summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFelix Dörre <felix@dogcraft.de>2014-09-24 00:20:37 +0200
committerFelix Dörre <felix@dogcraft.de>2014-10-07 22:08:44 +0200
commitc980e162027731dfb6d869ea34d79f973ef70ec9 (patch)
tree47c428354af3ab36e4f46b1ae9a8816a9275a334
parentb7c215b0e5cf6866eef99545da0f2d5baae8cb75 (diff)
downloadcacert-devel-c980e162027731dfb6d869ea34d79f973ef70ec9.tar.gz
cacert-devel-c980e162027731dfb6d869ea34d79f973ef70ec9.tar.xz
cacert-devel-c980e162027731dfb6d869ea34d79f973ef70ec9.zip
bug-790: change PEM-Armor-striping code to not break correct CSRs
(copied from somewhere above)
-rw-r--r--includes/account.php7
-rw-r--r--includes/keygen.php2
2 files changed, 7 insertions, 2 deletions
diff --git a/includes/account.php b/includes/account.php
index a713f09..97d38ac 100644
--- a/includes/account.php
+++ b/includes/account.php
@@ -1570,7 +1570,12 @@ function buildSubjectFromSession() {
}
mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
} else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
- $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
+ $csr = clean_csr($_REQUEST['CSR']);
+ if(strpos($csr,"---BEGIN") === FALSE)
+ {
+ // In case the CSR is missing the ---BEGIN lines, add them automatically:
+ $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".$csr."\n-----END CERTIFICATE REQUEST-----\n";
+ }
if (($weakKey = checkWeakKeyCSR($csr)) !== "")
{
diff --git a/includes/keygen.php b/includes/keygen.php
index 72cddc8..15dee8a 100644
--- a/includes/keygen.php
+++ b/includes/keygen.php
@@ -121,7 +121,7 @@ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_A
<input type="hidden" name="keytype" value="NS">
<?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
- <input type="submit" name="submit" value="<?=_("Generate keypair within browser")?>">
+ <input type="submit" name="submit" value="<?=_("Generate key pair within browser")?>">
<input type="hidden" name="oldid" value="<?=intval($id)?>">
</form>
</p>