deprecated/phpki-ng
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fixed nsRevocationUrl

Browse Source 
fixed nsRevocationUrl.
fixed Empty DNS Names Strings
This commit is contained in:
majestick
2013-07-22 06:24:54 +02:00
parent 44be2519fb
commit d13be16a79
1 changed files with 13 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
include/openssl_functions.php
View File

@@ -5,7 +5,7 @@
// File name is placed in ./tmp with a random name. It lingers unless // File name is placed in ./tmp with a random name. It lingers unless
// removed manually. // removed manually.
// //
function CA_create_cnf($country='',$province='',$locality='',$organization='',$unit='',$common_name='',$email='',$keysize=4096,$dns_names='',$ip_addr='') { function CA_create_cnf($country='',$province='',$locality='',$organization='',$unit='',$common_name='',$email='',$keysize=4096,$dns_names='',$ip_addr='',$serial='') {
global $config, $PHPki_user; global $config, $PHPki_user;
$issuer = $PHPki_user; $issuer = $PHPki_user;
@@ -18,22 +18,25 @@ function CA_create_cnf($country='',$province='',$locality='',$organization='',$u
$dns_n=explode("\n", $dns_names); $dns_n=explode("\n", $dns_names);
$count_dns = $count_dns + 1; $count_dns = $count_dns + 1;
$alt_names .= "DNS.$count_dns = $common_name\n"; $alt_names .= "DNS.$count_dns = $common_name\n";
foreach ($dns_n as $value) { foreach ($dns_n as $value) {
if (! $value == '') {
$count_dns = $count_dns + 1; $count_dns = $count_dns + 1;
$alt_names .= "DNS.$count_dns = ".trim($value)."\n"; $alt_names .= "DNS.$count_dns = ".trim($value)."\n";
} }
} }
}
if (! $ip_addr == '') { if (! $ip_addr == '') {
$ip_ar=explode("\n", $ip_addr); $ip_ar=explode("\n", $ip_addr);
foreach ($ip_ar as $value) { foreach ($ip_ar as $value) {
if (! $value == '') {
$count_dns = $count_dns + 1; $count_dns = $count_dns + 1;
$count_ip = $count_ip + 1; $count_ip = $count_ip + 1;
$alt_names .= "DNS.$count_dns = ".trim($value)."\n"; $alt_names .= "DNS.$count_dns = ".trim($value)."\n";
$alt_names .= "IP.$count_ip = ".trim($value)."\n"; $alt_names .= "IP.$count_ip = ".trim($value)."\n";
} }
} }
}
if (($count_dns > 0) || ($count_ip > 0)) { if (($count_dns > 0) || ($count_ip > 0)) {
$server_altnames = "@alt_names"; $server_altnames = "@alt_names";
@@ -135,7 +138,7 @@ subjectKeyIdentifier = hash
subjectAltName = email:copy subjectAltName = email:copy
crlDistributionPoints = URI:$config[base_url]index.php?stage=dl_crl crlDistributionPoints = URI:$config[base_url]index.php?stage=dl_crl
nsComment = \"PHPki/OpenSSL Generated Root Certificate\" nsComment = \"PHPki/OpenSSL Generated Root Certificate\"
#nsCaRevocationUrl = $config[base_url]ns_revoke_query.php?$config[serial] #nsCaRevocationUrl = $config[base_url]ns_revoke_query.php?$serial
nsCaPolicyUrl = $config[base_url]policy.html nsCaPolicyUrl = $config[base_url]policy.html
[ email_ext ] [ email_ext ]
@@ -150,7 +153,7 @@ issuerAltName = issuer:copy
crlDistributionPoints = URI:$config[base_url]index.php?stage=dl_crl crlDistributionPoints = URI:$config[base_url]index.php?stage=dl_crl
nsComment = \"PHPki/OpenSSL Generated Personal Certificate\" nsComment = \"PHPki/OpenSSL Generated Personal Certificate\"
nsBaseUrl = $config[base_url] nsBaseUrl = $config[base_url]
nsRevocationUrl = $config[base_url]ns_revoke_query.php?$config[serial] nsRevocationUrl = $config[base_url]ns_revoke_query.php?$serial
nsCaPolicyUrl = $config[base_url]policy.html nsCaPolicyUrl = $config[base_url]policy.html
[ email_signing_ext ] [ email_signing_ext ]
@@ -165,7 +168,7 @@ issuerAltName = issuer:copy
crlDistributionPoints = URI:$config[base_url]index.php?stage=dl_crl crlDistributionPoints = URI:$config[base_url]index.php?stage=dl_crl
nsComment = \"PHPki/OpenSSL Generated Personal Certificate\" nsComment = \"PHPki/OpenSSL Generated Personal Certificate\"
nsBaseUrl = $config[base_url] nsBaseUrl = $config[base_url]
nsRevocationUrl = $config[base_url]ns_revoke_query.php?$config[serial] nsRevocationUrl = $config[base_url]ns_revoke_query.php?$serial
nsCaPolicyUrl = $config[base_url]policy.html nsCaPolicyUrl = $config[base_url]policy.html
[ server_ext ] [ server_ext ]
@@ -180,7 +183,7 @@ issuerAltName = issuer:copy
crlDistributionPoints = URI:$config[base_url]index.php?stage=dl_crl crlDistributionPoints = URI:$config[base_url]index.php?stage=dl_crl
nsComment = \"PHPki/OpenSSL Generated Server Certificate\" nsComment = \"PHPki/OpenSSL Generated Server Certificate\"
nsBaseUrl = $config[base_url] nsBaseUrl = $config[base_url]
nsRevocationUrl = $config[base_url]ns_revoke_query.php?$config[serial] nsRevocationUrl = $config[base_url]ns_revoke_query.php?$serial
nsCaPolicyUrl = $config[base_url]policy.html nsCaPolicyUrl = $config[base_url]policy.html
[ time_stamping_ext ] [ time_stamping_ext ]
@@ -194,7 +197,7 @@ issuerAltName = issuer:copy
crlDistributionPoints = URI:$config[base_url]index.php?stage=dl_crl crlDistributionPoints = URI:$config[base_url]index.php?stage=dl_crl
nsComment = \"PHPki/OpenSSL Generated Time Stamping Certificate\" nsComment = \"PHPki/OpenSSL Generated Time Stamping Certificate\"
nsBaseUrl = $config[base_url] nsBaseUrl = $config[base_url]
nsRevocationUrl = $config[base_url]ns_revoke_query.php?$config[serial] nsRevocationUrl = $config[base_url]ns_revoke_query.php?$serial
[ vpn_client_ext ] [ vpn_client_ext ]
basicConstraints = critical, CA:false basicConstraints = critical, CA:false
@@ -519,7 +522,7 @@ function CA_create_cert($cert_type='email',$country,$province,$locality,$organiz
$expiry_days = round($expiry * 365.25, 0); $expiry_days = round($expiry * 365.25, 0);
$cnf_file = CA_create_cnf($country,$province,$locality,$organization,$unit,$common_name,$email,$keysize,$dns_names,$ip_addr); $cnf_file = CA_create_cnf($country,$province,$locality,$organization,$unit,$common_name,$email,$keysize,$dns_names,$ip_addr,$serial);
# Escape certain dangerous characters in user input # Escape certain dangerous characters in user input
$email = escshellcmd($email); $email = escshellcmd($email);