summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2013-04-18 03:10:48 +0200
committerMichael Tänzer <neo@nhng.de>2013-04-18 03:10:48 +0200
commit92b4eed884f11d03ebec06376cdfd7ea05f109a8 (patch)
tree885b34375765bbed3bc1ec4c9ed72b9ecd20cd32
parent5fbb627932cd893addeb57fb0d131a9267d23eb2 (diff)
downloadcacert-devel-bug-901.tar.gz
cacert-devel-bug-901.tar.xz
cacert-devel-bug-901.zip
bug 901: unify client cert displaybug-901
Signed-off-by: Michael Tänzer <neo@nhng.de>
-rw-r--r--includes/account_stuff.php79
-rw-r--r--pages/account/19.php84
-rw-r--r--pages/account/6.php70
3 files changed, 81 insertions, 152 deletions
diff --git a/includes/account_stuff.php b/includes/account_stuff.php
index ad30ad8..caf22ac 100644
--- a/includes/account_stuff.php
+++ b/includes/account_stuff.php
@@ -325,3 +325,82 @@ function showfooter()
</html>
<?
}
+
+/**
+ * Provides installation and download of a client cert
+ *
+ * @param string $cert_file The file system path to the certificate file
+ * @param string $cert_url The URL to the page displaying this information (i.e.
+ * the page that called show_client_cert())
+ * @param string $download_file_name File name proposed when downloading the cert
+ */
+function show_client_cert($cert_file, $cert_url, $download_file_name) {
+ if (array_key_exists('format', $_REQUEST)) {
+ // Which output format?
+ if ($_REQUEST['format'] === 'der') {
+ $outform = '-outform DER';
+ $extension = 'cer';
+ } else {
+ $outform = '-outform PEM';
+ $extension = 'crt';
+ }
+
+ $crtname=escapeshellarg($cert_file);
+ $cert = `/usr/bin/openssl x509 -in $crtname $outform`;
+
+ header("Content-Type: application/pkix-cert");
+ header("Content-Length: ".strlen($cert));
+
+ $fname = sanitizeFilename($download_file_name);
+ if ($fname=="") $fname="certificate";
+ header("Content-Disposition: attachment; filename=\"${fname}.${extension}\"");
+
+ echo $cert;
+ exit;
+
+ } elseif (array_key_exists('install', $_REQUEST)) {
+ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
+ strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {
+
+ // Handle IE
+ //TODO
+
+ } else {
+ // All other browsers
+ $crtname=escapeshellarg($cert_file);
+ $cert = `/usr/bin/openssl x509 -in $crtname -outform DER`;
+
+ header("Content-Type: application/x-x509-user-cert");
+ header("Content-Length: ".strlen($cert));
+
+ $fname = sanitizeFilename($download_file_name);
+ if ($fname=="") $fname="certificate";
+ header("Content-Disposition: inline; filename=\"${fname}.cer\"");
+
+ echo $cert;
+ exit;
+ }
+
+ } else {
+ showheader(_("My CAcert.org Account!"), _("Install your certificate"));
+ echo '<ul class="no_indent">';
+ echo "<li><a href='$cert_url&amp;install'>".
+ _("Install the certificate into your browser").
+ "</a></li>\n";
+
+ echo "<li><a href='$cert_url&amp;format=pem'>".
+ _("Download the certificate in PEM format")."</a></li>\n";
+
+ echo "<li><a href='$cert_url&amp;format=der'>".
+ _("Download the certificate in DER format")."</a></li>\n";
+ echo '</ul>';
+
+ // Allow to directly copy and paste the cert in PEM format
+ $crtname=escapeshellarg($cert_file);
+ $cert = `/usr/bin/openssl x509 -in $crtname -outform PEM`;
+ echo "<pre>$cert</pre>";
+
+ showfooter();
+ exit;
+ }
+}
diff --git a/pages/account/19.php b/pages/account/19.php
index 6a2749c..352e203 100644
--- a/pages/account/19.php
+++ b/pages/account/19.php
@@ -30,87 +30,5 @@
exit;
}
$row = mysql_fetch_assoc($res);
- $crtname=escapeshellarg($row['crt_name']);
- $cert = `/usr/bin/openssl x509 -in $crtname`;
- if($row['keytype'] == "NS")
- {
- if(array_key_exists('install',$_REQUEST) && $_REQUEST['install'] == 1)
- {
- header("Content-Type: application/x-x509-user-cert");
- header("Content-Length: ".strlen($cert));
- $fname=sanitizeFilename($row['CN']);
- if($fname=="") $fname="certificate";
- header('Content-Disposition: inline; filename="'.$fname.'.crt"');
- echo $cert;
- exit;
- } else {
- showheader(_("My CAcert.org Account!"));
- echo "<h3>"._("Installing your certificate")."</h3>\n";
- echo "<p>"._("You are about to install a certificate, if you are using mozilla/netscape based browsers you will not be informed that the certificate was installed successfully, you can go into the options dialog box, security and manage certificates to view if it was installed correctly however.")."</p>\n";
- echo "<p><a href='account.php?id=19&amp;cert=$certid&amp;install=1'>"._("Click here")."</a> "._("to install your certificate.")."</p>\n";
- showfooter();
- exit;
- }
- } else {
- showheader(_("My CAcert.org Account!"));
-?>
-<h3><?=_("Installing your certificate")?></h3>
-
-<p><?=_("Hit the 'Install your Certificate' button below to install the certificate into MS IE 5.x and above.")?>
-
-<OBJECT classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
-<?=_("You must enable ActiveX for this to work.")?>
-</OBJECT>
-<FORM >
-<INPUT TYPE=BUTTON NAME="CertInst" VALUE="<?=_("Install Your Certificate")?>">
-</FORM>
-
-</P>
-
-<SCRIPT LANGUAGE=VBS>
- Sub CertInst_OnClick
- certchain = _
-<?
- $lines = explode("\n", $cert);
- if(is_array($lines))
- foreach($lines as $line)
- {
- $line = trim($line);
- if($line != "-----END CERTIFICATE-----")
- echo "\"$line\" & _\n";
- else {
- echo "\"$line\"\n";
- break;
- }
- }
-?>
-
- On Error Resume Next
- cec.DeleteRequestCert = FALSE
- err.clear
-
- cec.WriteCertToCSP = TRUE
- cec.acceptPKCS7(certchain)
- if err.number <> 0 Then
- cec.WriteCertToCSP = FALSE
- end if
- err.clear
- cec.acceptPKCS7(certchain)
- if err.number <> 0 then
- errorMsg = "<?=_("Certificate installation failed!")?>" & chr(13) & chr(10) & _
- "(Error code " & err.number & ")"
- msgRes = MsgBox(errorMsg, 0, "<?=_("Certificate Installation Error")?>")
- else
- okMsg = "<?=_("Personal Certificate Installed.")?>" & chr(13) & chr(10) & _
- "See Tools->Internet Options->Content->Certificates"
- msgRes = MsgBox(okMsg, 0, "<?=_("Certificate Installation Complete!")?>")
- end if
- End Sub
-</SCRIPT>
-
-<?
- showfooter();
- exit;
- }
-?>
+ show_client_cert($row['crt_name'], "account.php?id=19&amp;cert=$certid", $row['CN']);
diff --git a/pages/account/6.php b/pages/account/6.php
index b8efdce..3c3794c 100644
--- a/pages/account/6.php
+++ b/pages/account/6.php
@@ -34,72 +34,4 @@ if(mysql_num_rows($res) <= 0) {
}
$row = mysql_fetch_assoc($res);
-
-if (array_key_exists('format', $_REQUEST)) {
- // Which output format?
- if ($_REQUEST['format'] === 'der') {
- $outform = '-outform DER';
- $extension = 'cer';
- } else {
- $outform = '-outform PEM';
- $extension = 'crt';
- }
-
- $crtname=escapeshellarg($row['crt_name']);
- $cert = `/usr/bin/openssl x509 -in $crtname $outform`;
-
- header("Content-Type: application/pkix-cert");
- header("Content-Length: ".strlen($cert));
-
- $fname = sanitizeFilename($row['CN']);
- if ($fname=="") $fname="certificate";
- header("Content-Disposition: attachment; filename=\"${fname}.${extension}\"");
-
- echo $cert;
- exit;
-
-} elseif (array_key_exists('install', $_REQUEST)) {
- if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
- strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {
-
- // Handle IE
- //TODO
-
- } else {
- // All other browsers
- $crtname=escapeshellarg($row['crt_name']);
- $cert = `/usr/bin/openssl x509 -in $crtname -outform DER`;
-
- header("Content-Type: application/x-x509-user-cert");
- header("Content-Length: ".strlen($cert));
-
- $fname = sanitizeFilename($row['CN']);
- if ($fname=="") $fname="certificate";
- header("Content-Disposition: inline; filename=\"${fname}.cer\"");
-
- echo $cert;
- exit;
- }
-
-} else {
- showheader(_("My CAcert.org Account!"), _("Install your certificate"));
- echo '<ul class="no_indent">';
- echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;install'>".
- _("Install the certificate into your browser").
- "</a></li>\n";
-
- echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;format=pem'>".
- _("Download the certificate in PEM format")."</a></li>\n";
-
- echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;format=der'>".
- _("Download the certificate in DER format")."</a></li>\n";
- echo '</ul>';
-
- // Allow to directly copy and paste the cert in PEM format
- $crtname=escapeshellarg($row['crt_name']);
- $cert = `/usr/bin/openssl x509 -in $crtname -outform PEM`;
- echo "<pre>$cert</pre>";
-
- showfooter();
- exit;
-}
+show_client_cert($row['crt_name'], "account.php?id=$id&amp;cert=$certid", $row['CN']);