bug 807: Apparently one should write SHA algorithms with a hyphen
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 /**
26 * Build a subject string as needed by the signer
27 *
28 * @param array(string) $domains
29 * First domain is used as CN and repeated in subjectAltName. Duplicates
30 * should already been removed
31 *
32 * @param bool $include_xmpp_addr
33 * [default: true] Whether to include the XmppAddr in the subjectAltName.
34 * This is needed if the Jabber server is jabber.example.com but a Jabber ID
35 * on that server would be alice@example.com
36 *
37 * @return string
38 */
39 function buildSubject(array $domains, $include_xmpp_addr = true) {
40 $subject = "/CN=${domains[0]}";
41
42 foreach ($domains as $domain) {
43 $subject .= "/subjectAltName=DNS:$domain";
44
45 if ($include_xmpp_addr) {
46 $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$domain";
47 }
48 }
49
50 return $subject;
51 }
52
53 /**
54 * Builds the subject string from the session variables
55 * $_SESSION['_config']['rows'] and $_SESSION['_config']['altrows']
56 *
57 * @return string
58 */
59 function buildSubjectFromSession() {
60 $domains = array();
61
62 if (is_array($_SESSION['_config']['rows'])) {
63 $domains = array_merge($domains, $_SESSION['_config']['rows']);
64 }
65
66 if (is_array($_SESSION['_config']['altrows']))
67 foreach ($_SESSION['_config']['altrows'] as $row) {
68 if (substr($row, 0, 4) === "DNS:") {
69 $domains[] = substr($row, 4);
70 }
71 }
72
73 return buildSubject(array_unique($domains));
74 }
75
76 $id = array_key_exists("id",$_REQUEST) ? intval($_REQUEST['id']) : 0;
77 $oldid = array_key_exists("oldid",$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
78 $process = array_key_exists("process",$_REQUEST) ? $_REQUEST['process'] : "";
79 // $showdetalis refers to Secret Question and Answers from account/13.php
80 $showdetails = array_key_exists("showdetails",$_REQUEST) ? intval($_REQUEST['showdetails']) : 0;
81
82 $cert = array_key_exists('cert',$_REQUEST) ? intval($_REQUEST['cert']) : 0;
83 $orgid = array_key_exists('orgid',$_REQUEST) ? intval($_REQUEST['orgid']) : 0;
84 $memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
85 $domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
86
87
88 if(!$_SESSION['mconn'])
89 {
90 echo _("Several CAcert Services are currently unavailable. Please try again later.");
91 exit;
92 }
93
94 if ($process == _("Cancel"))
95 {
96 // General reset CANCEL process requests
97 $process = "";
98 }
99
100
101 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
102 {
103 $id = 1;
104 $oldid=0;
105 }
106
107 if($process != "" && $oldid == 1)
108 {
109 $id = 1;
110 csrf_check('addemail');
111 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
112 {
113 showheader(_("My CAcert.org Account!"));
114 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
115 showfooter();
116 exit;
117 }
118 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
119 {
120 showheader(_("My CAcert.org Account!"));
121 printf(_("Not a valid email address. Can't continue."));
122 showfooter();
123 exit;
124 }
125 $oldid=0;
126 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
127 if(check_email_exists($_REQUEST['email'])==true)
128 {
129 showheader(_("My CAcert.org Account!"));
130 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
131 showfooter();
132 exit;
133 }
134 $checkemail = checkEmail($_REQUEST['newemail']);
135 if($checkemail != "OK")
136 {
137 showheader(_("My CAcert.org Account!"));
138 if (substr($checkemail, 0, 1) == "4")
139 {
140 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
141 } else {
142 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
143 }
144 echo "<p>$checkemail</p>\n";
145 showfooter();
146 exit;
147 }
148 $hash = make_hash();
149 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
150 mysql_query($query);
151 $emailid = mysql_insert_id();
152
153 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
154 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
155 $body .= _("Best regards")."\n"._("CAcert.org Support!");
156
157 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
158
159 showheader(_("My CAcert.org Account!"));
160 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
161 showfooter();
162 exit;
163 }
164
165 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
166 {
167 $id = 2;
168 $emailid = intval($_REQUEST['emailid']);
169 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
170 $res = mysql_query($query);
171 if(mysql_num_rows($res) <= 0)
172 {
173 showheader(_("Error!"));
174 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
175 showfooter();
176 exit;
177 }
178 $row = mysql_fetch_assoc($res);
179 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
180 $body .= _("You are receiving this email because you or someone else ".
181 "has changed the default email on your account.")."\n\n";
182
183 $body .= _("Best regards")."\n"._("CAcert.org Support!");
184
185 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
186 "support@cacert.org", "", "", "CAcert Support");
187
188 $_SESSION['profile']['email'] = $row['email'];
189 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
190 mysql_query($query);
191 showheader(_("My CAcert.org Account!"));
192 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
193 showfooter();
194 exit;
195 }
196
197 if($process != "" && $oldid == 2)
198 {
199 $id = 2;
200 csrf_check("chgdef");
201 showheader(_("My CAcert.org Account!"));
202 $delcount = 0;
203 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
204 {
205 $deltitle=false;
206 foreach($_REQUEST['delid'] as $id)
207 {
208 if (!$deltitle) {
209 echo _('The following email addresses have been removed:')."<br>\n";
210 $deltitle=true;
211 }
212 $id = intval($id);
213 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
214 `email`!='".$_SESSION['profile']['email']."'";
215 $res = mysql_query($query);
216 if(mysql_num_rows($res) > 0)
217 {
218 $row = mysql_fetch_assoc($res);
219 echo $row['email']."<br>\n";
220 account_email_delete($row['id']);
221 $delcount++;
222 }
223 }
224 }
225 else
226 {
227 echo _("You did not select any email accounts for removal.");
228 }
229 if(0 == $delcount)
230 {
231 echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
232 }
233
234 showfooter();
235 exit;
236 }
237
238 if($process != "" && $oldid == 3)
239 {
240 if(!array_key_exists('CCA',$_REQUEST))
241 {
242 showheader(_("My CAcert.org Account!"));
243 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
244 showfooter();
245 exit;
246 }
247
248 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
249 {
250 showheader(_("My CAcert.org Account!"));
251 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
252 showfooter();
253 exit;
254 }
255
256 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
257
258 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
259 if($_SESSION['profile']['points'] >= 50)
260 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
261 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
262 {
263 $_REQUEST['codesign'] = 0;
264 }
265 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
266 {
267 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
268 $_SESSION['_config']['incname'] = 1;
269 }
270 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
271 $_SESSION['_config']['codesign'] = 1;
272 else
273 $_SESSION['_config']['codesign'] = 0;
274
275 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
276 $_SESSION['_config']['disablelogin'] = 0;
277 else
278 $_SESSION['_config']['disablelogin'] = 1;
279
280 $_SESSION['_config']['rootcert'] = 1;
281 if($_SESSION['profile']['points'] >= 50)
282 {
283 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
284 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
285 $_SESSION['_config']['rootcert'] = 1;
286 }
287
288 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
289
290 $csr = "";
291 if(trim($_REQUEST['optionalCSR']) == "")
292 {
293 $id = 4;
294 } else {
295 $oldid = 4;
296 $_REQUEST['keytype'] = "MS";
297 $csr = clean_csr($_REQUEST['optionalCSR']);
298 }
299 if(trim($_REQUEST['description']) != ""){
300 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
301 }else{
302 $_SESSION['_config']['description']= "";
303 }
304 }
305
306 if($oldid == 4)
307 {
308 if($_REQUEST['keytype'] == "NS")
309 {
310 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
311
312 if($spkac=="" || $spkac == "deadbeef")
313 {
314 $id = 4;
315 showheader(_("My CAcert.org Account!"));
316 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
317 showfooter();
318 exit;
319 }
320 $count = 0;
321 $emails = "";
322 $addys = array();
323 $defaultemail="";
324 if(is_array($_SESSION['_config']['addid']))
325 foreach($_SESSION['_config']['addid'] as $id)
326 {
327 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
328 if(mysql_num_rows($res) > 0)
329 {
330 $row = mysql_fetch_assoc($res);
331 if(!$emails)
332 $defaultemail = $row['email'];
333 $emails .= "$count.emailAddress = ".$row['email']."\n";
334 $count++;
335 $addys[] = intval($row['id']);
336 }
337 }
338 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
339 {
340 $id = 4;
341 showheader(_("My CAcert.org Account!"));
342 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
343 showfooter();
344 exit;
345 }
346 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
347 if($_SESSION['_config']['SSO'] == 1)
348 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
349
350 if(strlen($user['mname']) == 1)
351 $user['mname'] .= '.';
352 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
353 {
354 $emails .= "commonName = CAcert WoT User\n";
355 }
356 else
357 {
358 if($_SESSION['_config']['incname'] == 1)
359 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
360 if($_SESSION['_config']['incname'] == 2)
361 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
362 if($_SESSION['_config']['incname'] == 3)
363 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
364 if($_SESSION['_config']['incname'] == 4)
365 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
366 }
367 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
368 $_SESSION['_config']['rootcert'] = 1;
369
370 $emails .= "SPKAC = $spkac";
371 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
372 {
373 $id = 4;
374 showheader(_("My CAcert.org Account!"));
375 echo $weakKey;
376 showfooter();
377 exit;
378 }
379
380 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
381
382 $query = "insert into emailcerts set
383 `CN`='$defaultemail',
384 `keytype`='NS',
385 `memid`='".intval($_SESSION['profile']['id'])."',
386 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
387 `codesign`='".intval($_SESSION['_config']['codesign'])."',
388 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
389 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
390 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
391 `description`='".$_SESSION['_config']['description']."'";
392 mysql_query($query);
393 $emailid = mysql_insert_id();
394 if(is_array($addys))
395 foreach($addys as $addy)
396 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
397 $CSRname=generatecertpath("csr","client",$emailid);
398 $fp = fopen($CSRname, "w");
399 fputs($fp, $emails);
400 fclose($fp);
401 $challenge=$_SESSION['spkac_hash'];
402 $res=`openssl spkac -verify -in $CSRname`;
403 if(!strstr($res,"Challenge String: ".$challenge))
404 {
405 $id = $oldid;
406 showheader(_("My CAcert.org Account!"));
407 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
408 showfooter();
409 exit;
410 }
411 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
412 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
413 if($csr == "")
414 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
415
416 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
417 {
418 $id = 4;
419 showheader(_("My CAcert.org Account!"));
420 echo $weakKey;
421 showfooter();
422 exit;
423 }
424
425 $tmpfname = tempnam("/tmp", "id4CSR");
426 $fp = fopen($tmpfname, "w");
427 fputs($fp, $csr);
428 fclose($fp);
429
430 $addys = array();
431 $defaultemail = "";
432 $csrsubject="";
433
434 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
435 if(strlen($user['mname']) == 1)
436 $user['mname'] .= '.';
437 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
438 $csrsubject = "/CN=CAcert WoT User";
439 if($_SESSION['_config']['incname'] == 1)
440 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
441 if($_SESSION['_config']['incname'] == 2)
442 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
443 if($_SESSION['_config']['incname'] == 3)
444 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
445 if($_SESSION['_config']['incname'] == 4)
446 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
447 if(is_array($_SESSION['_config']['addid']))
448 foreach($_SESSION['_config']['addid'] as $id)
449 {
450 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
451 if(mysql_num_rows($res) > 0)
452 {
453 $row = mysql_fetch_assoc($res);
454 if($defaultemail == "")
455 $defaultemail = $row['email'];
456 $csrsubject .= "/emailAddress=".$row['email'];
457 $addys[] = $row['id'];
458 }
459 }
460 if($_SESSION['_config']['SSO'] == 1)
461 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
462
463 $tmpname = tempnam("/tmp", "id4csr");
464 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`; // -subj "$csr"`;
465 @unlink($tmpfname);
466 $csr = "";
467 $fp = fopen($tmpname, "r");
468 while($data = fgets($fp, 4096))
469 $csr .= $data;
470 fclose($fp);
471 @unlink($tmpname);
472 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
473 $_SESSION['_config']['rootcert'] = 1;
474
475 if($csr == "")
476 {
477 $id = 4;
478 showheader(_("My CAcert.org Account!"));
479 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
480 showfooter();
481 exit;
482 }
483 $query = "insert into emailcerts set
484 `CN`='$defaultemail',
485 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
486 `memid`='".$_SESSION['profile']['id']."',
487 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
488 `subject`='".mysql_real_escape_string($csrsubject)."',
489 `codesign`='".$_SESSION['_config']['codesign']."',
490 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
491 `rootcert`='".$_SESSION['_config']['rootcert']."',
492 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
493 `description`='".$_SESSION['_config']['description']."'";
494 mysql_query($query);
495 $emailid = mysql_insert_id();
496 if(is_array($addys))
497 foreach($addys as $addy)
498 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
499 $CSRname=generatecertpath("csr","client",$emailid);
500 $fp = fopen($CSRname, "w");
501 fputs($fp, $csr);
502 fclose($fp);
503 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
504 }
505 waitForResult("emailcerts", $emailid, 4);
506 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
507 $res = mysql_query($query);
508 if(mysql_num_rows($res) <= 0)
509 {
510 $id = 4;
511 showheader(_("My CAcert.org Account!"));
512 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
513 showfooter();
514 exit;
515 } else {
516 $id = 6;
517 $cert = $emailid;
518 $_REQUEST['cert']=$emailid;
519 }
520 }
521
522 if($oldid == 7)
523 {
524 csrf_check("adddomain");
525 if(strstr($_REQUEST['newdomain'],"\x00"))
526 {
527 showheader(_("My CAcert.org Account!"));
528 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
529 showfooter();
530 exit;
531 }
532
533 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
534 while($newdomain['0'] == '-')
535 $newdomain = substr($newdomain, 1);
536 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
537 {
538 showheader(_("My CAcert.org Account!"));
539 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
540 showfooter();
541 exit;
542 }
543
544 $newdom = trim(escapeshellarg($newdomain));
545 $newdomain = mysql_real_escape_string(trim($newdomain));
546
547 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
548 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
549 $res2 = mysql_query($query);
550 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
551 {
552 $oldid=0;
553 $id = 7;
554 showheader(_("My CAcert.org Account!"));
555 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
556 showfooter();
557 exit;
558 }
559 }
560
561 if($oldid == 7)
562 {
563 $oldid=0;
564 $id = 8;
565 $addy = array();
566 $adds = array();
567 if(strtolower(substr($newdom, -4, 3)) != ".jp")
568 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
569 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
570 {
571 if(is_array($adds))
572 foreach($adds as $line)
573 {
574 $bits = explode(":", $line, 2);
575 $line = trim($bits[1]);
576 if(!in_array($line, $addy) && $line != "")
577 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
578 }
579 } else {
580 if(is_array($adds))
581 foreach($adds as $line)
582 {
583 $line = trim(str_replace("\t", " ", $line));
584 $line = trim(str_replace("(", "", $line));
585 $line = trim(str_replace(")", " ", $line));
586 $line = trim(str_replace(":", " ", $line));
587
588 $bits = explode(" ", $line);
589 foreach($bits as $bit)
590 {
591 if(strstr($bit, "@"))
592 $line = $bit;
593 }
594 if(!in_array($line, $addy) && $line != "")
595 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
596 }
597 }
598
599 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
600 foreach($rfc as $sub)
601 if(!in_array($sub, $addy))
602 $addy[] = $sub;
603 $_SESSION['_config']['addy'] = $addy;
604 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
605 }
606
607 if($process != "" && $oldid == 8)
608 {
609 csrf_check('ctcinfo');
610 $oldid=0;
611 $id = 8;
612
613 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
614
615 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
616 {
617 showheader(_("My CAcert.org Account!"));
618 echo _("The address you submitted isn't a valid authority address for the domain.");
619 showfooter();
620 exit;
621 }
622
623 if(!in_array($authaddy, $_SESSION['_config']['addy']))
624 {
625 showheader(_("My CAcert.org Account!"));
626 echo _("The address you submitted isn't a valid authority address for the domain.");
627 showfooter();
628 exit;
629 }
630
631 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
632 $res = mysql_query($query);
633 if(mysql_num_rows($res) > 0)
634 {
635 showheader(_("My CAcert.org Account!"));
636 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
637 showfooter();
638 exit;
639 }
640 $checkemail = checkEmail($authaddy);
641 if($checkemail != "OK")
642 {
643 showheader(_("My CAcert.org Account!"));
644 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
645 if (substr($checkemail, 0, 1) == "4")
646 {
647 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
648 } else {
649 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
650 }
651 echo "<p>$checkemail</p>\n";
652 showfooter();
653 exit;
654 }
655
656 $hash = make_hash();
657 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
658 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
659 mysql_query($query);
660 $domainid = mysql_insert_id();
661
662 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
663 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
664 $body .= _("Best regards")."\n"._("CAcert.org Support!");
665
666 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
667
668 showheader(_("My CAcert.org Account!"));
669 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
670 showfooter();
671 exit;
672 }
673
674 if($process != "" && $oldid == 9)
675 {
676 $id = 9;
677 showheader(_("My CAcert.org Account!"));
678 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
679 {
680 echo _("The following domains have been removed:")."<br>
681 ("._("Any valid certificates will be revoked as well").")<br>\n";
682
683 foreach($_REQUEST['delid'] as $id)
684 {
685 $id = intval($id);
686 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
687 $res = mysql_query($query);
688 if(mysql_num_rows($res) > 0)
689 {
690 $row = mysql_fetch_assoc($res);
691 echo $row['domain']."<br>\n";
692 account_domain_delete($row['id']);
693 }
694
695 }
696 }
697 else
698 {
699 echo _("You did not select any domains for removal.");
700 }
701
702 showfooter();
703 exit;
704 }
705
706 if($process != "" && $oldid == 10)
707 {
708 if(!array_key_exists('CCA',$_REQUEST))
709 {
710 showheader(_("My CAcert.org Account!"));
711 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
712 showfooter();
713 exit;
714 }
715
716 $CSR = clean_csr($_REQUEST['CSR']);
717 if(strpos($CSR,"---BEGIN")===FALSE)
718 {
719 // In case the CSR is missing the ---BEGIN lines, add them automatically:
720 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
721 }
722
723 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
724 {
725 showheader(_("My CAcert.org Account!"));
726 echo $weakKey;
727 showfooter();
728 exit;
729 }
730
731 if(trim($_REQUEST['description']) != ""){
732 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
733 }else{
734 $_SESSION['_config']['description']= "";
735 }
736
737 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
738 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
739 fputs($fp, $CSR);
740 fclose($fp);
741 $CSR = $_SESSION['_config']['tmpfname'];
742 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
743 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
744 foreach($bits as $val)
745 {
746 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
747 }
748 $id = 11;
749
750 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
751 extractit();
752 getcn();
753 getalt();
754
755 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
756 {
757 showheader(_("My CAcert.org Account!"));
758 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
759 showfooter();
760 exit;
761 }
762
763 $_SESSION['_config']['rootcert'] = 1;
764 if($_SESSION['profile']['points'] >= 50)
765 {
766 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
767 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
768 $_SESSION['_config']['rootcert'] = 1;
769 }
770
771 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
772 }
773
774 if($process != "" && $oldid == 11)
775 {
776 if(!file_exists($_SESSION['_config']['tmpfname']))
777 {
778 showheader(_("My CAcert.org Account!"));
779 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
780 showfooter();
781 exit;
782 }
783
784 if (($weakKey = checkWeakKeyCSR(file_get_contents(
785 $_SESSION['_config']['tmpfname']))) !== "")
786 {
787 showheader(_("My CAcert.org Account!"));
788 echo $weakKey;
789 showfooter();
790 exit;
791 }
792
793 $id = 11;
794 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
795 {
796 showheader(_("My CAcert.org Account!"));
797 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
798 showfooter();
799 exit;
800 }
801
802 $subject = buildSubjectFromSession();
803
804 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
805 $_SESSION['_config']['rootcert'] = 1;
806
807 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
808
809 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
810 {
811 $query = "insert into `domaincerts` set
812 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
813 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
814 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
815 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
816 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
817 `description`='".$_SESSION['_config']['description']."'";
818 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
819 $query = "insert into `domaincerts` set
820 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
821 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
822 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
823 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
824 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
825 `description`='".$_SESSION['_config']['description']."'";
826 } else {
827 showheader(_("My CAcert.org Account!"));
828 echo _("Domain not verified.");
829 showfooter();
830 exit;
831 }
832
833 mysql_query($query);
834 $CSRid = mysql_insert_id();
835
836 if(is_array($_SESSION['_config']['rowid']))
837 foreach($_SESSION['_config']['rowid'] as $dom)
838 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
839 if(is_array($_SESSION['_config']['altid']))
840 foreach($_SESSION['_config']['altid'] as $dom)
841 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
842
843 $CSRname=generatecertpath("csr","server",$CSRid);
844 rename($_SESSION['_config']['tmpfname'], $CSRname);
845 chmod($CSRname,0644);
846 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
847 waitForResult("domaincerts", $CSRid, 11);
848 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
849 $res = mysql_query($query);
850 if(mysql_num_rows($res) <= 0)
851 {
852 $id = 11;
853 showheader(_("My CAcert.org Account!"));
854 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
855 showfooter();
856 exit;
857 } else {
858 $id = 15;
859 $cert = $CSRid;
860 $_REQUEST['cert']=$CSRid;
861 }
862 }
863
864 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
865 {
866 csrf_check('srvcerchange');
867 $id = 12;
868 showheader(_("My CAcert.org Account!"));
869 if(is_array($_REQUEST['revokeid']))
870 {
871 echo _("Now renewing the following certificates:")."<br>\n";
872 foreach($_REQUEST['revokeid'] as $id)
873 {
874 $id = intval($id);
875 echo _("Processing request")." $id:<br/>";
876 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
877 where `domaincerts`.`id`='$id' and
878 `domaincerts`.`domid`=`domains`.`id` and
879 `domains`.`memid`='".$_SESSION['profile']['id']."'";
880 $res = mysql_query($query);
881 if(mysql_num_rows($res) <= 0)
882 {
883 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
884 continue;
885 }
886
887 $row = mysql_fetch_assoc($res);
888
889 if (($weakKey = checkWeakKeyX509(file_get_contents(
890 $row['crt_name']))) !== "")
891 {
892 echo $weakKey, "<br/>\n";
893 continue;
894 }
895
896 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
897 $query = "insert into `domaincerts` set
898 `domid`='".$row['domid']."',
899 `CN`='".mysql_real_escape_string($row['CN'])."',
900 `subject`='".mysql_real_escape_string($row['subject'])."',".
901 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
902 "`created`='".$row['created']."',
903 `modified`=NOW(),
904 `rootcert`='".$row['rootcert']."',
905 `type`='".$row['type']."',
906 `pkhash`='".$row['pkhash']."',
907 `description`='".$row['description']."'";
908 mysql_query($query);
909 $newid = mysql_insert_id();
910 $newfile=generatecertpath("csr","server",$newid);
911 copy($row['csr_name'], $newfile);
912 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep "Subject:"`);
913 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$newfile"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
914 foreach($bits as $val)
915 {
916 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
917 }
918 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
919 extractit();
920 getcn();
921 getalt();
922
923 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
924 {
925 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
926 continue;
927 }
928
929 $subject = buildSubjectFromSession();
930 $subject = mysql_real_escape_string($subject);
931 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
932
933 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
934 waitForResult("domaincerts", $newid,$oldid,0);
935 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
936 $res = mysql_query($query);
937 if(mysql_num_rows($res) <= 0)
938 {
939 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
940 } else {
941 $drow = mysql_fetch_assoc($res);
942 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
943 echo "<pre>\n$cert\n</pre>\n";
944 }
945 }
946 }
947 else
948 {
949 echo _("You did not select any certificates for renewal.");
950 }
951
952 showfooter();
953 exit;
954 }
955
956 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
957 {
958 csrf_check('srvcerchange');
959 $id = 12;
960 showheader(_("My CAcert.org Account!"));
961 if(is_array($_REQUEST['revokeid']))
962 {
963 echo _("Now revoking the following certificates:")."<br>\n";
964 foreach($_REQUEST['revokeid'] as $id)
965 {
966 $id = intval($id);
967 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
968 where `domaincerts`.`id`='$id' and
969 `domaincerts`.`domid`=`domains`.`id` and
970 `domains`.`memid`='".$_SESSION['profile']['id']."'";
971 $res = mysql_query($query);
972 if(mysql_num_rows($res) <= 0)
973 {
974 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
975 continue;
976 }
977 $row = mysql_fetch_assoc($res);
978 if($row['revoke'] > 0)
979 {
980 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
981 continue;
982 }
983 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
984 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
985 }
986 }
987 else
988 {
989 echo _("You did not select any certificates for revocation.");
990 }
991
992 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
993 {
994 echo _("Now deleting the following pending requests:")."<br>\n";
995 foreach($_REQUEST['delid'] as $id)
996 {
997 $id = intval($id);
998 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
999 where `domaincerts`.`id`='$id' and
1000 `domaincerts`.`domid`=`domains`.`id` and
1001 `domains`.`memid`='".$_SESSION['profile']['id']."'";
1002 $res = mysql_query($query);
1003 if(mysql_num_rows($res) <= 0)
1004 {
1005 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1006 continue;
1007 }
1008 $row = mysql_fetch_assoc($res);
1009 if($row['expired'] > 0)
1010 {
1011 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1012 continue;
1013 }
1014 mysql_query("delete from `domaincerts` where `id`='$id'");
1015 @unlink($row['csr_name']);
1016 @unlink($row['crt_name']);
1017 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1018 }
1019 }
1020 showfooter();
1021 exit;
1022 }
1023
1024 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1025 {
1026 showheader(_("My CAcert.org Account!"));
1027 foreach($_REQUEST as $id => $val)
1028 {
1029 if(substr($id,0,14)=="check_comment_")
1030 {
1031 $cid = intval(substr($id,14));
1032 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1033 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1034 }
1035 }
1036 echo(_("Certificate settings have been changed.")."<br/>\n");
1037 showfooter();
1038 exit;
1039 }
1040
1041
1042 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1043 {
1044 showheader(_("My CAcert.org Account!"));
1045 if(is_array($_REQUEST['revokeid']))
1046 {
1047 echo _("Now renewing the following certificates:")."<br>\n";
1048 foreach($_REQUEST['revokeid'] as $id)
1049 {
1050 $id = intval($id);
1051 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1052 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1053 $res = mysql_query($query);
1054 if(mysql_num_rows($res) <= 0)
1055 {
1056 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1057 continue;
1058 }
1059
1060 $row = mysql_fetch_assoc($res);
1061
1062 if (($weakKey = checkWeakKeyX509(file_get_contents(
1063 $row['crt_name']))) !== "")
1064 {
1065 echo $weakKey, "<br/>\n";
1066 continue;
1067 }
1068
1069 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1070 $query = "insert into emailcerts set
1071 `memid`='".$row['memid']."',
1072 `CN`='".mysql_real_escape_string($row['CN'])."',
1073 `subject`='".mysql_real_escape_string($row['subject'])."',
1074 `keytype`='".$row['keytype']."',
1075 `csr_name`='".$row['csr_name']."',
1076 `created`='".$row['created']."',
1077 `modified`=NOW(),
1078 `disablelogin`='".$row['disablelogin']."',
1079 `codesign`='".$row['codesign']."',
1080 `rootcert`='".$row['rootcert']."',
1081 `description`='".$row['description']."'";
1082 mysql_query($query);
1083 $newid = mysql_insert_id();
1084 $newfile=generatecertpath("csr","client",$newid);
1085 copy($row['csr_name'], $newfile);
1086 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1087 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1088 while($r2 = mysql_fetch_assoc($res))
1089 {
1090 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1091 `emailcertsid`='$newid'");
1092 }
1093 waitForResult("emailcerts", $newid,$oldid,0);
1094 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1095 $res = mysql_query($query);
1096 if(mysql_num_rows($res) <= 0)
1097 {
1098 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1099 } else {
1100 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1101 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1102 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1103 }
1104 }
1105 }
1106 else
1107 {
1108 echo _("You did not select any certificates for renewal.")."<br/>";
1109 }
1110
1111 showfooter();
1112 exit;
1113 }
1114
1115 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1116 {
1117 $id = 5;
1118 showheader(_("My CAcert.org Account!"));
1119 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1120 {
1121 echo _("Now revoking the following certificates:")."<br>\n";
1122 foreach($_REQUEST['revokeid'] as $id)
1123 {
1124 $id = intval($id);
1125 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1126 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1127 $res = mysql_query($query);
1128 if(mysql_num_rows($res) <= 0)
1129 {
1130 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1131 continue;
1132 }
1133 $row = mysql_fetch_assoc($res);
1134 if($row['revoke'] > 0)
1135 {
1136 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1137 continue;
1138 }
1139 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1140 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1141 }
1142 }
1143 else
1144 {
1145 echo _("You did not select any certificates for revocation.");
1146 }
1147
1148 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1149 {
1150 echo _("Now deleting the following pending requests:")."<br>\n";
1151 foreach($_REQUEST['delid'] as $id)
1152 {
1153 $id = intval($id);
1154 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1155 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1156 $res = mysql_query($query);
1157 if(mysql_num_rows($res) <= 0)
1158 {
1159 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1160 continue;
1161 }
1162 $row = mysql_fetch_assoc($res);
1163 if($row['expired'] > 0)
1164 {
1165 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1166 continue;
1167 }
1168 mysql_query("delete from `emailcerts` where `id`='$id'");
1169 @unlink($row['csr_name']);
1170 @unlink($row['crt_name']);
1171 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1172 }
1173 }
1174 showfooter();
1175 exit;
1176 }
1177
1178 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1179 {
1180 showheader(_("My CAcert.org Account!"));
1181 foreach($_REQUEST as $id => $val)
1182 {
1183 if(substr($id,0,5)=="cert_")
1184 {
1185 $cid = intval(substr($id,5));
1186 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1187 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1188 }
1189 if(substr($id,0,14)=="check_comment_")
1190 {
1191 $cid = intval(substr($id,14));
1192 if(!empty($_REQUEST['check_comment_'.$cid])) {
1193 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1194 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1195 }
1196 }
1197 }
1198 echo(_("Certificate settings have been changed.")."<br/>\n");
1199 showfooter();
1200 exit;
1201 }
1202
1203 if($oldid == 13 && $process != "" && $showdetails!="")
1204 {
1205 csrf_check("perschange");
1206 $_SESSION['_config']['user'] = $_SESSION['profile'];
1207
1208 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1209 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1210 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1211 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1212 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1213 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1214 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1215 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1216 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1217 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1218
1219 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1220 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1221 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1222 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1223 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1224 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1225 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1226 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1227 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1228 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1229 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1230 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1231 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1232 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1233 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1234 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1235 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1236 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1237 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1238 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1239 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1240 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1241 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1242 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1243 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1244 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1245 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1246 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1247 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1248 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1249 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1250 {
1251 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1252 $id = $oldid;
1253 $oldid=0;
1254 }
1255
1256 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1257 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1258 $_SESSION['_config']['user']['Q5'] == "")
1259 {
1260 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1261 $id = $oldid;
1262 $oldid=0;
1263 }
1264 }
1265
1266 if($oldid == 13 && $process != "")
1267 {
1268 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1269 $ddres = mysql_query($ddquery);
1270 $ddrow = mysql_fetch_assoc($ddres);
1271 $_SESSION['profile']['points'] = $ddrow['total'];
1272
1273 if($_SESSION['profile']['points'] == 0)
1274 {
1275 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1276 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1277 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1278 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1279 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1280 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1281 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1282
1283 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1284 {
1285 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1286 $id = $oldid;
1287 $oldid=0;
1288 }
1289 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1290 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1291 {
1292 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1293 $id = $oldid;
1294 $oldid=0;
1295 }
1296 }
1297 }
1298
1299 if($oldid == 13 && $process != "")
1300 {
1301 if($_SESSION['profile']['points'] == 0)
1302 {
1303 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1304 `mname`='".$_SESSION['_config']['user']['mname']."',
1305 `lname`='".$_SESSION['_config']['user']['lname']."',
1306 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1307 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1308 where `id`='".$_SESSION['profile']['id']."'";
1309 mysql_query($query);
1310 }
1311 if ($showdetails!="") {
1312 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1313 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1314 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1315 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1316 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1317 `A1`='".$_SESSION['_config']['user']['A1']."',
1318 `A2`='".$_SESSION['_config']['user']['A2']."',
1319 `A3`='".$_SESSION['_config']['user']['A3']."',
1320 `A4`='".$_SESSION['_config']['user']['A4']."',
1321 `A5`='".$_SESSION['_config']['user']['A5']."'
1322 where `id`='".$_SESSION['profile']['id']."'";
1323 mysql_query($query);
1324 }
1325
1326 //!!!Should be rewritten
1327 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1328 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1329 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1330 {
1331 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1332 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1333 mysql_query($query);
1334 }
1335
1336 $_SESSION['_config']['user']['set'] = 0;
1337 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1338 $_SESSION['profile']['loggedin'] = 1;
1339
1340 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1341 $ddres = mysql_query($ddquery);
1342 $ddrow = mysql_fetch_assoc($ddres);
1343 $_SESSION['profile']['points'] = $ddrow['total'];
1344
1345
1346 $id = 13;
1347 showheader(_("My CAcert.org Account!"));
1348 echo _("Your details have been updated with the database.");
1349 showfooter();
1350 exit;
1351 }
1352
1353 if($oldid == 14 && $process != "")
1354 {
1355 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1356 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1357 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1358
1359 $id = 14;
1360 csrf_check("pwchange");
1361
1362 showheader(_("My CAcert.org Account!"));
1363 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1364 {
1365 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1366 '</h3>', "\n";
1367 echo _("New Pass Phrases specified don't match or were blank.");
1368 } else {
1369 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1370 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1371
1372 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1373 {
1374 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1375 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1376 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1377 $rc = mysql_num_rows($match);
1378 } else {
1379 $rc = 1;
1380 }
1381
1382 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1383 echo '<h3 style="color:red">',
1384 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1385 echo _("The Pass Phrase you submitted was too short.");
1386 } else if($score < 3) {
1387 echo '<h3 style="color:red">',
1388 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1389 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1390 } else if($rc <= 0) {
1391 echo '<h3 style="color:red">',
1392 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1393 echo _("You failed to correctly enter your current Pass Phrase.");
1394 } else {
1395 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1396 where `id`='".$_SESSION['profile']['id']."'");
1397 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1398 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1399 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1400 $body .= _("You are receiving this email because you or someone else ".
1401 "has changed the password on your account.")."\n\n";
1402
1403 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1404
1405 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1406 "support@cacert.org", "", "", "CAcert Support");
1407 }
1408 }
1409 showfooter();
1410 exit;
1411 }
1412
1413 if($oldid == 16)
1414 {
1415 $id = 16;
1416 $_SESSION['_config']['emails'] = array();
1417
1418 foreach($_REQUEST['emails'] as $val)
1419 {
1420 $val = mysql_real_escape_string(stripslashes(trim($val)));
1421 $bits = explode("@", $val);
1422 $count = count($bits);
1423 if($count != 2)
1424 continue;
1425
1426 if(checkownership($bits[1]) == false)
1427 continue;
1428
1429 if(!is_array($_SESSION['_config']['row']))
1430 continue;
1431 else if($_SESSION['_config']['row']['id'] > 0)
1432 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1433
1434 if($val != "")
1435 $_SESSION['_config']['emails'][] = $val;
1436 }
1437 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1438 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1439
1440
1441 if(trim($_REQUEST['description']) != ""){
1442 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1443 }else{
1444 $_SESSION['_config']['description']= "";
1445 }
1446 }
1447
1448 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1449 {
1450 $id = 16;
1451 showheader(_("My CAcert.org Account!"));
1452 echo _("I couldn't match any emails against your organisational account.");
1453 showfooter();
1454 exit;
1455 }
1456
1457 if($oldid == 16 && $process != "")
1458 {
1459 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1460 {
1461 $_REQUEST['codesign'] = 1;
1462 $_SESSION['_config']['codesign'] = 1;
1463 }
1464 else
1465 {
1466 $_REQUEST['codesign'] = 0;
1467 $_SESSION['_config']['codesign'] = 0;
1468 }
1469
1470 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1471 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1472 $_SESSION['_config']['rootcert'] = 1;
1473
1474 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1475
1476 if(trim($_REQUEST['description']) != ""){
1477 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1478 }else{
1479 $_SESSION['_config']['description']= "";
1480 }
1481
1482 if(@count($_SESSION['_config']['emails']) > 0)
1483 $id = 17;
1484 }
1485
1486 if($oldid == 17)
1487 {
1488 $org = $_SESSION['_config']['row'];
1489 if($_REQUEST['keytype'] == "NS")
1490 {
1491 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1492
1493 if($spkac == "" || strlen($spkac) < 128)
1494 {
1495 $id = 17;
1496 showheader(_("My CAcert.org Account!"));
1497 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1498 showfooter();
1499 exit;
1500 }
1501
1502 $count = 0;
1503 $emails = "";
1504 $addys = array();
1505 if(is_array($_SESSION['_config']['emails']))
1506 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1507 {
1508 if(!$emails)
1509 $defaultemail = $_REQUEST['email'];
1510 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1511 $count++;
1512 }
1513 if($_SESSION['_config']['name'] != "")
1514 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1515 if($_SESSION['_config']['OU'])
1516 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1517 if($org['O'])
1518 $emails .= "organizationName = ".$org['O']."\n";
1519 if($org['L'])
1520 $emails .= "localityName = ".$org['L']."\n";
1521 if($org['ST'])
1522 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1523 if($org['C'])
1524 $emails .= "countryName = ".$org['C']."\n";
1525 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1526 $_SESSION['_config']['rootcert'] = 1;
1527
1528
1529 $emails .= "SPKAC = $spkac";
1530 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1531 {
1532 $id = 17;
1533 showheader(_("My CAcert.org Account!"));
1534 echo $weakKey;
1535 showfooter();
1536 exit;
1537 }
1538
1539 $query = "insert into `orgemailcerts` set
1540 `CN`='$defaultemail',
1541 `ou`='".$_SESSION['_config']['OU']."',
1542 `keytype`='NS',
1543 `orgid`='".$org['orgid']."',
1544 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1545 `codesign`='".$_SESSION['_config']['codesign']."',
1546 `rootcert`='".$_SESSION['_config']['rootcert']."',
1547 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1548 `description`='".$_SESSION['_config']['description']."'";
1549 mysql_query($query);
1550 $emailid = mysql_insert_id();
1551
1552 foreach($_SESSION['_config']['domids'] as $addy)
1553 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1554
1555 $CSRname=generatecertpath("csr","orgclient",$emailid);
1556 $fp = fopen($CSRname, "w");
1557 fputs($fp, $emails);
1558 fclose($fp);
1559 $challenge=$_SESSION['spkac_hash'];
1560 $res=`openssl spkac -verify -in $CSRname`;
1561 if(!strstr($res,"Challenge String: ".$challenge))
1562 {
1563 $id = $oldid;
1564 showheader(_("My CAcert.org Account!"));
1565 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1566 showfooter();
1567 exit;
1568 }
1569 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1570 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1571 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1572
1573 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1574 {
1575 $id = 17;
1576 showheader(_("My CAcert.org Account!"));
1577 echo $weakKey;
1578 showfooter();
1579 exit;
1580 }
1581
1582 $tmpfname = tempnam("/tmp", "id17CSR");
1583 $fp = fopen($tmpfname, "w");
1584 fputs($fp, $csr);
1585 fclose($fp);
1586
1587 $addys = array();
1588 $defaultemail = "";
1589 $csrsubject="";
1590
1591 if($_SESSION['_config']['name'] != "")
1592 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1593 if(is_array($_SESSION['_config']['emails']))
1594 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1595 {
1596 if($defaultemail == "")
1597 $defaultemail = $_REQUEST['email'];
1598 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1599 }
1600 if($_SESSION['_config']['OU'])
1601 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1602 if($org['O'])
1603 $csrsubject .= "/organizationName=".$org['O'];
1604 if($org['L'])
1605 $csrsubject .= "/localityName=".$org['L'];
1606 if($org['ST'])
1607 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1608 if($org['C'])
1609 $csrsubject .= "/countryName=".$org['C'];
1610
1611 $tmpname = tempnam("/tmp", "id17csr");
1612 $do = `/usr/bin/openssl req -in $tmpfname -out $tmpname`;
1613 @unlink($tmpfname);
1614 $csr = "";
1615 $fp = fopen($tmpname, "r");
1616 while($data = fgets($fp, 4096))
1617 $csr .= $data;
1618 fclose($fp);
1619 @unlink($tmpname);
1620
1621 if($csr == "")
1622 {
1623 showheader(_("My CAcert.org Account!"));
1624 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1625 showfooter();
1626 exit;
1627 }
1628 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1629 $_SESSION['_config']['rootcert'] = 1;
1630
1631 $query = "insert into `orgemailcerts` set
1632 `CN`='$defaultemail',
1633 `ou`='".$_SESSION['_config']['OU']."',
1634 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1635 `orgid`='".$org['orgid']."',
1636 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1637 `subject`='$csrsubject',
1638 `codesign`='".$_SESSION['_config']['codesign']."',
1639 `rootcert`='".$_SESSION['_config']['rootcert']."',
1640 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1641 `description`='".$_SESSION['_config']['description']."'";
1642 mysql_query($query);
1643 $emailid = mysql_insert_id();
1644
1645 foreach($_SESSION['_config']['domids'] as $addy)
1646 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1647
1648 $CSRname=generatecertpath("csr","orgclient",$emailid);
1649 $fp = fopen($CSRname, "w");
1650 fputs($fp, $csr);
1651 fclose($fp);
1652 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1653 }
1654 waitForResult("orgemailcerts", $emailid,$oldid);
1655 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1656 $res = mysql_query($query);
1657 if(mysql_num_rows($res) <= 0)
1658 {
1659 showheader(_("My CAcert.org Account!"));
1660 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1661 showfooter();
1662 exit;
1663 } else {
1664 $id = 19;
1665 $cert = $emailid;
1666 $_REQUEST['cert']=$emailid;
1667 }
1668 }
1669
1670 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1671 {
1672 csrf_check('clicerchange');
1673 showheader(_("My CAcert.org Account!"));
1674 if(is_array($_REQUEST['revokeid']))
1675 {
1676 $id = 18;
1677 echo _("Now renewing the following certificates:")."<br>\n";
1678 foreach($_REQUEST['revokeid'] as $id)
1679 {
1680 echo "Renewing certificate #$id ...\n<br/>";
1681 $id = intval($id);
1682 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1683 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1684 `org`.`orgid`=`orgemailcerts`.`orgid`";
1685 $res = mysql_query($query);
1686 if(mysql_num_rows($res) <= 0)
1687 {
1688 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1689 continue;
1690 }
1691
1692 $row = mysql_fetch_assoc($res);
1693
1694 if (($weakKey = checkWeakKeyX509(file_get_contents(
1695 $row['crt_name']))) !== "")
1696 {
1697 echo $weakKey, "<br/>\n";
1698 continue;
1699 }
1700
1701 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1702 if($row['revoke'] > 0)
1703 {
1704 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1705 continue;
1706 }
1707 $query = "insert into `orgemailcerts` set
1708 `orgid`='".$row['orgid']."',
1709 `CN`='".$row['CN']."',
1710 `ou`='".$row['ou']."',
1711 `subject`='".$row['subject']."',
1712 `keytype`='".$row['keytype']."',
1713 `csr_name`='".$row['csr_name']."',
1714 `created`='".$row['created']."',
1715 `modified`=NOW(),
1716 `codesign`='".$row['codesign']."',
1717 `rootcert`='".$row['rootcert']."',
1718 `description`='".$row['description']."'";
1719 mysql_query($query);
1720 $newid = mysql_insert_id();
1721 $newfile=generatecertpath("csr","orgclient",$newid);
1722 copy($row['csr_name'], $newfile);
1723 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1724 waitForResult("orgemailcerts", $newid,$oldid,0);
1725 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1726 $res = mysql_query($query);
1727 if(mysql_num_rows($res) > 0)
1728 {
1729 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1730 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1731 _("Click here")."</a> "._("to install your certificate.");
1732 }
1733 echo("<br/>");
1734 }
1735 }
1736 else
1737 {
1738 echo _("You did not select any certificates for renewal.");
1739 }
1740 showfooter();
1741 exit;
1742 }
1743
1744 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1745 {
1746 csrf_check('clicerchange');
1747 $id = 18;
1748 showheader(_("My CAcert.org Account!"));
1749 if(is_array($_REQUEST['revokeid']))
1750 {
1751 echo _("Now revoking the following certificates:")."<br>\n";
1752 foreach($_REQUEST['revokeid'] as $id)
1753 {
1754 $id = intval($id);
1755 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1756 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1757 `org`.`orgid`=`orgemailcerts`.`orgid`";
1758 $res = mysql_query($query);
1759 if(mysql_num_rows($res) <= 0)
1760 {
1761 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1762 continue;
1763 }
1764 $row = mysql_fetch_assoc($res);
1765 if($row['revoke'] > 0)
1766 {
1767 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1768 continue;
1769 }
1770 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1771 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
1772 }
1773 }
1774 else
1775 {
1776 echo _("You did not select any certificates for revocation.");
1777 }
1778
1779 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1780 {
1781 echo _("Now deleting the following pending requests:")."<br>\n";
1782 foreach($_REQUEST['delid'] as $id)
1783 {
1784 $id = intval($id);
1785 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1786 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1787 `org`.`orgid`=`orgemailcerts`.`orgid`";
1788 $res = mysql_query($query);
1789 if(mysql_num_rows($res) <= 0)
1790 {
1791 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1792 continue;
1793 }
1794 $row = mysql_fetch_assoc($res);
1795 if($row['expired'] > 0)
1796 {
1797 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1798 continue;
1799 }
1800 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1801 @unlink($row['csr_name']);
1802 @unlink($row['crt_name']);
1803 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1804 }
1805 }
1806 showfooter();
1807 exit;
1808 }
1809
1810 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1811 {
1812 showheader(_("My CAcert.org Account!"));
1813 foreach($_REQUEST as $id => $val)
1814 {
1815 if(substr($id,0,14)=="check_comment_")
1816 {
1817 $cid = intval(substr($id,14));
1818 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1819 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1820 }
1821 }
1822 echo(_("Certificate settings have been changed.")."<br/>\n");
1823 showfooter();
1824 exit;
1825 }
1826
1827 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1828 {
1829 $id=18;
1830 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1831 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1832 $_SESSION['_config']['status']=$_REQUEST['status'];
1833 }
1834
1835 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1836 {
1837 $id=18;
1838 $_SESSION['_config']['orgfilterid']=0;
1839 $_SESSION['_config']['sorting']=0;
1840 $_SESSION['_config']['status']=0;
1841 }
1842
1843 if($process != "" && $oldid == 20)
1844 {
1845 $CSR = clean_csr($_REQUEST['CSR']);
1846
1847 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1848 {
1849 $id = 20;
1850 showheader(_("My CAcert.org Account!"));
1851 echo $weakKey;
1852 showfooter();
1853 exit;
1854 }
1855
1856 if(trim($_REQUEST['description']) != ""){
1857 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1858 }else{
1859 $_SESSION['_config']['description']= "";
1860 }
1861
1862 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1863 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1864 fputs($fp, $CSR);
1865 fclose($fp);
1866 $CSR = $_SESSION['_config']['tmpfname'];
1867 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep "Subject:"`);
1868 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in "$CSR"|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1869 foreach($bits as $val)
1870 {
1871 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1872 }
1873 $id = 21;
1874
1875 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1876 extractit();
1877 getcn2();
1878 getalt2();
1879
1880 $query = "select * from `orginfo`,`org`,`orgdomains` where
1881 `org`.`memid`='".$_SESSION['profile']['id']."' and
1882 `org`.`orgid`=`orginfo`.`id` and
1883 `org`.`orgid`=`orgdomains`.`orgid` and
1884 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1885 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1886 $query = "select * from `orginfo`,`org`,`orgdomains` where
1887 `org`.`memid`='".$_SESSION['profile']['id']."' and
1888 `org`.`orgid`=`orginfo`.`id` and
1889 `org`.`orgid`=`orgdomains`.`orgid` and
1890 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1891 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1892 //echo "<pre>"; print_r($_SESSION['_config']); die;
1893
1894 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1895 {
1896 $id = 20;
1897 showheader(_("My CAcert.org Account!"));
1898 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1899 showfooter();
1900 exit;
1901 }
1902
1903 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1904 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1905 $_SESSION['_config']['rootcert'] = 1;
1906
1907 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1908 }
1909
1910 if($process != "" && $oldid == 21)
1911 {
1912 $id = 21;
1913
1914 if(!file_exists($_SESSION['_config']['tmpfname']))
1915 {
1916 showheader(_("My CAcert.org Account!"));
1917 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1918 showfooter();
1919 exit;
1920 }
1921
1922 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1923 $_SESSION['_config']['tmpfname']))) !== "")
1924 {
1925 showheader(_("My CAcert.org Account!"));
1926 echo $weakKey;
1927 showfooter();
1928 exit;
1929 }
1930
1931 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1932 {
1933 showheader(_("My CAcert.org Account!"));
1934 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1935 showfooter();
1936 exit;
1937 }
1938
1939 if($_SESSION['_config']['rowid']['0'] > 0)
1940 {
1941 $query = "select * from `org`,`orginfo` where
1942 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1943 `orginfo`.`id`=`org`.`orgid` and
1944 `org`.`memid`='".$_SESSION['profile']['id']."'";
1945 } else {
1946 $query = "select * from `org`,`orginfo` where
1947 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1948 `orginfo`.`id`=`org`.`orgid` and
1949 `org`.`memid`='".$_SESSION['profile']['id']."'";
1950 }
1951 $org = mysql_fetch_assoc(mysql_query($query));
1952 $csrsubject = "";
1953
1954 if($_SESSION['_config']['OU'])
1955 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1956 if($org['O'])
1957 $csrsubject .= "/organizationName=".$org['O'];
1958 if($org['L'])
1959 $csrsubject .= "/localityName=".$org['L'];
1960 if($org['ST'])
1961 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1962 if($org['C'])
1963 $csrsubject .= "/countryName=".$org['C'];
1964 //if($org['contact'])
1965 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1966
1967 $csrsubject .= buildSubjectFromSession();
1968
1969 $type="";
1970 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1971 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1972 $_SESSION['_config']['rootcert'] = 1;
1973
1974 if($_SESSION['_config']['rowid']['0'] > 0)
1975 {
1976 $query = "insert into `orgdomaincerts` set
1977 `CN`='".$_SESSION['_config']['rows']['0']."',
1978 `orgid`='".$org['id']."',
1979 `created`=NOW(),
1980 `subject`='$csrsubject',
1981 `rootcert`='".$_SESSION['_config']['rootcert']."',
1982 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1983 `type`='$type',
1984 `description`='".$_SESSION['_config']['description']."'";
1985 } else {
1986 $query = "insert into `orgdomaincerts` set
1987 `CN`='".$_SESSION['_config']['altrows']['0']."',
1988 `orgid`='".$org['id']."',
1989 `created`=NOW(),
1990 `subject`='$csrsubject',
1991 `rootcert`='".$_SESSION['_config']['rootcert']."',
1992 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1993 `type`='$type',
1994 `description`='".$_SESSION['_config']['description']."'";
1995 }
1996 mysql_query($query);
1997 $CSRid = mysql_insert_id();
1998
1999 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2000 rename($_SESSION['_config']['tmpfname'], $CSRname);
2001 chmod($CSRname,0644);
2002 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2003 if(is_array($_SESSION['_config']['rowid']))
2004 foreach($_SESSION['_config']['rowid'] as $id)
2005 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2006 if(is_array($_SESSION['_config']['altid']))
2007 foreach($_SESSION['_config']['altid'] as $id)
2008 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2009 waitForResult("orgdomaincerts", $CSRid,$oldid);
2010 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2011 $res = mysql_query($query);
2012 if(mysql_num_rows($res) <= 0)
2013 {
2014 showheader(_("My CAcert.org Account!"));
2015 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2016 showfooter();
2017 exit;
2018 } else {
2019 $id = 23;
2020 $cert = $CSRid;
2021 $_REQUEST['cert']=$CSRid;
2022 }
2023 }
2024
2025 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2026 {
2027 csrf_check('orgsrvcerchange');
2028 showheader(_("My CAcert.org Account!"));
2029 if(is_array($_REQUEST['revokeid']))
2030 {
2031 echo _("Now renewing the following certificates:")."<br>\n";
2032 foreach($_REQUEST['revokeid'] as $id)
2033 {
2034 $id = intval($id);
2035 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2036 `orgdomaincerts`,`org`
2037 where `orgdomaincerts`.`id`='$id' and
2038 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2039 `org`.`memid`='".$_SESSION['profile']['id']."'";
2040 $res = mysql_query($query);
2041 if(mysql_num_rows($res) <= 0)
2042 {
2043 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2044 continue;
2045 }
2046
2047 $row = mysql_fetch_assoc($res);
2048
2049 if (($weakKey = checkWeakKeyX509(file_get_contents(
2050 $row['crt_name']))) !== "")
2051 {
2052 echo $weakKey, "<br/>\n";
2053 continue;
2054 }
2055
2056 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2057 if($row['revoke'] > 0)
2058 {
2059 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2060 continue;
2061 }
2062 $query = "insert into `orgdomaincerts` set
2063 `orgid`='".$row['orgid']."',
2064 `CN`='".$row['CN']."',
2065 `csr_name`='".$row['csr_name']."',
2066 `created`='".$row['created']."',
2067 `modified`=NOW(),
2068 `subject`='".$row['subject']."',
2069 `type`='".$row['type']."',
2070 `rootcert`='".$row['rootcert']."',
2071 `description`='".$row['description']."'";
2072 mysql_query($query);
2073 $newid = mysql_insert_id();
2074 //echo "NewID: $newid<br/>\n";
2075 $newfile=generatecertpath("csr","orgserver",$newid);
2076 copy($row['csr_name'], $newfile);
2077 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2078 echo _("Renewing").": ".$row['CN']."<br>\n";
2079 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2080 while($r2 = mysql_fetch_assoc($res))
2081 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2082 waitForResult("orgdomaincerts", $newid,$oldid,0);
2083 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2084 $res = mysql_query($query);
2085 if(mysql_num_rows($res) <= 0)
2086 {
2087 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2088 } else {
2089 $drow = mysql_fetch_assoc($res);
2090 $cert = `/usr/bin/openssl x509 -in $drow[crt_name]`;
2091 echo "<pre>\n$cert\n</pre>\n";
2092 }
2093 }
2094 }
2095 else
2096 {
2097 echo _("You did not select any certificates for renewal.");
2098 }
2099 showfooter();
2100 exit;
2101 }
2102
2103 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2104 {
2105 csrf_check('orgsrvcerchange');
2106 showheader(_("My CAcert.org Account!"));
2107 if(is_array($_REQUEST['revokeid']))
2108 {
2109 echo _("Now revoking the following certificates:")."<br>\n";
2110 foreach($_REQUEST['revokeid'] as $id)
2111 {
2112 $id = intval($id);
2113 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2114 `orgdomaincerts`,`org`
2115 where `orgdomaincerts`.`id`='$id' and
2116 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2117 `org`.`memid`='".$_SESSION['profile']['id']."'";
2118 $res = mysql_query($query);
2119 if(mysql_num_rows($res) <= 0)
2120 {
2121 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2122 continue;
2123 }
2124 $row = mysql_fetch_assoc($res);
2125 if($row['revoke'] > 0)
2126 {
2127 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2128 continue;
2129 }
2130 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2131 printf(_("Certificate for '%s' has been revoked.")."<br>\n", $row['CN']);
2132 }
2133 }
2134 else
2135 {
2136 echo _("You did not select any certificates for revocation.");
2137 }
2138
2139 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2140 {
2141 echo _("Now deleting the following pending requests:")."<br>\n";
2142 foreach($_REQUEST['delid'] as $id)
2143 {
2144 $id = intval($id);
2145 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2146 `orgdomaincerts`,`org`
2147 where `orgdomaincerts`.`id`='$id' and
2148 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2149 `org`.`memid`='".$_SESSION['profile']['id']."'";
2150 $res = mysql_query($query);
2151 if(mysql_num_rows($res) <= 0)
2152 {
2153 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2154 continue;
2155 }
2156 $row = mysql_fetch_assoc($res);
2157 if($row['expired'] > 0)
2158 {
2159 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2160 continue;
2161 }
2162 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2163 @unlink($row['csr_name']);
2164 @unlink($row['crt_name']);
2165 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2166 }
2167 }
2168 showfooter();
2169 exit;
2170 }
2171
2172 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2173 {
2174 showheader(_("My CAcert.org Account!"));
2175 foreach($_REQUEST as $id => $val)
2176 {
2177 if(substr($id,0,14)=="check_comment_")
2178 {
2179 $cid = intval(substr($id,14));
2180 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2181 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2182 }
2183 }
2184 echo(_("Certificate settings have been changed.")."<br/>\n");
2185 showfooter();
2186 exit;
2187 }
2188
2189 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2190 {
2191 $id=22;
2192 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2193 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2194 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2195 }
2196
2197 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2198 {
2199 $id=22;
2200 $_SESSION['_config']['dorgfilterid']=0;
2201 $_SESSION['_config']['dsorting']=0;
2202 $_SESSION['_config']['dstatus']=0;
2203 }
2204
2205
2206 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2207 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2208 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2209 $_SESSION['profile']['orgadmin'] != 1)
2210 {
2211 showheader(_("My CAcert.org Account!"));
2212 echo _("You don't have access to this area.");
2213 showfooter();
2214 exit;
2215 }
2216
2217 if($oldid == 24 && $process != "")
2218 {
2219 $id = intval($oldid);
2220 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2221 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2222 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2223 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2224 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2225 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2226
2227 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2228 {
2229 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2230 } else {
2231 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2232 `contact`='".$_SESSION['_config']['contact']."',
2233 `L`='".$_SESSION['_config']['L']."',
2234 `ST`='".$_SESSION['_config']['ST']."',
2235 `C`='".$_SESSION['_config']['C']."',
2236 `comments`='".$_SESSION['_config']['comments']."'");
2237 showheader(_("My CAcert.org Account!"));
2238 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2239 showfooter();
2240 exit;
2241 }
2242 }
2243
2244 if($oldid == 27 && $process != "")
2245 {
2246 csrf_check('orgdetchange');
2247 $id = intval($oldid);
2248 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2249 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2250 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2251 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2252 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2253 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2254
2255 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2256 {
2257 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2258 } else {
2259 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2260 `contact`='".$_SESSION['_config']['contact']."',
2261 `L`='".$_SESSION['_config']['L']."',
2262 `ST`='".$_SESSION['_config']['ST']."',
2263 `C`='".$_SESSION['_config']['C']."',
2264 `comments`='".$_SESSION['_config']['comments']."'
2265 where `id`='".$_SESSION['_config']['orgid']."'");
2266 showheader(_("My CAcert.org Account!"));
2267 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2268 showfooter();
2269 exit;
2270 }
2271 }
2272
2273 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2274 {
2275 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2276 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2277 if(mysql_num_rows($res1) > 0)
2278 {
2279 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2280 $id = $oldid;
2281 $oldid=0;
2282 }
2283 }
2284
2285 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2286 {
2287 $oldid=0;
2288 $id = 25;
2289 }
2290
2291 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2292 {
2293 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2294 showheader(_("My CAcert.org Account!"));
2295 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2296 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2297 showfooter();
2298 exit;
2299 }
2300
2301 if($oldid == 29 && $process != "")
2302 {
2303 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2304
2305 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2306 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2307 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2308 {
2309 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2310 $id = $oldid;
2311 $oldid=0;
2312 }
2313 }
2314
2315 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2316 {
2317 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2318 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2319 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2320 `orgdomains`.`id`='".intval($domid)."'";
2321 $res = mysql_query($query);
2322 while($row = mysql_fetch_assoc($res))
2323 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2324
2325 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2326 `orgemaillink`.`domid`=`orgdomains`.`id` and
2327 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and