Merge remote-tracking branch 'origin/master' into 0.10.0
This commit is contained in:
Michael Kaufmann
@@ -10,13 +10,15 @@ class HttpClient
|
||||
*
|
||||
* @return array
|
||||
*/
|
||||
public static function urlGet($url)
|
||||
public static function urlGet($url, $follow_location = true)
|
||||
{
|
||||
include FROXLOR_INSTALL_DIR . '/lib/version.inc.php';
|
||||
$ch = curl_init();
|
||||
curl_setopt($ch, CURLOPT_URL, $url);
|
||||
curl_setopt($ch, CURLOPT_USERAGENT, 'Froxlor/' . $version);
|
||||
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
|
||||
if ($follow_location) {
|
||||
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
|
||||
}
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
|
||||
$output = curl_exec($ch);
|
||||
if ($output === false) {
|
||||
|
||||
@@ -82,7 +82,7 @@ class lescript
|
||||
Settings::Set('system.leprivatekey', $keys['private']);
|
||||
Settings::Set('system.leregistered', 0); // key is not registered
|
||||
} else {
|
||||
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
|
||||
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered WHERE `customerid` = :customerid;");
|
||||
Database::pexecute($upd_stmt, array(
|
||||
'public' => $keys['public'],
|
||||
'private' => $keys['private'],
|
||||
@@ -216,7 +216,7 @@ class lescript
|
||||
// simple self check
|
||||
if (Settings::Get('system.disable_le_selfcheck') == '0')
|
||||
{
|
||||
$selfcheckpayload = HttpClient::urlGet($uri);
|
||||
$selfcheckpayload = HttpClient::urlGet($uri, false);
|
||||
if ($payload !== trim($selfcheckpayload)) {
|
||||
$errmsg = json_encode(error_get_last());
|
||||
if ($errmsg != "null") {
|
||||
@@ -342,7 +342,7 @@ class lescript
|
||||
if ($this->isFroxlorVhost) {
|
||||
Settings::Set('system.leregistered', $state);
|
||||
} else {
|
||||
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
|
||||
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered WHERE `customerid` = :customerid;");
|
||||
Database::pexecute($upd_stmt, array(
|
||||
'registered' => $state,
|
||||
'customerid' => $this->customerId
|
||||
|
||||
@@ -76,6 +76,7 @@ class lescript_v2
|
||||
$this->customerId = (! $isFroxlorVhost ? $certrow['customerid'] : null);
|
||||
$this->isFroxlorVhost = $isFroxlorVhost;
|
||||
$this->isLeProduction = (Settings::Get('system.letsencryptca') == 'production');
|
||||
$this->_acc_location = $certrow['leaccount'];
|
||||
|
||||
$leregistered = $certrow['leregistered'];
|
||||
|
||||
@@ -93,7 +94,7 @@ class lescript_v2
|
||||
Settings::Set('system.leprivatekey', $keys['private']);
|
||||
Settings::Set('system.leregistered', 0); // key is not registered
|
||||
} else {
|
||||
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
|
||||
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `lepublickey` = :public, `leprivatekey` = :private, `leregistered` = :registered WHERE `customerid` = :customerid;");
|
||||
Database::pexecute($upd_stmt, array(
|
||||
'public' => $keys['public'],
|
||||
'private' => $keys['private'],
|
||||
@@ -149,42 +150,55 @@ class lescript_v2
|
||||
|
||||
// start domains authentication
|
||||
// ----------------------------
|
||||
|
||||
|
||||
// Prepare order
|
||||
$domains_in_order = array();
|
||||
foreach ($domains as $domain) {
|
||||
$domains_in_order []= array(
|
||||
"type" => "dns",
|
||||
"value" => $domain
|
||||
);
|
||||
}
|
||||
|
||||
// Send new-order request
|
||||
$response = $this->signedRequest($this->_req_uris['newOrder'], array(
|
||||
"identifiers" => $domains_in_order
|
||||
), false);
|
||||
|
||||
if ($this->client->getLastCode() == 403) {
|
||||
$this->log("Got status 403 - setting LE status to unregistered.");
|
||||
$this->_acc_location = '';
|
||||
$this->setLeRegisteredState(0);
|
||||
throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run. Whole response: " . json_encode($response));
|
||||
}
|
||||
|
||||
// if response is not an array but a string, it's most likely a server-error, e.g.
|
||||
// <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>An error occurred while processing your request.
|
||||
// <p>Reference #179.d8be1402.1458059103.3613c4db</BODY></HTML>
|
||||
if (! is_array($response)) {
|
||||
throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . json_encode($response));
|
||||
}
|
||||
|
||||
if (! array_key_exists('authorizations', $response)) {
|
||||
throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response));
|
||||
}
|
||||
|
||||
$authorizations = $response['authorizations'];
|
||||
$finalizeLink = $response['finalize'];
|
||||
|
||||
$i = 0;
|
||||
|
||||
foreach ($authorizations as $authorization) {
|
||||
|
||||
// 1. getting available authentication options
|
||||
// -------------------------------------------
|
||||
|
||||
$domain = $response['identifiers'][$i++]['value'];
|
||||
|
||||
$this->log("Requesting challenge for $domain");
|
||||
|
||||
$response = $this->signedRequest($this->_req_uris['newOrder'], array(
|
||||
"identifiers" => array(
|
||||
array(
|
||||
"type" => "dns",
|
||||
"value" => $domain
|
||||
)
|
||||
)
|
||||
), false);
|
||||
|
||||
if ($this->client->getLastCode() == 403) {
|
||||
$this->log("Got status 403 - setting LE status to unregistered.");
|
||||
$this->setLeRegisteredState(0);
|
||||
throw new RuntimeException("Got 'unauthorized' response - we need to re-register at next run. Whole response: " . json_encode($response));
|
||||
}
|
||||
|
||||
// if response is not an array but a string, it's most likely a server-error, e.g.
|
||||
// <HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>An error occurred while processing your request.
|
||||
// <p>Reference #179.d8be1402.1458059103.3613c4db</BODY></HTML>
|
||||
if (! is_array($response)) {
|
||||
throw new RuntimeException("Invalid response from LE for domain $domain. Whole response: " . json_encode($response));
|
||||
}
|
||||
|
||||
if (! array_key_exists('authorizations', $response)) {
|
||||
throw new RuntimeException("No authorizations received for $domain. Whole response: " . json_encode($response));
|
||||
}
|
||||
|
||||
// get authorization
|
||||
$auth_response = $this->client->get($response['authorizations'][0]);
|
||||
$auth_response = $this->client->get($authorization);
|
||||
|
||||
if (! array_key_exists('challenges', $auth_response)) {
|
||||
throw new RuntimeException("No challenges received for $domain. Whole response: " . json_encode($auth_response));
|
||||
@@ -201,7 +215,6 @@ class lescript_v2
|
||||
|
||||
$this->log("Got challenge token for $domain");
|
||||
$location = $challenge['url'];
|
||||
$finalizeLink = $response['finalize'];
|
||||
|
||||
// 2. saving authentication token for web verification
|
||||
// ---------------------------------------------------
|
||||
@@ -233,7 +246,7 @@ class lescript_v2
|
||||
|
||||
// simple self check
|
||||
if (Settings::Get('system.disable_le_selfcheck') == '0') {
|
||||
$selfcheckpayload = HttpClient::urlGet($uri);
|
||||
$selfcheckpayload = HttpClient::urlGet($uri, false);
|
||||
if ($payload !== trim($selfcheckpayload)) {
|
||||
$errmsg = json_encode(error_get_last());
|
||||
if ($errmsg != "null") {
|
||||
@@ -336,10 +349,12 @@ class lescript_v2
|
||||
if ($this->isLeProduction) {
|
||||
if ($this->isFroxlorVhost) {
|
||||
Settings::Set('system.leregistered', $state);
|
||||
Settings::Set('system.leaccount', $this->_acc_location);
|
||||
} else {
|
||||
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered " . "WHERE `customerid` = :customerid;");
|
||||
$upd_stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "` SET `leregistered` = :registered, `leaccount` = :kid WHERE `customerid` = :customerid;");
|
||||
Database::pexecute($upd_stmt, array(
|
||||
'registered' => $state,
|
||||
'kid' => $this->_acc_location,
|
||||
'customerid' => $this->customerId
|
||||
));
|
||||
}
|
||||
@@ -495,8 +510,8 @@ class Client
|
||||
private function curl($method, $url, $data = null)
|
||||
{
|
||||
$headers = array(
|
||||
'Accept: application/json',
|
||||
'Content-Type: application/json'
|
||||
'Accept: application/jose+json',
|
||||
'Content-Type: application/jose+json'
|
||||
);
|
||||
$handle = curl_init();
|
||||
curl_setopt($handle, CURLOPT_URL, preg_match('~^http~', $url) ? $url : $this->base . $url);
|
||||
@@ -550,7 +565,7 @@ class Client
|
||||
return trim($matches[1]);
|
||||
}
|
||||
|
||||
$this->curl('GET', '/directory');
|
||||
$this->curl('GET', '/acme/new-nonce');
|
||||
return $this->getLastNonce();
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user