protected function execute(InputInterface $input, OutputInterface $output)
{
$error = $output->getErrorOutput();
$path = $input->getArgument("path");
$includeRoot = $input->getOption("include-root");
if (!\file_exists($path)) {
throw new \Exception("File {$path} doesn't exist");
}
try {
list($inform, $format) = \detectCertFormat($path);
$cert = \parseFormattedCert(\readCertificate($path, $inform, $format));
} catch (\Exception $e) {
$err = implode("\n", $e->output);
throw new \Exception("Unable to load certificate: {$err}");
}
// perform some basic checks
if (\isExpired($cert)) {
$error->writeln("Certificate has expired");
}
if (\areCertsLinked($cert, $cert)) {
throw new \Exception("Self-signed or CA cert");
}
// this can fail with an exception
$out = \buildChain($cert, $path, $includeRoot);
$output->write($out);
}
/**
* sets a new page ID and therefore reinits all variables!
* @param integer New Page-ID
*/
function setPage($newpage) {
global $page, $clid, $clnid, $v;
$page = $newpage;
$clid = getPageCluster($page, $v);
$clnid = getClusterNode($page);
if (isExpired($clid)) {
echo "ERROR: The page you want view does not exist or is no longer live.";
}
}
protected function execute(InputInterface $input, OutputInterface $output)
{
$error = $output->getErrorOutput();
$fmt = $this->getHelper("formatter");
$dir = new \RecursiveDirectoryIterator($input->getArgument("directory"));
$iter = new \RecursiveIteratorIterator($dir);
if ($input->getOption("expiry")) {
$expiry = strtotime($input->getOption("expiry"));
if ($expiry === false) {
$expiry = time();
$error->writeln("Invalid expiry arg, defaulting to now");
}
} else {
$expiry = time();
}
$certs = new \RegexIterator($iter, '/^.+\\.(crt|pem)/i', \RecursiveRegexIterator::MATCH);
foreach ($certs as $path) {
try {
$expirationDate = "";
$inform = "";
$format = "";
list($inform, $format) = \detectCertFormat($path);
$cert = \parseFormattedCert(\readCertificate($path, $inform, $format));
if (isExpired($cert, $expiry)) {
$expirationDate = \date('Y-m-d H:i:s e', $cert["expires"]);
$output->writeln("Certificate {$path} expires on {$expirationDate}");
}
} catch (\Exception $e) {
$msgs = ["Unable to load {$path}"];
if ($output->isVerbose()) {
$msgs = array_merge($msgs, ["", "{$e->cmd} said:", ""], $e->output);
}
$block = $fmt->formatBlock($msgs, 'error', true);
$error->writeln($block);
}
}
}
/**
* DEPRECATED! use getLowerLevel instead.
* Gets the IDs of the child-pages and returns them as linear array.
* @param integer Sitepage-ID to get the children from.
* @param string Column, to order the results.
*/
function getChildrenPages($spid) {
$menuId = getDBCell("sitepage", "MENU_ID", "SPID = $spid");
$childs = createDBCArray("sitepage sp, sitemap sm", "SPID", "sm.PARENT_ID = $menuId AND sp.MENU_ID = sm.MENU_ID AND sm.IS_DISPLAYED=1 ORDER BY sm.POSITION");
global $splevel, $v;
if ($splevel == 10) { // check live-pages for expiration.
$checked = array ();
for ($i = 0; $i < count($childs); $i++) {
// get clid
$myspid = $childs[$i];
$clnid = getDBCell("sitepage", "CLNID", "SPID = $myspid");
$clid = getDBCell("cluster_variations", "CLID", "CLNID = $clnid AND VARIATION_ID = $v");
if (!isExpired($clid))
array_push($checked, $myspid);
}
return $checked;
} else
return $childs;
}
/**
* Create an image from the given image handler, cache it and return a url and the file path of the image.
*
* Always try to retrive the image from the cache before you compute it.
*
* @param string Image-ID. Used as a part of the cache filename.
* Use md5() to generate a "unique" ID for your image
* based on characteristic values such as the color, size etc.
* @param string Image handler to create the image from.
* @param string Image type: gif, jpg, png, wbmp. Also used as filename suffix.
* If an unsupported type is requested the functions tries to
* fallback to a supported type before throwing an exeption.
* @return array [ full path to the image file, image url ]
* @throws Cache_Error
* @access public
*/
function cacheImageLink($id, &$img, $format = 'png')
{
if (!$id) {
return new Cache_Error('You must provide an ID for and image to be cached!', __FILE__, __LINE__);
}
$id = $this->generateID($id, $format);
$types = ImageTypes();
// Check if the requested image type is supported by the GD lib.
// If not, try a callback to the first available image type.
if (!isset($this->imagetypes[$format]) || !($types & $this->imagetypes[$format])) {
foreach ($this->imagetypes as $supported => $bitmask) {
if ($types & $bitmask) {
new Cache_Error("The build in GD lib does not support the image type {$format}. Fallback to {$supported}.", __FILE__, __LINE__);
} else {
return new Cache_Error("Hmm, is your PHP build with GD support? Can't find any supported types.", __FILE__, __LINE__);
}
}
}
$url = $this->cache_url . $this->cache_file_prefix . $id;
$ffile = $this->container->getFilename($id, $this->cache_group);
if ($this->isCached($id, $this->cache_group) && !isExpired($id, $this->cache_group)) {
return array($ffile, $url);
}
if (strtoupper($format) == 'JPG') {
$genFormat = 'JPEG';
} else {
$genFormat = strtoupper($format);
}
$func = 'Image' . $genFormat;
$func($img, $ffile);
ImageDestroy($img);
return array($ffile, $url);
}
function getEPGData($providerId)
{
global $baseTime, $daysRequested, $config;
$cacheFile = "./cache/{$providerId}.cache";
chdir($config['localDir']);
if (!isExpired($cacheFile)) {
$fp = fopen($cacheFile, 'r') or die("Can't open provider cache file for reading.");
$serializedResponse = "";
while (!feof($fp)) {
$serializedResponse .= fread($fp, 8192);
}
fclose($fp);
$response = unserialize($serializedResponse);
return $response;
}
$username = $config['sd_access'][$providerId]['username'];
$password = $config['sd_access'][$providerId]['password'];
$client = new SoapClient("http://docs.tms.tribune.com/tech/tmsdatadirect/schedulesdirect/tvDataDelivery.wsdl", array('login' => $username, 'password' => $password, 'compression' => SOAP_COMPRESSION_ACCEPT | SOAP_COMPRESSION_DEFLATE));
if (!isset($daysRequested)) {
$daysRequested = 8;
}
if (isset($config['numDaysEPG'])) {
$daysRequested = $config['numDaysEPG'];
}
if (isset($config['providers'][$providerId]['numDaysEPG'])) {
$daysRequested = $config['providers'][$providerId]['numDaysEPG'];
}
$startTime = gmstrftime("%Y-%m-%dT00:00:00Z", $baseTime);
$endTime = gmstrftime("%Y-%m-%dT00:00:00Z", strtotime("+{$daysRequested} days", time()));
$response = $client->download($startTime, $endTime);
$fp = fopen("./cache/" . $providerId . '.cache', 'w') or die("Can't open provider cache file for writing.");
fwrite($fp, serialize($response));
fclose($fp);
return $response;
}
function buildChain($cert, $certPath, $includeRoot = false)
{
if (isExpired($cert)) {
throw new Exception("Certificate has expired");
}
if (areCertsLinked($cert, $cert)) {
throw new Exception("Self-signed or CA cert");
}
$uris = $cert["issuers"];
if (!$uris) {
throw new Exception("Certificate doesn't specify issuers");
}
$c = $cert;
$chain = [];
while (sizeof($uris) > 0) {
$old = $c;
$uri = array_shift($uris);
$path = downloadIssuer($uri);
list($inform, $format) = detectCertFormat($path);
$c = parseFormattedCert(readCertificate($path, $inform, $format));
if (isExpired($c)) {
throw new Exception("Expired intermediate in the chain");
}
if (areCertsLinked($c, $c)) {
break;
}
if (!areCertsLinked($c, $old)) {
$msg = "Intermediate doesn't match previous certificate in the chain";
throw new Exception($msg);
}
$chain[] = $path;
if (isset($c["issuers"])) {
foreach ($c["issuers"] as $i) {
$uris[] = $i;
// we don't currently have a good way of handling multiple
// issuers
break;
}
}
}
// we are at the end of the chain, see if there's matching root CA
$cacheDir = __DIR__ . '/cache';
$adapter = new File($cacheDir);
$adapter->setOption('ttl', 600);
$cache = new Cache($adapter);
if (!$cache->get(md5($path) . "-root")) {
$root = findMatchingRoot($c);
$chain[] = $root;
$cache->set(md5($path) . "-root", $root);
} else {
$chain[] = $cache->get(md5($path) . "-root");
}
// build certificate bundle
foreach ($chain as $i => $path) {
list($inform, $format) = detectCertFormat($path);
$cmd = sprintf("openssl x509 -inform %s -outform pem -in %s -out %s", escapeshellarg($inform), escapeshellarg($path), escapeshellarg(__DIR__ . "/tmp/" . sha1($cert["subject"]) . "-{$i}.pem"));
exec($cmd);
}
unlink(__DIR__ . "/tmp/bundle.crt");
foreach ($chain as $i => $path) {
file_put_contents(__DIR__ . "/tmp/bundle.crt", file_get_contents(__DIR__ . "/tmp/" . sha1($cert["subject"]) . "-{$i}.pem"), FILE_APPEND);
}
// verify the chain is valid
$cmd = sprintf("openssl verify -verbose -purpose sslserver -CAfile %s/tmp/bundle.crt %s", __DIR__, escapeshellarg($certPath));
try {
execute($cmd);
} catch (Exception $e) {
$err = implode("\n", $e->output);
throw new Exception("Can't verify the bundle: {$err}");
}
// extract the original cert (it might contain some, or all, parts of the
// chain already)
$cmd = sprintf("openssl x509 -inform pem -outform pem -in %s", $certPath);
$out = implode("\n", execute($cmd));
$out .= "\n";
if (!$includeRoot) {
array_pop($chain);
}
foreach ($chain as $i => $path) {
$out .= file_get_contents(__DIR__ . "/tmp/" . sha1($cert["subject"]) . "-{$i}.pem");
unlink(__DIR__ . "/tmp/" . sha1($cert["subject"]) . "-{$i}.pem");
}
return $out;
}
