From 00d3c66b3aeb6736460ad399d704c82456f50555 Mon Sep 17 00:00:00 2001 From: donal72 Date: Tue, 16 Oct 2007 13:27:06 +0000 Subject: [PATCH] New check_credentials function, and the check_common_name function how handles the subjectAltName type. MDL-11020, MDL-10326 --- mnet/peer.php | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/mnet/peer.php b/mnet/peer.php index 46cf2808cd..6731d3d534 100644 --- a/mnet/peer.php +++ b/mnet/peer.php @@ -141,17 +141,32 @@ class mnet_peer { } function check_common_name($key) { + $credentials = $this->check_credentials($key); + return $credentials['validTo_time_t']; + } + + function check_credentials($key) { $credentials = openssl_x509_parse($key); if ($credentials == false) { $this->error[] = array('code' => 3, 'text' => get_string("nonmatchingcert", 'mnet', array('',''))); return false; + } elseif (array_key_exists('subjectAltName', $credentials['subject']) && $credentials['subject']['subjectAltName'] != $this->wwwroot) { + $a[] = $credentials['subject']['subjectAltName']; + $a[] = $this->wwwroot; + $this->error[] = array('code' => 5, 'text' => get_string("nonmatchingcert", 'mnet', $a)); + return false; } elseif ($credentials['subject']['CN'] != $this->wwwroot) { $a[] = $credentials['subject']['CN']; $a[] = $this->wwwroot; $this->error[] = array('code' => 4, 'text' => get_string("nonmatchingcert", 'mnet', $a)); return false; } else { - return $credentials['validTo_time_t']; + if (array_key_exists('subjectAltName', $credentials['subject'])) { + $credentials['wwwroot'] = $credentials['subject']['subjectAltName']; + } else { + $credentials['wwwroot'] = $credentials['subject']['CN']; + } + return $credentials; } } -- 2.39.5