summaryrefslogtreecommitdiff
path: root/includes/account_stuff.php
diff options
context:
space:
mode:
Diffstat (limited to 'includes/account_stuff.php')
-rw-r--r--includes/account_stuff.php79
1 files changed, 79 insertions, 0 deletions
diff --git a/includes/account_stuff.php b/includes/account_stuff.php
index ad30ad8..caf22ac 100644
--- a/includes/account_stuff.php
+++ b/includes/account_stuff.php
@@ -325,3 +325,82 @@ function showfooter()
</html>
<?
}
+
+/**
+ * Provides installation and download of a client cert
+ *
+ * @param string $cert_file The file system path to the certificate file
+ * @param string $cert_url The URL to the page displaying this information (i.e.
+ * the page that called show_client_cert())
+ * @param string $download_file_name File name proposed when downloading the cert
+ */
+function show_client_cert($cert_file, $cert_url, $download_file_name) {
+ if (array_key_exists('format', $_REQUEST)) {
+ // Which output format?
+ if ($_REQUEST['format'] === 'der') {
+ $outform = '-outform DER';
+ $extension = 'cer';
+ } else {
+ $outform = '-outform PEM';
+ $extension = 'crt';
+ }
+
+ $crtname=escapeshellarg($cert_file);
+ $cert = `/usr/bin/openssl x509 -in $crtname $outform`;
+
+ header("Content-Type: application/pkix-cert");
+ header("Content-Length: ".strlen($cert));
+
+ $fname = sanitizeFilename($download_file_name);
+ if ($fname=="") $fname="certificate";
+ header("Content-Disposition: attachment; filename=\"${fname}.${extension}\"");
+
+ echo $cert;
+ exit;
+
+ } elseif (array_key_exists('install', $_REQUEST)) {
+ if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
+ strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {
+
+ // Handle IE
+ //TODO
+
+ } else {
+ // All other browsers
+ $crtname=escapeshellarg($cert_file);
+ $cert = `/usr/bin/openssl x509 -in $crtname -outform DER`;
+
+ header("Content-Type: application/x-x509-user-cert");
+ header("Content-Length: ".strlen($cert));
+
+ $fname = sanitizeFilename($download_file_name);
+ if ($fname=="") $fname="certificate";
+ header("Content-Disposition: inline; filename=\"${fname}.cer\"");
+
+ echo $cert;
+ exit;
+ }
+
+ } else {
+ showheader(_("My CAcert.org Account!"), _("Install your certificate"));
+ echo '<ul class="no_indent">';
+ echo "<li><a href='$cert_url&amp;install'>".
+ _("Install the certificate into your browser").
+ "</a></li>\n";
+
+ echo "<li><a href='$cert_url&amp;format=pem'>".
+ _("Download the certificate in PEM format")."</a></li>\n";
+
+ echo "<li><a href='$cert_url&amp;format=der'>".
+ _("Download the certificate in DER format")."</a></li>\n";
+ echo '</ul>';
+
+ // Allow to directly copy and paste the cert in PEM format
+ $crtname=escapeshellarg($cert_file);
+ $cert = `/usr/bin/openssl x509 -in $crtname -outform PEM`;
+ echo "<pre>$cert</pre>";
+
+ showfooter();
+ exit;
+ }
+}