Start9/start-os
2
0
Fork 0
mirror of https://github.com/Start9Labs/start-os.git synced 2026-03-26 02:11:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

set content disposition for cert (#2527)

Browse Source 
* set content disposition for cert
* update content type for cert
* remove unnecessary frontend download attr
This commit is contained in:
Aiden McClelland
2023-11-20 11:54:05 -07:00
committed by GitHub
parent 04bd1cfa41
commit efdc558cba
7 changed files with 16 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
core/startos/src/db/model.rs
View File

@@ -22,7 +22,7 @@ use crate::net::utils::{get_iface_ipv4_addr, get_iface_ipv6_addr};
use crate::prelude::*; use crate::prelude::*;
use crate::s9pk::manifest::{Manifest, PackageId}; use crate::s9pk::manifest::{Manifest, PackageId};
use crate::status::Status; use crate::status::Status;
use crate::util::cpupower::{get_preferred_governor, Governor}; use crate::util::cpupower::{Governor};
use crate::util::Version; use crate::util::Version;
use crate::version::{Current, VersionT}; use crate::version::{Current, VersionT};
use crate::{ARCH, PLATFORM}; use crate::{ARCH, PLATFORM};

6
core/startos/src/init.rs
View File

@@ -4,7 +4,7 @@ use std::path::Path;
use std::time::{Duration, SystemTime}; use std::time::{Duration, SystemTime};
use color_eyre::eyre::eyre; use color_eyre::eyre::eyre;
use helpers::NonDetachingJoinHandle;
use models::ResultExt; use models::ResultExt;
use rand::random; use rand::random;
use sqlx::{Pool, Postgres}; use sqlx::{Pool, Postgres};
@@ -18,9 +18,9 @@ use crate::disk::mount::util::unmount;
use crate::install::PKG_ARCHIVE_DIR; use crate::install::PKG_ARCHIVE_DIR;
use crate::middleware::auth::LOCAL_AUTH_COOKIE_PATH; use crate::middleware::auth::LOCAL_AUTH_COOKIE_PATH;
use crate::prelude::*; use crate::prelude::*;
use crate::sound::BEP;
use crate::util::cpupower::{ use crate::util::cpupower::{
current_governor, get_available_governors, get_preferred_governor, set_governor, get_available_governors, get_preferred_governor, set_governor,
}; };
use crate::util::docker::{create_bridge_network, CONTAINER_DATADIR, CONTAINER_TOOL}; use crate::util::docker::{create_bridge_network, CONTAINER_DATADIR, CONTAINER_TOOL};
use crate::util::Invoke; use crate::util::Invoke;

2
core/startos/src/net/keys.rs
View File

@@ -280,7 +280,7 @@ pub fn test_keygen() {
key.openssl_key_nistp256(); key.openssl_key_nistp256();
} }
fn display_requires_reboot(arg: RequiresReboot, matches: &ArgMatches) { fn display_requires_reboot(arg: RequiresReboot, _matches: &ArgMatches) {
if arg.0 { if arg.0 {
println!("Server must be restarted for changes to take effect"); println!("Server must be restarted for changes to take effect");
} }

12
core/startos/src/net/static_server.rs
View File

@@ -23,6 +23,7 @@ use tokio_util::io::ReaderStream;
use crate::context::{DiagnosticContext, InstallContext, RpcContext, SetupContext}; use crate::context::{DiagnosticContext, InstallContext, RpcContext, SetupContext};
use crate::core::rpc_continuations::RequestGuid; use crate::core::rpc_continuations::RequestGuid;
use crate::db::subscribe; use crate::db::subscribe;
use crate::hostname::Hostname;
use crate::install::PKG_PUBLIC_DIR; use crate::install::PKG_PUBLIC_DIR;
use crate::middleware::auth::{auth as auth_middleware, HasValidSession}; use crate::middleware::auth::{auth as auth_middleware, HasValidSession};
use crate::middleware::cors::cors; use crate::middleware::cors::cors;
@@ -339,7 +340,8 @@ async fn main_embassy_ui(req: Request<Body>, ctx: RpcContext) -> Result<Response
.await .await
} }
(&Method::GET, Some(("eos", "local.crt"))) => { (&Method::GET, Some(("eos", "local.crt"))) => {
cert_send(&ctx.account.read().await.root_ca_cert) let account = ctx.account.read().await;
cert_send(&account.root_ca_cert, &account.hostname)
} }
(&Method::GET, _) => { (&Method::GET, _) => {
let uri_path = UiMode::Main.path( let uri_path = UiMode::Main.path(
@@ -405,7 +407,7 @@ fn bad_request() -> Response<Body> {
.unwrap() .unwrap()
} }
fn cert_send(cert: &X509) -> Result<Response<Body>, Error> { fn cert_send(cert: &X509, hostname: &Hostname) -> Result<Response<Body>, Error> {
let pem = cert.to_pem()?; let pem = cert.to_pem()?;
Response::builder() Response::builder()
.status(StatusCode::OK) .status(StatusCode::OK)
@@ -417,8 +419,12 @@ fn cert_send(cert: &X509) -> Result<Response<Body>, Error> {
) )
.to_lowercase(), .to_lowercase(),
) )
.header(http::header::CONTENT_TYPE, "application/x-pem-file") .header(http::header::CONTENT_TYPE, "application/x-x509-ca-cert")
.header(http::header::CONTENT_LENGTH, pem.len()) .header(http::header::CONTENT_LENGTH, pem.len())
.header(
http::header::CONTENT_DISPOSITION,
format!("attachment; filename={}.crt", &hostname.0),
)
.body(Body::from(pem)) .body(Body::from(pem))
.with_kind(ErrorKind::Network) .with_kind(ErrorKind::Network)
} }

3
web/projects/ui/src/app/pages/login/ca-wizard/ca-wizard.component.html
View File

@@ -100,7 +100,4 @@
<a <a
id="install-cert" id="install-cert"
href="/eos/local.crt" href="/eos/local.crt"
[download]="
config.isLocal() ? document.location.hostname + '.crt' : 'startos.crt'
"
></a> ></a>

4
web/projects/ui/src/app/pages/server-routes/lan/lan.page.html
View File

@@ -26,7 +26,7 @@
</ion-label> </ion-label>
</ion-item> </ion-item>
<ion-item button (click)="installCert()" [disabled]="!(crtName$ | async)"> <ion-item button (click)="installCert()">
<ion-icon slot="start" name="download-outline" size="large"></ion-icon> <ion-icon slot="start" name="download-outline" size="large"></ion-icon>
<ion-label> <ion-label>
<h1>Download Root CA</h1> <h1>Download Root CA</h1>
@@ -35,5 +35,5 @@
</ion-item-group> </ion-item-group>
<!-- hidden element for downloading cert --> <!-- hidden element for downloading cert -->
<a id="install-cert" href="/eos/local.crt" [download]="crtName$ | async"></a> <a id="install-cert" href="/eos/local.crt"></a>
</ion-content> </ion-content>

4
web/projects/ui/src/app/pages/server-routes/lan/lan.page.ts
View File

@@ -10,10 +10,6 @@ import { DataModel } from 'src/app/services/patch-db/data-model'
changeDetection: ChangeDetectionStrategy.OnPush, changeDetection: ChangeDetectionStrategy.OnPush,
}) })
export class LANPage { export class LANPage {
readonly crtName$ = this.patch
.watch$('server-info', 'lan-address')
.pipe(map(addr => `${new URL(addr).hostname}.crt`))
constructor(private readonly patch: PatchDB<DataModel>) {} constructor(private readonly patch: PatchDB<DataModel>) {}
installCert(): void { installCert(): void {