From 6a2fe3055e64aa039b2ed5fd6014f4dc10274e8b Mon Sep 17 00:00:00 2001 From: Marcus Hill Date: Sat, 2 Apr 2022 10:16:20 +0100 Subject: [PATCH] Auto-add SSL certificate for new domains --- client_domain_add_modal.php | 2 +- post.php | 41 ++++++++++++++++++++++++++++++------- 2 files changed, 35 insertions(+), 8 deletions(-) diff --git a/client_domain_add_modal.php b/client_domain_add_modal.php index d73baac5..183f2a9f 100644 --- a/client_domain_add_modal.php +++ b/client_domain_add_modal.php @@ -17,7 +17,7 @@
- + diff --git a/post.php b/post.php index 9e563c69..2363a2dd 100644 --- a/post.php +++ b/post.php @@ -5608,7 +5608,7 @@ if(isset($_POST['add_certificate'])){ mysqli_query($mysqli,"INSERT INTO certificates SET certificate_name = '$name', certificate_domain = '$domain', certificate_issued_by = '$issued_by', certificate_expire = '$expire', certificate_created_at = NOW(), certificate_public_key = '$public_key', certificate_domain_id = $domain_id, certificate_client_id = $client_id, company_id = $session_company_id"); //Logging - mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Create', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id"); + mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Create', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = '$client_id', company_id = '$session_company_id', log_user_id = '$session_user_id'"); $_SESSION['alert_message'] = "Certificate added"; @@ -5650,7 +5650,7 @@ if(isset($_POST['edit_certificate'])){ mysqli_query($mysqli,"UPDATE certificates SET certificate_name = '$name', certificate_domain = '$domain', certificate_issued_by = '$issued_by', certificate_expire = '$expire', certificate_updated_at = NOW(), certificate_public_key = '$public_key', certificate_domain_id = '$domain_id' WHERE certificate_id = $certificate_id AND company_id = $session_company_id"); //Logging - mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Modify', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id"); + mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Certificate updated"; @@ -5672,7 +5672,7 @@ if(isset($_GET['delete_certificate'])){ mysqli_query($mysqli,"DELETE FROM certificates WHERE certificate_id = $certificate_id AND company_id = $session_company_id"); //Logging - mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Delete', log_description = '$certificate_id', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id"); + mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Certificate', log_action = 'Delete', log_description = '$certificate_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Certificate deleted"; @@ -5742,6 +5742,7 @@ if(isset($_POST['add_domain'])){ $name = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['name']))); $registrar = intval($_POST['registrar']); $webhost = intval($_POST['webhost']); + $extended_log_description = ''; $expire = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['expire']))); if(empty($expire)){ $expire = "0000-00-00"; @@ -5770,10 +5771,36 @@ if(isset($_POST['add_domain'])){ $whois = ''; } + // Add domain record mysqli_query($mysqli,"INSERT INTO domains SET domain_name = '$name', domain_registrar = $registrar, domain_webhost = $webhost, domain_expire = '$expire', domain_ip = '$a', domain_name_servers = '$ns', domain_mail_servers = '$mx', domain_raw_whois = '$whois', domain_created_at = NOW(), domain_client_id = $client_id, company_id = $session_company_id"); - //Logging - mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Create', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id"); + + // Get inserted ID (for linking certificate, if exists) + $domain_id = mysqli_insert_id($mysqli); + + // Get SSL/TSL certificate (using verify peer false to allow for self-signed certs) for domain on default port + $socket = "ssl://$name:443"; + $get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE, "verify_peer" => FALSE,))); + $read = stream_socket_client($socket, $errno, $errstr, 5, STREAM_CLIENT_CONNECT, $get); + + // If the socket connected + if($read){ + $cert = stream_context_get_params($read); + $cert_public_key_obj = openssl_x509_parse($cert['options']['ssl']['peer_certificate']); + openssl_x509_export($cert['options']['ssl']['peer_certificate'], $export); + + if($cert_public_key_obj){ + $expire = mysqli_real_escape_string($mysqli, date('Y-m-d', $cert_public_key_obj['validTo_time_t'])); + $issued_by = mysqli_real_escape_string($mysqli, strip_tags($cert_public_key_obj['issuer']['O'])); + $public_key = mysqli_real_escape_string($mysqli, $export); + + mysqli_query($mysqli,"INSERT INTO certificates SET certificate_name = '$name', certificate_domain = '$name', certificate_issued_by = '$issued_by', certificate_expire = '$expire', certificate_created_at = NOW(), certificate_public_key = '$public_key', certificate_domain_id = $domain_id, certificate_client_id = $client_id, company_id = $session_company_id"); + $extended_log_description = ', with associated SSL cert'; + } + } + + // Logging + mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Create', log_description = '$name$extended_log_description', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = '$client_id', company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Domain added"; @@ -5825,7 +5852,7 @@ if(isset($_POST['edit_domain'])){ mysqli_query($mysqli,"UPDATE domains SET domain_name = '$name', domain_registrar = $registrar, domain_webhost = $webhost, domain_expire = '$expire', domain_ip = '$a', domain_name_servers = '$ns', domain_mail_servers = '$mx', domain_raw_whois = '$whois', domain_updated_at = NOW() WHERE domain_id = $domain_id AND company_id = $session_company_id"); //Logging - mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Modify', log_description = '$name', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id"); + mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Modify', log_description = '$name', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Domain updated"; @@ -5847,7 +5874,7 @@ if(isset($_GET['delete_domain'])){ mysqli_query($mysqli,"DELETE FROM domains WHERE domain_id = $domain_id AND company_id = $session_company_id"); //Logging - mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Delete', log_description = '$domain_id', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id"); + mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Domain', log_action = 'Delete', log_description = '$domain_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), company_id = $session_company_id, log_user_id = $session_user_id"); $_SESSION['alert_message'] = "Domain deleted";