summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Tänzer <neo@nhng.de>2011-07-21 01:34:26 +0200
committerMichael Tänzer <neo@nhng.de>2011-07-21 01:34:26 +0200
commitf0db9d78a5e3b22ec7aa1cbc86d6d8836bf3566f (patch)
tree4acc2ba38654d4f9dd6cadb9498c9b65110cafaf
parentb543e4096deec26ea30832bca574f5c78dc29962 (diff)
downloadcacert-devel-f0db9d78a5e3b22ec7aa1cbc86d6d8836bf3566f.tar.gz
cacert-devel-f0db9d78a5e3b22ec7aa1cbc86d6d8836bf3566f.tar.xz
cacert-devel-f0db9d78a5e3b22ec7aa1cbc86d6d8836bf3566f.zip
bug 954: Format to make it more readable and add license header.
Whitespace and comments only, no functionality changes Signed-off-by: Michael Tänzer <neo@nhng.de>
-rwxr-xr-xscripts/mass-revoke.php138
1 files changed, 86 insertions, 52 deletions
diff --git a/scripts/mass-revoke.php b/scripts/mass-revoke.php
index e51f116..35eb24f 100755
--- a/scripts/mass-revoke.php
+++ b/scripts/mass-revoke.php
@@ -1,55 +1,89 @@
#!/usr/bin/php -q
-<? # Companion script to DumpWeakCerts.pl, takes output and revokes weak certs
- # Only first and last column ($cert_type and $cert_recid) are used, the others are ignored
-
- include_once("../includes/mysql.php");
- # Main
-
- $num_domain = 0;
- $num_client = 0;
- $num_orgdomain = 0;
- $num_orgclient = 0;
-
- $num_failures = 0;
-
- $in = fopen("php://stdin", "r");
-
- # The restriction on revoked timestamp os only "to be sure" for non-Org certs,
- # but Org certs (email and serer) may be included multiple times in the output of DumpWeakCerts.pl (once for each OrgAdmin).
- while($in_string = rtrim(fgets($in, 255))) {
- list($cert_type, $cert_email, $owner_name, $cert_expire, $cert_CN, $reason, $cert_serial, $cert_recid) = explode("\t", $in_string);
-
- if ($cert_type == "DomainCert") {
- $query = "UPDATE `domaincerts` SET `revoked`='1970-01-01 10:00:01' where `id`='$cert_recid' AND `revoked`<'1970-01-01 10:00:01'";
-
- if (!mysql_query($query)) {
- $num_failures++;
- }
- $num_domain+=mysql_affected_rows();
- } else if ($cert_type == "EmailCert") {
- $query = "UPDATE `emailcerts` SET `revoked`='1970-01-01 10:00:01' where `id`='$cert_recid' AND `revoked`<'1970-01-01 10:00:01'";
-
- if (!mysql_query($query)) {
- $num_failures++;
- }
- $num_client+=mysql_affected_rows();
- } else if ($cert_type == "OrgServerCert") {
- $query = "UPDATE `orgdomaincerts` SET `revoked`='1970-01-01 10:00:01' where `id`='$cert_recid' AND `revoked`<'1970-01-01 10:00:01'";
-
- if (!mysql_query($query)) {
- $num_failures++;
- }
- $num_orgdomain+=mysql_affected_rows();
- } else if ($cert_type == "OrgEmailCert") {
- $query = "UPDATE `orgemailcerts` SET `revoked`='1970-01-01 10:00:01' where `id`='$cert_recid' AND `revoked`<'1970-01-01 10:00:01'";
-
- if (!mysql_query($query)) {
- $num_failures++;
- }
- $num_orgclient+=mysql_affected_rows();
- }
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2011 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License along
+ with this program; if not, write to the Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+*/
+
+# Companion script to DumpWeakCerts.pl, takes output and revokes weak certs
+# Only first and last column ($cert_type and $cert_recid) are used, the others
+# are ignored
+
+include_once("../includes/mysql.php");
+# Main
+
+$num_domain = 0;
+$num_client = 0;
+$num_orgdomain = 0;
+$num_orgclient = 0;
+
+$num_failures = 0;
+
+$in = fopen("php://stdin", "r");
+
+# The restriction on revoked timestamp os only "to be sure" for non-Org certs,
+# but Org certs (email and serer) may be included multiple times in the output
+# of DumpWeakCerts.pl (once for each OrgAdmin).
+while($in_string = rtrim(fgets($in, 255))) {
+ list($cert_type, $cert_email, $owner_name, $cert_expire, $cert_CN, $reason,
+ $cert_serial, $cert_recid) = explode("\t", $in_string);
+
+ if ($cert_type == "DomainCert") {
+ $query = "UPDATE `domaincerts` SET `revoked`='1970-01-01 10:00:01'
+ where `id`='$cert_recid' AND `revoked`<'1970-01-01 10:00:01'";
+
+ if (!mysql_query($query)) {
+ $num_failures++;
+ }
+ $num_domain+=mysql_affected_rows();
+
+ } else if ($cert_type == "EmailCert") {
+ $query = "UPDATE `emailcerts` SET `revoked`='1970-01-01 10:00:01'
+ where `id`='$cert_recid' AND `revoked`<'1970-01-01 10:00:01'";
+
+ if (!mysql_query($query)) {
+ $num_failures++;
+ }
+ $num_client+=mysql_affected_rows();
+
+ } else if ($cert_type == "OrgServerCert") {
+ $query = "UPDATE `orgdomaincerts` SET `revoked`='1970-01-01 10:00:01'
+ where `id`='$cert_recid' AND `revoked`<'1970-01-01 10:00:01'";
+
+ if (!mysql_query($query)) {
+ $num_failures++;
+ }
+ $num_orgdomain+=mysql_affected_rows();
+
+ } else if ($cert_type == "OrgEmailCert") {
+ $query = "UPDATE `orgemailcerts` SET `revoked`='1970-01-01 10:00:01'
+ where `id`='$cert_recid' AND `revoked`<'1970-01-01 10:00:01'";
+
+ if (!mysql_query($query)) {
+ $num_failures++;
+ }
+ $num_orgclient+=mysql_affected_rows();
}
- fclose($in);
- echo "Certificates revoked: $num_domain server certs, $num_client client certs, $num_orgdomain Org server certs, $num_orgclient Org client certs.\n";
- echo "Update failures: $num_failures\n";
+}
+
+fclose($in);
+
+echo "Certificates revoked: ".
+ "$num_domain server certs, ".
+ "$num_client client certs, ".
+ "$num_orgdomain Org server certs, ".
+ "$num_orgclient Org client certs.\n";
+echo "Update failures: $num_failures\n";
?>