App-CamelPKI
view release on metacpan or search on metacpan
lib/App/CamelPKI/SysV/Apache.pm view on Meta::CPAN
needed to run an Apache web server: it knows how to create a
configuration file, start and stop it, manage its PID file, log files,
and so on.
In the current implementation, an instance of
I<App::CamelPKI::SysV::Apache> only listens to one TCP port in HTTP/S, and
the URLs are (mostly) interpreted relative to L<App::CamelPKI>'s standard
URL namespace. The essential feature of I<App::CamelPKI::SysV::Apache>
that the default, Catalyst-provided server lacks
(C<camel_pki_server.pl>) is the support for client-side authentication
using SSL certificates. Thanks to this feature, App-PKI is able to
use itself for its own authentication needs.
=cut
package App::CamelPKI::SysV::Apache;
use IO::File;
use IO::Socket::INET;
use Fcntl qw(:seek);
use File::Slurp;
use File::Spec::Functions qw(catfile catdir);
use App::CamelPKI::Error;
use App::CamelPKI::RestrictedClassMethod qw(:Restricted);
use App::CamelPKI::Sys qw(fork_and_do);
use App::CamelPKI::Certificate;
=head1 CONSTRUCTOR AND METHODS
=head2 load($directory)
Creates and returns an instance of I<App::CamelPKI::SysV::Apache> by
loading it from the file system. Like all constructors that take a
directory as argument, I<load> is subdued to capability discipline
using L<App::CamelPKI::RestrictedClassMethod>.
$directory is the path where the server's various persistent files are
stored (configuration file, PID file, cryptographic keys
etc). $directory must exist, but can be empty.
=cut
sub load : Restricted {
my ($class, $homedir) = @_;
# Some Apaches don't interpret relative paths properly:
$homedir = File::Spec->rel2abs($homedir);
my $self = bless {
homedir => $homedir,
}, $class;
$self->_try_and_parse_config_file;
$self->tail_error_logfile;
return $self;
}
=head2 https_port()
=head2 https_port($portnum)
Gets or set the port on which the daemon will listen for HTTP/S
requests. The default value is 443 if the current process is
privileged enough to bind to it, or 3443 otherwise. This port number
is persisted onto disk and therefore only needs to be set once.
=head2 test_php_directory()
=head2 test_php_directory($dir)
=head2 test_php_directory(undef)
Gets, sets or disables the test PHP script directory in this instance
of I<App::CamelPKI::SysV::Apache>. The default is to disable this feature,
which only serves for Camel-PKI's self-tests (unit and integration).
The value of I<test_php_directory> is persisted to disk, so that it need
not be reset at each construction. It only takes effect the next time
the server is restarted with L</start>.
=head2 has_camel_pki()
=head2 has_camel_pki($boolean)
Gets or sets the "has App-PKI" flag, which defaults to true.
Instances of I<App::CamelPKI::SysV::Apache> that have I<has_camel_pki()> set
to false do not contain the Camel-PKI application. Again, this is only
useful for tests.
The value of I<has_camel_pki> is persisted to disk, so that it need not
be reset at each construction. It only takes effect the next time the
server is restarted with L</start>.
=cut
{
my %defaults =
(https_port =>
(IO::Socket::INET->new(LocalPort => 443, ReuseAddr => 1) ?
443 : 3443),
test_php_directory => undef,
has_camel_pki => 1);
foreach my $persistent_field (keys %defaults) {
my $getsetter = sub {
my ($self, @set) = @_;
if (@set) {
($self->{$persistent_field}) = @set;
$self->_write_config_file(); # Persist
}
unless (exists($self->{$persistent_field})) {
$self->{$persistent_field} = $defaults{$persistent_field};
}
return $self->{$persistent_field};
};
no strict "refs"; *{$persistent_field} = $getsetter;
}
}
=head2 set_keys(-certificate => $cert, -key => $key,
-certification_chain => \@chain)
Installs key material that will allow this Apache daemon to
authenticate itself to its HTTP/S clients ($cert and $key, which must
( run in 0.474 second using v1.01-cache-2.11-cpan-2398b32b56e )