phpki/contribs10/phpki-0.82-dl_display_ta_dh.patch

diff -Nur -x '*.orig' -x '*.rej' phpki/phpki-0.82/ca/main.php mezzanine_patched_phpki/phpki-0.82/ca/main.php
--- phpki/phpki-0.82/ca/main.php        2005-11-17 02:17:20.000000000 +0100
+++ mezzanine_patched_phpki/phpki-0.82/ca/main.php      2008-12-09 01:49:39.000000000 +0100
@@ -10,6 +10,14 @@
 
 switch($stage) {
 
+case 'dl_takey':
+        upload("$config[private_dir]/takey.pem", "$config[ca_prefix]takey.pem", 'application/octet-stream');
+        break;
+
+case 'dl_dhparam':
+        upload("$config[private_dir]/dhparam1024.pem", "$config[ca_prefix]dhparam1024.pem", 'application/octet-stream');
+        break;
+
 case 'dl_root':
        upload("$config[cacert_pem]", "$config[ca_prefix]cacert.crt", 'application/x-x509-ca-cert');
        break;
@@ -50,6 +58,34 @@
         }
         break;
 
+case 'display_takey':
+        printHeader(false);
+
+        ?>
+        <center><h2>OpenVPN pre-shared Key</h2></center>
+        <p>
+        <form action=<?=$PHP_SELF?> method=post>
+        <input type=submit name=submit value="Back to Menu">
+        </form>
+        <?
+        print '<pre>'.ta_key_text().'</pre>';
+        break;
+
+case 'display_dhparam':
+        printHeader(false);
+
+        ?>
+        <center><h2>OpenVPN Diffie-Helman parameters</h2></center>
+        <p>
+        <form action=<?=$PHP_SELF?> method=post>
+        <input type=submit name=submit value="Back to Menu">
+        </form>
+        <?
+        print '<pre>'.dhparam_text().'</pre>';
+        break;
+
+
+
 default:
        printHeader('ca');
        ?>
@@ -87,6 +123,17 @@
        <td>This is the official list of revoked certificates.  Using this list with your e-mail or
        browser application is optional.  Some applications will automagically reference this list. </td></tr>
 
+        <tr><td style="text-align: center; vertical-align: middle; font-weight: bold;">
+        <a href=<?=$PHP_SELF?>?stage=dl_takey>Download the static pre-shared key</a><br><br>
+        <a href=<?=$PHP_SELF?>?stage=display_takey>Display the static pre-shared key</a></td>
+        <td>This key can be used with OpenVPN as a standalone auth mecanism, or as an additionnal TLS authentication.</td></tr>
+
+        <tr><td style="text-align: center; vertical-align: middle; font-weight: bold;">
+        <a href=<?=$PHP_SELF?>?stage=dl_dhparam>Download the Diffie-Hellman parameters</a><br><br>
+        <a href=<?=$PHP_SELF?>?stage=display_dhparam>Display the Diffie-Hellman parameters</a></td>
+        <td>This file is used by OpenVPN for the hand-shake. The Diffie-Hellman key agreement 
+        protocol enables two communication partners to exchange a secret key safely.</td></tr>
+
        </table>
        </center>
        <br><br>
diff -Nur -x '*.orig' -x '*.rej' phpki/phpki-0.82/include/openssl_functions.php mezzanine_patched_phpki/phpki-0.82/include/openssl_functions.php
--- phpki/phpki-0.82/include/openssl_functions.php      2008-12-09 01:50:28.000000000 +0100
+++ mezzanine_patched_phpki/phpki-0.82/include/openssl_functions.php    2008-12-09 01:50:05.000000000 +0100
@@ -416,6 +416,20 @@
        return(shell_exec(CRL.' -in '.escshellarg($crlfile).' -text 2>&1'));
 }
 
+// Returns the static takey.pem file
+function ta_key_text() {
+        global $config;
+        return(shell_exec('cat '.escshellarg($config['private_dir']).'/takey.pem 2>&1'));
+}
+
+// Returns the dhparam file
+function dhparam_text() {
+        global $config;
+        return(shell_exec('cat '.escshellarg($config['private_dir']).'/dhparam1024.pem 2>&1'));
+}
+
+
+
 //
 // Returns the subject of a certificate.
 //
1	diff -Nur -x '.orig' -x '.rej' phpki/phpki-0.82/ca/main.php mezzanine_patched_phpki/phpki-0.82/ca/main.php
2	--- phpki/phpki-0.82/ca/main.php 2005-11-17 02:17:20.000000000 +0100
3	+++ mezzanine_patched_phpki/phpki-0.82/ca/main.php 2008-12-09 01:49:39.000000000 +0100
4	@@ -10,6 +10,14 @@
5
6	switch($stage) {
7
8	+case 'dl_takey':
9	+ upload("$config[private_dir]/takey.pem", "$config[ca_prefix]takey.pem", 'application/octet-stream');
10	+ break;
11	+
12	+case 'dl_dhparam':
13	+ upload("$config[private_dir]/dhparam1024.pem", "$config[ca_prefix]dhparam1024.pem", 'application/octet-stream');
14	+ break;
15	+
16	case 'dl_root':
17	upload("$config[cacert_pem]", "$config[ca_prefix]cacert.crt", 'application/x-x509-ca-cert');
18	break;
19	@@ -50,6 +58,34 @@
20	}
21	break;
22
23	+case 'display_takey':
24	+ printHeader(false);
25	+
26	+ ?>
27	+ <center><h2>OpenVPN pre-shared Key</h2></center>
28	+ <p>
29	+ <form action=<?=$PHP_SELF?> method=post>
30	+ <input type=submit name=submit value="Back to Menu">
31	+ </form>
32	+ <?
33	+ print '<pre>'.ta_key_text().'</pre>';
34	+ break;
35	+
36	+case 'display_dhparam':
37	+ printHeader(false);
38	+
39	+ ?>
40	+ <center><h2>OpenVPN Diffie-Helman parameters</h2></center>
41	+ <p>
42	+ <form action=<?=$PHP_SELF?> method=post>
43	+ <input type=submit name=submit value="Back to Menu">
44	+ </form>
45	+ <?
46	+ print '<pre>'.dhparam_text().'</pre>';
47	+ break;
48	+
49	+
50	+
51	default:
52	printHeader('ca');
53	?>
54	@@ -87,6 +123,17 @@
55	<td>This is the official list of revoked certificates. Using this list with your e-mail or
56	browser application is optional. Some applications will automagically reference this list. </td></tr>
57
58	+ <tr><td style="text-align: center; vertical-align: middle; font-weight: bold;">
59	+ <a href=<?=$PHP_SELF?>?stage=dl_takey>Download the static pre-shared key</a><br><br>
60	+ <a href=<?=$PHP_SELF?>?stage=display_takey>Display the static pre-shared key</a></td>
61	+ <td>This key can be used with OpenVPN as a standalone auth mecanism, or as an additionnal TLS authentication.</td></tr>
62	+
63	+ <tr><td style="text-align: center; vertical-align: middle; font-weight: bold;">
64	+ <a href=<?=$PHP_SELF?>?stage=dl_dhparam>Download the Diffie-Hellman parameters</a><br><br>
65	+ <a href=<?=$PHP_SELF?>?stage=display_dhparam>Display the Diffie-Hellman parameters</a></td>
66	+ <td>This file is used by OpenVPN for the hand-shake. The Diffie-Hellman key agreement
67	+ protocol enables two communication partners to exchange a secret key safely.</td></tr>
68	+
69	</table>
70	</center>
71	<br><br>
72	diff -Nur -x '.orig' -x '.rej' phpki/phpki-0.82/include/openssl_functions.php mezzanine_patched_phpki/phpki-0.82/include/openssl_functions.php
73	--- phpki/phpki-0.82/include/openssl_functions.php 2008-12-09 01:50:28.000000000 +0100
74	+++ mezzanine_patched_phpki/phpki-0.82/include/openssl_functions.php 2008-12-09 01:50:05.000000000 +0100
75	@@ -416,6 +416,20 @@
76	return(shell_exec(CRL.' -in '.escshellarg($crlfile).' -text 2>&1'));
77	}
78
79	+// Returns the static takey.pem file
80	+function ta_key_text() {
81	+ global $config;
82	+ return(shell_exec('cat '.escshellarg($config['private_dir']).'/takey.pem 2>&1'));
83	+}
84	+
85	+// Returns the dhparam file
86	+function dhparam_text() {
87	+ global $config;
88	+ return(shell_exec('cat '.escshellarg($config['private_dir']).'/dhparam1024.pem 2>&1'));
89	+}
90	+
91	+
92	+
93	//
94	// Returns the subject of a certificate.
95	//