<?php declare(strict_types = 0); /* ** Copyright (C) 2001-2025 Zabbix SIA ** ** This program is free software: you can redistribute it and/or modify it under the terms of ** the GNU Affero General Public License as published by the Free Software Foundation, version 3. ** ** This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; ** without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. ** See the GNU Affero General Public License for more details. ** ** You should have received a copy of the GNU Affero General Public License along with this program. ** If not, see <https://www.gnu.org/licenses/>. **/ class CApiPskHelper { public static function checkPskOfIdentitiesAmongGivenPairs(array $psk_pairs): void { $tls_psk_by_identity = []; foreach ($psk_pairs as $i => $psk_pair) { if (array_key_exists($psk_pair['tls_psk_identity'], $tls_psk_by_identity) && $tls_psk_by_identity[$psk_pair['tls_psk_identity']] !== $psk_pair['tls_psk']) { throw new APIException(ZBX_API_ERROR_PARAMETERS, _s('Invalid parameter "%1$s": %2$s.', '/'.($i + 1).'/tls_psk', _('another tls_psk value is already associated with given tls_psk_identity') )); } $tls_psk_by_identity[$psk_pair['tls_psk_identity']] = $psk_pair['tls_psk']; } } public static function checkPskOfIdentitiesInAutoregistration(array $psk_pairs): void { $object_indexes = []; $psk_conditions = []; foreach ($psk_pairs as $i => $psk_pair) { if (!array_key_exists($psk_pair['tls_psk_identity'], $object_indexes)) { $object_indexes[$psk_pair['tls_psk_identity']] = $i; $psk_conditions[] = dbConditionString('tls_psk_identity', [$psk_pair['tls_psk_identity']]). ' AND '.dbConditionString('tls_psk', [$psk_pair['tls_psk']], true); } } $row = DBfetch(DBselect( 'SELECT tls_psk_identity'. ' FROM config_autoreg_tls'. ' WHERE ('.implode(') OR (', $psk_conditions).')' )); if ($row) { $i = $object_indexes[$row['tls_psk_identity']]; throw new APIException(ZBX_API_ERROR_PARAMETERS, _s('Invalid parameter "%1$s": %2$s.', '/'.($i + 1).'/tls_psk', _('another tls_psk value is already associated with given tls_psk_identity') )); } } public static function checkPskOfIdentityInAutoregistration(array $psk_pair): void { $row = DBfetch(DBselect( 'SELECT NULL'. ' FROM config_autoreg_tls'. ' WHERE '.dbConditionString('tls_psk_identity', [$psk_pair['tls_psk_identity']]). ' AND '.dbConditionString('tls_psk', [$psk_pair['tls_psk']], true), 1 )); if ($row) { throw new APIException(ZBX_API_ERROR_PARAMETERS, _s('Invalid parameter "%1$s": %2$s.', '/tls_psk', _('another tls_psk value is already associated with given tls_psk_identity') )); } } public static function checkPskOfIdentitiesAmongHosts(array $psk_pairs, ?array $hostids = null): void { $object_indexes = []; $psk_conditions = []; foreach ($psk_pairs as $i => $psk_pair) { if (!array_key_exists($psk_pair['tls_psk_identity'], $object_indexes)) { $object_indexes[$psk_pair['tls_psk_identity']] = $i; $psk_conditions[] = dbConditionString('tls_psk_identity', [$psk_pair['tls_psk_identity']]). ' AND '.dbConditionString('tls_psk', [$psk_pair['tls_psk']], true); } } $conditions = $hostids === null ? '('.implode(') OR (', $psk_conditions).')' : '(('.implode(') OR (', $psk_conditions).'))'. ' AND '.dbConditionId('hostid', $hostids, true); $row = DBfetch(DBselect( 'SELECT tls_psk_identity'. ' FROM hosts'. ' WHERE '.$conditions, 1 )); if ($row) { $i = $object_indexes[$row['tls_psk_identity']]; throw new APIException(ZBX_API_ERROR_PARAMETERS, _s('Invalid parameter "%1$s": %2$s.', '/'.($i + 1).'/tls_psk', _('another tls_psk value is already associated with given tls_psk_identity') )); } } public static function checkPskOfIdentitiesAmongProxies(array $psk_pairs, ?array $proxyids = null): void { $object_indexes = []; $psk_conditions = []; foreach ($psk_pairs as $i => $psk_pair) { if (!array_key_exists($psk_pair['tls_psk_identity'], $object_indexes)) { $object_indexes[$psk_pair['tls_psk_identity']] = $i; $psk_conditions[] = dbConditionString('tls_psk_identity', [$psk_pair['tls_psk_identity']]). ' AND '.dbConditionString('tls_psk', [$psk_pair['tls_psk']], true); } } $conditions = $proxyids === null ? '('.implode(') OR (', $psk_conditions).')' : '(('.implode(') OR (', $psk_conditions).'))'. ' AND '.dbConditionId('proxyid', $proxyids, true); $row = DBfetch(DBselect( 'SELECT tls_psk_identity'. ' FROM proxy'. ' WHERE '.$conditions, 1 )); if ($row) { $i = $object_indexes[$row['tls_psk_identity']]; throw new APIException(ZBX_API_ERROR_PARAMETERS, _s('Invalid parameter "%1$s": %2$s.', '/'.($i + 1).'/tls_psk', _('another tls_psk value is already associated with given tls_psk_identity') )); } } public static function checkPskOfIdentityAmongHosts(array $psk_pair, ?array $hostids = null): void { $hostid_condition = $hostids !== null ? ' AND '.dbConditionId('hostid', $hostids, true) : ''; $row = DBfetch(DBselect( 'SELECT NULL'. ' FROM hosts'. ' WHERE '.dbConditionString('tls_psk_identity', [$psk_pair['tls_psk_identity']]). ' AND '.dbConditionString('tls_psk', [$psk_pair['tls_psk']], true). $hostid_condition, 1 )); if ($row) { throw new APIException(ZBX_API_ERROR_PARAMETERS, _s('Invalid parameter "%1$s": %2$s.', '/tls_psk', _('another tls_psk value is already associated with given tls_psk_identity') )); } } public static function checkPskOfIdentityAmongProxies(array $psk_pair): void { $row = DBfetch(DBselect( 'SELECT NULL'. ' FROM proxy'. ' WHERE '.dbConditionString('tls_psk_identity', [$psk_pair['tls_psk_identity']]). ' AND '.dbConditionString('tls_psk', [$psk_pair['tls_psk']], true), 1 )); if ($row) { throw new APIException(ZBX_API_ERROR_PARAMETERS, _s('Invalid parameter "%1$s": %2$s.', '/tls_psk', _('another tls_psk value is already associated with given tls_psk_identity') )); } } }