adding provider to certificates + fixing cert search function

2018-06-22 22:49:43 +02:00 · 2018-06-22 22:49:43 +02:00 · 6007a3dea2
parent 3dbb4d68ac
commit 6007a3dea2
4 changed files with 26 additions and 10 deletions
--- a/bureau/admin/dom_ssl.inc.php
+++ b/bureau/admin/dom_ssl.inc.php
@ -56,11 +56,20 @@ for($i=0;$i<$r["nsub"];$i++) {
    if (!$r["sub"][$i]["only_dns"]) {
        continue;
    }
-    echo "<br />\n";
+    $fqdn=$r["sub"][$i]["name"].(($r["sub"][$i]["name"])?".":"").$r["name"];
+    $certs = $ssl->get_valid_certs($fqdn);
+
    echo "<tr>";
-    echo "<td>".$r["name"].(($r["name"])?".":"").$r["sub"][$i]["name"]."</td>";
+    echo "<td>".$fqdn."</td>";
    echo "<td><select name=\"ssl_".$r["sub"][$i]["name"]."\" id=\"ssl_".$r["sub"][$i]["name"]."\">";
    echo "<option value=\"\">"._("-- no HTTPS certificate provider preference --")."</option>";
+    $providers=array();
+    foreach($certs as $cert) {
+        if ($cert["provider"] && !isset($providers[$cert["provider"]])) {
+            $providers[$cert["provider"]]=1;
+            echo "<option value=\"".$cert["provider"]."\">"._("Provider:")." ".$cert["provider"]."</option>";
+        }
+    }
    echo "</select>";
    echo "</td>";
    echo "</tr>";
--- a/bureau/class/m_ssl.php
+++ b/bureau/class/m_ssl.php
@ -296,13 +296,14 @@ class m_ssl {
        $good=array(); // list of good certificates
        $bof=array(); // good but not with the right provider 
        $bad=array(); 
-        $wildcard="*".substr($fqdn,strpos($fqdn,".");
-        $defaultwild="*".substr($this->default_certificate_fqdn,strpos($this->default_certificate_fqdn,".");
+        $wildcard="*".substr($fqdn,strpos($fqdn,"."));
+        $defaultwild="*".substr($this->default_certificate_fqdn,strpos($this->default_certificate_fqdn,"."));

        while($db->next_record()) {
            $found=false;
            if ($db->Record["fqdn"]==$fqdn || $db->Record["fqdn"]==$wildcard) {
                $found=true;
+                
            } else {
                $alts=explode("\n",$db->Record["altnames"]);
                foreach($alts as $alt) {
@ -313,7 +314,7 @@ class m_ssl {
                }
            }
            if ($found) {
-                if ($provider=="" || $provider=$db->Record["provider"]) {
+                if ($provider=="" || $provider==$db->Record["provider"]) {
                    $good[]=$db->Record;
                } else {
                    $bof[]=$db->Record;
@ -400,9 +401,10 @@ class m_ssl {
     * be the one signinf the private RSA key in $key
     * @param $chain string the X.509 PEM-encoded list of SSL Certificate chain if intermediate authorities
     * @return integer the ID of the newly created certificate in the table
+     * @return string the ssl cert provider 
     * or false if an error occurred
     */
-    function import_cert($key, $crt, $chain = "") {
+    function import_cert($key, $crt, $chain = "", $provider = "") {
        global $cuid, $msg, $db;
        $msg->log("ssl", "import_cert");

@ -425,8 +427,8 @@ class m_ssl {
            return false;
        }
        // Everything is PERFECT and has been thoroughly checked, let's insert those in the DB !
-        $sql = "INSERT INTO certificates SET uid='?', status=?, shared=0, fqdn=?, altnames=?, validstart=FROM_UNIXTIME(?), validend=FROM_UNIXTIME(?), sslkey=?, sslcrt=?, sslchain=?;";
-        $db->query($sql,array($cuid,self::STATUS_OK,$fqdn,$altnames,intval($validstart),intval($validend),$key,$crt,$chain));
+        $sql = "INSERT INTO certificates SET uid='?', status=?, shared=0, fqdn=?, altnames=?, validstart=FROM_UNIXTIME(?), validend=FROM_UNIXTIME(?), sslkey=?, sslcrt=?, sslchain=?, provider=?;";
+        $db->query($sql,array($cuid,self::STATUS_OK,$fqdn,$altnames,intval($validstart),intval($validend),$key,$crt,$chain,$provider));
        if (!($id = $db->lastid())) {
            $msg->raise("ERROR","ssl", _("Can't save the Key/Crt/Chain now. Please try later."));
            return false;
--- a/install/mysql.sql
+++ b/install/mysql.sql
@ -784,6 +784,7 @@ CREATE TABLE `certificates` (
  `sslkey` text NOT NULL,
  `sslcrt` text NOT NULL,
  `sslchain` text NOT NULL,
+  `provider` VARCHAR(16) NOT NULL DEFAULT '',
  `created_at` DATETIME DEFAULT CURRENT_TIMESTAMP,
  PRIMARY KEY (`id`),
  KEY `uid` (`uid`)
--- a/install/upgrades/3.5.0.1.sql
+++ b/install/upgrades/3.5.0.1.sql
@ -2,8 +2,12 @@
 -- upgrade to merge alternc-ssl into alternc + change the way we work on SSL

 DROP TABLE `certif_alias`;
-ALTER TABLE `certificates` DROP `shared`, DROP `ssl_action`, DROP `ssl_result`;
-ALTER TABLE `certificates` ADD `created_at` DATETIME DEFAULT CURRENT_TIMESTAMP;
+ALTER TABLE `certificates`
+      DROP `shared`,
+      DROP `ssl_action`,
+      DROP `ssl_result`,
+      ADD `provider` VARCHAR(16) NOT NULL DEFAULT '',
+      ADD `created_at` DATETIME DEFAULT CURRENT_TIMESTAMP;

 ALTER TABLE `sub_domaines`
      ADD `certificate_id` INT UNSIGNED NOT NULL DEFAULT '0' AFTER `enable`,