From 1a2618319aa58dc4a71a5fdfab136041a7ea7534 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=82=B1=E5=8D=9A=E4=BA=9E?= Date: Sat, 25 Mar 2023 14:07:05 +0800 Subject: [PATCH] auto convert cer to cert --- .../admin/site_panel_controller.rb | 2 +- app/models/site_cert.rb | 29 ++++++++++++------- 2 files changed, 20 insertions(+), 11 deletions(-) diff --git a/app/controllers/admin/site_panel_controller.rb b/app/controllers/admin/site_panel_controller.rb index db40102..e52871e 100644 --- a/app/controllers/admin/site_panel_controller.rb +++ b/app/controllers/admin/site_panel_controller.rb @@ -156,7 +156,7 @@ class Admin::SitePanelController < OrbitAdminController render :layout => false end def cert_management - @site_certs = SiteCert.all.page(params[:page]).per(10) + @site_certs = SiteCert.all.order_by(id: :desc).page(params[:page]).per(10) @filter_fields = {} params[:keywords] = params[:keywords].to_s.gsub("*","\\*") @site_certs = search_data(@site_certs,[:domain_names]) diff --git a/app/models/site_cert.rb b/app/models/site_cert.rb index 4d12882..f382943 100644 --- a/app/models/site_cert.rb +++ b/app/models/site_cert.rb @@ -32,14 +32,25 @@ class SiteCert end def change_data if !@skip_callback - cert_file_md5 = `openssl x509 -noout -modulus -in #{self.cert_file.file.file} | openssl md5` + org_cert_file_name = self.cert_file.file.file.to_s + cert_file_name = org_cert_file_name.sub(/.cer$/, '.crt') + if org_cert_file_name != cert_file_name + if File.open(org_cert_file_name, 'r').read().match(/\A\s*---/) + new_sf = CarrierWave::SanitizedFile.new(self.cert_file.file.move_to(cert_file_name)) + else + `openssl x509 --inform DER -in #{org_cert_file_name} --out #{cert_file_name}` + new_sf = CarrierWave::SanitizedFile.new(cert_file_name) + end + self.cert_file.cache!(new_sf) + end + cert_file_md5 = `openssl x509 -noout -modulus -in #{cert_file_name} | openssl md5` private_key_md5 = `openssl rsa -noout -modulus -in #{self.private_key.file.file} | openssl md5` is_valid = (cert_file_md5 == private_key_md5) - domain_names = `openssl x509 -text < #{self.cert_file.file.file} | grep 'DNS:' | sed 's/\s*DNS:\([a-z0-9.\-]*\)[,\s]\?/\1 /g'`.split('DNS:').map{|s| s.sub(',','').strip}.select{|s| s.present?} rescue [] + domain_names = `openssl x509 -text < #{cert_file_name} | grep 'DNS:' | sed 's/\s*DNS:\([a-z0-9.\-]*\)[,\s]\?/\1 /g'`.split('DNS:').map{|s| s.sub(',','').strip}.select{|s| s.present?} rescue [] if domain_names.length == 0 - domain_names = [`openssl x509 -text < #{self.cert_file.file.file} | grep 'Subject' | grep 'CN =' | grep 'Subject' | grep 'CN =' |sed 's/\s*Subject: //g'`[0...-1].split(/, | = /).each_slice(2).to_h['CN']] rescue [] + domain_names = [`openssl x509 -text < #{cert_file_name} | grep 'Subject' | grep 'CN =' | grep 'Subject' | grep 'CN =' |sed 's/\s*Subject: //g'`[0...-1].split(/, | = /).each_slice(2).to_h['CN']] rescue [] end - sign_algo_valid = `openssl x509 -text < #{self.cert_file.file.file} | grep 'Signature Algorithm: sha1'`[0...-1].blank? rescue false + sign_algo_valid = `openssl x509 -text < #{cert_file_name} | grep 'Signature Algorithm: sha1'`[0...-1].blank? rescue false invalid_messages = [] if !is_valid invalid_messages << 'cert and key not match' @@ -56,18 +67,16 @@ class SiteCert end if domain_names.blank? self.is_valid = false - @skip_callback = true - self.save(:validate=>false) else - start_date_text = `openssl x509 -text < #{self.cert_file.file.file} -startdate -noout`.split('=').last.strip - end_date_text = `openssl x509 -text < #{self.cert_file.file.file} -enddate -noout`.split('=').last.strip + start_date_text = `openssl x509 -text < #{cert_file_name} -startdate -noout`.split('=').last.strip + end_date_text = `openssl x509 -text < #{cert_file_name} -enddate -noout`.split('=').last.strip self.start_date = DateTime.parse(start_date_text) rescue nil self.end_date = DateTime.parse(end_date_text) rescue nil self.is_valid = is_valid self.domain_names = domain_names - @skip_callback = true - self.save(:validate=>false) end + @skip_callback = true + self.save(:validate=>false) @skip_callback = false false end