From: donal72 Date: Tue, 16 Oct 2007 13:27:06 +0000 (+0000) Subject: New check_credentials function, and the check_common_name function how handles the... X-Git-Url: http://git.mjollnir.org/gw?a=commitdiff_plain;h=00d3c66b3aeb6736460ad399d704c82456f50555;p=moodle.git New check_credentials function, and the check_common_name function how handles the subjectAltName type. MDL-11020, MDL-10326 --- diff --git a/mnet/peer.php b/mnet/peer.php index 46cf2808cd..6731d3d534 100644 --- a/mnet/peer.php +++ b/mnet/peer.php @@ -141,17 +141,32 @@ class mnet_peer { } function check_common_name($key) { + $credentials = $this->check_credentials($key); + return $credentials['validTo_time_t']; + } + + function check_credentials($key) { $credentials = openssl_x509_parse($key); if ($credentials == false) { $this->error[] = array('code' => 3, 'text' => get_string("nonmatchingcert", 'mnet', array('',''))); return false; + } elseif (array_key_exists('subjectAltName', $credentials['subject']) && $credentials['subject']['subjectAltName'] != $this->wwwroot) { + $a[] = $credentials['subject']['subjectAltName']; + $a[] = $this->wwwroot; + $this->error[] = array('code' => 5, 'text' => get_string("nonmatchingcert", 'mnet', $a)); + return false; } elseif ($credentials['subject']['CN'] != $this->wwwroot) { $a[] = $credentials['subject']['CN']; $a[] = $this->wwwroot; $this->error[] = array('code' => 4, 'text' => get_string("nonmatchingcert", 'mnet', $a)); return false; } else { - return $credentials['validTo_time_t']; + if (array_key_exists('subjectAltName', $credentials['subject'])) { + $credentials['wwwroot'] = $credentials['subject']['subjectAltName']; + } else { + $credentials['wwwroot'] = $credentials['subject']['CN']; + } + return $credentials; } }