AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #299 from wrongecho/ssl 

Fetch SSL data/cert on add/update modal
This commit is contained in:
Johnny 2022-01-18 15:29:58 -05:00 committed by GitHub
parent 1fcb334a51 4eed8be0aa
commit f77df06004
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 84 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
add_certificate_modal.php
View File

@ -25,10 +25,11 @@
<label>Domain <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i>&nbsp;https://</span>
</div>
<input type="text" class="form-control" name="domain" placeholder="Domain name" required>
<input type="text" class="form-control" name="domain" id="domain" placeholder="FQDN" required>
</div>
<p align="right" onclick="fetchSSL()"><i>Fetch</i></p>
</div>
<div class="form-group">
@ -37,7 +38,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
</div>
<input type="text" class="form-control" name="issued_by" placeholder="Issued By">
<input type="text" class="form-control" name="issued_by" id="issued_by" placeholder="Issued By">
</div>
</div>
@ -47,7 +48,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
</div>
<input type="date" class="form-control" name="expire">
<input type="date" class="form-control" name="expire" id="expire">
</div>
</div>
@ -57,7 +58,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<textarea class="form-control" name="public_key" placeholder="-----BEGIN CERTIFICATE-----"></textarea>
<textarea class="form-control" name="public_key" id="public_key" placeholder="-----BEGIN CERTIFICATE-----"></textarea>
</div>
</div>

30
client_certificates.php
View File

@ -135,4 +135,32 @@ $num_rows = mysqli_fetch_row(mysqli_query($mysqli,"SELECT FOUND_ROWS()"));
</div>
</div>
<?php include("add_certificate_modal.php"); ?>
<?php include("add_certificate_modal.php"); ?>
<script type="text/javascript">
function fetchSSL()
{
// Get the domain name input
var domain = document.getElementById("domain").value;
//Send a GET request to post.php as post.php?fetch_certificate=TRUE&domain=DOMAIN
jQuery.get(
"post.php",
{fetch_certificate: 'TRUE', domain: domain},
function(data){
//If we get a response from post.php, parse it as JSON
const ssl_data = JSON.parse(data);
if(ssl_data.success == "TRUE"){
// Fill the form fields with the cert data
document.getElementById("issued_by").value = ssl_data.issued_by;
document.getElementById("expire").value = ssl_data.expire;
document.getElementById("public_key").value = ssl_data.public_key;
}
else{
alert("Error whilst parsing/retrieving details for domain")
}
}
);
}
</script>

11
edit_certificate_modal.php
View File

@ -25,10 +25,11 @@
<label>Domain <strong class="text-danger">*</strong></label>
<div class="input-group">
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i></span>
<span class="input-group-text"><i class="fa fa-fw fa-globe"></i>&nbsp;https://</span>
</div>
<input type="text" class="form-control" name="domain" placeholder="Domain" value="<?php echo $certificate_domain; ?>" required>
<input type="text" class="form-control" name="domain" placeholder="Domain" id="domain" value="<?php echo $certificate_domain; ?>" required>
</div>
<p align="right" onclick="fetchSSL()"><i>Fetch</i></p>
</div>
<div class="form-group">
@ -37,7 +38,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-building"></i></span>
</div>
<input type="text" class="form-control" name="issued_by" placeholder="Issued By" value="<?php echo $certificate_issued_by; ?>">
<input type="text" class="form-control" name="issued_by" placeholder="Issued By" id="issued_by" value="<?php echo $certificate_issued_by; ?>">
</div>
</div>
@ -47,7 +48,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-calendar"></i></span>
</div>
<input type="date" class="form-control" name="expire" value="<?php echo $certificate_expire; ?>">
<input type="date" class="form-control" name="expire" id="expire" value="<?php echo $certificate_expire; ?>">
</div>
</div>
@ -57,7 +58,7 @@
<div class="input-group-prepend">
<span class="input-group-text"><i class="fa fa-fw fa-key"></i></span>
</div>
<textarea class="form-control" name="public_key"><?php echo $certificate_public_key; ?></textarea>
<textarea class="form-control" name="public_key" id="public_key"><?php echo $certificate_public_key; ?></textarea>
</div>
</div>

45
post.php
View File

@ -4786,7 +4786,8 @@ if(isset($_POST['add_certificate'])){
$expire = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['expire'])));
$public_key = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['public_key'])));
if (!empty($public_key)) {
// Parse public key data for a manually provided public key
if(!empty($public_key) && (empty($expire) && empty($issued_by))) {
// Parse the public certificate key. If successful, set attributes from the certificate
$public_key_obj = openssl_x509_parse($_POST['public_key']);
if ($public_key_obj) {
@ -4819,7 +4820,8 @@ if(isset($_POST['edit_certificate'])){
$expire = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['expire'])));
$public_key = trim(strip_tags(mysqli_real_escape_string($mysqli,$_POST['public_key'])));
if (!empty($public_key)) {
// Parse public key data for a manually provided public key
if(!empty($public_key) && (empty($expire) && empty($issued_by))) {
// Parse the public certificate key. If successful, set attributes from the certificate
$public_key_obj = openssl_x509_parse($_POST['public_key']);
if ($public_key_obj) {
@ -4843,6 +4845,45 @@ if(isset($_POST['edit_certificate'])){
}
if(isset($_GET['fetch_certificate'])){
$domain = $_GET['domain'];
// FQDNs in database shouldn't have a URL scheme, adding one
$domain = "https://".$domain;
// Parse host and port
$url = parse_url($domain, PHP_URL_HOST);
$port = parse_url($domain, PHP_URL_PORT);
// Default port
if(!$port){
$port = "443";
}
// Get certificate
// Using verify peer false to allow for self-signed / internal CA certs
$socket = "ssl://$url:$port";
$get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE, "verify_peer" => FALSE,)));
$read = stream_socket_client($socket, $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $get);
$cert = stream_context_get_params($read);
$cert_public_key_obj = openssl_x509_parse($cert['options']['ssl']['peer_certificate']);
openssl_x509_export($cert['options']['ssl']['peer_certificate'], $export);
// Process data
if($cert_public_key_obj){
$cert_data['success'] = "TRUE";
$cert_data['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']);
$cert_data['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']);
$cert_data['public_key'] = $export; //nl2br
}
else{
$cert_data['success'] = "FALSE";
}
// Return as JSON
echo json_encode($cert_data);
}
if(isset($_GET['delete_certificate'])){
$certificate_id = intval($_GET['delete_certificate']);