import club.wpia.gigi.GigiApiException;
import club.wpia.gigi.database.GigiPreparedStatement;
import club.wpia.gigi.database.GigiResultSet;
+import club.wpia.gigi.dbObjects.Certificate.RevocationType;
import club.wpia.gigi.util.DomainAssessment;
public class Domain implements IdCachable, Verifyable {
}
private static void checkInsert(String suffix) throws GigiApiException {
- try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `domains` WHERE (`domain`=? OR (CONCAT('.', `domain`)=RIGHT(?,LENGTH(`domain`)+1) OR RIGHT(`domain`,LENGTH(?)+1)=CONCAT('.',?))) AND `deleted` IS NULL")) {
+ try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `domains` WHERE (`domain`=? OR (CONCAT('.', `domain`)=RIGHT(?,LENGTH(`domain`)+1) OR RIGHT(`domain`,LENGTH(?)+1)=CONCAT('.',?::VARCHAR))) AND `deleted` IS NULL")) {
ps.setString(1, suffix);
ps.setString(2, suffix);
ps.setString(3, suffix);
ps.setInt(1, id);
ps.execute();
}
+ LinkedList<Job> revokes = new LinkedList<Job>();
+ for (Certificate cert : fetchActiveCertificates()) {
+ revokes.add(cert.revoke(RevocationType.USER));
+ }
+ long start = System.currentTimeMillis();
+ for (Job job : revokes) {
+ int toWait = (int) (60000 + start - System.currentTimeMillis());
+ if (toWait > 0) {
+ job.waitFor(toWait);
+ } else {
+ break; // canceled... waited too log
+ }
+ }
}
}
private LinkedList<DomainPingConfiguration> configs = null;
- public List<DomainPingConfiguration> getConfiguredPings() throws GigiApiException {
+ public List<DomainPingConfiguration> getConfiguredPings() {
LinkedList<DomainPingConfiguration> configs = this.configs;
if (configs == null) {
configs = new LinkedList<>();
}
}
+ /**
+ * Determines current domain validity. A domain is valid, iff at least two
+ * configured pings are currently successful.
+ *
+ * @return true, iff domain is valid
+ * @throws GigiApiException
+ */
public boolean isVerified() {
- try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT 1 FROM `domainPinglog` INNER JOIN `pingconfig` ON `pingconfig`.`id`=`domainPinglog`.`configId` WHERE `domainid`=? AND `state`='success'")) {
- ps.setInt(1, id);
- GigiResultSet rs = ps.executeQuery();
- return rs.next();
+ int count = 0;
+ boolean[] used = new boolean[DomainPingType.values().length];
+ for (DomainPingConfiguration config : getConfiguredPings()) {
+ if (config.isValid() && !used[config.getType().ordinal()]) {
+ count++;
+ used[config.getType().ordinal()] = true;
+ }
+ if (count >= 2) {
+ return true;
+ }
}
+ return false;
}
public DomainPingExecution[] getPings() throws GigiApiException {
}
}
+ public Certificate[] fetchActiveCertificates() {
+ try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `certs`.`id` FROM `certs` INNER JOIN `subjectAlternativeNames` ON `subjectAlternativeNames`.`certId` = `certs`.`id` WHERE (`contents`=? OR RIGHT(`contents`,LENGTH(?)+1)=CONCAT('.',?::VARCHAR)) AND `type`='DNS' AND `revoked` IS NULL AND `expire` > CURRENT_TIMESTAMP AND `memid`=? GROUP BY `certs`.`id`", true)) {
+ ps.setString(1, suffix);
+ ps.setString(2, suffix);
+ ps.setString(3, suffix);
+ ps.setInt(4, owner.getId());
+ GigiResultSet rs = ps.executeQuery();
+ rs.last();
+ Certificate[] res = new Certificate[rs.getRow()];
+ rs.beforeFirst();
+ int i = 0;
+ while (rs.next()) {
+ res[i++] = Certificate.getById(rs.getInt(1));
+ }
+ return res;
+ }
+ }
+
}
projects / gigi.git / blobdiff