📄 export-import.lib
字号:
## export/import library of OpenCA Group#### (c) 1998-2001 by OpenCA Group## the license is the general project license## (see http://openca.sourceforge.net)#### Usage:#### Export## ------## $tmp = createDirectory ();## exportXYZ ($tmp);## exportABC ($tmp);## createArchive ( $tmp);## removeDirectory ( $tmp );#### Import## ------## $tmp = createDirectory ();## extractArchive ($tmp);## importXYZ ($tmp);## importABC ($tmp);## removeDirectory ( $tmp );#### export/import functions:## * Reqs## * Certs## * CRRs## * CRLs## * CAs## * Configuration ## * directory (RBAC, OpenSSL, extfiles)## * file (openssl.cnf)## * ImportFromCA/ExportToCA## * ImportFromRAServer/ExportToRAServer## ## other functions:## * createDirectory## * createArchive## * extractArchive## * removeDirectory#### directories for the different objects:## * CA_CERTIFICATE## * REQUEST## * CERTIFICATE## * CRR## * CRL## * Configuration## * RBAC## * OpenSSL## * extfiles## * others (for the rest)## the variables which start with $exim_ are reserved for this library###################################### general function for archiving ######################################## ## createDirectory#### this function prepare a temporary directory for the files## which should be exported##sub createDirectory { my $exim_tmp_dir; if ( not $_[0] ) { $exim_tmp_dir = getRequired ('TempDir')."/tmp_".$$; } else { $exim_tmp_dir = $_[0]; } print addLogSection ("Creating Temporary Directory $exim_tmp_dir ..."); if (not mkdir ( $exim_tmp_dir, 0700 )) { print addErrorLog ("Cannot create temporary directory $exim_tmp_dir!"); print closeLogSection(); return ""; } print addLogLine( "Ok." ); print closeLogSection(); return $exim_tmp_dir;}#### createArchive#### this function generates an archive from a special directory## parameters : DIRECTORY as $_[0]##sub createArchive { my $exim_tmp_dir = $_[0]; print addLogSection ("Creating Archive ..."); print addLogLine ("Load required variables ..."); ## Get required parameters from the configuration file my $creat = getRequired( 'CreateArchive' ); my $test = getRequired( 'TestArchive' ); my $dest = getRequired( 'ExportDev' ); ## Build the right $cmd with substitution of the $dest ## with the 'ExportDest' and in 'TestArchive' my $arc = $query->subVar( $creat, '$dest', $dest ); my $test = $query->subVar( $test, '$dest', $dest ); print addLogLine ("Changing to directory $exim_tmp_dir ..."); if (not chdir $exim_tmp_dir) { printErrorLog ( "failed"); return 0; } print addLogLine ("Build Archive ..."); $ret = `$arc . 2>&1`; if( $? != 0 ) { print addErrorLog("Archiving Failed to $dest!"); print addLogLine( "$arc" ); return 0; } print addLogLine ("Test Archive ..."); $ret = `$test 2>&1`; if( $? != 0 ) { print addErrorLog("Testing Archive Failed for $dest!"); print addLogLine( "$arc" ); return 0; } print closeLogSection(); return 1;}#### extractArchive#### this function extracts an archive from a special media## parameters : DIRECTORY as $_[0]##sub extractArchive { my $exim_tmp_dir = $_[0]; print addLogSection ("Extracting Archive ..."); ## print addLogLine ("Load required variables ..."); ## Get required parameters from the configuration file my $unpack = getRequired( 'UnpackArchive' ); my $test = getRequired( 'TestArchive' ); my $dest = getRequired( 'ImportDev' ); ## Build the right $cmd with substitution of the $dest ## with the 'ExportDest' and in 'TestArchive' my $arc = $query->subVar( $unpack, '$orig', $dest ); my $arc = $query->subVar( $arc, '$dest', $exim_tmp_dir ); my $test = $query->subVar( $test, '$dest', $dest ); ## print addLogLine ("Changing to directory $exim_tmp_dir ..."); if (not chdir $exim_tmp_dir) { printErrorLog ( "failed"); return 0; } ## print addLogLine ("Test Archive ..."); $ret = `$test 2>&1`; if( $? != 0 ) { print addErrorLog("Testing Archive Failed for $dest!"); print addLogLine( "$arc" ); return 0; } ## print addLogLine ("Extract Archive ..."); $ret = `$arc . 2>&1`; if( $? != 0 ) { print addErrorLog("Extracting Archive Failed from $dest!"); print addLogLine( "$arc" ); return 0; } print addLogLine ( "Ok." ); print closeLogSection(); return 1;}## ## removeArchive#### this function remove a temporary directory##sub removeDirectory { my $exim_tmp_dir = $_[0]; print addLogSection ("Removing Temporary Directory ..."); if ( length ( $exim_tmp_dir ) < 10 ) { print addErrorLog ("Stop removing temporary directory $exim_tmp_dir ". " because the length of it is smaller than 10!"); print closeLogSection(); return 0; } $ret = `rm -rf $exim_tmp_dir`; if( $? != 0 ) { print addErrorLog("Cannot remove temporary directory $exim_tmp_dir"); print addLogLine( "rm -rf $exim_tmp_dir" ); print closeLogSection(); return 0; } print addLogLine( "Ok." ); print closeLogSection(); return 1;}############################## functions for Requests ################################ the requests are only archived during the import of the certificates## to handle crashed disks etc.sub exportReqs { my $exim_tmp_dir = $_[0]; my $dir = $exim_tmp_dir."/REQUEST"; if ( not createDirectory ($dir) ) { return 0; } print addLogSection ("Export approved requests ..."); my @reqList = $db->searchItems( DATATYPE=>"APPROVED_REQUEST" ); foreach $req (@reqList) { my $key = $req->getParsed->{DBKEY}; my $fileName = "${dir}/${key}.req"; if (not $tools->saveFile (FILENAME => $fileName, DATA => $req->{req})) { print addErrorLog ("Cannot save request ${key} to file ${key}.req"); } } print addLogLine ("OK"); print closeLogSection(); return 1;}sub importReqs { my $exim_tmp_dir = $_[0]; my $dir = $exim_tmp_dir."/REQUEST"; print addLogSection("Importing Requests to dB ... "); opendir( REQS, "$dir" ); my @reqsList = grep ( /req$/, readdir( REQS ) ); closedir( REQS ); my $ret = ""; foreach my $tmpReq (@reqsList) { my $storeType, $tmpType; next if (not $tmpReq ); my $fileName = "$dir/$tmpReq"; my $data = new OpenCA::REQ( SHELL=>$cryptoShell, INFILE=>"$fileName" ); if ( (not $data) or ( not $tmpType = $data->getParsed()->{TYPE} ) ) { print addErrorLog("Failed creating REQ obj from '$fileName'"); closeLogSection(); return 0; } else { if ( $tmpType =~ /RENEW/ ) { $storeType = "RENEW_REQUEST"; } else { $storeType = "PENDING_REQUEST"; } } if ( not $db->storeItem( DATATYPE=>$storeType, OBJECT=>$data ) ) { print addErrorLog("Failed adding request to dB!"); print closeLogSection (); return 0; } else { unlink( "$fileName" ); } $ret .= "Added <I>" . $data->getParsed()->{CN} . " (" . $data->getParsed->{EMAIL} . ")</I><BR>\n"; } print addLogLine("Ok."); print addPreLogLine( $ret ); print closeLogSection(); return 1;}################################# functions for Certifcates #################################sub exportCerts { my $exim_tmp_dir = $_[0]; my $dir = $exim_tmp_dir."/CERTIFICATE"; if ( not createDirectory ($dir) ) { return 0; } print addLogSection("Certificate Exporting ... "); if( not chdir( "$dir" )) { print addErrorLog( "Failed changing dir to $dir." ); print closeLogSection(); return 0; } ## I export all certs to support recovery after a crash on RAServer ## before the import I check via getItem for an existent certificate ## with this serial my @certList = $db->searchItems (DATATYPE => "VALID_CERTIFICATE" ); foreach $cert (@certList) { my $key = $cert->getParsed->{SERIAL}; my $fileName = "${dir}/${key}.pem"; if ($tools->saveFile (FILENAME => $fileName, DATA => $cert->getPEM () )) { print addLogLine ("export certificate $key successful"); } else { print addErrorLog ("export certificate $key failed"); } } ## I export all archived and deleted requests to move the ## approved requests on the RAServer in the right way my @reqList = $db->searchItems (DATATYPE => "ARCHIVIED_REQUEST" ); foreach my $req (@reqList) { my $key = $req->getParsed ()->{DBKEY}; my $fileName = "${dir}/${key}.arc"; print "halleluja".$req->{req} ."\n"; if (not $tools->saveFile (FILENAME => $fileName, DATA => $req->{req} )) { print addErrorLog ("Cannot write request ${key} to file $fileName!"); } } my @reqList = $db->searchItems (DATATYPE => "DELETED_REQUEST" ); foreach my $req (@reqList) { my $key = $req->getParsed ()->{DBKEY}; my $fileName = "${dir}/${key}.del"; if (not $tools->saveFile (FILENAME => $fileName, DATA => $req->{req} )) { print addErrorLog ("Cannot write request ${key} to file $fileName!"); } } print addLogLine( "Ok." ); print closeLogSection(); return 1;}sub importCerts { my $keys = { @_ }; my $exim_tmp_dir = $keys->{TMP}; my $dir = $exim_tmp_dir."/CERTIFICATE"; $serverDir = getRequired ( 'ServerDir' ); my @lastImport; print addLogSection( "Importing Certificates to dB ... "); opendir( CERTS, "$dir" ); my @certList = grep(/pem$/, readdir( CERTS ) ); closedir( CERTS ); $ret = ""; foreach $tmpCert (@certList) { my $tmpSerial, $tmpFormat; my $fileName = "$dir/$tmpCert"; my $certFile = $query->getFile( $fileName ); if ( not $certFile ) { print addErrorLog( "Failed opening ($fileName)."); print closeLogSection (); return 0; } my $data = new OpenCA::X509( SHELL =>$cryptoShell, INFILE=>$fileName, FORMAT=>"PEM" ); if ( not $data ) { print addErrorLog("Failed new X509 object!"); print closeLogSection(); return 0; } if ( not $tmpSerial = $data->getParsed()->{SERIAL} ) { print addErrorLog("Serial is not existent or it is the ". "first CA-Certificate!"); print closeLogSection(); return 0; } ## check to insert a new certificate if ( not $db->searchItems ( DATATYPE => "CERTIFICATE", KEY => $tmpSerial ) ) { if ( not $db->storeItem( DATATYPE => "VALID_CERTIFICATE", MODE => "INSERT", OBJECT => $data)) { print addErrorLog("Failed adding cert to dB!"); print closeLogSection (); return 0; } else { my ($tmpLine, $line, $txt); $tmpLine = $data->getParsed()->{SERIAL} . "\n"; push ( @lastImport, $tmpLine ); $txt = ""; foreach $line (@lastImport) { $txt .= $line; };⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -