zydronium/getnamingo-registry
1
0
Fork 0
mirror of https://github.com/getnamingo/registry.git synced 2025-07-26 04:18:29 +02:00
Code Issues Projects Releases Packages Wiki Activity

More changes to support SSL cert upload in panel

Browse source
This commit is contained in:
Pinga 2025-07-15 14:48:20 +03:00
parent 78efa1cc40
commit 08da49ca6b
3 changed files with 84 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

82
cp/app/Controllers/RegistrarsController.php
View file

@ -780,6 +780,41 @@ class RegistrarsController extends Controller
return $response->withHeader('Location', '/registrar/update/'.$registrar)->withStatus(302); return $response->withHeader('Location', '/registrar/update/'.$registrar)->withStatus(302);
} }
$uploadedFiles = $request->getUploadedFiles();
$certFile = $uploadedFiles['sslUpload'] ?? null;
if ($certFile && $certFile->getError() === UPLOAD_ERR_OK) {
$filename = $certFile->getClientFilename();
$extension = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
if (!in_array($extension, ['pem', 'crt'])) {
$this->container->get('flash')->addMessage('error', 'Invalid file extension for SSL upload');
return $response->withHeader('Location', '/registrar/update/'.$registrar)->withStatus(302);
}
$tmpPath = sys_get_temp_dir() . '/' . uniqid('cert_', true) . '.' . $extension;
$certFile->moveTo($tmpPath);
$certContent = file_get_contents($tmpPath);
$certData = @openssl_x509_read($certContent);
if ($certData === false) {
unlink($tmpPath);
$this->container->get('flash')->addMessage('error', 'Invalid certificate for SSL upload');
return $response->withHeader('Location', '/registrar/update/'.$registrar)->withStatus(302);
}
$pem = preg_replace('#-----BEGIN CERTIFICATE-----|-----END CERTIFICATE-----|\s+#', '', $certContent);
$der = base64_decode($pem);
$fingerprint = $der ? strtoupper(hash('sha256', $der)) : null;
unlink($tmpPath);
} elseif (!empty($data['sslUploadHidden']) && preg_match('/^[A-F0-9]{64}$/', $data['sslUploadHidden'])) {
$fingerprint = $data['sslUploadHidden'];
} else {
$fingerprint = null;
}
$db->beginTransaction(); $db->beginTransaction();
try { try {
@ -812,6 +847,12 @@ class RegistrarsController extends Controller
$updateData['pw'] = $eppPassword; $updateData['pw'] = $eppPassword;
} }
if (!empty($fingerprint)) {
$updateData['ssl_fingerprint'] = $fingerprint;
} else {
$updateData['ssl_fingerprint'] = null;
}
$db->update( $db->update(
'registrar', 'registrar',
$updateData, $updateData,
@ -1056,6 +1097,41 @@ class RegistrarsController extends Controller
$this->container->get('flash')->addMessage('error', 'No email specified for update'); $this->container->get('flash')->addMessage('error', 'No email specified for update');
return $response->withHeader('Location', '/registrar/edit')->withStatus(302); return $response->withHeader('Location', '/registrar/edit')->withStatus(302);
} }
$uploadedFiles = $request->getUploadedFiles();
$certFile = $uploadedFiles['sslUpload'] ?? null;
if ($certFile && $certFile->getError() === UPLOAD_ERR_OK) {
$filename = $certFile->getClientFilename();
$extension = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
if (!in_array($extension, ['pem', 'crt'])) {
$this->container->get('flash')->addMessage('error', 'Invalid file extension for SSL upload');
return $response->withHeader('Location', '/registrar/update/'.$registrar)->withStatus(302);
}
$tmpPath = sys_get_temp_dir() . '/' . uniqid('cert_', true) . '.' . $extension;
$certFile->moveTo($tmpPath);
$certContent = file_get_contents($tmpPath);
$certData = @openssl_x509_read($certContent);
if ($certData === false) {
unlink($tmpPath);
$this->container->get('flash')->addMessage('error', 'Invalid certificate for SSL upload');
return $response->withHeader('Location', '/registrar/update/'.$registrar)->withStatus(302);
}
$pem = preg_replace('#-----BEGIN CERTIFICATE-----|-----END CERTIFICATE-----|\s+#', '', $certContent);
$der = base64_decode($pem);
$fingerprint = $der ? strtoupper(hash('sha256', $der)) : null;
unlink($tmpPath);
} elseif (!empty($data['sslUploadHidden']) && preg_match('/^[A-F0-9]{64}$/', $data['sslUploadHidden'])) {
$fingerprint = $data['sslUploadHidden'];
} else {
$fingerprint = null;
}
$db->beginTransaction(); $db->beginTransaction();
@ -1088,6 +1164,12 @@ class RegistrarsController extends Controller
$updateData['pw'] = $eppPassword; $updateData['pw'] = $eppPassword;
} }
if (!empty($fingerprint)) {
$updateData['ssl_fingerprint'] = $fingerprint;
} else {
$updateData['ssl_fingerprint'] = null;
}
$db->update( $db->update(
'registrar', 'registrar',
$updateData, $updateData,

2
cp/resources/views/admin/registrars/updateRegistrar.twig
View file

@ -511,7 +511,7 @@
{% if registrar.ssl_fingerprint is not empty %} {% if registrar.ssl_fingerprint is not empty %}
<div class="datagrid-item"> <div class="datagrid-item">
<div class="datagrid-title">{{ __('SSL Certificate Fingerprint') }}</div> <div class="datagrid-title">{{ __('SSL Certificate Fingerprint') }}</div>
<div class="datagrid-content">{{ registrar.ssl_fingerprint }}</div> <div class="datagrid-content">{{ registrar.ssl_fingerprint }}<input type="hidden" name="sslUploadHidden" value="{{ registrar.ssl_fingerprint }}" /></div>
</div> </div>
{% endif %} {% endif %}
</div> </div>

2
cp/resources/views/admin/registrars/updateRegistrarUser.twig
View file

@ -493,7 +493,7 @@
{% if registrar.ssl_fingerprint is not empty %} {% if registrar.ssl_fingerprint is not empty %}
<div class="datagrid-item"> <div class="datagrid-item">
<div class="datagrid-title">{{ __('SSL Certificate Fingerprint') }}</div> <div class="datagrid-title">{{ __('SSL Certificate Fingerprint') }}</div>
<div class="datagrid-content">{{ registrar.ssl_fingerprint }}</div> <div class="datagrid-content">{{ registrar.ssl_fingerprint }}<input type="hidden" name="sslUploadHidden" value="{{ registrar.ssl_fingerprint }}" /></div>
</div> </div>
{% endif %} {% endif %}
</div> </div>