package org.openslx.taskmanager.tasks;
import java.io.File;
import org.openslx.satserver.util.Exec;
import org.openslx.satserver.util.Util;
import org.openslx.taskmanager.api.AbstractTask;
import com.google.gson.annotations.Expose;
/**
* Task for enabling or disabling https support in lighttpd.
* Can greate a self-signed cert on the fly, or use a supplied one.
*/
public class LighttpdHttps extends AbstractTask
{
private Output status = new Output();
@Expose
private String importcert = null;
@Expose
private String importkey = null;
@Expose
private String importchain = null;
@Expose
private String proxyip = null;
@Override
protected boolean initTask()
{
this.setStatusObject( this.status );
return true;
}
@Override
protected boolean execute()
{
if ( this.importcert != null && this.importkey != null && !this.importcert.isEmpty() && !this.importkey.isEmpty() )
return createFromInput();
if ( this.proxyip != null && !this.proxyip.isEmpty() )
return createRandom();
return disableHttps();
}
private boolean createRandom()
{
int ret = Exec.sync( 5, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--random", this.proxyip );
if ( ret != 0 ) {
status.error = "generator exited with code " + ret;
return false;
}
return true;
}
private boolean createFromInput()
{
// Import supplied certificate and key. Test if they are valid first
File tmpKey = null;
File tmpCert = null;
File tmpChain = null;
try {
try {
tmpKey = File.createTempFile( "bwlp-", ".pem" );
Util.writeStringToFile( tmpCert, this.importcert );
tmpCert = File.createTempFile( "bwlp-", ".pem" );
Util.writeStringToFile( tmpKey, this.importkey );
if ( this.importchain != null && !this.importchain.isEmpty() ) {
tmpChain = File.createTempFile( "bwlp-", ".pem" );
Util.writeStringToFile( tmpChain, this.importchain );
}
} catch ( Exception e ) {
status.error = "Could not create temporary files!";
return false;
}
int ret;
ret = Exec.sync( 5, "/opt/taskmanager/scripts/install-https", "--test", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath() );
if ( ret != 0 ) {
status.error = "Given key and certificate do not match, or have invalid format (exit code: " + ret + ")";
return false;
}
if ( tmpChain != null ) {
ret = Exec.sync( 5, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--import", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath(),
tmpChain.getAbsolutePath() );
} else {
ret = Exec.sync( 5, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--import", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath() );
}
if ( ret != 0 ) {
status.error = "import exited with code " + ret;
return false;
}
return true;
} finally {
if ( tmpKey != null )
tmpKey.delete();
if ( tmpCert != null )
tmpCert.delete();
}
}
private boolean disableHttps()
{
int ret = Exec.sync( 5, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--disable" );
if ( ret != 0 ) {
status.error = "disable exited with code " + ret;
return false;
}
return true;
}
/**
* Output - contains additional status data of this task
*/
@SuppressWarnings( "unused" )
private static class Output
{
protected String error = null;
}
}