/[smecontribs]/rpms/phpki-ng/contribs10/phpki-ng-0.84-fix-pregmatch-revoke-certs.patch
ViewVC logotype

Annotation of /rpms/phpki-ng/contribs10/phpki-ng-0.84-fix-pregmatch-revoke-certs.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (hide annotations) (download)
Mon Mar 8 13:37:50 2021 UTC (3 years, 8 months ago) by jcrisp
Branch: MAIN
CVS Tags: phpki-ng-0_84-15_el7_sme, phpki-ng-0_84-11_el7_sme, phpki-ng-0_84-14_el7_sme, phpki-ng-0_84-13_el7_sme, phpki-ng-0_84-16_el7_sme, phpki-ng-0_84-3_el7_sme, phpki-ng-0_84-10_el7_sme, phpki-ng-0_84-12_el7_sme, phpki-ng-0_84-7_el7_sme, phpki-ng-0_84-5_el7_sme, phpki-ng-0_84-6_el7_sme, phpki-ng-0_84-9_el7_sme, phpki-ng-0_84-4_el7_sme, phpki-ng-0_84-8_el7_sme, HEAD
* Mon Mar 08 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-3.sme
- Fix Typo in certificate password [SME: 11435]
- Fix typos and preg_match issues [SME: 11436]
- Add Certificate ctreation notification [SME: 11437]
- Bit of file fomatting

1 jcrisp 1.1 diff -ruN phpki-ng.old/phpki-ng-0.84/ca/manage_certs.php phpki-ng/phpki-ng-0.84/ca/manage_certs.php
2     --- phpki-ng.old/phpki-ng-0.84/ca/manage_certs.php 2021-03-08 14:20:11.709778856 +0100
3     +++ phpki-ng/phpki-ng-0.84/ca/manage_certs.php 2021-03-08 14:19:11.400885516 +0100
4     @@ -254,7 +254,7 @@
5     </tr>
6    
7     <tr>
8     - <td>Certificate Password </td>
9     + <td>Certificate Password</td>
10     <td><input type="password" name="passwd" value="<?php echo htvar($passwd) ?>" size="30"></td>
11     </tr>
12    
13     diff -ruN phpki-ng.old/phpki-ng-0.84/ca/request_cert.php phpki-ng/phpki-ng-0.84/ca/request_cert.php
14     --- phpki-ng.old/phpki-ng-0.84/ca/request_cert.php 2021-03-08 14:20:11.709778856 +0100
15     +++ phpki-ng/phpki-ng-0.84/ca/request_cert.php 2021-03-08 14:19:11.400885516 +0100
16     @@ -205,7 +205,7 @@
17    
18     </tr></table>
19    
20     - <h4>Are you sure?</h4>
21     + <h4>Are you sure? After creation you will be returned to the Create Certificate dialogue.</h4>
22     <p><form action='<?php echo $PHP_SELF?>' method=post>
23     <?php echo $hidden_fields ?>
24     <input type=hidden name=form_stage value=final>
25     @@ -258,10 +258,11 @@
26     break;
27     } else {
28     $serial = $errtxt;
29     + // We could add 'return to index or create another certificate'
30     }
31     }
32     }
33     -
34     +
35     if ($submit == "Yes Create and Download") {
36     switch ($cert_type) {
37     case 'server':
38     @@ -278,12 +279,12 @@
39     upload($config['pfx_dir'] . "/$serial.pfx", $rec['common_name'] . ".p12", 'application/x-pkcs12');
40     break;
41     }
42     -
43     +
44     # Clear common_name fields
45     $common_name = '';
46     break;
47     }
48     -
49     +
50     # Clear common_name fields
51     $common_name = '';
52    
53     @@ -333,49 +334,57 @@
54    
55     printHeader();
56     ?>
57     -
58     +
59     <body onLoad="self.focus();document.request.common_name.focus();document.request.cert_type.onchange();">
60     <form action="<?php echo $PHP_SELF?>" method=post name=request>
61     <table width=99%>
62     <th colspan=2><h3>Certificate Request Form</h3></th>
63     -
64     + <?php
65     + if ($serial) {
66     + echo "<tr><td><h4><font color=red>Previous Certificate Created successfully</font></h4></td><td></h4><font color=red>$serial</font></h4></td></tr>";
67     + echo "<tr><td><h4>Create another or go to back to the Menu</h4></td><td><a href='index.php'>Menu</a></td></tr>";
68     + }
69     + ?>
70     <tr>
71     <td width=30%>Common Name<font color=red size=3> *</font><br>(i.e. User real name or computer hostname - used as SubjectAltName)</td>
72     <td><input type=text name=common_name value="<?php echo htvar($common_name)?>" size=50 maxlength=60></td>
73     </tr>
74     -
75     +
76     <tr>
77     <td>E-mail Address<font color=red size=3> *</font></td>
78     <td><input type=text name=email value="<?php echo htvar($email)?>" size=50 maxlength=60></td>
79     </tr>
80     -
81     +
82     <tr>
83     - <td>Organization (Company/Agency)<font color=red size=3> *</font></td>
84     + <td>Organization(Company/Agency)<font color=red size=3> *</font></td>
85     <td><input type=text name=organization value="<?php echo htvar($organization)?>" size=60 maxlength=60></td>
86     </tr>
87     -
88     +
89     <tr>
90     <td>Department/Unit<font color=red size=3> *</font> </td><td><input type=text name=unit value="<?php echo htvar($unit) ?>" size=40 maxlength=60></td>
91     </tr>
92     -
93     +
94     <tr>
95     - <td>Locality (City/County)<font color=red size=3> *</font></td><td><input type=text name=locality value="<?php echo htvar($locality) ?>" size=30 maxlength=30></td>
96     + <td>Locality(City/County)<font color=red size=3> *</font></td><td><input type=text name=locality value="<?php echo htvar($locality) ?>" size=30 maxlength=30></td>
97     </tr>
98     -
99     +
100     <tr>
101     <td>State/Province<font color=red size=3> *</font></td><td><input type=text name=province value="<?php echo htvar($province) ?>" size=30 maxlength=30></td>
102     </tr>
103     -
104     +
105     <tr>
106     <td>Country<font color=red size=3> *</font></td>
107     <td><input type=text name=country value="<?php echo htvar($country) ?>" size=2 maxlength=2></td>
108     </tr>
109     -
110     +
111     <tr>
112     <td>Certificate Password<font color=red size=3> *</font><br>(Min 8 chars - Mandatory for Email,SSL Client,Code signing)</td>
113     - <td><input type=password name=passwd value="<?php echo htvar($passwd) ?>" size=30>&nbsp;&nbsp; Again <input type=password name=passwdv value="<?php echo htvar($passwdv) ?>" size=30></td>
114     + <td>
115     + <input type=password name=passwd value="<?php echo htvar($passwd) ?>" size=30>&nbsp;&nbsp;&nbsp;Again
116     + <input type=password name=passwdv value="<?php echo htvar($passwdv) ?>" size=30>
117     + </td>
118     </tr>
119     -
120     +
121     <tr>
122     <td>Certificate Life<font color=red size=3>*</font> </td>
123     <td><select name=expiry>
124     @@ -388,12 +397,12 @@
125     for ($i = 2; $i <= 5; $i++) {
126     print "<option value=$i " . ($expiry == $i ? "selected='selected'" : "") . " >$i Years</option>\n" ;
127     }
128     -
129     +
130     ?>
131     -
132     +
133     </select></td>
134     </tr>
135     -
136     +
137     <tr>
138     <td>Key Size<font color=red size=3>*</font> </td>
139     <td><select name=keysize>
140     @@ -402,10 +411,10 @@
141     print "<option value=$i " . ($keysize == $i ? "selected='selected'" : "") . ">$i bits</option>\n" ;
142     }
143     ?>
144     -
145     +
146     </select></td>
147     </tr>
148     -
149     +
150     <tr>
151     <td>Certificate Use:<font color=red size=3>*</font> </td>
152     <td><select name=cert_type onchange="if (this.value=='server')
153     @@ -421,11 +430,11 @@
154     ?>
155     </select></td>
156     </tr>
157     -
158     +
159     <tr id="testrow2" name="testrow2" style="visibility:hidden;display:none;">
160     <td>Alternative DNS Names<br>(only one per Line)</td><td><textarea name=dns_names cols=30 rows=5><?php echo htvar($dns_names) ?></textarea></td>
161     </tr>
162     -
163     +
164     <tr id="testrow1" name="testrow1" style="visibility:hidden;display:none;">
165     <td>IP's<br>(only one per Line)</td><td><textarea name=ip_addr cols=30 rows=5><?php echo htvar($ip_addr) ?></textarea></td>
166     </tr>
167     diff -ruN phpki-ng.old/phpki-ng-0.84/include/my_functions.php phpki-ng/phpki-ng-0.84/include/my_functions.php
168     --- phpki-ng.old/phpki-ng-0.84/include/my_functions.php 2021-03-08 14:20:11.713778836 +0100
169     +++ phpki-ng/phpki-ng-0.84/include/my_functions.php 2021-03-08 14:19:11.400885516 +0100
170     @@ -270,7 +270,7 @@
171     # as a match is found.
172     #
173    
174     -function eregi_array($regexp, $arr)
175     +function preg_match_array($regexp, $arr)
176     {
177    
178     foreach ($arr as $elem) {
179     diff -ruN phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php phpki-ng/phpki-ng-0.84/include/openssl_functions.php
180     --- phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php 2021-03-08 14:20:11.713778836 +0100
181     +++ phpki-ng/phpki-ng-0.84/include/openssl_functions.php 2021-03-08 14:19:11.400885516 +0100
182     @@ -601,7 +601,7 @@
183     $cmd_output[] = 'Revoking the certificate.';
184     $configCa_pwd = $config['ca_pwd'];
185     $configOpenssl_cnf = $config['openssl_cnf'];
186     - exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$ConfigCa_pwd 2>&1", $cmd_output, $ret);
187     + exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$configCa_pwd 2>&1", $cmd_output, $ret);
188    
189     if ($ret == 0) {
190     unset($cmd_output);
191     @@ -836,13 +836,13 @@
192     #Unlock the CA database
193     fclose($fd);
194    
195     - # https://github.com/radicand/phpki/issues/14
196     - if (preg_match('E-mail Protection', $certtext) && preg_match('Code Signing', $certtest)) {
197     - $cert_type = 'email_signing';
198     - }
199     - if (preg_match('E-mail Protection', $certtext)) {
200     + //# https://github.com/radicand/phpki/issues/14 - but ereg is deprecated
201     + if (preg_match('/E-mail Protection/', $certtext)) {
202     $cert_type = 'email';
203     }
204     + if (preg_match('/E-mail Protection/', $certtext) && preg_match('/Code Signing/', $certtext)) {
205     + $cert_type = 'email_signing';
206     + }
207    
208     #Remove temporary openssl config file.
209     if (file_exists($cnf_file)) {
210     @@ -855,7 +855,7 @@
211     # Not successful, so clean up before exiting.
212     CA_remove_cert($serial);
213    
214     - if (eregi_array('.*private key.*', $cmd_output)) {
215     + if (preg_match_array('.*private key.*', $cmd_output)) {
216     $cmd_output[] = '<strong>This was likely caused by entering the wrong certificate password.</strong>';
217     } else {
218     $cmd_output[] = '<strong>Click on the "Help" link above for information on how to report this problem.</strong>';
219     @@ -946,27 +946,20 @@
220    
221     $certtext = CA_cert_text($serial);
222    
223     - #if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext) && ereg('Code Signing', $certtest)) {
224     - if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext) && preg_match('~Code Signing~', $certtest)) {
225     - $cert_type = 'email_codesigning';
226     - }
227     - #if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext)) {
228     if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext)) {
229     $cert_type = 'email';
230     - } #elseif (ereg('OpenSSL.* Server .*Certificate', $certtext)) {
231     - elseif (preg_match('~OpenSSL.* Server .*Certificate~', $certtext)) {
232     + }
233     + if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext) && preg_match('~Code Signing~', $certtext)) {
234     + $cert_type = 'email_signing'; // Was 'codesigning' but can't see that anywhere
235     + } elseif (preg_match('~OpenSSL.* Server .*Certificate~', $certtext)) {
236     $cert_type = 'server';
237     - } #elseif (ereg('timeStamping|Time Stamping', $certtext)) {
238     - elseif (preg_match('~timeStamping|Time Stamping~', $certtext)) {
239     + } elseif (preg_match('~timeStamping|Time Stamping~', $certtext)) {
240     $cert_type = 'time_stamping';
241     - } #elseif (ereg('TLS Web Client Authentication', $certtext) && ereg('TLS Web Server Authentication', $certtext)) {
242     - elseif (preg_match('~TLS Web Client Authentication~', $certtext) && preg_match('~TLS Web Server Authentication~', $certtext)) {
243     + } elseif (preg_match('~TLS Web Client Authentication~', $certtext) && preg_match('~TLS Web Server Authentication~', $certtext)) {
244     $cert_type = 'vpn_client_server';
245     - } #elseif (ereg('TLS Web Client Authentication', $certtext)) {
246     - elseif (preg_match('~TLS Web Client Authentication~', $certtext)) {
247     + } elseif (preg_match('~TLS Web Client Authentication~', $certtext)) {
248     $cert_type = 'vpn_client';
249     - } #elseif (ereg('TLS Web Server Authentication', $certtext)) {
250     - elseif (preg_match('~TLS Web Server Authentication~', $certtext)) {
251     + } elseif (preg_match('~TLS Web Server Authentication~', $certtext)) {
252     $cert_type = 'vpn_server';
253     } else {
254     $cert_type = 'vpn_client_server';

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed