From a2e22a8d1fb5c1ac736c6ef82a1d418bd8eabe21 Mon Sep 17 00:00:00 2001 From: Benjamin Sonntag Date: Sat, 23 Jun 2018 16:37:11 +0200 Subject: [PATCH] [fix] we check FIRST for certificate already existing in ssl->import_check() --- bureau/class/m_ssl.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/bureau/class/m_ssl.php b/bureau/class/m_ssl.php index 29afec40..4684a0a4 100644 --- a/bureau/class/m_ssl.php +++ b/bureau/class/m_ssl.php @@ -457,6 +457,13 @@ INSTR(CONCAT(sd.sub,IF(sd.sub!='','.',''),sd.domaine),'.')+1))=? global $cuid, $msg, $db; $msg->log("ssl", "import_cert"); + // Search for an existing cert: (first) + $db->query("SELECT id FROM certificates WHERE crt=?;",array($crt)); + if ($db->next_record()) { + $msg->raise("ERROR","ssl", _("Certificate already exists in database")); + return false; + } + $result = $this->check_cert($crt, $chain, $key); if ($result === false) { $msg->raise("ERROR","ssl", $this->error); @@ -469,13 +476,6 @@ INSTR(CONCAT(sd.sub,IF(sd.sub!='','.',''),sd.domaine),'.')+1))=? $fqdn = $crtdata["subject"]["CN"]; $altnames = $this->parseAltNames($crtdata["extensions"]["subjectAltName"]); - // Search for an existing cert: - $db->query("SELECT id FROM certificates WHERE crt=?;",array($crt)); - if ($db->next_record()) { - $msg->raise("ERROR","ssl", _("Certificate already exists in database")); - return false; - } - // Everything is PERFECT and has been thoroughly checked, let's insert those in the DB ! $db->query( "INSERT INTO certificates SET uid='?', status=?, shared=0, fqdn=?, altnames=?, validstart=FROM_UNIXTIME(?), validend=FROM_UNIXTIME(?), sslkey=?, sslcrt=?, sslchain=?, provider=?;",