diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/dl_crl.php phpki-ng/phpki-ng-0.84/dl_crl.php --- phpki-ng.old/phpki-ng-0.84/dl_crl.php 1969-12-31 19:00:00.000000000 -0500 +++ phpki-ng/phpki-ng-0.84/dl_crl.php 2022-12-14 12:11:25.455000000 -0500 @@ -0,0 +1,8 @@ + diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php phpki-ng/phpki-ng-0.84/include/openssl_functions.php --- phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php 2022-11-18 14:43:19.957000000 -0500 +++ phpki-ng/phpki-ng-0.84/include/openssl_functions.php 2022-12-14 12:33:12.322000000 -0500 @@ -601,7 +601,7 @@ $cmd_output[] = 'Revoking the certificate.'; $configCa_pwd = $config['ca_pwd']; $configOpenssl_cnf = $config['openssl_cnf']; - exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$configCa_pwd 2>&1", $cmd_output, $ret); + exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:'$configCa_pwd' 2>&1", $cmd_output, $ret); if ($ret == 0) { unset($cmd_output); @@ -652,7 +652,7 @@ $cmd_output[] = 'Creating certificate request.'; if (($_passwd) && ($_passwd != "''")) { - exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -passout pass:$_passwd 2>&1", $cmd_output, $ret); + exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -passout pass:'$_passwd' 2>&1", $cmd_output, $ret); } else { exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -nodes 2>&1", $cmd_output, $ret); } @@ -681,8 +681,8 @@ $configRandom = $config['random']; if (($_passwd) && ($_passwd != "''")) { - $cmd_output[] = "infile: $usercert keyfile: $userkey outfile: $userpfx pass: $_passwd"; - exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:$_passwd -passout pass:$_passwd 2>&1", $cmd_output, $ret); + $cmd_output[] = "infile: $usercert keyfile: $userkey outfile: $userpfx pass:'$_passwd'"; + exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:'$_passwd' -passout pass:'$_passwd' 2>&1", $cmd_output, $ret); } else { $cmd_output[] = "infile: $usercert keyfile: $userkey outfile: $userpfx"; // reetp - this needs looking at @@ -823,8 +823,8 @@ unset($cmd_output); $cmd_output[] = "Creating PKCS12 format certificate."; if (($_passwd) && ($_passwd != "''")) { - $cmd_output[] = "infile: $usercert keyfile: $userkey outfile: $userpfx pass: $_passwd"; - exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:$_passwd -passout pass:$_passwd 2>&1", $cmd_output, $ret); + $cmd_output[] = "infile: $usercert keyfile: $userkey outfile: $userpfx pass:'$_passwd'"; + exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:'$_passwd' -passout pass:'$_passwd' 2>&1", $cmd_output, $ret); } else { $cmd_output[] = "infile: $usercert keyfile: $userkey outfile: $userpfx"; // reetp - this needs looking at diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/openssl.cnf phpki-ng/phpki-ng-0.84/openssl.cnf --- phpki-ng.old/phpki-ng-0.84/openssl.cnf 2020-04-02 08:22:47.000000000 -0400 +++ phpki-ng/phpki-ng-0.84/openssl.cnf 2022-12-14 12:09:57.115000000 -0500 @@ -60,7 +60,7 @@ nsCertType = sslCA, emailCA, objCA subjectKeyIdentifier = hash subjectAltName = email:copy -crlDistributionPoints = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl +crlDistributionPoints = URI:http://www.somewhere.com/phpki/dl_crl.php nsComment = "PHPki/OpenSSL Generated Root Certificate Authority" #nsCaRevocationUrl = ns_revoke_query.php? nsCaPolicyUrl = http://www.somewhere.com/phpki/policy.html @@ -74,7 +74,7 @@ authorityKeyIdentifier = keyid:always, issuer:always subjectAltName = email:copy issuerAltName = issuer:copy -crlDistributionPoints = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl +crlDistributionPoints = URI:http://www.somewhere.com/phpki/dl_crl.php nsComment = "PHPki/OpenSSL Generated Personal Certificate" nsBaseUrl = http://www.somewhere.com/phpki/ nsRevocationUrl = ns_revoke_query.php? @@ -91,7 +91,7 @@ authorityKeyIdentifier = keyid:always, issuer:always subjectAltName = email:copy issuerAltName = issuer:copy -crlDistributionPoints = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl +crlDistributionPoints = URI:http://www.somewhere.com/phpki/dl_crl.php nsComment = "PHPki/OpenSSL Generated Personal Certificate" nsBaseUrl = http://www.somewhere.com/phpki/ nsRevocationUrl = ns_revoke_query.php? @@ -109,7 +109,7 @@ authorityKeyIdentifier = keyid:always, issuer:always subjectAltName = email:copy issuerAltName = issuer:copy -crlDistributionPoints = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl +crlDistributionPoints = URI:http://www.somewhere.com/phpki/dl_crl.php nsComment = "PHPki/OpenSSL Generated Secure Server Certificate" nsBaseUrl = http://www.somewhere.com/phpki/ nsRevocationUrl = ns_revoke_query.php? diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/setup.php-presetup phpki-ng/phpki-ng-0.84/setup.php-presetup --- phpki-ng.old/phpki-ng-0.84/setup.php-presetup 2022-11-18 14:43:19.973000000 -0500 +++ phpki-ng/phpki-ng-0.84/setup.php-presetup 2022-12-14 12:08:40.031000000 -0500 @@ -887,7 +887,7 @@ } if (! $crl_distrib) { - $crl_distrib = 'index.php?stage=dl_crl'; + $crl_distrib = 'dl_crl.php'; } if (! $revoke_url) { $revoke_url = 'ns_revoke_query.php?'; --- phpki-ng.old/phpki-ng-0.84/dl_crl_pem.php 1969-12-31 19:00:00.000000000 -0500 +++ phpki-ng/phpki-ng-0.84/dl_crl_pem.php 2022-12-17 02:14:51.499000000 -0500 @@ -0,0 +1,8 @@ +