From 7ef72fe0dc0f360e04e15a46d137a12a518450b9 Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Mon, 1 Mar 2021 10:20:21 +0300
Subject: move startup checks to Config, set a bunch of @deprecated annotations

---
 classes/pref/prefs.php | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

(limited to 'classes/pref')

diff --git a/classes/pref/prefs.php b/classes/pref/prefs.php
index de03b34dc..3436e4f60 100644
--- a/classes/pref/prefs.php
+++ b/classes/pref/prefs.php
@@ -694,7 +694,7 @@ class Pref_Prefs extends Handler_Protected {
 
 						print \Controls\input_tag($pref_name, $value, "text", ["readonly" => true], "SSL_CERT_SERIAL");
 
-						$cert_serial = htmlspecialchars(get_ssl_certificate_id());
+						$cert_serial = htmlspecialchars(self::_get_ssl_certificate_id());
 						$has_serial = ($cert_serial) ? true : false;
 
 						print \Controls\button_tag(__('Register'), "", [
@@ -1408,4 +1408,20 @@ class Pref_Prefs extends Handler_Protected {
 
 		$this->appPasswordList();
 	}
+
+	static function _get_ssl_certificate_id() {
+		if ($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] ?? false) {
+			return sha1($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"] .
+				$_SERVER["REDIRECT_SSL_CLIENT_V_START"] .
+				$_SERVER["REDIRECT_SSL_CLIENT_V_END"] .
+				$_SERVER["REDIRECT_SSL_CLIENT_S_DN"]);
+		}
+		if ($_SERVER["SSL_CLIENT_M_SERIAL"] ?? false) {
+			return sha1($_SERVER["SSL_CLIENT_M_SERIAL"] .
+				$_SERVER["SSL_CLIENT_V_START"] .
+				$_SERVER["SSL_CLIENT_V_END"] .
+				$_SERVER["SSL_CLIENT_S_DN"]);
+		}
+		return "";
+	}
 }
-- 
cgit v1.2.3-54-g00ecf