#!/bin/sh

. /etc/functions.sh
OPENSSL="openssl req "
REQ_TMP="/var/certificate_request_tmp"
REQ_OUT="/var/certificate_request_out"

SSL_CFG="/etc/ssl/openssl.cnf"
TMP_REQ_EXTENSION="/var/req_extension"
TMP_OPENSSL_CONF="/var/tmp_openssl.conf"
REQ_EXT_WORD="req_ext"
strExt=""

MAX_CNT=256

certreq_handle() {

$OPENSSL -in  $REQ_TMP -noout -subject -out $REQ_OUT

	if [ ! -e $REQ_OUT ]; then
		rm $REQ_TMP;
		echo "Requset file is invalid"
		json set uploadreq status=reqfileinvalid
		return 99;
	fi
	
name=$( echo $1  |cut -d"." -f 1);
#cursub=$(cat $REQ_OUT | grep subject | cut -c 9-100);
cursub=$(cat $REQ_OUT | grep subject | sed 's/^.*CN=//g' |sed 's/\/.*//g');
status="Remote Requesting";

num=$(uci show rcertificate | grep -c certificatereq)
if [ "$num" -ge "$MAX_CNT" ]; then
	echo "The max entries of Remote Certificate is $MAX_CNT"
	json set uploadreq status=entryexceed
	return 0;
fi

uci set rcertificate.$name=certificatereq  
uci set rcertificate.$name.subject="$cursub"  
uci set rcertificate.$name.status="$status"	  

uci commit rcertificate;
mv $REQ_TMP /etc/ipsec.d/certs/$name.pem
rm $REQ_OUT;
echo "Import Success"
json set uploadreq status=importsuccess
return 0;
}

if [ ! -s $1 ];then
certreq_handle $1 
fi