smecontribs/phpki
6
0
Fork 0
generated from smedev/Template-for-SMEServer-Contribs-Package
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

patches applied from our bz and from sourceforge tickets

Browse Source 
phpki-0.82.bz10622.fixphpwarnings.patch         phpki-0.82-empty_pass_php_5.2.patch      phpki-0.82-remove_email_from_upload_file_name.patch
phpki-0.82-ca_admin_users.patch                 phpki-0.82-expirey.patch                 phpki-0.82-remove_security_warning.patch
phpki-0.82-ca_help.patch                        phpki-0.82-fix-dates-2.patch             phpki-0.82-sme_admin_user.patch
phpki-0.82-disable_download_after_create.patch  phpki-0.82-fix-dates-3.patch             phpki-0.82-sme_openvpn_bridge_compat.patch
phpki-0.82-display_root_pem.patch               phpki-0.82-fix-dates.patch               phpki-0.82-update_crl_via_cron.patch
phpki-0.82-dl_crl_in_pem.patch                  phpki-0.82-fix-preg_match.patch          phpki-0.82-use_sha1.patch
phpki-0.82-dl_display_ta_dh.patch               phpki-0.82-openvpn_static_key.patch
phpki-0.82-email_signing.patch                  phpki-0.82-potential_xss_php_self.patch
This commit is contained in:
Jean-Philippe Pialasse
2025-09-10 23:04:01 -04:00
parent 66ea908568
commit 245e1bcd0b
12 changed files with 299 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
root/setup.php-presetup
View File

@@ -102,6 +102,11 @@ case 'validate':
if (! $passwd_file) $er .= 'Missing User Password File Location';
if (! $store_dir) $er .= 'Missing Storage Directory<br>';
$countrycode = strtoupper($country);
if (! preg_match("/\b[A-Z][A-Z]\b/", $countrycode, $match) ) {
$er .= 'Country Code must be ISO 3166 two letters <br>';
}
if ( $passwd && strlen($passwd) < 8 )
$er .= 'Certificate password is too short.<br>';
@@ -248,7 +253,7 @@ case 'write':
# Default OpenSSL Config File.
\$config['openssl_cnf'] = \$config['home_dir'] . '/config/openssl.cnf';
\$PHPki_admins = Array(md5('pkiadmin'));
\$PHPki_admins = Array(md5('admin'));
define('OPENSSL',\$config['openssl_bin'].' ');
define('X509', OPENSSL . ' x509 ');
@@ -314,7 +319,7 @@ crl_extensions = crl_ext
default_days = 365
default_crl_days = 30
preserve = no
default_md = md5
default_md = sha1
[ ca ]
default_ca = email_cert
@@ -604,6 +609,17 @@ EOS;
flush();
flush_exec($cmd,100);
#
# Create a TLS auth key for OpenVPN.
#
print '<p><strong>Creating a TLS authentication key used by OpenVPN.<br>';
print "Saving to $store_dir/takey.pem.</strong><br>";
$cmd = "openvpn --genkey --secret '$config[private_dir]/takey.pem'";
print $cmd.'<br>';
flush();
flush_exec($cmd);
#print '<p><strong>Creating 2048 bit Diffie-Hellman parameters used by OpenVPN.<br>';
#print "Saving to $store_dir/dhparam2048.pem.</strong><br>";
@@ -624,7 +640,6 @@ EOS;
?>
<center>
<h2>Setup is complete. Your CA root certificate as been created.</h2>
<h3><font color=red>SECURITY WARNING!&nbsp;&nbsp; Be sure to run the <cite>secure.sh</cite> shell script as the <strong>root</strong> user.</font></h3>
<p><br><br>
<form action=index.php>
<input type=submit name=submit value="Proceed To The PHPki Main Menu">
@@ -752,9 +767,8 @@ E-mail: <a href=mailto:someone@somewhere.com>someone@somewhere.com</a>&nbsp;&nbs
<td><select name=expiry>
<?
for ( $i = 5 ; $i < 20 ; $i+=5 ) {
print "<option value=$i " . ($expiry == $i ? "selected='selected
'" : "") . " >$i Years</option>\n" ;
for ( $i = 5 ; $i <= 20 ; $i+=5 ) {
print "<option value=$i " . ($expiry == $i ? "selected='selected'" : "") . " >$i Years</option>\n" ;
}
?>
@@ -770,8 +784,7 @@ E-mail: <a href=mailto:someone@somewhere.com>someone@somewhere.com</a>&nbsp;&nbs
<?
for ( $i = 512 ; $i <= 4096 ; $i+=512 ) {
print "<option value=$i " . ($keysize == $i ? "selected='selected
'" : "") . " >$i bits</option>\n" ;
print "<option value=$i " . ($keysize == $i ? "selected='selected'" : "") . " >$i bits</option>\n" ;
}
?>