From a2c1081b340183a0f6a268600c631fbce0e9467c Mon Sep 17 00:00:00 2001
From: John Crisp <jcrisp@safeandsoundit.co.uk>
Date: Mon, 8 Mar 2021 13:23:58 +0100
Subject: [PATCH] Fix Config typo. Re-order preg_match

---
 include/my_functions.php      |  2 +-
 include/openssl_functions.php | 37 ++++++++++++++---------------------
 2 files changed, 16 insertions(+), 23 deletions(-)

diff --git a/include/my_functions.php b/include/my_functions.php
index 1a28470..f49953c 100644
--- a/include/my_functions.php
+++ b/include/my_functions.php
@@ -270,7 +270,7 @@ function is_fqdn($FQDN)
 # as a match is found.
 #
 
-function eregi_array($regexp, $arr)
+function preg_match_array($regexp, $arr)
 {
 
     foreach ($arr as $elem) {
diff --git a/include/openssl_functions.php b/include/openssl_functions.php
index 5e5735e..afa42cd 100644
--- a/include/openssl_functions.php
+++ b/include/openssl_functions.php
@@ -601,7 +601,7 @@ function CA_revoke_cert($serial)
     $cmd_output[] = 'Revoking the certificate.';
     $configCa_pwd = $config['ca_pwd'];
     $configOpenssl_cnf = $config['openssl_cnf'];
-    exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$ConfigCa_pwd 2>&1", $cmd_output, $ret);
+    exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$configCa_pwd 2>&1", $cmd_output, $ret);
 
     if ($ret == 0) {
         unset($cmd_output);
@@ -836,13 +836,13 @@ function CA_renew_cert($old_serial, $expiry, $passwd)
     #Unlock the CA database
     fclose($fd);
 
-    # https://github.com/radicand/phpki/issues/14
-    if (preg_match('E-mail Protection', $certtext) && preg_match('Code Signing', $certtest)) {
-        $cert_type = 'email_signing';
-    }
-    if (preg_match('E-mail Protection', $certtext)) {
+    //# https://github.com/radicand/phpki/issues/14 - but ereg is deprecated
+    if (preg_match('/E-mail Protection/', $certtext)) {
         $cert_type = 'email';
     }
+    if (preg_match('/E-mail Protection/', $certtext) && preg_match('/Code Signing/', $certtext)) {
+        $cert_type = 'email_signing';
+    }
 
     #Remove temporary openssl config file.
     if (file_exists($cnf_file)) {
@@ -855,7 +855,7 @@ function CA_renew_cert($old_serial, $expiry, $passwd)
         # Not successful, so clean up before exiting.
         CA_remove_cert($serial);
 
-        if (eregi_array('.*private key.*', $cmd_output)) {
+        if (preg_match_array('.*private key.*', $cmd_output)) {
             $cmd_output[] = '<strong>This was likely caused by entering the wrong certificate password.</strong>';
         } else {
             $cmd_output[] = '<strong>Click on the "Help" link above for information on how to report this problem.</strong>';
@@ -946,27 +946,20 @@ function CA_cert_type($serial)
 
     $certtext = CA_cert_text($serial);
 
-    #if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext) && ereg('Code Signing', $certtest)) {
-    if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext) && preg_match('~Code Signing~', $certtest)) {
-        $cert_type = 'email_codesigning';
-    }
-    #if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext)) {
     if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext)) {
         $cert_type = 'email';
-    } #elseif (ereg('OpenSSL.* Server .*Certificate', $certtext)) {
-    elseif (preg_match('~OpenSSL.* Server .*Certificate~', $certtext)) {
+    }
+    if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext) && preg_match('~Code Signing~', $certtext)) {
+        $cert_type = 'email_signing'; // Was 'codesigning' but can't see that anywhere
+    } elseif (preg_match('~OpenSSL.* Server .*Certificate~', $certtext)) {
         $cert_type = 'server';
-    } #elseif (ereg('timeStamping|Time Stamping', $certtext)) {
-    elseif (preg_match('~timeStamping|Time Stamping~', $certtext)) {
+    } elseif (preg_match('~timeStamping|Time Stamping~', $certtext)) {
         $cert_type = 'time_stamping';
-    } #elseif (ereg('TLS Web Client Authentication', $certtext) && ereg('TLS Web Server Authentication', $certtext)) {
-    elseif (preg_match('~TLS Web Client Authentication~', $certtext) && preg_match('~TLS Web Server Authentication~', $certtext)) {
+    } elseif (preg_match('~TLS Web Client Authentication~', $certtext) && preg_match('~TLS Web Server Authentication~', $certtext)) {
         $cert_type = 'vpn_client_server';
-    } #elseif (ereg('TLS Web Client Authentication', $certtext)) {
-    elseif (preg_match('~TLS Web Client Authentication~', $certtext)) {
+    } elseif (preg_match('~TLS Web Client Authentication~', $certtext)) {
         $cert_type = 'vpn_client';
-    } #elseif (ereg('TLS Web Server Authentication', $certtext)) {
-    elseif (preg_match('~TLS Web Server Authentication~', $certtext)) {
+    } elseif (preg_match('~TLS Web Server Authentication~', $certtext)) {
         $cert_type = 'vpn_server';
     } else {
         $cert_type = 'vpn_client_server';