From b5ee07271aea9e0722a7ed58e52f80b495d190d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20T=C3=A4nzer?= <neo@nhng.de>
Date: Wed, 6 Jul 2011 01:01:24 +0200
Subject: bug 841: not only check for serial number but for serial number and
 issuer in combination when checking login
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fix provided by Uli60

Signed-off-by: Michael Tänzer <neo@nhng.de>
---
 www/index.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'www')

diff --git a/www/index.php b/www/index.php
index fb215c6..ddfa610 100644
--- a/www/index.php
+++ b/www/index.php
@@ -148,7 +148,12 @@
 
 	if($id == 4 && $_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'])
 	{
-		$query = "select * from `emailcerts` where `serial`='$_SERVER[SSL_CLIENT_M_SERIAL]' and `revoked`=0 and disablelogin=0 and
+		include_once("../includes/lib/general.php");
+		/* identify unique certs serial number related to root or subroot */
+		$query = "select * from `emailcerts` where
+				`serial`='".$_SERVER['SSL_CLIENT_M_SERIAL']."' and
+				`rootcert`='".rootcertid($_SERVER['SSL_CLIENT_I_DN_CN'])."' and
+				`revoked`=0 and disablelogin=0 and
 				UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
 		$res = mysql_query($query);
 		if(mysql_num_rows($res) > 0)
-- 
cgit v1.2.1


From b2c1b55f1be7930dadcdb656e929b9e9e0b54aa2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20T=C3=A4nzer?= <neo@nhng.de>
Date: Wed, 27 Jul 2011 01:03:24 +0200
Subject: bug 841: extract the whole cert-login into a function
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Michael Tänzer <neo@nhng.de>
---
 www/index.php | 18 ++++++++----------
 1 file changed, 8 insertions(+), 10 deletions(-)

(limited to 'www')

diff --git a/www/index.php b/www/index.php
index ddfa610..109689a 100644
--- a/www/index.php
+++ b/www/index.php
@@ -149,17 +149,15 @@
 	if($id == 4 && $_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'])
 	{
 		include_once("../includes/lib/general.php");
-		/* identify unique certs serial number related to root or subroot */
-		$query = "select * from `emailcerts` where
-				`serial`='".$_SERVER['SSL_CLIENT_M_SERIAL']."' and
-				`rootcert`='".rootcertid($_SERVER['SSL_CLIENT_I_DN_CN'])."' and
-				`revoked`=0 and disablelogin=0 and
-				UNIX_TIMESTAMP(`expire`) - UNIX_TIMESTAMP() > 0";
-		$res = mysql_query($query);
-		if(mysql_num_rows($res) > 0)
+		$user_id = get_user_id_from_cert($_SERVER['SSL_CLIENT_M_SERIAL'],
+				$_SERVER['SSL_CLIENT_I_DN_CN']);
+		
+		if($user_id >= 0)
 		{
-			$row = mysql_fetch_assoc($res);
-			$_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='$row[memid]' and `deleted`=0 and `locked`=0"));
+			$_SESSION['profile'] = mysql_fetch_assoc(mysql_query(
+				"select * from `users` where 
+				`id`='$user_id' and `deleted`=0 and `locked`=0"));
+			
 			if($_SESSION['profile']['id'] != 0)
 			{
 				$_SESSION['profile']['loggedin'] = 1;
-- 
cgit v1.2.1