Fix condition for checking if a cert is still valid for 30 days

Refs AlternC#48
Koumbit · May 24, 2019 · 88be1ca · 88be1ca
1 parent 8f806d4
commit 88be1ca
Showing 1 changed file with 8 additions and 4 deletions.
diff --git a/src/usr/lib/alternc/generate_certbot.php b/src/usr/lib/alternc/generate_certbot.php
@@ -15,6 +15,9 @@
 
 // Renew a domain if we don't have a cert or if it expires $VALID_DAYS from now
 $VALID_DAYS = 30;
+// Use the difference in seconds to avoid re-calculating the value for each sub-domain
+$VALID_DIFF = 86400 * 30;
+
 // Which type of certificates should be requested: all, system, non-system.
 $REQUEST_CERTS="all";
 $ALLOWED_CERT_TYPES = array(
@@ -134,10 +137,11 @@ function vprint( $message, $params ){
                     if ($ssl->fqdnmatch($current["fqdn"],$sub_domain["sub_domain"]["fqdn"])) {
                         // found and valid, (works for wildcards too ;) )
                         // now what about the date?
-                        if ($current["validstartts"]>time()
-                            && $current["validendts"]>(time()+(86400*$VALID_DAYS))
-                        ) {
-                            // valid at least for $VALID_DAYS from now, let's skip this one for now
+                        $t = time();
+                        if ($current['validstartts'] < $t &&
+                            $t < (current['validendts'] - $VALID_DIFF)) {
+                            // currently valid, and valid for more than $VALID_DAYS
+                            // let's skip this one for now
                             continue;
                         }
                     }