diff options
author | Joe Rayhawk <jrayhawk@omgwallhack.org> | 2014-10-30 19:49:23 -0700 |
---|---|---|
committer | Joe Rayhawk <jrayhawk@omgwallhack.org> | 2014-10-30 19:49:23 -0700 |
commit | 1d0c4358c9bfb8d2748409fdb8da7c841adff4e3 (patch) | |
tree | 157bd63c78075459d3479e4cadf82d4e8b69b1ad /contrib/keygen.rb | |
parent | 2189d6db2f21dafe9a99c9e2e820b22ae6969b64 (diff) | |
download | cash-1d0c4358c9bfb8d2748409fdb8da7c841adff4e3.tar.gz cash-1d0c4358c9bfb8d2748409fdb8da7c841adff4e3.zip |
contrib: Adding keygen.rb
Diffstat (limited to 'contrib/keygen.rb')
-rw-r--r-- | contrib/keygen.rb | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/contrib/keygen.rb b/contrib/keygen.rb new file mode 100644 index 0000000..7f154f4 --- /dev/null +++ b/contrib/keygen.rb @@ -0,0 +1,67 @@ +#!/usr/bin/ruby +# Takes <keygen> input and emails somebody with an inline SPKAC request +# +# Certificates are automatically imported if they are served to clients over http with +# Content-type: application/x-x509-user-cert +# +# Some Webkit browsers, notably Chrome, don't understand PEM. Use DER. + +# Redefine these: + +localpart = 'jerks' +hostname = 'example.com' + +require 'cgi' + +cgi = CGI.new + +# Depending on how you access the form variables will depend on the results you get. +# 1. An explicit request in 1.8.x of form cgi['myvar'] returns a string +# 2. pre 1.8.x it returns an array +# 3. If you use the form cgi.params it returns a hash +# 4. If your form happens to include file upload (e.g. contains <input type="file"> and an 'enctype="multipart/form-data"') then +# * if the file size is > 10240 bytes ALL variables are created as Tempfiles +# * if < 10240 they are StringIO objects. + +# StringIO and Tempfile both support the 'read' method, so all that's left is String... +class String + def read( ) + self + end +end + +print 'Content-type: text/plain + +' + +spkac = String.new + +['SPKAC', 'C', 'ST', 'L', 'O', 'OU', 'CN', 'emailAddress'].each do |dn| + if defined?(cgi.params[dn][0].read) && cgi.params[dn][0].read =~ /./ + spkac << "#{dn}=#{cgi.params[dn][0].read.gsub(/\r|\n/, '')}\n" + else + print "Warning: Variable #{dn} is invalid or missing. It will not be included in your request. If this is in error, please correct and resubmit.\n" + end +end + +if spkac =~ /^SPKAC/ + IO.popen('/usr/sbin/sendmail -t', mode='w') { |mail| + mail.write( +"To: #{localpart}@#{hostname} +From: spkac form <root@#{hostname}> +Subject: SPKAC request +MIME-Version: 1.0 +Content-Type: text/plain; charset=us-ascii + +#{ENV['REMOTE_ADDR']} #{ENV['HTTP_USER_AGENT']} + +#{spkac} +" + ) + } + print "\nThe following SPKAC request has been emailed to your friendly neighbourhood admins, who will look it over, possibly sign it and give you a link to a shiny new certificate:\n\n" + print spkac + +else + print "Error: SPKAC public key is missing. Correct and resubmit." +end |