/[smecontribs]/rpms/phpki-ng/contribs10/phpki-ng-0.84-fix-pregmatch-revoke-certs.patch
ViewVC logotype

Contents of /rpms/phpki-ng/contribs10/phpki-ng-0.84-fix-pregmatch-revoke-certs.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Mon Mar 8 13:37:50 2021 UTC (3 years, 8 months ago) by jcrisp
Branch: MAIN
CVS Tags: phpki-ng-0_84-15_el7_sme, phpki-ng-0_84-11_el7_sme, phpki-ng-0_84-14_el7_sme, phpki-ng-0_84-13_el7_sme, phpki-ng-0_84-16_el7_sme, phpki-ng-0_84-3_el7_sme, phpki-ng-0_84-10_el7_sme, phpki-ng-0_84-12_el7_sme, phpki-ng-0_84-7_el7_sme, phpki-ng-0_84-5_el7_sme, phpki-ng-0_84-6_el7_sme, phpki-ng-0_84-9_el7_sme, phpki-ng-0_84-4_el7_sme, phpki-ng-0_84-8_el7_sme, HEAD
* Mon Mar 08 2021 John Crisp <jcrisp@safeandsoundit.co.uk> 0.84-3.sme
- Fix Typo in certificate password [SME: 11435]
- Fix typos and preg_match issues [SME: 11436]
- Add Certificate ctreation notification [SME: 11437]
- Bit of file fomatting

1 diff -ruN phpki-ng.old/phpki-ng-0.84/ca/manage_certs.php phpki-ng/phpki-ng-0.84/ca/manage_certs.php
2 --- phpki-ng.old/phpki-ng-0.84/ca/manage_certs.php 2021-03-08 14:20:11.709778856 +0100
3 +++ phpki-ng/phpki-ng-0.84/ca/manage_certs.php 2021-03-08 14:19:11.400885516 +0100
4 @@ -254,7 +254,7 @@
5 </tr>
6
7 <tr>
8 - <td>Certificate Password </td>
9 + <td>Certificate Password</td>
10 <td><input type="password" name="passwd" value="<?php echo htvar($passwd) ?>" size="30"></td>
11 </tr>
12
13 diff -ruN phpki-ng.old/phpki-ng-0.84/ca/request_cert.php phpki-ng/phpki-ng-0.84/ca/request_cert.php
14 --- phpki-ng.old/phpki-ng-0.84/ca/request_cert.php 2021-03-08 14:20:11.709778856 +0100
15 +++ phpki-ng/phpki-ng-0.84/ca/request_cert.php 2021-03-08 14:19:11.400885516 +0100
16 @@ -205,7 +205,7 @@
17
18 </tr></table>
19
20 - <h4>Are you sure?</h4>
21 + <h4>Are you sure? After creation you will be returned to the Create Certificate dialogue.</h4>
22 <p><form action='<?php echo $PHP_SELF?>' method=post>
23 <?php echo $hidden_fields ?>
24 <input type=hidden name=form_stage value=final>
25 @@ -258,10 +258,11 @@
26 break;
27 } else {
28 $serial = $errtxt;
29 + // We could add 'return to index or create another certificate'
30 }
31 }
32 }
33 -
34 +
35 if ($submit == "Yes Create and Download") {
36 switch ($cert_type) {
37 case 'server':
38 @@ -278,12 +279,12 @@
39 upload($config['pfx_dir'] . "/$serial.pfx", $rec['common_name'] . ".p12", 'application/x-pkcs12');
40 break;
41 }
42 -
43 +
44 # Clear common_name fields
45 $common_name = '';
46 break;
47 }
48 -
49 +
50 # Clear common_name fields
51 $common_name = '';
52
53 @@ -333,49 +334,57 @@
54
55 printHeader();
56 ?>
57 -
58 +
59 <body onLoad="self.focus();document.request.common_name.focus();document.request.cert_type.onchange();">
60 <form action="<?php echo $PHP_SELF?>" method=post name=request>
61 <table width=99%>
62 <th colspan=2><h3>Certificate Request Form</h3></th>
63 -
64 + <?php
65 + if ($serial) {
66 + echo "<tr><td><h4><font color=red>Previous Certificate Created successfully</font></h4></td><td></h4><font color=red>$serial</font></h4></td></tr>";
67 + echo "<tr><td><h4>Create another or go to back to the Menu</h4></td><td><a href='index.php'>Menu</a></td></tr>";
68 + }
69 + ?>
70 <tr>
71 <td width=30%>Common Name<font color=red size=3> *</font><br>(i.e. User real name or computer hostname - used as SubjectAltName)</td>
72 <td><input type=text name=common_name value="<?php echo htvar($common_name)?>" size=50 maxlength=60></td>
73 </tr>
74 -
75 +
76 <tr>
77 <td>E-mail Address<font color=red size=3> *</font></td>
78 <td><input type=text name=email value="<?php echo htvar($email)?>" size=50 maxlength=60></td>
79 </tr>
80 -
81 +
82 <tr>
83 - <td>Organization (Company/Agency)<font color=red size=3> *</font></td>
84 + <td>Organization(Company/Agency)<font color=red size=3> *</font></td>
85 <td><input type=text name=organization value="<?php echo htvar($organization)?>" size=60 maxlength=60></td>
86 </tr>
87 -
88 +
89 <tr>
90 <td>Department/Unit<font color=red size=3> *</font> </td><td><input type=text name=unit value="<?php echo htvar($unit) ?>" size=40 maxlength=60></td>
91 </tr>
92 -
93 +
94 <tr>
95 - <td>Locality (City/County)<font color=red size=3> *</font></td><td><input type=text name=locality value="<?php echo htvar($locality) ?>" size=30 maxlength=30></td>
96 + <td>Locality(City/County)<font color=red size=3> *</font></td><td><input type=text name=locality value="<?php echo htvar($locality) ?>" size=30 maxlength=30></td>
97 </tr>
98 -
99 +
100 <tr>
101 <td>State/Province<font color=red size=3> *</font></td><td><input type=text name=province value="<?php echo htvar($province) ?>" size=30 maxlength=30></td>
102 </tr>
103 -
104 +
105 <tr>
106 <td>Country<font color=red size=3> *</font></td>
107 <td><input type=text name=country value="<?php echo htvar($country) ?>" size=2 maxlength=2></td>
108 </tr>
109 -
110 +
111 <tr>
112 <td>Certificate Password<font color=red size=3> *</font><br>(Min 8 chars - Mandatory for Email,SSL Client,Code signing)</td>
113 - <td><input type=password name=passwd value="<?php echo htvar($passwd) ?>" size=30>&nbsp;&nbsp; Again <input type=password name=passwdv value="<?php echo htvar($passwdv) ?>" size=30></td>
114 + <td>
115 + <input type=password name=passwd value="<?php echo htvar($passwd) ?>" size=30>&nbsp;&nbsp;&nbsp;Again
116 + <input type=password name=passwdv value="<?php echo htvar($passwdv) ?>" size=30>
117 + </td>
118 </tr>
119 -
120 +
121 <tr>
122 <td>Certificate Life<font color=red size=3>*</font> </td>
123 <td><select name=expiry>
124 @@ -388,12 +397,12 @@
125 for ($i = 2; $i <= 5; $i++) {
126 print "<option value=$i " . ($expiry == $i ? "selected='selected'" : "") . " >$i Years</option>\n" ;
127 }
128 -
129 +
130 ?>
131 -
132 +
133 </select></td>
134 </tr>
135 -
136 +
137 <tr>
138 <td>Key Size<font color=red size=3>*</font> </td>
139 <td><select name=keysize>
140 @@ -402,10 +411,10 @@
141 print "<option value=$i " . ($keysize == $i ? "selected='selected'" : "") . ">$i bits</option>\n" ;
142 }
143 ?>
144 -
145 +
146 </select></td>
147 </tr>
148 -
149 +
150 <tr>
151 <td>Certificate Use:<font color=red size=3>*</font> </td>
152 <td><select name=cert_type onchange="if (this.value=='server')
153 @@ -421,11 +430,11 @@
154 ?>
155 </select></td>
156 </tr>
157 -
158 +
159 <tr id="testrow2" name="testrow2" style="visibility:hidden;display:none;">
160 <td>Alternative DNS Names<br>(only one per Line)</td><td><textarea name=dns_names cols=30 rows=5><?php echo htvar($dns_names) ?></textarea></td>
161 </tr>
162 -
163 +
164 <tr id="testrow1" name="testrow1" style="visibility:hidden;display:none;">
165 <td>IP's<br>(only one per Line)</td><td><textarea name=ip_addr cols=30 rows=5><?php echo htvar($ip_addr) ?></textarea></td>
166 </tr>
167 diff -ruN phpki-ng.old/phpki-ng-0.84/include/my_functions.php phpki-ng/phpki-ng-0.84/include/my_functions.php
168 --- phpki-ng.old/phpki-ng-0.84/include/my_functions.php 2021-03-08 14:20:11.713778836 +0100
169 +++ phpki-ng/phpki-ng-0.84/include/my_functions.php 2021-03-08 14:19:11.400885516 +0100
170 @@ -270,7 +270,7 @@
171 # as a match is found.
172 #
173
174 -function eregi_array($regexp, $arr)
175 +function preg_match_array($regexp, $arr)
176 {
177
178 foreach ($arr as $elem) {
179 diff -ruN phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php phpki-ng/phpki-ng-0.84/include/openssl_functions.php
180 --- phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php 2021-03-08 14:20:11.713778836 +0100
181 +++ phpki-ng/phpki-ng-0.84/include/openssl_functions.php 2021-03-08 14:19:11.400885516 +0100
182 @@ -601,7 +601,7 @@
183 $cmd_output[] = 'Revoking the certificate.';
184 $configCa_pwd = $config['ca_pwd'];
185 $configOpenssl_cnf = $config['openssl_cnf'];
186 - exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$ConfigCa_pwd 2>&1", $cmd_output, $ret);
187 + exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$configCa_pwd 2>&1", $cmd_output, $ret);
188
189 if ($ret == 0) {
190 unset($cmd_output);
191 @@ -836,13 +836,13 @@
192 #Unlock the CA database
193 fclose($fd);
194
195 - # https://github.com/radicand/phpki/issues/14
196 - if (preg_match('E-mail Protection', $certtext) && preg_match('Code Signing', $certtest)) {
197 - $cert_type = 'email_signing';
198 - }
199 - if (preg_match('E-mail Protection', $certtext)) {
200 + //# https://github.com/radicand/phpki/issues/14 - but ereg is deprecated
201 + if (preg_match('/E-mail Protection/', $certtext)) {
202 $cert_type = 'email';
203 }
204 + if (preg_match('/E-mail Protection/', $certtext) && preg_match('/Code Signing/', $certtext)) {
205 + $cert_type = 'email_signing';
206 + }
207
208 #Remove temporary openssl config file.
209 if (file_exists($cnf_file)) {
210 @@ -855,7 +855,7 @@
211 # Not successful, so clean up before exiting.
212 CA_remove_cert($serial);
213
214 - if (eregi_array('.*private key.*', $cmd_output)) {
215 + if (preg_match_array('.*private key.*', $cmd_output)) {
216 $cmd_output[] = '<strong>This was likely caused by entering the wrong certificate password.</strong>';
217 } else {
218 $cmd_output[] = '<strong>Click on the "Help" link above for information on how to report this problem.</strong>';
219 @@ -946,27 +946,20 @@
220
221 $certtext = CA_cert_text($serial);
222
223 - #if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext) && ereg('Code Signing', $certtest)) {
224 - if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext) && preg_match('~Code Signing~', $certtest)) {
225 - $cert_type = 'email_codesigning';
226 - }
227 - #if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext)) {
228 if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext)) {
229 $cert_type = 'email';
230 - } #elseif (ereg('OpenSSL.* Server .*Certificate', $certtext)) {
231 - elseif (preg_match('~OpenSSL.* Server .*Certificate~', $certtext)) {
232 + }
233 + if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext) && preg_match('~Code Signing~', $certtext)) {
234 + $cert_type = 'email_signing'; // Was 'codesigning' but can't see that anywhere
235 + } elseif (preg_match('~OpenSSL.* Server .*Certificate~', $certtext)) {
236 $cert_type = 'server';
237 - } #elseif (ereg('timeStamping|Time Stamping', $certtext)) {
238 - elseif (preg_match('~timeStamping|Time Stamping~', $certtext)) {
239 + } elseif (preg_match('~timeStamping|Time Stamping~', $certtext)) {
240 $cert_type = 'time_stamping';
241 - } #elseif (ereg('TLS Web Client Authentication', $certtext) && ereg('TLS Web Server Authentication', $certtext)) {
242 - elseif (preg_match('~TLS Web Client Authentication~', $certtext) && preg_match('~TLS Web Server Authentication~', $certtext)) {
243 + } elseif (preg_match('~TLS Web Client Authentication~', $certtext) && preg_match('~TLS Web Server Authentication~', $certtext)) {
244 $cert_type = 'vpn_client_server';
245 - } #elseif (ereg('TLS Web Client Authentication', $certtext)) {
246 - elseif (preg_match('~TLS Web Client Authentication~', $certtext)) {
247 + } elseif (preg_match('~TLS Web Client Authentication~', $certtext)) {
248 $cert_type = 'vpn_client';
249 - } #elseif (ereg('TLS Web Server Authentication', $certtext)) {
250 - elseif (preg_match('~TLS Web Server Authentication~', $certtext)) {
251 + } elseif (preg_match('~TLS Web Server Authentication~', $certtext)) {
252 $cert_type = 'vpn_server';
253 } else {
254 $cert_type = 'vpn_client_server';

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed