bug 1394: applied text changes according to bug description
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 /**
26 * Build a subject string as needed by the signer
27 *
28 * @param array(string) $domains
29 * First domain is used as CN and repeated in subjectAltName. Duplicates
30 * should already been removed
31 *
32 * @param bool $include_xmpp_addr
33 * [default: true] Whether to include the XmppAddr in the subjectAltName.
34 * This is needed if the Jabber server is jabber.example.com but a Jabber ID
35 * on that server would be alice@example.com
36 *
37 * @return string
38 */
39 function buildSubject(array $domains, $include_xmpp_addr = true) {
40 $subject = "/CN=${domains[0]}";
41
42 foreach ($domains as $domain) {
43 $subject .= "/subjectAltName=DNS:$domain";
44
45 if ($include_xmpp_addr) {
46 $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$domain";
47 }
48 }
49
50 return $subject;
51 }
52
53 /**
54 * Builds the subject string from the session variables
55 * $_SESSION['_config']['rows'] and $_SESSION['_config']['altrows']
56 *
57 * @return string
58 */
59 function buildSubjectFromSession() {
60 $domains = array();
61
62 if (is_array($_SESSION['_config']['rows'])) {
63 $domains = array_merge($domains, $_SESSION['_config']['rows']);
64 }
65
66 if (is_array($_SESSION['_config']['altrows']))
67 foreach ($_SESSION['_config']['altrows'] as $row) {
68 if (substr($row, 0, 4) === "DNS:") {
69 $domains[] = substr($row, 4);
70 }
71 }
72
73 return buildSubject(array_unique($domains));
74 }
75
76 $id = array_key_exists("id",$_REQUEST) ? intval($_REQUEST['id']) : 0;
77 $oldid = array_key_exists("oldid",$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
78 $process = array_key_exists("process",$_REQUEST) ? $_REQUEST['process'] : "";
79 // $showdetalis refers to Secret Question and Answers from account/13.php
80 $showdetails = array_key_exists("showdetails",$_REQUEST) ? intval($_REQUEST['showdetails']) : 0;
81
82 $cert = array_key_exists('cert',$_REQUEST) ? intval($_REQUEST['cert']) : 0;
83 $orgid = array_key_exists('orgid',$_REQUEST) ? intval($_REQUEST['orgid']) : 0;
84 $memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
85 $domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
86
87 $actionrequest = array_key_exists('action',$_REQUEST) ? $_REQUEST['action'] : "";
88
89 $ticketno = array_key_exists('ticketno',$_REQUEST) ? $_REQUEST['ticketno'] : "";
90 $ticketvalidation = FALSE;
91
92
93 if(!$_SESSION['mconn'])
94 {
95 echo _("Several CAcert Services are currently unavailable. Please try again later.");
96 exit;
97 }
98
99 if ($process == _("Cancel"))
100 {
101 // General reset CANCEL process requests
102 $process = "";
103 }
104
105
106 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
107 {
108 $id = 1;
109 $oldid=0;
110 }
111
112 if($process != "" && $oldid == 1)
113 {
114 $id = 1;
115 csrf_check('addemail');
116 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
117 {
118 showheader(_("My CAcert.org Account!"));
119 echo _("Due to the possibility for punycode domain exploits we currently only offer the use of IDN domains if your account has the code signing flag.") . "\n";
120 printf(_("More information can be found %sin our wiki%s."), '<a href="//wiki.cacert.org/FAQ/Privilege">', '</a>');
121 showfooter();
122 exit;
123 }
124 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
125 {
126 showheader(_("My CAcert.org Account!"));
127 printf(_("Not a valid email address. Can't continue."));
128 showfooter();
129 exit;
130 }
131 $oldid=0;
132 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
133 if(check_email_exists($_REQUEST['email'])==true)
134 {
135 showheader(_("My CAcert.org Account!"));
136 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
137 showfooter();
138 exit;
139 }
140 $checkemail = checkEmail($_REQUEST['newemail']);
141 if($checkemail != "OK")
142 {
143 showheader(_("My CAcert.org Account!"));
144 if (substr($checkemail, 0, 1) == "4")
145 {
146 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
147 } else {
148 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
149 }
150 echo "<p>$checkemail</p>\n";
151 showfooter();
152 exit;
153 }
154 $hash = make_hash();
155 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
156 mysql_query($query);
157 $emailid = mysql_insert_id();
158
159 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
160 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
161 $body .= _("Best regards")."\n"._("CAcert.org Support!");
162
163 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
164
165 showheader(_("My CAcert.org Account!"));
166 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
167 showfooter();
168 exit;
169 }
170
171 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
172 {
173 $id = 2;
174 $emailid = intval($_REQUEST['emailid']);
175 $query = "select * from `email` where `id`='$emailid' and `memid`='".intval($_SESSION['profile']['id'])."' and `hash` = '' and `deleted`=0";
176 $res = mysql_query($query);
177 if(mysql_num_rows($res) <= 0)
178 {
179 showheader(_("Error!"));
180 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
181 showfooter();
182 exit;
183 }
184 $row = mysql_fetch_assoc($res);
185 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
186 $body .= _("You are receiving this email because you or someone else ".
187 "has changed the default email on your account.")."\n\n";
188
189 $body .= _("Best regards")."\n"._("CAcert.org Support!");
190
191 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
192 "support@cacert.org", "", "", "CAcert Support");
193
194 $_SESSION['profile']['email'] = $row['email'];
195 $query = "update `users` set `email`='".mysql_real_escape_string($row['email'])."' where `id`='".intval($_SESSION['profile']['id'])."'";
196 mysql_query($query);
197 showheader(_("My CAcert.org Account!"));
198 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
199 showfooter();
200 exit;
201 }
202
203 if($process != "" && $oldid == 2)
204 {
205 $id = 2;
206 csrf_check("chgdef");
207 showheader(_("My CAcert.org Account!"));
208 $delcount = 0;
209 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
210 {
211 $deltitle=false;
212 foreach($_REQUEST['delid'] as $id)
213 {
214 if (!$deltitle) {
215 echo _('The following email addresses have been removed:')."<br>\n";
216 $deltitle=true;
217 }
218 $id = intval($id);
219 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
220 `email`!='".mysql_real_escape_string($_SESSION['profile']['email'])."'";
221 $res = mysql_query($query);
222 if(mysql_num_rows($res) > 0)
223 {
224 $row = mysql_fetch_assoc($res);
225 echo $row['email']."<br>\n";
226 account_email_delete($row['id']);
227 $delcount++;
228 }
229 }
230 }
231 else
232 {
233 echo _("You did not select any email accounts for removal.");
234 }
235 if(0 == $delcount)
236 {
237 echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
238 }
239
240 showfooter();
241 exit;
242 }
243
244 if($process != "" && $oldid == 3)
245 {
246 if(!array_key_exists('CCA',$_REQUEST))
247 {
248 showheader(_("My CAcert.org Account!"));
249 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
250 showfooter();
251 exit;
252 }
253
254 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
255 {
256 showheader(_("My CAcert.org Account!"));
257 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
258 showfooter();
259 exit;
260 }
261
262 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
263
264 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
265 if($_SESSION['profile']['points'] >= 50)
266 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
267 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
268 {
269 $_REQUEST['codesign'] = 0;
270 }
271 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
272 {
273 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
274 $_SESSION['_config']['incname'] = 1;
275 }
276 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
277 $_SESSION['_config']['codesign'] = 1;
278 else
279 $_SESSION['_config']['codesign'] = 0;
280
281 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
282 $_SESSION['_config']['disablelogin'] = 0;
283 else
284 $_SESSION['_config']['disablelogin'] = 1;
285
286 $_SESSION['_config']['rootcert'] = 1;
287 if($_SESSION['profile']['points'] >= 50)
288 {
289 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
290 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
291 $_SESSION['_config']['rootcert'] = 1;
292 }
293
294 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
295
296 $csr = "";
297 if(trim($_REQUEST['optionalCSR']) == "")
298 {
299 $id = 4;
300 } else {
301 $oldid = 4;
302 $_REQUEST['keytype'] = "MS";
303 $csr = clean_csr($_REQUEST['optionalCSR']);
304 }
305
306 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
307 }
308
309 if($oldid == 4)
310 {
311 if($_REQUEST['keytype'] == "NS")
312 {
313 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
314
315 if($spkac=="" || $spkac == "deadbeef")
316 {
317 $id = 4;
318 showheader(_("My CAcert.org Account!"));
319 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
320 showfooter();
321 exit;
322 }
323 $count = 0;
324 $emails = "";
325 $addys = array();
326 $defaultemail="";
327 if(is_array($_SESSION['_config']['addid']))
328 foreach($_SESSION['_config']['addid'] as $id)
329 {
330 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
331 if(mysql_num_rows($res) > 0)
332 {
333 $row = mysql_fetch_assoc($res);
334 if(!$emails)
335 $defaultemail = $row['email'];
336 $emails .= "$count.emailAddress = ".$row['email']."\n";
337 $count++;
338 $addys[] = intval($row['id']);
339 }
340 }
341 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
342 {
343 $id = 4;
344 showheader(_("My CAcert.org Account!"));
345 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
346 showfooter();
347 exit;
348 }
349 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
350 if($_SESSION['_config']['SSO'] == 1)
351 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
352
353 if(strlen($user['mname']) == 1)
354 $user['mname'] .= '.';
355 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
356 {
357 $emails .= "commonName = CAcert WoT User\n";
358 }
359 else
360 {
361 if($_SESSION['_config']['incname'] == 1)
362 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
363 if($_SESSION['_config']['incname'] == 2)
364 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
365 if($_SESSION['_config']['incname'] == 3)
366 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
367 if($_SESSION['_config']['incname'] == 4)
368 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
369 }
370 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
371 $_SESSION['_config']['rootcert'] = 1;
372
373 $emails .= "SPKAC = $spkac";
374 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
375 {
376 $id = 4;
377 showheader(_("My CAcert.org Account!"));
378 echo $weakKey;
379 showfooter();
380 exit;
381 }
382
383 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
384
385 $query = "insert into emailcerts set
386 `CN`='$defaultemail',
387 `keytype`='NS',
388 `memid`='".intval($_SESSION['profile']['id'])."',
389 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
390 `codesign`='".intval($_SESSION['_config']['codesign'])."',
391 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
392 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
393 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
394 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
395 mysql_query($query);
396 $emailid = mysql_insert_id();
397 if(is_array($addys))
398 foreach($addys as $addy)
399 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
400 $CSRname=generatecertpath("csr","client",$emailid);
401 $fp = fopen($CSRname, "w");
402 fputs($fp, $emails);
403 fclose($fp);
404 $challenge=$_SESSION['spkac_hash'];
405 $CSRname_esc = escapeshellarg($CSRname);
406 $res=shell_exec("openssl spkac -verify -in $CSRname_esc");
407 if(!strstr($res,"Challenge String: ".$challenge))
408 {
409 $id = $oldid;
410 showheader(_("My CAcert.org Account!"));
411 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
412 showfooter();
413 exit;
414 }
415 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
416 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
417 if($csr == "")
418 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
419
420 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
421 {
422 $id = 4;
423 showheader(_("My CAcert.org Account!"));
424 echo $weakKey;
425 showfooter();
426 exit;
427 }
428
429 $tmpfname = tempnam("/tmp", "id4CSR");
430 $fp = fopen($tmpfname, "w");
431 fputs($fp, $csr);
432 fclose($fp);
433
434 $addys = array();
435 $defaultemail = "";
436 $csrsubject="";
437
438 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
439 if(strlen($user['mname']) == 1)
440 $user['mname'] .= '.';
441 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
442 $csrsubject = "/CN=CAcert WoT User";
443 if($_SESSION['_config']['incname'] == 1)
444 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
445 if($_SESSION['_config']['incname'] == 2)
446 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
447 if($_SESSION['_config']['incname'] == 3)
448 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
449 if($_SESSION['_config']['incname'] == 4)
450 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
451 if(is_array($_SESSION['_config']['addid']))
452 foreach($_SESSION['_config']['addid'] as $id)
453 {
454 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
455 if(mysql_num_rows($res) > 0)
456 {
457 $row = mysql_fetch_assoc($res);
458 if($defaultemail == "")
459 $defaultemail = $row['email'];
460 $csrsubject .= "/emailAddress=".$row['email'];
461 $addys[] = $row['id'];
462 }
463 }
464 if($_SESSION['_config']['SSO'] == 1)
465 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
466
467 $tmpname = tempnam("/tmp", "id4csr");
468 $tmpfname_esc = escapeshellarg($tmpfname);
469 $tmpname_esc = escapeshellarg($tmpname);
470 $do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc"); // -subj "$csr";
471 @unlink($tmpfname);
472 $csr = "";
473 $fp = fopen($tmpname, "r");
474 while($data = fgets($fp, 4096))
475 $csr .= $data;
476 fclose($fp);
477 @unlink($tmpname);
478 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
479 $_SESSION['_config']['rootcert'] = 1;
480
481 if($csr == "")
482 {
483 $id = 4;
484 showheader(_("My CAcert.org Account!"));
485 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
486 showfooter();
487 exit;
488 }
489 $query = "insert into emailcerts set
490 `CN`='$defaultemail',
491 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
492 `memid`='".intval($_SESSION['profile']['id'])."',
493 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
494 `subject`='".mysql_real_escape_string($csrsubject)."',
495 `codesign`='".intval($_SESSION['_config']['codesign'])."',
496 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
497 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
498 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
499 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
500 mysql_query($query);
501 $emailid = mysql_insert_id();
502 if(is_array($addys))
503 foreach($addys as $addy)
504 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
505 $CSRname=generatecertpath("csr","client",$emailid);
506 $fp = fopen($CSRname, "w");
507 fputs($fp, $csr);
508 fclose($fp);
509 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
510 }
511 waitForResult("emailcerts", $emailid, 4);
512 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
513 $res = mysql_query($query);
514 if(mysql_num_rows($res) <= 0)
515 {
516 $id = 4;
517 showheader(_("My CAcert.org Account!"));
518 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
519 showfooter();
520 exit;
521 } else {
522 $id = 6;
523 $cert = $emailid;
524 $_REQUEST['cert']=$emailid;
525 }
526 }
527
528 if($oldid == 7)
529 {
530 csrf_check("adddomain");
531 if(strstr($_REQUEST['newdomain'],"\x00"))
532 {
533 showheader(_("My CAcert.org Account!"));
534 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
535 showfooter();
536 exit;
537 }
538
539 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
540 while($newdomain['0'] == '-')
541 $newdomain = substr($newdomain, 1);
542 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
543 {
544 showheader(_("My CAcert.org Account!"));
545 echo _("Due to the possibility for punycode domain exploits we currently only offer the use of IDN domains if your account has the code signing flag.") . "\n";
546 printf(_("More information can be found %sin our wiki%s."),'<a href="//wiki.cacert.org/FAQ/Privilege">', '</a>');
547 showfooter();
548 exit;
549 }
550
551 $newdom = trim(escapeshellarg($newdomain));
552 $newdomain = mysql_real_escape_string(trim($newdomain));
553
554 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
555 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
556 $res2 = mysql_query($query);
557 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
558 {
559 $oldid=0;
560 $id = 7;
561 showheader(_("My CAcert.org Account!"));
562 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
563 showfooter();
564 exit;
565 }
566 }
567
568 if($oldid == 7)
569 {
570 $oldid=0;
571 $id = 8;
572 $addy = array();
573 $adds = array();
574 if(strtolower(substr($newdom, -4, 3)) != ".jp")
575 $adds = explode("\n", trim(shell_exec("/usr/bin/whois $newdom|grep \"@\"")));
576 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
577 {
578 if(is_array($adds))
579 foreach($adds as $line)
580 {
581 $bits = explode(":", $line, 2);
582 $line = trim($bits[1]);
583 if(!in_array($line, $addy) && $line != "")
584 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
585 }
586 } else {
587 if(is_array($adds))
588 foreach($adds as $line)
589 {
590 $line = trim(str_replace("\t", " ", $line));
591 $line = trim(str_replace("(", "", $line));
592 $line = trim(str_replace(")", " ", $line));
593 $line = trim(str_replace(":", " ", $line));
594
595 $bits = explode(" ", $line);
596 foreach($bits as $bit)
597 {
598 if(strstr($bit, "@"))
599 $line = $bit;
600 }
601 if(!in_array($line, $addy) && $line != "")
602 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
603 }
604 }
605
606 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
607 foreach($rfc as $sub)
608 if(!in_array($sub, $addy))
609 $addy[] = $sub;
610 $_SESSION['_config']['addy'] = $addy;
611 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
612 }
613
614 if($process != "" && $oldid == 8)
615 {
616 csrf_check('ctcinfo');
617 $oldid=0;
618 $id = 8;
619
620 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
621
622 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
623 {
624 showheader(_("My CAcert.org Account!"));
625 echo _("The address you submitted isn't a valid authority address for the domain.");
626 showfooter();
627 exit;
628 }
629
630 if(!in_array($authaddy, $_SESSION['_config']['addy']))
631 {
632 showheader(_("My CAcert.org Account!"));
633 echo _("The address you submitted isn't a valid authority address for the domain.");
634 showfooter();
635 exit;
636 }
637
638 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
639 $res = mysql_query($query);
640 if(mysql_num_rows($res) > 0)
641 {
642 showheader(_("My CAcert.org Account!"));
643 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
644 showfooter();
645 exit;
646 }
647 $checkemail = checkEmail($authaddy);
648 if($checkemail != "OK")
649 {
650 showheader(_("My CAcert.org Account!"));
651 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
652 if (substr($checkemail, 0, 1) == "4")
653 {
654 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
655 } else {
656 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
657 }
658 echo "<p>$checkemail</p>\n";
659 showfooter();
660 exit;
661 }
662
663 $hash = make_hash();
664 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
665 `memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
666 mysql_query($query);
667 $domainid = mysql_insert_id();
668
669 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
670 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
671 $body .= _("Best regards")."\n"._("CAcert.org Support!");
672
673 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
674
675 showheader(_("My CAcert.org Account!"));
676 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
677 showfooter();
678 exit;
679 }
680
681 if($process != "" && $oldid == 9)
682 {
683 $id = 9;
684 showheader(_("My CAcert.org Account!"));
685 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
686 {
687 echo _("The following domains have been removed:")."<br>
688 ("._("Any valid certificates will be revoked as well").")<br>\n";
689
690 foreach($_REQUEST['delid'] as $id)
691 {
692 $id = intval($id);
693 $query = "select * from `domains` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
694 $res = mysql_query($query);
695 if(mysql_num_rows($res) > 0)
696 {
697 $row = mysql_fetch_assoc($res);
698 echo $row['domain']."<br>\n";
699 account_domain_delete($row['id']);
700 }
701
702 }
703 }
704 else
705 {
706 echo _("You did not select any domains for removal.");
707 }
708
709 showfooter();
710 exit;
711 }
712
713 if($process != "" && $oldid == 10)
714 {
715 if(!array_key_exists('CCA',$_REQUEST))
716 {
717 showheader(_("My CAcert.org Account!"));
718 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
719 showfooter();
720 exit;
721 }
722
723 $CSR = clean_csr($_REQUEST['CSR']);
724 if(strpos($CSR,"---BEGIN")===FALSE)
725 {
726 // In case the CSR is missing the ---BEGIN lines, add them automatically:
727 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
728 }
729
730 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
731 {
732 showheader(_("My CAcert.org Account!"));
733 echo $weakKey;
734 showfooter();
735 exit;
736 }
737
738 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
739
740 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
741 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
742 fputs($fp, $CSR);
743 fclose($fp);
744 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
745 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
746 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
747 foreach($bits as $val)
748 {
749 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
750 }
751 $id = 11;
752
753 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
754 extractit();
755 getcn();
756 getalt();
757
758 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
759 {
760 showheader(_("My CAcert.org Account!"));
761 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
762 showfooter();
763 exit;
764 }
765
766 $_SESSION['_config']['rootcert'] = 1;
767 if($_SESSION['profile']['points'] >= 50)
768 {
769 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
770 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
771 $_SESSION['_config']['rootcert'] = 1;
772 }
773
774 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
775 }
776
777 if($process != "" && $oldid == 11)
778 {
779 if(!file_exists($_SESSION['_config']['tmpfname']))
780 {
781 showheader(_("My CAcert.org Account!"));
782 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
783 showfooter();
784 exit;
785 }
786
787 if (($weakKey = checkWeakKeyCSR(file_get_contents(
788 $_SESSION['_config']['tmpfname']))) !== "")
789 {
790 showheader(_("My CAcert.org Account!"));
791 echo $weakKey;
792 showfooter();
793 exit;
794 }
795
796 $id = 11;
797 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
798 {
799 showheader(_("My CAcert.org Account!"));
800 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
801 showfooter();
802 exit;
803 }
804
805 $subject = buildSubjectFromSession();
806
807 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
808 $_SESSION['_config']['rootcert'] = 1;
809
810 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
811
812 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
813 {
814 $query = "insert into `domaincerts` set
815 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
816 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
817 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
818 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
819 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
820 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
821 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
822 $query = "insert into `domaincerts` set
823 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
824 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
825 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
826 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
827 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
828 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
829 } else {
830 showheader(_("My CAcert.org Account!"));
831 echo _("Domain not verified.");
832 showfooter();
833 exit;
834 }
835
836 mysql_query($query);
837 $CSRid = mysql_insert_id();
838
839 if(is_array($_SESSION['_config']['rowid']))
840 foreach($_SESSION['_config']['rowid'] as $dom)
841 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
842 if(is_array($_SESSION['_config']['altid']))
843 foreach($_SESSION['_config']['altid'] as $dom)
844 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
845
846 $CSRname=generatecertpath("csr","server",$CSRid);
847 rename($_SESSION['_config']['tmpfname'], $CSRname);
848 chmod($CSRname,0644);
849 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
850 waitForResult("domaincerts", $CSRid, 11);
851 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
852 $res = mysql_query($query);
853 if(mysql_num_rows($res) <= 0)
854 {
855 $id = 11;
856 showheader(_("My CAcert.org Account!"));
857 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
858 showfooter();
859 exit;
860 } else {
861 $id = 15;
862 $cert = $CSRid;
863 $_REQUEST['cert']=$CSRid;
864 }
865 }
866
867 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
868 {
869 csrf_check('srvcerchange');
870 $id = 12;
871 showheader(_("My CAcert.org Account!"));
872 if(is_array($_REQUEST['revokeid']))
873 {
874 echo _("Now renewing the following certificates:")."<br>\n";
875 foreach($_REQUEST['revokeid'] as $id)
876 {
877 $id = intval($id);
878 echo _("Processing request")." $id:<br/>";
879 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
880 where `domaincerts`.`id`='$id' and
881 `domaincerts`.`domid`=`domains`.`id` and
882 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
883 $res = mysql_query($query);
884 if(mysql_num_rows($res) <= 0)
885 {
886 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
887 continue;
888 }
889
890 $row = mysql_fetch_assoc($res);
891
892 if (($weakKey = checkWeakKeyX509(file_get_contents(
893 $row['crt_name']))) !== "")
894 {
895 echo $weakKey, "<br/>\n";
896 continue;
897 }
898
899 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
900 $query = "insert into `domaincerts` set
901 `domid`='".intval($row['domid'])."',
902 `CN`='".mysql_real_escape_string($row['CN'])."',
903 `subject`='".mysql_real_escape_string($row['subject'])."',".
904 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
905 "`created`='".mysql_real_escape_string($row['created'])."',
906 `modified`=NOW(),
907 `rootcert`='".intval($row['rootcert'])."',
908 `type`='".intval($row['type'])."',
909 `pkhash`='".mysql_real_escape_string($row['pkhash'])."',
910 `description`='".mysql_real_escape_string($row['description'])."'";
911 mysql_query($query);
912 $newid = mysql_insert_id();
913 $newfile=generatecertpath("csr","server",$newid);
914 copy($row['csr_name'], $newfile);
915 $newfile_esc = escapeshellarg($newfile);
916 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep \"Subject:\""));
917 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
918 foreach($bits as $val)
919 {
920 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
921 }
922 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
923 extractit();
924 getcn();
925 getalt();
926
927 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
928 {
929 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
930 continue;
931 }
932
933 $subject = buildSubjectFromSession();
934 $subject = mysql_real_escape_string($subject);
935 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
936
937 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
938 waitForResult("domaincerts", $newid,$oldid,0);
939 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
940 $res = mysql_query($query);
941 if(mysql_num_rows($res) <= 0)
942 {
943 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
944 } else {
945 $drow = mysql_fetch_assoc($res);
946 $crt_name = escapeshellarg($drow['crt_name']);
947 $cert = shell_exec("/usr/bin/openssl x509 -in $crt_name");
948 echo "<pre>\n$cert\n</pre>\n";
949 }
950 }
951 }
952 else
953 {
954 echo _("You did not select any certificates for renewal.");
955 }
956
957 showfooter();
958 exit;
959 }
960
961 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
962 {
963 csrf_check('srvcerchange');
964 $id = 12;
965 showheader(_("My CAcert.org Account!"));
966 if(is_array($_REQUEST['revokeid']))
967 {
968 echo _("Now revoking the following certificates:")."<br>\n";
969 foreach($_REQUEST['revokeid'] as $id)
970 {
971 $id = intval($id);
972 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
973 where `domaincerts`.`id`='$id' and
974 `domaincerts`.`domid`=`domains`.`id` and
975 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
976 $res = mysql_query($query);
977 if(mysql_num_rows($res) <= 0)
978 {
979 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
980 continue;
981 }
982 $row = mysql_fetch_assoc($res);
983 if($row['revoke'] > 0)
984 {
985 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
986 continue;
987 }
988 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
989 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
990 }
991
992 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
993 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
994
995 }
996 else
997 {
998 echo _("You did not select any certificates for revocation.");
999 }
1000
1001 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1002 {
1003 echo _("Now deleting the following pending requests:")."<br>\n";
1004 foreach($_REQUEST['delid'] as $id)
1005 {
1006 $id = intval($id);
1007 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
1008 where `domaincerts`.`id`='$id' and
1009 `domaincerts`.`domid`=`domains`.`id` and
1010 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
1011 $res = mysql_query($query);
1012 if(mysql_num_rows($res) <= 0)
1013 {
1014 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1015 continue;
1016 }
1017 $row = mysql_fetch_assoc($res);
1018 if($row['expired'] > 0)
1019 {
1020 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1021 continue;
1022 }
1023 mysql_query("delete from `domaincerts` where `id`='$id'");
1024 @unlink($row['csr_name']);
1025 @unlink($row['crt_name']);
1026 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1027 }
1028 }
1029 showfooter();
1030 exit;
1031 }
1032
1033 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1034 {
1035 showheader(_("My CAcert.org Account!"));
1036 foreach($_REQUEST as $id => $val)
1037 {
1038 if(substr($id,0,14)=="check_comment_")
1039 {
1040 $cid = intval(substr($id,14));
1041 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1042 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1043 }
1044 }
1045 echo(_("Certificate settings have been changed.")."<br/>\n");
1046 showfooter();
1047 exit;
1048 }
1049
1050
1051 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1052 {
1053 showheader(_("My CAcert.org Account!"));
1054 if(is_array($_REQUEST['revokeid']))
1055 {
1056 echo _("Now renewing the following certificates:")."<br>\n";
1057 foreach($_REQUEST['revokeid'] as $id)
1058 {
1059 $id = intval($id);
1060 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1061 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1062 $res = mysql_query($query);
1063 if(mysql_num_rows($res) <= 0)
1064 {
1065 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1066 continue;
1067 }
1068
1069 $row = mysql_fetch_assoc($res);
1070
1071 if (($weakKey = checkWeakKeyX509(file_get_contents(
1072 $row['crt_name']))) !== "")
1073 {
1074 echo $weakKey, "<br/>\n";
1075 continue;
1076 }
1077
1078 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1079 $query = "insert into emailcerts set
1080 `memid`='".intval($row['memid'])."',
1081 `CN`='".mysql_real_escape_string($row['CN'])."',
1082 `subject`='".mysql_real_escape_string($row['subject'])."',
1083 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1084 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1085 `created`='".mysql_real_escape_string($row['created'])."',
1086 `modified`=NOW(),
1087 `disablelogin`='".intval($row['disablelogin'])."',
1088 `codesign`='".intval($row['codesign'])."',
1089 `rootcert`='".intval($row['rootcert'])."',
1090 `description`='".mysql_real_escape_string($row['description'])."'";
1091 mysql_query($query);
1092 $newid = mysql_insert_id();
1093 $newfile=generatecertpath("csr","client",$newid);
1094 copy($row['csr_name'], $newfile);
1095 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1096 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1097 while($r2 = mysql_fetch_assoc($res))
1098 {
1099 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1100 `emailcertsid`='$newid'");
1101 }
1102 waitForResult("emailcerts", $newid,$oldid,0);
1103 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1104 $res = mysql_query($query);
1105 if(mysql_num_rows($res) <= 0)
1106 {
1107 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1108 } else {
1109 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1110 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1111 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1112 }
1113 }
1114 }
1115 else
1116 {
1117 echo _("You did not select any certificates for renewal.")."<br/>";
1118 }
1119
1120 showfooter();
1121 exit;
1122 }
1123
1124 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1125 {
1126 $id = 5;
1127 showheader(_("My CAcert.org Account!"));
1128 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1129 {
1130 echo _("Now revoking the following certificates:")."<br>\n";
1131 foreach($_REQUEST['revokeid'] as $id)
1132 {
1133 $id = intval($id);
1134 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1135 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1136 $res = mysql_query($query);
1137 if(mysql_num_rows($res) <= 0)
1138 {
1139 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1140 continue;
1141 }
1142 $row = mysql_fetch_assoc($res);
1143 if($row['revoke'] > 0)
1144 {
1145 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1146 continue;
1147 }
1148 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1149 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1150 }
1151
1152 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1153 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1154 }
1155 else
1156 {
1157 echo _("You did not select any certificates for revocation.");
1158 }
1159
1160 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1161 {
1162 echo _("Now deleting the following pending requests:")."<br>\n";
1163 foreach($_REQUEST['delid'] as $id)
1164 {
1165 $id = intval($id);
1166 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1167 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1168 $res = mysql_query($query);
1169 if(mysql_num_rows($res) <= 0)
1170 {
1171 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1172 continue;
1173 }
1174 $row = mysql_fetch_assoc($res);
1175 if($row['expired'] > 0)
1176 {
1177 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1178 continue;
1179 }
1180 mysql_query("delete from `emailcerts` where `id`='$id'");
1181 @unlink($row['csr_name']);
1182 @unlink($row['crt_name']);
1183 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1184 }
1185 }
1186 showfooter();
1187 exit;
1188 }
1189
1190 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1191 {
1192 showheader(_("My CAcert.org Account!"));
1193 foreach($_REQUEST as $id => $val)
1194 {
1195 if(substr($id,0,5)=="cert_")
1196 {
1197 $cid = intval(substr($id,5));
1198 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1199 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1200 }
1201 if(substr($id,0,14)=="check_comment_")
1202 {
1203 $cid = intval(substr($id,14));
1204 if(!empty($_REQUEST['check_comment_'.$cid])) {
1205 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1206 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1207 }
1208 }
1209 }
1210 echo(_("Certificate settings have been changed.")."<br/>\n");
1211 showfooter();
1212 exit;
1213 }
1214
1215 if($oldid == 13 && $process != "" && $showdetails!="")
1216 {
1217 csrf_check("perschange");
1218 $_SESSION['_config']['user'] = $_SESSION['profile'];
1219
1220 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1221 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1222 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1223 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1224 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1225 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1226 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1227 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1228 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1229 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1230
1231 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1232 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1233 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1234 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1235 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1236 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1237 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1238 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1239 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1240 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1241 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1242 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1243 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1244 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1245 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1246 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1247 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1248 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1249 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1250 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1251 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1252 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1253 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1254 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1255 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1256 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1257 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1258 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1259 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1260 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1261 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1262 {
1263 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1264 $id = $oldid;
1265 $oldid=0;
1266 }
1267
1268 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1269 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1270 $_SESSION['_config']['user']['Q5'] == "")
1271 {
1272 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1273 $id = $oldid;
1274 $oldid=0;
1275 }
1276 }
1277
1278 if($oldid == 13 && $process != "")
1279 {
1280 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
1281 $ddres = mysql_query($ddquery);
1282 $ddrow = mysql_fetch_assoc($ddres);
1283 $_SESSION['profile']['points'] = $ddrow['total'];
1284
1285 if($_SESSION['profile']['points'] == 0)
1286 {
1287 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1288 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1289 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1290 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1291 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1292 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1293 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1294
1295 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1296 {
1297 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1298 $id = $oldid;
1299 $oldid=0;
1300 }
1301 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1302 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1303 {
1304 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1305 $id = $oldid;
1306 $oldid=0;
1307 }
1308 }
1309 }
1310
1311 if($oldid == 13 && $process != "")
1312 {
1313 if($_SESSION['profile']['points'] == 0)
1314 {
1315 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1316 `mname`='".$_SESSION['_config']['user']['mname']."',
1317 `lname`='".$_SESSION['_config']['user']['lname']."',
1318 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1319 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1320 where `id`='".intval($_SESSION['profile']['id'])."'";
1321 mysql_query($query);
1322 }
1323 if ($showdetails!="") {
1324 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1325 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1326 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1327 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1328 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1329 `A1`='".$_SESSION['_config']['user']['A1']."',
1330 `A2`='".$_SESSION['_config']['user']['A2']."',
1331 `A3`='".$_SESSION['_config']['user']['A3']."',
1332 `A4`='".$_SESSION['_config']['user']['A4']."',
1333 `A5`='".$_SESSION['_config']['user']['A5']."'
1334 where `id`='".intval($_SESSION['profile']['id'])."'";
1335 mysql_query($query);
1336 }
1337
1338 $_SESSION['_config']['user']['set'] = 0;
1339 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
1340 $_SESSION['profile']['loggedin'] = 1;
1341
1342 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
1343 $ddres = mysql_query($ddquery);
1344 $ddrow = mysql_fetch_assoc($ddres);
1345 $_SESSION['profile']['points'] = $ddrow['total'];
1346
1347
1348 $id = 13;
1349 showheader(_("My CAcert.org Account!"));
1350 echo _("Your details have been updated with the database.");
1351 showfooter();
1352 exit;
1353 }
1354
1355 if($oldid == 14 && $process != "")
1356 {
1357 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1358 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1359 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1360
1361 $id = 14;
1362 csrf_check("pwchange");
1363
1364 showheader(_("My CAcert.org Account!"));
1365 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1366 {
1367 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1368 '</h3>', "\n";
1369 echo _("New Pass Phrases specified don't match or were blank.");
1370 } else {
1371 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1372 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1373
1374 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1375 {
1376 $match = mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and
1377 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1378 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1379 $rc = mysql_num_rows($match);
1380 } else {
1381 $rc = 1;
1382 }
1383
1384 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1385 echo '<h3 style="color:red">',
1386 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1387 echo _("The Pass Phrase you submitted was too short.");
1388 } else if($score < 3) {
1389 echo '<h3 style="color:red">',
1390 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1391 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1392 } else if($rc <= 0) {
1393 echo '<h3 style="color:red">',
1394 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1395 echo _("You failed to correctly enter your current Pass Phrase.");
1396 } else {
1397 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1398 where `id`='".intval($_SESSION['profile']['id'])."'");
1399 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1400 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1401 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1402 $body .= _("You are receiving this email because you or someone else ".
1403 "has changed the password on your account.")."\n\n";
1404
1405 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1406
1407 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1408 "support@cacert.org", "", "", "CAcert Support");
1409 }
1410 }
1411 showfooter();
1412 exit;
1413 }
1414
1415 if($oldid == 16)
1416 {
1417 $id = 16;
1418 $_SESSION['_config']['emails'] = array();
1419
1420 foreach($_REQUEST['emails'] as $val)
1421 {
1422 $val = mysql_real_escape_string(stripslashes(trim($val)));
1423 $bits = explode("@", $val);
1424 $count = count($bits);
1425 if($count != 2)
1426 continue;
1427
1428 if(checkownership($bits[1]) == false)
1429 continue;
1430
1431 if(!is_array($_SESSION['_config']['row']))
1432 continue;
1433 else if($_SESSION['_config']['row']['id'] > 0)
1434 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1435
1436 if($val != "")
1437 $_SESSION['_config']['emails'][] = $val;
1438 }
1439 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1440 $_SESSION['_config']['OU'] = stripslashes(trim($_REQUEST['OU']));
1441
1442 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1443 }
1444
1445 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1446 {
1447 $id = 16;
1448 showheader(_("My CAcert.org Account!"));
1449 echo _("I couldn't match any emails against your organisational account.");
1450 showfooter();
1451 exit;
1452 }
1453
1454 if($oldid == 16 && $process != "")
1455 {
1456 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1457 {
1458 $_REQUEST['codesign'] = 1;
1459 $_SESSION['_config']['codesign'] = 1;
1460 }
1461 else
1462 {
1463 $_REQUEST['codesign'] = 0;
1464 $_SESSION['_config']['codesign'] = 0;
1465 }
1466
1467 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1468 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1469 $_SESSION['_config']['rootcert'] = 1;
1470
1471 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1472
1473 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1474
1475 if(@count($_SESSION['_config']['emails']) > 0)
1476 $id = 17;
1477 }
1478
1479 if($oldid == 17)
1480 {
1481 $org = $_SESSION['_config']['row'];
1482 if($_REQUEST['keytype'] == "NS")
1483 {
1484 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1485
1486 if($spkac == "" || strlen($spkac) < 128)
1487 {
1488 $id = 17;
1489 showheader(_("My CAcert.org Account!"));
1490 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1491 showfooter();
1492 exit;
1493 }
1494
1495 $count = 0;
1496 $emails = "";
1497 $addys = array();
1498 if(is_array($_SESSION['_config']['emails']))
1499 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1500 {
1501 if(!$emails)
1502 $defaultemail = $_REQUEST['email'];
1503 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1504 $count++;
1505 }
1506 if($_SESSION['_config']['name'] != "")
1507 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1508 if($_SESSION['_config']['OU'])
1509 $emails .= "organizationalUnitName = ".mysql_real_escape_string($_SESSION['_config']['OU'])."\n";
1510 if($org['O'])
1511 $emails .= "organizationName = ".$org['O']."\n";
1512 if($org['L'])
1513 $emails .= "localityName = ".$org['L']."\n";
1514 if($org['ST'])
1515 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1516 if($org['C'])
1517 $emails .= "countryName = ".$org['C']."\n";
1518 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1519 $_SESSION['_config']['rootcert'] = 1;
1520
1521
1522 $emails .= "SPKAC = $spkac";
1523 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1524 {
1525 $id = 17;
1526 showheader(_("My CAcert.org Account!"));
1527 echo $weakKey;
1528 showfooter();
1529 exit;
1530 }
1531
1532 $query = "insert into `orgemailcerts` set
1533 `CN`='$defaultemail',
1534 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1535 `keytype`='NS',
1536 `orgid`='".intval($org['orgid'])."',
1537 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1538 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1539 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1540 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1541 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1542 mysql_query($query);
1543 $emailid = mysql_insert_id();
1544
1545 foreach($_SESSION['_config']['domids'] as $addy)
1546 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1547
1548 $CSRname=generatecertpath("csr","orgclient",$emailid);
1549 $fp = fopen($CSRname, "w");
1550 fputs($fp, $emails);
1551 fclose($fp);
1552 $challenge=$_SESSION['spkac_hash'];
1553 $CSRname_esc = escapeshellarg($CSRname);
1554 $res=shell_exec("openssl spkac -verify -in $CSRname_esc");
1555 if(!strstr($res,"Challenge String: ".$challenge))
1556 {
1557 $id = $oldid;
1558 showheader(_("My CAcert.org Account!"));
1559 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1560 showfooter();
1561 exit;
1562 }
1563 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1564 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1565 $csr = clean_csr($_REQUEST['CSR']);
1566 if(strpos($csr,"---BEGIN") === FALSE)
1567 {
1568 // In case the CSR is missing the ---BEGIN lines, add them automatically:
1569 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".$csr."\n-----END CERTIFICATE REQUEST-----\n";
1570 }
1571
1572 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1573 {
1574 $id = 17;
1575 showheader(_("My CAcert.org Account!"));
1576 echo $weakKey;
1577 showfooter();
1578 exit;
1579 }
1580
1581 $tmpfname = tempnam("/tmp", "id17CSR");
1582 $fp = fopen($tmpfname, "w");
1583 fputs($fp, $csr);
1584 fclose($fp);
1585
1586 $addys = array();
1587 $defaultemail = "";
1588 $csrsubject="";
1589
1590 if($_SESSION['_config']['name'] != "")
1591 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1592 if(is_array($_SESSION['_config']['emails']))
1593 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1594 {
1595 if($defaultemail == "")
1596 $defaultemail = $_REQUEST['email'];
1597 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1598 }
1599 if($_SESSION['_config']['OU'])
1600 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1601 if($org['O'])
1602 $csrsubject .= "/organizationName=".$org['O'];
1603 if($org['L'])
1604 $csrsubject .= "/localityName=".$org['L'];
1605 if($org['ST'])
1606 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1607 if($org['C'])
1608 $csrsubject .= "/countryName=".$org['C'];
1609
1610 $tmpname = tempnam("/tmp", "id17csr");
1611 $tmpfname_esc = escapeshellarg($tmpfname);
1612 $tmpname_esc = escapeshellarg($tmpname);
1613 $do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc");
1614 @unlink($tmpfname);
1615 $csr = "";
1616 $fp = fopen($tmpname, "r");
1617 while($data = fgets($fp, 4096))
1618 $csr .= $data;
1619 fclose($fp);
1620 @unlink($tmpname);
1621
1622 if($csr == "")
1623 {
1624 showheader(_("My CAcert.org Account!"));
1625 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1626 showfooter();
1627 exit;
1628 }
1629 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1630 $_SESSION['_config']['rootcert'] = 1;
1631
1632 $query = "insert into `orgemailcerts` set
1633 `CN`='$defaultemail',
1634 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1635 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1636 `orgid`='".intval($org['orgid'])."',
1637 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1638 `subject`='".mysql_real_escape_string($csrsubject)."',
1639 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1640 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1641 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1642 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1643 mysql_query($query);
1644 $emailid = mysql_insert_id();
1645
1646 foreach($_SESSION['_config']['domids'] as $addy)
1647 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1648
1649 $CSRname=generatecertpath("csr","orgclient",$emailid);
1650 $fp = fopen($CSRname, "w");
1651 fputs($fp, $csr);
1652 fclose($fp);
1653 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1654 }
1655 waitForResult("orgemailcerts", $emailid,$oldid);
1656 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1657 $res = mysql_query($query);
1658 if(mysql_num_rows($res) <= 0)
1659 {
1660 showheader(_("My CAcert.org Account!"));
1661 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1662 showfooter();
1663 exit;
1664 } else {
1665 $id = 19;
1666 $cert = $emailid;
1667 $_REQUEST['cert']=$emailid;
1668 }
1669 }
1670
1671 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1672 {
1673 csrf_check('clicerchange');
1674 showheader(_("My CAcert.org Account!"));
1675 if(is_array($_REQUEST['revokeid']))
1676 {
1677 $id = 18;
1678 echo _("Now renewing the following certificates:")."<br>\n";
1679 foreach($_REQUEST['revokeid'] as $id)
1680 {
1681 echo "Renewing certificate #$id ...\n<br/>";
1682 $id = intval($id);
1683 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1684 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1685 `org`.`orgid`=`orgemailcerts`.`orgid`";
1686 $res = mysql_query($query);
1687 if(mysql_num_rows($res) <= 0)
1688 {
1689 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1690 continue;
1691 }
1692
1693 $row = mysql_fetch_assoc($res);
1694
1695 if (($weakKey = checkWeakKeyX509(file_get_contents(
1696 $row['crt_name']))) !== "")
1697 {
1698 echo $weakKey, "<br/>\n";
1699 continue;
1700 }
1701
1702 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1703 if($row['revoke'] > 0)
1704 {
1705 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1706 continue;
1707 }
1708 $query = "insert into `orgemailcerts` set
1709 `orgid`='".intval($row['orgid'])."',
1710 `CN`='".mysql_real_escape_string($row['CN'])."',
1711 `ou`='".mysql_real_escape_string($row['ou'])."',
1712 `subject`='".mysql_real_escape_string($row['subject'])."',
1713 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1714 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1715 `created`='".mysql_real_escape_string($row['created'])."',
1716 `modified`=NOW(),
1717 `codesign`='".intval($row['codesign'])."',
1718 `rootcert`='".intval($row['rootcert'])."',
1719 `description`='".mysql_real_escape_string($row['description'])."'";
1720 mysql_query($query);
1721 $newid = mysql_insert_id();
1722 $newfile=generatecertpath("csr","orgclient",$newid);
1723 copy($row['csr_name'], $newfile);
1724 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1725 waitForResult("orgemailcerts", $newid,$oldid,0);
1726 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1727 $res = mysql_query($query);
1728 if(mysql_num_rows($res) > 0)
1729 {
1730 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1731 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1732 _("Click here")."</a> "._("to install your certificate.");
1733 }
1734 echo("<br/>");
1735 }
1736 }
1737 else
1738 {
1739 echo _("You did not select any certificates for renewal.");
1740 }
1741 showfooter();
1742 exit;
1743 }
1744
1745 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1746 {
1747 csrf_check('clicerchange');
1748 $id = 18;
1749 showheader(_("My CAcert.org Account!"));
1750 if(is_array($_REQUEST['revokeid']))
1751 {
1752 echo _("Now revoking the following certificates:")."<br>\n";
1753 foreach($_REQUEST['revokeid'] as $id)
1754 {
1755 $id = intval($id);
1756 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1757 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1758 `org`.`orgid`=`orgemailcerts`.`orgid`";
1759 $res = mysql_query($query);
1760 if(mysql_num_rows($res) <= 0)
1761 {
1762 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1763 continue;
1764 }
1765 $row = mysql_fetch_assoc($res);
1766 if($row['revoke'] > 0)
1767 {
1768 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1769 continue;
1770 }
1771 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1772 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1773 }
1774
1775 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1776 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1777 }
1778 else
1779 {
1780 echo _("You did not select any certificates for revocation.");
1781 }
1782
1783 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1784 {
1785 echo _("Now deleting the following pending requests:")."<br>\n";
1786 foreach($_REQUEST['delid'] as $id)
1787 {
1788 $id = intval($id);
1789 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1790 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1791 `org`.`orgid`=`orgemailcerts`.`orgid`";
1792 $res = mysql_query($query);
1793 if(mysql_num_rows($res) <= 0)
1794 {
1795 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1796 continue;
1797 }
1798 $row = mysql_fetch_assoc($res);
1799 if($row['expired'] > 0)
1800 {
1801 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1802 continue;
1803 }
1804 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1805 @unlink($row['csr_name']);
1806 @unlink($row['crt_name']);
1807 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1808 }
1809 }
1810 showfooter();
1811 exit;
1812 }
1813
1814 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1815 {
1816 showheader(_("My CAcert.org Account!"));
1817 foreach($_REQUEST as $id => $val)
1818 {
1819 if(substr($id,0,14)=="check_comment_")
1820 {
1821 $cid = intval(substr($id,14));
1822 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1823 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1824 }
1825 }
1826 echo(_("Certificate settings have been changed.")."<br/>\n");
1827 showfooter();
1828 exit;
1829 }
1830
1831 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1832 {
1833 $id=18;
1834 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1835 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1836 $_SESSION['_config']['status']=$_REQUEST['status'];
1837 }
1838
1839 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1840 {
1841 $id=18;
1842 $_SESSION['_config']['orgfilterid']=0;
1843 $_SESSION['_config']['sorting']=0;
1844 $_SESSION['_config']['status']=0;
1845 }
1846
1847 if($process != "" && $oldid == 20)
1848 {
1849 $CSR = clean_csr($_REQUEST['CSR']);
1850
1851 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1852 {
1853 $id = 20;
1854 showheader(_("My CAcert.org Account!"));
1855 echo $weakKey;
1856 showfooter();
1857 exit;
1858 }
1859
1860 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1861
1862 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1863 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1864 fputs($fp, $CSR);
1865 fclose($fp);
1866 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
1867 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
1868 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
1869 foreach($bits as $val)
1870 {
1871 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1872 }
1873 $id = 21;
1874
1875 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1876 extractit();
1877 getcn2();
1878 getalt2();
1879
1880 $query = "select * from `orginfo`,`org`,`orgdomains` where
1881 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1882 `org`.`orgid`=`orginfo`.`id` and
1883 `org`.`orgid`=`orgdomains`.`orgid` and
1884 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.CN'])."'";
1885 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1886 $query = "select * from `orginfo`,`org`,`orgdomains` where
1887 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1888 `org`.`orgid`=`orginfo`.`id` and
1889 `org`.`orgid`=`orgdomains`.`orgid` and
1890 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.subjectAltName'])."'";
1891 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1892 //echo "<pre>"; print_r($_SESSION['_config']); die;
1893
1894 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1895 {
1896 $id = 20;
1897 showheader(_("My CAcert.org Account!"));
1898 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1899 showfooter();
1900 exit;
1901 }
1902
1903 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1904 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1905 $_SESSION['_config']['rootcert'] = 1;
1906
1907 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1908 }
1909
1910 if($process != "" && $oldid == 21)
1911 {
1912 $id = 21;
1913
1914 if(!file_exists($_SESSION['_config']['tmpfname']))
1915 {
1916 showheader(_("My CAcert.org Account!"));
1917 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1918 showfooter();
1919 exit;
1920 }
1921
1922 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1923 $_SESSION['_config']['tmpfname']))) !== "")
1924 {
1925 showheader(_("My CAcert.org Account!"));
1926 echo $weakKey;
1927 showfooter();
1928 exit;
1929 }
1930
1931 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1932 {
1933 showheader(_("My CAcert.org Account!"));
1934 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1935 showfooter();
1936 exit;
1937 }
1938
1939 if($_SESSION['_config']['rowid']['0'] > 0)
1940 {
1941 $query = "select * from `org`,`orginfo` where
1942 `orginfo`.`id`='".intval($_SESSION['_config']['rowid']['0'])."' and
1943 `orginfo`.`id`=`org`.`orgid` and
1944 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1945 } else {
1946 $query = "select * from `org`,`orginfo` where
1947 `orginfo`.`id`='".intval($_SESSION['_config']['altid']['0'])."' and
1948 `orginfo`.`id`=`org`.`orgid` and
1949 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1950 }
1951 $org = mysql_fetch_assoc(mysql_query($query));
1952 $csrsubject = "";
1953
1954 if($_SESSION['_config']['OU'])
1955 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1956 if($org['O'])
1957 $csrsubject .= "/organizationName=".$org['O'];
1958 if($org['L'])
1959 $csrsubject .= "/localityName=".$org['L'];
1960 if($org['ST'])
1961 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1962 if($org['C'])
1963 $csrsubject .= "/countryName=".$org['C'];
1964 //if($org['contact'])
1965 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1966
1967 $csrsubject .= buildSubjectFromSession();
1968
1969 $type="";
1970 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1971 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1972 $_SESSION['_config']['rootcert'] = 1;
1973
1974 if($_SESSION['_config']['rowid']['0'] > 0)
1975 {
1976 $query = "insert into `orgdomaincerts` set
1977 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
1978 `orgid`='".intval($org['id'])."',
1979 `created`=NOW(),
1980 `subject`='".mysql_real_escape_string($csrsubject)."',
1981 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1982 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1983 `type`='".$type."',
1984 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1985 } else {
1986 $query = "insert into `orgdomaincerts` set
1987 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
1988 `orgid`='".intval($org['id'])."',
1989 `created`=NOW(),
1990 `subject`='".mysql_real_escape_string($csrsubject)."',
1991 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1992 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1993 `type`='".$type."',
1994 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1995 }
1996 mysql_query($query);
1997 $CSRid = mysql_insert_id();
1998
1999 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2000 rename($_SESSION['_config']['tmpfname'], $CSRname);
2001 chmod($CSRname,0644);
2002 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2003 if(is_array($_SESSION['_config']['rowid']))
2004 foreach($_SESSION['_config']['rowid'] as $id)
2005 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
2006 if(is_array($_SESSION['_config']['altid']))
2007 foreach($_SESSION['_config']['altid'] as $id)
2008 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
2009 waitForResult("orgdomaincerts", $CSRid,$oldid);
2010 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2011 $res = mysql_query($query);
2012 if(mysql_num_rows($res) <= 0)
2013 {
2014 showheader(_("My CAcert.org Account!"));
2015 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2016 showfooter();
2017 exit;
2018 } else {
2019 $id = 23;
2020 $cert = $CSRid;
2021 $_REQUEST['cert']=$CSRid;
2022 }
2023 }
2024
2025 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2026 {
2027 csrf_check('orgsrvcerchange');
2028 showheader(_("My CAcert.org Account!"));
2029 if(is_array($_REQUEST['revokeid']))
2030 {
2031 echo _("Now renewing the following certificates:")."<br>\n";
2032 foreach($_REQUEST['revokeid'] as $id)
2033 {
2034 $id = intval($id);
2035 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2036 `orgdomaincerts`,`org`
2037 where `orgdomaincerts`.`id`='$id' and
2038 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2039 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2040 $res = mysql_query($query);
2041 if(mysql_num_rows($res) <= 0)
2042 {
2043 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2044 continue;
2045 }
2046
2047 $row = mysql_fetch_assoc($res);
2048
2049 if (($weakKey = checkWeakKeyX509(file_get_contents(
2050 $row['crt_name']))) !== "")
2051 {
2052 echo $weakKey, "<br/>\n";
2053 continue;
2054 }
2055
2056 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2057 if($row['revoke'] > 0)
2058 {
2059 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2060 continue;
2061 }
2062 $query = "insert into `orgdomaincerts` set
2063 `orgid`='".intval($row['orgid'])."',
2064 `CN`='".mysql_real_escape_string($row['CN'])."',
2065 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
2066 `created`='".mysql_real_escape_string($row['created'])."',
2067 `modified`=NOW(),
2068 `subject`='".mysql_real_escape_string($row['subject'])."',
2069 `type`='".intval($row['type'])."',
2070 `rootcert`='".intval($row['rootcert'])."',
2071 `description`='".mysql_real_escape_string($row['description'])."'";
2072 mysql_query($query);
2073 $newid = mysql_insert_id();
2074 //echo "NewID: $newid<br/>\n";
2075 $newfile=generatecertpath("csr","orgserver",$newid);
2076 copy($row['csr_name'], $newfile);
2077 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2078 echo _("Renewing").": ".$row['CN']."<br>\n";
2079 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2080 while($r2 = mysql_fetch_assoc($res))
2081 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($r2['orgdomid'])."', `orgcertid`='$newid'");
2082 waitForResult("orgdomaincerts", $newid,$oldid,0);
2083 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2084 $res = mysql_query($query);
2085 if(mysql_num_rows($res) <= 0)
2086 {
2087 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2088 } else {
2089 $drow = mysql_fetch_assoc($res);
2090 $crtname = escapeshellarg($drow['crt_name']);
2091 $cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
2092 echo "<pre>\n$cert\n</pre>\n";
2093 }
2094 }
2095 }
2096 else
2097 {
2098 echo _("You did not select any certificates for renewal.");
2099 }
2100 showfooter();
2101 exit;
2102 }
2103
2104 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2105 {
2106 csrf_check('orgsrvcerchange');
2107 showheader(_("My CAcert.org Account!"));
2108 if(is_array($_REQUEST['revokeid']))
2109 {
2110 echo _("Now revoking the following certificates:")."<br>\n";
2111 foreach($_REQUEST['revokeid'] as $id)
2112 {
2113 $id = intval($id);
2114 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2115 `orgdomaincerts`,`org`
2116 where `orgdomaincerts`.`id`='$id' and
2117 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2118 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2119 $res = mysql_query($query);
2120 if(mysql_num_rows($res) <= 0)
2121 {
2122 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2123 continue;
2124 }
2125 $row = mysql_fetch_assoc($res);
2126 if($row['revoke'] > 0)
2127 {
2128 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2129 continue;
2130 }
2131 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2132 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
2133 }
2134
2135 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
2136 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
2137 }
2138 else
2139 {
2140 echo _("You did not select any certificates for revocation.");
2141 }
2142
2143 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2144 {
2145 echo _("Now deleting the following pending requests:")."<br>\n";
2146 foreach($_REQUEST['delid'] as $id)
2147 {
2148 $id = intval($id);
2149 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2150 `orgdomaincerts`,`org`
2151 where `orgdomaincerts`.`id`='$id' and
2152 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2153 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2154 $res = mysql_query($query);
2155 if(mysql_num_rows($res) <= 0)
2156 {
2157 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2158 continue;
2159 }
2160 $row = mysql_fetch_assoc($res);
2161 if($row['expired'] > 0)
2162 {
2163 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2164 continue;
2165 }
2166 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2167 @unlink($row['csr_name']);
2168 @unlink($row['crt_name']);
2169 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2170 }
2171 }
2172 showfooter();
2173 exit;
2174 }
2175
2176 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2177 {
2178 showheader(_("My CAcert.org Account!"));
2179 foreach($_REQUEST as $id => $val)
2180 {
2181 if(substr($id,0,14)=="check_comment_")
2182 {
2183 $cid = intval(substr($id,14));
2184 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2185 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2186 }
2187 }
2188 echo(_("Certificate settings have been changed.")."<br/>\n");
2189 showfooter();
2190 exit;
2191 }
2192
2193 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2194 {
2195 $id=22;
2196 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2197 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2198 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2199 }
2200
2201 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2202 {
2203 $id=22;
2204 $_SESSION['_config']['dorgfilterid']=0;
2205 $_SESSION['_config']['dsorting']=0;
2206 $_SESSION['_config']['dstatus']=0;
2207 }
2208
2209
2210 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2211 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2212 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2213 $_SESSION['profile']['orgadmin'] != 1)
2214 {
2215 showheader(_("My CAcert.org Account!"));
2216 echo _("You don't have access to this area.");
2217 showfooter();
2218 exit;
2219 }
2220
2221 if($oldid == 24 && $process != "")
2222 {
2223 $id = intval($oldid);
2224 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2225 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2226 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2227 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2228 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2229 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2230
2231 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2232 {
2233 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2234 } else {
2235 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2236 `contact`='".$_SESSION['_config']['contact']."',
2237 `L`='".$_SESSION['_config']['L']."',
2238 `ST`='".$_SESSION['_config']['ST']."',
2239 `C`='".$_SESSION['_config']['C']."',
2240 `comments`='".$_SESSION['_config']['comments']."'");
2241 showheader(_("My CAcert.org Account!"));
2242 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2243 showfooter();
2244 exit;
2245 }
2246 }
2247
2248 if($oldid == 27 && $process != "")
2249 {
2250 csrf_check('orgdetchange');
2251 $id = intval($oldid);
2252 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2253 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2254 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2255 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2256 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2257 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2258
2259 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2260 {
2261 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2262 } else {
2263 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2264 `contact`='".$_SESSION['_config']['contact']."',
2265 `L`='".$_SESSION['_config']['L']."',
2266 `ST`='".$_SESSION['_config']['ST']."',
2267 `C`='".$_SESSION['_config']['C']."',
2268 `comments`='".$_SESSION['_config']['comments']."'
2269 where `id`='".intval($_SESSION['_config']['orgid'])."'");
2270 showheader(_("My CAcert.org Account!"));
2271 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2272 showfooter();
2273 exit;
2274 }
2275 }
2276
2277 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2278 {
2279 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2280 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2281 if(mysql_num_rows($res1) > 0)
2282 {
2283 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2284 $id = $oldid;
2285 $oldid=0;
2286 }
2287 }
2288
2289 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2290 {
2291 $oldid=0;
2292 $id = 25;
2293 }
2294
2295 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2296 {
2297 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2298 showheader(_("My CAcert.org Account!"));
2299 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2300 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2301 showfooter();
2302 exit;
2303 }
2304
2305 if($oldid == 29 && $process != "")
2306 {
2307 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2308
2309 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid).