# HG changeset patch # User Heiko Schlittermann (JUMPER) # Date 1359470184 -3600 # Node ID 892a4fac1939a43c32ecf707f26b604a9c31a8f9 # Parent 0ed8b6a9da491ee30808ddeab15bff34a43515f3 moved the folder bin to htdocs diff -r 0ed8b6a9da49 -r 892a4fac1939 bin/index.html --- a/bin/index.html Tue Jan 29 14:06:27 2013 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,27 +0,0 @@ - - - - SSL-Zertifikat erneuern - - -

Zertifikat abgelaufen

Voraussetzung ist eine Verbindung ins Internet. Es werden keine Daten gespeichert, das verarbeitende CGI-Script gibt lediglich die eingelesenen Daten aus.

- - - diff -r 0ed8b6a9da49 -r 892a4fac1939 bin/receive_a.test --- a/bin/receive_a.test Tue Jan 29 14:06:27 2013 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,21 +0,0 @@ -#!/usr/bin/perl - -use strict; -use warnings; -use CGI; - -my ( $input, $q, $key, $wert, $param, %result ); - -#read(STDIN, $input, $ENV{'CONTENT_LENGTH'})or die "error in read: $!"; -$q = new CGI; - -$anhang = $q->param('POSTDATA'); - -my @params = split( /&/, $anhang ); - -foreach (@params) { - ( $key, $wert ) = split( /=/, $_ ); - $result{$key} = $wert; -} - -# Folgend SSL-Script diff -r 0ed8b6a9da49 -r 892a4fac1939 bin/receive_n --- a/bin/receive_n Tue Jan 29 14:06:27 2013 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,33 +0,0 @@ -#!/usr/bin/perl - -use strict; -use warnings; - -my ( - $Daten, $value, $name, $text, $anhang, $input, - $q, $key, $wert, $param, %result -); -my $i = 0; -my %Formular; -my @Formularfelder; - -$anhang = $ENV{'QUERY_STRING'}; -read( STDIN, $Daten, $ENV{'CONTENT_LENGTH'} ); -&verarbeiten; - -sub verarbeiten { - @Formularfelder = split( /&/, $Daten ); - foreach my $Feld (@Formularfelder) { - ( $name, $value ) = split( /=/, $Feld ); - $value =~ tr/+/ /; - $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; - $Formular{$name} = $value; - } -} -my @schluessel = keys(%Formular); -my @values = values(%Formular); -open( OUT, ">test" ); -print OUT ("\@schluessel: @schluessel\n\@values: @values\n"); -close OUT; - -# Folgend SSL-Script diff -r 0ed8b6a9da49 -r 892a4fac1939 bin/receive_test --- a/bin/receive_test Tue Jan 29 14:06:27 2013 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,55 +0,0 @@ -#!/usr/bin/perl - -use strict; -use warnings; -use CGI; -use CGI::Carp qw(fatalsToBrowser); - -my ( - $Daten, $value, $name, $text, $anhang, $input, - $q, $key, $wert, $param, %result -); -my $i = 0; -my %Formular; -my @Formularfelder; - -$anhang = $ENV{'QUERY_STRING'}; -read( STDIN, $Daten, $ENV{'CONTENT_LENGTH'} ); -print $Daten; -&verarbeiten; - -sub verarbeiten { - @Formularfelder = split( /&/, $Daten ); - foreach my $Feld (@Formularfelder) { - ( $name, $value ) = split( /=/, $Feld ); - $value =~ tr/+/ /; - $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; - $Formular{$name} = $value; - } -} -my @schluessel = keys(%Formular); -@schluessel = reverse @schluessel; -my @values = values(%Formular); -@values = reverse @values; - -# Folgend Test-Script - - - -# Test -my $x = 0; -open( OUT, ">/var/www/index.html" ); -print OUT ( -' -CGI-Feedback

CGI-Feedback vom Programm recieve

' -); -foreach (@schluessel) { - print OUT ( '

Feldname: ' - . $schluessel[$x] - . ' Inhalt: ' - . $values[$x] - . '
' ); - $x++; -} -print OUT (''); -close OUT; diff -r 0ed8b6a9da49 -r 892a4fac1939 bin/send_a.test --- a/bin/send_a.test Tue Jan 29 14:06:27 2013 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,32 +0,0 @@ -#!/usr/bin/perl - -use warnings; -use strict; -require LWP::UserAgent; -require CGI; -require CGI::Carp qw(fatalsToBrowser); - -my ( $cgi, $firma, $mail, $text, $url, $ua, $req ); -$cgi = new CGI; - -# Auswerten der Daten. -#$firma=$cgi->param('Firma'); -#$mail=$cgi->param('Mail'); -#$text=$cgi->param('Text'); -my @param = $cgi->param(); -open( TEST, ">test" ); -print TEST ("@param"); -close TEST; - -exit(0) - - #$url='http://192.168.0.144/cgi-bin/recieve'; - - #$ua=LWP::UserAgent->new; - #$ua->env_proxy; - - #$req=HTTP::Request->new("POST",$url); - #$req->header('Content-Type' => 'text/html'); - #$req->content('Firma=Wir&Mail=mail'); - - #$ua->request($req); diff -r 0ed8b6a9da49 -r 892a4fac1939 bin/send_n --- a/bin/send_n Tue Jan 29 14:06:27 2013 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,67 +0,0 @@ -#!/usr/bin/perl - -use warnings; -use strict; -use LWP::UserAgent; -use CGI; -use CGI::Carp qw(fatalsToBrowser); - -my ( $cgi, $feld, $feld1, $feld2, $feld3, $url, $ua, $req ); -my $x = 0; -$cgi = new CGI; - -####################### -# Auswerten der Daten # -# des Web-Formulars # -####################### - -$feld1 = $cgi->param('Firma'); -$feld2 = $cgi->param('Name'); -$feld3 = $cgi->param('Test'); - -#open( TEST, ">test" ) or die "Kann Handle nicht oeffnen!\n$!"; -#print TEST ("$feld1 ;:; $feld2 ;:; $feld3"); -#close TEST; -my @Feldnamen = $cgi->param(); - -####################### -# Senden der Daten # -# via HTTP-POST # -####################### - -$url = 'http://192.168.0.144/cgi-bin/receive'; -$ua = LWP::UserAgent->new; -$ua->env_proxy; -$ua->timeout(10); -$req = HTTP::Request->new( "POST", $url ); -$req->header( 'Content-Type' => 'text/html' ); -$req->content("Name=$feld1&Mail=$feld2&Test=$feld3"); -$ua->request($req); - -####################### -# Erstellen einer # -# Feedback-Seite zum # -# Test mit Weiter- # -# leitung # -####################### - -print $cgi->header('CGI-Feedback'), - $cgi->start_html( - -head => $cgi->meta( - { - -http_equiv => 'REFRESH', - -content => '5;URL=http://192.168.0.144/index.html' - } - ), - -title => 'CGI-Feedback' - ), - $cgi->h1( 'CGI-Feedback vom Programm ', $cgi->i('send') ); - -foreach my $Feld (@Feldnamen) { - print $cgi->strong('Feldname: '), - $Feld, - $cgi->strong(', Inhalt: '), - $cgi->param($Feld), "
"; -} -print $cgi->end_html(); -__END__ diff -r 0ed8b6a9da49 -r 892a4fac1939 bin/sslcert --- a/bin/sslcert Tue Jan 29 14:06:27 2013 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,288 +0,0 @@ -#!/usr/bin/perl -# geht ueberhaupt nicht -use 5.010; -use strict; -use warnings; - -use if $ENV{DEBUG} => "Smart::Comments"; -my $pfad = "./CA"; - - -sub menue() { - my $eg = ""; - - while (1) { - system("clear"); - print -" Willkommen beim SSL-Certificator, Ihrem nuetzlichem Perlprogramm\n zum einfachen erstellen von SSL-Zertifikaten.\n\n\n"; - print " Menue\n\n"; - print -" n - Neues Root-Zertifikat erstellen\n r - Request erstellen\n s - Request signieren\n w - Zertifikat wiederrufen\n a - Annulierungsliste erstellen\n\n q - Beenden\n\n "; - chomp($eg = ); - - given ($eg) { - when("q") { # $eg ~~ "q" - system('clear'); - exit; - } - when("n") { - system('clear'); - &rootca; - } - default { - } - } - -# SWITCH: { -# ($eg eq "q") and do { ….; last SWITCH; } -# ($eq eq "n") and do { …; last SWITCH; } -# } - -# } elsif ($eg eq 's') { -# system('clear'); -# &sign; -# } elsif ($eg eq 'r') { -# system('clear'); -# &request; -# } -# if ($eg eq 'w') { -# system('clear'); -# &revoke; -# } -# if ($eg eq 'a') { -# system('clear'); -# &revlist; -# } - } -} - -sub rootca { - my $days; - my $pk; - my $rca; - print " Ihr Zertifikat wird erstellt. Bitte warten Sie.\n"; - print " ...\n "; - - mkdir($_ = "$pfad/newcerts") or die "Can't mkdir $_: $!\n"; - - system("mkdir -p $pfad/newcerts"); # mkdir / File::Path::make_path - system("mkdir -p $pfad/private"); - - # system("echo '01' >$pfad/serial"); - { - open(my $x, ">", "$pfad/serial") or die; - print $x "01\n"; - close($x); - } - - #if (-e "$pfad/index.txt") { # RACE CONDITION - # system("/bin/rm $pfad/index.txt"); # rm -f - #} -# unlink "$pfad/index.txt"; -# system("/bin/touch $pfad/index.txt"); - { - open(my $x, ">", "$pfad/index.txt"); - close($x); - } - open(CONF, ">$pfad/openssl.cnf"); - print CONF -"#\n# OpenSSL configuration file.\n#\n\n# Establish working directory.\n\ndir = $pfad\n\n[ req ]\ndefault_bits\t\t= 1024\t\t# Size of keys\ndefault_keyfile\t\t= key.pem\t\t# name of generated keys\ndefault_md\t\t= md5\t\t# message digest algorithm\nstring_mask\t\t= nombstr\t\t# permitted characters\ndistinguished_name\t= req_distinguished_name\n\n[ req_distinguished_name ]\n# Variable name\t\t\t Prompt string\n#----------------------\t ----------------------------------\n0.organizationName\t= Organization Name (company)\norganizationalUnitName\t= Organizational Unit Name (department, division)\nemailAddress\t\t= Email Address\nemailAddress_max\t= 40\nlocalityName\t\t= Locality Name (city, district)\nstateOrProvinceName\t= State or Province Name (full name)\ncountryName\t\t= Country Name (2 letter code)\ncountryName_min\t\t= 2\ncountryName_max\t\t= 2\ncommonName\t\t= Common Name (hostname, IP, or your name)\ncommonName_max\t\t= 64\n\n# Default values for the above, for consistency and less typing.\n# Variable name\t\t\t Value\n#------------------------------\t ------------------------------\n0.organizationName_default\t= Your Company\nlocalityName_default\t\t= Your City\nstateOrProvinceName_default\t= Your Province\ncountryName_default\t\t= OO\n\n[ v3_ca ]\nbasicConstraints\t= CA:TRUE\nsubjectKeyIdentifier\t= hash\nauthorityKeyIdentifier\t= keyid:always,issuer:always"; - print CONF <<_EOT; -127.0.0.1 localhost -127.0.1.1 jumper.schlittermann.de jumper -212.80.235.130 pu.schlittermann.de ssl.schlittermann.de pu - -# The following lines are desirable for IPv6 capable hosts -::1 ip6-localhost ip6-loopback -fe00::0 ip6-localnet -ff00::0 ip6-mcastprefix -ff02::1 ip6-allnodes -ff02::2 ip6-allrouters -_EOT - - close CONF; - ; - do { - system('clear'); - print - " Wie lange soll das Zertifikat gueltig sein? (Angabe in Tagen)\n "; - chomp($days = ); - } while ($days !~ m/\d*/); - system('clear'); - print " Ihr Zertifikat wird $days Tage gueltig sein.\n "; - system( -"/usr/bin/openssl req -new -x509 -extensions v3_ca -keyout $pfad/private/cakey.pem -out $pfad/cacert.pem -days $days -config $pfad/openssl.cnf" - ); - ; - do { - system('clear'); - print -" Moechten Sie sich den Private Key ansehen?\n\n j - ja\n n - nein\n\n "; - chomp($pk = ); - system('clear'); - if ($pk eq 'j') { - system("/bin/cat $pfad/private/cakey.pem"); - ; - } - } until ($pk ne 'j' | $pk ne 'n'); - do { - system('clear'); - print -" Moechten Sie sich das Zertifikat ansehen?\n\n j - ja\n n - nein\n\n "; - chomp($rca = ); - system('clear'); - if ($rca eq 'j') { - system("/bin/cat $pfad/cacert.pem"); - ; - } - } until ($rca ne 'j' | $rca ne 'n'); - system('clear'); - &menue; -} - -sub request { - my $egreq; - my $rootpf; - my $config; - my $eg; - do { - system('clear'); - print -" Konfigurationsdatei erstellen oder Pfad angeben?\n\n e - erstellen\n p - Pfad angeben\n\n "; - chomp($eg = ); - system('clear'); - } until ($eg ne 'e' | $eg ne 'p'); - if ($eg eq 'e') { - if (-d $pfad) { - open(CONF, ">$pfad/openssl.cnf"); - print CONF -"#\n# OpenSSL configuration file.\n#\n\n# Establish working directory.\n\ndir = $pfad\n\n[ req ]\ndefault_bits\t\t= 1024\t\t# Size of keys\ndefault_keyfile\t\t= key.pem\t\t# name of generated keys\ndefault_md\t\t= md5\t\t# message digest algorithm\nstring_mask\t\t= nombstr\t\t# permitted characters\ndistinguished_name\t= req_distinguished_name\nreq_extensions\t\t= v3_req\n\n[ req_distinguished_name ]\n# Variable name\t\t\t Prompt string\n#----------------------\t ----------------------------------\n0.organizationName\t= Organization Name (company)\norganizationalUnitName\t= Organizational Unit Name (department, division)\nemailAddress\t\t= Email Address\nemailAddress_max\t= 40\nlocalityName\t\t= Locality Name (city, district)\nstateOrProvinceName\t= State or Province Name (full name)\ncountryName\t\t= Country Name (2 letter code)\ncountryName_min\t\t= 2\ncountryName_max\t\t= 2\ncommonName\t\t= Common Name (hostname, IP, or your name)\ncommonName_max\t\t= 64\n\n# Default values for the above, for consistency and less typing.\n# Variable name\t\t\t Value\n#------------------------------\t ------------------------------\n0.organizationName_default\t= Your Company\nlocalityName_default\t\t= Your City\nstateOrProvinceName_default\t= Your Province\ncountryName_default\t\t= OO\n\n[ v3_ca ]\nbasicConstraints\t\t= CA:TRUE\nsubjectKeyIdentifier\t\t= hash\nauthorityKeyIdentifier\t\t= keyid:always,issuer:always\n\n[ v3_req ]\nbasicConstraints\t\t= CA:FALSE\nsubjectKeyIdentifier\t\t= hash"; - close CONF; - } - else { - system("/bin/mkdir $pfad"); - open(CONF, ">$pfad/openssl.cnf"); - print CONF -"#\n# OpenSSL configuration file.\n#\n\n# Establish working directory.\n\ndir = $pfad\n\n[ req ]\ndefault_bits\t\t= 1024\t\t# Size of keys\ndefault_keyfile\t\t= key.pem\t\t# name of generated keys\ndefault_md\t\t= md5\t\t# message digest algorithm\nstring_mask\t\t= nombstr\t\t# permitted characters\ndistinguished_name\t= req_distinguished_name\nreq_extensions\t\t= v3_req\n\n[ req_distinguished_name ]\n# Variable name\t\t\t Prompt string\n#----------------------\t ----------------------------------\n0.organizationName\t= Organization Name (company)\norganizationalUnitName\t= Organizational Unit Name (department, division)\nemailAddress\t\t= Email Address\nemailAddress_max\t= 40\nlocalityName\t\t= Locality Name (city, district)\nstateOrProvinceName\t= State or Province Name (full name)\ncountryName\t\t= Country Name (2 letter code)\ncountryName_min\t\t= 2\ncountryName_max\t\t= 2\ncommonName\t\t= Common Name (hostname, IP, or your name)\ncommonName_max\t\t= 64\n\n# Default values for the above, for consistency and less typing.\n# Variable name\t\t\t Value\n#------------------------------\t ------------------------------\n0.organizationName_default\t= Your Company\nlocalityName_default\t\t= Your City\nstateOrProvinceName_default\t= Your Province\ncountryName_default\t\t= OO\n\n[ v3_ca ]\nbasicConstraints\t\t= CA:TRUE\nsubjectKeyIdentifier\t\t= hash\nauthorityKeyIdentifier\t\t= keyid:always,issuer:always\n\n[ v3_req ]\nbasicConstraints\t\t= CA:FALSE\nsubjectKeyIdentifier\t\t= hash"; - close CONF; - } - print " Konfigurationsdatei erstellt $pfad/openssl.cnf\n "; - ; - } - if ($eg eq 'p') { - system('clear'); - print " Bitte geben Sie den Pfad zu Ihrer Konfigurationsdatei an.\n "; - chomp($config = ); - system('clear'); - print -" Bitte achten Sie darauf, dass sie den Common Name aendern, sodass er zu Ihrer Domain passt.\n Bsp.:\n\n Domain: hostname.domainname\n secure.yourdomain.de\n\n "; - system("openssl", $pfad) - system(openssl => qw(req -new -nodes), - -out => "$pfad/req.pem", - -config => $config); - } - else { - system('clear'); - print -" Bitte achten Sie darauf, dass sie den Common Name aendern, sodass er zu Ihrer Domain passt.\n Bsp.:\n\n Domain: hostname.domainname\n secure.yourdomain.de "; - system( -"/usr/bin/openssl req -new -nodes -out $pfad/req.pem -config $pfad/openssl.cnf" - ); - } - ; - do { - system('clear'); - print " Request ueberpruefen?\n\n j - ja\n n - nein\n\n "; - chomp($egreq = ); - if ($egreq eq 'j') { - system('clear'); - system( - "/usr/bin/openssl req -in $pfad/req.pem -text -verify -noout"); - ; - } - } until ($egreq ne 'j' | $egreq ne 'n'); - system('clear'); - &menue; -} - -sub sign { - my $eg; - open(CONF, ">$pfad/openssl.cnf"); - print CONF -"#\n# OpenSSL configuration file.\n#\n\n# Establish working directory.\n\ndir = $pfad\n\n[ ca ]\ndefault_ca\t\t= CA_default\n\n[ CA_default ]\nserial\t\t\t= \$dir/serial\ndatabase\t\t= \$dir/index.txt\nnew_certs_dir\t\t= \$dir/newcerts\ncertificate\t\t= \$dir/cacert.pem\nprivate_key\t\t= \$dir/private/cakey.pem\ndefault_days\t\t= 365\ndefault_md\t\t= md5\npreserve\t\t= no\nemail_in_dn\t\t= no\nnameopt\t\t\t= default_ca\ncertopt\t\t\t= default_ca\npolicy\t\t\t= policy_match\n\n[ policy_match ]\ncountryName\t\t= match\nstateOrProvinceName\t= match\norganizationName\t= match\norganizationalUnitName\t= optional\ncommonName\t\t= supplied\nemailAddress\t\t= optional\n\n[ req ]\ndefault_bits\t\t= 1024\t\t# Size of keys\ndefault_keyfile\t\t= key.pem\t\t# name of generated keys\ndefault_md\t\t= md5\t\t# message digest algorithm\nstring_mask\t\t= nombstr\t\t# permitted characters\ndistinguished_name\t= req_distinguished_name\nreq_extensions\t\t= v3_req\n\n[ req_distinguished_name ]\n# Variable name\t\t\t Prompt string\n#----------------------\t ----------------------------------\n0.organizationName\t= Organization Name (company)\norganizationalUnitName\t= Organizational Unit Name (department, division)\nemailAddress\t\t= Email Address\nemailAddress_max\t= 40\nlocalityName\t\t= Locality Name (city, district)\nstateOrProvinceName\t= State or Province Name (full name)\ncountryName\t\t= Country Name (2 letter code)\ncountryName_min\t\t= 2\ncountryName_max\t\t= 2\ncommonName\t\t= Common Name (hostname, IP, or your name)\ncommonName_max\t\t= 64\n\n# Default values for the above, for consistency and less typing.\n# Variable name\t\t\t Value\n#------------------------------\t ------------------------------\n0.organizationName_default\t= Your Company\nlocalityName_default\t\t= Your City\nstateOrProvinceName_default\t= Your Province\ncountryName_default\t\t= OO\n\n[ v3_ca ]\nbasicConstraints\t\t= CA:TRUE\nsubjectKeyIdentifier\t\t= hash\nauthorityKeyIdentifier\t\t= keyid:always,issuer:always\n[ v3_req ]\nbasicConstraints\t\t= CA:FALSE\nsubjectKeyIdentifier\t\t= hash"; - system( -"/usr/bin/openssl ca -out $pfad/cert.pem -config $pfad/openssl.cnf -infiles $pfad/req.pem" - ); - print "Zertifikat wurde unterzeichnet"; - ; - do { - system('clear'); - print "Zertifikat ueberpruefen?\n\n j - ja\n n - nein\n\n"; - chomp($eg = ); - if ($eg eq 'j') { - system( -"/usr/bin/openssl x509 -in $pfad/cert.pem -noout -text -purpose | /bin/more" - ); - ; - } - } until ($eg ne 'j' | $eg ne 'n'); - $eg = ''; - do { - system('clear'); - print -"Sollen die lesbaren Elemente aus dem Zertifikat entfernt werden?\n\n j - ja\n n - nein\n\n"; - chomp($eg = ); - if ($eg eq 'j') { - print "...\n"; - # rename() - # File::Copy - system("/bin/mv $pfad/cert.pem $pfad/tmp.pem"); - system( - "/usr/bin/openssl x509 -in $pfad/tmp.pem -out $pfad/cert.pem"); - print "Alle lesbaren Elemente wurden entfernt."; - ; - } - } until ($eg ne 'j' | $eg ne 'n'); - &menue; -} - -sub revoke { - my $eg; - do { - print -"Welches Zertifikat soll wiederrufen werden?\nFuer Informationen zu allen Zertifikaten, schauen\nSie in die Datei index.txt.\n"; - print "Datei öffnen?\n\nj - ja\nn - nein\n\n"; - chomp($eg = ); - if ($eg eq 'j') { - open(INDEX, "<$pfad/index.txt"); - my @index = ; - print sort @index; - ; - } - } until ($eg eq 'j' | $eg eq 'n'); - print -"Welches Zertifikat soll wiederrufen werden?\n(Geben Sie die 2-stellige Nummer ein)\n"; - chomp($eg = ); - system( -"/usr/bin/openssl ca -revoke $pfad/newcerts/$eg.pem -config $pfad/openssl.cnf" - ); - print "Zertifikat $eg wiederrufen."; - ; - &menue; -} - -sub revlist { - system( -"/usr/bin/openssl ca -gencrl -crldays 31 -config $pfad/openssl.cnf -out $pfad/rootca.crl" - ); - print "Certicate Revocation List erstellt"; - ; - &menue; -} - -sub main(@) { - menue(); - exit 0; -} - -main(@ARGV); diff -r 0ed8b6a9da49 -r 892a4fac1939 bin/test --- a/bin/test Tue Jan 29 14:06:27 2013 +0100 +++ /dev/null Thu Jan 01 00:00:00 1970 +0000 @@ -1,1 +0,0 @@ - ;:; \ No newline at end of file diff -r 0ed8b6a9da49 -r 892a4fac1939 htdocs/cgi-bin/receive_a.test --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/htdocs/cgi-bin/receive_a.test Tue Jan 29 15:36:24 2013 +0100 @@ -0,0 +1,21 @@ +#!/usr/bin/perl + +use strict; +use warnings; +use CGI; + +my ( $input, $q, $key, $wert, $param, %result ); + +#read(STDIN, $input, $ENV{'CONTENT_LENGTH'})or die "error in read: $!"; +$q = new CGI; + +$anhang = $q->param('POSTDATA'); + +my @params = split( /&/, $anhang ); + +foreach (@params) { + ( $key, $wert ) = split( /=/, $_ ); + $result{$key} = $wert; +} + +# Folgend SSL-Script diff -r 0ed8b6a9da49 -r 892a4fac1939 htdocs/cgi-bin/receive_n --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/htdocs/cgi-bin/receive_n Tue Jan 29 15:36:24 2013 +0100 @@ -0,0 +1,33 @@ +#!/usr/bin/perl + +use strict; +use warnings; + +my ( + $Daten, $value, $name, $text, $anhang, $input, + $q, $key, $wert, $param, %result +); +my $i = 0; +my %Formular; +my @Formularfelder; + +$anhang = $ENV{'QUERY_STRING'}; +read( STDIN, $Daten, $ENV{'CONTENT_LENGTH'} ); +&verarbeiten; + +sub verarbeiten { + @Formularfelder = split( /&/, $Daten ); + foreach my $Feld (@Formularfelder) { + ( $name, $value ) = split( /=/, $Feld ); + $value =~ tr/+/ /; + $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; + $Formular{$name} = $value; + } +} +my @schluessel = keys(%Formular); +my @values = values(%Formular); +open( OUT, ">test" ); +print OUT ("\@schluessel: @schluessel\n\@values: @values\n"); +close OUT; + +# Folgend SSL-Script diff -r 0ed8b6a9da49 -r 892a4fac1939 htdocs/cgi-bin/receive_test --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/htdocs/cgi-bin/receive_test Tue Jan 29 15:36:24 2013 +0100 @@ -0,0 +1,55 @@ +#!/usr/bin/perl + +use strict; +use warnings; +use CGI; +use CGI::Carp qw(fatalsToBrowser); + +my ( + $Daten, $value, $name, $text, $anhang, $input, + $q, $key, $wert, $param, %result +); +my $i = 0; +my %Formular; +my @Formularfelder; + +$anhang = $ENV{'QUERY_STRING'}; +read( STDIN, $Daten, $ENV{'CONTENT_LENGTH'} ); +print $Daten; +&verarbeiten; + +sub verarbeiten { + @Formularfelder = split( /&/, $Daten ); + foreach my $Feld (@Formularfelder) { + ( $name, $value ) = split( /=/, $Feld ); + $value =~ tr/+/ /; + $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; + $Formular{$name} = $value; + } +} +my @schluessel = keys(%Formular); +@schluessel = reverse @schluessel; +my @values = values(%Formular); +@values = reverse @values; + +# Folgend Test-Script + + + +# Test +my $x = 0; +open( OUT, ">/var/www/index.html" ); +print OUT ( +' +CGI-Feedback

CGI-Feedback vom Programm recieve

' +); +foreach (@schluessel) { + print OUT ( '

Feldname: ' + . $schluessel[$x] + . ' Inhalt: ' + . $values[$x] + . '
' ); + $x++; +} +print OUT (''); +close OUT; diff -r 0ed8b6a9da49 -r 892a4fac1939 htdocs/cgi-bin/send_a.test --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/htdocs/cgi-bin/send_a.test Tue Jan 29 15:36:24 2013 +0100 @@ -0,0 +1,32 @@ +#!/usr/bin/perl + +use warnings; +use strict; +require LWP::UserAgent; +require CGI; +require CGI::Carp qw(fatalsToBrowser); + +my ( $cgi, $firma, $mail, $text, $url, $ua, $req ); +$cgi = new CGI; + +# Auswerten der Daten. +#$firma=$cgi->param('Firma'); +#$mail=$cgi->param('Mail'); +#$text=$cgi->param('Text'); +my @param = $cgi->param(); +open( TEST, ">test" ); +print TEST ("@param"); +close TEST; + +exit(0) + + #$url='http://192.168.0.144/cgi-bin/recieve'; + + #$ua=LWP::UserAgent->new; + #$ua->env_proxy; + + #$req=HTTP::Request->new("POST",$url); + #$req->header('Content-Type' => 'text/html'); + #$req->content('Firma=Wir&Mail=mail'); + + #$ua->request($req); diff -r 0ed8b6a9da49 -r 892a4fac1939 htdocs/cgi-bin/send_n --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/htdocs/cgi-bin/send_n Tue Jan 29 15:36:24 2013 +0100 @@ -0,0 +1,67 @@ +#!/usr/bin/perl + +use warnings; +use strict; +use LWP::UserAgent; +use CGI; +use CGI::Carp qw(fatalsToBrowser); + +my ( $cgi, $feld, $feld1, $feld2, $feld3, $url, $ua, $req ); +my $x = 0; +$cgi = new CGI; + +####################### +# Auswerten der Daten # +# des Web-Formulars # +####################### + +$feld1 = $cgi->param('Firma'); # FIXME: mueller & meier +$feld2 = $cgi->param('Name'); +$feld3 = $cgi->param('Test'); + +#open( TEST, ">test" ) or die "Kann Handle nicht oeffnen!\n$!"; +#print TEST ("$feld1 ;:; $feld2 ;:; $feld3"); +#close TEST; +my @Feldnamen = $cgi->param(); + +####################### +# Senden der Daten # +# via HTTP-POST # +####################### + +$url = 'http://192.168.0.144/cgi-bin/receive'; +$ua = LWP::UserAgent->new; +$ua->env_proxy; +$ua->timeout(10); +$req = HTTP::Request->new( "POST", $url ); +$req->header( 'Content-Type' => 'text/html' ); +$req->content("Name=$feld1&Mail=$feld2&Test=$feld3"); +$ua->request($req); + +####################### +# Erstellen einer # +# Feedback-Seite zum # +# Test mit Weiter- # +# leitung # +####################### + +print $cgi->header('CGI-Feedback'), + $cgi->start_html( + -head => $cgi->meta( + { + -http_equiv => 'REFRESH', + -content => '5;URL=http://192.168.0.144/index.html' + } + ), + -title => 'CGI-Feedback' + ), + $cgi->h1( 'CGI-Feedback vom Programm ', $cgi->i('send') ); + +foreach my $Feld (@Feldnamen) { + print $cgi->strong('Feldname: '), + $Feld, + $cgi->strong(', Inhalt: '), + $cgi->param($Feld), "
"; +} +print $cgi->end_html(); +__END__ diff -r 0ed8b6a9da49 -r 892a4fac1939 htdocs/index.html --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/htdocs/index.html Tue Jan 29 15:36:24 2013 +0100 @@ -0,0 +1,27 @@ + + + + SSL-Zertifikat erneuern + + +

Zertifikat abgelaufen

Voraussetzung ist eine Verbindung ins Internet. Es werden keine Daten gespeichert, das verarbeitende CGI-Script gibt lediglich die eingelesenen Daten aus.

+ + + diff -r 0ed8b6a9da49 -r 892a4fac1939 htdocs/sslcert --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/htdocs/sslcert Tue Jan 29 15:36:24 2013 +0100 @@ -0,0 +1,288 @@ +#!/usr/bin/perl +# geht ueberhaupt nicht +use 5.010; +use strict; +use warnings; + +use if $ENV{DEBUG} => "Smart::Comments"; +my $pfad = "./CA"; + + +sub menue() { + my $eg = ""; + + while (1) { + system("clear"); + print +" Willkommen beim SSL-Certificator, Ihrem nuetzlichem Perlprogramm\n zum einfachen erstellen von SSL-Zertifikaten.\n\n\n"; + print " Menue\n\n"; + print +" n - Neues Root-Zertifikat erstellen\n r - Request erstellen\n s - Request signieren\n w - Zertifikat wiederrufen\n a - Annulierungsliste erstellen\n\n q - Beenden\n\n "; + chomp($eg = ); + + given ($eg) { + when("q") { # $eg ~~ "q" + system('clear'); + exit; + } + when("n") { + system('clear'); + &rootca; + } + default { + } + } + +# SWITCH: { +# ($eg eq "q") and do { ….; last SWITCH; } +# ($eq eq "n") and do { …; last SWITCH; } +# } + +# } elsif ($eg eq 's') { +# system('clear'); +# &sign; +# } elsif ($eg eq 'r') { +# system('clear'); +# &request; +# } +# if ($eg eq 'w') { +# system('clear'); +# &revoke; +# } +# if ($eg eq 'a') { +# system('clear'); +# &revlist; +# } + } +} + +sub rootca { + my $days; + my $pk; + my $rca; + print " Ihr Zertifikat wird erstellt. Bitte warten Sie.\n"; + print " ...\n "; + + mkdir($_ = "$pfad/newcerts") or die "Can't mkdir $_: $!\n"; + + system("mkdir -p $pfad/newcerts"); # mkdir / File::Path::make_path + system("mkdir -p $pfad/private"); + + # system("echo '01' >$pfad/serial"); + { + open(my $x, ">", "$pfad/serial") or die; + print $x "01\n"; + close($x); + } + + #if (-e "$pfad/index.txt") { # RACE CONDITION + # system("/bin/rm $pfad/index.txt"); # rm -f + #} +# unlink "$pfad/index.txt"; +# system("/bin/touch $pfad/index.txt"); + { + open(my $x, ">", "$pfad/index.txt"); + close($x); + } + open(CONF, ">$pfad/openssl.cnf"); + print CONF +"#\n# OpenSSL configuration file.\n#\n\n# Establish working directory.\n\ndir = $pfad\n\n[ req ]\ndefault_bits\t\t= 1024\t\t# Size of keys\ndefault_keyfile\t\t= key.pem\t\t# name of generated keys\ndefault_md\t\t= md5\t\t# message digest algorithm\nstring_mask\t\t= nombstr\t\t# permitted characters\ndistinguished_name\t= req_distinguished_name\n\n[ req_distinguished_name ]\n# Variable name\t\t\t Prompt string\n#----------------------\t ----------------------------------\n0.organizationName\t= Organization Name (company)\norganizationalUnitName\t= Organizational Unit Name (department, division)\nemailAddress\t\t= Email Address\nemailAddress_max\t= 40\nlocalityName\t\t= Locality Name (city, district)\nstateOrProvinceName\t= State or Province Name (full name)\ncountryName\t\t= Country Name (2 letter code)\ncountryName_min\t\t= 2\ncountryName_max\t\t= 2\ncommonName\t\t= Common Name (hostname, IP, or your name)\ncommonName_max\t\t= 64\n\n# Default values for the above, for consistency and less typing.\n# Variable name\t\t\t Value\n#------------------------------\t ------------------------------\n0.organizationName_default\t= Your Company\nlocalityName_default\t\t= Your City\nstateOrProvinceName_default\t= Your Province\ncountryName_default\t\t= OO\n\n[ v3_ca ]\nbasicConstraints\t= CA:TRUE\nsubjectKeyIdentifier\t= hash\nauthorityKeyIdentifier\t= keyid:always,issuer:always"; + print CONF <<_EOT; +127.0.0.1 localhost +127.0.1.1 jumper.schlittermann.de jumper +212.80.235.130 pu.schlittermann.de ssl.schlittermann.de pu + +# The following lines are desirable for IPv6 capable hosts +::1 ip6-localhost ip6-loopback +fe00::0 ip6-localnet +ff00::0 ip6-mcastprefix +ff02::1 ip6-allnodes +ff02::2 ip6-allrouters +_EOT + + close CONF; + ; + do { + system('clear'); + print + " Wie lange soll das Zertifikat gueltig sein? (Angabe in Tagen)\n "; + chomp($days = ); + } while ($days !~ m/\d*/); + system('clear'); + print " Ihr Zertifikat wird $days Tage gueltig sein.\n "; + system( +"/usr/bin/openssl req -new -x509 -extensions v3_ca -keyout $pfad/private/cakey.pem -out $pfad/cacert.pem -days $days -config $pfad/openssl.cnf" + ); + ; + do { + system('clear'); + print +" Moechten Sie sich den Private Key ansehen?\n\n j - ja\n n - nein\n\n "; + chomp($pk = ); + system('clear'); + if ($pk eq 'j') { + system("/bin/cat $pfad/private/cakey.pem"); + ; + } + } until ($pk ne 'j' | $pk ne 'n'); + do { + system('clear'); + print +" Moechten Sie sich das Zertifikat ansehen?\n\n j - ja\n n - nein\n\n "; + chomp($rca = ); + system('clear'); + if ($rca eq 'j') { + system("/bin/cat $pfad/cacert.pem"); + ; + } + } until ($rca ne 'j' | $rca ne 'n'); + system('clear'); + &menue; +} + +sub request { + my $egreq; + my $rootpf; + my $config; + my $eg; + do { + system('clear'); + print +" Konfigurationsdatei erstellen oder Pfad angeben?\n\n e - erstellen\n p - Pfad angeben\n\n "; + chomp($eg = ); + system('clear'); + } until ($eg ne 'e' | $eg ne 'p'); + if ($eg eq 'e') { + if (-d $pfad) { + open(CONF, ">$pfad/openssl.cnf"); + print CONF +"#\n# OpenSSL configuration file.\n#\n\n# Establish working directory.\n\ndir = $pfad\n\n[ req ]\ndefault_bits\t\t= 1024\t\t# Size of keys\ndefault_keyfile\t\t= key.pem\t\t# name of generated keys\ndefault_md\t\t= md5\t\t# message digest algorithm\nstring_mask\t\t= nombstr\t\t# permitted characters\ndistinguished_name\t= req_distinguished_name\nreq_extensions\t\t= v3_req\n\n[ req_distinguished_name ]\n# Variable name\t\t\t Prompt string\n#----------------------\t ----------------------------------\n0.organizationName\t= Organization Name (company)\norganizationalUnitName\t= Organizational Unit Name (department, division)\nemailAddress\t\t= Email Address\nemailAddress_max\t= 40\nlocalityName\t\t= Locality Name (city, district)\nstateOrProvinceName\t= State or Province Name (full name)\ncountryName\t\t= Country Name (2 letter code)\ncountryName_min\t\t= 2\ncountryName_max\t\t= 2\ncommonName\t\t= Common Name (hostname, IP, or your name)\ncommonName_max\t\t= 64\n\n# Default values for the above, for consistency and less typing.\n# Variable name\t\t\t Value\n#------------------------------\t ------------------------------\n0.organizationName_default\t= Your Company\nlocalityName_default\t\t= Your City\nstateOrProvinceName_default\t= Your Province\ncountryName_default\t\t= OO\n\n[ v3_ca ]\nbasicConstraints\t\t= CA:TRUE\nsubjectKeyIdentifier\t\t= hash\nauthorityKeyIdentifier\t\t= keyid:always,issuer:always\n\n[ v3_req ]\nbasicConstraints\t\t= CA:FALSE\nsubjectKeyIdentifier\t\t= hash"; + close CONF; + } + else { + system("/bin/mkdir $pfad"); + open(CONF, ">$pfad/openssl.cnf"); + print CONF +"#\n# OpenSSL configuration file.\n#\n\n# Establish working directory.\n\ndir = $pfad\n\n[ req ]\ndefault_bits\t\t= 1024\t\t# Size of keys\ndefault_keyfile\t\t= key.pem\t\t# name of generated keys\ndefault_md\t\t= md5\t\t# message digest algorithm\nstring_mask\t\t= nombstr\t\t# permitted characters\ndistinguished_name\t= req_distinguished_name\nreq_extensions\t\t= v3_req\n\n[ req_distinguished_name ]\n# Variable name\t\t\t Prompt string\n#----------------------\t ----------------------------------\n0.organizationName\t= Organization Name (company)\norganizationalUnitName\t= Organizational Unit Name (department, division)\nemailAddress\t\t= Email Address\nemailAddress_max\t= 40\nlocalityName\t\t= Locality Name (city, district)\nstateOrProvinceName\t= State or Province Name (full name)\ncountryName\t\t= Country Name (2 letter code)\ncountryName_min\t\t= 2\ncountryName_max\t\t= 2\ncommonName\t\t= Common Name (hostname, IP, or your name)\ncommonName_max\t\t= 64\n\n# Default values for the above, for consistency and less typing.\n# Variable name\t\t\t Value\n#------------------------------\t ------------------------------\n0.organizationName_default\t= Your Company\nlocalityName_default\t\t= Your City\nstateOrProvinceName_default\t= Your Province\ncountryName_default\t\t= OO\n\n[ v3_ca ]\nbasicConstraints\t\t= CA:TRUE\nsubjectKeyIdentifier\t\t= hash\nauthorityKeyIdentifier\t\t= keyid:always,issuer:always\n\n[ v3_req ]\nbasicConstraints\t\t= CA:FALSE\nsubjectKeyIdentifier\t\t= hash"; + close CONF; + } + print " Konfigurationsdatei erstellt $pfad/openssl.cnf\n "; + ; + } + if ($eg eq 'p') { + system('clear'); + print " Bitte geben Sie den Pfad zu Ihrer Konfigurationsdatei an.\n "; + chomp($config = ); + system('clear'); + print +" Bitte achten Sie darauf, dass sie den Common Name aendern, sodass er zu Ihrer Domain passt.\n Bsp.:\n\n Domain: hostname.domainname\n secure.yourdomain.de\n\n "; + system("openssl", $pfad) + system(openssl => qw(req -new -nodes), + -out => "$pfad/req.pem", + -config => $config); + } + else { + system('clear'); + print +" Bitte achten Sie darauf, dass sie den Common Name aendern, sodass er zu Ihrer Domain passt.\n Bsp.:\n\n Domain: hostname.domainname\n secure.yourdomain.de "; + system( +"/usr/bin/openssl req -new -nodes -out $pfad/req.pem -config $pfad/openssl.cnf" + ); + } + ; + do { + system('clear'); + print " Request ueberpruefen?\n\n j - ja\n n - nein\n\n "; + chomp($egreq = ); + if ($egreq eq 'j') { + system('clear'); + system( + "/usr/bin/openssl req -in $pfad/req.pem -text -verify -noout"); + ; + } + } until ($egreq ne 'j' | $egreq ne 'n'); + system('clear'); + &menue; +} + +sub sign { + my $eg; + open(CONF, ">$pfad/openssl.cnf"); + print CONF +"#\n# OpenSSL configuration file.\n#\n\n# Establish working directory.\n\ndir = $pfad\n\n[ ca ]\ndefault_ca\t\t= CA_default\n\n[ CA_default ]\nserial\t\t\t= \$dir/serial\ndatabase\t\t= \$dir/index.txt\nnew_certs_dir\t\t= \$dir/newcerts\ncertificate\t\t= \$dir/cacert.pem\nprivate_key\t\t= \$dir/private/cakey.pem\ndefault_days\t\t= 365\ndefault_md\t\t= md5\npreserve\t\t= no\nemail_in_dn\t\t= no\nnameopt\t\t\t= default_ca\ncertopt\t\t\t= default_ca\npolicy\t\t\t= policy_match\n\n[ policy_match ]\ncountryName\t\t= match\nstateOrProvinceName\t= match\norganizationName\t= match\norganizationalUnitName\t= optional\ncommonName\t\t= supplied\nemailAddress\t\t= optional\n\n[ req ]\ndefault_bits\t\t= 1024\t\t# Size of keys\ndefault_keyfile\t\t= key.pem\t\t# name of generated keys\ndefault_md\t\t= md5\t\t# message digest algorithm\nstring_mask\t\t= nombstr\t\t# permitted characters\ndistinguished_name\t= req_distinguished_name\nreq_extensions\t\t= v3_req\n\n[ req_distinguished_name ]\n# Variable name\t\t\t Prompt string\n#----------------------\t ----------------------------------\n0.organizationName\t= Organization Name (company)\norganizationalUnitName\t= Organizational Unit Name (department, division)\nemailAddress\t\t= Email Address\nemailAddress_max\t= 40\nlocalityName\t\t= Locality Name (city, district)\nstateOrProvinceName\t= State or Province Name (full name)\ncountryName\t\t= Country Name (2 letter code)\ncountryName_min\t\t= 2\ncountryName_max\t\t= 2\ncommonName\t\t= Common Name (hostname, IP, or your name)\ncommonName_max\t\t= 64\n\n# Default values for the above, for consistency and less typing.\n# Variable name\t\t\t Value\n#------------------------------\t ------------------------------\n0.organizationName_default\t= Your Company\nlocalityName_default\t\t= Your City\nstateOrProvinceName_default\t= Your Province\ncountryName_default\t\t= OO\n\n[ v3_ca ]\nbasicConstraints\t\t= CA:TRUE\nsubjectKeyIdentifier\t\t= hash\nauthorityKeyIdentifier\t\t= keyid:always,issuer:always\n[ v3_req ]\nbasicConstraints\t\t= CA:FALSE\nsubjectKeyIdentifier\t\t= hash"; + system( +"/usr/bin/openssl ca -out $pfad/cert.pem -config $pfad/openssl.cnf -infiles $pfad/req.pem" + ); + print "Zertifikat wurde unterzeichnet"; + ; + do { + system('clear'); + print "Zertifikat ueberpruefen?\n\n j - ja\n n - nein\n\n"; + chomp($eg = ); + if ($eg eq 'j') { + system( +"/usr/bin/openssl x509 -in $pfad/cert.pem -noout -text -purpose | /bin/more" + ); + ; + } + } until ($eg ne 'j' | $eg ne 'n'); + $eg = ''; + do { + system('clear'); + print +"Sollen die lesbaren Elemente aus dem Zertifikat entfernt werden?\n\n j - ja\n n - nein\n\n"; + chomp($eg = ); + if ($eg eq 'j') { + print "...\n"; + # rename() + # File::Copy + system("/bin/mv $pfad/cert.pem $pfad/tmp.pem"); + system( + "/usr/bin/openssl x509 -in $pfad/tmp.pem -out $pfad/cert.pem"); + print "Alle lesbaren Elemente wurden entfernt."; + ; + } + } until ($eg ne 'j' | $eg ne 'n'); + &menue; +} + +sub revoke { + my $eg; + do { + print +"Welches Zertifikat soll wiederrufen werden?\nFuer Informationen zu allen Zertifikaten, schauen\nSie in die Datei index.txt.\n"; + print "Datei öffnen?\n\nj - ja\nn - nein\n\n"; + chomp($eg = ); + if ($eg eq 'j') { + open(INDEX, "<$pfad/index.txt"); + my @index = ; + print sort @index; + ; + } + } until ($eg eq 'j' | $eg eq 'n'); + print +"Welches Zertifikat soll wiederrufen werden?\n(Geben Sie die 2-stellige Nummer ein)\n"; + chomp($eg = ); + system( +"/usr/bin/openssl ca -revoke $pfad/newcerts/$eg.pem -config $pfad/openssl.cnf" + ); + print "Zertifikat $eg wiederrufen."; + ; + &menue; +} + +sub revlist { + system( +"/usr/bin/openssl ca -gencrl -crldays 31 -config $pfad/openssl.cnf -out $pfad/rootca.crl" + ); + print "Certicate Revocation List erstellt"; + ; + &menue; +} + +sub main(@) { + menue(); + exit 0; +} + +main(@ARGV); diff -r 0ed8b6a9da49 -r 892a4fac1939 htdocs/test --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/htdocs/test Tue Jan 29 15:36:24 2013 +0100 @@ -0,0 +1,1 @@ + ;:; \ No newline at end of file

Firma:	-
Mail:
Test:

Firma:	+
Mail:
Test: