1 |
jcrisp |
1.1 |
diff -ruN phpki.old/phpki-0.82/admin/index.php phpki/phpki-0.82/admin/index.php |
2 |
|
|
--- phpki.old/phpki-0.82/admin/index.php 2005-11-15 18:14:23.000000000 +0100 |
3 |
|
|
+++ phpki/phpki-0.82/admin/index.php 2020-03-03 14:21:55.635891053 +0100 |
4 |
|
|
@@ -28,7 +28,7 @@ |
5 |
|
|
case 'add_user_form'; |
6 |
|
|
printHeader('admin'); |
7 |
|
|
?> |
8 |
|
|
- <body onLoad="self.focus();document.form.login.focus()"> |
9 |
|
|
+ <body onLoad="self.focus();document.form.login.focus();"> |
10 |
|
|
<form action=<?=$PHP_SELF?> method=post name=form> |
11 |
|
|
<table> |
12 |
|
|
<th colspan=2><h3>Add User or Change Password</h3></th> |
13 |
|
|
@@ -76,7 +76,7 @@ |
14 |
|
|
case 'del_user_form'; |
15 |
|
|
printHeader('admin'); |
16 |
|
|
?> |
17 |
|
|
- <body onLoad="self.focus();document.form.login.focus()"> |
18 |
|
|
+ <body onLoad="self.focus();document.form.login.focus();"> |
19 |
|
|
<form action=<?=$PHP_SELF?> method=post name=form> |
20 |
|
|
<table> |
21 |
|
|
<th colspan=2><h3>Remove User</h3></th> |
22 |
|
|
diff -ruN phpki.old/phpki-0.82/ca/manage_certs.php phpki/phpki-0.82/ca/manage_certs.php |
23 |
|
|
--- phpki.old/phpki-0.82/ca/manage_certs.php 2018-11-17 14:06:06.550603387 +0100 |
24 |
|
|
+++ phpki/phpki-0.82/ca/manage_certs.php 2020-03-03 14:20:50.174722154 +0100 |
25 |
|
|
@@ -89,16 +89,16 @@ |
26 |
|
|
upload("$config[pfx_dir]/$serial.pfx", "$rec[common_name].p12", 'application/x-pkcs12'); |
27 |
|
|
break; |
28 |
|
|
case 'PEMCERT': |
29 |
|
|
- upload("$config[new_certs_dir]/$serial.pem", "$rec[common_name].pem",'application/pkix-cert'); |
30 |
|
|
+ upload("$config[new_certs_dir]/$serial.pem", "$rec[common_name]-cert.pem",'application/pkix-cert'); |
31 |
|
|
break; |
32 |
|
|
case 'PEMKEY': |
33 |
|
|
upload("$config[private_dir]/$serial-key.pem", "$rec[common_name]-key.pem",'application/octet-stream'); |
34 |
|
|
break; |
35 |
|
|
case 'PEMBUNDLE': |
36 |
|
|
- upload(array("$config[private_dir]/$serial-key.pem","$config[new_certs_dir]/$serial.pem"), "$rec[common_name].pem",'application/octet-stream'); |
37 |
|
|
+ upload(array("$config[private_dir]/$serial-key.pem","$config[new_certs_dir]/$serial.pem"), "$rec[common_name]-bundle.pem",'application/octet-stream'); |
38 |
|
|
break; |
39 |
|
|
case 'PEMCABUNDLE': |
40 |
|
|
- upload(array("$config[private_dir]/$serial-key.pem","$config[new_certs_dir]/$serial.pem",$config['cacert_pem']), "$rec[common_name].pem",'application/octet-stream'); |
41 |
|
|
+ upload(array("$config[private_dir]/$serial-key.pem","$config[new_certs_dir]/$serial.pem",$config['cacert_pem']), "$rec[common_name]-bundle-root.pem",'application/octet-stream'); |
42 |
|
|
break; |
43 |
|
|
default: |
44 |
|
|
header("Location: ${PHP_SELF}?$qstr_sort&$qstr_filter"); |
45 |
|
|
@@ -123,6 +123,7 @@ |
46 |
|
|
Locality<br> |
47 |
|
|
State/Province<br> |
48 |
|
|
Country<br> |
49 |
|
|
+ </p> |
50 |
|
|
</td> |
51 |
|
|
<? |
52 |
|
|
|
53 |
|
|
@@ -139,7 +140,7 @@ |
54 |
|
|
</td> |
55 |
|
|
</tr></table> |
56 |
|
|
<h4>Are you sure?</h4> |
57 |
|
|
- <p><form action="'.$PHP_SELF.'?'.$qstr_sort.'&'.$qstr_filter.'" method=post> |
58 |
|
|
+ <form action="'.$PHP_SELF.'?'.$qstr_sort.'&'.$qstr_filter.'" method=post> |
59 |
|
|
<input type=hidden name=stage value=revoke > |
60 |
|
|
<input type=hidden name=serial value='.$serial.' > |
61 |
|
|
<input type=submit name=submit value=Yes >  |
62 |
|
|
@@ -198,7 +199,7 @@ |
63 |
|
|
|
64 |
|
|
printHeader('ca'); |
65 |
|
|
?> |
66 |
|
|
- <body onLoad="self.focus();document.form.passwd.focus()"> |
67 |
|
|
+ <body onLoad="self.focus();document.form.passwd.focus();"> |
68 |
|
|
|
69 |
|
|
<form action="<?=$PHP_SELF.'?'.$qstr_sort.'&'.$qstr_filter?>" method=post name=form> |
70 |
|
|
<table width=99%> |
71 |
|
|
@@ -249,7 +250,7 @@ |
72 |
|
|
print "<option value=0.25 ". ($expiry == 0.25 ? "selected='selected'" : "") . " >3 Months</option>\n" ; |
73 |
|
|
print "<option value=0.5 ". ($expiry == 0.5 ? "selected='selected'" : "") . " >6 Months</option>\n" ; |
74 |
|
|
print "<option value=1 " . ($expiry == 1 ? "selected='selected'" : "") . " >1 Year</option>\n" ; |
75 |
|
|
- for ( $i = 2 ; $i < 6 ; $i++ ) { |
76 |
|
|
+ for ( $i = 2 ; $i <= 5 ; $i++ ) { |
77 |
|
|
print "<option value=$i " . ($expiry == $i ? "selected='selected'" : "") . " >$i Years</option>\n" ; |
78 |
|
|
} |
79 |
|
|
|
80 |
|
|
@@ -285,8 +286,7 @@ |
81 |
|
|
print "<form action=\"$PHP_SELF?stage=renew-form&serial=$serial&$qstr_sort&$qstr_filter\" method=post>"; |
82 |
|
|
?> |
83 |
|
|
<font color=#ff0000> |
84 |
|
|
- <h2>There was an error creating your certificate |
85 |
|
|
-.</h2></font><br> |
86 |
|
|
+ <h2>There was an error creating your certificate.</h2></font><br> |
87 |
|
|
<blockquote> |
88 |
|
|
<h3>Debug Info:</h3> |
89 |
|
|
<pre><?=$errtxt?></pre> |
90 |
|
|
@@ -308,14 +308,13 @@ |
91 |
|
|
printHeader('ca'); |
92 |
|
|
|
93 |
|
|
?> |
94 |
|
|
- <body onLoad="self.focus();document.filter.search.focus()"> |
95 |
|
|
+ <body onLoad="self.focus();document.filter.search.focus();"> |
96 |
|
|
<table> |
97 |
|
|
<tr><th colspan=8><big>CERTIFICATE MANAGEMENT CONTROL PANEL</big></th></tr> |
98 |
|
|
<tr><td colspan=8><center> |
99 |
|
|
<form action="<?="$PHP_SELF?$qstr_sort"?>" method=get name=filter> |
100 |
|
|
Search: <input type=text name=search value="<?=htvar($search)?>" style="font-size: 11px;" maxlength=60 size=30> |
101 |
|
|
-       <input type=checkbox name=show_valid value="V" <?=($show_valid?'checked' |
102 |
|
|
-:'')?>>Valid |
103 |
|
|
+       <input type=checkbox name=show_valid value="V" <?=($show_valid?'checked':'')?>>Valid |
104 |
|
|
  <input type=checkbox name=show_revoked value="R" <?=($show_revoked?'checked':'')?>>Revoked |
105 |
|
|
  <input type=checkbox name=show_expired value="E" <?=($show_expired?'checked':'')?>>Expired |
106 |
|
|
     <input type=submit name=submit value="Apply Filter" style="font-size: 11px;"> |
107 |
|
|
diff -ruN phpki.old/phpki-0.82/ca/request_cert.php phpki/phpki-0.82/ca/request_cert.php |
108 |
|
|
--- phpki.old/phpki-0.82/ca/request_cert.php 2018-11-17 14:06:06.538602802 +0100 |
109 |
|
|
+++ phpki/phpki-0.82/ca/request_cert.php 2020-03-03 14:19:28.624775077 +0100 |
110 |
|
|
@@ -216,7 +216,7 @@ |
111 |
|
|
|
112 |
|
|
printHeader(); |
113 |
|
|
?> |
114 |
|
|
- <body onLoad="self.focus();document.request.common_name.focus()"> |
115 |
|
|
+ <body onLoad="self.focus();document.request.common_name.focus();"> |
116 |
|
|
<form action="<?=$PHP_SELF?>" method=post name=request> |
117 |
|
|
<table width=99%> |
118 |
|
|
<th colspan=2><h3>Certificate Request Form</h3></th> |
119 |
|
|
@@ -266,7 +266,7 @@ |
120 |
|
|
print "<option value=0.25 ". ($expiry == 0.25 ? "selected='selected'" : "") . " >3 Months</option>\n" ; |
121 |
|
|
print "<option value=0.5 ". ($expiry == 0.5 ? "selected='selected'" : "") . " >6 Months</option>\n" ; |
122 |
|
|
print "<option value=1 " . ($expiry == 1 ? "selected='selected'" : "") . " >1 Year</option>\n" ; |
123 |
|
|
- for ( $i = 2 ; $i < 6 ; $i++ ) { |
124 |
|
|
+ for ( $i = 2 ; $i <= 5 ; $i++ ) { |
125 |
|
|
print "<option value=$i " . ($expiry == $i ? "selected='selected'" : "") . " >$i Years</option>\n" ; |
126 |
|
|
} |
127 |
|
|
|
128 |
|
|
@@ -279,7 +279,7 @@ |
129 |
|
|
<td>Key Size </td> |
130 |
|
|
<td><select name=keysize> |
131 |
|
|
<? |
132 |
|
|
- for ( $i = 512 ; $i < 4096 ; $i+= 512 ) { |
133 |
|
|
+ for ( $i = 512 ; $i <= 4096 ; $i+= 512 ) { |
134 |
|
|
print "<option value=$i " . ($keysize == $i ? "selected='selected'" : "") . " >$i bits</option>\n" ; |
135 |
|
|
} |
136 |
|
|
|
137 |
|
|
diff -ruN phpki.old/phpki-0.82/include/openssl_functions.php phpki/phpki-0.82/include/openssl_functions.php |
138 |
|
|
--- phpki.old/phpki-0.82/include/openssl_functions.php 2018-11-17 14:06:06.551603435 +0100 |
139 |
|
|
+++ phpki/phpki-0.82/include/openssl_functions.php 2020-03-03 14:25:40.638785922 +0100 |
140 |
|
|
@@ -13,7 +13,7 @@ |
141 |
|
|
$cnf_contents = " |
142 |
|
|
HOME = $config[home_dir] |
143 |
|
|
RANDFILE = $config[random] |
144 |
|
|
-dir = $config[ca_dir] |
145 |
|
|
+dir = $config[ca_dir] |
146 |
|
|
certs = $config[cert_dir] |
147 |
|
|
crl_dir = $config[crl_dir] |
148 |
|
|
database = $config[index] |
149 |
|
|
@@ -319,14 +319,18 @@ |
150 |
|
|
break; |
151 |
|
|
} |
152 |
|
|
|
153 |
|
|
- sscanf(CA_cert_startdate($a[3]),"%s %s %s %s", $mm,$dd,$tt,$yy); |
154 |
|
|
- $db['issued'] = strftime("%y-%b-%d", strtotime("$dd $mm $yy")); |
155 |
|
|
+ // CA_cert_start/enddate |
156 |
|
|
+ // A date will be returned in this format |
157 |
|
|
+ // Feb 27 16:00:09 2020 GMT |
158 |
|
|
+ sscanf(CA_cert_startdate($a[3]),"%s%s%s%s", $mm,$dd,$tt,$yy); |
159 |
|
|
+ $db['issued'] = strftime("%Y-%b-%d", strtotime("$yy-$mm-$dd")); |
160 |
|
|
|
161 |
|
|
- sscanf($a[1], "%2s%2s%2s",$yy,$mm,$dd); |
162 |
|
|
- $db['expires'] = strftime("%y-%b-%d", strtotime("$mm/$dd/$yy")); |
163 |
|
|
+ sscanf(CA_cert_enddate($a[3]), "%s%s%s%s",$mm,$dd,$tt,$yy); |
164 |
|
|
+ $db['expires'] = strftime("%Y-%b-%d", strtotime("$yy-$mm-$dd")); |
165 |
|
|
|
166 |
|
|
- if (time() > strtotime("$mm/$dd/$yy")) |
167 |
|
|
- $db['status'] = "Expired"; |
168 |
|
|
+ if (time() > strtotime("$yy-$mm-$dd")) { |
169 |
|
|
+ $db['status'] = "Expired"; |
170 |
|
|
+ } |
171 |
|
|
|
172 |
|
|
|
173 |
|
|
// Compatibility with migrated certs from openvpn-bridge |
174 |
|
|
@@ -381,7 +385,7 @@ |
175 |
|
|
if ($x) { |
176 |
|
|
list($j,$j,$revoke_date,$j,$j,$j) = explode("\t", $x); |
177 |
|
|
sscanf($revoke_date, "%2s%2s%2s",$yy,$mm,$dd); |
178 |
|
|
- return strftime("%b %d, %Y", strtotime("$mm/$dd/$yy")); |
179 |
|
|
+ return strftime("%b %d, %Y", strtotime("$yy-$mm-$dd")); |
180 |
|
|
} |
181 |
|
|
else |
182 |
|
|
return false; |
183 |
|
|
@@ -717,6 +721,14 @@ |
184 |
|
|
#Unlock the CA database |
185 |
|
|
fclose($fd); |
186 |
|
|
|
187 |
|
|
+ # https://github.com/radicand/phpki/issues/14 |
188 |
|
|
+ if (preg_match('E-mail Protection', $certtext) && preg_match('Code Signing', $certtest)) { |
189 |
|
|
+ $cert_type = 'email_signing'; |
190 |
|
|
+ } |
191 |
|
|
+ if (preg_match('E-mail Protection', $certtext)) { |
192 |
|
|
+ $cert_type = 'email'; |
193 |
|
|
+ } |
194 |
|
|
+ |
195 |
|
|
#Remove temporary openssl config file. |
196 |
|
|
if (file_exists($cnf_file)) unlink($cnf_file); |
197 |
|
|
|
198 |
|
|
diff -ruN phpki.old/phpki-0.82/search.php phpki/phpki-0.82/search.php |
199 |
|
|
--- phpki.old/phpki-0.82/search.php 2018-11-17 14:06:06.541602947 +0100 |
200 |
|
|
+++ phpki/phpki-0.82/search.php 2020-03-03 14:21:27.053507343 +0100 |
201 |
|
|
@@ -49,7 +49,7 @@ |
202 |
|
|
|
203 |
|
|
$db = CAdb_to_array("^[${show_valid}${show_revoked}${show_expired}].*$search"); |
204 |
|
|
|
205 |
|
|
- print '<body onLoad="self.focus();document.form.submit.focus()">'; |
206 |
|
|
+ print '<body onLoad="self.focus();document.form.submit.focus();">'; |
207 |
|
|
if (sizeof($db) == 0) { |
208 |
|
|
?> |
209 |
|
|
<center> |
210 |
|
|
@@ -127,7 +127,7 @@ |
211 |
|
|
printHeader('public'); |
212 |
|
|
|
213 |
|
|
?> |
214 |
|
|
- <body onLoad="self.focus();document.search.search.focus()"> |
215 |
|
|
+ <body onLoad="self.focus();document.search.search.focus();"> |
216 |
|
|
<center><h2>Certificate Search</h2> |
217 |
|
|
<form action=<?=$PHP_SELF?> method=post name=search> |
218 |
|
|
<input type=text name=search value="<?=htvar($search)?>" maxlength=60 size=40> |
219 |
|
|
diff -ruN phpki.old/phpki-0.82/setup.php phpki/phpki-0.82/setup.php |
220 |
|
|
--- phpki.old/phpki-0.82/setup.php 2018-11-17 14:06:06.548603290 +0100 |
221 |
|
|
+++ phpki/phpki-0.82/setup.php 2020-03-03 15:44:01.215746367 +0100 |
222 |
|
|
@@ -102,6 +102,11 @@ |
223 |
|
|
if (! $passwd_file) $er .= 'Missing User Password File Location'; |
224 |
|
|
if (! $store_dir) $er .= 'Missing Storage Directory<br>'; |
225 |
|
|
|
226 |
|
|
+ $countrycode = strtoupper($country); |
227 |
|
|
+ |
228 |
|
|
+ if (! preg_match("/\b[A-Z][A-Z]\b/", $countrycode, $match) ) { |
229 |
|
|
+ $er .= 'Country Code must be ISO 3166 two letters <br>'; |
230 |
|
|
+ } |
231 |
|
|
|
232 |
|
|
if ( $passwd && strlen($passwd) < 8 ) |
233 |
|
|
$er .= 'Certificate password is too short.<br>'; |
234 |
|
|
@@ -762,9 +767,8 @@ |
235 |
|
|
<td><select name=expiry> |
236 |
|
|
|
237 |
|
|
<? |
238 |
|
|
- for ( $i = 5 ; $i < 20 ; $i+=5 ) { |
239 |
|
|
- print "<option value=$i " . ($expiry == $i ? "selected='selected |
240 |
|
|
-'" : "") . " >$i Years</option>\n" ; |
241 |
|
|
+ for ( $i = 5 ; $i <= 20 ; $i+=5 ) { |
242 |
|
|
+ print "<option value=$i " . ($expiry == $i ? "selected='selected'" : "") . " >$i Years</option>\n" ; |
243 |
|
|
} |
244 |
|
|
?> |
245 |
|
|
|
246 |
|
|
@@ -780,8 +784,7 @@ |
247 |
|
|
|
248 |
|
|
<? |
249 |
|
|
for ( $i = 512 ; $i <= 4096 ; $i+=512 ) { |
250 |
|
|
- print "<option value=$i " . ($keysize == $i ? "selected='selected |
251 |
|
|
-'" : "") . " >$i bits</option>\n" ; |
252 |
|
|
+ print "<option value=$i " . ($keysize == $i ? "selected='selected'" : "") . " >$i bits</option>\n" ; |
253 |
|
|
} |
254 |
|
|
?> |
255 |
|
|
|
256 |
|
|
diff -ruN phpki.old/phpki-0.82/setup.php-presetup phpki/phpki-0.82/setup.php-presetup |
257 |
|
|
--- phpki.old/phpki-0.82/setup.php-presetup 2018-11-17 14:06:06.548603290 +0100 |
258 |
|
|
+++ phpki/phpki-0.82/setup.php-presetup 2020-03-03 15:44:01.215746367 +0100 |
259 |
|
|
@@ -102,6 +102,11 @@ |
260 |
|
|
if (! $passwd_file) $er .= 'Missing User Password File Location'; |
261 |
|
|
if (! $store_dir) $er .= 'Missing Storage Directory<br>'; |
262 |
|
|
|
263 |
|
|
+ $countrycode = strtoupper($country); |
264 |
|
|
+ |
265 |
|
|
+ if (! preg_match("/\b[A-Z][A-Z]\b/", $countrycode, $match) ) { |
266 |
|
|
+ $er .= 'Country Code must be ISO 3166 two letters <br>'; |
267 |
|
|
+ } |
268 |
|
|
|
269 |
|
|
if ( $passwd && strlen($passwd) < 8 ) |
270 |
|
|
$er .= 'Certificate password is too short.<br>'; |
271 |
|
|
@@ -762,9 +767,8 @@ |
272 |
|
|
<td><select name=expiry> |
273 |
|
|
|
274 |
|
|
<? |
275 |
|
|
- for ( $i = 5 ; $i < 20 ; $i+=5 ) { |
276 |
|
|
- print "<option value=$i " . ($expiry == $i ? "selected='selected |
277 |
|
|
-'" : "") . " >$i Years</option>\n" ; |
278 |
|
|
+ for ( $i = 5 ; $i <= 20 ; $i+=5 ) { |
279 |
|
|
+ print "<option value=$i " . ($expiry == $i ? "selected='selected'" : "") . " >$i Years</option>\n" ; |
280 |
|
|
} |
281 |
|
|
?> |
282 |
|
|
|
283 |
|
|
@@ -780,8 +784,7 @@ |
284 |
|
|
|
285 |
|
|
<? |
286 |
|
|
for ( $i = 512 ; $i <= 4096 ; $i+=512 ) { |
287 |
|
|
- print "<option value=$i " . ($keysize == $i ? "selected='selected |
288 |
|
|
-'" : "") . " >$i bits</option>\n" ; |
289 |
|
|
+ print "<option value=$i " . ($keysize == $i ? "selected='selected'" : "") . " >$i bits</option>\n" ; |
290 |
|
|
} |
291 |
|
|
?> |
292 |
|
|
|