diff --git a/bureau/admin/dom_ssl.inc.php b/bureau/admin/dom_ssl.inc.php index cd58fcb9..6b3b2049 100644 --- a/bureau/admin/dom_ssl.inc.php +++ b/bureau/admin/dom_ssl.inc.php @@ -56,11 +56,20 @@ for($i=0;$i<$r["nsub"];$i++) { if (!$r["sub"][$i]["only_dns"]) { continue; } - echo "
\n"; + $fqdn=$r["sub"][$i]["name"].(($r["sub"][$i]["name"])?".":"").$r["name"]; + $certs = $ssl->get_valid_certs($fqdn); + echo ""; - echo "".$r["name"].(($r["name"])?".":"").$r["sub"][$i]["name"].""; + echo "".$fqdn.""; echo ""; echo ""; echo ""; diff --git a/bureau/class/m_ssl.php b/bureau/class/m_ssl.php index e4d75a48..dff259d5 100644 --- a/bureau/class/m_ssl.php +++ b/bureau/class/m_ssl.php @@ -296,13 +296,14 @@ class m_ssl { $good=array(); // list of good certificates $bof=array(); // good but not with the right provider $bad=array(); - $wildcard="*".substr($fqdn,strpos($fqdn,"."); - $defaultwild="*".substr($this->default_certificate_fqdn,strpos($this->default_certificate_fqdn,"."); + $wildcard="*".substr($fqdn,strpos($fqdn,".")); + $defaultwild="*".substr($this->default_certificate_fqdn,strpos($this->default_certificate_fqdn,".")); while($db->next_record()) { $found=false; if ($db->Record["fqdn"]==$fqdn || $db->Record["fqdn"]==$wildcard) { $found=true; + } else { $alts=explode("\n",$db->Record["altnames"]); foreach($alts as $alt) { @@ -313,7 +314,7 @@ class m_ssl { } } if ($found) { - if ($provider=="" || $provider=$db->Record["provider"]) { + if ($provider=="" || $provider==$db->Record["provider"]) { $good[]=$db->Record; } else { $bof[]=$db->Record; @@ -400,9 +401,10 @@ class m_ssl { * be the one signinf the private RSA key in $key * @param $chain string the X.509 PEM-encoded list of SSL Certificate chain if intermediate authorities * @return integer the ID of the newly created certificate in the table + * @return string the ssl cert provider * or false if an error occurred */ - function import_cert($key, $crt, $chain = "") { + function import_cert($key, $crt, $chain = "", $provider = "") { global $cuid, $msg, $db; $msg->log("ssl", "import_cert"); @@ -425,8 +427,8 @@ class m_ssl { return false; } // Everything is PERFECT and has been thoroughly checked, let's insert those in the DB ! - $sql = "INSERT INTO certificates SET uid='?', status=?, shared=0, fqdn=?, altnames=?, validstart=FROM_UNIXTIME(?), validend=FROM_UNIXTIME(?), sslkey=?, sslcrt=?, sslchain=?;"; - $db->query($sql,array($cuid,self::STATUS_OK,$fqdn,$altnames,intval($validstart),intval($validend),$key,$crt,$chain)); + $sql = "INSERT INTO certificates SET uid='?', status=?, shared=0, fqdn=?, altnames=?, validstart=FROM_UNIXTIME(?), validend=FROM_UNIXTIME(?), sslkey=?, sslcrt=?, sslchain=?, provider=?;"; + $db->query($sql,array($cuid,self::STATUS_OK,$fqdn,$altnames,intval($validstart),intval($validend),$key,$crt,$chain,$provider)); if (!($id = $db->lastid())) { $msg->raise("ERROR","ssl", _("Can't save the Key/Crt/Chain now. Please try later.")); return false; diff --git a/install/mysql.sql b/install/mysql.sql index 7f37f5e5..374a30ba 100644 --- a/install/mysql.sql +++ b/install/mysql.sql @@ -784,6 +784,7 @@ CREATE TABLE `certificates` ( `sslkey` text NOT NULL, `sslcrt` text NOT NULL, `sslchain` text NOT NULL, + `provider` VARCHAR(16) NOT NULL DEFAULT '', `created_at` DATETIME DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (`id`), KEY `uid` (`uid`) diff --git a/install/upgrades/3.5.0.1.sql b/install/upgrades/3.5.0.1.sql index e76d8af9..482573d8 100644 --- a/install/upgrades/3.5.0.1.sql +++ b/install/upgrades/3.5.0.1.sql @@ -2,8 +2,12 @@ -- upgrade to merge alternc-ssl into alternc + change the way we work on SSL DROP TABLE `certif_alias`; -ALTER TABLE `certificates` DROP `shared`, DROP `ssl_action`, DROP `ssl_result`; -ALTER TABLE `certificates` ADD `created_at` DATETIME DEFAULT CURRENT_TIMESTAMP; +ALTER TABLE `certificates` + DROP `shared`, + DROP `ssl_action`, + DROP `ssl_result`, + ADD `provider` VARCHAR(16) NOT NULL DEFAULT '', + ADD `created_at` DATETIME DEFAULT CURRENT_TIMESTAMP; ALTER TABLE `sub_domaines` ADD `certificate_id` INT UNSIGNED NOT NULL DEFAULT '0' AFTER `enable`,