<?php

# Alias DV

$plugin_name='alias_dv';

class alias_dv
{

	public static $order=3;
	public static $filename_key="alias-{host}.{domain}-key.pem";
	public static $filename_cert="alias-{host}.{domain}-cert.pem";

	public static function update_symlinks($ssldir, $ahn, $hn)
	{
		if ((!($ssldir)) || (!($ahn)) || (!($hn)))
		{
			return false;
		}

		$alias_key_path=$ssldir."/alias-$ahn-key.pem";
		$alias_csr_path=$ssldir."/alias-$ahn.csr";
		$alias_cert_path=$ssldir."/alias-$ahn-cert.pem";

		$key_filename=$hn.'-key.pem';
		$csr_filename=$hn.'.csr';
		$cert_filename=$hn.'-cert.pem';

		$key_path=$ssldir.'/'.$key_filename;
		$csr_path=$ssldir.'/'.$csr_filename;
		$cert_path=$ssldir.'/'.$cert_filename;

		// update only if
		// 1.new key exitsts
		// 2.old key (or old key symlink) doesn't exist
		if (file_exists($key_path) && (!(file_exists($alias_key_path))))
		{
			if (is_link($alias_key_path)) { unlink($alias_key_path); }
			if (is_link($alias_csr_path)) { unlink($alias_csr_path); }
			if (is_link($alias_cert_path)) { unlink($alias_cert_path); }

			// re-create symlinks
			if (file_exists($key_path)) { symlink($key_filename, $alias_key_path); }
			if (file_exists($csr_path)) { symlink($csr_filename, $alias_csr_path); }
			if (file_exists($cert_path)) { symlink($cert_filename, $alias_cert_path); }
		}
	}

	public static function generate($ssldir, $ssl_all, $ini)
	{

		//sanity check
		if (!($openssl_bin=find_shell_command('openssl')))
		{
			logme('SSL error: openssl binary not found');
			return false;
		}

		foreach($ssl_all as $ssl)
		{
			$ahn=$ssl['host'].'.'.$ssl['domain'];

			$names=array();

			foreach ($ssl['aliases'] as $alias)
			{
				if(strpos($alias, '*') === false)
				{
					$alias_clean=$alias.'.'.$ssl['domain'];
					if ($alias=='www')
					{
						$alias_clean=$ssl['domain'];
					}
					if (!(in_array($alias_clean, $names)))
					{
						$names[]=$alias_clean;
					}
				}
			}

			foreach ($ssl['ext_aliases'] as $ext_alias)
			{
				if(strpos($ext_alias, '*') === false)
				{
					$ext_alias_clean=$ext_alias;
					if (substr($ext_alias,1,4)=='www.')
					{
						$ext_alias_clean=substr($ext_alias,5);
					}
					if (!(in_array($ext_alias_clean, $names)))
					{
						$names[]=$ext_alias_clean;
					}
				}
			}

			$nn=0;
			foreach ($names as $hn)
			{
				$nn++;
				$key_path=$ssldir."/$hn-key.pem";
				$csr_path=$ssldir."/$hn.csr";
				$cert_path=$ssldir."/$hn-cert.pem";

				if (!(file_exists($key_path)))
				{
					if (file_exists($cert_path.'.bck'))
					{
						unlink($cert_path.'.bck');
					}
					if (file_exists($cert_path))
					{
						rename($cert_path, $cert_path.'.bck');
					}
					exec_as_err($openssl_bin." req -nodes -newkey rsa:2048 -nodes -keyout ".$key_path." -out ".$csr_path." -subj '/C=HU/ST=Budapest/L=Budapest/O=".$ini['global']['name']."/OU=internet/CN=".$hn."'", $ini['ssl']['user'], false);

					// re-create symlinks pointing to the first alias host's keys
					if ($nn==1)
					{
						self::update_symlinks($ssldir, $ahn, $hn);
					}
				}
			}
		}
	}

}