diff options
author | Daniel Seebald <d.seebald@reizwerk.com> | 2015-09-17 10:13:03 +0200 |
---|---|---|
committer | Daniel Seebald <d.seebald@reizwerk.com> | 2015-09-17 10:13:03 +0200 |
commit | 0edcccc3982f37dd9447cdbd57bb9a2969776277 (patch) | |
tree | be2e495185b21787888deb31235430205aefc04d /src/etc/inc/util.inc | |
parent | e18ffac2a4d5d4baec3adf8c1a3dd2c120cf82dc (diff) | |
download | pfsense-0edcccc3982f37dd9447cdbd57bb9a2969776277.zip pfsense-0edcccc3982f37dd9447cdbd57bb9a2969776277.tar.gz |
Added the possibility to use wildcard hostnames in certificate manager SAN fields
Diffstat (limited to 'src/etc/inc/util.inc')
-rw-r--r-- | src/etc/inc/util.inc | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/src/etc/inc/util.inc b/src/etc/inc/util.inc index b2c797b..a879e0e 100644 --- a/src/etc/inc/util.inc +++ b/src/etc/inc/util.inc @@ -830,12 +830,12 @@ function is_unqualified_hostname($hostname) { } /* returns true if $hostname is a valid hostname, with or without being a fully-qualified domain name. */ -function is_hostname($hostname) { +function is_hostname($hostname, $allow_wildcard=false) { if (!is_string($hostname)) { return false; } - if (is_domain($hostname)) { + if (is_domain($hostname, $allow_wildcard=false)) { if ((substr_count($hostname, ".") == 1) && ($hostname[strlen($hostname)-1] == ".")) { /* Only a single dot at the end like "test." - hosts cannot be directly in the root domain. */ return false; @@ -848,12 +848,18 @@ function is_hostname($hostname) { } /* returns true if $domain is a valid domain name */ -function is_domain($domain) { +function is_domain($domain, $allow_wildcard=false) { if (!is_string($domain)) { return false; } - if (preg_match('/^(?:(?:[a-z_0-9]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9])\.)*(?:[a-z_0-9]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9\.])$/i', $domain)) { + if ($allow_wildcard) { + $domain_regex = '/^(?:(?:[a-z_0-9\*]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9])\.)*(?:[a-z_0-9]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9\.])$/i'; + } else { + $domain_regex = '/^(?:(?:[a-z_0-9]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9])\.)*(?:[a-z_0-9]|[a-z_0-9][a-z_0-9\-]*[a-z_0-9\.])$/i'; + } + + if (preg_match($domain_regex, $domain)) { return true; } else { return false; |