne "" ) { $filter = "(Email=" . $parsed->{EMAIL} . ", cn=" . $parsed->{CN} . ")"; } else { $filter = "(cn=" . $parsed->{CN} . ")"; } $ret = LDAPsearch( FILTER => $filter ); if ( $ret->{COUNT} <= 0 ) { $ret = addLDAPuser ( CERTIFICATE=>$cert ); $status = $ret->{STATUS}; $code = $ret->{CODE}; if ( (!$status) && ($code!=20) && ($code!=68)) { push( @vals, $code); $status = 1; } else { push( @vals, "<CENTER>---</CENTER>"); $ret = addLDAPcert( CERTIFICATE => $cert, NOPRINT=> true ); $status = $ret->{STATUS}; $code = $ret->{CODE}; } } else { push( @vals, "<CENTER>---</CENTER>"); $ret = addLDAPcert( CERTIFICATE => $cert, NOPRINT=> true ); $status = $ret->{STATUS}; $code = $ret->{CODE}; } if ( (!$status) && ($code!=20) && ($code!=68)) { push( @vals, $code); } else { push( @vals, "<CENTER>---</CENTER>"); } if (($code!=20) && ($code!=68)) { $table .= $query->addTableLine( DATA =>[ @vals ]); } $serID++;}## Close the Table$table .= $query->endTable();$table .= getCopyRight();## Substitute the Variables in the $page$page = $query->subVar( $page, '$uptime', $uptime );$page = $query->subVar( $page, '$table', $table );print "$page";1;⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -