diff options
Diffstat (limited to 'debian/perl-framework/t/htdocs/modules/cgi/ocsp.pl.PL')
-rw-r--r-- | debian/perl-framework/t/htdocs/modules/cgi/ocsp.pl.PL | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/debian/perl-framework/t/htdocs/modules/cgi/ocsp.pl.PL b/debian/perl-framework/t/htdocs/modules/cgi/ocsp.pl.PL new file mode 100644 index 0000000..efdbe8b --- /dev/null +++ b/debian/perl-framework/t/htdocs/modules/cgi/ocsp.pl.PL @@ -0,0 +1,78 @@ +use File::Temp qw/:POSIX/; + +my $caroot = $ENV{SSL_CA_ROOT}; + +if (! -d $caroot) { + print <<EOT +Status: 500 Internal Server Error +Content-Type: text/plain + +Cannot find CA root at "$ENV{SSL_CA_ROOT}" +EOT + ; + print STDERR "SSL_CA_ROOT env var not set or can't find CA root.\n"; + exit(1); +} + +chdir($caroot); + +my $filein = tmpnam(); +my $fileout = tmpnam(); + +# Enable slurp mode (read all lines at once) +local $/; + +# Copy STDIN to $filein, which will be used as input for openssl +open(IN, '>', "$filein") or die "Could not open file '$filein' for write: $!"; +binmode IN; +print IN <STDIN>; +close(IN); + +my $cmd = 'openssl ocsp -CA certs/ca.crt'. + ' -index index.txt'. + ' -rsigner certs/server.crt'. + ' -rkey keys/server.pem'. + ' -reqin ' . $filein . + ' -respout ' . $fileout; +system($cmd); + +# Check system result +my $err = ''; +if ($? == -1) { + my $err = "failed to execute '$cmd': $!\n"; +} +elsif ($? & 127) { + my $err = sprintf("child '$cmd' died with signal %d, %s coredump\n", + ($? & 127), ($? & 128) ? 'with' : 'without'); +} +else { + my $rc = $? >> 8; + my $err = "child '$cmd' exited with value $rc\n" if $rc; +} + +unlink($filein); + +if ($err ne '') { + print <<EOT +Status: 500 Internal Server Error +Content-Type: text/plain + +$err +EOT + ; + print STDERR $err; + exit(1); +} + +print <<EOT +Content-Type: application/ocsp-response + +EOT +; + +# Copy openssl result from $fileout to STDOUT +open(OUT, '<', "$fileout") or die "Could not open file '$fileout' for read: $!"; +binmode OUT; +print <OUT>; +close(OUT); +unlink($fileout); |