From c9794c061604e9214154873463f1a80f31147a95 Mon Sep 17 00:00:00 2001 From: Ermal Date: Fri, 12 Mar 2010 14:46:43 +0000 Subject: Allow user certificate to be created with the user. --- usr/local/www/system_usermanager.php | 131 ++++++++++++++++++++++++++++++++++- 1 file changed, 128 insertions(+), 3 deletions(-) (limited to 'usr/local/www/system_usermanager.php') diff --git a/usr/local/www/system_usermanager.php b/usr/local/www/system_usermanager.php index 73f7b31..9e94b17 100644 --- a/usr/local/www/system_usermanager.php +++ b/usr/local/www/system_usermanager.php @@ -183,8 +183,14 @@ if (isAllowedPage("system_usermanager")) { $reqdfields = explode(" ", "usernamefld"); $reqdfieldsn = explode(",", "Username"); } else { - $reqdfields = explode(" ", "usernamefld passwordfld1"); - $reqdfieldsn = explode(",", "Username,Password"); + if (empty($_POST['name'])) { + $reqdfields = explode(" ", "usernamefld passwordfld1"); + $reqdfieldsn = explode(",", "Username,Password"); + } else { + $reqdfields = explode(" ", "usernamefld passwordfld1 name caref keylen lifetime"); + $reqdfieldsn = explode(",", "Username,Password,Descriptive name,Certificate authority,Key length,Lifetime"); + + } } do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors); @@ -227,6 +233,12 @@ if (isAllowedPage("system_usermanager")) { } } + if (!empty($_POST['name'])) { + $ca = lookup_ca($_POST['caref']); + if (!$ca) + $input_errors[] = "Invalid internal Certificate Authority\n"; + } + /* if this is an AJAX caller then handle via JSON */ if (isAjax() && is_array($input_errors)) { input_errors2Ajax($input_errors); @@ -261,6 +273,27 @@ if (isAllowedPage("system_usermanager")) { if (isset($id) && $a_user[$id]) $a_user[$id] = $userent; else { + if (!empty($_POST['name'])) { + $cert = array(); + $userent['cert'] = array(); + + $cert['name'] = $_POST['name']; + + $subject = cert_get_subject_array($ca['crt']); + + $dn = array( + 'countryName' => $subject[0]['v'], + 'stateOrProvinceName' => $subject[1]['v'], + 'localityName' => $subject[2]['v'], + 'organizationName' => $subject[3]['v'], + 'emailAddress' => $subject[4]['v'], + 'commonName' => $userent['name']); + + cert_create($cert, $_POST['caref'], $_POST['keylen'], + (int)$_POST['lifetime'], $dn); + + $userent['cert'][] = $cert; + } $userent['uid'] = $config['system']['nextuid']++; $a_user[] = $userent; } @@ -338,6 +371,25 @@ function presubmit() { setall_selected('groups'); } +function usercertClicked(obj) { + if (obj.checked) { + document.getElementById("usercertchck").style.display="none"; + document.getElementById("usercert").style.display=""; + } else { + document.getElementById("usercert").style.display="none"; + document.getElementById("usercertchck").style.display=""; + } +} + +function sshkeyClicked(obj) { + if (obj.checked) { + document.getElementById("sshkeychck").style.display="none"; + document.getElementById("sshkey").style.display=""; + } else { + document.getElementById("sshkey").style.display="none"; + document.getElementById("sshkeychck").style.display=""; + } +} //--> + + 0): ?> + + + + + + Click to create a user certificate. + + + + 0): ?> + + + + + + + + + + + + + + + + + + + + + +
+ +
+ +
+ + bits +
+ days +
+ + + + - + + + + Click to paste a authorized key. + + + -- cgit v1.1