From 1d0c4358c9bfb8d2748409fdb8da7c841adff4e3 Mon Sep 17 00:00:00 2001 From: Joe Rayhawk Date: Thu, 30 Oct 2014 19:49:23 -0700 Subject: contrib: Adding keygen.rb --- contrib/keygen.rb | 67 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 contrib/keygen.rb (limited to 'contrib') diff --git a/contrib/keygen.rb b/contrib/keygen.rb new file mode 100644 index 0000000..7f154f4 --- /dev/null +++ b/contrib/keygen.rb @@ -0,0 +1,67 @@ +#!/usr/bin/ruby +# Takes input and emails somebody with an inline SPKAC request +# +# Certificates are automatically imported if they are served to clients over http with +# Content-type: application/x-x509-user-cert +# +# Some Webkit browsers, notably Chrome, don't understand PEM. Use DER. + +# Redefine these: + +localpart = 'jerks' +hostname = 'example.com' + +require 'cgi' + +cgi = CGI.new + +# Depending on how you access the form variables will depend on the results you get. +# 1. An explicit request in 1.8.x of form cgi['myvar'] returns a string +# 2. pre 1.8.x it returns an array +# 3. If you use the form cgi.params it returns a hash +# 4. If your form happens to include file upload (e.g. contains and an 'enctype="multipart/form-data"') then +# * if the file size is > 10240 bytes ALL variables are created as Tempfiles +# * if < 10240 they are StringIO objects. + +# StringIO and Tempfile both support the 'read' method, so all that's left is String... +class String + def read( ) + self + end +end + +print 'Content-type: text/plain + +' + +spkac = String.new + +['SPKAC', 'C', 'ST', 'L', 'O', 'OU', 'CN', 'emailAddress'].each do |dn| + if defined?(cgi.params[dn][0].read) && cgi.params[dn][0].read =~ /./ + spkac << "#{dn}=#{cgi.params[dn][0].read.gsub(/\r|\n/, '')}\n" + else + print "Warning: Variable #{dn} is invalid or missing. It will not be included in your request. If this is in error, please correct and resubmit.\n" + end +end + +if spkac =~ /^SPKAC/ + IO.popen('/usr/sbin/sendmail -t', mode='w') { |mail| + mail.write( +"To: #{localpart}@#{hostname} +From: spkac form +Subject: SPKAC request +MIME-Version: 1.0 +Content-Type: text/plain; charset=us-ascii + +#{ENV['REMOTE_ADDR']} #{ENV['HTTP_USER_AGENT']} + +#{spkac} +" + ) + } + print "\nThe following SPKAC request has been emailed to your friendly neighbourhood admins, who will look it over, possibly sign it and give you a link to a shiny new certificate:\n\n" + print spkac + +else + print "Error: SPKAC public key is missing. Correct and resubmit." +end -- cgit v1.2.3