Project

General

Profile

Bug #3733 » certmanager_san_wildcard_hostname.patch

Daniel Schultheis, 06/11/2015 08:54 AM

View differences:

etc/inc/util.inc
855 855
	}
856 856
}
857 857

  
858
/* returns true if $hostname is a valid hostname, with or without being a fully-qualified domain name or a wildcard hostname. */
859
function is_wildcard_hostname($hostname) {
860
	if (!is_string($hostname)) {
861
		return false;
862
	}
863

  
864
	if (is_wildcard_domain($hostname)) {
865
		if ((substr_count($hostname, ".") == 1) && ($hostname[strlen($hostname)-1] == ".")) {
866
			/* Only a single dot at the end like "test." - hosts cannot be directly in the root domain. */
867
			return false;
868
		} else {
869
			return true;
870
		}
871
	} else {
872
		return false;
873
	}
874
}
875

  
858 876
/* returns true if $domain is a valid domain name */
859 877
function is_domain($domain) {
860 878
	if (!is_string($domain)) {
......
868 886
	}
869 887
}
870 888

  
889
/* returns true if $domain is a valid domain name with or without wildcard. */
890
function is_wildcard_domain($domain) {
891
	if (!is_string($domain)) {
892
		return false;
893
	}
894

  
895
	if (preg_match('/^(?:(?:[a-z_0-9\*]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9])\.)*(?:[a-z_0-9]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9\.])$/i', $domain)) {
896
		return true;
897
	} else {
898
		return false;
899
	}
900
}
901

  
871 902
/* returns true if $macaddr is a valid MAC address */
872 903
function is_macaddr($macaddr, $partial=false) {
873 904
	$repeat = ($partial) ? '1,5' : '5';
usr/local/www/system_certmanager.php
285 285
			foreach ($altnames as $idx => $altname) {
286 286
				switch ($altname['type']) {
287 287
					case "DNS":
288
						if (!is_hostname($altname['value'])) {
288
						if (!is_wildcard_hostname($altname['value'])) {
289 289
							array_push($input_errors, "DNS subjectAltName values must be valid hostnames or FQDNs");
290 290
						}
291 291
						break;
(1-1/3)