Merge branch 'bug-1004' into release
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 $id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
26 $oldid = 0; if(array_key_exists("oldid",$_REQUEST)) $oldid=intval($_REQUEST['oldid']);
27 $process = ""; if(array_key_exists("process",$_REQUEST)) $process=$_REQUEST['process'];
28
29 $cert=0; if(array_key_exists('cert',$_REQUEST)) $cert=intval($_REQUEST['cert']);
30 $orgid=0; if(array_key_exists('orgid',$_REQUEST)) $orgid=intval($_REQUEST['orgid']);
31 $memid=0; if(array_key_exists('memid',$_REQUEST)) $memid=intval($_REQUEST['memid']);
32 $domid=0; if(array_key_exists('domid',$_REQUEST)) $domid=intval($_REQUEST['domid']);
33
34
35 if(!$_SESSION['mconn'])
36 {
37 echo _("Several CAcert Services are currently unavailable. Please try again later.");
38 exit;
39 }
40
41 if ($process == _("Cancel"))
42 {
43 // General reset CANCEL process requests
44 $process = "";
45 }
46
47
48 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
49 {
50 $id = 1;
51 $oldid=0;
52 }
53
54 if($process != "" && $oldid == 1)
55 {
56 $id = 1;
57 csrf_check('addemail');
58 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
59 {
60 showheader(_("My CAcert.org Account!"));
61 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
62 showfooter();
63 exit;
64 }
65 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
66 {
67 showheader(_("My CAcert.org Account!"));
68 printf(_("Not a valid email address. Can't continue."));
69 showfooter();
70 exit;
71 }
72 $oldid=0;
73 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
74 if(check_email_exists($_REQUEST['email'])==true)
75 {
76 showheader(_("My CAcert.org Account!"));
77 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
78 showfooter();
79 exit;
80 }
81 $checkemail = checkEmail($_REQUEST['newemail']);
82 if($checkemail != "OK")
83 {
84 showheader(_("My CAcert.org Account!"));
85 if (substr($checkemail, 0, 1) == "4")
86 {
87 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
88 } else {
89 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
90 }
91 echo "<p>$checkemail</p>\n";
92 showfooter();
93 exit;
94 }
95 $hash = make_hash();
96 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
97 mysql_query($query);
98 $emailid = mysql_insert_id();
99
100 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
101 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
102 $body .= _("Best regards")."\n"._("CAcert.org Support!");
103
104 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
105
106 showheader(_("My CAcert.org Account!"));
107 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
108 showfooter();
109 exit;
110 }
111
112 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
113 {
114 $id = 2;
115 $emailid = intval($_REQUEST['emailid']);
116 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
117 $res = mysql_query($query);
118 if(mysql_num_rows($res) <= 0)
119 {
120 showheader(_("Error!"));
121 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
122 showfooter();
123 exit;
124 }
125 $row = mysql_fetch_assoc($res);
126 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
127 $body .= _("You are receiving this email because you or someone else ".
128 "has changed the default email on your account.")."\n\n";
129
130 $body .= _("Best regards")."\n"._("CAcert.org Support!");
131
132 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
133 "support@cacert.org", "", "", "CAcert Support");
134
135 $_SESSION['profile']['email'] = $row['email'];
136 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
137 mysql_query($query);
138 showheader(_("My CAcert.org Account!"));
139 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
140 showfooter();
141 exit;
142 }
143
144 if($process != "" && $oldid == 2)
145 {
146 $id = 2;
147 csrf_check("chgdef");
148 showheader(_("My CAcert.org Account!"));
149 $delcount = 0;
150 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
151 {
152 $deltitle=false;
153 foreach($_REQUEST['delid'] as $id)
154 {
155 if (!$deltitle) {
156 echo _('The following email addresses have been removed:')."<br>\n";
157 $deltitle=true;
158 }
159 $id = intval($id);
160 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
161 `email`!='".$_SESSION['profile']['email']."'";
162 $res = mysql_query($query);
163 if(mysql_num_rows($res) > 0)
164 {
165 $row = mysql_fetch_assoc($res);
166 echo $row['email']."<br>\n";
167 account_email_delete($row['id']);
168 $delcount++;
169 }
170 }
171 }
172 else
173 {
174 echo _("You did not select any email accounts for removal.");
175 }
176 if(0 == $delcount)
177 {
178 echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
179 }
180
181 showfooter();
182 exit;
183 }
184
185 if($process != "" && $oldid == 3)
186 {
187 if(!array_key_exists('CCA',$_REQUEST))
188 {
189 showheader(_("My CAcert.org Account!"));
190 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
191 showfooter();
192 exit;
193 }
194
195 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
196 {
197 showheader(_("My CAcert.org Account!"));
198 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
199 showfooter();
200 exit;
201 }
202
203 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
204
205 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
206 if($_SESSION['profile']['points'] >= 50)
207 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
208 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
209 {
210 $_REQUEST['codesign'] = 0;
211 }
212 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
213 {
214 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
215 $_SESSION['_config']['incname'] = 1;
216 }
217 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
218 $_SESSION['_config']['codesign'] = 1;
219 else
220 $_SESSION['_config']['codesign'] = 0;
221
222 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
223 $_SESSION['_config']['disablelogin'] = 0;
224 else
225 $_SESSION['_config']['disablelogin'] = 1;
226
227 $_SESSION['_config']['rootcert'] = 1;
228 if($_SESSION['profile']['points'] >= 50)
229 {
230 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
231 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
232 $_SESSION['_config']['rootcert'] = 1;
233 }
234 $csr = "";
235 if(trim($_REQUEST['optionalCSR']) == "")
236 {
237 $id = 4;
238 } else {
239 $oldid = 4;
240 $_REQUEST['keytype'] = "MS";
241 $csr = clean_csr($_REQUEST['optionalCSR']);
242 }
243 if(trim($_REQUEST['description']) != ""){
244 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
245 }else{
246 $_SESSION['_config']['description']= "";
247 }
248 }
249
250 if($oldid == 4)
251 {
252 if($_REQUEST['keytype'] == "NS")
253 {
254 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
255
256 if($spkac=="" || $spkac == "deadbeef")
257 {
258 $id = 4;
259 showheader(_("My CAcert.org Account!"));
260 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
261 showfooter();
262 exit;
263 }
264 $count = 0;
265 $emails = "";
266 $addys = array();
267 $defaultemail="";
268 if(is_array($_SESSION['_config']['addid']))
269 foreach($_SESSION['_config']['addid'] as $id)
270 {
271 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
272 if(mysql_num_rows($res) > 0)
273 {
274 $row = mysql_fetch_assoc($res);
275 if(!$emails)
276 $defaultemail = $row['email'];
277 $emails .= "$count.emailAddress = ".$row['email']."\n";
278 $count++;
279 $addys[] = intval($row['id']);
280 }
281 }
282 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
283 {
284 $id = 4;
285 showheader(_("My CAcert.org Account!"));
286 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
287 showfooter();
288 exit;
289 }
290 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
291 if($_SESSION['_config']['SSO'] == 1)
292 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
293
294 if(strlen($user['mname']) == 1)
295 $user['mname'] .= '.';
296 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
297 {
298 $emails .= "commonName = CAcert WoT User\n";
299 }
300 else
301 {
302 if($_SESSION['_config']['incname'] == 1)
303 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
304 if($_SESSION['_config']['incname'] == 2)
305 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
306 if($_SESSION['_config']['incname'] == 3)
307 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
308 if($_SESSION['_config']['incname'] == 4)
309 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
310 }
311 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
312 $_SESSION['_config']['rootcert'] = 1;
313
314 $emails .= "SPKAC = $spkac";
315 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
316 {
317 $id = 4;
318 showheader(_("My CAcert.org Account!"));
319 echo $weakKey;
320 showfooter();
321 exit;
322 }
323
324 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
325
326 $query = "insert into emailcerts set
327 `CN`='$defaultemail',
328 `keytype`='NS',
329 `memid`='".intval($_SESSION['profile']['id'])."',
330 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
331 `codesign`='".intval($_SESSION['_config']['codesign'])."',
332 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
333 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
334 `description`='".$_SESSION['_config']['description']."'";
335 mysql_query($query);
336 $emailid = mysql_insert_id();
337 if(is_array($addys))
338 foreach($addys as $addy)
339 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
340 $CSRname=generatecertpath("csr","client",$emailid);
341 $fp = fopen($CSRname, "w");
342 fputs($fp, $emails);
343 fclose($fp);
344 $challenge=$_SESSION['spkac_hash'];
345 $res=`openssl spkac -verify -in $CSRname`;
346 if(!strstr($res,"Challenge String: ".$challenge))
347 {
348 $id = $oldid;
349 showheader(_("My CAcert.org Account!"));
350 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
351 showfooter();
352 exit;
353 }
354 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
355 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
356 if($csr == "")
357 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
358
359 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
360 {
361 $id = 4;
362 showheader(_("My CAcert.org Account!"));
363 echo $weakKey;
364 showfooter();
365 exit;
366 }
367
368 $tmpfname = tempnam("/tmp", "id4CSR");
369 $fp = fopen($tmpfname, "w");
370 fputs($fp, $csr);
371 fclose($fp);
372
373 $addys = array();
374 $defaultemail = "";
375 $csrsubject="";
376
377 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
378 if(strlen($user['mname']) == 1)
379 $user['mname'] .= '.';
380 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
381 $csrsubject = "/CN=CAcert WoT User";
382 if($_SESSION['_config']['incname'] == 1)
383 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
384 if($_SESSION['_config']['incname'] == 2)
385 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
386 if($_SESSION['_config']['incname'] == 3)
387 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
388 if($_SESSION['_config']['incname'] == 4)
389 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
390 if(is_array($_SESSION['_config']['addid']))
391 foreach($_SESSION['_config']['addid'] as $id)
392 {
393 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
394 if(mysql_num_rows($res) > 0)
395 {
396 $row = mysql_fetch_assoc($res);
397 if($defaultemail == "")
398 $defaultemail = $row['email'];
399 $csrsubject .= "/emailAddress=".$row['email'];
400 $addys[] = $row['id'];
401 }
402 }
403 if($_SESSION['_config']['SSO'] == 1)
404 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
405
406 $tmpname = tempnam("/tmp", "id4csr");
407 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
408 @unlink($tmpfname);
409 $csr = "";
410 $fp = fopen($tmpname, "r");
411 while($data = fgets($fp, 4096))
412 $csr .= $data;
413 fclose($fp);
414 @unlink($tmpname);
415 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
416 $_SESSION['_config']['rootcert'] = 1;
417
418 if($csr == "")
419 {
420 $id = 4;
421 showheader(_("My CAcert.org Account!"));
422 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
423 showfooter();
424 exit;
425 }
426 $query = "insert into emailcerts set
427 `CN`='$defaultemail',
428 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
429 `memid`='".$_SESSION['profile']['id']."',
430 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
431 `subject`='".mysql_real_escape_string($csrsubject)."',
432 `codesign`='".$_SESSION['_config']['codesign']."',
433 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
434 `rootcert`='".$_SESSION['_config']['rootcert']."',
435 `description`='".$_SESSION['_config']['description']."'";
436 mysql_query($query);
437 $emailid = mysql_insert_id();
438 if(is_array($addys))
439 foreach($addys as $addy)
440 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
441 $CSRname=generatecertpath("csr","client",$emailid);
442 $fp = fopen($CSRname, "w");
443 fputs($fp, $csr);
444 fclose($fp);
445 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
446 }
447 waitForResult("emailcerts", $emailid, 4);
448 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
449 $res = mysql_query($query);
450 if(mysql_num_rows($res) <= 0)
451 {
452 $id = 4;
453 showheader(_("My CAcert.org Account!"));
454 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
455 showfooter();
456 exit;
457 } else {
458 $id = 6;
459 $cert = $emailid;
460 $_REQUEST['cert']=$emailid;
461 }
462 }
463
464 if($oldid == 7)
465 {
466 csrf_check("adddomain");
467 if(strstr($_REQUEST['newdomain'],"\x00"))
468 {
469 showheader(_("My CAcert.org Account!"));
470 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
471 showfooter();
472 exit;
473 }
474
475 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
476 while($newdomain['0'] == '-')
477 $newdomain = substr($newdomain, 1);
478 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
479 {
480 showheader(_("My CAcert.org Account!"));
481 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
482 showfooter();
483 exit;
484 }
485
486 $newdom = trim(escapeshellarg($newdomain));
487 $newdomain = mysql_real_escape_string(trim($newdomain));
488
489 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
490 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
491 $res2 = mysql_query($query);
492 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
493 {
494 $oldid=0;
495 $id = 7;
496 showheader(_("My CAcert.org Account!"));
497 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
498 showfooter();
499 exit;
500 }
501 }
502
503 if($oldid == 7)
504 {
505 $oldid=0;
506 $id = 8;
507 $addy = array();
508 $adds = array();
509 if(strtolower(substr($newdom, -4, 3)) != ".jp")
510 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
511 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
512 {
513 if(is_array($adds))
514 foreach($adds as $line)
515 {
516 $bits = explode(":", $line, 2);
517 $line = trim($bits[1]);
518 if(!in_array($line, $addy) && $line != "")
519 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
520 }
521 } else {
522 if(is_array($adds))
523 foreach($adds as $line)
524 {
525 $line = trim(str_replace("\t", " ", $line));
526 $line = trim(str_replace("(", "", $line));
527 $line = trim(str_replace(")", " ", $line));
528 $line = trim(str_replace(":", " ", $line));
529
530 $bits = explode(" ", $line);
531 foreach($bits as $bit)
532 {
533 if(strstr($bit, "@"))
534 $line = $bit;
535 }
536 if(!in_array($line, $addy) && $line != "")
537 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
538 }
539 }
540
541 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
542 foreach($rfc as $sub)
543 if(!in_array($sub, $addy))
544 $addy[] = $sub;
545 $_SESSION['_config']['addy'] = $addy;
546 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
547 }
548
549 if($process != "" && $oldid == 8)
550 {
551 csrf_check('ctcinfo');
552 $oldid=0;
553 $id = 8;
554
555 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
556
557 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
558 {
559 showheader(_("My CAcert.org Account!"));
560 echo _("The address you submitted isn't a valid authority address for the domain.");
561 showfooter();
562 exit;
563 }
564
565 if(!in_array($authaddy, $_SESSION['_config']['addy']))
566 {
567 showheader(_("My CAcert.org Account!"));
568 echo _("The address you submitted isn't a valid authority address for the domain.");
569 showfooter();
570 exit;
571 }
572
573 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
574 $res = mysql_query($query);
575 if(mysql_num_rows($res) > 0)
576 {
577 showheader(_("My CAcert.org Account!"));
578 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
579 showfooter();
580 exit;
581 }
582 $checkemail = checkEmail($authaddy);
583 if($checkemail != "OK")
584 {
585 showheader(_("My CAcert.org Account!"));
586 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
587 if (substr($checkemail, 0, 1) == "4")
588 {
589 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
590 } else {
591 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
592 }
593 echo "<p>$checkemail</p>\n";
594 showfooter();
595 exit;
596 }
597
598 $hash = make_hash();
599 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
600 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
601 mysql_query($query);
602 $domainid = mysql_insert_id();
603
604 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
605 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
606 $body .= _("Best regards")."\n"._("CAcert.org Support!");
607
608 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
609
610 showheader(_("My CAcert.org Account!"));
611 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
612 showfooter();
613 exit;
614 }
615
616 if($process != "" && $oldid == 9)
617 {
618 $id = 9;
619 showheader(_("My CAcert.org Account!"));
620 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
621 {
622 echo _("The following domains have been removed:")."<br>
623 ("._("Any valid certificates will be revoked as well").")<br>\n";
624
625 foreach($_REQUEST['delid'] as $id)
626 {
627 $id = intval($id);
628 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
629 $res = mysql_query($query);
630 if(mysql_num_rows($res) > 0)
631 {
632 $row = mysql_fetch_assoc($res);
633 echo $row['domain']."<br>\n";
634 account_domain_delete($row['id']);
635 }
636
637 }
638 }
639 else
640 {
641 echo _("You did not select any domains for removal.");
642 }
643
644 showfooter();
645 exit;
646 }
647
648 if($process != "" && $oldid == 10)
649 {
650 if(!array_key_exists('CCA',$_REQUEST))
651 {
652 showheader(_("My CAcert.org Account!"));
653 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
654 showfooter();
655 exit;
656 }
657
658 $CSR = clean_csr($_REQUEST['CSR']);
659 if(strpos($CSR,"---BEGIN")===FALSE)
660 {
661 // In case the CSR is missing the ---BEGIN lines, add them automatically:
662 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
663 }
664
665 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
666 {
667 showheader(_("My CAcert.org Account!"));
668 echo $weakKey;
669 showfooter();
670 exit;
671 }
672
673 if(trim($_REQUEST['description']) != ""){
674 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
675 }else{
676 $_SESSION['_config']['description']= "";
677 }
678
679 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
680 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
681 fputs($fp, $CSR);
682 fclose($fp);
683 $CSR = $_SESSION['_config']['tmpfname'];
684 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
685 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
686 foreach($bits as $val)
687 {
688 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
689 }
690 $id = 11;
691
692 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
693 extractit();
694 getcn();
695 getalt();
696
697 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
698 {
699 showheader(_("My CAcert.org Account!"));
700 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
701 showfooter();
702 exit;
703 }
704
705 $_SESSION['_config']['rootcert'] = 1;
706 if($_SESSION['profile']['points'] >= 50)
707 {
708 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
709 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
710 $_SESSION['_config']['rootcert'] = 1;
711 }
712 }
713
714 if($process != "" && $oldid == 11)
715 {
716 if(!file_exists($_SESSION['_config']['tmpfname']))
717 {
718 showheader(_("My CAcert.org Account!"));
719 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
720 showfooter();
721 exit;
722 }
723
724 if (($weakKey = checkWeakKeyCSR(file_get_contents(
725 $_SESSION['_config']['tmpfname']))) !== "")
726 {
727 showheader(_("My CAcert.org Account!"));
728 echo $weakKey;
729 showfooter();
730 exit;
731 }
732
733 $id = 11;
734 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
735 {
736 showheader(_("My CAcert.org Account!"));
737 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
738 showfooter();
739 exit;
740 }
741
742 $subject = "";
743 $count = 0;
744 $supressSAN=0;
745 if($_SESSION["profile"]["id"] == 104074) $supressSAN=1;
746
747 if(is_array($_SESSION['_config']['rows']))
748 foreach($_SESSION['_config']['rows'] as $row)
749 {
750 $count++;
751 if($count <= 1)
752 {
753 $subject .= "/CN=$row";
754 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
755 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
756 } else {
757 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
758 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
759 }
760 }
761 if(is_array($_SESSION['_config']['altrows']))
762 foreach($_SESSION['_config']['altrows'] as $row)
763 {
764 if(substr($row, 0, 4) == "DNS:")
765 {
766 $row = substr($row, 4);
767 if(!$supressSAN) $subject .= "/subjectAltName=DNS:$row";
768 if(!$supressSAN) $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$row";
769 }
770 }
771 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
772 $_SESSION['_config']['rootcert'] = 1;
773
774 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
775
776 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
777 {
778 $query = "insert into `domaincerts` set
779 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
780 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
781 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
782 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
783 `description`='".$_SESSION['_config']['description']."'";
784 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
785 $query = "insert into `domaincerts` set
786 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
787 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
788 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
789 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
790 `description`='".$_SESSION['_config']['description']."'";
791 } else {
792 showheader(_("My CAcert.org Account!"));
793 echo _("Domain not verified.");
794 showfooter();
795 exit;
796
797 }
798
799 mysql_query($query);
800 $CSRid = mysql_insert_id();
801
802 if(is_array($_SESSION['_config']['rowid']))
803 foreach($_SESSION['_config']['rowid'] as $dom)
804 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
805 if(is_array($_SESSION['_config']['altid']))
806 foreach($_SESSION['_config']['altid'] as $dom)
807 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
808
809 $CSRname=generatecertpath("csr","server",$CSRid);
810 rename($_SESSION['_config']['tmpfname'], $CSRname);
811 chmod($CSRname,0644);
812 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
813 waitForResult("domaincerts", $CSRid, 11);
814 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
815 $res = mysql_query($query);
816 if(mysql_num_rows($res) <= 0)
817 {
818 $id = 11;
819 showheader(_("My CAcert.org Account!"));
820 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
821 showfooter();
822 exit;
823 } else {
824 $id = 15;
825 $cert = $CSRid;
826 $_REQUEST['cert']=$CSRid;
827 }
828 }
829
830 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
831 {
832 csrf_check('srvcerchange');
833 $id = 12;
834 showheader(_("My CAcert.org Account!"));
835 if(is_array($_REQUEST['revokeid']))
836 {
837 echo _("Now renewing the following certificates:")."<br>\n";
838 foreach($_REQUEST['revokeid'] as $id)
839 {
840 $id = intval($id);
841 echo _("Processing request")." $id:<br/>";
842 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
843 where `domaincerts`.`id`='$id' and
844 `domaincerts`.`domid`=`domains`.`id` and
845 `domains`.`memid`='".$_SESSION['profile']['id']."'";
846 $res = mysql_query($query);
847 if(mysql_num_rows($res) <= 0)
848 {
849 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
850 continue;
851 }
852
853 $row = mysql_fetch_assoc($res);
854
855 if (($weakKey = checkWeakKeyX509(file_get_contents(
856 $row['crt_name']))) !== "")
857 {
858 echo $weakKey, "<br/>\n";
859 continue;
860 }
861
862 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
863 $query = "insert into `domaincerts` set
864 `domid`='".$row['domid']."',
865 `CN`='".mysql_real_escape_string($row['CN'])."',
866 `subject`='".mysql_real_escape_string($row['subject'])."',".
867 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
868 "`created`='".$row['created']."',
869 `modified`=NOW(),
870 `rootcert`='".$row['rootcert']."',
871 `type`='".$row['type']."',
872 `pkhash`='".$row['pkhash']."',
873 `description`='".$row['description']."'";
874 mysql_query($query);
875 $newid = mysql_insert_id();
876 $newfile=generatecertpath("csr","server",$newid);
877 copy($row['csr_name'], $newfile);
878 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
879 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
880 foreach($bits as $val)
881 {
882 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
883 }
884 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
885 extractit();
886 getcn();
887 getalt();
888
889 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
890 {
891 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
892 continue;
893 }
894
895 $subject = "";
896 $count = 0;
897 if(is_array($_SESSION['_config']['rows']))
898 foreach($_SESSION['_config']['rows'] as $row)
899 {
900 $count++;
901 if($count <= 1)
902 {
903 $subject .= "/CN=$row";
904 if(!strstr($subject, "=$row/") &&
905 substr($subject, -strlen("=$row")) != "=$row")
906 $subject .= "/subjectAltName=$row";
907 } else {
908 if(!strstr($subject, "=$row/") &&
909 substr($subject, -strlen("=$row")) != "=$row")
910 $subject .= "/subjectAltName=$row";
911 }
912 }
913 if(is_array($_SESSION['_config']['altrows']))
914 foreach($_SESSION['_config']['altrows'] as $row)
915 if(!strstr($subject, "=$row/") &&
916 substr($subject, -strlen("=$row")) != "=$row")
917 $subject .= "/subjectAltName=$row";
918 $subject = mysql_real_escape_string($subject);
919 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
920
921 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
922 waitForResult("domaincerts", $newid,$oldid,0);
923 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
924 $res = mysql_query($query);
925 if(mysql_num_rows($res) <= 0)
926 {
927 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
928 } else {
929 $drow = mysql_fetch_assoc($res);
930 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
931 echo "<pre>\n$cert\n</pre>\n";
932 }
933 }
934 }
935 else
936 {
937 echo _("You did not select any certificates for renewal.");
938 }
939 showfooter();
940 exit;
941 }
942
943 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
944 {
945 csrf_check('srvcerchange');
946 $id = 12;
947 showheader(_("My CAcert.org Account!"));
948 if(is_array($_REQUEST['revokeid']))
949 {
950 echo _("Now revoking the following certificates:")."<br>\n";
951 foreach($_REQUEST['revokeid'] as $id)
952 {
953 $id = intval($id);
954 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
955 where `domaincerts`.`id`='$id' and
956 `domaincerts`.`domid`=`domains`.`id` and
957 `domains`.`memid`='".$_SESSION['profile']['id']."'";
958 $res = mysql_query($query);
959 if(mysql_num_rows($res) <= 0)
960 {
961 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
962 continue;
963 }
964 $row = mysql_fetch_assoc($res);
965 if($row['revoke'] > 0)
966 {
967 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
968 continue;
969 }
970 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
971 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
972 }
973 }
974 else
975 {
976 echo _("You did not select any certificates for revocation.");
977 }
978
979 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
980 {
981 echo _("Now deleting the following pending requests:")."<br>\n";
982 foreach($_REQUEST['delid'] as $id)
983 {
984 $id = intval($id);
985 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
986 where `domaincerts`.`id`='$id' and
987 `domaincerts`.`domid`=`domains`.`id` and
988 `domains`.`memid`='".$_SESSION['profile']['id']."'";
989 $res = mysql_query($query);
990 if(mysql_num_rows($res) <= 0)
991 {
992 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
993 continue;
994 }
995 $row = mysql_fetch_assoc($res);
996 if($row['expired'] > 0)
997 {
998 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
999 continue;
1000 }
1001 mysql_query("delete from `domaincerts` where `id`='$id'");
1002 @unlink($row['csr_name']);
1003 @unlink($row['crt_name']);
1004 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1005 }
1006 }
1007 showfooter();
1008 exit;
1009 }
1010
1011 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1012 {
1013 showheader(_("My CAcert.org Account!"));
1014 foreach($_REQUEST as $id => $val)
1015 {
1016 if(substr($id,0,14)=="check_comment_")
1017 {
1018 $cid = intval(substr($id,14));
1019 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1020 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1021 }
1022 }
1023 echo(_("Certificate settings have been changed.")."<br/>\n");
1024 showfooter();
1025 exit;
1026 }
1027
1028
1029 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1030 {
1031 showheader(_("My CAcert.org Account!"));
1032 if(is_array($_REQUEST['revokeid']))
1033 {
1034 echo _("Now renewing the following certificates:")."<br>\n";
1035 foreach($_REQUEST['revokeid'] as $id)
1036 {
1037 $id = intval($id);
1038 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1039 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1040 $res = mysql_query($query);
1041 if(mysql_num_rows($res) <= 0)
1042 {
1043 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1044 continue;
1045 }
1046
1047 $row = mysql_fetch_assoc($res);
1048
1049 if (($weakKey = checkWeakKeyX509(file_get_contents(
1050 $row['crt_name']))) !== "")
1051 {
1052 echo $weakKey, "<br/>\n";
1053 continue;
1054 }
1055
1056 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1057 $query = "insert into emailcerts set
1058 `memid`='".$row['memid']."',
1059 `CN`='".mysql_real_escape_string($row['CN'])."',
1060 `subject`='".mysql_real_escape_string($row['subject'])."',
1061 `keytype`='".$row['keytype']."',
1062 `csr_name`='".$row['csr_name']."',
1063 `created`='".$row['created']."',
1064 `modified`=NOW(),
1065 `disablelogin`='".$row['disablelogin']."',
1066 `codesign`='".$row['codesign']."',
1067 `rootcert`='".$row['rootcert']."',
1068 `description`='".$row['description']."'";
1069 mysql_query($query);
1070 $newid = mysql_insert_id();
1071 $newfile=generatecertpath("csr","client",$newid);
1072 copy($row['csr_name'], $newfile);
1073 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1074 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1075 while($r2 = mysql_fetch_assoc($res))
1076 {
1077 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1078 `emailcertsid`='$newid'");
1079 }
1080 waitForResult("emailcerts", $newid,$oldid,0);
1081 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1082 $res = mysql_query($query);
1083 if(mysql_num_rows($res) <= 0)
1084 {
1085 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1086 } else {
1087 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1088 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1089 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1090 }
1091 }
1092 }
1093 else
1094 {
1095 echo _("You did not select any certificates for renewal.")."<br/>";
1096 }
1097
1098 showfooter();
1099 exit;
1100 }
1101
1102 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1103 {
1104 $id = 5;
1105 showheader(_("My CAcert.org Account!"));
1106 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1107 {
1108 echo _("Now revoking the following certificates:")."<br>\n";
1109 foreach($_REQUEST['revokeid'] as $id)
1110 {
1111 $id = intval($id);
1112 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1113 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1114 $res = mysql_query($query);
1115 if(mysql_num_rows($res) <= 0)
1116 {
1117 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1118 continue;
1119 }
1120 $row = mysql_fetch_assoc($res);
1121 if($row['revoke'] > 0)
1122 {
1123 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1124 continue;
1125 }
1126 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1127 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1128 }
1129 }
1130 else
1131 {
1132 echo _("You did not select any certificates for revocation.");
1133 }
1134
1135 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1136 {
1137 echo _("Now deleting the following pending requests:")."<br>\n";
1138 foreach($_REQUEST['delid'] as $id)
1139 {
1140 $id = intval($id);
1141 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1142 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1143 $res = mysql_query($query);
1144 if(mysql_num_rows($res) <= 0)
1145 {
1146 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1147 continue;
1148 }
1149 $row = mysql_fetch_assoc($res);
1150 if($row['expired'] > 0)
1151 {
1152 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1153 continue;
1154 }
1155 mysql_query("delete from `emailcerts` where `id`='$id'");
1156 @unlink($row['csr_name']);
1157 @unlink($row['crt_name']);
1158 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1159 }
1160 }
1161 showfooter();
1162 exit;
1163 }
1164
1165 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1166 {
1167 showheader(_("My CAcert.org Account!"));
1168 foreach($_REQUEST as $id => $val)
1169 {
1170 if(substr($id,0,5)=="cert_")
1171 {
1172 $cid = intval(substr($id,5));
1173 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1174 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1175 }
1176 if(substr($id,0,14)=="check_comment_")
1177 {
1178 $cid = intval(substr($id,14));
1179 if(!empty($_REQUEST['check_comment_'.$cid])) {
1180 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1181 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1182 }
1183 }
1184 }
1185 echo(_("Certificate settings have been changed.")."<br/>\n");
1186 showfooter();
1187 exit;
1188 }
1189
1190
1191 if($oldid == 6 && $_REQUEST['certid'] != "")
1192 {
1193 if(trim($_REQUEST['description']) != ""){
1194 $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1195 }else{
1196 $description= "";
1197 }
1198
1199 if(trim($_REQUEST['disablelogin']) == "1"){
1200 $disablelogin = 1;
1201 }else{
1202 $disablelogin = 0;
1203 }
1204
1205 mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
1206 }
1207
1208 if($oldid == 13 && $process != "")
1209 {
1210 csrf_check("perschange");
1211 $_SESSION['_config']['user'] = $_SESSION['profile'];
1212
1213 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1214 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1215 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1216 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1217 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1218 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1219 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1220 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1221 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1222 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1223
1224 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1225 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1226 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1227 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1228 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1229 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1230 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1231 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1232 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1233 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1234 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1235 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1236 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1237 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1238 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1239 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1240 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1241 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1242 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1243 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1244 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1245 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1246 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1247 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1248 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1249 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1250 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1251 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1252 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1253 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1254 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1255 {
1256 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1257 $id = $oldid;
1258 $oldid=0;
1259 }
1260
1261 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1262 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1263 $_SESSION['_config']['user']['Q5'] == "")
1264 {
1265 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1266 $id = $oldid;
1267 $oldid=0;
1268 }
1269 }
1270
1271 if($oldid == 13 && $process != "")
1272 {
1273 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1274 $ddres = mysql_query($ddquery);
1275 $ddrow = mysql_fetch_assoc($ddres);
1276 $_SESSION['profile']['points'] = $ddrow['total'];
1277
1278 if($_SESSION['profile']['points'] == 0)
1279 {
1280 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1281 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1282 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1283 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1284 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1285 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1286 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1287
1288 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1289 {
1290 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1291 $id = $oldid;
1292 $oldid=0;
1293 }
1294 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1295 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1296 {
1297 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1298 $id = $oldid;
1299 $oldid=0;
1300 }
1301 }
1302 }
1303
1304 if($oldid == 13 && $process != "")
1305 {
1306 if($_SESSION['profile']['points'] == 0)
1307 {
1308 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1309 `mname`='".$_SESSION['_config']['user']['mname']."',
1310 `lname`='".$_SESSION['_config']['user']['lname']."',
1311 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1312 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1313 where `id`='".$_SESSION['profile']['id']."'";
1314 mysql_query($query);
1315 }
1316 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1317 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1318 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1319 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1320 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1321 `A1`='".$_SESSION['_config']['user']['A1']."',
1322 `A2`='".$_SESSION['_config']['user']['A2']."',
1323 `A3`='".$_SESSION['_config']['user']['A3']."',
1324 `A4`='".$_SESSION['_config']['user']['A4']."',
1325 `A5`='".$_SESSION['_config']['user']['A5']."'
1326 where `id`='".$_SESSION['profile']['id']."'";
1327 mysql_query($query);
1328
1329 //!!!Should be rewritten
1330 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1331 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1332 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1333 {
1334 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1335 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1336 mysql_query($query);
1337 }
1338
1339 $_SESSION['_config']['user']['set'] = 0;
1340 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1341 $_SESSION['profile']['loggedin'] = 1;
1342
1343 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1344 $ddres = mysql_query($ddquery);
1345 $ddrow = mysql_fetch_assoc($ddres);
1346 $_SESSION['profile']['points'] = $ddrow['total'];
1347
1348
1349 $id = 13;
1350 showheader(_("My CAcert.org Account!"));
1351 echo _("Your details have been updated with the database.");
1352 showfooter();
1353 exit;
1354 }
1355
1356 if($oldid == 14 && $process != "")
1357 {
1358 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1359 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1360 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1361
1362 $id = 14;
1363 csrf_check("pwchange");
1364
1365 showheader(_("My CAcert.org Account!"));
1366 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1367 {
1368 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1369 '</h3>', "\n";
1370 echo _("New Pass Phrases specified don't match or were blank.");
1371 } else {
1372 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1373 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1374
1375 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1376 {
1377 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1378 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1379 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1380 $rc = mysql_num_rows($match);
1381 } else {
1382 $rc = 1;
1383 }
1384
1385 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1386 echo '<h3 style="color:red">',
1387 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1388 echo _("The Pass Phrase you submitted was too short.");
1389 } else if($score < 3) {
1390 echo '<h3 style="color:red">',
1391 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1392 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1393 } else if($rc <= 0) {
1394 echo '<h3 style="color:red">',
1395 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1396 echo _("You failed to correctly enter your current Pass Phrase.");
1397 } else {
1398 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1399 where `id`='".$_SESSION['profile']['id']."'");
1400 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1401 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1402 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1403 $body .= _("You are receiving this email because you or someone else ".
1404 "has changed the password on your account.")."\n\n";
1405
1406 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1407
1408 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1409 "support@cacert.org", "", "", "CAcert Support");
1410 }
1411 }
1412 showfooter();
1413 exit;
1414 }
1415
1416 if($oldid == 16)
1417 {
1418 $id = 16;
1419 $_SESSION['_config']['emails'] = array();
1420
1421 foreach($_REQUEST['emails'] as $val)
1422 {
1423 $val = mysql_real_escape_string(stripslashes(trim($val)));
1424 $bits = explode("@", $val);
1425 $count = count($bits);
1426 if($count != 2)
1427 continue;
1428
1429 if(checkownership($bits[1]) == false)
1430 continue;
1431
1432 if(!is_array($_SESSION['_config']['row']))
1433 continue;
1434 else if($_SESSION['_config']['row']['id'] > 0)
1435 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1436
1437 if($val != "")
1438 $_SESSION['_config']['emails'][] = $val;
1439 }
1440 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1441 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1442
1443
1444 if(trim($_REQUEST['description']) != ""){
1445 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1446 }else{
1447 $_SESSION['_config']['description']= "";
1448 }
1449 }
1450
1451 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1452 {
1453 $id = 16;
1454 showheader(_("My CAcert.org Account!"));
1455 echo _("I couldn't match any emails against your organisational account.");
1456 showfooter();
1457 exit;
1458 }
1459
1460 if($oldid == 16 && $process != "")
1461 {
1462
1463 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1464 {
1465 $_REQUEST['codesign'] = 1;
1466 $_SESSION['_config']['codesign'] = 1;
1467 }
1468 else
1469 {
1470 $_REQUEST['codesign'] = 0;
1471 $_SESSION['_config']['codesign'] = 0;
1472 }
1473
1474 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1475 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1476 $_SESSION['_config']['rootcert'] = 1;
1477
1478 if(trim($_REQUEST['description']) != ""){
1479 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1480 }else{
1481 $_SESSION['_config']['description']= "";
1482 }
1483
1484 if(@count($_SESSION['_config']['emails']) > 0)
1485 $id = 17;
1486 }
1487
1488 if($oldid == 17)
1489 {
1490 $org = $_SESSION['_config']['row'];
1491 if($_REQUEST['keytype'] == "NS")
1492 {
1493 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1494
1495 if($spkac == "" || strlen($spkac) < 128)
1496 {
1497 $id = 17;
1498 showheader(_("My CAcert.org Account!"));
1499 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1500 showfooter();
1501 exit;
1502 }
1503
1504 $count = 0;
1505 $emails = "";
1506 $addys = array();
1507 if(is_array($_SESSION['_config']['emails']))
1508 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1509 {
1510 if(!$emails)
1511 $defaultemail = $_REQUEST['email'];
1512 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1513 $count++;
1514 }
1515 if($_SESSION['_config']['name'] != "")
1516 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1517 if($_SESSION['_config']['OU'])
1518 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1519 if($org['O'])
1520 $emails .= "organizationName = ".$org['O']."\n";
1521 if($org['L'])
1522 $emails .= "localityName = ".$org['L']."\n";
1523 if($org['ST'])
1524 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1525 if($org['C'])
1526 $emails .= "countryName = ".$org['C']."\n";
1527 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1528 $_SESSION['_config']['rootcert'] = 1;
1529
1530
1531 $emails .= "SPKAC = $spkac";
1532 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1533 {
1534 $id = 17;
1535 showheader(_("My CAcert.org Account!"));
1536 echo $weakKey;
1537 showfooter();
1538 exit;
1539 }
1540
1541 $query = "insert into `orgemailcerts` set
1542 `CN`='$defaultemail',
1543 `keytype`='NS',
1544 `orgid`='".$org['orgid']."',
1545 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1546 `codesign`='".$_SESSION['_config']['codesign']."',
1547 `rootcert`='".$_SESSION['_config']['rootcert']."',
1548 `description`='".$_SESSION['_config']['description']."'";
1549 mysql_query($query);
1550 $emailid = mysql_insert_id();
1551
1552 foreach($_SESSION['_config']['domids'] as $addy)
1553 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1554
1555 $CSRname=generatecertpath("csr","orgclient",$emailid);
1556 $fp = fopen($CSRname, "w");
1557 fputs($fp, $emails);
1558 fclose($fp);
1559 $challenge=$_SESSION['spkac_hash'];
1560 $res=`openssl spkac -verify -in $CSRname`;
1561 if(!strstr($res,"Challenge String: ".$challenge))
1562 {
1563 $id = $oldid;
1564 showheader(_("My CAcert.org Account!"));
1565 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1566 showfooter();
1567 exit;
1568 }
1569 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1570 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1571 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1572
1573 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1574 {
1575 $id = 17;
1576 showheader(_("My CAcert.org Account!"));
1577 echo $weakKey;
1578 showfooter();
1579 exit;
1580 }
1581
1582 $tmpfname = tempnam("/tmp", "id17CSR");
1583 $fp = fopen($tmpfname, "w");
1584 fputs($fp, $csr);
1585 fclose($fp);
1586
1587 $addys = array();
1588 $defaultemail = "";
1589 $csrsubject="";
1590
1591 if($_SESSION['_config']['name'] != "")
1592 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1593 if(is_array($_SESSION['_config']['emails']))
1594 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1595 {
1596 if($defaultemail == "")
1597 $defaultemail = $_REQUEST['email'];
1598 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1599 }
1600 if($_SESSION['_config']['OU'])
1601 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1602 if($org['O'])
1603 $csrsubject .= "/organizationName=".$org['O'];
1604 if($org['L'])
1605 $csrsubject .= "/localityName=".$org['L'];
1606 if($org['ST'])
1607 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1608 if($org['C'])
1609 $csrsubject .= "/countryName=".$org['C'];
1610
1611 $tmpname = tempnam("/tmp", "id17csr");
1612 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1613 @unlink($tmpfname);
1614 $csr = "";
1615 $fp = fopen($tmpname, "r");
1616 while($data = fgets($fp, 4096))
1617 $csr .= $data;
1618 fclose($fp);
1619 @unlink($tmpname);
1620
1621 if($csr == "")
1622 {
1623 showheader(_("My CAcert.org Account!"));
1624 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1625 showfooter();
1626 exit;
1627 }
1628 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1629 $_SESSION['_config']['rootcert'] = 1;
1630
1631 $query = "insert into `orgemailcerts` set
1632 `CN`='$defaultemail',
1633 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1634 `orgid`='".$org['orgid']."',
1635 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1636 `subject`='$csrsubject',
1637 `codesign`='".$_SESSION['_config']['codesign']."',
1638 `rootcert`='".$_SESSION['_config']['rootcert']."',
1639 `description`='".$_SESSION['_config']['description']."'";
1640 mysql_query($query);
1641 $emailid = mysql_insert_id();
1642
1643 foreach($_SESSION['_config']['domids'] as $addy)
1644 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1645
1646 $CSRname=generatecertpath("csr","orgclient",$emailid);
1647 $fp = fopen($CSRname, "w");
1648 fputs($fp, $csr);
1649 fclose($fp);
1650 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1651 }
1652 waitForResult("orgemailcerts", $emailid,$oldid);
1653 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1654 $res = mysql_query($query);
1655 if(mysql_num_rows($res) <= 0)
1656 {
1657 showheader(_("My CAcert.org Account!"));
1658 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1659 showfooter();
1660 exit;
1661 } else {
1662 $id = 19;
1663 $cert = $emailid;
1664 $_REQUEST['cert']=$emailid;
1665 }
1666 }
1667
1668 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1669 {
1670 csrf_check('clicerchange');
1671 showheader(_("My CAcert.org Account!"));
1672 if(is_array($_REQUEST['revokeid']))
1673 {
1674 $id = 18;
1675 echo _("Now renewing the following certificates:")."<br>\n";
1676 foreach($_REQUEST['revokeid'] as $id)
1677 {
1678 echo "Renewing certificate #$id ...\n<br/>";
1679 $id = intval($id);
1680 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1681 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1682 `org`.`orgid`=`orgemailcerts`.`orgid`";
1683 $res = mysql_query($query);
1684 if(mysql_num_rows($res) <= 0)
1685 {
1686 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1687 continue;
1688 }
1689
1690 $row = mysql_fetch_assoc($res);
1691
1692 if (($weakKey = checkWeakKeyX509(file_get_contents(
1693 $row['crt_name']))) !== "")
1694 {
1695 echo $weakKey, "<br/>\n";
1696 continue;
1697 }
1698
1699 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1700 if($row['revoke'] > 0)
1701 {
1702 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1703 continue;
1704 }
1705 $query = "insert into `orgemailcerts` set
1706 `orgid`='".$row['orgid']."',
1707 `CN`='".$row['CN']."',
1708 `subject`='".$row['subject']."',
1709 `keytype`='".$row['keytype']."',
1710 `csr_name`='".$row['csr_name']."',
1711 `created`='".$row['created']."',
1712 `modified`=NOW(),
1713 `codesign`='".$row['codesign']."',
1714 `rootcert`='".$row['rootcert']."',
1715 `description`='".$row['description']."'";
1716 mysql_query($query);
1717 $newid = mysql_insert_id();
1718 $newfile=generatecertpath("csr","orgclient",$newid);
1719 copy($row['csr_name'], $newfile);
1720 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1721 waitForResult("orgemailcerts", $newid,$oldid,0);
1722 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1723 $res = mysql_query($query);
1724 if(mysql_num_rows($res) > 0)
1725 {
1726 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1727 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1728 _("Click here")."</a> "._("to install your certificate.");
1729 }
1730 echo("<br/>");
1731 }
1732 }
1733 else
1734 {
1735 echo _("You did not select any certificates for renewal.");
1736 }
1737 showfooter();
1738 exit;
1739 }
1740
1741 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1742 {
1743 csrf_check('clicerchange');
1744 $id = 18;
1745 showheader(_("My CAcert.org Account!"));
1746 if(is_array($_REQUEST['revokeid']))
1747 {
1748 echo _("Now revoking the following certificates:")."<br>\n";
1749 foreach($_REQUEST['revokeid'] as $id)
1750 {
1751 $id = intval($id);
1752 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1753 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1754 `org`.`orgid`=`orgemailcerts`.`orgid`";
1755 $res = mysql_query($query);
1756 if(mysql_num_rows($res) <= 0)
1757 {
1758 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1759 continue;
1760 }
1761 $row = mysql_fetch_assoc($res);
1762 if($row['revoke'] > 0)
1763 {
1764 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1765 continue;
1766 }
1767 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1768 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1769 }
1770 }
1771 else
1772 {
1773 echo _("You did not select any certificates for revocation.");
1774 }
1775
1776 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1777 {
1778 echo _("Now deleting the following pending requests:")."<br>\n";
1779 foreach($_REQUEST['delid'] as $id)
1780 {
1781 $id = intval($id);
1782 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1783 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1784 `org`.`orgid`=`orgemailcerts`.`orgid`";
1785 $res = mysql_query($query);
1786 if(mysql_num_rows($res) <= 0)
1787 {
1788 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1789 continue;
1790 }
1791 $row = mysql_fetch_assoc($res);
1792 if($row['expired'] > 0)
1793 {
1794 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1795 continue;
1796 }
1797 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1798 @unlink($row['csr_name']);
1799 @unlink($row['crt_name']);
1800 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1801 }
1802 }
1803 showfooter();
1804 exit;
1805 }
1806
1807 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1808 {
1809 showheader(_("My CAcert.org Account!"));
1810 foreach($_REQUEST as $id => $val)
1811 {
1812 if(substr($id,0,14)=="check_comment_")
1813 {
1814 $cid = intval(substr($id,14));
1815 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1816 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1817 }
1818 }
1819 echo(_("Certificate settings have been changed.")."<br/>\n");
1820 showfooter();
1821 exit;
1822 }
1823
1824
1825 if($process != "" && $oldid == 20)
1826 {
1827 $CSR = clean_csr($_REQUEST['CSR']);
1828
1829 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1830 {
1831 $id = 20;
1832 showheader(_("My CAcert.org Account!"));
1833 echo $weakKey;
1834 showfooter();
1835 exit;
1836 }
1837
1838 if(trim($_REQUEST['description']) != ""){
1839 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1840 }else{
1841 $_SESSION['_config']['description']= "";
1842 }
1843
1844 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1845 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1846 fputs($fp, $CSR);
1847 fclose($fp);
1848 $CSR = $_SESSION['_config']['tmpfname'];
1849 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1850 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1851 foreach($bits as $val)
1852 {
1853 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1854 }
1855 $id = 21;
1856
1857 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1858 extractit();
1859 getcn2();
1860 getalt2();
1861
1862 $query = "select * from `orginfo`,`org`,`orgdomains` where
1863 `org`.`memid`='".$_SESSION['profile']['id']."' and
1864 `org`.`orgid`=`orginfo`.`id` and
1865 `org`.`orgid`=`orgdomains`.`orgid` and
1866 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1867 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1868 $query = "select * from `orginfo`,`org`,`orgdomains` where
1869 `org`.`memid`='".$_SESSION['profile']['id']."' and
1870 `org`.`orgid`=`orginfo`.`id` and
1871 `org`.`orgid`=`orgdomains`.`orgid` and
1872 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1873 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1874 //echo "<pre>"; print_r($_SESSION['_config']); die;
1875
1876 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1877 {
1878 $id = 20;
1879 showheader(_("My CAcert.org Account!"));
1880 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1881 showfooter();
1882 exit;
1883 }
1884
1885 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1886 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1887 $_SESSION['_config']['rootcert'] = 1;
1888 }
1889
1890 if($process != "" && $oldid == 21)
1891 {
1892 $id = 21;
1893
1894 if(!file_exists($_SESSION['_config']['tmpfname']))
1895 {
1896 showheader(_("My CAcert.org Account!"));
1897 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1898 showfooter();
1899 exit;
1900 }
1901
1902 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1903 $_SESSION['_config']['tmpfname']))) !== "")
1904 {
1905 showheader(_("My CAcert.org Account!"));
1906 echo $weakKey;
1907 showfooter();
1908 exit;
1909 }
1910
1911 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1912 {
1913 showheader(_("My CAcert.org Account!"));
1914 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1915 showfooter();
1916 exit;
1917 }
1918
1919 if($_SESSION['_config']['rowid']['0'] > 0)
1920 {
1921 $query = "select * from `org`,`orginfo` where
1922 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1923 `orginfo`.`id`=`org`.`orgid` and
1924 `org`.`memid`='".$_SESSION['profile']['id']."'";
1925 } else {
1926 $query = "select * from `org`,`orginfo` where
1927 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1928 `orginfo`.`id`=`org`.`orgid` and
1929 `org`.`memid`='".$_SESSION['profile']['id']."'";
1930 }
1931 $org = mysql_fetch_assoc(mysql_query($query));
1932 $csrsubject = "";
1933
1934 if($_SESSION['_config']['OU'])
1935 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1936 if($org['O'])
1937 $csrsubject .= "/organizationName=".$org['O'];
1938 if($org['L'])
1939 $csrsubject .= "/localityName=".$org['L'];
1940 if($org['ST'])
1941 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1942 if($org['C'])
1943 $csrsubject .= "/countryName=".$org['C'];
1944 //if($org['contact'])
1945 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1946
1947 if(is_array($_SESSION['_config']['rows']))
1948 foreach($_SESSION['_config']['rows'] as $row)
1949 $csrsubject .= "/commonName=$row";
1950 $SAN="";
1951 if(is_array($_SESSION['_config']['altrows']))
1952 foreach($_SESSION['_config']['altrows'] as $subalt)
1953 {
1954 if($SAN != "")
1955 $SAN .= ",";
1956 $SAN .= "$subalt";
1957 }
1958
1959 if($SAN != "")
1960 $csrsubject .= "/subjectAltName=".$SAN;
1961
1962 $type="";
1963 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1964 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1965 $_SESSION['_config']['rootcert'] = 1;
1966
1967 if($_SESSION['_config']['rowid']['0'] > 0)
1968 {
1969 $query = "insert into `orgdomaincerts` set
1970 `CN`='".$_SESSION['_config']['rows']['0']."',
1971 `orgid`='".$org['id']."',
1972 `created`=NOW(),
1973 `subject`='$csrsubject',
1974 `rootcert`='".$_SESSION['_config']['rootcert']."',
1975 `type`='$type',
1976 `description`='".$_SESSION['_config']['description']."'";
1977 } else {
1978 $query = "insert into `orgdomaincerts` set
1979 `CN`='".$_SESSION['_config']['altrows']['0']."',
1980 `orgid`='".$org['id']."',
1981 `created`=NOW(),
1982 `subject`='$csrsubject',
1983 `rootcert`='".$_SESSION['_config']['rootcert']."',
1984 `type`='$type',
1985 `description`='".$_SESSION['_config']['description']."'";
1986 }
1987 mysql_query($query);
1988 $CSRid = mysql_insert_id();
1989
1990 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1991 rename($_SESSION['_config']['tmpfname'], $CSRname);
1992 chmod($CSRname,0644);
1993 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1994 if(is_array($_SESSION['_config']['rowid']))
1995 foreach($_SESSION['_config']['rowid'] as $id)
1996 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
1997 if(is_array($_SESSION['_config']['altid']))
1998 foreach($_SESSION['_config']['altid'] as $id)
1999 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2000 waitForResult("orgdomaincerts", $CSRid,$oldid);
2001 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2002 $res = mysql_query($query);
2003 if(mysql_num_rows($res) <= 0)
2004 {
2005 showheader(_("My CAcert.org Account!"));
2006 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2007 showfooter();
2008 exit;
2009 } else {
2010 $id = 23;
2011 $cert = $CSRid;
2012 $_REQUEST['cert']=$CSRid;
2013 }
2014 }
2015
2016 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2017 {
2018 csrf_check('orgsrvcerchange');
2019 showheader(_("My CAcert.org Account!"));
2020 if(is_array($_REQUEST['revokeid']))
2021 {
2022 echo _("Now renewing the following certificates:")."<br>\n";
2023 foreach($_REQUEST['revokeid'] as $id)
2024 {
2025 $id = intval($id);
2026 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2027 `orgdomaincerts`,`org`
2028 where `orgdomaincerts`.`id`='$id' and
2029 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2030 `org`.`memid`='".$_SESSION['profile']['id']."'";
2031 $res = mysql_query($query);
2032 if(mysql_num_rows($res) <= 0)
2033 {
2034 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2035 continue;
2036 }
2037
2038 $row = mysql_fetch_assoc($res);
2039
2040 if (($weakKey = checkWeakKeyX509(file_get_contents(
2041 $row['crt_name']))) !== "")
2042 {
2043 echo $weakKey, "<br/>\n";
2044 continue;
2045 }
2046
2047 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2048 if($row['revoke'] > 0)
2049 {
2050 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2051 continue;
2052 }
2053 $query = "insert into `orgdomaincerts` set
2054 `orgid`='".$row['orgid']."',
2055 `CN`='".$row['CN']."',
2056 `csr_name`='".$row['csr_name']."',
2057 `created`='".$row['created']."',
2058 `modified`=NOW(),
2059 `subject`='".$row['subject']."',
2060 `type`='".$row['type']."',
2061 `rootcert`='".$row['rootcert']."',
2062 `description`='".$row['description']."'";
2063 mysql_query($query);
2064 $newid = mysql_insert_id();
2065 //echo "NewID: $newid<br/>\n";
2066 $newfile=generatecertpath("csr","orgserver",$newid);
2067 copy($row['csr_name'], $newfile);
2068 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2069 echo _("Renewing").": ".$row['CN']."<br>\n";
2070 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2071 while($r2 = mysql_fetch_assoc($res))
2072 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2073 waitForResult("orgdomaincerts", $newid,$oldid,0);
2074 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2075 $res = mysql_query($query);
2076 if(mysql_num_rows($res) <= 0)
2077 {
2078 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2079 } else {
2080 $drow = mysql_fetch_assoc($res);
2081 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2082 echo "<pre>\n$cert\n</pre>\n";
2083 }
2084 }
2085 }
2086 else
2087 {
2088 echo _("You did not select any certificates for renewal.");
2089 }
2090 showfooter();
2091 exit;
2092 }
2093
2094 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2095 {
2096 csrf_check('orgsrvcerchange');
2097 showheader(_("My CAcert.org Account!"));
2098 if(is_array($_REQUEST['revokeid']))
2099 {
2100 echo _("Now revoking the following certificates:")."<br>\n";
2101 foreach($_REQUEST['revokeid'] as $id)
2102 {
2103 $id = intval($id);
2104 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2105 `orgdomaincerts`,`org`
2106 where `orgdomaincerts`.`id`='$id' and
2107 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2108 `org`.`memid`='".$_SESSION['profile']['id']."'";
2109 $res = mysql_query($query);
2110 if(mysql_num_rows($res) <= 0)
2111 {
2112 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2113 continue;
2114 }
2115 $row = mysql_fetch_assoc($res);
2116 if($row['revoke'] > 0)
2117 {
2118 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2119 continue;
2120 }
2121 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2122 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2123 }
2124 }
2125 else
2126 {
2127 echo _("You did not select any certificates for revocation.");
2128 }
2129
2130 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2131 {
2132 echo _("Now deleting the following pending requests:")."<br>\n";
2133 foreach($_REQUEST['delid'] as $id)
2134 {
2135 $id = intval($id);
2136 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2137 `orgdomaincerts`,`org`
2138 where `orgdomaincerts`.`id`='$id' and
2139 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2140 `org`.`memid`='".$_SESSION['profile']['id']."'";
2141 $res = mysql_query($query);
2142 if(mysql_num_rows($res) <= 0)
2143 {
2144 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2145 continue;
2146 }
2147 $row = mysql_fetch_assoc($res);
2148 if($row['expired'] > 0)
2149 {
2150 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2151 continue;
2152 }
2153 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2154 @unlink($row['csr_name']);
2155 @unlink($row['crt_name']);
2156 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2157 }
2158 }
2159 showfooter();
2160 exit;
2161 }
2162
2163 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2164 {
2165 showheader(_("My CAcert.org Account!"));
2166 foreach($_REQUEST as $id => $val)
2167 {
2168 if(substr($id,0,14)=="check_comment_")
2169 {
2170 $cid = intval(substr($id,14));
2171 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2172 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2173 }
2174 }
2175 echo(_("Certificate settings have been changed.")."<br/>\n");
2176 showfooter();
2177 exit;
2178 }
2179
2180
2181 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2182 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2183 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2184 $_SESSION['profile']['orgadmin'] != 1)
2185 {
2186 showheader(_("My CAcert.org Account!"));
2187 echo _("You don't have access to this area.");
2188 showfooter();
2189 exit;
2190 }
2191
2192 if($oldid == 24 && $process != "")
2193 {
2194 $id = intval($oldid);
2195 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2196 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2197 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2198 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2199 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2200 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2201
2202 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2203 {
2204 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2205 } else {
2206 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2207 `contact`='".$_SESSION['_config']['contact']."',
2208 `L`='".$_SESSION['_config']['L']."',
2209 `ST`='".$_SESSION['_config']['ST']."',
2210 `C`='".$_SESSION['_config']['C']."',
2211 `comments`='".$_SESSION['_config']['comments']."'");
2212 showheader(_("My CAcert.org Account!"));
2213 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2214 showfooter();
2215 exit;
2216 }
2217 }
2218
2219 if($oldid == 27 && $process != "")
2220 {
2221 csrf_check('orgdetchange');
2222 $id = intval($oldid);
2223 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2224 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2225 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2226 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2227 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2228 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2229
2230 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2231 {
2232 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2233 } else {
2234 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2235 `contact`='".$_SESSION['_config']['contact']."',
2236 `L`='".$_SESSION['_config']['L']."',
2237 `ST`='".$_SESSION['_config']['ST']."',
2238 `C`='".$_SESSION['_config']['C']."',
2239 `comments`='".$_SESSION['_config']['comments']."'
2240 where `id`='".$_SESSION['_config']['orgid']."'");
2241 showheader(_("My CAcert.org Account!"));
2242 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2243 showfooter();
2244 exit;
2245 }
2246 }
2247
2248 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2249 {
2250 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2251 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2252 if(mysql_num_rows($res1) > 0)
2253 {
2254 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2255 $id = $oldid;
2256 $oldid=0;
2257 }
2258 }
2259
2260 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2261 {
2262 $oldid=0;
2263 $id = 25;
2264 }
2265
2266 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2267 {
2268 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2269 showheader(_("My CAcert.org Account!"));
2270 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2271 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2272 showfooter();
2273 exit;
2274 }
2275
2276 if($oldid == 29 && $process != "")
2277 {
2278 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2279
2280 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2281 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2282 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2283 {
2284 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2285 $id = $oldid;
2286 $oldid=0;
2287 }
2288 }
2289
2290 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2291 {
2292 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2293 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2294 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2295 `orgdomains`.`id`='".intval($domid)."'";
2296 $res = mysql_query($query);
2297 while($row = mysql_fetch_assoc($res))
2298 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2299
2300 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2301 `orgemaillink`.`domid`=`orgdomains`.`id` and
2302 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2303 `orgdomains`.`id`='".intval($domid)."'";
2304 $res = mysql_query($query);
2305 while($row = mysql_fetch_assoc($res))
2306 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2307 }
2308
2309 if($oldid == 29 && $process != "")
2310 {
2311 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2312 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2313 showheader(_("My CAcert.org Account!"));
2314 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));