2025-09-10 23:01:43 -04:00
|
|
|
<?php
|
|
|
|
|
#
|
|
|
|
|
# This is to support the NetscapeRevocationURL extension that can
|
|
|
|
|
# be used to check the validity of certificates issued by this CA.
|
|
|
|
|
# The URL to this script is embeded in all certificates issued by
|
|
|
|
|
# this CA.
|
|
|
|
|
#
|
|
|
|
|
# PROTOCOL:
|
|
|
|
|
# The client should issue an HTTP GET request using a URL that is
|
2025-09-11 00:03:08 -04:00
|
|
|
# the concatenation of the revocation url and certificate serial
|
2025-09-10 23:01:43 -04:00
|
|
|
# number. (i.e. http://www.host.dom/phpki/ns_revoke_query.php?10A5F2)
|
|
|
|
|
#
|
2025-09-11 00:03:08 -04:00
|
|
|
# The server should return a document of type
|
2025-09-10 23:01:43 -04:00
|
|
|
# application/x-netscape-revocation containing a single character
|
|
|
|
|
# '1' if the certificate is revoked, '0' if it is valid.
|
|
|
|
|
#
|
2025-09-11 00:03:08 -04:00
|
|
|
include('./config.php');
|
2025-09-10 23:01:43 -04:00
|
|
|
include(STORE_DIR.'/config/config.php');
|
2025-09-11 00:08:25 -04:00
|
|
|
$serial=trim($_SERVER['QUERY_STRING']);
|
|
|
|
|
if ( ! is_numeric($serial) ) {
|
|
|
|
|
# if it is not a numerical serial, then it is not revoked!
|
|
|
|
|
print '0';
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
$serial = escapeshellcmd($serial);
|
2025-09-11 00:03:08 -04:00
|
|
|
#header("Content-type: application/x-netscape-revocation");
|
|
|
|
|
|
2025-09-11 00:08:25 -04:00
|
|
|
$regexp = "^R\t.*\t.*\t$serial\t.*\t.*$";
|
2025-09-11 00:03:08 -04:00
|
|
|
$configIndex = $config['index'];
|
|
|
|
|
|
|
|
|
|
if (exec("egrep '$regexp' '$configIndex'")) {
|
|
|
|
|
print '1';
|
|
|
|
|
} else {
|
|
|
|
|
print '0';
|
|
|
|
|
}
|
