getsslcert.php3 1.95 KB
Newer Older
1 2 3
<?php
#
# EMULAB-COPYRIGHT
4
# Copyright (c) 2000-2009 University of Utah and the Flux Group.
5 6 7 8 9 10 11
# All rights reserved.
#
include("defs.php3");

#
# Only known and logged in users can do this.
#
12 13 14
$this_user = CheckLoginOrDie();
$uid       = $this_user->uid();
$isadmin   = ISADMIN();
15 16

#
17
# Verify page arguments
18
#
19 20
$optargs = OptionalPageArguments("target_user", PAGEARG_USER,
				 "p12", PAGEARG_BOOLEAN);
Leigh B. Stoller's avatar
Leigh B. Stoller committed
21 22 23
if (!isset($p12)) {
    $p12 = 0;
}
24

25 26 27
# Default to current user if not provided.
if (!isset($target_user)) {
     $target_user = $this_user;
28 29
}

30 31 32
# Need these below
$target_uid = $target_user->uid();
$target_idx = $target_user->uid_idx();
33 34 35 36

#
# Only admin people can create SSL certs for another user.
#
37 38 39
if (!$isadmin && !$target_user->SameUser($this_user)) {
    USERERROR("You do not have permission to download SSL cert ".
	      "for $user!", 1);
40 41
}

42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59
if ($p12) {
    if ($fp = popen("$TBSUEXEC_PATH $target_uid nobody webspewcert", "r")) {
	header("Content-Type: application/octet-stream;".
	       "filename=\"emulab.p12\";");
	header("Content-Disposition: inline; filename=\"emulab.p12\";");
	header("Cache-Control: no-cache, must-revalidate");
	header("Pragma: no-cache");
#       header("Content-Type: application/x-x509-user-cert");
	while (!feof($fp) && connection_status() == 0) {
	    print(fread($fp, 1024));
	    flush();
	}
	$retval = pclose($fp);
	$fp = 0;
    }
    return;
}

60
$query_result =& $target_user->TableLookUp("user_sslcerts",
61
					   "cert,privkey",
62
					   "encrypted=1 and revoked is null");
63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79

if (!mysql_num_rows($query_result)) {
    PAGEHEADER("Download SSL Certificate for $target_uid");
    USERERROR("There is no SSL Certificate for $target_uid!", 1);
}
$row  = mysql_fetch_array($query_result);
$cert = $row["cert"];
$key  = $row["privkey"];

header("Content-Type: text/plain");
echo "-----BEGIN RSA PRIVATE KEY-----\n";
echo $key;
echo "-----END RSA PRIVATE KEY-----\n";
echo "-----BEGIN CERTIFICATE-----\n";
echo $cert;
echo "-----END CERTIFICATE-----\n";

80
?>