2011-12-16 23:31:35 +00:00
|
|
|
<?php defined('SYSPATH') or die('No direct access allowed.');
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* This class supports Services
|
|
|
|
|
*
|
2013-03-19 22:35:19 +00:00
|
|
|
* @package SSL
|
2011-12-16 23:31:35 +00:00
|
|
|
* @category Models
|
|
|
|
|
* @author Deon George
|
2013-03-19 22:35:19 +00:00
|
|
|
* @copyright (c) 2009-2013 Open Source Billing
|
2011-12-16 23:31:35 +00:00
|
|
|
* @license http://dev.osbill.net/license.html
|
|
|
|
|
*/
|
2013-01-10 11:25:19 +00:00
|
|
|
class Model_Service_Plugin_Ssl extends Model_Service_Plugin {
|
2011-12-16 23:31:35 +00:00
|
|
|
protected $_table_name = 'service__ssl';
|
|
|
|
|
protected $_updated_column = FALSE;
|
|
|
|
|
|
|
|
|
|
// Relationships
|
|
|
|
|
protected $_belongs_to = array(
|
|
|
|
|
'service'=>array(),
|
|
|
|
|
);
|
|
|
|
|
protected $_has_one = array(
|
2012-11-09 23:13:57 +00:00
|
|
|
'SSL_CA'=>array('far_key'=>'ssl_ca_id','foreign_key'=>'id'),
|
2011-12-16 23:31:35 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
protected $_display_filters = array(
|
|
|
|
|
'csr'=>array(
|
|
|
|
|
array('SSL::csrsubject',array(':value')),
|
|
|
|
|
),
|
2011-12-26 13:52:46 +00:00
|
|
|
'cert'=>array(
|
|
|
|
|
array('SSL::subject',array(':value')),
|
|
|
|
|
),
|
2011-12-16 23:31:35 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
// Required abstract functions
|
2012-06-26 14:28:18 +00:00
|
|
|
public function username_value() {} // Not used
|
|
|
|
|
public function password_value() {} // Not used
|
|
|
|
|
|
2012-12-19 06:28:39 +00:00
|
|
|
private $_so = NULL;
|
2012-10-08 12:52:21 +00:00
|
|
|
|
2012-12-19 06:28:39 +00:00
|
|
|
/**
|
|
|
|
|
* Resolve any queries to certificate details
|
|
|
|
|
*/
|
|
|
|
|
public function __call($name,$args) {
|
|
|
|
|
$m = 'get_'.$name;
|
2012-05-08 14:59:08 +00:00
|
|
|
|
2012-12-19 06:28:39 +00:00
|
|
|
if (method_exists($this->_so,$m))
|
|
|
|
|
return $this->_so->{$m}($args);
|
|
|
|
|
else
|
|
|
|
|
throw new Kohana_Exception('Unknown method :method',array(':method'=>$name));
|
2012-05-08 14:59:08 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-19 06:28:39 +00:00
|
|
|
// We want to inject the SSL object into this Model
|
|
|
|
|
protected function _load_values(array $values) {
|
|
|
|
|
parent::_load_values($values);
|
2012-05-08 14:59:08 +00:00
|
|
|
|
2012-12-19 06:28:39 +00:00
|
|
|
if ($this->cert)
|
|
|
|
|
$this->_so = SSL::instance($this->cert);
|
2011-12-16 23:31:35 +00:00
|
|
|
|
2012-12-19 06:28:39 +00:00
|
|
|
return $this;
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-19 06:28:39 +00:00
|
|
|
// If we change the SSL certificate, we need to reload our SSL object
|
|
|
|
|
public function values(array $values, array $expected = NULL) {
|
|
|
|
|
parent::values($values,$expected);
|
2012-05-08 14:59:08 +00:00
|
|
|
|
2012-12-19 06:28:39 +00:00
|
|
|
if (array_key_exists('cert',$values))
|
|
|
|
|
$this->_so = SSL::instance($this->cert);
|
2011-12-16 23:31:35 +00:00
|
|
|
|
2012-12-19 06:28:39 +00:00
|
|
|
return $this;
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-19 06:28:39 +00:00
|
|
|
public function expire() {
|
|
|
|
|
return $this->_so->get_valid_to();
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-19 06:28:39 +00:00
|
|
|
public function name() {
|
2012-11-09 23:13:57 +00:00
|
|
|
return ($this->cert AND $this->SSL_CA->loaded()) ? sprintf('%s:%s',$this->SSL_CA->subject(),$this->display('cert')) : $this->display('csr');
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
2012-12-19 06:28:39 +00:00
|
|
|
public function service_view() {
|
|
|
|
|
return View::factory('service/user/plugin/ssl/view')
|
|
|
|
|
->set('so',$this);
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get specific service details for use in other modules
|
|
|
|
|
* For Example: Invoice
|
|
|
|
|
*
|
|
|
|
|
* @todo Make the rendered items configurable
|
|
|
|
|
* @todo Change this method name, now that it is public
|
|
|
|
|
*/
|
|
|
|
|
// @todo This needs to be validated for this model
|
|
|
|
|
public function _details($type) {
|
|
|
|
|
switch ($type) {
|
|
|
|
|
case 'invoice_detail_items':
|
2012-02-22 08:15:46 +00:00
|
|
|
return array();
|
2011-12-16 23:31:35 +00:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
return parent::$_details($type);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// @todo This needs to be validated for this model
|
|
|
|
|
public function admin_update() {
|
|
|
|
|
return View::factory('service/admin/plugin/ssl/update')
|
|
|
|
|
->set('mediapath',Route::get('default/media'))
|
|
|
|
|
->set('so',$this);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function download_button() {
|
2012-08-01 12:43:33 +00:00
|
|
|
if (! $this->service->status OR ! preg_match('/client/',$this->service->product->plugin()->extensions) OR $this->valid_to() < time())
|
2011-12-16 23:31:35 +00:00
|
|
|
return '';
|
|
|
|
|
|
|
|
|
|
// @todo Do some password validation
|
2013-02-12 11:14:59 +00:00
|
|
|
$output = Form::open(URL::link('user','ssl/download'));
|
2011-12-16 23:31:35 +00:00
|
|
|
$output .= Form::hidden('sid',$this->service->id);
|
|
|
|
|
$output .= _('Choose a password').': '.Form::password('passwd','').'<br/><br/>';
|
|
|
|
|
$output .= Form::submit('download','Download',array('class'=>'form_button'));
|
|
|
|
|
return $output;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function cacerts() {
|
2013-04-05 12:50:08 +00:00
|
|
|
$result = array();
|
2011-12-16 23:31:35 +00:00
|
|
|
|
|
|
|
|
$x = $this->ssl_ca_id;
|
|
|
|
|
while ($x) {
|
2012-11-09 23:13:57 +00:00
|
|
|
$sco = ORM::factory('SSL_CA',$x);
|
2013-04-05 12:50:08 +00:00
|
|
|
array_push($result,$sco->sign_cert);
|
2011-12-16 23:31:35 +00:00
|
|
|
$x = $sco->parent_ssl_ca_id;
|
|
|
|
|
}
|
|
|
|
|
|
2013-04-05 12:50:08 +00:00
|
|
|
return $result;
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public function renew() {
|
2013-04-20 01:40:44 +00:00
|
|
|
$d = SSL::instance($this->cert);
|
2012-11-09 23:13:57 +00:00
|
|
|
$ssl_conf = Kohana::$config->load('ssl');
|
2012-02-22 08:15:46 +00:00
|
|
|
// @todo change this so an admin can force this.
|
|
|
|
|
$force = TRUE;
|
2011-12-16 23:31:35 +00:00
|
|
|
|
|
|
|
|
// If our certificate is not old enough skip
|
2013-04-20 01:40:44 +00:00
|
|
|
if ($d->get_valid_to() > time()+$ssl_conf['min_renew_days']*86400 AND ! $force)
|
2011-12-16 23:31:35 +00:00
|
|
|
return FALSE;
|
|
|
|
|
|
2012-11-09 23:13:57 +00:00
|
|
|
$res = openssl_csr_sign($this->csr,$this->SSL_CA->sign_cert,$this->SSL_CA->sign_pk,$this->service->product->plugin()->days,array(
|
2011-12-16 23:31:35 +00:00
|
|
|
'config'=>$ssl_conf['config'],
|
2012-02-22 08:15:46 +00:00
|
|
|
'x509_extensions'=>$this->service->product->plugin()->extensions,
|
2012-05-08 14:59:08 +00:00
|
|
|
'digest_alg'=>'sha1',
|
2011-12-16 23:31:35 +00:00
|
|
|
),time());
|
|
|
|
|
|
2012-02-22 08:15:46 +00:00
|
|
|
if ($res AND openssl_x509_export($res,$cert)) {
|
2011-12-16 23:31:35 +00:00
|
|
|
$this->cert = $cert;
|
|
|
|
|
$this->save();
|
|
|
|
|
|
|
|
|
|
return TRUE;
|
2012-07-01 00:18:21 +00:00
|
|
|
} else {
|
|
|
|
|
print_r(array(
|
|
|
|
|
'csr'=>$this->csr,
|
2012-11-09 23:13:57 +00:00
|
|
|
'ca'=>$this->SSL_CA->sign_cert,
|
|
|
|
|
'capk'=>$this->SSL_CA->sign_pk,
|
2012-07-01 00:18:21 +00:00
|
|
|
'days'=>$this->service->product->plugin()->days,
|
|
|
|
|
'ssl'=>$ssl_conf,
|
|
|
|
|
'x509e'=>$this->service->product->plugin()->extensions
|
|
|
|
|
));
|
|
|
|
|
|
2011-12-16 23:31:35 +00:00
|
|
|
throw new Kohana_Exception('Error Creating SSL Certificate :error',array(':error'=>openssl_error_string()));
|
2012-07-01 00:18:21 +00:00
|
|
|
}
|
2011-12-16 23:31:35 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
?>
|
