|
|
|
|
@ -7,7 +7,7 @@ namespace lib;
|
|
|
|
|
class LetsEncrypt
|
|
|
|
|
{
|
|
|
|
|
const HTTP_OK = 200;
|
|
|
|
|
const HTTP_CHALLENGE_URL = '/.well-known/acme-challenge';
|
|
|
|
|
const HTTP_CHALLENGE_URL = '/.well-known/acme-challenge/testfile';
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* create the file used to test the HTTP challenge
|
|
|
|
|
@ -27,57 +27,64 @@ class LetsEncrypt
|
|
|
|
|
sudoexec($cmd, $data_output, $exec_return);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* generate a CSR
|
|
|
|
|
* @param string $vhost
|
|
|
|
|
* @param Array $domains
|
|
|
|
|
* @return boolean
|
|
|
|
|
*/
|
|
|
|
|
public function makeCsr($vhost, $domains)
|
|
|
|
|
{
|
|
|
|
|
$domains = implode(' ', $domains);
|
|
|
|
|
$cmd = 'web-add.sh generate-csr ' . $vhost . ' ' . "$domains";
|
|
|
|
|
|
|
|
|
|
sudoexec($cmd ,$data_output, $exec_return);
|
|
|
|
|
|
|
|
|
|
if ($exec_return == 0) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* perform a cURL call on the remote resource
|
|
|
|
|
* the cURL call follows redirections and pushes the last valid URL to an array
|
|
|
|
|
* the cURL call follows redirections
|
|
|
|
|
* @param Array $domains list of domains
|
|
|
|
|
* @return Array $checked_domains list of checked domains
|
|
|
|
|
* @return boolean
|
|
|
|
|
*/
|
|
|
|
|
public function checkRemoteResourceAvailability($domains)
|
|
|
|
|
public function checkRemoteResourceAvailability($domain)
|
|
|
|
|
{
|
|
|
|
|
$this->createFileHttpChallenge();
|
|
|
|
|
|
|
|
|
|
$curl_multi = curl_multi_init();
|
|
|
|
|
$curl_handles = array();
|
|
|
|
|
$checked_domains = array();
|
|
|
|
|
$curl_handler = curl_init();
|
|
|
|
|
|
|
|
|
|
foreach ($domains as $key => $domain) {
|
|
|
|
|
$curl_handles[$key] = curl_init($domain . self::HTTP_CHALLENGE_URL);
|
|
|
|
|
// setting cURL options
|
|
|
|
|
curl_setopt($curl_handler, CURLOPT_URL, $domain . self::HTTP_CHALLENGE_URL);
|
|
|
|
|
curl_setopt($curl_handler, CURLOPT_TIMEOUT, 3);
|
|
|
|
|
curl_setopt($curl_handler, CURLOPT_HEADER, true);
|
|
|
|
|
curl_setopt($curl_handler, CURLOPT_NOBODY, true);
|
|
|
|
|
curl_setopt($curl_handler, CURLOPT_SSL_VERIFYPEER, false);
|
|
|
|
|
curl_setopt($curl_handler, CURLOPT_FOLLOWLOCATION, true);
|
|
|
|
|
curl_setopt($curl_handler, CURLOPT_MAXREDIRS, 3);
|
|
|
|
|
curl_setopt($curl_handler, CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
|
|
|
|
|
curl_setopt($curl_handler, CURLOPT_RETURNTRANSFER, true);
|
|
|
|
|
|
|
|
|
|
// setting cURL options
|
|
|
|
|
curl_setopt($curl_handles[$key], CURLOPT_TIMEOUT, 3);
|
|
|
|
|
curl_setopt($curl_handles[$key], CURLOPT_HEADER, true);
|
|
|
|
|
curl_setopt($curl_handles[$key], CURLOPT_NOBODY, true);
|
|
|
|
|
curl_setopt($curl_handles[$key], CURLOPT_SSL_VERIFYPEER, false);
|
|
|
|
|
curl_setopt($curl_handles[$key], CURLOPT_FOLLOWLOCATION, true);
|
|
|
|
|
curl_setopt($curl_handles[$key], CURLOPT_MAXREDIRS, 3);
|
|
|
|
|
curl_setopt($curl_handles[$key], CURLOPT_REDIR_PROTOCOLS, CURLPROTO_HTTP | CURLPROTO_HTTPS);
|
|
|
|
|
curl_setopt($curl_handles[$key], CURLOPT_RETURNTRANSFER, true);
|
|
|
|
|
|
|
|
|
|
curl_multi_add_handle($curl_multi, $curl_handles[$key]);
|
|
|
|
|
}
|
|
|
|
|
curl_exec($curl_handler);
|
|
|
|
|
|
|
|
|
|
do {
|
|
|
|
|
curl_multi_exec($curl_multi, $active);
|
|
|
|
|
} while ($active);
|
|
|
|
|
$returned_http_code = curl_getinfo($curl_handler, CURLINFO_HTTP_CODE);
|
|
|
|
|
$returned_http_url = curl_getinfo($curl_handler, CURLINFO_EFFECTIVE_URL);
|
|
|
|
|
|
|
|
|
|
foreach ($curl_handles as $curl_handle) {
|
|
|
|
|
$returned_http_code = curl_getinfo($curl_handle, CURLINFO_HTTP_CODE);
|
|
|
|
|
$returned_http_url = curl_getinfo($curl_handle, CURLINFO_EFFECTIVE_URL);
|
|
|
|
|
$this->deleteFileHttpChallenge();
|
|
|
|
|
|
|
|
|
|
if ($returned_http_code === self::HTTP_OK && strpos($returned_http_url, self::HTTP_CHALLENGE_URL)) {
|
|
|
|
|
$returned_http_url = str_replace(self::HTTP_CHALLENGE_URL, '', $returned_http_url);
|
|
|
|
|
$returned_http_url = preg_replace('#^https?://#', '', $returned_http_url);
|
|
|
|
|
if ($returned_http_code === self::HTTP_OK && strpos($returned_http_url, self::HTTP_CHALLENGE_URL)) {
|
|
|
|
|
$returned_http_url = str_replace(self::HTTP_CHALLENGE_URL, '', $returned_http_url);
|
|
|
|
|
$returned_http_url = preg_replace('#^https?://#', '', $returned_http_url);
|
|
|
|
|
|
|
|
|
|
array_push($checked_domains, $returned_http_url);
|
|
|
|
|
}
|
|
|
|
|
curl_multi_remove_handle($curl_multi, $curl_handle);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
curl_multi_close($curl_multi);
|
|
|
|
|
|
|
|
|
|
$this->deleteFileHttpChallenge();
|
|
|
|
|
|
|
|
|
|
return $checked_domains;
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
Nicolas Roman
4 years ago