| | |
|---|
| | | import javax.swing.JLabel;
|
|---|
| | | import javax.swing.JOptionPane;
|
|---|
| | | import javax.swing.JPanel;
|
|---|
| | | import javax.swing.JPasswordField;
|
|---|
| | | import javax.swing.JScrollPane;
|
|---|
| | | import javax.swing.JSplitPane;
|
|---|
| | | import javax.swing.JTable;
|
|---|
| | |
|---|
| | |
|
|---|
| | | private IUserService userService;
|
|---|
| | |
|
|---|
| | | private String caKeystorePassword = null;
|
|---|
| | | private String caKeystorePassword;
|
|---|
| | |
|
|---|
| | | private JTable table;
|
|---|
| | |
|
|---|
| | |
|---|
| | | private MailExecutor mail;
|
|---|
| | |
|
|---|
| | | private JButton certificateDefaultsButton;
|
|---|
| | |
|
|---|
| | | private JButton newSSLCertificate;
|
|---|
| | |
|
|---|
| | | public static void main(String... args) {
|
|---|
| | | EventQueue.invokeLater(new Runnable() {
|
|---|
| | |
|---|
| | | }
|
|---|
| | | gitblitSettings = new FileSettings(file.getAbsolutePath());
|
|---|
| | | mail = new MailExecutor(gitblitSettings);
|
|---|
| | | caKeystorePassword = gitblitSettings.getString(Keys.server.storePassword, null);
|
|---|
| | | String us = gitblitSettings.getString(Keys.realm.userService, "users.conf");
|
|---|
| | | String ext = us.substring(us.lastIndexOf(".") + 1).toLowerCase();
|
|---|
| | | IUserService service = null;
|
|---|
| | |
|---|
| | | if (!caKeystore.exists()) {
|
|---|
| | | // show certificate defaults dialog
|
|---|
| | | certificateDefaultsButton.doClick();
|
|---|
| | | |
|---|
| | | // create "localhost" ssl certificate
|
|---|
| | | prepareX509Infrastructure();
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | private void prepareX509Infrastructure() {
|
|---|
| | | private boolean prepareX509Infrastructure() {
|
|---|
| | | if (caKeystorePassword == null) {
|
|---|
| | | JPasswordField pass = new JPasswordField(10){
|
|---|
| | | private static final long serialVersionUID = 1L;
|
|---|
| | |
|
|---|
| | | public void addNotify() |
|---|
| | | { |
|---|
| | | super.addNotify();
|
|---|
| | | requestFocusInWindow(); |
|---|
| | | } |
|---|
| | | }; |
|---|
| | | pass.setText(caKeystorePassword);
|
|---|
| | | JPanel panel = new JPanel(new BorderLayout());
|
|---|
| | | panel.add(new JLabel(Translation.get("gb.enterKeystorePassword")), BorderLayout.NORTH);
|
|---|
| | | panel.add(pass, BorderLayout.CENTER);
|
|---|
| | | int result = JOptionPane.showConfirmDialog(GitblitAuthority.this, panel, Translation.get("gb.password"), JOptionPane.OK_CANCEL_OPTION);
|
|---|
| | | if (result == JOptionPane.OK_OPTION) {
|
|---|
| | | caKeystorePassword = new String(pass.getPassword());
|
|---|
| | | } else {
|
|---|
| | | return false;
|
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | X509Metadata metadata = new X509Metadata("localhost", caKeystorePassword);
|
|---|
| | | X509Utils.prepareX509Infrastructure(metadata, folder, this);
|
|---|
| | | return true;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | private List<X509Certificate> findCerts(File folder, String username) {
|
|---|
| | |
|---|
| | | }
|
|---|
| | |
|
|---|
| | | @Override
|
|---|
| | | public void saveUser(String username, UserCertificateModel ucm) {
|
|---|
| | | userService.updateUserModel(username, ucm.user);
|
|---|
| | | public boolean saveUser(String username, UserCertificateModel ucm) {
|
|---|
| | | return userService.updateUserModel(username, ucm.user);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | @Override
|
|---|
| | | public void newCertificate(UserCertificateModel ucm, X509Metadata metadata, boolean sendEmail) {
|
|---|
| | | prepareX509Infrastructure();
|
|---|
| | | public boolean newCertificate(UserCertificateModel ucm, X509Metadata metadata, boolean sendEmail) {
|
|---|
| | | if (!prepareX509Infrastructure()) {
|
|---|
| | | return false;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | Date notAfter = metadata.notAfter;
|
|---|
| | | metadata.serverHostname = gitblitSettings.getString(Keys.web.siteName, Constants.NAME);
|
|---|
| | | if (StringUtils.isEmpty(metadata.serverHostname)) {
|
|---|
| | |
|---|
| | | File zip = X509Utils.newClientBundle(metadata, caKeystoreFile, caKeystorePassword, GitblitAuthority.this);
|
|---|
| | |
|
|---|
| | | // save latest expiration date
|
|---|
| | | if (ucm.expires == null || metadata.notAfter.after(ucm.expires)) {
|
|---|
| | | if (ucm.expires == null || metadata.notAfter.before(ucm.expires)) {
|
|---|
| | | ucm.expires = metadata.notAfter;
|
|---|
| | | }
|
|---|
| | | ucm.update(config);
|
|---|
| | |
|---|
| | | if (sendEmail) {
|
|---|
| | | sendEmail(user, metadata, zip);
|
|---|
| | | }
|
|---|
| | | return true;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | @Override
|
|---|
| | | public void revoke(UserCertificateModel ucm, X509Certificate cert, RevocationReason reason) {
|
|---|
| | | public boolean revoke(UserCertificateModel ucm, X509Certificate cert, RevocationReason reason) {
|
|---|
| | | if (!prepareX509Infrastructure()) {
|
|---|
| | | return false;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | File caRevocationList = new File(folder, X509Utils.CA_REVOCATION_LIST);
|
|---|
| | | File caKeystoreFile = new File(folder, X509Utils.CA_KEY_STORE);
|
|---|
| | | if (X509Utils.revoke(cert, reason, caRevocationList, caKeystoreFile, caKeystorePassword, GitblitAuthority.this)) {
|
|---|
| | |
|---|
| | | tableModel.fireTableDataChanged();
|
|---|
| | | table.getSelectionModel().setSelectionInterval(modelIndex, modelIndex);
|
|---|
| | |
|
|---|
| | | return true;
|
|---|
| | | }
|
|---|
| | | |
|---|
| | | return false;
|
|---|
| | | }
|
|---|
| | | };
|
|---|
| | |
|
|---|
| | |
|---|
| | | certificateConfig.duration = Integer.parseInt(durationTF.getText());
|
|---|
| | | certificateConfig.store(config, metadata);
|
|---|
| | | config.save();
|
|---|
| | | |
|---|
| | | prepareX509Infrastructure();
|
|---|
| | | } catch (Exception e1) {
|
|---|
| | | Utils.showException(GitblitAuthority.this, e1);
|
|---|
| | | }
|
|---|
| | |
|---|
| | | }
|
|---|
| | | });
|
|---|
| | |
|
|---|
| | | JButton newSSLCertificate = new JButton(new ImageIcon(getClass().getResource("/rosette_16x16.png")));
|
|---|
| | | newSSLCertificate = new JButton(new ImageIcon(getClass().getResource("/rosette_16x16.png")));
|
|---|
| | | newSSLCertificate.setFocusable(false);
|
|---|
| | | newSSLCertificate.setToolTipText(Translation.get("gb.newSSLCertificate"));
|
|---|
| | | newSSLCertificate.addActionListener(new ActionListener() {
|
|---|
| | |
|---|
| | |
|
|---|
| | | @Override
|
|---|
| | | protected Boolean doRequest() throws IOException {
|
|---|
| | | prepareX509Infrastructure();
|
|---|
| | | if (!prepareX509Infrastructure()) {
|
|---|
| | | return false;
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | // read CA private key and certificate
|
|---|
| | | File caKeystoreFile = new File(folder, X509Utils.CA_KEY_STORE);
|
|---|
| | |
|---|
| | | metadata.serverHostname = Constants.NAME;
|
|---|
| | | }
|
|---|
| | | metadata.userDisplayname = ucm.user.getDisplayName();
|
|---|
| | | sendEmail(ucm.user, metadata, zip);
|
|---|
| | | return true;
|
|---|
| | | return sendEmail(ucm.user, metadata, zip);
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | @Override
|
|---|
| | |
|---|
| | | }
|
|---|
| | | }
|
|---|
| | |
|
|---|
| | | private void sendEmail(UserModel user, X509Metadata metadata, File zip) {
|
|---|
| | | private boolean sendEmail(UserModel user, X509Metadata metadata, File zip) {
|
|---|
| | | // send email
|
|---|
| | | try {
|
|---|
| | | if (mail.isReady()) {
|
|---|
| | |
|---|
| | | message.setContent(mp);
|
|---|
| | |
|
|---|
| | | mail.sendNow(message);
|
|---|
| | | return true;
|
|---|
| | | } else {
|
|---|
| | | JOptionPane.showMessageDialog(GitblitAuthority.this, "Sorry, the mail server settings are not configured properly.\nCan not send email.", Translation.get("gb.error"), JOptionPane.ERROR_MESSAGE);
|
|---|
| | | }
|
|---|
| | | } catch (Exception e) {
|
|---|
| | | Utils.showException(GitblitAuthority.this, e);
|
|---|
| | | }
|
|---|
| | | return false;
|
|---|
| | | }
|
|---|
| | | }
|
|---|
