Roxen.git / server / etc / modules / CertDB.pmod

version» Context lines:

Roxen.git/server/etc/modules/CertDB.pmod:11:   #else   # define SSL3_WERR(X ...)   #endif         // Some convenience constants.   protected local constant Compound = Standards.ASN1.Types.Compound;   protected local constant Identifier = Standards.ASN1.Types.Identifier;   protected local constant Sequence = Standards.ASN1.Types.Sequence;    + protected typedef mapping(string:int|string) sql_row; +    //! - array(mapping(string:int|string)) list_keys() + array(sql_row) list_keys()   {    Sql.Sql db = DBManager.cached_get("roxen");    return db->typed_query("SELECT * "    " FROM cert_keys "    " ORDER BY id ASC");   }      //! - array(mapping(string:int|string)) list_keypairs() + array(sql_row) list_keypairs()   {    Sql.Sql db = DBManager.cached_get("roxen");    return db->typed_query("SELECT * "    " FROM cert_keypairs "    " ORDER BY cert_id ASC, key_id ASC");   }      //! - mapping(string:int|string) get_cert(int cert_id) + sql_row get_cert(int cert_id)   {    Sql.Sql db = DBManager.cached_get("roxen");    array(mapping(string:int|string)) res =    db->typed_query("SELECT * "    " FROM certs "    " WHERE id = %d",    cert_id);    if (!sizeof(res)) return 0;    return res[0];   }
Roxen.git/server/etc/modules/CertDB.pmod:88:   {    // FIXME: Support X.509v2?    Sequence seq = Standards.ASN1.Decode.secure_der_decode(dn, ([]));    return format_dn(seq);   }      protected void low_refresh_pem(int pem_id, int|void force)   {    Sql.Sql db = DBManager.cached_get("roxen");    -  array(mapping(string:int|string)) tmp = +  array(sql_row) tmp =    db->typed_query("SELECT * "    " FROM cert_pem_files "    " WHERE id = %d",    pem_id);    if (!sizeof(tmp)) return;    -  mapping(string:int|string) pem_info = tmp[0]; +  sql_row pem_info = tmp[0];    -  array(mapping(string:int|string)) certs = ({}); -  array(mapping(string:int|string)) keys = ({}); +  array(sql_row) certs = ({}); +  array(sql_row) keys = ({});       string pem_file = pem_info->path;       if (!sizeof(pem_file)) return;       string raw_pem;    string pem_hash;       Stdio.Stat st = lfile_stat(pem_file);    if (st) {
Roxen.git/server/etc/modules/CertDB.pmod:230:    SSL3_WERR("Unsupported PEM message: %O\n", msg->pre);    break;    }    }    };    if (err) {    werror("Failed to handle PEM file:\n");    master()->handle_error(err);    }    -  foreach(keys, mapping(string:string|int) key_info) { +  foreach(keys, sql_row key_info) {    tmp = db->typed_query("SELECT * "    " FROM cert_keys "    " WHERE keyhash = %s",    key_info->keyhash);    if (!sizeof(tmp)) {    db->query("INSERT INTO cert_keys "    " (pem_id, msg_no, keyhash, data) "    "VALUES (%d, %d, %s, %s)",    key_info->pem_id, key_info->msg_no,    key_info->keyhash, key_info->data);    key_info->id = db->master_sql->insert_id();       // Check if we have any matching certificates that currently lack keys,    // and add corresponding keypairs.    foreach(db->typed_query("SELECT * "    " FROM certs "    " WHERE keyhash = %s "    " ORDER BY id ASC",    key_info->keyhash), -  mapping(string:string|int) cert_info) { +  sql_row cert_info) {    if (sizeof(db->query("SELECT * "    " FROM cert_keypairs "    " WHERE cert_id = %d",    cert_info->id))) {    // Keypair already exists.    continue;    }    string name = format_dn(cert_info->subject);    if (cert_info->issuer == cert_info->subject) {    name += " (self-signed)";
Roxen.git/server/etc/modules/CertDB.pmod:280:    // Zap any stale or update in progress marker for the key.    db->query("UPDATE cert_keys "    " SET pem_id = %d, "    " msg_no = %d "    " WHERE id = %d",    key_info->pem_id, key_info->msg_no,    tmp[0]->id);    }    }    -  foreach(certs, mapping(string:string|int) cert_info) { +  foreach(certs, sql_row cert_info) {    tmp = db->typed_query("SELECT * "    " FROM certs "    " WHERE keyhash = %s "    " AND subject = %s "    " AND issuer = %s",    cert_info->keyhash,    cert_info->subject,    cert_info->issuer);    if (!sizeof(tmp)) {    db->query("INSERT INTO certs "
Roxen.git/server/etc/modules/CertDB.pmod:422:   //!   //! @note   //! Return value differs from that of @[register_pem_files()].   //!   //! @seealso   //! @[register_pem_files()]   protected int low_register_pem_file(string pem_file, string|void password)   {    Sql.Sql db = DBManager.cached_get("roxen");    -  array(mapping(string:int|string)) row = +  array(sql_row) row =    db->typed_query("SELECT * "    " FROM cert_pem_files "    " WHERE path = %s",    pem_file);    int pem_id;    if (sizeof(row)) {    pem_id = row[0]->id;    if (password && (row[0]->pass != password)) {    db->query("UPDATE cert_pem_files "    " SET pass = %s "
Roxen.git/server/etc/modules/CertDB.pmod:517:    return sort(keypairs);   }      //! Get the private key and the list of certificates given a keypair id.   array(Crypto.Sign.State|array(string)) get_keypair(int keypair_id)   {    // FIXME: Consider having a keypair lookup cache.       Sql.Sql db = DBManager.cached_get("roxen");    -  array(mapping(string:string|int)) tmp = +  array(sql_row) tmp =    db->typed_query("SELECT * "    " FROM cert_keypairs "    " WHERE id = %d",    keypair_id);    if (!sizeof(tmp)) return 0;       int key_id = tmp[0]->key_id;    int cert_id = tmp[0]->cert_id;       tmp = db->typed_query("SELECT * "