Sindbad~EG File Manager

Current Path : /opt/nginxhttpd_/etc/openresty_config/lua/lib/
Upload File :
Current File : //opt/nginxhttpd_/etc/openresty_config/lua/lib/o2switch_ssl.lua

--[[
    This file contains a modules with the functions related to the handling of SSL inside Openresty.
--]]

local _M = {}

local debug = require "lib/o2switch_debug"
local config = require "lib/o2switch_config"
local redis = require "lib/o2switch_redis"
local ngxSsl = require "ngx.ssl"
local tostring = tostring
local type = type 

--- (low level / private) Get the CRT from the RedisDB. Also convert it to the DER format for Nginx. Used by getCrt()
-- @param name The domain name (without the WWW)
-- @return Certificate in the DER Format|nil, ErrorMessage|nil, TTL (the return is compatible with the ml-cache)
function _M.getCrtFromRedis(name)
    debug.debug('getCrtFromRedis() called for ' .. name .. ' (no cache)')

    local content, err = nil, nil
    if config.serverType == 'mutu' then
        content, err = redis.retryableGetElmFromRedis('rawSslContent', name)
    else
        content, err = redis.retryableGetElmFromRedis('sslCrt', name)
    end

    if err ~= nil then
        debug.debugErr("Failed to get the CRT (from Redis) for " .. name .. ' : ' .. tostring(err))
        return nil, err, 0
    end

    if type(content) ~= 'string' then
        debug.debug("Failed to get the CRT (from Redis) for " .. name)
        return nil, nil,  config.TTL_ERR
    end

    -- convert to the right format for Nginx
    local der_cert_chain, err = ngxSsl.cert_pem_to_der(content)
    if not der_cert_chain then
        debug.debugErr( "Unable to load PEM for: " .. name .. " err: " .. err)
        return nil, 'Unable to load PEM for ' .. name, config.TTL_ERR
    end

    debug.debug('Returned value type' .. type(der_cert_chain))

    return der_cert_chain, nil, config.TTL_OK
end

--- (low level / private) Get the SSL Key from the RedisDB. Convert it to DER format for Nginx. Used by getKey()
-- @param name The domain name (without the WWW)
-- @return Key in the DER Format|nil, ErrorMessage|nil, TTL (the return is compatible with the ml-cache)
function _M.getKeyFromRedis(name)
    debug.debug('getKeyFromRedis() called for ' .. name .. ' (no cache)')

    local content, err = nil, nil
    if config.serverType == 'mutu' then
        content, err = redis.retryableGetElmFromRedis('rawSslContent', name)
    else
        content, err = redis.retryableGetElmFromRedis('sslKey', name)
    end

    if err ~= nil then
        debug.debugErr("Failed to get the KEY (from Redis) for " .. name .. ' : ' .. tostring(err))
        return nil, err, 0
    end

    if type(content) ~= 'string' then
        debug.debug("Failed to get the KEY (from Redis) for " .. name)
        return nil, nil, config.TTL_ERR
    end

    -- Convert to the right format for Nginx
    local der_priv_key, err = ngxSsl.priv_key_pem_to_der(content)
    if not der_priv_key then
        debug.debugErr("Unable to load PEM KEY for: " .. name .. ' : ' .. tostring(err))
        return nil, 'Unable to load PEM KEY for ' .. name, config.TTL_ERR
    end

    return der_priv_key, nil, config.TTL_OK
end

return _M

Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists