1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
package org.openslx.taskmanager.tasks;
import java.io.File;
import org.openslx.satserver.util.Exec;
import org.openslx.satserver.util.Util;
import org.openslx.taskmanager.api.AbstractTask;
import com.google.gson.annotations.Expose;
/**
* Task for enabling or disabling https support in lighttpd.
* Can greate a self-signed cert on the fly, or use a supplied one.
*/
public class LighttpdHttps extends AbstractTask
{
private Output status = new Output();
@Expose
private String importcert = null;
@Expose
private String importkey = null;
@Expose
private String importchain = null;
@Expose
private String proxyip = null;
@Override
protected boolean initTask()
{
this.setStatusObject( this.status );
return true;
}
@Override
protected boolean execute()
{
if ( this.importcert != null && this.importkey != null && !this.importcert.isEmpty() && !this.importkey.isEmpty() )
return createFromInput();
if ( this.proxyip != null && !this.proxyip.isEmpty() )
return createRandom();
return disableHttps();
}
private boolean createRandom()
{
int ret = Exec.sync( 15, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--random", this.proxyip );
if ( ret != 0 ) {
status.error = "generator exited with code " + ret;
return false;
}
return true;
}
private boolean createFromInput()
{
// Import supplied certificate and key. Test if they are valid first
File tmpKey = null;
File tmpCert = null;
File tmpChain = null;
try {
try {
tmpCert = File.createTempFile( "bwlp-", ".pem" );
tmpKey = File.createTempFile( "bwlp-", ".pem" );
Util.writeStringToFile( tmpCert, this.importcert );
Util.writeStringToFile( tmpKey, this.importkey );
if ( this.importchain != null && !this.importchain.isEmpty() ) {
tmpChain = File.createTempFile( "bwlp-", ".pem" );
Util.writeStringToFile( tmpChain, this.importchain );
}
} catch ( Exception e ) {
status.error = "Could not create temporary files: " + e.getMessage();
return false;
}
int ret;
ret = Exec.sync( 15, "/opt/taskmanager/scripts/install-https", "--test", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath() );
if ( ret != 0 ) {
status.error = "Given key and certificate do not match, or have invalid format (exit code: " + ret + ")";
return false;
}
if ( tmpChain != null ) {
ret = Exec.sync( 15, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--import", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath(),
tmpChain.getAbsolutePath() );
} else {
ret = Exec.sync( 15, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--import", tmpKey.getAbsolutePath(), tmpCert.getAbsolutePath() );
}
if ( ret != 0 ) {
status.error = "import exited with code " + ret;
return false;
}
return true;
} finally {
if ( tmpKey != null )
tmpKey.delete();
if ( tmpCert != null )
tmpCert.delete();
}
}
private boolean disableHttps()
{
int ret = Exec.sync( 15, "sudo", "-n", "-u", "root", "/opt/taskmanager/scripts/install-https", "--disable" );
if ( ret != 0 ) {
status.error = "disable exited with code " + ret;
return false;
}
return true;
}
/**
* Output - contains additional status data of this task
*/
@SuppressWarnings( "unused" )
private static class Output
{
protected String error = null;
}
}
|