Project

General

Profile

Download (2.52 KB)

Bug #3733 » certmanager_san_wildcard_hostname.patch

Daniel Schultheis, 06/11/2015 09:07 AM

View differences:

etc/inc/util.inc
838 838 
}
839 839 

  		




  840
  840
  
    
/* returns true if $hostname is a valid hostname, with or without being a fully-qualified domain name. */

  		




  841
  
  
    
function is_hostname($hostname) {

  		




  
  841
  
    
function is_hostname($hostname, $allow_wildcard=false) {

  		




  842
  842
  
    
	if (!is_string($hostname)) {

  		




  843
  843
  
    
		return false;

  		




  844
  844
  
    
	}

  		




  845
  845
  
    

  		




  846
  
  
    
	if (is_domain($hostname)) {

  		




  
  846
  
    
	if (is_domain($hostname, $allow_wildcard)) {

  		




  847
  847
  
    
		if ((substr_count($hostname, ".") == 1) && ($hostname[strlen($hostname)-1] == ".")) {

  		




  848
  848
  
    
			/* Only a single dot at the end like "test." - hosts cannot be directly in the root domain. */

  		




  849
  849
  
    
			return false;

  		




  ......




  856
  856
  
    
}

  		




  857
  857
  
    

  		




  858
  858
  
    
/* returns true if $domain is a valid domain name */

  		




  859
  
  
    
function is_domain($domain) {

  		




  
  859
  
    
function is_domain($domain, $allow_wildcard=false) {

  		




  860
  860
  
    
	if (!is_string($domain)) {

  		




  861
  861
  
    
		return false;

  		




  862
  862
  
    
	}

  		




  863
  863
  
    

  		




  864
  
  
    
	if (preg_match('/^(?:(?:[a-z_0-9]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9])\.)*(?:[a-z_0-9]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9\.])$/i', $domain)) {

  		




  
  864
  
    
	$domain_regex = ($allow_wildcard) ? '/^(?:(?:[a-z_0-9\*]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9])\.)*(?:[a-z_0-9]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9\.])$/i' : '/^(?:(?:[a-z_0-9]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9])\.)*(?:[a-z_0-9]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9\.])$/i';

  		




  
  865
  
    

  		




  
  866
  
    
	if (preg_match($domain_regex, $domain)) {

  		




  865
  867
  
    
		return true;

  		




  866
  868
  
    
	} else {

  		




  867
  869
  
    
		return false;

  		












  

    
      usr/local/www/system_certmanager.php
    
  





  285
  285
  
    
			foreach ($altnames as $idx => $altname) {

  		




  286
  286
  
    
				switch ($altname['type']) {

  		




  287
  287
  
    
					case "DNS":

  		




  288
  
  
    
						if (!is_hostname($altname['value'])) {

  		




  289
  
  
    
							array_push($input_errors, "DNS subjectAltName values must be valid hostnames or FQDNs");

  		




  
  288
  
    
						if (!is_hostname($altname['value'], true)) {

  		




  
  289
  
    
							array_push($input_errors, "DNS subjectAltName values must be valid hostnames, FQDNs or wildcard domains.");

  		




  290
  290
  
    
						}

  		




  291
  291
  
    
						break;

  		




  292
  292
  
    
					case "IP":

  		















  (3-3/3)