![(please configure the [header_logo] section in trac.ini)](/share/chrome/site/your_project_logo.png){kind=logo}
Changeset 11777 for lang/perl/Punc/trunk
- Timestamp:
- 05/17/08 20:38:05 (6 months ago)
- Location:
- lang/perl/Punc/trunk
- Files:
-
- 6 modified
-
bin/puncd (modified) (1 diff)
-
bin/puncmasterd (modified) (1 diff)
-
lib/Punc/Client.pm (modified) (1 diff)
-
lib/Punc/Daemon.pm (modified) (1 diff)
-
lib/Punc/Master/Daemon.pm (modified) (7 diffs)
-
lib/Punc/Slave/Daemon.pm (modified) (3 diffs)
Legend:
- Unmodified
- Added
- Removed
-
lang/perl/Punc/trunk/bin/puncd
r11518 r11777 35 35 }); 36 36 37 $daemon-> run;37 $daemon->prepare->run; -
lang/perl/Punc/trunk/bin/puncmasterd
r11734 r11777 32 32 }); 33 33 34 $daemon-> run;34 $daemon->prepare->run; 35 35 36 -
lang/perl/Punc/trunk/lib/Punc/Client.pm
r11749 r11777 41 41 42 42 return Punc::Client::Request->new({ 43 conf => $self-> {conf},44 hosts => $self-> {hosts},43 conf => $self->conf, 44 hosts => $self->hosts, 45 45 module => $module, 46 46 }); -
lang/perl/Punc/trunk/lib/Punc/Daemon.pm
r11749 r11777 8 8 use UNIVERSAL::require; 9 9 10 sub new { 11 my ( $class, $args ) = @_; 10 has 'port' => ( is => 'rw', isa => 'Int' ); 11 has 'confdir' => ( is => 'rw', isa => 'Str' ); 12 has 'conf' => ( is => 'rw', isa => 'HashRef' ); 13 has 'context' => ( is => 'rw', isa => 'Punc' ); 14 has 'ssl_key' => ( is => 'rw', isa => 'Str' ); 15 has 'ssl_cert' => ( is => 'rw', isa => 'Str' ); 16 has 'ca_cert' => ( is => 'rw', isa => 'Str' ); 17 has 'daemon' => ( is => 'rw', isa => 'HTTP::Daemon::SSL' ); 12 18 13 my $self = { 14 %$args, 15 }; 19 sub prepare { 20 my $self = shift; 16 21 17 bless $self, $class; 22 my $ssl_verify_mode = ref $self eq 'Punc::Master::Daemon' ? 0x00 : 0x07; 23 24 $self->daemon( 25 HTTP::Daemon::SSL->new( 26 LocalPort => $self->port, 27 ReuseAddr => 1, 28 SSL_key_file => $self->ssl_key, 29 SSL_cert_file => $self->ssl_cert, 30 SSL_ca_file => $self->ca_cert || '', 31 SSL_verify_mode => $ssl_verify_mode, 32 ) 33 ); 34 35 die $! unless $self->daemon; 36 37 return $self; 18 38 } 19 39 20 40 sub run { 21 41 my $self = shift; 22 23 my $ssl_verify_mode = ref $self eq 'Punc::Master::Daemon' ? 0x00 : 0x07; 24 25 my $d = HTTP::Daemon::SSL->new( 26 LocalPort => $self->{port}, 27 ReuseAddr => 1, 28 SSL_key_file => $self->{ssl_key}, 29 SSL_cert_file => $self->{ssl_cert}, 30 SSL_ca_file => $self->{ca_cert} || '', 31 SSL_verify_mode => $ssl_verify_mode, 32 ) || die $!; 42 my $d = $self->daemon; 33 43 34 44 print "Please contact me at: <URL:", $d->url, ">\n"; -
lang/perl/Punc/trunk/lib/Punc/Master/Daemon.pm
r11749 r11777 16 16 my $self = $class->SUPER::new(@_); 17 17 18 $self->{ca} = Punc::Master::CA->new({ 19 ssldir => File::Spec->catdir($self->{confdir}, 'ssl'), 20 }); 18 $self->ca( 19 Punc::Master::CA->new({ 20 ssldir => File::Spec->catdir($self->confdir, 'ssl'), 21 }) 22 ); 21 23 22 $self->_find_or_create_ca_cert($self-> {context});24 $self->_find_or_create_ca_cert($self->context); 23 25 24 $self-> {ssl_key} = File::Spec->catfile($self->{ca}->{cadir}, 'ca.key');25 $self-> {ssl_cert} = File::Spec->catfile($self->{ca}->{cadir}, 'ca.cert'),26 $self->ssl_key( File::Spec->catfile($self->ca->cadir, 'ca.key') ); 27 $self->ssl_cert( File::Spec->catfile($self->ca->cadir, 'ca.cert') ); 26 28 return $self; 27 29 } … … 29 31 sub _find_or_create_ca_cert { 30 32 my ( $self, $c ) = @_; 31 my $cadir = $self-> {ca}->{cadir};33 my $cadir = $self->ca->cadir; 32 34 unless ( -d $cadir ) { 33 35 mkpath($cadir); … … 46 48 # 鍵作成 47 49 my $rsa = Crypt::OpenSSL::RSA->generate_key(1024); 48 open my $out, '>', File::Spec->catfile($self-> {ca}->{cadir}, 'ca.key') or die $!;50 open my $out, '>', File::Spec->catfile($self->ca->cadir, 'ca.key') or die $!; 49 51 print $out $rsa->get_private_key_string; 50 52 close $out; … … 66 68 67 69 my $pem = $x509->sign($privkey, 'sha1'); 68 open my $cert, '>', File::Spec->catfile($self-> {ca}->{cadir}, 'ca.cert') or die $!;70 open my $cert, '>', File::Spec->catfile($self->ca->cadir, 'ca.cert') or die $!; 69 71 print $cert $pem; 70 72 close $cert; 71 73 72 open my $srl, '>', File::Spec->catfile($self-> {ca}->{cadir}, 'ca.srl') or die $!;74 open my $srl, '>', File::Spec->catfile($self->ca->cadir, 'ca.srl') or die $!; 73 75 print $srl '01'; 74 76 close $srl; … … 81 83 # CSR 取得 82 84 my $csr = $args->{csr}; 83 my $hostname = $self-> {ca}->get_hostname_from_csr($csr);85 my $hostname = $self->ca->get_hostname_from_csr($csr); 84 86 85 my $csrdir = $self-> {ca}->{csrdir};87 my $csrdir = $self->ca->csrdir; 86 88 mkpath($csrdir) unless -d $csrdir; 87 89 88 $self-> {ca}->save_csr($csr);90 $self->ca->save_csr($csr); 89 91 90 92 my $autosign = $self->{conf}->{autosign} || ''; … … 101 103 102 104 open my $cert_fh, '<', File::Spec->catfile( 103 $self-> {ca}->{certdir},105 $self->ca->certdir, 104 106 "${hostname}.cert" 105 107 ) or do { return { error => $! } }; … … 109 111 110 112 open my $cacert_fh, '<', File::Spec->catfile( 111 $self-> {ca}->{cadir},113 $self->ca->cadir, 112 114 'ca.cert' 113 115 ) or do { return { error => $! } }; -
lang/perl/Punc/trunk/lib/Punc/Slave/Daemon.pm
r11749 r11777 11 11 with 'Punc::Daemon::Role'; 12 12 13 has 'keydir' => ( is => 'rw', isa => 'Str' ); 14 has 'certdir' => ( is => 'rw', isa => 'Str' ); 15 has 'ssldir' => ( is => 'rw', isa => 'Str' ); 16 has 'csrdir' => ( is => 'rw', isa => 'Str' ); 17 13 18 sub new { 14 19 my $class = shift; 15 20 my $self = $class->SUPER::new(@_); 16 21 17 $self->_find_or_request_cert($self-> {context});22 $self->_find_or_request_cert($self->context); 18 23 19 my $fqdn = $self-> {context}->fact('fqdn');24 my $fqdn = $self->context->fact('fqdn'); 20 25 21 $self->{ssl_key} = File::Spec->catfile($self->{keydir}, "${fqdn}.key"); 22 $self->{ssl_cert} = File::Spec->catfile($self->{certdir}, "${fqdn}.cert"); 23 $self->{ca_cert} = File::Spec->catfile($self->{certdir}, 'ca.cert'); 26 $self->ssl_key( File::Spec->catfile($self->keydir, "${fqdn}.key") ); 27 $self->ssl_cert( File::Spec->catfile($self->certdir, "${fqdn}.cert") ); 28 $self->ca_cert( File::Spec->catfile($self->certdir, 'ca.cert') ); 29 24 30 return $self; 25 31 } … … 28 34 my ( $self, $c ) = @_; 29 35 30 $self-> {ssldir} = File::Spec->catdir($self->{confdir}, 'ssl');31 $self-> {certdir} = File::Spec->catdir($self->{ssldir}, 'certs');32 $self-> {keydir} = File::Spec->catdir($self->{ssldir}, 'keys');33 $self-> {csrdir} = File::Spec->catdir($self->{ssldir}, 'csrs');36 $self->ssldir( File::Spec->catdir($self->confdir, 'ssl') ); 37 $self->certdir( File::Spec->catdir($self->ssldir, 'certs') ); 38 $self->keydir( File::Spec->catdir($self->ssldir, 'keys') ); 39 $self->csrdir( File::Spec->catdir($self->ssldir, 'csrs') ); 34 40 35 mkpath($self-> {certdir}) unless -d $self->{certdir};36 mkpath($self-> {csrdir}) unless -d $self->{csrdir};37 unless ( -d $self-> {keydir}) {38 mkpath($self-> {keydir});39 chmod oct('0700'), $self-> {keydir};41 mkpath($self->certdir) unless -d $self->certdir; 42 mkpath($self->csrdir) unless -d $self->csrdir; 43 unless ( -d $self->keydir ) { 44 mkpath($self->keydir); 45 chmod oct('0700'), $self->keydir; 40 46 } 41 47 42 my $cert = File::Spec->catfile($self-> {certdir}, $c->fact('fqdn') . '.cert');48 my $cert = File::Spec->catfile($self->certdir, $c->fact('fqdn') . '.cert'); 43 49 unless ( -f $cert ) { 44 50 $self->_request_cert($c); … … 54 60 $req->sign(); 55 61 56 $req->write_pem_req( File::Spec->catfile( $self-> {csrdir}, "${fqdn}.csr" ) );57 $req->write_pem_pk( File::Spec->catfile( $self-> {keydir}, "${fqdn}.key" ) );62 $req->write_pem_req( File::Spec->catfile( $self->csrdir, "${fqdn}.csr" ) ); 63 $req->write_pem_pk( File::Spec->catfile( $self->keydir, "${fqdn}.key" ) ); 58 64 59 65 my $client = JSON::RPC::Client->new; 60 66 $client->ua->timeout(0); 61 my $host = $self-> {conf}->{puncmaster_host} || 'localhost';62 my $port = $self-> {conf}->{puncmaster_port} || 7081;67 my $host = $self->conf->{puncmaster_host} || 'localhost'; 68 my $port = $self->conf->{puncmaster_port} || 7081; 63 69 my $url = "https://$host:$port/cert"; 64 70
