kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

adding provider to certificates + fixing cert search function

This commit is contained in:
Benjamin Sonntag 2018-06-22 22:49:43 +02:00
parent 3dbb4d68ac
commit 6007a3dea2
4 changed files with 26 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
bureau/admin/dom_ssl.inc.php
View File

@ -56,11 +56,20 @@ for($i=0;$i<$r["nsub"];$i++) {
if (!$r["sub"][$i]["only_dns"]) { if (!$r["sub"][$i]["only_dns"]) {
continue; continue;
} }
echo "<br />\n"; $fqdn=$r["sub"][$i]["name"].(($r["sub"][$i]["name"])?".":"").$r["name"];
$certs = $ssl->get_valid_certs($fqdn);
echo "<tr>"; echo "<tr>";
echo "<td>".$r["name"].(($r["name"])?".":"").$r["sub"][$i]["name"]."</td>"; echo "<td>".$fqdn."</td>";
echo "<td><select name=\"ssl_".$r["sub"][$i]["name"]."\" id=\"ssl_".$r["sub"][$i]["name"]."\">"; echo "<td><select name=\"ssl_".$r["sub"][$i]["name"]."\" id=\"ssl_".$r["sub"][$i]["name"]."\">";
echo "<option value=\"\">"._("-- no HTTPS certificate provider preference --")."</option>"; echo "<option value=\"\">"._("-- no HTTPS certificate provider preference --")."</option>";
$providers=array();
foreach($certs as $cert) {
if ($cert["provider"] && !isset($providers[$cert["provider"]])) {
$providers[$cert["provider"]]=1;
echo "<option value=\"".$cert["provider"]."\">"._("Provider:")." ".$cert["provider"]."</option>";
}
}
echo "</select>"; echo "</select>";
echo "</td>"; echo "</td>";
echo "</tr>"; echo "</tr>";

14
bureau/class/m_ssl.php
View File

@ -296,13 +296,14 @@ class m_ssl {
$good=array(); // list of good certificates $good=array(); // list of good certificates
$bof=array(); // good but not with the right provider $bof=array(); // good but not with the right provider
$bad=array(); $bad=array();
$wildcard="*".substr($fqdn,strpos($fqdn,"."); $wildcard="*".substr($fqdn,strpos($fqdn,"."));
$defaultwild="*".substr($this->default_certificate_fqdn,strpos($this->default_certificate_fqdn,"."); $defaultwild="*".substr($this->default_certificate_fqdn,strpos($this->default_certificate_fqdn,"."));
while($db->next_record()) { while($db->next_record()) {
$found=false; $found=false;
if ($db->Record["fqdn"]==$fqdn || $db->Record["fqdn"]==$wildcard) { if ($db->Record["fqdn"]==$fqdn || $db->Record["fqdn"]==$wildcard) {
$found=true; $found=true;
} else { } else {
$alts=explode("\n",$db->Record["altnames"]); $alts=explode("\n",$db->Record["altnames"]);
foreach($alts as $alt) { foreach($alts as $alt) {
@ -313,7 +314,7 @@ class m_ssl {
} }
} }
if ($found) { if ($found) {
if ($provider=="" || $provider=$db->Record["provider"]) { if ($provider=="" || $provider==$db->Record["provider"]) {
$good[]=$db->Record; $good[]=$db->Record;
} else { } else {
$bof[]=$db->Record; $bof[]=$db->Record;
@ -400,9 +401,10 @@ class m_ssl {
* be the one signinf the private RSA key in $key * be the one signinf the private RSA key in $key
* @param $chain string the X.509 PEM-encoded list of SSL Certificate chain if intermediate authorities * @param $chain string the X.509 PEM-encoded list of SSL Certificate chain if intermediate authorities
* @return integer the ID of the newly created certificate in the table * @return integer the ID of the newly created certificate in the table
* @return string the ssl cert provider
* or false if an error occurred * or false if an error occurred
*/ */
function import_cert($key, $crt, $chain = "") { function import_cert($key, $crt, $chain = "", $provider = "") {
global $cuid, $msg, $db; global $cuid, $msg, $db;
$msg->log("ssl", "import_cert"); $msg->log("ssl", "import_cert");
@ -425,8 +427,8 @@ class m_ssl {
return false; return false;
} }
// Everything is PERFECT and has been thoroughly checked, let's insert those in the DB ! // Everything is PERFECT and has been thoroughly checked, let's insert those in the DB !
$sql = "INSERT INTO certificates SET uid='?', status=?, shared=0, fqdn=?, altnames=?, validstart=FROM_UNIXTIME(?), validend=FROM_UNIXTIME(?), sslkey=?, sslcrt=?, sslchain=?;"; $sql = "INSERT INTO certificates SET uid='?', status=?, shared=0, fqdn=?, altnames=?, validstart=FROM_UNIXTIME(?), validend=FROM_UNIXTIME(?), sslkey=?, sslcrt=?, sslchain=?, provider=?;";
$db->query($sql,array($cuid,self::STATUS_OK,$fqdn,$altnames,intval($validstart),intval($validend),$key,$crt,$chain)); $db->query($sql,array($cuid,self::STATUS_OK,$fqdn,$altnames,intval($validstart),intval($validend),$key,$crt,$chain,$provider));
if (!($id = $db->lastid())) { if (!($id = $db->lastid())) {
$msg->raise("ERROR","ssl", _("Can't save the Key/Crt/Chain now. Please try later.")); $msg->raise("ERROR","ssl", _("Can't save the Key/Crt/Chain now. Please try later."));
return false; return false;

1
install/mysql.sql
View File

@ -784,6 +784,7 @@ CREATE TABLE `certificates` (
`sslkey` text NOT NULL, `sslkey` text NOT NULL,
`sslcrt` text NOT NULL, `sslcrt` text NOT NULL,
`sslchain` text NOT NULL, `sslchain` text NOT NULL,
`provider` VARCHAR(16) NOT NULL DEFAULT '',
`created_at` DATETIME DEFAULT CURRENT_TIMESTAMP, `created_at` DATETIME DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
KEY `uid` (`uid`) KEY `uid` (`uid`)

8
install/upgrades/3.5.0.1.sql
View File

@ -2,8 +2,12 @@
-- upgrade to merge alternc-ssl into alternc + change the way we work on SSL -- upgrade to merge alternc-ssl into alternc + change the way we work on SSL
DROP TABLE `certif_alias`; DROP TABLE `certif_alias`;
ALTER TABLE `certificates` DROP `shared`, DROP `ssl_action`, DROP `ssl_result`; ALTER TABLE `certificates`
ALTER TABLE `certificates` ADD `created_at` DATETIME DEFAULT CURRENT_TIMESTAMP; DROP `shared`,
DROP `ssl_action`,
DROP `ssl_result`,
ADD `provider` VARCHAR(16) NOT NULL DEFAULT '',
ADD `created_at` DATETIME DEFAULT CURRENT_TIMESTAMP;
ALTER TABLE `sub_domaines` ALTER TABLE `sub_domaines`
ADD `certificate_id` INT UNSIGNED NOT NULL DEFAULT '0' AFTER `enable`, ADD `certificate_id` INT UNSIGNED NOT NULL DEFAULT '0' AFTER `enable`,