function to get the list of valid certs for a fqdn

2018-06-22 19:38:05 +02:00 · 2018-06-22 19:38:05 +02:00 · 3dbb4d68ac
parent 272cee3f5f
commit 3dbb4d68ac
1 changed files with 43 additions and 9 deletions
--- a/bureau/class/m_ssl.php
+++ b/bureau/class/m_ssl.php
@ -290,33 +290,67 @@ class m_ssl {
     * return the list of certificates by order of preference (2 lasts bein the default FQDN and the snakeoil if necessary)
     * keys: id, provider, crt, chain, key, validstart, validend
     */
-    function get_valid_certs($fqdn) {
+    function get_valid_certs($fqdn, $provider="") {
        global $db, $msg, $cuid;
        $db->query("SELECT * FROM certificates WHERE status=".self::STATUS_OK." ORDER BY validstart DESC;");
-        $good=array();
+        $good=array(); // list of good certificates
+        $bof=array(); // good but not with the right provider 
        $bad=array(); 
-        $ugly=array();
        $wildcard="*".substr($fqdn,strpos($fqdn,".");
        $defaultwild="*".substr($this->default_certificate_fqdn,strpos($this->default_certificate_fqdn,".");

        while($db->next_record()) {
-            $good=false
+            $found=false;
            if ($db->Record["fqdn"]==$fqdn || $db->Record["fqdn"]==$wildcard) {
-                $good=true;
+                $found=true;
            } else {
                $alts=explode("\n",$db->Record["altnames"]);
                foreach($alts as $alt) {
                    if ($alt==$fqdn || $alt==$wildcard) {
-                        $good=true;
+                        $found=true;
                        break;
                    }
                }
            }
-            if ($good) {
+            if ($found) {
+                if ($provider=="" || $provider=$db->Record["provider"]) {
                    $good[]=$db->Record;
+                } else {
+                    $bof[]=$db->Record;
+                }
+            }
+            // search for the default one, the one used by the panel
+            if (!count($bad)) {
+                $found=false;
+                if ($db->Record["fqdn"]==$this->default_certificate_fqdn || $db->Record["fqdn"]==$defaultwild) {
+                    $found=true;
+                } else {
+                    $alts=explode("\n",$db->Record["altnames"]);
+                    foreach($alts as $alt) {
+                        if ($alt==$this->default_certificate_fqdn || $alt==$defaultwild) {
+                            $found=true;
+                            break;
+                        }
+                    }
+                }
+                if ($found) {
+                    $bad=$db->Record;
+                }
            }
            // TODO : manages BAD (default) and UGLY (snakeoil)
        }
+        // add the one with the bad provider
+        if (count($bof)) {
+            $good=array_merge($good,$bof);
+        }
+        if (count($bad)) {
+            $good[]=$bad;
+        }
+        // $ugly Add the Snakeoil : #0
+        $db->query("SELECT * FROM certificates WHERE id=0;");
+        if ($db->next_record()) {
+            $good[]=$db->Record;
+        }
        return $good;
    }