exit; } if ($argv[1] == "--buildkey") { buildkey($argv[2]); } if ($argv[1] == "--x509") { x509($argv[2]); } if ($argv[1] == "--mysql") { update_from_mysql($argv[2]); } if ($argv[1] == "--squid-auto") { squid_autosigned($argv[2]); } if ($argv[1] == "--squid-validate") { squid_validate($argv[2]); } if ($argv[1] == "--BuildCSR") { BuildCSR($argv[2]); } if ($argv[1] == "--client-server") { autosigned_certificate_server_client($argv[2]); } echo "Cannot understand your commandline {$argv[1]}\n"; function BuildCSR($CommonName) { $CommonName = str_replace("_ALL_", "*", $CommonName); buildkey($CommonName); squid_autosigned($CommonName); update_from_mysql($CommonName); }
function build_pkcs12($CommonName) { $unix = new unix(); $q = new mysql(); $sql = "SELECT Squidkey,srca,SquidCert FROM sslcertificates WHERE CommonName='{$CommonName}'"; $ligne = mysql_fetch_array($q->QUERY_SQL($sql, "artica_backup")); if (!$q->ok) { echo "FATAL! {$q->mysql_error}\n"; return; } $openssl = $unix->find_program("openssl"); squid_validate($CommonName); $CommonName = str_replace("_ALL_", "*", $CommonName); $directory = "/etc/openssl/certificate_center/" . md5($CommonName); @mkdir($directory, 0755, true); $tmpfile = time(); if (trim($ligne["Squidkey"]) == null) { $ligne["Squidkey"] = $ligne["srca"]; } @file_put_contents("{$directory}/{$tmpfile}.key", $ligne["Squidkey"]); @file_put_contents("{$directory}/{$tmpfile}.cert", $ligne["SquidCert"]); echo "Private key: {$directory}/{$tmpfile}.key\n"; echo "Certificate: {$directory}/{$tmpfile}.cert\n"; build_progress_x509("Build pks12 certificate", 70); $cmdline = "{$openssl} pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in {$directory}/{$tmpfile}.cert -inkey {$directory}/{$tmpfile}.key -out {$directory}/{$tmpfile}.pks12 -password pass:\"\" -name \"{$CommonName}\""; $resultsCMD = array(); exec($cmdline, $resultsCMD); while (list($num, $line) = each($resultsCMD)) { if ($GLOBALS["OUTPUT"]) { echo "[" . __LINE__ . "] {$line}\n"; } if (openssl_failed($line)) { build_progress_x509("{failed}", 110); return; } } if (!$q->FIELD_EXISTS("sslcertificates", "pks12", "artica_backup")) { $sql = "ALTER TABLE `sslcertificates` ADD `pks12` TEXT NOT NULL"; $q->QUERY_SQL($sql, 'artica_backup'); } if (!is_file("{$directory}/{$tmpfile}.pks12")) { build_progress_x509("Save pks12 failed", 70); return; } $pks12 = mysql_escape_string2(@file_get_contents("{$directory}/{$tmpfile}.pks12")); build_progress_x509("Save pks12 certificate: " . strlen($pks12), 80); $q->QUERY_SQL("UPDATE sslcertificates SET pks12='{$pks12}' WHERE CommonName='{$CommonName}'", "artica_backup"); @unlink("{$directory}/{$tmpfile}.pks12"); @unlink("{$directory}/{$tmpfile}.key"); @unlink("{$directory}/{$tmpfile}.cert"); if (!$q->ok) { build_progress_x509("Save pks12 certificate: " . strlen($pks12) . " {failed}", 110); echo $q->mysql_error; return; } return true; }