allow searching certs by SAN

2025-09-17 18:45:37 +08:00 · 2021-05-20 11:33:53 +03:00 · 2021-05-20 11:33:53 +03:00 · 5020adaf22
commit 5020adaf22
parent 9e7f9f43ac
2 changed files with 28 additions and 1 deletions
--- a/docs/api/openapi.yml
+++ b/docs/api/openapi.yml
@ -917,6 +917,12 @@ paths:
                  schema:
                      type: string
                      example: example.com
+                - name: altNames
+                  in: query
+                  description: Match `query` value against SAN as well (by default checks only registered server names)
+                  schema:
+                      type: boolean
+                      example: false
                - name: limit
                  in: query
                  description: How many records to return
--- a/lib/api/certs.js
+++ b/lib/api/certs.js
@ -7,7 +7,7 @@ const ObjectID = require('mongodb').ObjectID;
 const CertHandler = require('../cert-handler');
 const tools = require('../tools');
 const roles = require('../roles');
-const { nextPageCursorSchema, previousPageCursorSchema, pageNrSchema, sessSchema, sessIPSchema } = require('../schemas');
+const { nextPageCursorSchema, previousPageCursorSchema, pageNrSchema, sessSchema, sessIPSchema, booleanSchema } = require('../schemas');

 module.exports = (db, server) => {
    const certHandler = new CertHandler({
@ -24,6 +24,7 @@ module.exports = (db, server) => {

            const schema = Joi.object().keys({
                query: Joi.string().empty('').trim().max(255),
+                altNames: booleanSchema.default(false),
                limit: Joi.number().default(20).min(1).max(250),
                next: nextPageCursorSchema,
                previous: previousPageCursorSchema,
@ -52,6 +53,7 @@ module.exports = (db, server) => {
            req.validate(roles.can(req.role).readAny('certs'));

            let query = result.value.query;
+            let altNames = result.value.altNames;
            let limit = result.value.limit;
            let page = result.value.page;
            let pageNext = result.value.next;
@ -66,6 +68,25 @@ module.exports = (db, server) => {
                  }
                : {};

+            if (query && altNames) {
+                filter = {
+                    $or: [
+                        filter,
+                        {
+                            altNames: {
+                                $regex: query.replace(/[-/\\^$*+?.()|[\]{}]/g, '\\$&'),
+                                $options: ''
+                            }
+                        }
+                    ]
+                };
+
+                if (query.indexOf('.') >= 0) {
+                    let wcMatch = '*' + query.substr(query.indexOf('.'));
+                    filter.$or.push({ altNames: wcMatch });
+                }
+            }
+
            let total = await db.database.collection('certs').countDocuments(filter);

            let opts = {