deprecated/phpki-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix start end and revoke dates

Browse Source
This commit is contained in:
John Crisp
2020-03-03 13:11:33 +01:00
parent c543de7b83
commit 943cccbba8
1 changed files with 18 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
include/openssl_functions.php
View File

@@ -359,14 +359,18 @@ function CAdb_explode_entry($dbentry) {
break; break;
} }
sscanf(CA_cert_startdate($a[3]),"%s %s %s %s", $mm,$dd,$tt,$yy); // CA_cert_start/enddate
// A date will be returned in this format
// Feb 27 16:00:09 2020 GMT
sscanf(CA_cert_startdate($a[3]),"%s%s%s%s", $mm,$dd,$tt,$yy);
$db['issued'] = strftime("%Y-%b-%d", strtotime("$yy-$mm-$dd")); $db['issued'] = strftime("%Y-%b-%d", strtotime("$yy-$mm-$dd"));
sscanf(CA_cert_enddate($a[3]), "%s %s %s %s",$mm,$dd,$tt,$yy); sscanf(CA_cert_enddate($a[3]), "%s%s%s%s",$mm,$dd,$tt,$yy);
$db['expires'] = strftime("%Y-%b-%d", strtotime("$yy-$mm-$dd")); $db['expires'] = strftime("%Y-%b-%d", strtotime("$yy-$mm-$dd"));
if (time() > strtotime("$mm-$dd-$yy")) if (time() > strtotime("$yy-$mm-$dd")) {
$db['status'] = "Expired"; $db['status'] = "Expired";
}
// Compatibility with migrated certs from openvpn-bridge // Compatibility with migrated certs from openvpn-bridge
@@ -420,8 +424,10 @@ function CAdb_is_revoked($serial) {
if ($x) { if ($x) {
list($j,$j,$revoke_date,$j,$j,$j) = explode("\t", $x); list($j,$j,$revoke_date,$j,$j,$j) = explode("\t", $x);
// Revoke date = 'R' + start date and is in this format
// 200227162209Z
sscanf($revoke_date, "%2s%2s%2s",$yy,$mm,$dd); sscanf($revoke_date, "%2s%2s%2s",$yy,$mm,$dd);
return strftime("%b %d, %Y", strtotime("$mm/$dd/$yy")); return strftime("%b %d, %Y", strtotime("$yy-$mm-$dd"));
} }
else else
return false; return false;
@@ -659,7 +665,7 @@ function CA_create_cert($cert_type='email',$country,$province,$locality,$organiz
function CA_renew_cert($old_serial,$expiry,$passwd) { function CA_renew_cert($old_serial,$expiry,$passwd) {
global $config; global $config;
# Don't renew a revoked certificate if a valid one exists for this # Do not renew a revoked certificate if a valid one exists for this
# URL. Find and renew the valid certificate instead. # URL. Find and renew the valid certificate instead.
if (CAdb_is_revoked($old_serial)) { if (CAdb_is_revoked($old_serial)) {
$ret = CAdb_in(CA_cert_email($old_serial),CA_cert_cname($old_serial)); $ret = CAdb_in(CA_cert_email($old_serial),CA_cert_cname($old_serial));
@@ -761,10 +767,10 @@ function CA_renew_cert($old_serial,$expiry,$passwd) {
fclose($fd); fclose($fd);
# https://github.com/radicand/phpki/issues/14 # https://github.com/radicand/phpki/issues/14
if (ereg('E-mail Protection', $certtext) && ereg('Code Signing', $certtest)) { if (preg_match('E-mail Protection', $certtext) && preg_match('Code Signing', $certtest)) {
$cert_type = 'email_signing'; $cert_type = 'email_signing';
} }
if (ereg('E-mail Protection', $certtext)) { if (preg_match('E-mail Protection', $certtext)) {
$cert_type = 'email'; $cert_type = 'email';
} }