Merge pull request #8 from araujorm/report_exec_error

Report error if ca list command failed
nunofernandes · Nov 25, 2022 · 934abec · 934abec
2 parents dfde67a + 2f06741
commit 934abec
Showing 1 changed file with 23 additions and 11 deletions.
diff --git a/application/controllers/IndexController.php b/application/controllers/IndexController.php
@@ -46,7 +46,15 @@ public function indexAction()
                     ))->activate('ca');
 
 	    if($this->params->isEmpty()) {
-	         $this->view->calist = $this->parseIcingaCaList();
+	         $list = $this->parseIcingaCaList();
+	         if ($list === false) {
+	             $this->view->authz=false;
+                     $this->view->authmsg=
+                          $this->translate("Error running command, please check sudo settings.");
+	         }
+                 else {
+	             $this->view->calist = $list;
+                 }
             } elseif ($this->params->has('fingerprint')) {
                  $this->view->sign = $this->signCertificate($this->params->shift('fingerprint'));
             } else {
@@ -101,23 +109,27 @@ public function parseIcingaCaList()
 			$command = $this->command . " ca list --all";
 		}
 
-		$output = shell_exec($command." 2>&1");
-        $temp = preg_split('/\n/', $output, -1, PREG_SPLIT_NO_EMPTY);
-        $lines = preg_grep('/RLIMIT_/', $temp, PREG_GREP_INVERT);
+		$output = array();
+		$execres = exec($command." 2>&1", $output, $retcode);
+		if (!$execres || $retcode) {
+	            	return false;
+		}
+        $lines = preg_grep('/RLIMIT_/', $output, PREG_GREP_INVERT);
         $lines = array_values($lines);
 	# remove first 2 elements
         unset($lines[0]);
         unset($lines[1]);
 
 	$result = array();
         foreach ($lines as $line) {
-            preg_match('/(\w{64})\s+\|\s+([^|]+)\s+\|\s+(\*?)\s*\|\s+CN\s+=\s+(.*)/', $line, $parsed, PREG_OFFSET_CAPTURE);
-	    array_push($result, array(
-			"fingerprint"  => $parsed[1][0],
-	    		"timestamp"    => $parsed[2][0],
-            		"signed"       => $parsed[3][0],
-            		"subject"      => $parsed[4][0],
-		) );
+            if (preg_match('/(\w{64})\s+\|\s+([^|]+)\s+\|\s+(\*?)\s*\|\s+CN\s+=\s+(.*)/', $line, $parsed, PREG_OFFSET_CAPTURE)) {
+	        array_push($result, array(
+	            	"fingerprint"  => $parsed[1][0],
+	        	"timestamp"    => $parsed[2][0],
+                	"signed"       => $parsed[3][0],
+                	"subject"      => $parsed[4][0],
+	        ) );
+            }
 	}
 	return $result;
     }