# HG changeset patch # User Matthias Förste # Date 1403863798 -7200 # Node ID 887fe77c925dea95d99af29ebc346229d075f0e5 # Parent 798995e20d0ba2a72e35e84ef4df1b84b71e5521# Parent 3f0838843487e2c9a7570bc54d76ea3366ddaa61 [merged] diff -r 3f0838843487 -r 887fe77c925d .hgignore --- a/.hgignore Fri Jun 27 12:08:59 2014 +0200 +++ b/.hgignore Fri Jun 27 12:09:58 2014 +0200 @@ -5,3 +5,4 @@ ^htpasswd$ ^t$ ^(key|crt)\.pem$ +\.deb$ diff -r 3f0838843487 -r 887fe77c925d .hgtags --- a/.hgtags Fri Jun 27 12:08:59 2014 +0200 +++ b/.hgtags Fri Jun 27 12:09:58 2014 +0200 @@ -11,3 +11,5 @@ 0000000000000000000000000000000000000000 stable e7c1991f7d2ba4840b3223a5cee0523710e930a2 https 99e8455f50dca66041337a45e30a7272ff40dcde basicauth +0000000000000000000000000000000000000000 basicauth +0000000000000000000000000000000000000000 https diff -r 3f0838843487 -r 887fe77c925d .perltidyrc --- a/.perltidyrc Fri Jun 27 12:08:59 2014 +0200 +++ b/.perltidyrc Fri Jun 27 12:09:58 2014 +0200 @@ -1,1 +1,2 @@ -/home/heiko/.perltidyrc \ No newline at end of file +--paren-tightness=2 +--square-bracket-tightness=2 diff -r 3f0838843487 -r 887fe77c925d debian/control --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/debian/control Fri Jun 27 12:09:58 2014 +0200 @@ -0,0 +1,12 @@ +#!/usr/bin/equivs-build +Section: misc +Priority: optional +Standards-Version: 3.9.4 + +Package: hlog-deps +Depends: perl, perl-modules, libauthen-simple-passwd-perl, libcwd-perl | perl + (>=5), libgetopt-long-perl | perl (>=5), libio-socket-inet-perl | perl + (>=5.6), libio-socket-ssl-perl, libmime-base64-perl | perl (>=5.7.3), + libpod-usage-perl | perl (>=5.6), libposix-perl | perl (>=5), gnutls-bin +Description: Depends for hlog + Depends for hlog diff -r 3f0838843487 -r 887fe77c925d hlog.pl --- a/hlog.pl Fri Jun 27 12:08:59 2014 +0200 +++ b/hlog.pl Fri Jun 27 12:09:58 2014 +0200 @@ -1,6 +1,6 @@ #! /usr/bin/perl -# HTTP access to some (log) file +# HTTP(S) access to some (log) file # Copyright (C) 2009 Heiko Schlittermann # # This program is free software: you can redistribute it and/or modify @@ -30,6 +30,9 @@ use MIME::Base64 qw(decode_base64); use IO::Socket::INET; use IO::Socket::SSL; +use File::Temp qw/tempdir/; +use File::Path; +use Sys::Hostname; my $ME = basename $0; @@ -42,8 +45,8 @@ my $opt_debug = 0; my $opt_htpasswd = "htpasswd"; my $opt_ssl = 1; -my $opt_ssl_cert = "crt.pem"; -my $opt_ssl_key = "key.pem"; +my $opt_ssl_cert = "*"; +my $opt_ssl_key = "*"; # these vars will be filled with the real dirs later my $rundir = ["/var/run/$ME", "$ENV{HOME}/.$ME"]; @@ -80,8 +83,8 @@ sub bad_request(); sub date1123(;$); - -sub authenticated($$); +sub authenticate($$); +sub certtool(); my %FILE; @@ -109,7 +112,7 @@ $opt_ssl = 0; } - foreach ($opt_htpasswd, $opt_ssl_key, $opt_ssl_cert) { + foreach ($opt_htpasswd) { $_ = abs_path($_) if defined; } @@ -168,6 +171,11 @@ $FILE{$tag} = $file; } + # read key/cert or generate key/cert + certtool(); + ### $opt_ssl_key + ### $opt_ssl_cert + # Start the listener, just a normal INET socket, # SSL will be started later on, if needed.. my $listener = new IO::Socket::INET( @@ -241,6 +249,7 @@ SSL_key_file => $opt_ssl_key, SSL_cert_file => $opt_ssl_cert, ); + warn IO::Socket::SSL::errstr(), "\n"; $client->start_SSL; } handle_request($client); @@ -460,6 +469,47 @@ $auth->authenticate(split /:/, decode_base64($userinfo)); } +sub certtool() { + my $dir = tempdir(CLEANUP => 1); + + # look for the certtool + grep { -x "$_/certtool" } split /:/, $ENV{PATH} + or die +"certtool binary not found in $ENV{PATH}, may be you should install gnutls\n"; + + if ($opt_ssl_key eq "*") { + warn "Creating the private key\n"; + system("certtool --generate-privkey --outfile $dir/key 2>$dir/err"); + die "can't generate private key\n" if $?; + $opt_ssl_key = "$dir/key"; + } + + if ($opt_ssl_cert eq "*") { + + # write the template for (self) signing + my $f = new IO::File ">$dir/template"; + print $f <<___; +cn = @{[hostname]} +serial = @{[time]} +expiration_days = 9999 +tls_www_server +___ + close($f); + + warn "self signing the certificate\n"; + system( "certtool --generate-self-signed " + . "--template $dir/template " + . "--load-privkey $opt_ssl_key " + . "--outfile $dir/cert 2>$dir/err"); + $opt_ssl_cert = "$dir/cert"; + unlink "$dir/template"; + } + + $opt_ssl_key = abs_path($opt_ssl_key); + $opt_ssl_cert = abs_path($opt_ssl_cert); + +} + __END__ =head1 NAME @@ -471,7 +521,7 @@ hlog [--[no]daemon] [--[no]debug] [-k|--kill] - [-a|--address address] [-p|--port port] + [--address address] [-p|--port port] [--lines n] [--htpasswd path] [--[no]ssl] @@ -493,7 +543,7 @@ =over -=item B<-a>|B<--address> I
+=item B<--address> I
The address to listen on. (default: 0.0.0.0) diff -r 3f0838843487 -r 887fe77c925d modules --- a/modules Fri Jun 27 12:08:59 2014 +0200 +++ b/modules Fri Jun 27 12:09:58 2014 +0200 @@ -1,1 +1,9 @@ -Crypt::PasswdMD5 libcrypt-passwdmd5-perl +Authen::Simple::Passwd +Cwd +File::Basename +Getopt::Long +IO::Socket::INET +IO::Socket::SSL +MIME::Base64 +Pod::Usage +POSIX