summaryrefslogtreecommitdiff
path: root/pages/account/6.php
blob: b8efdcea769563038389cd0ec6d7b7204f39a74f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
<? /*
    LibreSSL - CAcert web application
    Copyright (C) 2004-2008  CAcert Inc.

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; version 2 of the License.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
*/

// Get certificate information
$certid = 0;
if(array_key_exists('cert',$_REQUEST)) {
	$certid = intval($_REQUEST['cert']);
}

$query = "select * from `emailcerts`
			where `id`='$certid'
			and `memid`='".intval($_SESSION['profile']['id'])."'";
$res = mysql_query($query);
if(mysql_num_rows($res) <= 0) {
	showheader(_("My CAcert.org Account!"));
	echo _("No such certificate attached to your account.");
	showfooter();
	exit;
}
$row = mysql_fetch_assoc($res);


if (array_key_exists('format', $_REQUEST)) {
	// Which output format?
	if ($_REQUEST['format'] === 'der') {
		$outform = '-outform DER';
		$extension = 'cer';
	} else {
		$outform = '-outform PEM';
		$extension = 'crt';
	}

	$crtname=escapeshellarg($row['crt_name']);
	$cert = `/usr/bin/openssl x509 -in $crtname $outform`;

	header("Content-Type: application/pkix-cert");
	header("Content-Length: ".strlen($cert));

	$fname = sanitizeFilename($row['CN']);
	if ($fname=="") $fname="certificate";
	header("Content-Disposition: attachment; filename=\"${fname}.${extension}\"");

	echo $cert;
	exit;

} elseif (array_key_exists('install', $_REQUEST)) {
	if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
			strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {

		// Handle IE
		//TODO

	} else {
		// All other browsers
		$crtname=escapeshellarg($row['crt_name']);
		$cert = `/usr/bin/openssl x509 -in $crtname -outform DER`;

		header("Content-Type: application/x-x509-user-cert");
		header("Content-Length: ".strlen($cert));

		$fname = sanitizeFilename($row['CN']);
		if ($fname=="") $fname="certificate";
		header("Content-Disposition: inline; filename=\"${fname}.cer\"");

		echo $cert;
		exit;
	}

} else {
	showheader(_("My CAcert.org Account!"), _("Install your certificate"));
	echo '<ul class="no_indent">';
	echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;install'>".
		_("Install the certificate into your browser").
		"</a></li>\n";

	echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;format=pem'>".
		_("Download the certificate in PEM format")."</a></li>\n";

	echo "<li><a href='account.php?id=$id&amp;cert=$certid&amp;format=der'>".
		_("Download the certificate in DER format")."</a></li>\n";
	echo '</ul>';

	// Allow to directly copy and paste the cert in PEM format
	$crtname=escapeshellarg($row['crt_name']);
	$cert = `/usr/bin/openssl x509 -in $crtname -outform PEM`;
	echo "<pre>$cert</pre>";

	showfooter();
	exit;
}