exit;
}
if ($argv[1] == "--buildkey") {
buildkey($argv[2]);
}
if ($argv[1] == "--x509") {
x509($argv[2]);
}
if ($argv[1] == "--mysql") {
update_from_mysql($argv[2]);
}
if ($argv[1] == "--squid-auto") {
squid_autosigned($argv[2]);
}
if ($argv[1] == "--squid-validate") {
squid_validate($argv[2]);
}
if ($argv[1] == "--BuildCSR") {
BuildCSR($argv[2]);
}
if ($argv[1] == "--client-server") {
autosigned_certificate_server_client($argv[2]);
}
echo "Cannot understand your commandline {$argv[1]}\n";
function BuildCSR($CommonName)
{
$CommonName = str_replace("_ALL_", "*", $CommonName);
buildkey($CommonName);
squid_autosigned($CommonName);
update_from_mysql($CommonName);
}
function build_pkcs12($CommonName)
{
$unix = new unix();
$q = new mysql();
$sql = "SELECT Squidkey,srca,SquidCert FROM sslcertificates WHERE CommonName='{$CommonName}'";
$ligne = mysql_fetch_array($q->QUERY_SQL($sql, "artica_backup"));
if (!$q->ok) {
echo "FATAL! {$q->mysql_error}\n";
return;
}
$openssl = $unix->find_program("openssl");
squid_validate($CommonName);
$CommonName = str_replace("_ALL_", "*", $CommonName);
$directory = "/etc/openssl/certificate_center/" . md5($CommonName);
@mkdir($directory, 0755, true);
$tmpfile = time();
if (trim($ligne["Squidkey"]) == null) {
$ligne["Squidkey"] = $ligne["srca"];
}
@file_put_contents("{$directory}/{$tmpfile}.key", $ligne["Squidkey"]);
@file_put_contents("{$directory}/{$tmpfile}.cert", $ligne["SquidCert"]);
echo "Private key: {$directory}/{$tmpfile}.key\n";
echo "Certificate: {$directory}/{$tmpfile}.cert\n";
build_progress_x509("Build pks12 certificate", 70);
$cmdline = "{$openssl} pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in {$directory}/{$tmpfile}.cert -inkey {$directory}/{$tmpfile}.key -out {$directory}/{$tmpfile}.pks12 -password pass:\"\" -name \"{$CommonName}\"";
$resultsCMD = array();
exec($cmdline, $resultsCMD);
while (list($num, $line) = each($resultsCMD)) {
if ($GLOBALS["OUTPUT"]) {
echo "[" . __LINE__ . "] {$line}\n";
}
if (openssl_failed($line)) {
build_progress_x509("{failed}", 110);
return;
}
}
if (!$q->FIELD_EXISTS("sslcertificates", "pks12", "artica_backup")) {
$sql = "ALTER TABLE `sslcertificates` ADD `pks12` TEXT NOT NULL";
$q->QUERY_SQL($sql, 'artica_backup');
}
if (!is_file("{$directory}/{$tmpfile}.pks12")) {
build_progress_x509("Save pks12 failed", 70);
return;
}
$pks12 = mysql_escape_string2(@file_get_contents("{$directory}/{$tmpfile}.pks12"));
build_progress_x509("Save pks12 certificate: " . strlen($pks12), 80);
$q->QUERY_SQL("UPDATE sslcertificates SET pks12='{$pks12}' WHERE CommonName='{$CommonName}'", "artica_backup");
@unlink("{$directory}/{$tmpfile}.pks12");
@unlink("{$directory}/{$tmpfile}.key");
@unlink("{$directory}/{$tmpfile}.cert");
if (!$q->ok) {
build_progress_x509("Save pks12 certificate: " . strlen($pks12) . " {failed}", 110);
echo $q->mysql_error;
return;
}
return true;
}
