Merge branch 'bug-1389' into testserver-stable
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 /**
26 * Build a subject string as needed by the signer
27 *
28 * @param array(string) $domains
29 * First domain is used as CN and repeated in subjectAltName. Duplicates
30 * should already been removed
31 *
32 * @param bool $include_xmpp_addr
33 * [default: true] Whether to include the XmppAddr in the subjectAltName.
34 * This is needed if the Jabber server is jabber.example.com but a Jabber ID
35 * on that server would be alice@example.com
36 *
37 * @return string
38 */
39 function buildSubject(array $domains, $include_xmpp_addr = true) {
40 $subject = "/CN=${domains[0]}";
41
42 foreach ($domains as $domain) {
43 $subject .= "/subjectAltName=DNS:$domain";
44
45 if ($include_xmpp_addr) {
46 $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$domain";
47 }
48 }
49
50 return $subject;
51 }
52
53 /**
54 * Builds the subject string from the session variables
55 * $_SESSION['_config']['rows'] and $_SESSION['_config']['altrows']
56 *
57 * @return string
58 */
59 function buildSubjectFromSession() {
60 $domains = array();
61
62 if (is_array($_SESSION['_config']['rows'])) {
63 $domains = array_merge($domains, $_SESSION['_config']['rows']);
64 }
65
66 if (is_array($_SESSION['_config']['altrows']))
67 foreach ($_SESSION['_config']['altrows'] as $row) {
68 if (substr($row, 0, 4) === "DNS:") {
69 $domains[] = substr($row, 4);
70 }
71 }
72
73 return buildSubject(array_unique($domains));
74 }
75
76 $id = array_key_exists("id",$_REQUEST) ? intval($_REQUEST['id']) : 0;
77 $oldid = array_key_exists("oldid",$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
78 $process = array_key_exists("process",$_REQUEST) ? $_REQUEST['process'] : "";
79 // $showdetalis refers to Secret Question and Answers from account/13.php
80 $showdetails = array_key_exists("showdetails",$_REQUEST) ? intval($_REQUEST['showdetails']) : 0;
81
82 $cert = array_key_exists('cert',$_REQUEST) ? intval($_REQUEST['cert']) : 0;
83 $orgid = array_key_exists('orgid',$_REQUEST) ? intval($_REQUEST['orgid']) : 0;
84 $memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
85 $domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
86
87 $actionrequest = array_key_exists('action',$_REQUEST) ? $_REQUEST['action'] : "";
88
89 $ticketno = array_key_exists('ticketno',$_REQUEST) ? $_REQUEST['ticketno'] : "";
90 $ticketvalidation = FALSE;
91
92
93 if(!$_SESSION['mconn'])
94 {
95 echo _("Several CAcert Services are currently unavailable. Please try again later.");
96 exit;
97 }
98
99 if ($process == _("Cancel"))
100 {
101 // General reset CANCEL process requests
102 $process = "";
103 }
104
105
106 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
107 {
108 $id = 1;
109 $oldid=0;
110 }
111
112 if($process != "" && $oldid == 1)
113 {
114 $id = 1;
115 csrf_check('addemail');
116 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
117 {
118 showheader(_("My CAcert.org Account!"));
119 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
120 showfooter();
121 exit;
122 }
123 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
124 {
125 showheader(_("My CAcert.org Account!"));
126 printf(_("Not a valid email address. Can't continue."));
127 showfooter();
128 exit;
129 }
130 $oldid=0;
131 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
132 if(check_email_exists($_REQUEST['email'])==true)
133 {
134 showheader(_("My CAcert.org Account!"));
135 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
136 showfooter();
137 exit;
138 }
139 $checkemail = checkEmail($_REQUEST['newemail']);
140 if($checkemail != "OK")
141 {
142 showheader(_("My CAcert.org Account!"));
143 if (substr($checkemail, 0, 1) == "4")
144 {
145 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
146 } else {
147 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
148 }
149 echo "<p>$checkemail</p>\n";
150 showfooter();
151 exit;
152 }
153 $hash = make_hash();
154 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
155 mysql_query($query);
156 $emailid = mysql_insert_id();
157
158 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
159 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
160 $body .= _("Best regards")."\n"._("CAcert.org Support!");
161
162 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
163
164 showheader(_("My CAcert.org Account!"));
165 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
166 showfooter();
167 exit;
168 }
169
170 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
171 {
172 $id = 2;
173 $emailid = intval($_REQUEST['emailid']);
174 $query = "select * from `email` where `id`='$emailid' and `memid`='".intval($_SESSION['profile']['id'])."' and `hash` = '' and `deleted`=0";
175 $res = mysql_query($query);
176 if(mysql_num_rows($res) <= 0)
177 {
178 showheader(_("Error!"));
179 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
180 showfooter();
181 exit;
182 }
183 $row = mysql_fetch_assoc($res);
184 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
185 $body .= _("You are receiving this email because you or someone else ".
186 "has changed the default email on your account.")."\n\n";
187
188 $body .= _("Best regards")."\n"._("CAcert.org Support!");
189
190 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
191 "support@cacert.org", "", "", "CAcert Support");
192
193 $_SESSION['profile']['email'] = $row['email'];
194 $query = "update `users` set `email`='".mysql_real_escape_string($row['email'])."' where `id`='".intval($_SESSION['profile']['id'])."'";
195 mysql_query($query);
196 showheader(_("My CAcert.org Account!"));
197 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
198 showfooter();
199 exit;
200 }
201
202 if($process != "" && $oldid == 2)
203 {
204 $id = 2;
205 csrf_check("chgdef");
206 showheader(_("My CAcert.org Account!"));
207 $delcount = 0;
208 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
209 {
210 $deltitle=false;
211 foreach($_REQUEST['delid'] as $id)
212 {
213 if (!$deltitle) {
214 echo _('The following email addresses have been removed:')."<br>\n";
215 $deltitle=true;
216 }
217 $id = intval($id);
218 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
219 `email`!='".mysql_real_escape_string($_SESSION['profile']['email'])."'";
220 $res = mysql_query($query);
221 if(mysql_num_rows($res) > 0)
222 {
223 $row = mysql_fetch_assoc($res);
224 echo $row['email']."<br>\n";
225 account_email_delete($row['id']);
226 $delcount++;
227 }
228 }
229 }
230 else
231 {
232 echo _("You did not select any email accounts for removal.");
233 }
234 if(0 == $delcount)
235 {
236 echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
237 }
238
239 showfooter();
240 exit;
241 }
242
243 if($process != "" && $oldid == 3)
244 {
245 if(!array_key_exists('CCA',$_REQUEST))
246 {
247 showheader(_("My CAcert.org Account!"));
248 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
249 showfooter();
250 exit;
251 }
252
253 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
254 {
255 showheader(_("My CAcert.org Account!"));
256 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
257 showfooter();
258 exit;
259 }
260
261 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
262
263 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
264 if($_SESSION['profile']['points'] >= 50)
265 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
266 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
267 {
268 $_REQUEST['codesign'] = 0;
269 }
270 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
271 {
272 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
273 $_SESSION['_config']['incname'] = 1;
274 }
275 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
276 $_SESSION['_config']['codesign'] = 1;
277 else
278 $_SESSION['_config']['codesign'] = 0;
279
280 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
281 $_SESSION['_config']['disablelogin'] = 0;
282 else
283 $_SESSION['_config']['disablelogin'] = 1;
284
285 $_SESSION['_config']['rootcert'] = 1;
286 if($_SESSION['profile']['points'] >= 50)
287 {
288 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
289 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
290 $_SESSION['_config']['rootcert'] = 1;
291 }
292
293 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
294
295 $csr = "";
296 if(trim($_REQUEST['optionalCSR']) == "")
297 {
298 $id = 4;
299 } else {
300 $oldid = 4;
301 $_REQUEST['keytype'] = "MS";
302 $csr = clean_csr($_REQUEST['optionalCSR']);
303 }
304
305 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
306 }
307
308 if($oldid == 4)
309 {
310 if($_REQUEST['keytype'] == "NS")
311 {
312 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
313
314 if($spkac=="" || $spkac == "deadbeef")
315 {
316 $id = 4;
317 showheader(_("My CAcert.org Account!"));
318 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
319 showfooter();
320 exit;
321 }
322 $count = 0;
323 $emails = "";
324 $addys = array();
325 $defaultemail="";
326 if(is_array($_SESSION['_config']['addid']))
327 foreach($_SESSION['_config']['addid'] as $id)
328 {
329 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
330 if(mysql_num_rows($res) > 0)
331 {
332 $row = mysql_fetch_assoc($res);
333 if(!$emails)
334 $defaultemail = $row['email'];
335 $emails .= "$count.emailAddress = ".$row['email']."\n";
336 $count++;
337 $addys[] = intval($row['id']);
338 }
339 }
340 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
341 {
342 $id = 4;
343 showheader(_("My CAcert.org Account!"));
344 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
345 showfooter();
346 exit;
347 }
348 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
349 if($_SESSION['_config']['SSO'] == 1)
350 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
351
352 if(strlen($user['mname']) == 1)
353 $user['mname'] .= '.';
354 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
355 {
356 $emails .= "commonName = CAcert WoT User\n";
357 }
358 else
359 {
360 if($_SESSION['_config']['incname'] == 1)
361 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
362 if($_SESSION['_config']['incname'] == 2)
363 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
364 if($_SESSION['_config']['incname'] == 3)
365 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
366 if($_SESSION['_config']['incname'] == 4)
367 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
368 }
369 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
370 $_SESSION['_config']['rootcert'] = 1;
371
372 $emails .= "SPKAC = $spkac";
373 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
374 {
375 $id = 4;
376 showheader(_("My CAcert.org Account!"));
377 echo $weakKey;
378 showfooter();
379 exit;
380 }
381
382 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
383
384 $query = "insert into emailcerts set
385 `CN`='$defaultemail',
386 `keytype`='NS',
387 `memid`='".intval($_SESSION['profile']['id'])."',
388 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
389 `codesign`='".intval($_SESSION['_config']['codesign'])."',
390 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
391 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
392 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
393 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
394 mysql_query($query);
395 $emailid = mysql_insert_id();
396 if(is_array($addys))
397 foreach($addys as $addy)
398 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
399 $CSRname=generatecertpath("csr","client",$emailid);
400 $fp = fopen($CSRname, "w");
401 fputs($fp, $emails);
402 fclose($fp);
403 $challenge=$_SESSION['spkac_hash'];
404 $CSRname_esc = escapeshellarg($CSRname);
405 $res=shell_exec("openssl spkac -verify -in $CSRname_esc");
406 if(!strstr($res,"Challenge String: ".$challenge))
407 {
408 $id = $oldid;
409 showheader(_("My CAcert.org Account!"));
410 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
411 showfooter();
412 exit;
413 }
414 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
415 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
416 if($csr == "")
417 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
418
419 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
420 {
421 $id = 4;
422 showheader(_("My CAcert.org Account!"));
423 echo $weakKey;
424 showfooter();
425 exit;
426 }
427
428 $tmpfname = tempnam("/tmp", "id4CSR");
429 $fp = fopen($tmpfname, "w");
430 fputs($fp, $csr);
431 fclose($fp);
432
433 $addys = array();
434 $defaultemail = "";
435 $csrsubject="";
436
437 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
438 if(strlen($user['mname']) == 1)
439 $user['mname'] .= '.';
440 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
441 $csrsubject = "/CN=CAcert WoT User";
442 if($_SESSION['_config']['incname'] == 1)
443 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
444 if($_SESSION['_config']['incname'] == 2)
445 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
446 if($_SESSION['_config']['incname'] == 3)
447 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
448 if($_SESSION['_config']['incname'] == 4)
449 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
450 if(is_array($_SESSION['_config']['addid']))
451 foreach($_SESSION['_config']['addid'] as $id)
452 {
453 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
454 if(mysql_num_rows($res) > 0)
455 {
456 $row = mysql_fetch_assoc($res);
457 if($defaultemail == "")
458 $defaultemail = $row['email'];
459 $csrsubject .= "/emailAddress=".$row['email'];
460 $addys[] = $row['id'];
461 }
462 }
463 if($_SESSION['_config']['SSO'] == 1)
464 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
465
466 $tmpname = tempnam("/tmp", "id4csr");
467 $tmpfname_esc = escapeshellarg($tmpfname);
468 $tmpname_esc = escapeshellarg($tmpname);
469 $do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc"); // -subj "$csr";
470 @unlink($tmpfname);
471 $csr = "";
472 $fp = fopen($tmpname, "r");
473 while($data = fgets($fp, 4096))
474 $csr .= $data;
475 fclose($fp);
476 @unlink($tmpname);
477 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
478 $_SESSION['_config']['rootcert'] = 1;
479
480 if($csr == "")
481 {
482 $id = 4;
483 showheader(_("My CAcert.org Account!"));
484 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
485 showfooter();
486 exit;
487 }
488 $query = "insert into emailcerts set
489 `CN`='$defaultemail',
490 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
491 `memid`='".intval($_SESSION['profile']['id'])."',
492 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
493 `subject`='".mysql_real_escape_string($csrsubject)."',
494 `codesign`='".intval($_SESSION['_config']['codesign'])."',
495 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
496 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
497 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
498 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
499 mysql_query($query);
500 $emailid = mysql_insert_id();
501 if(is_array($addys))
502 foreach($addys as $addy)
503 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
504 $CSRname=generatecertpath("csr","client",$emailid);
505 $fp = fopen($CSRname, "w");
506 fputs($fp, $csr);
507 fclose($fp);
508 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
509 }
510 waitForResult("emailcerts", $emailid, 4);
511 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
512 $res = mysql_query($query);
513 if(mysql_num_rows($res) <= 0)
514 {
515 $id = 4;
516 showheader(_("My CAcert.org Account!"));
517 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
518 showfooter();
519 exit;
520 } else {
521 $id = 6;
522 $cert = $emailid;
523 $_REQUEST['cert']=$emailid;
524 }
525 }
526
527 if($oldid == 7)
528 {
529 csrf_check("adddomain");
530 if(strstr($_REQUEST['newdomain'],"\x00"))
531 {
532 showheader(_("My CAcert.org Account!"));
533 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
534 showfooter();
535 exit;
536 }
537
538 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
539 while($newdomain['0'] == '-')
540 $newdomain = substr($newdomain, 1);
541 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
542 {
543 showheader(_("My CAcert.org Account!"));
544 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
545 showfooter();
546 exit;
547 }
548
549 $newdom = trim(escapeshellarg($newdomain));
550 $newdomain = mysql_real_escape_string(trim($newdomain));
551
552 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
553 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
554 $res2 = mysql_query($query);
555 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
556 {
557 $oldid=0;
558 $id = 7;
559 showheader(_("My CAcert.org Account!"));
560 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
561 showfooter();
562 exit;
563 }
564 }
565
566 if($oldid == 7)
567 {
568 $oldid=0;
569 $id = 8;
570 $addy = array();
571 $adds = array();
572 if(strtolower(substr($newdom, -4, 3)) != ".jp")
573 $adds = explode("\n", trim(shell_exec("/usr/bin/whois $newdom|grep \"@\"")));
574 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
575 {
576 if(is_array($adds))
577 foreach($adds as $line)
578 {
579 $bits = explode(":", $line, 2);
580 $line = trim($bits[1]);
581 if(!in_array($line, $addy) && $line != "")
582 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
583 }
584 } else {
585 if(is_array($adds))
586 foreach($adds as $line)
587 {
588 $line = trim(str_replace("\t", " ", $line));
589 $line = trim(str_replace("(", "", $line));
590 $line = trim(str_replace(")", " ", $line));
591 $line = trim(str_replace(":", " ", $line));
592
593 $bits = explode(" ", $line);
594 foreach($bits as $bit)
595 {
596 if(strstr($bit, "@"))
597 $line = $bit;
598 }
599 if(!in_array($line, $addy) && $line != "")
600 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
601 }
602 }
603
604 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
605 foreach($rfc as $sub)
606 if(!in_array($sub, $addy))
607 $addy[] = $sub;
608 $_SESSION['_config']['addy'] = $addy;
609 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
610 }
611
612 if($process != "" && $oldid == 8)
613 {
614 csrf_check('ctcinfo');
615 $oldid=0;
616 $id = 8;
617
618 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
619
620 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
621 {
622 showheader(_("My CAcert.org Account!"));
623 echo _("The address you submitted isn't a valid authority address for the domain.");
624 showfooter();
625 exit;
626 }
627
628 if(!in_array($authaddy, $_SESSION['_config']['addy']))
629 {
630 showheader(_("My CAcert.org Account!"));
631 echo _("The address you submitted isn't a valid authority address for the domain.");
632 showfooter();
633 exit;
634 }
635
636 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
637 $res = mysql_query($query);
638 if(mysql_num_rows($res) > 0)
639 {
640 showheader(_("My CAcert.org Account!"));
641 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
642 showfooter();
643 exit;
644 }
645 $checkemail = checkEmail($authaddy);
646 if($checkemail != "OK")
647 {
648 showheader(_("My CAcert.org Account!"));
649 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
650 if (substr($checkemail, 0, 1) == "4")
651 {
652 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
653 } else {
654 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
655 }
656 echo "<p>$checkemail</p>\n";
657 showfooter();
658 exit;
659 }
660
661 $hash = make_hash();
662 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
663 `memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
664 mysql_query($query);
665 $domainid = mysql_insert_id();
666
667 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
668 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
669 $body .= _("Best regards")."\n"._("CAcert.org Support!");
670
671 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
672
673 showheader(_("My CAcert.org Account!"));
674 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
675 showfooter();
676 exit;
677 }
678
679 if($process != "" && $oldid == 9)
680 {
681 $id = 9;
682 showheader(_("My CAcert.org Account!"));
683 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
684 {
685 echo _("The following domains have been removed:")."<br>
686 ("._("Any valid certificates will be revoked as well").")<br>\n";
687
688 foreach($_REQUEST['delid'] as $id)
689 {
690 $id = intval($id);
691 $query = "select * from `domains` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
692 $res = mysql_query($query);
693 if(mysql_num_rows($res) > 0)
694 {
695 $row = mysql_fetch_assoc($res);
696 echo $row['domain']."<br>\n";
697 account_domain_delete($row['id']);
698 }
699
700 }
701 }
702 else
703 {
704 echo _("You did not select any domains for removal.");
705 }
706
707 showfooter();
708 exit;
709 }
710
711 if($process != "" && $oldid == 10)
712 {
713 if(!array_key_exists('CCA',$_REQUEST))
714 {
715 showheader(_("My CAcert.org Account!"));
716 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
717 showfooter();
718 exit;
719 }
720
721 $CSR = clean_csr($_REQUEST['CSR']);
722 if(strpos($CSR,"---BEGIN")===FALSE)
723 {
724 // In case the CSR is missing the ---BEGIN lines, add them automatically:
725 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
726 }
727
728 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
729 {
730 showheader(_("My CAcert.org Account!"));
731 echo $weakKey;
732 showfooter();
733 exit;
734 }
735
736 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
737
738 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
739 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
740 fputs($fp, $CSR);
741 fclose($fp);
742 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
743 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
744 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
745 foreach($bits as $val)
746 {
747 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
748 }
749 $id = 11;
750
751 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
752 extractit();
753 getcn();
754 getalt();
755
756 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
757 {
758 showheader(_("My CAcert.org Account!"));
759 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
760 showfooter();
761 exit;
762 }
763
764 $_SESSION['_config']['rootcert'] = 1;
765 if($_SESSION['profile']['points'] >= 50)
766 {
767 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
768 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
769 $_SESSION['_config']['rootcert'] = 1;
770 }
771
772 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
773 }
774
775 if($process != "" && $oldid == 11)
776 {
777 if(!file_exists($_SESSION['_config']['tmpfname']))
778 {
779 showheader(_("My CAcert.org Account!"));
780 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
781 showfooter();
782 exit;
783 }
784
785 if (($weakKey = checkWeakKeyCSR(file_get_contents(
786 $_SESSION['_config']['tmpfname']))) !== "")
787 {
788 showheader(_("My CAcert.org Account!"));
789 echo $weakKey;
790 showfooter();
791 exit;
792 }
793
794 $id = 11;
795 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
796 {
797 showheader(_("My CAcert.org Account!"));
798 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
799 showfooter();
800 exit;
801 }
802
803 $subject = buildSubjectFromSession();
804
805 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
806 $_SESSION['_config']['rootcert'] = 1;
807
808 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
809
810 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
811 {
812 $query = "insert into `domaincerts` set
813 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
814 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
815 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
816 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
817 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
818 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
819 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
820 $query = "insert into `domaincerts` set
821 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
822 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
823 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
824 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
825 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
826 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
827 } else {
828 showheader(_("My CAcert.org Account!"));
829 echo _("Domain not verified.");
830 showfooter();
831 exit;
832 }
833
834 mysql_query($query);
835 $CSRid = mysql_insert_id();
836
837 if(is_array($_SESSION['_config']['rowid']))
838 foreach($_SESSION['_config']['rowid'] as $dom)
839 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
840 if(is_array($_SESSION['_config']['altid']))
841 foreach($_SESSION['_config']['altid'] as $dom)
842 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
843
844 $CSRname=generatecertpath("csr","server",$CSRid);
845 rename($_SESSION['_config']['tmpfname'], $CSRname);
846 chmod($CSRname,0644);
847 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
848 waitForResult("domaincerts", $CSRid, 11);
849 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
850 $res = mysql_query($query);
851 if(mysql_num_rows($res) <= 0)
852 {
853 $id = 11;
854 showheader(_("My CAcert.org Account!"));
855 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
856 showfooter();
857 exit;
858 } else {
859 $id = 15;
860 $cert = $CSRid;
861 $_REQUEST['cert']=$CSRid;
862 }
863 }
864
865 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
866 {
867 csrf_check('srvcerchange');
868 $id = 12;
869 showheader(_("My CAcert.org Account!"));
870 if(is_array($_REQUEST['revokeid']))
871 {
872 echo _("Now renewing the following certificates:")."<br>\n";
873 foreach($_REQUEST['revokeid'] as $id)
874 {
875 $id = intval($id);
876 echo _("Processing request")." $id:<br/>";
877 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
878 where `domaincerts`.`id`='$id' and
879 `domaincerts`.`domid`=`domains`.`id` and
880 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
881 $res = mysql_query($query);
882 if(mysql_num_rows($res) <= 0)
883 {
884 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
885 continue;
886 }
887
888 $row = mysql_fetch_assoc($res);
889
890 if (($weakKey = checkWeakKeyX509(file_get_contents(
891 $row['crt_name']))) !== "")
892 {
893 echo $weakKey, "<br/>\n";
894 continue;
895 }
896
897 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
898 $query = "insert into `domaincerts` set
899 `domid`='".intval($row['domid'])."',
900 `CN`='".mysql_real_escape_string($row['CN'])."',
901 `subject`='".mysql_real_escape_string($row['subject'])."',".
902 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
903 "`created`='".mysql_real_escape_string($row['created'])."',
904 `modified`=NOW(),
905 `rootcert`='".intval($row['rootcert'])."',
906 `type`='".intval($row['type'])."',
907 `pkhash`='".mysql_real_escape_string($row['pkhash'])."',
908 `description`='".mysql_real_escape_string($row['description'])."',
909 `md`='".HashAlgorithms::clean($row['md'])."'";
910 mysql_query($query);
911 $newid = mysql_insert_id();
912 $newfile=generatecertpath("csr","server",$newid);
913 copy($row['csr_name'], $newfile);
914 $newfile_esc = escapeshellarg($newfile);
915 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep \"Subject:\""));
916 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
917 foreach($bits as $val)
918 {
919 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
920 }
921 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
922 extractit();
923 getcn();
924 getalt();
925
926 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
927 {
928 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
929 continue;
930 }
931
932 $subject = buildSubjectFromSession();
933 $subject = mysql_real_escape_string($subject);
934 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
935
936 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
937 waitForResult("domaincerts", $newid,$oldid,0);
938 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
939 $res = mysql_query($query);
940 if(mysql_num_rows($res) <= 0)
941 {
942 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
943 } else {
944 $drow = mysql_fetch_assoc($res);
945 $crt_name = escapeshellarg($drow['crt_name']);
946 $cert = shell_exec("/usr/bin/openssl x509 -in $crt_name");
947 echo "<pre>\n$cert\n</pre>\n";
948 }
949 }
950 }
951 else
952 {
953 echo _("You did not select any certificates for renewal.");
954 }
955
956 showfooter();
957 exit;
958 }
959
960 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
961 {
962 csrf_check('srvcerchange');
963 $id = 12;
964 showheader(_("My CAcert.org Account!"));
965 if(is_array($_REQUEST['revokeid']))
966 {
967 echo _("Now revoking the following certificates:")."<br>\n";
968 foreach($_REQUEST['revokeid'] as $id)
969 {
970 $id = intval($id);
971 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
972 where `domaincerts`.`id`='$id' and
973 `domaincerts`.`domid`=`domains`.`id` and
974 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
975 $res = mysql_query($query);
976 if(mysql_num_rows($res) <= 0)
977 {
978 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
979 continue;
980 }
981 $row = mysql_fetch_assoc($res);
982 if($row['revoke'] > 0)
983 {
984 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
985 continue;
986 }
987 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
988 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
989 }
990
991 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
992 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
993
994 }
995 else
996 {
997 echo _("You did not select any certificates for revocation.");
998 }
999
1000 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1001 {
1002 echo _("Now deleting the following pending requests:")."<br>\n";
1003 foreach($_REQUEST['delid'] as $id)
1004 {
1005 $id = intval($id);
1006 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
1007 where `domaincerts`.`id`='$id' and
1008 `domaincerts`.`domid`=`domains`.`id` and
1009 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
1010 $res = mysql_query($query);
1011 if(mysql_num_rows($res) <= 0)
1012 {
1013 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1014 continue;
1015 }
1016 $row = mysql_fetch_assoc($res);
1017 if($row['expired'] > 0)
1018 {
1019 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1020 continue;
1021 }
1022 mysql_query("delete from `domaincerts` where `id`='$id'");
1023 @unlink($row['csr_name']);
1024 @unlink($row['crt_name']);
1025 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1026 }
1027 }
1028 showfooter();
1029 exit;
1030 }
1031
1032 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1033 {
1034 showheader(_("My CAcert.org Account!"));
1035 foreach($_REQUEST as $id => $val)
1036 {
1037 if(substr($id,0,14)=="check_comment_")
1038 {
1039 $cid = intval(substr($id,14));
1040 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1041 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1042 }
1043 }
1044 echo(_("Certificate settings have been changed.")."<br/>\n");
1045 showfooter();
1046 exit;
1047 }
1048
1049
1050 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1051 {
1052 showheader(_("My CAcert.org Account!"));
1053 if(is_array($_REQUEST['revokeid']))
1054 {
1055 echo _("Now renewing the following certificates:")."<br>\n";
1056 foreach($_REQUEST['revokeid'] as $id)
1057 {
1058 $id = intval($id);
1059 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1060 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1061 $res = mysql_query($query);
1062 if(mysql_num_rows($res) <= 0)
1063 {
1064 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1065 continue;
1066 }
1067
1068 $row = mysql_fetch_assoc($res);
1069
1070 if (($weakKey = checkWeakKeyX509(file_get_contents(
1071 $row['crt_name']))) !== "")
1072 {
1073 echo $weakKey, "<br/>\n";
1074 continue;
1075 }
1076
1077 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1078 $query = "insert into emailcerts set
1079 `memid`='".intval($row['memid'])."',
1080 `CN`='".mysql_real_escape_string($row['CN'])."',
1081 `subject`='".mysql_real_escape_string($row['subject'])."',
1082 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1083 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1084 `created`='".mysql_real_escape_string($row['created'])."',
1085 `modified`=NOW(),
1086 `disablelogin`='".intval($row['disablelogin'])."',
1087 `codesign`='".intval($row['codesign'])."',
1088 `rootcert`='".intval($row['rootcert'])."',
1089 `description`='".mysql_real_escape_string($row['description'])."',
1090 `md`='".HashAlgorithms::clean($row['md'])."'";
1091 mysql_query($query);
1092 $newid = mysql_insert_id();
1093 $newfile=generatecertpath("csr","client",$newid);
1094 copy($row['csr_name'], $newfile);
1095 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1096 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1097 while($r2 = mysql_fetch_assoc($res))
1098 {
1099 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1100 `emailcertsid`='$newid'");
1101 }
1102 waitForResult("emailcerts", $newid,$oldid,0);
1103 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1104 $res = mysql_query($query);
1105 if(mysql_num_rows($res) <= 0)
1106 {
1107 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1108 } else {
1109 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1110 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1111 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1112 }
1113 }
1114 }
1115 else
1116 {
1117 echo _("You did not select any certificates for renewal.")."<br/>";
1118 }
1119
1120 showfooter();
1121 exit;
1122 }
1123
1124 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1125 {
1126 $id = 5;
1127 showheader(_("My CAcert.org Account!"));
1128 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1129 {
1130 echo _("Now revoking the following certificates:")."<br>\n";
1131 foreach($_REQUEST['revokeid'] as $id)
1132 {
1133 $id = intval($id);
1134 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1135 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1136 $res = mysql_query($query);
1137 if(mysql_num_rows($res) <= 0)
1138 {
1139 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1140 continue;
1141 }
1142 $row = mysql_fetch_assoc($res);
1143 if($row['revoke'] > 0)
1144 {
1145 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1146 continue;
1147 }
1148 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1149 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1150 }
1151
1152 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1153 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1154 }
1155 else
1156 {
1157 echo _("You did not select any certificates for revocation.");
1158 }
1159
1160 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1161 {
1162 echo _("Now deleting the following pending requests:")."<br>\n";
1163 foreach($_REQUEST['delid'] as $id)
1164 {
1165 $id = intval($id);
1166 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1167 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1168 $res = mysql_query($query);
1169 if(mysql_num_rows($res) <= 0)
1170 {
1171 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1172 continue;
1173 }
1174 $row = mysql_fetch_assoc($res);
1175 if($row['expired'] > 0)
1176 {
1177 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1178 continue;
1179 }
1180 mysql_query("delete from `emailcerts` where `id`='$id'");
1181 @unlink($row['csr_name']);
1182 @unlink($row['crt_name']);
1183 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1184 }
1185 }
1186 showfooter();
1187 exit;
1188 }
1189
1190 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1191 {
1192 showheader(_("My CAcert.org Account!"));
1193 foreach($_REQUEST as $id => $val)
1194 {
1195 if(substr($id,0,5)=="cert_")
1196 {
1197 $cid = intval(substr($id,5));
1198 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1199 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1200 }
1201 if(substr($id,0,14)=="check_comment_")
1202 {
1203 $cid = intval(substr($id,14));
1204 if(!empty($_REQUEST['check_comment_'.$cid])) {
1205 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1206 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1207 }
1208 }
1209 }
1210 echo(_("Certificate settings have been changed.")."<br/>\n");
1211 showfooter();
1212 exit;
1213 }
1214
1215 if($oldid == 6 && $_REQUEST['certid'] != "")
1216 {
1217 if(trim($_REQUEST['description']) != ""){
1218 $description= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1219 }else{
1220 $description= "";
1221 }
1222
1223 if(trim($_REQUEST['disablelogin']) == "1"){
1224 $disablelogin = 1;
1225 }else{
1226 $disablelogin = 0;
1227 }
1228
1229 mysql_query("update `emailcerts` set `disablelogin`='$disablelogin', `description`='$description' where `id`='".$_REQUEST['certid']."' and `memid`='".$_SESSION['profile']['id']."'");
1230 }
1231
1232 if($oldid == 13 && $process != "" && $showdetails!="")
1233 {
1234 csrf_check("perschange");
1235 $_SESSION['_config']['user'] = $_SESSION['profile'];
1236
1237 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1238 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1239 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1240 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1241 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1242 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1243 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1244 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1245 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1246 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1247
1248 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1249 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1250 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1251 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1252 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1253 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1254 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1255 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1256 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1257 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1258 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1259 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1260 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1261 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1262 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1263 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1264 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1265 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1266 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1267 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1268 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1269 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1270 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1271 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1272 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1273 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1274 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1275 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1276 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1277 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1278 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1279 {
1280 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1281 $id = $oldid;
1282 $oldid=0;
1283 }
1284
1285 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1286 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1287 $_SESSION['_config']['user']['Q5'] == "")
1288 {
1289 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1290 $id = $oldid;
1291 $oldid=0;
1292 }
1293 }
1294
1295 if($oldid == 13 && $process != "")
1296 {
1297 update_points_in_profile();
1298
1299 if($_SESSION['profile']['points'] == 0)
1300 {
1301 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1302 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1303 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1304 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1305 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1306 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1307 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1308
1309 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1310 {
1311 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1312 $id = $oldid;
1313 $oldid=0;
1314 }
1315 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1316 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1317 {
1318 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1319 $id = $oldid;
1320 $oldid=0;
1321 }
1322 }
1323 }
1324
1325 if($oldid == 13 && $process != "")
1326 {
1327 if($_SESSION['profile']['points'] == 0)
1328 {
1329 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1330 `mname`='".$_SESSION['_config']['user']['mname']."',
1331 `lname`='".$_SESSION['_config']['user']['lname']."',
1332 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1333 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1334 where `id`='".intval($_SESSION['profile']['id'])."'";
1335 mysql_query($query);
1336 }
1337 if ($showdetails!="") {
1338 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1339 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1340 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1341 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1342 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1343 `A1`='".$_SESSION['_config']['user']['A1']."',
1344 `A2`='".$_SESSION['_config']['user']['A2']."',
1345 `A3`='".$_SESSION['_config']['user']['A3']."',
1346 `A4`='".$_SESSION['_config']['user']['A4']."',
1347 `A5`='".$_SESSION['_config']['user']['A5']."'
1348 where `id`='".intval($_SESSION['profile']['id'])."'";
1349 mysql_query($query);
1350 }
1351
1352 $_SESSION['_config']['user']['set'] = 0;
1353 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
1354 $_SESSION['profile']['loggedin'] = 1;
1355
1356 update_points_in_profile();
1357
1358
1359 $id = 13;
1360 showheader(_("My CAcert.org Account!"));
1361 echo _("Your details have been updated with the database.");
1362 showfooter();
1363 exit;
1364 }
1365
1366 if($oldid == 14 && $process != "")
1367 {
1368 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1369 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1370 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1371
1372 $id = 14;
1373 csrf_check("pwchange");
1374
1375 showheader(_("My CAcert.org Account!"));
1376 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1377 {
1378 echo '<h3 class="error_fatal">', _("Failure: Pass Phrase not Changed"),
1379 '</h3>', "\n";
1380 echo _("New Pass Phrases specified don't match or were blank.");
1381 } else {
1382 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1383 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1384
1385 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1386 {
1387 $match = mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and
1388 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1389 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1390 $rc = mysql_num_rows($match);
1391 } else {
1392 $rc = 1;
1393 }
1394
1395 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1396 echo '<h3 class="error_fatal">',
1397 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1398 echo _("The Pass Phrase you submitted was too short.");
1399 } else if($score < 3) {
1400 echo '<h3 class="error_fatal">',
1401 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1402 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1403 } else if($rc <= 0) {
1404 echo '<h3 class="error_fatal">',
1405 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1406 echo _("You failed to correctly enter your current Pass Phrase.");
1407 } else {
1408 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1409 where `id`='".intval($_SESSION['profile']['id'])."'");
1410 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1411 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1412 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1413 $body .= _("You are receiving this email because you or someone else ".
1414 "has changed the password on your account.")."\n\n";
1415
1416 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1417
1418 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1419 "support@cacert.org", "", "", "CAcert Support");
1420 }
1421 }
1422 showfooter();
1423 exit;
1424 }
1425
1426 if($oldid == 16)
1427 {
1428 $id = 16;
1429 $_SESSION['_config']['emails'] = array();
1430
1431 foreach($_REQUEST['emails'] as $val)
1432 {
1433 $val = mysql_real_escape_string(stripslashes(trim($val)));
1434 $bits = explode("@", $val);
1435 $count = count($bits);
1436 if($count != 2)
1437 continue;
1438
1439 if(checkownership($bits[1]) == false)
1440 continue;
1441
1442 if(!is_array($_SESSION['_config']['row']))
1443 continue;
1444 else if($_SESSION['_config']['row']['id'] > 0)
1445 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1446
1447 if($val != "")
1448 $_SESSION['_config']['emails'][] = $val;
1449 }
1450 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1451 $_SESSION['_config']['OU'] = stripslashes(trim($_REQUEST['OU']));
1452
1453 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1454 }
1455
1456 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1457 {
1458 $id = 16;
1459 showheader(_("My CAcert.org Account!"));
1460 echo _("I couldn't match any emails against your organisational account.");
1461 showfooter();
1462 exit;
1463 }
1464
1465 if($oldid == 16 && $process != "")
1466 {
1467 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1468 {
1469 $_REQUEST['codesign'] = 1;
1470 $_SESSION['_config']['codesign'] = 1;
1471 }
1472 else
1473 {
1474 $_REQUEST['codesign'] = 0;
1475 $_SESSION['_config']['codesign'] = 0;
1476 }
1477
1478 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1479 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1480 $_SESSION['_config']['rootcert'] = 1;
1481
1482 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1483
1484 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1485
1486 if(@count($_SESSION['_config']['emails']) > 0)
1487 $id = 17;
1488 }
1489
1490 if($oldid == 17)
1491 {
1492 $org = $_SESSION['_config']['row'];
1493 if($_REQUEST['keytype'] == "NS")
1494 {
1495 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1496
1497 if($spkac == "" || strlen($spkac) < 128)
1498 {
1499 $id = 17;
1500 showheader(_("My CAcert.org Account!"));
1501 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1502 showfooter();
1503 exit;
1504 }
1505
1506 $count = 0;
1507 $emails = "";
1508 $addys = array();
1509 if(is_array($_SESSION['_config']['emails']))
1510 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1511 {
1512 if(!$emails)
1513 $defaultemail = $_REQUEST['email'];
1514 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1515 $count++;
1516 }
1517 if($_SESSION['_config']['name'] != "")
1518 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1519 if($_SESSION['_config']['OU'])
1520 $emails .= "organizationalUnitName = ".mysql_real_escape_string($_SESSION['_config']['OU'])."\n";
1521 if($org['O'])
1522 $emails .= "organizationName = ".$org['O']."\n";
1523 if($org['L'])
1524 $emails .= "localityName = ".$org['L']."\n";
1525 if($org['ST'])
1526 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1527 if($org['C'])
1528 $emails .= "countryName = ".$org['C']."\n";
1529 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1530 $_SESSION['_config']['rootcert'] = 1;
1531
1532
1533 $emails .= "SPKAC = $spkac";
1534 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1535 {
1536 $id = 17;
1537 showheader(_("My CAcert.org Account!"));
1538 echo $weakKey;
1539 showfooter();
1540 exit;
1541 }
1542
1543 $query = "insert into `orgemailcerts` set
1544 `CN`='$defaultemail',
1545 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1546 `keytype`='NS',
1547 `orgid`='".intval($org['orgid'])."',
1548 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1549 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1550 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1551 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1552 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1553 mysql_query($query);
1554 $emailid = mysql_insert_id();
1555
1556 foreach($_SESSION['_config']['domids'] as $addy)
1557 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1558
1559 $CSRname=generatecertpath("csr","orgclient",$emailid);
1560 $fp = fopen($CSRname, "w");
1561 fputs($fp, $emails);
1562 fclose($fp);
1563 $challenge=$_SESSION['spkac_hash'];
1564 $CSRname_esc = escapeshellarg($CSRname);
1565 $res=shell_exec("openssl spkac -verify -in $CSRname_esc");
1566 if(!strstr($res,"Challenge String: ".$challenge))
1567 {
1568 $id = $oldid;
1569 showheader(_("My CAcert.org Account!"));
1570 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1571 showfooter();
1572 exit;
1573 }
1574 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1575 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1576 $csr = clean_csr($_REQUEST['CSR']);
1577 if(strpos($csr,"---BEGIN") === FALSE)
1578 {
1579 // In case the CSR is missing the ---BEGIN lines, add them automatically:
1580 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".$csr."\n-----END CERTIFICATE REQUEST-----\n";
1581 }
1582
1583 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1584 {
1585 $id = 17;
1586 showheader(_("My CAcert.org Account!"));
1587 echo $weakKey;
1588 showfooter();
1589 exit;
1590 }
1591
1592 $tmpfname = tempnam("/tmp", "id17CSR");
1593 $fp = fopen($tmpfname, "w");
1594 fputs($fp, $csr);
1595 fclose($fp);
1596
1597 $addys = array();
1598 $defaultemail = "";
1599 $csrsubject="";
1600
1601 if($_SESSION['_config']['name'] != "")
1602 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1603 if(is_array($_SESSION['_config']['emails']))
1604 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1605 {
1606 if($defaultemail == "")
1607 $defaultemail = $_REQUEST['email'];
1608 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1609 }
1610 if($_SESSION['_config']['OU'])
1611 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1612 if($org['O'])
1613 $csrsubject .= "/organizationName=".$org['O'];
1614 if($org['L'])
1615 $csrsubject .= "/localityName=".$org['L'];
1616 if($org['ST'])
1617 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1618 if($org['C'])
1619 $csrsubject .= "/countryName=".$org['C'];
1620
1621 $tmpname = tempnam("/tmp", "id17csr");
1622 $tmpfname_esc = escapeshellarg($tmpfname);
1623 $tmpname_esc = escapeshellarg($tmpname);
1624 $do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc");
1625 @unlink($tmpfname);
1626 $csr = "";
1627 $fp = fopen($tmpname, "r");
1628 while($data = fgets($fp, 4096))
1629 $csr .= $data;
1630 fclose($fp);
1631 @unlink($tmpname);
1632
1633 if($csr == "")
1634 {
1635 showheader(_("My CAcert.org Account!"));
1636 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1637 showfooter();
1638 exit;
1639 }
1640 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1641 $_SESSION['_config']['rootcert'] = 1;
1642
1643 $query = "insert into `orgemailcerts` set
1644 `CN`='$defaultemail',
1645 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1646 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1647 `orgid`='".intval($org['orgid'])."',
1648 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1649 `subject`='".mysql_real_escape_string($csrsubject)."',
1650 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1651 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1652 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1653 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1654 mysql_query($query);
1655 $emailid = mysql_insert_id();
1656
1657 foreach($_SESSION['_config']['domids'] as $addy)
1658 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1659
1660 $CSRname=generatecertpath("csr","orgclient",$emailid);
1661 $fp = fopen($CSRname, "w");
1662 fputs($fp, $csr);
1663 fclose($fp);
1664 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1665 }
1666 waitForResult("orgemailcerts", $emailid,$oldid);
1667 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1668 $res = mysql_query($query);
1669 if(mysql_num_rows($res) <= 0)
1670 {
1671 showheader(_("My CAcert.org Account!"));
1672 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1673 showfooter();
1674 exit;
1675 } else {
1676 $id = 19;
1677 $cert = $emailid;
1678 $_REQUEST['cert']=$emailid;
1679 }
1680 }
1681
1682 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1683 {
1684 csrf_check('clicerchange');
1685 showheader(_("My CAcert.org Account!"));
1686 if(is_array($_REQUEST['revokeid']))
1687 {
1688 $id = 18;
1689 echo _("Now renewing the following certificates:")."<br>\n";
1690 foreach($_REQUEST['revokeid'] as $id)
1691 {
1692 echo "Renewing certificate #$id ...\n<br/>";
1693 $id = intval($id);
1694 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1695 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1696 `org`.`orgid`=`orgemailcerts`.`orgid`";
1697 $res = mysql_query($query);
1698 if(mysql_num_rows($res) <= 0)
1699 {
1700 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1701 continue;
1702 }
1703
1704 $row = mysql_fetch_assoc($res);
1705
1706 if (($weakKey = checkWeakKeyX509(file_get_contents(
1707 $row['crt_name']))) !== "")
1708 {
1709 echo $weakKey, "<br/>\n";
1710 continue;
1711 }
1712
1713 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1714 if($row['revoke'] > 0)
1715 {
1716 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1717 continue;
1718 }
1719 $query = "insert into `orgemailcerts` set
1720 `orgid`='".intval($row['orgid'])."',
1721 `CN`='".mysql_real_escape_string($row['CN'])."',
1722 `ou`='".mysql_real_escape_string($row['ou'])."',
1723 `subject`='".mysql_real_escape_string($row['subject'])."',
1724 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1725 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1726 `created`='".mysql_real_escape_string($row['created'])."',
1727 `modified`=NOW(),
1728 `codesign`='".intval($row['codesign'])."',
1729 `rootcert`='".intval($row['rootcert'])."',
1730 `description`='".mysql_real_escape_string($row['description'])."',
1731 `md`='".HashAlgorithms::clean($row['md'])."'";
1732 mysql_query($query);
1733 $newid = mysql_insert_id();
1734 $newfile=generatecertpath("csr","orgclient",$newid);
1735 copy($row['csr_name'], $newfile);
1736 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1737 waitForResult("orgemailcerts", $newid,$oldid,0);
1738 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1739 $res = mysql_query($query);
1740 if(mysql_num_rows($res) > 0)
1741 {
1742 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1743 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1744 _("Click here")."</a> "._("to install your certificate.");
1745 }
1746 echo("<br/>");
1747 }
1748 }
1749 else
1750 {
1751 echo _("You did not select any certificates for renewal.");
1752 }
1753 showfooter();
1754 exit;
1755 }
1756
1757 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1758 {
1759 csrf_check('clicerchange');
1760 $id = 18;
1761 showheader(_("My CAcert.org Account!"));
1762 if(is_array($_REQUEST['revokeid']))
1763 {
1764 echo _("Now revoking the following certificates:")."<br>\n";
1765 foreach($_REQUEST['revokeid'] as $id)
1766 {
1767 $id = intval($id);
1768 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1769 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1770 `org`.`orgid`=`orgemailcerts`.`orgid`";
1771 $res = mysql_query($query);
1772 if(mysql_num_rows($res) <= 0)
1773 {
1774 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1775 continue;
1776 }
1777 $row = mysql_fetch_assoc($res);
1778 if($row['revoke'] > 0)
1779 {
1780 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1781 continue;
1782 }
1783 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1784 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1785 }
1786
1787 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1788 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1789 }
1790 else
1791 {
1792 echo _("You did not select any certificates for revocation.");
1793 }
1794
1795 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1796 {
1797 echo _("Now deleting the following pending requests:")."<br>\n";
1798 foreach($_REQUEST['delid'] as $id)
1799 {
1800 $id = intval($id);
1801 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1802 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1803 `org`.`orgid`=`orgemailcerts`.`orgid`";
1804 $res = mysql_query($query);
1805 if(mysql_num_rows($res) <= 0)
1806 {
1807 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1808 continue;
1809 }
1810 $row = mysql_fetch_assoc($res);
1811 if($row['expired'] > 0)
1812 {
1813 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1814 continue;
1815 }
1816 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1817 @unlink($row['csr_name']);
1818 @unlink($row['crt_name']);
1819 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1820 }
1821 }
1822 showfooter();
1823 exit;
1824 }
1825
1826 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1827 {
1828 showheader(_("My CAcert.org Account!"));
1829 foreach($_REQUEST as $id => $val)
1830 {
1831 if(substr($id,0,14)=="check_comment_")
1832 {
1833 $cid = intval(substr($id,14));
1834 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1835 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1836 }
1837 }
1838 echo(_("Certificate settings have been changed.")."<br/>\n");
1839 showfooter();
1840 exit;
1841 }
1842
1843 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1844 {
1845 $id=18;
1846 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1847 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1848 $_SESSION['_config']['status']=$_REQUEST['status'];
1849 }
1850
1851 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1852 {
1853 $id=18;
1854 $_SESSION['_config']['orgfilterid']=0;
1855 $_SESSION['_config']['sorting']=0;
1856 $_SESSION['_config']['status']=0;
1857 }
1858
1859 if($process != "" && $oldid == 20)
1860 {
1861 $CSR = clean_csr($_REQUEST['CSR']);
1862
1863 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1864 {
1865 $id = 20;
1866 showheader(_("My CAcert.org Account!"));
1867 echo $weakKey;
1868 showfooter();
1869 exit;
1870 }
1871
1872 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1873
1874 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1875 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1876 fputs($fp, $CSR);
1877 fclose($fp);
1878 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
1879 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
1880 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
1881 foreach($bits as $val)
1882 {
1883 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1884 }
1885 $id = 21;
1886
1887 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1888 extractit();
1889 getcn2();
1890 getalt2();
1891
1892 $query = "select * from `orginfo`,`org`,`orgdomains` where
1893 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1894 `org`.`orgid`=`orginfo`.`id` and
1895 `org`.`orgid`=`orgdomains`.`orgid` and
1896 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.CN'])."'";
1897 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1898 $query = "select * from `orginfo`,`org`,`orgdomains` where
1899 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1900 `org`.`orgid`=`orginfo`.`id` and
1901 `org`.`orgid`=`orgdomains`.`orgid` and
1902 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.subjectAltName'])."'";
1903 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1904 //echo "<pre>"; print_r($_SESSION['_config']); die;
1905
1906 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1907 {
1908 $id = 20;
1909 showheader(_("My CAcert.org Account!"));
1910 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1911 showfooter();
1912 exit;
1913 }
1914
1915 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1916 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1917 $_SESSION['_config']['rootcert'] = 1;
1918
1919 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1920 }
1921
1922 if($process != "" && $oldid == 21)
1923 {
1924 $id = 21;
1925
1926 if(!file_exists($_SESSION['_config']['tmpfname']))
1927 {
1928 showheader(_("My CAcert.org Account!"));
1929 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1930 showfooter();
1931 exit;
1932 }
1933
1934 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1935 $_SESSION['_config']['tmpfname']))) !== "")
1936 {
1937 showheader(_("My CAcert.org Account!"));
1938 echo $weakKey;
1939 showfooter();
1940 exit;
1941 }
1942
1943 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1944 {
1945 showheader(_("My CAcert.org Account!"));
1946 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1947 showfooter();
1948 exit;
1949 }
1950
1951 if($_SESSION['_config']['rowid']['0'] > 0)
1952 {
1953 $query = "select * from `org`,`orginfo` where
1954 `orginfo`.`id`='".intval($_SESSION['_config']['rowid']['0'])."' and
1955 `orginfo`.`id`=`org`.`orgid` and
1956 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1957 } else {
1958 $query = "select * from `org`,`orginfo` where
1959 `orginfo`.`id`='".intval($_SESSION['_config']['altid']['0'])."' and
1960 `orginfo`.`id`=`org`.`orgid` and
1961 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1962 }
1963 $org = mysql_fetch_assoc(mysql_query($query));
1964 $csrsubject = "";
1965
1966 if($_SESSION['_config']['OU'])
1967 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1968 if($org['O'])
1969 $csrsubject .= "/organizationName=".$org['O'];
1970 if($org['L'])
1971 $csrsubject .= "/localityName=".$org['L'];
1972 if($org['ST'])
1973 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1974 if($org['C'])
1975 $csrsubject .= "/countryName=".$org['C'];
1976 //if($org['contact'])
1977 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1978
1979 $csrsubject .= buildSubjectFromSession();
1980
1981 $type="";
1982 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1983 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1984 $_SESSION['_config']['rootcert'] = 1;
1985
1986 if($_SESSION['_config']['rowid']['0'] > 0)
1987 {
1988 $query = "insert into `orgdomaincerts` set
1989 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
1990 `orgid`='".intval($org['id'])."',
1991 `created`=NOW(),
1992 `subject`='".mysql_real_escape_string($csrsubject)."',
1993 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1994 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1995 `type`='".$type."',
1996 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1997 } else {
1998 $query = "insert into `orgdomaincerts` set
1999 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
2000 `orgid`='".intval($org['id'])."',
2001 `created`=NOW(),
2002 `subject`='".mysql_real_escape_string($csrsubject)."',
2003 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
2004 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
2005 `type`='".$type."',
2006 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
2007 }
2008 mysql_query($query);
2009 $CSRid = mysql_insert_id();
2010
2011 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2012 rename($_SESSION['_config']['tmpfname'], $CSRname);
2013 chmod($CSRname,0644);
2014 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2015 if(is_array($_SESSION['_config']['rowid']))
2016 foreach($_SESSION['_config']['rowid'] as $id)
2017 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
2018 if(is_array($_SESSION['_config']['altid']))
2019 foreach($_SESSION['_config']['altid'] as $id)
2020 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
2021 waitForResult("orgdomaincerts", $CSRid,$oldid);
2022 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2023 $res = mysql_query($query);
2024 if(mysql_num_rows($res) <= 0)
2025 {
2026 showheader(_("My CAcert.org Account!"));
2027 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2028 showfooter();
2029 exit;
2030 } else {
2031 $id = 23;
2032 $cert = $CSRid;
2033 $_REQUEST['cert']=$CSRid;
2034 }
2035 }
2036
2037 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2038 {
2039 csrf_check('orgsrvcerchange');
2040 showheader(_("My CAcert.org Account!"));
2041 if(is_array($_REQUEST['revokeid']))
2042 {
2043 echo _("Now renewing the following certificates:")."<br>\n";
2044 foreach($_REQUEST['revokeid'] as $id)
2045 {
2046 $id = intval($id);
2047 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2048 `orgdomaincerts`,`org`
2049 where `orgdomaincerts`.`id`='$id' and
2050 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2051 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2052 $res = mysql_query($query);
2053 if(mysql_num_rows($res) <= 0)
2054 {
2055 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2056 continue;
2057 }
2058
2059 $row = mysql_fetch_assoc($res);
2060
2061 if (($weakKey = checkWeakKeyX509(file_get_contents(
2062 $row['crt_name']))) !== "")
2063 {
2064 echo $weakKey, "<br/>\n";
2065 continue;
2066 }
2067
2068 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2069 if($row['revoke'] > 0)
2070 {
2071 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2072 continue;
2073 }
2074 $query = "insert into `orgdomaincerts` set
2075 `orgid`='".intval($row['orgid'])."',
2076 `CN`='".mysql_real_escape_string($row['CN'])."',
2077 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
2078 `created`='".mysql_real_escape_string($row['created'])."',
2079 `modified`=NOW(),
2080 `subject`='".mysql_real_escape_string($row['subject'])."',
2081 `type`='".intval($row['type'])."',
2082 `rootcert`='".intval($row['rootcert'])."',
2083 `description`='".mysql_real_escape_string($row['description'])."',
2084 `md`='".HashAlgorithms::clean($row['md'])."'";
2085 mysql_query($query);
2086 $newid = mysql_insert_id();
2087 //echo "NewID: $newid<br/>\n";
2088 $newfile=generatecertpath("csr","orgserver",$newid);
2089 copy($row['csr_name'], $newfile);
2090 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2091 echo _("Renewing").": ".$row['CN']."<br>\n";
2092 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2093 while($r2 = mysql_fetch_assoc($res))
2094 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($r2['orgdomid'])."', `orgcertid`='$newid'");
2095 waitForResult("orgdomaincerts", $newid,$oldid,0);
2096 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2097 $res = mysql_query($query);
2098 if(mysql_num_rows($res) <= 0)
2099 {
2100 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2101 } else {
2102 $drow = mysql_fetch_assoc($res);
2103 $crtname = escapeshellarg($drow['crt_name']);
2104 $cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
2105 echo "<pre>\n$cert\n</pre>\n";
2106 }
2107 }
2108 }
2109 else
2110 {
2111 echo _("You did not select any certificates for renewal.");
2112 }
2113 showfooter();
2114 exit;
2115 }
2116
2117 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2118 {
2119 csrf_check('orgsrvcerchange');
2120 showheader(_("My CAcert.org Account!"));
2121 if(is_array($_REQUEST['revokeid']))
2122 {
2123 echo _("Now revoking the following certificates:")."<br>\n";
2124 foreach($_REQUEST['revokeid'] as $id)
2125 {
2126 $id = intval($id);
2127 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2128 `orgdomaincerts`,`org`
2129 where `orgdomaincerts`.`id`='$id' and
2130 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2131 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2132 $res = mysql_query($query);
2133 if(mysql_num_rows($res) <= 0)
2134 {
2135 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2136 continue;
2137 }
2138 $row = mysql_fetch_assoc($res);
2139 if($row['revoke'] > 0)
2140 {
2141 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2142 continue;
2143 }
2144 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2145 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
2146 }
2147
2148 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
2149 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
2150 }
2151 else
2152 {
2153 echo _("You did not select any certificates for revocation.");
2154 }
2155
2156 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2157 {
2158 echo _("Now deleting the following pending requests:")."<br>\n";
2159 foreach($_REQUEST['delid'] as $id)
2160 {
2161 $id = intval($id);
2162 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2163 `orgdomaincerts`,`org`
2164 where `orgdomaincerts`.`id`='$id' and
2165 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2166 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2167 $res = mysql_query($query);
2168 if(mysql_num_rows($res) <= 0)
2169 {
2170 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2171 continue;
2172 }
2173 $row = mysql_fetch_assoc($res);
2174 if($row['expired'] > 0)
2175 {
2176 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2177 continue;
2178 }
2179 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2180 @unlink($row['csr_name']);
2181 @unlink($row['crt_name']);
2182 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2183 }
2184 }
2185 showfooter();
2186 exit;
2187 }
2188
2189 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2190 {
2191 showheader(_("My CAcert.org Account!"));
2192 foreach($_REQUEST as $id => $val)
2193 {
2194 if(substr($id,0,14)=="check_comment_")
2195 {
2196 $cid = intval(substr($id,14));
2197 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2198 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2199 }
2200 }
2201 echo(_("Certificate settings have been changed.")."<br/>\n");
2202 showfooter();
2203 exit;
2204 }
2205
2206 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2207 {
2208 $id=22;
2209 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2210 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2211 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2212 }
2213
2214 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2215 {
2216 $id=22;
2217 $_SESSION['_config']['dorgfilterid']=0;
2218 $_SESSION['_config']['dsorting']=0;
2219 $_SESSION['_config']['dstatus']=0;
2220 }
2221
2222
2223 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2224 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2225 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2226 $_SESSION['profile']['orgadmin'] != 1)
2227 {
2228 showheader(_("My CAcert.org Account!"));
2229 echo _("You don't have access to this area.");
2230 showfooter();
2231 exit;
2232 }
2233
2234 if($oldid == 24 && $process != "")
2235 {
2236 $id = intval($oldid);
2237 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2238 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2239 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2240 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2241 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2242 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2243
2244 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2245 {
2246 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2247 } else {
2248 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2249 `contact`='".$_SESSION['_config']['contact']."',
2250 `L`='".$_SESSION['_config']['L']."',
2251 `ST`='".$_SESSION['_config']['ST']."',
2252 `C`='".strtoupper($_SESSION['_config']['C'])."',
2253 `comments`='".$_SESSION['_config']['comments']."'");
2254 showheader(_("My CAcert.org Account!"));
2255 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2256 showfooter();
2257 exit;
2258 }
2259 }
2260
2261 if($oldid == 27 && $process != "")
2262 {
2263 csrf_check('orgdetchange');
2264 $id = intval($oldid);
2265 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2266 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2267 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2268 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2269 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2270 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2271
2272 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2273 {
2274 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2275 } else {
2276 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2277 `contact`='".$_SESSION['_config']['contact']."',
2278 `L`='".$_SESSION['_config']['L']."',
2279 `ST`='".$_SESSION['_config']['ST']."',
2280 `C`='".strtoupper($_SESSION['_config']['C'])."',
2281 `comments`='".$_SESSION['_config']['comments']."'
2282 where `id`='".intval($_SESSION['_config']['orgid'])."'");
2283 showheader(_("My CAcert.org Account!"));
2284 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2285 showfooter();
2286 exit;
2287 }
2288 }
2289
2290 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2291 {
2292 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2293 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2294 if(mysql_num_rows($res1) > 0)
2295 {
2296 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2297 $id = $oldid;
2298 $oldid=0;
2299 }
2300 }
2301
2302 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2303 {
2304 $oldid=0;
2305 $id = 25;
2306 }
2307
2308 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2309 {
2310 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2311 showheader(_("My CAcert.org Account!"));
2312 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2313 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid']).&quo