function to get the list of valid certs for a fqdn
This commit is contained in:
Benjamin Sonntag
parent
272cee3f5f
commit
3dbb4d68ac
|
|
@ -290,33 +290,67 @@ class m_ssl {
|
||||||
* return the list of certificates by order of preference (2 lasts bein the default FQDN and the snakeoil if necessary)
|
* return the list of certificates by order of preference (2 lasts bein the default FQDN and the snakeoil if necessary)
|
||||||
* keys: id, provider, crt, chain, key, validstart, validend
|
* keys: id, provider, crt, chain, key, validstart, validend
|
||||||
*/
|
*/
|
||||||
function get_valid_certs($fqdn) {
|
function get_valid_certs($fqdn, $provider="") {
|
||||||
global $db, $msg, $cuid;
|
global $db, $msg, $cuid;
|
||||||
$db->query("SELECT * FROM certificates WHERE status=".self::STATUS_OK." ORDER BY validstart DESC;");
|
$db->query("SELECT * FROM certificates WHERE status=".self::STATUS_OK." ORDER BY validstart DESC;");
|
||||||
$good=array();
|
$good=array(); // list of good certificates
|
||||||
|
$bof=array(); // good but not with the right provider
|
||||||
$bad=array();
|
$bad=array();
|
||||||
$ugly=array();
|
|
||||||
$wildcard="*".substr($fqdn,strpos($fqdn,".");
|
$wildcard="*".substr($fqdn,strpos($fqdn,".");
|
||||||
$defaultwild="*".substr($this->default_certificate_fqdn,strpos($this->default_certificate_fqdn,".");
|
$defaultwild="*".substr($this->default_certificate_fqdn,strpos($this->default_certificate_fqdn,".");
|
||||||
|
|
||||||
while($db->next_record()) {
|
while($db->next_record()) {
|
||||||
$good=false
|
$found=false;
|
||||||
if ($db->Record["fqdn"]==$fqdn || $db->Record["fqdn"]==$wildcard) {
|
if ($db->Record["fqdn"]==$fqdn || $db->Record["fqdn"]==$wildcard) {
|
||||||
$good=true;
|
$found=true;
|
||||||
} else {
|
} else {
|
||||||
$alts=explode("\n",$db->Record["altnames"]);
|
$alts=explode("\n",$db->Record["altnames"]);
|
||||||
foreach($alts as $alt) {
|
foreach($alts as $alt) {
|
||||||
if ($alt==$fqdn || $alt==$wildcard) {
|
if ($alt==$fqdn || $alt==$wildcard) {
|
||||||
$good=true;
|
$found=true;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ($good) {
|
if ($found) {
|
||||||
$good[]=$db->Record;
|
if ($provider=="" || $provider=$db->Record["provider"]) {
|
||||||
|
$good[]=$db->Record;
|
||||||
|
} else {
|
||||||
|
$bof[]=$db->Record;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
// search for the default one, the one used by the panel
|
||||||
|
if (!count($bad)) {
|
||||||
|
$found=false;
|
||||||
|
if ($db->Record["fqdn"]==$this->default_certificate_fqdn || $db->Record["fqdn"]==$defaultwild) {
|
||||||
|
$found=true;
|
||||||
|
} else {
|
||||||
|
$alts=explode("\n",$db->Record["altnames"]);
|
||||||
|
foreach($alts as $alt) {
|
||||||
|
if ($alt==$this->default_certificate_fqdn || $alt==$defaultwild) {
|
||||||
|
$found=true;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if ($found) {
|
||||||
|
$bad=$db->Record;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
// TODO : manages BAD (default) and UGLY (snakeoil)
|
// TODO : manages BAD (default) and UGLY (snakeoil)
|
||||||
}
|
}
|
||||||
|
// add the one with the bad provider
|
||||||
|
if (count($bof)) {
|
||||||
|
$good=array_merge($good,$bof);
|
||||||
|
}
|
||||||
|
if (count($bad)) {
|
||||||
|
$good[]=$bad;
|
||||||
|
}
|
||||||
|
// $ugly Add the Snakeoil : #0
|
||||||
|
$db->query("SELECT * FROM certificates WHERE id=0;");
|
||||||
|
if ($db->next_record()) {
|
||||||
|
$good[]=$db->Record;
|
||||||
|
}
|
||||||
return $good;
|
return $good;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue