summaryrefslogtreecommitdiff
path: root/scripts/scanforexponents.php
diff options
context:
space:
mode:
authorMarkus Warg <mw@it-sls.de>2010-03-29 09:54:06 +0200
committerMarkus Warg <mw@it-sls.de>2010-03-29 09:54:06 +0200
commit9dceece06fbdc98add6f76f0b1aec05891a394c4 (patch)
treef7227c28ca5f79f30c2ec81ba1a09a4fe3972436 /scripts/scanforexponents.php
parent5b68967def224a00f54eb54946ff17301bbd3cdb (diff)
downloadcacert-devel-9dceece06fbdc98add6f76f0b1aec05891a394c4.tar.gz
cacert-devel-9dceece06fbdc98add6f76f0b1aec05891a394c4.tar.xz
cacert-devel-9dceece06fbdc98add6f76f0b1aec05891a394c4.zip
remove cacert/ prefix
Diffstat (limited to 'scripts/scanforexponents.php')
-rwxr-xr-xscripts/scanforexponents.php127
1 files changed, 127 insertions, 0 deletions
diff --git a/scripts/scanforexponents.php b/scripts/scanforexponents.php
new file mode 100755
index 0000000..7136723
--- /dev/null
+++ b/scripts/scanforexponents.php
@@ -0,0 +1,127 @@
+#!/usr/bin/php -q
+<? /*
+ LibreSSL - CAcert web application
+ Copyright (C) 2004-2008 CAcert Inc.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; version 2 of the License.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+*/
+ include_once("../includes/mysql.php");
+
+ $fp = fopen("exp-report.txt", "w");
+
+ $d = dir("../crt/");
+ while (false !== ($entry = $d->read()))
+ {
+ if(substr($entry, 0, 3) == "gpg")
+ continue;
+ $file = "../crt/$entry";
+ if(!is_file($file))
+ continue;
+
+ if(substr($file, -3) == "der")
+ $do = trim(`openssl x509 -inform der -in $file -text -noout 2>&1 |grep 'Exponent'`);
+ else
+ $do = trim(`openssl x509 -in $file -text -noout 2>&1 |grep 'Exponent'`);
+
+ if($do == "")
+ continue;
+
+ list($crud, $exp, $crud) = explode(" ", $do);
+ if($exp >= 65537)
+ continue;
+
+ list($a, $crud) = explode(".", $entry, 2);
+ list($type, $id) = explode("-", $a);
+
+ $id = intval($id);
+
+ if($type == "client")
+ {
+ $query = "select `memid`,`serial`,`CN`,`subject`,`keytype`,`emailcerts`.`codesign` as `codesign`,`crt_name`,
+ `emailcerts`.`created` as `created`,`emailcerts`.`revoked` as `revoked`,
+ `emailcerts`.`expire` as `expire`, `rootcert`, `md`, `fname`, `lname`, `language`
+ from `emailcerts`,`users` where `emailcerts`.`id`='$id' and `users`.`id`=`emailcerts`.`memid`";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) <= 0)
+ {
+ echo $query."\n";
+ echo "$file: $do\n";
+ continue;
+ }
+
+ $row = mysql_fetch_assoc($res);
+ $email = $row['email'];
+ } else if($type == "orgclient") {
+ $query = "select `memid`,`serial`,`CN`,`subject`,`keytype`,`orgemailcerts`.`codesign` as `codesign`,`crt_name`,
+ `orgemailcerts`.`created` as `created`,`orgemailcerts`.`revoked` as `revoked`,
+ `orgemailcerts`.`expire` as `expire`, `rootcert`, `md`, `fname`, `lname`, `language`
+ from `orgemailcerts`,`org`,`users` where `orgemailcerts`.`id`='$id' and
+ `orgemailcerts`.`orgid`=`org`.`id` and `users`.`id`=`org`.`memid`";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) <= 0)
+ {
+ echo $query."\n";
+ echo "$file: $do\n";
+ continue;
+ }
+
+ $row = mysql_fetch_assoc($res);
+ $email = $row['email'];
+ } else if($type == "server") {
+ $query = "select `memid`,`serial`,`CN`,`subject`,`crt_name`,
+ `domaincerts`.`created` as `created`,`domaincerts`.`revoked` as `revoked`,
+ `domaincerts`.`expire` as `expire`, `rootcert`, `md`, `fname`, `lname`, `language`
+ from `domaincerts`,`domains`,`users` where `domaincerts`.`id`='$id' and
+ `domains`.`id`=`domaincerts`.`domid` and `users`.`id`=`domains`.`memid`";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) <= 0)
+ {
+ echo $query."\n";
+ echo "$file: $do\n";
+ continue;
+ }
+
+ $row = mysql_fetch_assoc($res);
+ $email = $row['email'];
+ } else if($type == "orgserver") {
+ $query = "select `memid`,`serial`,`CN`,`subject`,`crt_name`,
+ `orgdomaincerts`.`created` as `created`,`orgdomaincerts`.`revoked` as `revoked`,
+ `orgdomaincerts`.`expire` as `expire`, `rootcert`, `md`, `fname`, `lname`, `language`
+ from `orgdomaincerts`,`org`,`users` where `orgdomaincerts`.`id`='$id' and
+ `orgdomaincerts`.`orgid`=`org`.`id` and `users`.`id`=`org`.`memid`";
+ $res = mysql_query($query);
+ if(mysql_num_rows($res) <= 0)
+ {
+ echo $query."\n";
+ echo "$file: $do\n";
+ continue;
+ }
+
+ $row = mysql_fetch_assoc($res);
+ $email = $row['email'];
+ } else {
+ echo "$file: $do\n";
+ continue;
+ }
+
+ $body = "New Report:\n\n$do\n";
+
+ foreach($row as $key => $val)
+ $body .= "$key: $val\n";
+
+ $body .= "\n\n".file_get_contents($file);
+ fputs($fp, $body."\n\n===============================================================\n\n");
+ echo "$file: $do\n";
+ }
+?>