deprecated/phpki-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix Config typo. Re-order preg_match

Browse Source
This commit is contained in:
John Crisp
2021-03-08 13:23:58 +01:00
parent a888cd4aa6
commit a2c1081b34
2 changed files with 16 additions and 23 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
include/my_functions.php
View File

@@ -270,7 +270,7 @@ function is_fqdn($FQDN)
# as a match is found. # as a match is found.
# #
function eregi_array($regexp, $arr) function preg_match_array($regexp, $arr)
{ {
foreach ($arr as $elem) { foreach ($arr as $elem) {

37
include/openssl_functions.php
View File

@@ -601,7 +601,7 @@ function CA_revoke_cert($serial)
$cmd_output[] = 'Revoking the certificate.'; $cmd_output[] = 'Revoking the certificate.';
$configCa_pwd = $config['ca_pwd']; $configCa_pwd = $config['ca_pwd'];
$configOpenssl_cnf = $config['openssl_cnf']; $configOpenssl_cnf = $config['openssl_cnf'];
exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$ConfigCa_pwd 2>&1", $cmd_output, $ret); exec(CA." -config $configOpenssl_cnf -revoke ".escshellarg($certfile)." -passin pass:$configCa_pwd 2>&1", $cmd_output, $ret);
if ($ret == 0) { if ($ret == 0) {
unset($cmd_output); unset($cmd_output);
@@ -836,13 +836,13 @@ function CA_renew_cert($old_serial, $expiry, $passwd)
#Unlock the CA database #Unlock the CA database
fclose($fd); fclose($fd);
# https://github.com/radicand/phpki/issues/14 //# https://github.com/radicand/phpki/issues/14 - but ereg is deprecated
if (preg_match('E-mail Protection', $certtext) && preg_match('Code Signing', $certtest)) { if (preg_match('/E-mail Protection/', $certtext)) {
$cert_type = 'email_signing';
}
if (preg_match('E-mail Protection', $certtext)) {
$cert_type = 'email'; $cert_type = 'email';
} }
if (preg_match('/E-mail Protection/', $certtext) && preg_match('/Code Signing/', $certtext)) {
$cert_type = 'email_signing';
}
#Remove temporary openssl config file. #Remove temporary openssl config file.
if (file_exists($cnf_file)) { if (file_exists($cnf_file)) {
@@ -855,7 +855,7 @@ function CA_renew_cert($old_serial, $expiry, $passwd)
# Not successful, so clean up before exiting. # Not successful, so clean up before exiting.
CA_remove_cert($serial); CA_remove_cert($serial);
if (eregi_array('.*private key.*', $cmd_output)) { if (preg_match_array('.*private key.*', $cmd_output)) {
$cmd_output[] = '<strong>This was likely caused by entering the wrong certificate password.</strong>'; $cmd_output[] = '<strong>This was likely caused by entering the wrong certificate password.</strong>';
} else { } else {
$cmd_output[] = '<strong>Click on the "Help" link above for information on how to report this problem.</strong>'; $cmd_output[] = '<strong>Click on the "Help" link above for information on how to report this problem.</strong>';
@@ -946,27 +946,20 @@ function CA_cert_type($serial)
$certtext = CA_cert_text($serial); $certtext = CA_cert_text($serial);
#if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext) && ereg('Code Signing', $certtest)) {
if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext) && preg_match('~Code Signing~', $certtest)) {
$cert_type = 'email_codesigning';
}
#if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext)) {
if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext)) { if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext)) {
$cert_type = 'email'; $cert_type = 'email';
} #elseif (ereg('OpenSSL.* Server .*Certificate', $certtext)) { }
elseif (preg_match('~OpenSSL.* Server .*Certificate~', $certtext)) { if (preg_match('~OpenSSL.* (E.?mail|Personal) .*Certificate~', $certtext) && preg_match('~Code Signing~', $certtext)) {
$cert_type = 'email_signing'; // Was 'codesigning' but can't see that anywhere
} elseif (preg_match('~OpenSSL.* Server .*Certificate~', $certtext)) {
$cert_type = 'server'; $cert_type = 'server';
} #elseif (ereg('timeStamping|Time Stamping', $certtext)) { } elseif (preg_match('~timeStamping|Time Stamping~', $certtext)) {
elseif (preg_match('~timeStamping|Time Stamping~', $certtext)) {
$cert_type = 'time_stamping'; $cert_type = 'time_stamping';
} #elseif (ereg('TLS Web Client Authentication', $certtext) && ereg('TLS Web Server Authentication', $certtext)) { } elseif (preg_match('~TLS Web Client Authentication~', $certtext) && preg_match('~TLS Web Server Authentication~', $certtext)) {
elseif (preg_match('~TLS Web Client Authentication~', $certtext) && preg_match('~TLS Web Server Authentication~', $certtext)) {
$cert_type = 'vpn_client_server'; $cert_type = 'vpn_client_server';
} #elseif (ereg('TLS Web Client Authentication', $certtext)) { } elseif (preg_match('~TLS Web Client Authentication~', $certtext)) {
elseif (preg_match('~TLS Web Client Authentication~', $certtext)) {
$cert_type = 'vpn_client'; $cert_type = 'vpn_client';
} #elseif (ereg('TLS Web Server Authentication', $certtext)) { } elseif (preg_match('~TLS Web Server Authentication~', $certtext)) {
elseif (preg_match('~TLS Web Server Authentication~', $certtext)) {
$cert_type = 'vpn_server'; $cert_type = 'vpn_server';
} else { } else {
$cert_type = 'vpn_client_server'; $cert_type = 'vpn_client_server';