diff options
author | Jo-Philipp Wich <jo@mein.io> | 2019-12-16 18:14:16 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-12-16 18:14:16 +0100 |
commit | 3136a7a51a567bb6c21a9d978ad3f8282238ed5b (patch) | |
tree | 60c29f5839d4cbcfcccb69ea030d9b2fe48fdcd6 /applications/luci-app-ocserv | |
parent | ab07b8c4d960925fe3467ea666871965b5b34259 (diff) | |
parent | c81ca8dae3e914b41b754e1cdc7cad3aeead9e66 (diff) |
Merge pull request #3411 from nmav/tmp-ocserv-fix-keyid
ocserv: fix the public key ID calculation
Diffstat (limited to 'applications/luci-app-ocserv')
-rw-r--r-- | applications/luci-app-ocserv/luasrc/model/cbi/ocserv/main.lua | 31 |
1 files changed, 5 insertions, 26 deletions
diff --git a/applications/luci-app-ocserv/luasrc/model/cbi/ocserv/main.lua b/applications/luci-app-ocserv/luasrc/model/cbi/ocserv/main.lua index 396dedd4a3..6194a18dca 100644 --- a/applications/luci-app-ocserv/luasrc/model/cbi/ocserv/main.lua +++ b/applications/luci-app-ocserv/luasrc/model/cbi/ocserv/main.lua @@ -17,35 +17,14 @@ local e = s:taboption("general", Flag, "enable", translate("Enable server")) e.rmempty = false e.default = "1" -local o_sha = s:taboption("general", DummyValue, "sha_hash", translate("Server's certificate SHA1 hash"), - translate("That value should be communicated to the client to verify the server's certificate")) local o_pki = s:taboption("general", DummyValue, "pkid", translate("Server's Public Key ID"), - translate("An alternative value to be communicated to the client to verify the server's certificate; this value only depends on the public key")) + translate("The value to be communicated to the client to verify the server's certificate; this value only depends on the public key")) -local fd = io.popen("/usr/bin/certtool -i --infile /etc/ocserv/server-cert.pem", "r") +local fd = io.popen("/usr/bin/certtool --hash sha256 --key-id --infile /etc/ocserv/server-cert.pem", "r") if fd then local ln - local found_sha = false - local found_pki = false - local complete = 0 - while complete < 2 do - local ln = fd:read("*l") - if not ln then - break - elseif ln:match("SHA%-?1 fingerprint:") then - found_sha = true - elseif found_sha then - local hash = ln:match("([a-f0-9]+)") - o_sha.default = hash and hash:upper() - complete = complete + 1 - found_sha = false - elseif ln:match("Public Key I[Dd]:") then - found_pki = true - elseif found_pki then - local hash = ln:match("([a-f0-9]+)") - o_pki.default = hash and "sha1:" .. hash:upper() - complete = complete + 1 - found_pki = false - end + local ln = fd:read("*l") + if ln then + o_pki.default = "sha256:" .. ln end fd:close() end |