smecontribs/phpki
6
0
Fork 0
generated from smedev/Template-for-SMEServer-Contribs-Package
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

patches applied from our bz and from sourceforge tickets

Browse Source 
phpki-0.82.bz10622.fixphpwarnings.patch         phpki-0.82-empty_pass_php_5.2.patch      phpki-0.82-remove_email_from_upload_file_name.patch
phpki-0.82-ca_admin_users.patch                 phpki-0.82-expirey.patch                 phpki-0.82-remove_security_warning.patch
phpki-0.82-ca_help.patch                        phpki-0.82-fix-dates-2.patch             phpki-0.82-sme_admin_user.patch
phpki-0.82-disable_download_after_create.patch  phpki-0.82-fix-dates-3.patch             phpki-0.82-sme_openvpn_bridge_compat.patch
phpki-0.82-display_root_pem.patch               phpki-0.82-fix-dates.patch               phpki-0.82-update_crl_via_cron.patch
phpki-0.82-dl_crl_in_pem.patch                  phpki-0.82-fix-preg_match.patch          phpki-0.82-use_sha1.patch
phpki-0.82-dl_display_ta_dh.patch               phpki-0.82-openvpn_static_key.patch
phpki-0.82-email_signing.patch                  phpki-0.82-potential_xss_php_self.patch
This commit is contained in:
Jean-Philippe Pialasse
2025-09-10 23:04:01 -04:00
parent 66ea908568
commit 245e1bcd0b
12 changed files with 299 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

40
root/ca/manage_certs.php
View File

@@ -20,12 +20,6 @@ $show_valid = gpvar('show_valid');
$show_revoked = gpvar('show_revoked');
$show_expired = gpvar('show_expired');
# Prevent handling certs that don't belong to user
if ($serial && CAdb_issuer($serial) != $PHPki_user && ! in_array($PHPki_user, $PHPki_admins)) {
$stage = 'goaway';
}
if ( !($show_valid.$show_revoked.$show_expired) ) {
$show_valid = 'V';
$show_revoked = 'R';
@@ -92,19 +86,19 @@ case 'download':
switch ($dl_type) {
case 'PKCS#12':
upload("$config[pfx_dir]/$serial.pfx", "$rec[common_name] ($rec[email]).p12", 'application/x-pkcs12');
upload("$config[pfx_dir]/$serial.pfx", "$rec[common_name].p12", 'application/x-pkcs12');
break;
case 'PEMCERT':
upload("$config[new_certs_dir]/$serial.pem", "$rec[common_name] ($rec[email]).pem",'application/pkix-cert');
upload("$config[new_certs_dir]/$serial.pem", "$rec[common_name]-cert.pem",'application/pkix-cert');
break;
case 'PEMKEY':
upload("$config[private_dir]/$serial-key.pem", "$rec[common_name] ($rec[email])-key.pem",'application/octet-stream');
upload("$config[private_dir]/$serial-key.pem", "$rec[common_name]-key.pem",'application/octet-stream');
break;
case 'PEMBUNDLE':
upload(array("$config[private_dir]/$serial-key.pem","$config[new_certs_dir]/$serial.pem"), "$rec[common_name] ($rec[email]).pem",'application/octet-stream');
upload(array("$config[private_dir]/$serial-key.pem","$config[new_certs_dir]/$serial.pem"), "$rec[common_name]-bundle.pem",'application/octet-stream');
break;
case 'PEMCABUNDLE':
upload(array("$config[private_dir]/$serial-key.pem","$config[new_certs_dir]/$serial.pem",$config['cacert_pem']), "$rec[common_name] ($rec[email]).pem",'application/octet-stream');
upload(array("$config[private_dir]/$serial-key.pem","$config[new_certs_dir]/$serial.pem",$config['cacert_pem']), "$rec[common_name]-bundle-root.pem",'application/octet-stream');
break;
default:
header("Location: ${PHP_SELF}?$qstr_sort&$qstr_filter");
@@ -129,6 +123,7 @@ case 'revoke-form':
Locality<br>
State/Province<br>
Country<br>
</p>
</td>
<?
@@ -145,7 +140,7 @@ case 'revoke-form':
</td>
</tr></table>
<h4>Are you sure?</h4>
<p><form action="'.$PHP_SELF.'?'.$qstr_sort.'&'.$qstr_filter.'" method=post>
<form action="'.$PHP_SELF.'?'.$qstr_sort.'&'.$qstr_filter.'" method=post>
<input type=hidden name=stage value=revoke >
<input type=hidden name=serial value='.$serial.' >
<input type=submit name=submit value=Yes >&nbsp
@@ -204,7 +199,7 @@ case 'renew-form':
printHeader('ca');
?>
<body onLoad="self.focus();document.form.passwd.focus()">
<body onLoad="self.focus();document.form.passwd.focus();">
<form action="<?=$PHP_SELF.'?'.$qstr_sort.'&'.$qstr_filter?>" method=post name=form>
<table width=99%>
@@ -252,8 +247,10 @@ case 'renew-form':
<td><select name=expiry>
<?
print "<option value=0.25 ". ($expiry == 0.25 ? "selected='selected'" : "") . " >3 Months</option>\n" ;
print "<option value=0.5 ". ($expiry == 0.5 ? "selected='selected'" : "") . " >6 Months</option>\n" ;
print "<option value=1 " . ($expiry == 1 ? "selected='selected'" : "") . " >1 Year</option>\n" ;
for ( $i = 2 ; $i < 6 ; $i++ ) {
for ( $i = 2 ; $i <= 5 ; $i++ ) {
print "<option value=$i " . ($expiry == $i ? "selected='selected'" : "") . " >$i Years</option>\n" ;
}
@@ -289,8 +286,7 @@ case 'renew':
print "<form action=\"$PHP_SELF?stage=renew-form&serial=$serial&$qstr_sort&$qstr_filter\" method=post>";
?>
<font color=#ff0000>
<h2>There was an error creating your certificate
.</h2></font><br>
<h2>There was an error creating your certificate.</h2></font><br>
<blockquote>
<h3>Debug Info:</h3>
<pre><?=$errtxt?></pre>
@@ -312,14 +308,13 @@ default:
printHeader('ca');
?>
<body onLoad="self.focus();document.filter.search.focus()">
<body onLoad="self.focus();document.filter.search.focus();">
<table>
<tr><th colspan=8><big>CERTIFICATE MANAGEMENT CONTROL PANEL</big></th></tr>
<tr><td colspan=8><center>
<form action="<?="$PHP_SELF?$qstr_sort"?>" method=get name=filter>
Search: <input type=text name=search value="<?=htvar($search)?>" style="font-size: 11px;" maxlength=60 size=30>
&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type=checkbox name=show_valid value="V" <?=($show_valid?'checked'
:'')?>>Valid
&nbsp&nbsp&nbsp&nbsp&nbsp&nbsp<input type=checkbox name=show_valid value="V" <?=($show_valid?'checked':'')?>>Valid
&nbsp&nbsp<input type=checkbox name=show_revoked value="R" <?=($show_revoked?'checked':'')?>>Revoked
&nbsp&nbsp<input type=checkbox name=show_expired value="E" <?=($show_expired?'checked':'')?>>Expired
&nbsp&nbsp&nbsp&nbsp&nbsp<input type=submit name=submit value="Apply Filter" style="font-size: 11px;">
@@ -364,12 +359,7 @@ default:
$x = "^[$show_valid$show_revoked$show_expired]";
if (in_array($PHPki_user, $PHPki_admins)) {
$x = "$x.*$search";
}
else {
$x = "$x.*$search.*$PHPki_user|$x.*$PHPki_user.*$search";
}
$x = "$x.*$search";
$db = csort(CAdb_to_array($x), $sortfield, ($ascdec=='A'?SORT_ASC:SORT_DESC));