#!/bin/sh
VERSION=0.1
SNIDOMAINS=/etc/virtual/snidomains
LOG=$0.log
echo -n > $LOG

echo_error()
{
  echo "$U:$D: $1"
  echo "$U:$D: $1" >> $LOG
}

#Check if private key matches certificate
checkPrivPubMatch() {
        PRIV="${1}"
        PUB="${2}"
        if [ -f "${PRIV}" ] && [ -f "${PUB}" ]; then
                MD5SUMPRIVMOD=`openssl rsa -noout -modulus -in ${PRIV}| openssl md5`
                MD5SUMPUBMOD=`openssl x509 -noout -modulus -in ${PUB} | openssl md5`
                if [ "${MD5SUMPRIVMOD}" = "${MD5SUMPUBMOD}" ]; then
                        echo 0
                else
                        echo 1
                fi
        else
                echo 2
        fi
}

while IFS= read -r line
do
  if [ "$line" = "" ]; then
        continue;
  fi

  U=`echo "$line" | cut -d: -f2`
  D=`echo "$line" | cut -d: -f3`

  UD=/usr/local/directadmin/data/users/$U/domains/$D
  CERT=$UD.cert
  KEY=$UD.key
  CA=$UD.cacert
  COMBINED=$UD.combined

  if [ -s $COMBINED ]; then
        CERT=$COMBINED
  fi

  if [ ! -s $KEY ]; then
        echo_error "Cannot find $KEY"
        continue
  fi

  if [ ! -s $CERT ]; then
        echo_error "Cannot find $CERT"
  fi

  CHECKPRIVPUBRES=`checkPrivPubMatch ${KEY} ${CERT}`
  if [ $CHECKPRIVPUBRES -eq 0 ]; then
    echo "$U:$D: ok"
    continue
  else
    echo "Certificate mismatch!"
    exit 1
  fi
done < "$SNIDOMAINS"

if [ -s $LOG ]; then
        echo "Found issues. See $LOG for details";
        exit 1
fi

exit 0