/[smecontribs]/rpms/phpki-ng/contribs10/phpki-ng-bz12274-regex-secu.patch
ViewVC logotype

Diff of /rpms/phpki-ng/contribs10/phpki-ng-bz12274-regex-secu.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph | View Patch Patch

Revision 1.1 by jpp, Wed Dec 14 21:52:40 2022 UTC Revision 1.2 by jpp, Wed Dec 14 21:56:02 2022 UTC
# Line 1  Line 1 
 diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/dl_crl.php phpki-ng/phpki-ng-0.84/dl_crl.php  
 --- phpki-ng.old/phpki-ng-0.84/dl_crl.php       1969-12-31 19:00:00.000000000 -0500  
 +++ phpki-ng/phpki-ng-0.84/dl_crl.php   2022-12-14 16:49:13.501000000 -0500  
 @@ -0,0 +1,8 @@  
 +<?php  
 +include('./config.php');  
 +include(STORE_DIR.'/config/config.php');  
 +include('./include/common.php');  
 +include('./include/my_functions.php');  
 +include('./include/openssl_functions.php');  
 +upload($config['cacrl_der'], $config['ca_prefix'] . "cacrl.crl", 'application/pkix-crl');  
 +?>  
 diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php phpki-ng/phpki-ng-0.84/include/openssl_functions.php  
 --- phpki-ng.old/phpki-ng-0.84/include/openssl_functions.php    2022-11-18 14:43:19.957000000 -0500  
 +++ phpki-ng/phpki-ng-0.84/include/openssl_functions.php        2022-12-14 16:49:13.502000000 -0500  
 @@ -601,7 +601,7 @@  
      $cmd_output[] = 'Revoking the certificate.';  
      $configCa_pwd = $config['ca_pwd'];  
      $configOpenssl_cnf = $config['openssl_cnf'];  
 -    exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$configCa_pwd 2>&1", $cmd_output, $ret);  
 +    exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:'$configCa_pwd' 2>&1", $cmd_output, $ret);  
   
      if ($ret == 0) {  
          unset($cmd_output);  
 @@ -652,7 +652,7 @@  
      $cmd_output[] = 'Creating certificate request.';  
   
      if (($_passwd) && ($_passwd != "''")) {  
 -        exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -passout pass:$_passwd  2>&1", $cmd_output, $ret);  
 +        exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -passout pass:'$_passwd'  2>&1", $cmd_output, $ret);  
      } else {  
          exec(REQ." -new -newkey rsa:$keysize -keyout '$userkey' -out '$userreq' -config '$cnf_file' -days '$expiry_days' -nodes  2>&1", $cmd_output, $ret);  
      }  
 @@ -681,8 +681,8 @@  
          $configRandom = $config['random'];  
   
          if (($_passwd) && ($_passwd != "''")) {  
 -            $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx  pass: $_passwd";  
 -            exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:$_passwd -passout pass:$_passwd  2>&1", $cmd_output, $ret);  
 +            $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx  pass:'$_passwd'";  
 +            exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:'$_passwd' -passout pass:'$_passwd'  2>&1", $cmd_output, $ret);  
          } else {  
              $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx";  
              // reetp - this needs looking at  
 @@ -823,8 +823,8 @@  
          unset($cmd_output);  
          $cmd_output[] = "Creating PKCS12 format certificate.";  
          if (($_passwd) && ($_passwd != "''")) {  
 -            $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx  pass: $_passwd";  
 -            exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:$_passwd -passout pass:$_passwd  2>&1", $cmd_output, $ret);  
 +            $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx  pass:'$_passwd'";  
 +            exec(PKCS12." -export -in '$usercert' -inkey '$userkey' -certfile '$configCacert_pem' -caname '$configOrganization' -out '$userpfx' -name $friendly_name -rand '$configRandom' -passin pass:'$_passwd' -passout pass:'$_passwd'  2>&1", $cmd_output, $ret);  
          } else {  
              $cmd_output[] = "infile: $usercert   keyfile: $userkey   outfile: $userpfx";  
              // reetp - this needs looking at  
1  diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php phpki-ng/phpki-ng-0.84/ns_revoke_query.php  diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php phpki-ng/phpki-ng-0.84/ns_revoke_query.php
2  --- phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php      2022-11-18 14:43:19.940000000 -0500  --- phpki-ng.old/phpki-ng-0.84/ns_revoke_query.php      2022-11-18 14:43:19.940000000 -0500
3  +++ phpki-ng/phpki-ng-0.84/ns_revoke_query.php  2022-12-14 16:49:46.524000000 -0500  +++ phpki-ng/phpki-ng-0.84/ns_revoke_query.php  2022-12-14 16:49:46.524000000 -0500
# Line 78  diff -Nur --no-dereference phpki-ng.old/ Line 23  diff -Nur --no-dereference phpki-ng.old/
23   $configIndex = $config['index'];   $configIndex = $config['index'];
24    
25   if (exec("egrep '$regexp' '$configIndex'")) {   if (exec("egrep '$regexp' '$configIndex'")) {
 diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/openssl.cnf phpki-ng/phpki-ng-0.84/openssl.cnf  
 --- phpki-ng.old/phpki-ng-0.84/openssl.cnf      2020-04-02 08:22:47.000000000 -0400  
 +++ phpki-ng/phpki-ng-0.84/openssl.cnf  2022-12-14 16:49:13.502000000 -0500  
 @@ -60,7 +60,7 @@  
  nsCertType             = sslCA, emailCA, objCA  
  subjectKeyIdentifier   = hash  
  subjectAltName         = email:copy  
 -crlDistributionPoints  = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl  
 +crlDistributionPoints  = URI:http://www.somewhere.com/phpki/dl_crl.php  
  nsComment              = "PHPki/OpenSSL Generated Root Certificate Authority"  
  #nsCaRevocationUrl     = ns_revoke_query.php?  
  nsCaPolicyUrl          = http://www.somewhere.com/phpki/policy.html  
 @@ -74,7 +74,7 @@  
  authorityKeyIdentifier = keyid:always, issuer:always  
  subjectAltName         = email:copy  
  issuerAltName          = issuer:copy  
 -crlDistributionPoints  = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl  
 +crlDistributionPoints  = URI:http://www.somewhere.com/phpki/dl_crl.php  
  nsComment              = "PHPki/OpenSSL Generated Personal Certificate"  
  nsBaseUrl              = http://www.somewhere.com/phpki/  
  nsRevocationUrl               = ns_revoke_query.php?  
 @@ -91,7 +91,7 @@  
  authorityKeyIdentifier = keyid:always, issuer:always  
  subjectAltName         = email:copy  
  issuerAltName          = issuer:copy  
 -crlDistributionPoints  = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl  
 +crlDistributionPoints  = URI:http://www.somewhere.com/phpki/dl_crl.php  
  nsComment              = "PHPki/OpenSSL Generated Personal Certificate"  
  nsBaseUrl              = http://www.somewhere.com/phpki/  
  nsRevocationUrl               = ns_revoke_query.php?  
 @@ -109,7 +109,7 @@  
  authorityKeyIdentifier  = keyid:always, issuer:always  
  subjectAltName          = email:copy  
  issuerAltName           = issuer:copy  
 -crlDistributionPoints  = URI:http://www.somewhere.com/phpki/index.php?stage=dl_crl  
 +crlDistributionPoints  = URI:http://www.somewhere.com/phpki/dl_crl.php  
  nsComment              = "PHPki/OpenSSL Generated Secure Server Certificate"  
  nsBaseUrl              = http://www.somewhere.com/phpki/  
  nsRevocationUrl                = ns_revoke_query.php?  
 diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/search.php phpki-ng/phpki-ng-0.84/search.php  
 --- phpki-ng.old/phpki-ng-0.84/search.php       2022-11-18 14:43:19.942000000 -0500  
 +++ phpki-ng/phpki-ng-0.84/search.php   2022-12-14 16:49:13.468000000 -0500  
 @@ -102,7 +102,7 @@  
          <td><?php echo htvar($rec['unit'])?></td>  
          <td><?php echo htvar($rec['locality'])?></td>  
          <td><?php echo htvar($rec['province'])?></td>  
 -        <td><a href="<?php echo htmlentities($_SERVER['SCRIPT_NAME'])?> ?stage=display&serial=<?php echo htvar($rec['serial'])?>" target=_certdisp><img src=images/display.png alt="Display" title="Display the certificate in excruciating detail"></a>  
 +        <td><a href="<?php echo htmlentities($_SERVER['SCRIPT_NAME'])?>?stage=display&serial=<?php echo htvar($rec['serial'])?>" target=_certdisp><img src=images/display.png alt="Display" title="Display the certificate in excruciating detail"></a>  
          <?php  
          if ($rec['status'] != 'Revoked') {  
              ?>  
 diff -Nur --no-dereference phpki-ng.old/phpki-ng-0.84/setup.php-presetup phpki-ng/phpki-ng-0.84/setup.php-presetup  
 --- phpki-ng.old/phpki-ng-0.84/setup.php-presetup       2022-11-18 14:43:19.973000000 -0500  
 +++ phpki-ng/phpki-ng-0.84/setup.php-presetup   2022-12-14 16:49:13.502000000 -0500  
 @@ -887,7 +887,7 @@  
          }  
   
          if (! $crl_distrib) {  
 -            $crl_distrib = 'index.php?stage=dl_crl';  
 +            $crl_distrib = 'dl_crl.php';  
          }  
          if (! $revoke_url) {  
              $revoke_url = 'ns_revoke_query.php?';  

Legend:
Removed lines/characters  
Changed lines/characters
  Added lines/characters
admin@koozali.org
 ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed