1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace PragmaRX\Health\Checkers; |
4
|
|
|
|
5
|
|
|
use Illuminate\Support\Collection; |
6
|
|
|
use Illuminate\Support\Str; |
7
|
|
|
use PragmaRX\Health\Support\Result; |
8
|
|
|
use Spatie\SslCertificate\SslCertificate; |
9
|
|
|
|
10
|
|
|
class Certificate extends Base |
11
|
|
|
{ |
12
|
|
|
/** |
13
|
|
|
* HTTP Checker. |
14
|
|
|
* |
15
|
|
|
* @return Result |
16
|
|
|
*/ |
17
|
|
|
public function check() |
18
|
|
|
{ |
19
|
|
|
$resources = $this->getResourceUrlArray(); |
20
|
|
|
|
21
|
|
|
$first = collect($resources)->first(); |
22
|
|
|
|
23
|
|
|
if (filled($first)) { |
24
|
|
|
$this->target->setDisplay("{$first}"); |
25
|
|
|
} |
26
|
|
|
|
27
|
|
|
try { |
28
|
|
|
foreach ($resources as $url) { |
29
|
|
|
[$healthy, $message] = $this->checkCertificate($url); |
|
|
|
|
30
|
|
|
|
31
|
|
|
if (! $healthy) { |
32
|
|
|
return $this->makeResult(false, $message); |
33
|
|
|
} |
34
|
|
|
} |
35
|
|
|
|
36
|
|
|
return $this->makeHealthyResult(); |
37
|
|
|
} catch (\Exception $exception) { |
38
|
|
|
report($exception); |
39
|
|
|
|
40
|
|
|
return $this->makeResultFromException($exception); |
41
|
|
|
} |
42
|
|
|
} |
43
|
|
|
|
44
|
|
|
/** |
45
|
|
|
* HTTP Checker. |
46
|
|
|
* |
47
|
|
|
* @return Result |
48
|
|
|
*/ |
49
|
|
|
public function checkCertificate($url) |
50
|
|
|
{ |
51
|
|
|
return $this->checkHostCertificate($this->getHost($url)); |
52
|
|
|
} |
53
|
|
|
|
54
|
|
|
/** |
55
|
|
|
* Get the error message. |
56
|
|
|
* |
57
|
|
|
* @return string |
58
|
|
|
*/ |
59
|
|
|
protected function getErrorMessage($host) |
60
|
|
|
{ |
61
|
|
|
return sprintf($this->target->resource->errorMessage, $host); |
62
|
|
|
} |
63
|
|
|
|
64
|
|
|
/** |
65
|
|
|
* Get the error message. |
66
|
|
|
* |
67
|
|
|
* @return string |
68
|
|
|
*/ |
69
|
|
|
protected function getHost($url) |
70
|
|
|
{ |
71
|
|
|
$parsed = parse_url($url); |
72
|
|
|
|
73
|
|
|
if (isset($parsed['host'])) { |
74
|
|
|
return $parsed['host']; |
75
|
|
|
} |
76
|
|
|
|
77
|
|
|
return $url; |
78
|
|
|
} |
79
|
|
|
|
80
|
|
|
/** |
81
|
|
|
* Get array of resource urls. |
82
|
|
|
* |
83
|
|
|
* @return array |
84
|
|
|
*/ |
85
|
|
|
private function getResourceUrlArray() |
86
|
|
|
{ |
87
|
|
|
if (is_a($this->target->urls, Collection::class)) { |
88
|
|
|
return $this->target->urls->toArray(); |
89
|
|
|
} |
90
|
|
|
|
91
|
|
|
return (array) $this->target->urls; |
92
|
|
|
} |
93
|
|
|
|
94
|
|
|
public function checkHostCertificate($host) |
95
|
|
|
{ |
96
|
|
|
$result = collect([ |
97
|
|
|
'openssl' => $this->checkCertificateWithOpenSSL($host), |
98
|
|
|
|
99
|
|
|
'package' => [ |
100
|
|
|
SslCertificate::createForHostName($host)->isValid(), |
101
|
|
|
'Invalid certificate', |
102
|
|
|
], |
103
|
|
|
|
104
|
|
|
'php' => $this->checkCertificateWithPhp($host), |
105
|
|
|
]) |
106
|
|
|
->filter(function ($result) { |
107
|
|
|
return $result[0] === false; |
108
|
|
|
}) |
109
|
|
|
->first(); |
110
|
|
|
|
111
|
|
|
if ($result === null) { |
112
|
|
|
return [true, '']; |
113
|
|
|
} |
114
|
|
|
|
115
|
|
|
return $result; |
116
|
|
|
} |
117
|
|
|
|
118
|
|
|
public function checkCertificateWithOpenSSL($host) |
119
|
|
|
{ |
120
|
|
|
exec($this->makeCommand($host), $output); |
121
|
|
|
|
122
|
|
|
$result = collect($output) |
123
|
|
|
->filter( |
124
|
|
|
function ($line) { |
125
|
|
|
return Str::contains( |
126
|
|
|
$line, |
127
|
|
|
$this->target->resource->verifyString |
128
|
|
|
); |
129
|
|
|
} |
130
|
|
|
) |
131
|
|
|
->first(); |
132
|
|
|
|
133
|
|
|
if (blank($result)) { |
134
|
|
|
$output = blank($output) ? 'Unkown openssl error' : $output; |
135
|
|
|
|
136
|
|
|
return [false, json_encode($output)]; |
137
|
|
|
} |
138
|
|
|
|
139
|
|
|
return [ |
140
|
|
|
trim($result) == $this->target->resource->successString, |
141
|
|
|
$result, |
142
|
|
|
]; |
143
|
|
|
} |
144
|
|
|
|
145
|
|
|
public function checkCertificateWithPhp($host) |
146
|
|
|
{ |
147
|
|
|
try { |
148
|
|
|
$get = stream_context_create([ |
149
|
|
|
'ssl' => ['capture_peer_cert' => true], |
150
|
|
|
]); |
151
|
|
|
|
152
|
|
|
$read = stream_socket_client( |
|
|
|
|
153
|
|
|
'ssl://'.$host.':443', |
154
|
|
|
$errno, |
155
|
|
|
$errstr, |
156
|
|
|
30, |
157
|
|
|
STREAM_CLIENT_CONNECT, |
158
|
|
|
$get |
159
|
|
|
); |
160
|
|
|
} catch (\Exception $exception) { |
161
|
|
|
return [false, $exception->getMessage()]; |
162
|
|
|
} |
163
|
|
|
|
164
|
|
|
return [true, '']; |
165
|
|
|
} |
166
|
|
|
|
167
|
|
|
/** |
168
|
|
|
* @param $host |
169
|
|
|
* @return string|string[] |
170
|
|
|
*/ |
171
|
|
|
protected function makeCommand($host) |
172
|
|
|
{ |
173
|
|
|
$command = $this->target->resource->command; |
174
|
|
|
|
175
|
|
|
$command = str_replace('{$options}', $this->target->options, $command); |
176
|
|
|
|
177
|
|
|
$command = str_replace('{$host}', $host, $command); |
178
|
|
|
|
179
|
|
|
return $command; |
180
|
|
|
} |
181
|
|
|
} |
182
|
|
|
|
This check marks access to variables or properties that have not been declared yet. While PHP has no explicit notion of declaring a variable, accessing it before a value is assigned to it is most likely a bug.