phpki-ng/contribs10/phpki-ng-bz12274-regex-secu.patch

diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/dl_crl.php phpki-ng/phpki-ng-0.84/dl_crl.php
--- phpki-ng.old/phpki-ng-0.84/dl_crl.php       1969-12-31 19:00:00.000000000 -0500
+++ phpki-ng/phpki-ng-0.84/dl_crl.php   2022-12-14 16:49:13.501000000 -0500
@@ -0,0 +1,8 @@
+<?php
+include('./config.php');
+include(STORE_DIR.'/config/config.php');
+include('./include/common.php');
+include('./include/my_functions.php');
+include('./include/openssl_functions.php');
+upload($config['cacrl_der'], $config['ca_prefix'] . "cacrl.crl", 'application/pkix-crl');
+?>
diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php phpki-ng/phpki-ng-0.84/include/openssl_functions.php
--- phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php    2022-11-18 14:43:19.957000000 -0500
+++ phpki-ng/phpki-ng-0.84/include/openssl_functions.php        2022-12-14 16:49:13.502000000 -0500
@@ -601,7 +601,7 @@
     $cmd_output[] = 'Revoking the certificate.';
     $configCa_pwd = $config['ca_pwd'];
     $configOpenssl_cnf = $config['openssl_cnf'];
-    exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$configCa_pwd 2>&1", $cmd_output, $ret);
+    exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:'$configCa_pwd' 2>&1", $cmd_output, $ret);
 
     if ($ret == 0) {
         unset($cmd_output);
@@ -652,7 +652,7 @@
     $cmd_output[] = 'Creating certificate request.';
 
     if (($_passwd) && ($_passwd != "''")) {
-        exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -passout pass:$_passwd  2>&1", $cmd_output, $ret);
+        exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -passout pass:'$_passwd'  2>&1", $cmd_output, $ret);
     } else {
         exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -nodes  2>&1", $cmd_output, $ret);
     }
@@ -681,8 +681,8 @@
         $configRandom = $config['random'];
 
         if (($_passwd) && ($_passwd != "''")) {
-            $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx  pass: $_passwd";
-            exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:$_passwd -passout pass:$_passwd  2>&1", $cmd_output, $ret);
+            $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx  pass:'$_passwd'";
+            exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:'$_passwd' -passout pass:'$_passwd'  2>&1", $cmd_output, $ret);
         } else {
             $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx";
             // reetp - this needs looking at
@@ -823,8 +823,8 @@
         unset($cmd_output);
         $cmd_output[] = "Creating PKCS12 format certificate.";
         if (($_passwd) && ($_passwd != "''")) {
-            $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx  pass: $_passwd";
-            exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:$_passwd -passout pass:$_passwd  2>&1", $cmd_output, $ret);
+            $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx  pass:'$_passwd'";
+            exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:'$_passwd' -passout pass:'$_passwd'  2>&1", $cmd_output, $ret);
         } else {
             $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx";
             // reetp - this needs looking at
diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php phpki-ng/phpki-ng-0.84/ns_revoke_query.php
--- phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php      2022-11-18 14:43:19.940000000 -0500
+++ phpki-ng/phpki-ng-0.84/ns_revoke_query.php  2022-12-14 16:49:46.524000000 -0500
@@ -16,13 +16,16 @@
 #
 include('./config.php');
 include(STORE_DIR.'/config/config.php');
-
-$serial = escapeshellcmd(trim($_SERVER['QUERY_STRING']));
+$serial=trim($_SERVER['QUERY_STRING']);
+if ( ! is_numeric($serial) ) {
+    # if it is not a numerical serial, then it is not revoked!
+    print '0';
+    exit;
+}
+$serial = escapeshellcmd($serial);
 #header("Content-type: application/x-netscape-revocation");
 
-# old Reg Ex doesnt work, new should do the work
-#$regexp = "^R\t.*\t.*\t$serial\t.*\t.*$";
-$regexp = "^R.*$serial.*$";
+$regexp = "^R\t.*\t.*\t$serial\t.*\t.*$";
 $configIndex = $config['index'];
 
 if (exec("egrep '$regexp' '$configIndex'")) {
diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/openssl.cnf phpki-ng/phpki-ng-0.84/openssl.cnf
--- phpki-ng.old/phpki-ng-0.84/openssl.cnf      2020-04-02 08:22:47.000000000 -0400
+++ phpki-ng/phpki-ng-0.84/openssl.cnf  2022-12-14 16:49:13.502000000 -0500
@@ -60,7 +60,7 @@
 nsCertType             = sslCA, emailCA, objCA
 subjectKeyIdentifier   = hash
 subjectAltName         = email:copy
-crlDistributionPoints  = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl
+crlDistributionPoints  = URI:http://www.somewhere.com/phpki/dl_crl.php
 nsComment              = "PHPki/OpenSSL Generated Root Certificate Authority"
 #nsCaRevocationUrl     = ns_revoke_query.php?
 nsCaPolicyUrl          = http://www.somewhere.com/phpki/policy.html
@@ -74,7 +74,7 @@
 authorityKeyIdentifier = keyid:always, issuer:always
 subjectAltName         = email:copy
 issuerAltName          = issuer:copy
-crlDistributionPoints  = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl
+crlDistributionPoints  = URI:http://www.somewhere.com/phpki/dl_crl.php
 nsComment              = "PHPki/OpenSSL Generated Personal Certificate"
 nsBaseUrl              = http://www.somewhere.com/phpki/
 nsRevocationUrl               = ns_revoke_query.php?
@@ -91,7 +91,7 @@
 authorityKeyIdentifier = keyid:always, issuer:always
 subjectAltName         = email:copy
 issuerAltName          = issuer:copy
-crlDistributionPoints  = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl
+crlDistributionPoints  = URI:http://www.somewhere.com/phpki/dl_crl.php
 nsComment              = "PHPki/OpenSSL Generated Personal Certificate"
 nsBaseUrl              = http://www.somewhere.com/phpki/
 nsRevocationUrl               = ns_revoke_query.php?
@@ -109,7 +109,7 @@
 authorityKeyIdentifier  = keyid:always, issuer:always
 subjectAltName          = email:copy
 issuerAltName           = issuer:copy
-crlDistributionPoints  = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl
+crlDistributionPoints  = URI:http://www.somewhere.com/phpki/dl_crl.php
 nsComment              = "PHPki/OpenSSL Generated Secure Server Certificate"
 nsBaseUrl              = http://www.somewhere.com/phpki/
 nsRevocationUrl                = ns_revoke_query.php?
diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/search.php phpki-ng/phpki-ng-0.84/search.php
--- phpki-ng.old/phpki-ng-0.84/search.php       2022-11-18 14:43:19.942000000 -0500
+++ phpki-ng/phpki-ng-0.84/search.php   2022-12-14 16:49:13.468000000 -0500
@@ -102,7 +102,7 @@
         <td><?php echo htvar($rec['unit'])?></td>
         <td><?php echo htvar($rec['locality'])?></td>
         <td><?php echo htvar($rec['province'])?></td>
-        <td><a href="<?php echo htmlentities($_SERVER['SCRIPT_NAME'])?> ?stage=display&serial=<?php echo htvar($rec['serial'])?>" target=_certdisp><img src=images/display.png alt="Display" title="Display the certificate in excruciating detail"></a>
+        <td><a href="<?php echo htmlentities($_SERVER['SCRIPT_NAME'])?>?stage=display&serial=<?php echo htvar($rec['serial'])?>" target=_certdisp><img src=images/display.png alt="Display" title="Display the certificate in excruciating detail"></a>
         <?php
         if ($rec['status'] != 'Revoked') {
             ?>
diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/setup.php-presetup phpki-ng/phpki-ng-0.84/setup.php-presetup
--- phpki-ng.old/phpki-ng-0.84/setup.php-presetup       2022-11-18 14:43:19.973000000 -0500
+++ phpki-ng/phpki-ng-0.84/setup.php-presetup   2022-12-14 16:49:13.502000000 -0500
@@ -887,7 +887,7 @@
         }
 
         if (! $crl_distrib) {
-            $crl_distrib = 'index.php?stage=dl_crl';
+            $crl_distrib = 'dl_crl.php';
         }
         if (! $revoke_url) {
             $revoke_url = 'ns_revoke_query.php?';
1	jpp	1.1	diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/dl_crl.php phpki-ng/phpki-ng-0.84/dl_crl.php
2			--- phpki-ng.old/phpki-ng-0.84/dl_crl.php 1969-12-31 19:00:00.000000000 -0500
3			+++ phpki-ng/phpki-ng-0.84/dl_crl.php 2022-12-14 16:49:13.501000000 -0500
4			@@ -0,0 +1,8 @@
5			+<?php
6			+include('./config.php');
7			+include(STORE_DIR.'/config/config.php');
8			+include('./include/common.php');
9			+include('./include/my_functions.php');
10			+include('./include/openssl_functions.php');
11			+upload($config['cacrl_der'], $config['ca_prefix'] . "cacrl.crl", 'application/pkix-crl');
12			+?>
13			diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php phpki-ng/phpki-ng-0.84/include/openssl_functions.php
14			--- phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php 2022-11-18 14:43:19.957000000 -0500
15			+++ phpki-ng/phpki-ng-0.84/include/openssl_functions.php 2022-12-14 16:49:13.502000000 -0500
16			@@ -601,7 +601,7 @@
17			$cmd_output[] = 'Revoking the certificate.';
18			$configCa_pwd = $config['ca_pwd'];
19			$configOpenssl_cnf = $config['openssl_cnf'];
20			- exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$configCa_pwd 2>&1", $cmd_output, $ret);
21			+ exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:'$configCa_pwd' 2>&1", $cmd_output, $ret);
22
23			if ($ret == 0) {
24			unset($cmd_output);
25			@@ -652,7 +652,7 @@
26			$cmd_output[] = 'Creating certificate request.';
27
28			if (($_passwd) && ($_passwd != "''")) {
29			- exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -passout pass:$_passwd 2>&1", $cmd_output, $ret);
30			+ exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -passout pass:'$_passwd' 2>&1", $cmd_output, $ret);
31			} else {
32			exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -nodes 2>&1", $cmd_output, $ret);
33			}
34			@@ -681,8 +681,8 @@
35			$configRandom = $config['random'];
36
37			if (($_passwd) && ($_passwd != "''")) {
38			- $cmd_output[] = "infile: $usercert keyfile: $userkey outfile: $userpfx pass: $_passwd";
39			- exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:$_passwd -passout pass:$_passwd 2>&1", $cmd_output, $ret);
40			+ $cmd_output[] = "infile: $usercert keyfile: $userkey outfile: $userpfx pass:'$_passwd'";
41			+ exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:'$_passwd' -passout pass:'$_passwd' 2>&1", $cmd_output, $ret);
42			} else {
43			$cmd_output[] = "infile: $usercert keyfile: $userkey outfile: $userpfx";
44			// reetp - this needs looking at
45			@@ -823,8 +823,8 @@
46			unset($cmd_output);
47			$cmd_output[] = "Creating PKCS12 format certificate.";
48			if (($_passwd) && ($_passwd != "''")) {
49			- $cmd_output[] = "infile: $usercert keyfile: $userkey outfile: $userpfx pass: $_passwd";
50			- exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:$_passwd -passout pass:$_passwd 2>&1", $cmd_output, $ret);
51			+ $cmd_output[] = "infile: $usercert keyfile: $userkey outfile: $userpfx pass:'$_passwd'";
52			+ exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:'$_passwd' -passout pass:'$_passwd' 2>&1", $cmd_output, $ret);
53			} else {
54			$cmd_output[] = "infile: $usercert keyfile: $userkey outfile: $userpfx";
55			// reetp - this needs looking at
56			diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php phpki-ng/phpki-ng-0.84/ns_revoke_query.php
57			--- phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php 2022-11-18 14:43:19.940000000 -0500
58			+++ phpki-ng/phpki-ng-0.84/ns_revoke_query.php 2022-12-14 16:49:46.524000000 -0500
59			@@ -16,13 +16,16 @@
60			#
61			include('./config.php');
62			include(STORE_DIR.'/config/config.php');
63			-
64			-$serial = escapeshellcmd(trim($_SERVER['QUERY_STRING']));
65			+$serial=trim($_SERVER['QUERY_STRING']);
66			+if ( ! is_numeric($serial) ) {
67			+ # if it is not a numerical serial, then it is not revoked!
68			+ print '0';
69			+ exit;
70			+}
71			+$serial = escapeshellcmd($serial);
72			#header("Content-type: application/x-netscape-revocation");
73
74			-# old Reg Ex doesnt work, new should do the work
75			-#$regexp = "^R\t.\t.\t$serial\t.\t.$";
76			-$regexp = "^R.$serial.$";
77			+$regexp = "^R\t.\t.\t$serial\t.\t.$";
78			$configIndex = $config['index'];
79
80			if (exec("egrep '$regexp' '$configIndex'")) {
81			diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/openssl.cnf phpki-ng/phpki-ng-0.84/openssl.cnf
82			--- phpki-ng.old/phpki-ng-0.84/openssl.cnf 2020-04-02 08:22:47.000000000 -0400
83			+++ phpki-ng/phpki-ng-0.84/openssl.cnf 2022-12-14 16:49:13.502000000 -0500
84			@@ -60,7 +60,7 @@
85			nsCertType = sslCA, emailCA, objCA
86			subjectKeyIdentifier = hash
87			subjectAltName = email:copy
88			-crlDistributionPoints = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl
89			+crlDistributionPoints = URI:http://www.somewhere.com/phpki/dl_crl.php
90			nsComment = "PHPki/OpenSSL Generated Root Certificate Authority"
91			#nsCaRevocationUrl = ns_revoke_query.php?
92			nsCaPolicyUrl = http://www.somewhere.com/phpki/policy.html
93			@@ -74,7 +74,7 @@
94			authorityKeyIdentifier = keyid:always, issuer:always
95			subjectAltName = email:copy
96			issuerAltName = issuer:copy
97			-crlDistributionPoints = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl
98			+crlDistributionPoints = URI:http://www.somewhere.com/phpki/dl_crl.php
99			nsComment = "PHPki/OpenSSL Generated Personal Certificate"
100			nsBaseUrl = http://www.somewhere.com/phpki/
101			nsRevocationUrl = ns_revoke_query.php?
102			@@ -91,7 +91,7 @@
103			authorityKeyIdentifier = keyid:always, issuer:always
104			subjectAltName = email:copy
105			issuerAltName = issuer:copy
106			-crlDistributionPoints = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl
107			+crlDistributionPoints = URI:http://www.somewhere.com/phpki/dl_crl.php
108			nsComment = "PHPki/OpenSSL Generated Personal Certificate"
109			nsBaseUrl = http://www.somewhere.com/phpki/
110			nsRevocationUrl = ns_revoke_query.php?
111			@@ -109,7 +109,7 @@
112			authorityKeyIdentifier = keyid:always, issuer:always
113			subjectAltName = email:copy
114			issuerAltName = issuer:copy
115			-crlDistributionPoints = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl
116			+crlDistributionPoints = URI:http://www.somewhere.com/phpki/dl_crl.php
117			nsComment = "PHPki/OpenSSL Generated Secure Server Certificate"
118			nsBaseUrl = http://www.somewhere.com/phpki/
119			nsRevocationUrl = ns_revoke_query.php?
120			diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/search.php phpki-ng/phpki-ng-0.84/search.php
121			--- phpki-ng.old/phpki-ng-0.84/search.php 2022-11-18 14:43:19.942000000 -0500
122			+++ phpki-ng/phpki-ng-0.84/search.php 2022-12-14 16:49:13.468000000 -0500
123			@@ -102,7 +102,7 @@
124			<td><?php echo htvar($rec['unit'])?></td>
125			<td><?php echo htvar($rec['locality'])?></td>
126			<td><?php echo htvar($rec['province'])?></td>
127			- <td><a href="<?php echo htmlentities($_SERVER['SCRIPT_NAME'])?> ?stage=display&serial=<?php echo htvar($rec['serial'])?>" target=_certdisp><img src=images/display.png alt="Display" title="Display the certificate in excruciating detail"></a>
128			+ <td><a href="<?php echo htmlentities($_SERVER['SCRIPT_NAME'])?>?stage=display&serial=<?php echo htvar($rec['serial'])?>" target=_certdisp><img src=images/display.png alt="Display" title="Display the certificate in excruciating detail"></a>
129			<?php
130			if ($rec['status'] != 'Revoked') {
131			?>
132			diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/setup.php-presetup phpki-ng/phpki-ng-0.84/setup.php-presetup
133			--- phpki-ng.old/phpki-ng-0.84/setup.php-presetup 2022-11-18 14:43:19.973000000 -0500
134			+++ phpki-ng/phpki-ng-0.84/setup.php-presetup 2022-12-14 16:49:13.502000000 -0500
135			@@ -887,7 +887,7 @@
136			}
137
138			if (! $crl_distrib) {
139			- $crl_distrib = 'index.php?stage=dl_crl';
140			+ $crl_distrib = 'dl_crl.php';
141			}
142			if (! $revoke_url) {
143			$revoke_url = 'ns_revoke_query.php?';