--- rpms/phpki-ng/contribs10/phpki-ng-bz12274-regex-secu.patch	2022/12/14 21:52:40	1.1
+++ rpms/phpki-ng/contribs10/phpki-ng-bz12274-regex-secu.patch	2022/12/14 21:56:02	1.2
@@ -1,58 +1,3 @@
-diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/dl_crl.php phpki-ng/phpki-ng-0.84/dl_crl.php
---- phpki-ng.old/phpki-ng-0.84/dl_crl.php	1969-12-31 19:00:00.000000000 -0500
-+++ phpki-ng/phpki-ng-0.84/dl_crl.php	2022-12-14 16:49:13.501000000 -0500
-@@ -0,0 +1,8 @@
-+<?php
-+include('./config.php');
-+include(STORE_DIR.'/config/config.php');
-+include('./include/common.php');
-+include('./include/my_functions.php');
-+include('./include/openssl_functions.php');
-+upload($config['cacrl_der'], $config['ca_prefix'] . "cacrl.crl", 'application/pkix-crl');
-+?>
-diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php phpki-ng/phpki-ng-0.84/include/openssl_functions.php
---- phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php	2022-11-18 14:43:19.957000000 -0500
-+++ phpki-ng/phpki-ng-0.84/include/openssl_functions.php	2022-12-14 16:49:13.502000000 -0500
-@@ -601,7 +601,7 @@
-     $cmd_output[] = 'Revoking the certificate.';
-     $configCa_pwd = $config['ca_pwd'];
-     $configOpenssl_cnf = $config['openssl_cnf'];
--    exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$configCa_pwd 2>&1", $cmd_output, $ret);
-+    exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:'$configCa_pwd' 2>&1", $cmd_output, $ret);
- 
-     if ($ret == 0) {
-         unset($cmd_output);
-@@ -652,7 +652,7 @@
-     $cmd_output[] = 'Creating certificate request.';
- 
-     if (($_passwd) && ($_passwd != "''")) {
--        exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -passout pass:$_passwd  2>&1", $cmd_output, $ret);
-+        exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -passout pass:'$_passwd'  2>&1", $cmd_output, $ret);
-     } else {
-         exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -nodes  2>&1", $cmd_output, $ret);
-     }
-@@ -681,8 +681,8 @@
-         $configRandom = $config['random'];
- 
-         if (($_passwd) && ($_passwd != "''")) {
--            $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx  pass: $_passwd";
--            exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:$_passwd -passout pass:$_passwd  2>&1", $cmd_output, $ret);
-+            $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx  pass:'$_passwd'";
-+            exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:'$_passwd' -passout pass:'$_passwd'  2>&1", $cmd_output, $ret);
-         } else {
-             $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx";
-             // reetp - this needs looking at
-@@ -823,8 +823,8 @@
-         unset($cmd_output);
-         $cmd_output[] = "Creating PKCS12 format certificate.";
-         if (($_passwd) && ($_passwd != "''")) {
--            $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx  pass: $_passwd";
--            exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:$_passwd -passout pass:$_passwd  2>&1", $cmd_output, $ret);
-+            $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx  pass:'$_passwd'";
-+            exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:'$_passwd' -passout pass:'$_passwd'  2>&1", $cmd_output, $ret);
-         } else {
-             $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx";
-             // reetp - this needs looking at
 diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php phpki-ng/phpki-ng-0.84/ns_revoke_query.php
 --- phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php	2022-11-18 14:43:19.940000000 -0500
 +++ phpki-ng/phpki-ng-0.84/ns_revoke_query.php	2022-12-14 16:49:46.524000000 -0500
@@ -78,66 +23,3 @@ diff -Nur --no-dereference phpki-ng.old/
  $configIndex = $config['index'];
  
  if (exec("egrep '$regexp' '$configIndex'")) {
-diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/openssl.cnf phpki-ng/phpki-ng-0.84/openssl.cnf
---- phpki-ng.old/phpki-ng-0.84/openssl.cnf	2020-04-02 08:22:47.000000000 -0400
-+++ phpki-ng/phpki-ng-0.84/openssl.cnf	2022-12-14 16:49:13.502000000 -0500
-@@ -60,7 +60,7 @@
- nsCertType             = sslCA, emailCA, objCA
- subjectKeyIdentifier   = hash
- subjectAltName         = email:copy
--crlDistributionPoints  = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl
-+crlDistributionPoints  = URI:http://www.somewhere.com/phpki/dl_crl.php
- nsComment              = "PHPki/OpenSSL Generated Root Certificate Authority"
- #nsCaRevocationUrl	= ns_revoke_query.php?
- nsCaPolicyUrl          = http://www.somewhere.com/phpki/policy.html
-@@ -74,7 +74,7 @@
- authorityKeyIdentifier = keyid:always, issuer:always
- subjectAltName         = email:copy
- issuerAltName          = issuer:copy
--crlDistributionPoints  = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl
-+crlDistributionPoints  = URI:http://www.somewhere.com/phpki/dl_crl.php
- nsComment              = "PHPki/OpenSSL Generated Personal Certificate"
- nsBaseUrl              = http://www.somewhere.com/phpki/
- nsRevocationUrl	       = ns_revoke_query.php?
-@@ -91,7 +91,7 @@
- authorityKeyIdentifier = keyid:always, issuer:always
- subjectAltName         = email:copy
- issuerAltName          = issuer:copy
--crlDistributionPoints  = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl
-+crlDistributionPoints  = URI:http://www.somewhere.com/phpki/dl_crl.php
- nsComment              = "PHPki/OpenSSL Generated Personal Certificate"
- nsBaseUrl              = http://www.somewhere.com/phpki/
- nsRevocationUrl	       = ns_revoke_query.php?
-@@ -109,7 +109,7 @@
- authorityKeyIdentifier  = keyid:always, issuer:always
- subjectAltName          = email:copy
- issuerAltName           = issuer:copy
--crlDistributionPoints  = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl
-+crlDistributionPoints  = URI:http://www.somewhere.com/phpki/dl_crl.php
- nsComment		= "PHPki/OpenSSL Generated Secure Server Certificate"
- nsBaseUrl		= http://www.somewhere.com/phpki/
- nsRevocationUrl		= ns_revoke_query.php?
-diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/search.php phpki-ng/phpki-ng-0.84/search.php
---- phpki-ng.old/phpki-ng-0.84/search.php	2022-11-18 14:43:19.942000000 -0500
-+++ phpki-ng/phpki-ng-0.84/search.php	2022-12-14 16:49:13.468000000 -0500
-@@ -102,7 +102,7 @@
-         <td><?php echo htvar($rec['unit'])?></td>
-         <td><?php echo htvar($rec['locality'])?></td>
-         <td><?php echo htvar($rec['province'])?></td>
--        <td><a href="<?php echo htmlentities($_SERVER['SCRIPT_NAME'])?> ?stage=display&serial=<?php echo htvar($rec['serial'])?>" target=_certdisp><img src=images/display.png alt="Display" title="Display the certificate in excruciating detail"></a>
-+        <td><a href="<?php echo htmlentities($_SERVER['SCRIPT_NAME'])?>?stage=display&serial=<?php echo htvar($rec['serial'])?>" target=_certdisp><img src=images/display.png alt="Display" title="Display the certificate in excruciating detail"></a>
-         <?php
-         if ($rec['status'] != 'Revoked') {
-             ?>
-diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/setup.php-presetup phpki-ng/phpki-ng-0.84/setup.php-presetup
---- phpki-ng.old/phpki-ng-0.84/setup.php-presetup	2022-11-18 14:43:19.973000000 -0500
-+++ phpki-ng/phpki-ng-0.84/setup.php-presetup	2022-12-14 16:49:13.502000000 -0500
-@@ -887,7 +887,7 @@
-         }
- 
-         if (! $crl_distrib) {
--            $crl_distrib = 'index.php?stage=dl_crl';
-+            $crl_distrib = 'dl_crl.php';
-         }
-         if (! $revoke_url) {
-             $revoke_url = 'ns_revoke_query.php?';