summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBernhard Fröhlich <bernhard@cacert.org>2018-05-16 15:51:19 +0200
committerBernhard Fröhlich <bernhard@cacert.org>2018-05-16 15:51:19 +0200
commit09377a033f8e5632248844e9938cecd25fa62550 (patch)
treea400e78eafde9246a6749b95b68b04d398fdd5d7
parent751d54c7bbf6ef7c8c4dd00c6fa44aae5e887103 (diff)
parent61c3c79377096d31e34178e8f1b2bcaad58ada47 (diff)
downloadcacert-devel-09377a033f8e5632248844e9938cecd25fa62550.tar.gz
cacert-devel-09377a033f8e5632248844e9938cecd25fa62550.tar.xz
cacert-devel-09377a033f8e5632248844e9938cecd25fa62550.zip
Merge remote-tracking branch 'origin/bug-1439' into testserver-stable
# Conflicts: # www/cats/cats_import.php
-rw-r--r--www/cats/cats_import.php6
1 files changed, 3 insertions, 3 deletions
diff --git a/www/cats/cats_import.php b/www/cats/cats_import.php
index 9faa1e6..218e715 100644
--- a/www/cats/cats_import.php
+++ b/www/cats/cats_import.php
@@ -48,9 +48,9 @@ $access = FALSE;
if (
($remote_addr == ALLOWED_IP || $remote_addr == ALLOWED_IP2) &&
$https == 'on' &&
- // Comment (to be romeved): better to use preg_match matching the end of the line (since this is on the end of the line right?)
- // Ted: Is this specified? I don't think so, therefore I'd keep stristr
- strlen(stristr($ssl_client_s_dn, '/emailAddress=cats@cacert.org')) > 0
+ // This should match the email element at the start, the end, or somewhere in the middle,
+ // and accept slashes (old convention) as well as commas (new convention) as delimiters
+ preg_match("/(^|,|\/)emailAddress=cats@cacert.org(,|\/|$)/", $ssl_client_s_dn)
) $access = TRUE;
if ($access !== TRUE) {