bug 1276: Allow more name variants according to PracticeOnNames when signing a PGP key
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 /**
26 * Build a subject string as needed by the signer
27 *
28 * @param array(string) $domains
29 * First domain is used as CN and repeated in subjectAltName. Duplicates
30 * should already been removed
31 *
32 * @param bool $include_xmpp_addr
33 * [default: true] Whether to include the XmppAddr in the subjectAltName.
34 * This is needed if the Jabber server is jabber.example.com but a Jabber ID
35 * on that server would be alice@example.com
36 *
37 * @return string
38 */
39 function buildSubject(array $domains, $include_xmpp_addr = true) {
40 $subject = "/CN=${domains[0]}";
41
42 foreach ($domains as $domain) {
43 $subject .= "/subjectAltName=DNS:$domain";
44
45 if ($include_xmpp_addr) {
46 $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$domain";
47 }
48 }
49
50 return $subject;
51 }
52
53 /**
54 * Builds the subject string from the session variables
55 * $_SESSION['_config']['rows'] and $_SESSION['_config']['altrows']
56 *
57 * @return string
58 */
59 function buildSubjectFromSession() {
60 $domains = array();
61
62 if (is_array($_SESSION['_config']['rows'])) {
63 $domains = array_merge($domains, $_SESSION['_config']['rows']);
64 }
65
66 if (is_array($_SESSION['_config']['altrows']))
67 foreach ($_SESSION['_config']['altrows'] as $row) {
68 if (substr($row, 0, 4) === "DNS:") {
69 $domains[] = substr($row, 4);
70 }
71 }
72
73 return buildSubject(array_unique($domains));
74 }
75
76 $id = array_key_exists("id",$_REQUEST) ? intval($_REQUEST['id']) : 0;
77 $oldid = array_key_exists("oldid",$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
78 $process = array_key_exists("process",$_REQUEST) ? $_REQUEST['process'] : "";
79 // $showdetalis refers to Secret Question and Answers from account/13.php
80 $showdetails = array_key_exists("showdetails",$_REQUEST) ? intval($_REQUEST['showdetails']) : 0;
81
82 $cert = array_key_exists('cert',$_REQUEST) ? intval($_REQUEST['cert']) : 0;
83 $orgid = array_key_exists('orgid',$_REQUEST) ? intval($_REQUEST['orgid']) : 0;
84 $memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
85 $domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
86
87
88 if(!$_SESSION['mconn'])
89 {
90 echo _("Several CAcert Services are currently unavailable. Please try again later.");
91 exit;
92 }
93
94 if ($process == _("Cancel"))
95 {
96 // General reset CANCEL process requests
97 $process = "";
98 }
99
100
101 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
102 {
103 $id = 1;
104 $oldid=0;
105 }
106
107 if($process != "" && $oldid == 1)
108 {
109 $id = 1;
110 csrf_check('addemail');
111 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
112 {
113 showheader(_("My CAcert.org Account!"));
114 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
115 showfooter();
116 exit;
117 }
118 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
119 {
120 showheader(_("My CAcert.org Account!"));
121 printf(_("Not a valid email address. Can't continue."));
122 showfooter();
123 exit;
124 }
125 $oldid=0;
126 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
127 if(check_email_exists($_REQUEST['email'])==true)
128 {
129 showheader(_("My CAcert.org Account!"));
130 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
131 showfooter();
132 exit;
133 }
134 $checkemail = checkEmail($_REQUEST['newemail']);
135 if($checkemail != "OK")
136 {
137 showheader(_("My CAcert.org Account!"));
138 if (substr($checkemail, 0, 1) == "4")
139 {
140 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
141 } else {
142 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
143 }
144 echo "<p>$checkemail</p>\n";
145 showfooter();
146 exit;
147 }
148 $hash = make_hash();
149 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
150 mysql_query($query);
151 $emailid = mysql_insert_id();
152
153 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
154 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
155 $body .= _("Best regards")."\n"._("CAcert.org Support!");
156
157 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
158
159 showheader(_("My CAcert.org Account!"));
160 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
161 showfooter();
162 exit;
163 }
164
165 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
166 {
167 $id = 2;
168 $emailid = intval($_REQUEST['emailid']);
169 $query = "select * from `email` where `id`='$emailid' and `memid`='".$_SESSION['profile']['id']."' and `hash` = '' and `deleted`=0";
170 $res = mysql_query($query);
171 if(mysql_num_rows($res) <= 0)
172 {
173 showheader(_("Error!"));
174 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
175 showfooter();
176 exit;
177 }
178 $row = mysql_fetch_assoc($res);
179 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
180 $body .= _("You are receiving this email because you or someone else ".
181 "has changed the default email on your account.")."\n\n";
182
183 $body .= _("Best regards")."\n"._("CAcert.org Support!");
184
185 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
186 "support@cacert.org", "", "", "CAcert Support");
187
188 $_SESSION['profile']['email'] = $row['email'];
189 $query = "update `users` set `email`='".$row['email']."' where `id`='".$_SESSION['profile']['id']."'";
190 mysql_query($query);
191 showheader(_("My CAcert.org Account!"));
192 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
193 showfooter();
194 exit;
195 }
196
197 if($process != "" && $oldid == 2)
198 {
199 $id = 2;
200 csrf_check("chgdef");
201 showheader(_("My CAcert.org Account!"));
202 $delcount = 0;
203 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
204 {
205 $deltitle=false;
206 foreach($_REQUEST['delid'] as $id)
207 {
208 if (!$deltitle) {
209 echo _('The following email addresses have been removed:')."<br>\n";
210 $deltitle=true;
211 }
212 $id = intval($id);
213 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
214 `email`!='".$_SESSION['profile']['email']."'";
215 $res = mysql_query($query);
216 if(mysql_num_rows($res) > 0)
217 {
218 $row = mysql_fetch_assoc($res);
219 echo $row['email']."<br>\n";
220 account_email_delete($row['id']);
221 $delcount++;
222 }
223 }
224 }
225 else
226 {
227 echo _("You did not select any email accounts for removal.");
228 }
229 if(0 == $delcount)
230 {
231 echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
232 }
233
234 showfooter();
235 exit;
236 }
237
238 if($process != "" && $oldid == 3)
239 {
240 if(!array_key_exists('CCA',$_REQUEST))
241 {
242 showheader(_("My CAcert.org Account!"));
243 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
244 showfooter();
245 exit;
246 }
247
248 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
249 {
250 showheader(_("My CAcert.org Account!"));
251 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
252 showfooter();
253 exit;
254 }
255
256 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
257
258 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
259 if($_SESSION['profile']['points'] >= 50)
260 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
261 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
262 {
263 $_REQUEST['codesign'] = 0;
264 }
265 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
266 {
267 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
268 $_SESSION['_config']['incname'] = 1;
269 }
270 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
271 $_SESSION['_config']['codesign'] = 1;
272 else
273 $_SESSION['_config']['codesign'] = 0;
274
275 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
276 $_SESSION['_config']['disablelogin'] = 0;
277 else
278 $_SESSION['_config']['disablelogin'] = 1;
279
280 $_SESSION['_config']['rootcert'] = 1;
281 if($_SESSION['profile']['points'] >= 50)
282 {
283 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
284 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
285 $_SESSION['_config']['rootcert'] = 1;
286 }
287 $csr = "";
288 if(trim($_REQUEST['optionalCSR']) == "")
289 {
290 $id = 4;
291 } else {
292 $oldid = 4;
293 $_REQUEST['keytype'] = "MS";
294 $csr = clean_csr($_REQUEST['optionalCSR']);
295 }
296 if(trim($_REQUEST['description']) != ""){
297 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
298 }else{
299 $_SESSION['_config']['description']= "";
300 }
301 }
302
303 if($oldid == 4)
304 {
305 if($_REQUEST['keytype'] == "NS")
306 {
307 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
308
309 if($spkac=="" || $spkac == "deadbeef")
310 {
311 $id = 4;
312 showheader(_("My CAcert.org Account!"));
313 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
314 showfooter();
315 exit;
316 }
317 $count = 0;
318 $emails = "";
319 $addys = array();
320 $defaultemail="";
321 if(is_array($_SESSION['_config']['addid']))
322 foreach($_SESSION['_config']['addid'] as $id)
323 {
324 $res = mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and `id`='".intval($id)."'");
325 if(mysql_num_rows($res) > 0)
326 {
327 $row = mysql_fetch_assoc($res);
328 if(!$emails)
329 $defaultemail = $row['email'];
330 $emails .= "$count.emailAddress = ".$row['email']."\n";
331 $count++;
332 $addys[] = intval($row['id']);
333 }
334 }
335 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
336 {
337 $id = 4;
338 showheader(_("My CAcert.org Account!"));
339 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
340 showfooter();
341 exit;
342 }
343 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
344 if($_SESSION['_config']['SSO'] == 1)
345 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
346
347 if(strlen($user['mname']) == 1)
348 $user['mname'] .= '.';
349 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
350 {
351 $emails .= "commonName = CAcert WoT User\n";
352 }
353 else
354 {
355 if($_SESSION['_config']['incname'] == 1)
356 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
357 if($_SESSION['_config']['incname'] == 2)
358 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
359 if($_SESSION['_config']['incname'] == 3)
360 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
361 if($_SESSION['_config']['incname'] == 4)
362 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
363 }
364 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
365 $_SESSION['_config']['rootcert'] = 1;
366
367 $emails .= "SPKAC = $spkac";
368 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
369 {
370 $id = 4;
371 showheader(_("My CAcert.org Account!"));
372 echo $weakKey;
373 showfooter();
374 exit;
375 }
376
377 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
378
379 $query = "insert into emailcerts set
380 `CN`='$defaultemail',
381 `keytype`='NS',
382 `memid`='".intval($_SESSION['profile']['id'])."',
383 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
384 `codesign`='".intval($_SESSION['_config']['codesign'])."',
385 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
386 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
387 `description`='".$_SESSION['_config']['description']."'";
388 mysql_query($query);
389 $emailid = mysql_insert_id();
390 if(is_array($addys))
391 foreach($addys as $addy)
392 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
393 $CSRname=generatecertpath("csr","client",$emailid);
394 $fp = fopen($CSRname, "w");
395 fputs($fp, $emails);
396 fclose($fp);
397 $challenge=$_SESSION['spkac_hash'];
398 $CSRname_esc = escapeshellarg($CSRname);
399 $res=`openssl spkac -verify -in $CSRname_esc`;
400 if(!strstr($res,"Challenge String: ".$challenge))
401 {
402 $id = $oldid;
403 showheader(_("My CAcert.org Account!"));
404 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
405 showfooter();
406 exit;
407 }
408 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
409 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
410 if($csr == "")
411 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
412
413 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
414 {
415 $id = 4;
416 showheader(_("My CAcert.org Account!"));
417 echo $weakKey;
418 showfooter();
419 exit;
420 }
421
422 $tmpfname = tempnam("/tmp", "id4CSR");
423 $fp = fopen($tmpfname, "w");
424 fputs($fp, $csr);
425 fclose($fp);
426
427 $addys = array();
428 $defaultemail = "";
429 $csrsubject="";
430
431 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
432 if(strlen($user['mname']) == 1)
433 $user['mname'] .= '.';
434 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
435 $csrsubject = "/CN=CAcert WoT User";
436 if($_SESSION['_config']['incname'] == 1)
437 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
438 if($_SESSION['_config']['incname'] == 2)
439 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
440 if($_SESSION['_config']['incname'] == 3)
441 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
442 if($_SESSION['_config']['incname'] == 4)
443 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
444 if(is_array($_SESSION['_config']['addid']))
445 foreach($_SESSION['_config']['addid'] as $id)
446 {
447 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
448 if(mysql_num_rows($res) > 0)
449 {
450 $row = mysql_fetch_assoc($res);
451 if($defaultemail == "")
452 $defaultemail = $row['email'];
453 $csrsubject .= "/emailAddress=".$row['email'];
454 $addys[] = $row['id'];
455 }
456 }
457 if($_SESSION['_config']['SSO'] == 1)
458 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
459
460 $tmpname = tempnam("/tmp", "id4csr");
461 $tmpfname_esc = escapeshellarg($tmpfname);
462 $tmpname_esc = escapeshellarg($tmpname);
463 $do = `/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc`; // -subj "$csr"`;
464 @unlink($tmpfname);
465 $csr = "";
466 $fp = fopen($tmpname, "r");
467 while($data = fgets($fp, 4096))
468 $csr .= $data;
469 fclose($fp);
470 @unlink($tmpname);
471 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
472 $_SESSION['_config']['rootcert'] = 1;
473
474 if($csr == "")
475 {
476 $id = 4;
477 showheader(_("My CAcert.org Account!"));
478 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
479 showfooter();
480 exit;
481 }
482 $query = "insert into emailcerts set
483 `CN`='$defaultemail',
484 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
485 `memid`='".$_SESSION['profile']['id']."',
486 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
487 `subject`='".mysql_real_escape_string($csrsubject)."',
488 `codesign`='".$_SESSION['_config']['codesign']."',
489 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
490 `rootcert`='".$_SESSION['_config']['rootcert']."',
491 `description`='".$_SESSION['_config']['description']."'";
492 mysql_query($query);
493 $emailid = mysql_insert_id();
494 if(is_array($addys))
495 foreach($addys as $addy)
496 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
497 $CSRname=generatecertpath("csr","client",$emailid);
498 $fp = fopen($CSRname, "w");
499 fputs($fp, $csr);
500 fclose($fp);
501 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
502 }
503 waitForResult("emailcerts", $emailid, 4);
504 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
505 $res = mysql_query($query);
506 if(mysql_num_rows($res) <= 0)
507 {
508 $id = 4;
509 showheader(_("My CAcert.org Account!"));
510 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
511 showfooter();
512 exit;
513 } else {
514 $id = 6;
515 $cert = $emailid;
516 $_REQUEST['cert']=$emailid;
517 }
518 }
519
520 if($oldid == 7)
521 {
522 csrf_check("adddomain");
523 if(strstr($_REQUEST['newdomain'],"\x00"))
524 {
525 showheader(_("My CAcert.org Account!"));
526 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
527 showfooter();
528 exit;
529 }
530
531 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
532 while($newdomain['0'] == '-')
533 $newdomain = substr($newdomain, 1);
534 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
535 {
536 showheader(_("My CAcert.org Account!"));
537 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
538 showfooter();
539 exit;
540 }
541
542 $newdom = trim(escapeshellarg($newdomain));
543 $newdomain = mysql_real_escape_string(trim($newdomain));
544
545 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
546 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
547 $res2 = mysql_query($query);
548 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
549 {
550 $oldid=0;
551 $id = 7;
552 showheader(_("My CAcert.org Account!"));
553 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
554 showfooter();
555 exit;
556 }
557 }
558
559 if($oldid == 7)
560 {
561 $oldid=0;
562 $id = 8;
563 $addy = array();
564 $adds = array();
565 if(strtolower(substr($newdom, -4, 3)) != ".jp")
566 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
567 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
568 {
569 if(is_array($adds))
570 foreach($adds as $line)
571 {
572 $bits = explode(":", $line, 2);
573 $line = trim($bits[1]);
574 if(!in_array($line, $addy) && $line != "")
575 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
576 }
577 } else {
578 if(is_array($adds))
579 foreach($adds as $line)
580 {
581 $line = trim(str_replace("\t", " ", $line));
582 $line = trim(str_replace("(", "", $line));
583 $line = trim(str_replace(")", " ", $line));
584 $line = trim(str_replace(":", " ", $line));
585
586 $bits = explode(" ", $line);
587 foreach($bits as $bit)
588 {
589 if(strstr($bit, "@"))
590 $line = $bit;
591 }
592 if(!in_array($line, $addy) && $line != "")
593 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
594 }
595 }
596
597 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
598 foreach($rfc as $sub)
599 if(!in_array($sub, $addy))
600 $addy[] = $sub;
601 $_SESSION['_config']['addy'] = $addy;
602 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
603 }
604
605 if($process != "" && $oldid == 8)
606 {
607 csrf_check('ctcinfo');
608 $oldid=0;
609 $id = 8;
610
611 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
612
613 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
614 {
615 showheader(_("My CAcert.org Account!"));
616 echo _("The address you submitted isn't a valid authority address for the domain.");
617 showfooter();
618 exit;
619 }
620
621 if(!in_array($authaddy, $_SESSION['_config']['addy']))
622 {
623 showheader(_("My CAcert.org Account!"));
624 echo _("The address you submitted isn't a valid authority address for the domain.");
625 showfooter();
626 exit;
627 }
628
629 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
630 $res = mysql_query($query);
631 if(mysql_num_rows($res) > 0)
632 {
633 showheader(_("My CAcert.org Account!"));
634 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
635 showfooter();
636 exit;
637 }
638 $checkemail = checkEmail($authaddy);
639 if($checkemail != "OK")
640 {
641 showheader(_("My CAcert.org Account!"));
642 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
643 if (substr($checkemail, 0, 1) == "4")
644 {
645 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
646 } else {
647 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
648 }
649 echo "<p>$checkemail</p>\n";
650 showfooter();
651 exit;
652 }
653
654 $hash = make_hash();
655 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
656 `memid`='".$_SESSION['profile']['id']."',`created`=NOW(),`hash`='$hash'";
657 mysql_query($query);
658 $domainid = mysql_insert_id();
659
660 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
661 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
662 $body .= _("Best regards")."\n"._("CAcert.org Support!");
663
664 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
665
666 showheader(_("My CAcert.org Account!"));
667 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
668 showfooter();
669 exit;
670 }
671
672 if($process != "" && $oldid == 9)
673 {
674 $id = 9;
675 showheader(_("My CAcert.org Account!"));
676 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
677 {
678 echo _("The following domains have been removed:")."<br>
679 ("._("Any valid certificates will be revoked as well").")<br>\n";
680
681 foreach($_REQUEST['delid'] as $id)
682 {
683 $id = intval($id);
684 $query = "select * from `domains` where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
685 $res = mysql_query($query);
686 if(mysql_num_rows($res) > 0)
687 {
688 $row = mysql_fetch_assoc($res);
689 echo $row['domain']."<br>\n";
690 account_domain_delete($row['id']);
691 }
692
693 }
694 }
695 else
696 {
697 echo _("You did not select any domains for removal.");
698 }
699
700 showfooter();
701 exit;
702 }
703
704 if($process != "" && $oldid == 10)
705 {
706 if(!array_key_exists('CCA',$_REQUEST))
707 {
708 showheader(_("My CAcert.org Account!"));
709 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
710 showfooter();
711 exit;
712 }
713
714 $CSR = clean_csr($_REQUEST['CSR']);
715 if(strpos($CSR,"---BEGIN")===FALSE)
716 {
717 // In case the CSR is missing the ---BEGIN lines, add them automatically:
718 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
719 }
720
721 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
722 {
723 showheader(_("My CAcert.org Account!"));
724 echo $weakKey;
725 showfooter();
726 exit;
727 }
728
729 if(trim($_REQUEST['description']) != ""){
730 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
731 }else{
732 $_SESSION['_config']['description']= "";
733 }
734
735 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
736 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
737 fputs($fp, $CSR);
738 fclose($fp);
739 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
740 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep "Subject:"`);
741 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
742 foreach($bits as $val)
743 {
744 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
745 }
746 $id = 11;
747
748 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
749 extractit();
750 getcn();
751 getalt();
752
753 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
754 {
755 showheader(_("My CAcert.org Account!"));
756 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
757 showfooter();
758 exit;
759 }
760
761 $_SESSION['_config']['rootcert'] = 1;
762 if($_SESSION['profile']['points'] >= 50)
763 {
764 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
765 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
766 $_SESSION['_config']['rootcert'] = 1;
767 }
768 }
769
770 if($process != "" && $oldid == 11)
771 {
772 if(!file_exists($_SESSION['_config']['tmpfname']))
773 {
774 showheader(_("My CAcert.org Account!"));
775 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
776 showfooter();
777 exit;
778 }
779
780 if (($weakKey = checkWeakKeyCSR(file_get_contents(
781 $_SESSION['_config']['tmpfname']))) !== "")
782 {
783 showheader(_("My CAcert.org Account!"));
784 echo $weakKey;
785 showfooter();
786 exit;
787 }
788
789 $id = 11;
790 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
791 {
792 showheader(_("My CAcert.org Account!"));
793 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
794 showfooter();
795 exit;
796 }
797
798 $subject = buildSubjectFromSession();
799
800 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
801 $_SESSION['_config']['rootcert'] = 1;
802
803 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
804
805 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
806 {
807 $query = "insert into `domaincerts` set
808 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
809 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
810 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
811 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
812 `description`='".$_SESSION['_config']['description']."'";
813 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
814 $query = "insert into `domaincerts` set
815 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
816 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
817 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
818 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
819 `description`='".$_SESSION['_config']['description']."'";
820 } else {
821 showheader(_("My CAcert.org Account!"));
822 echo _("Domain not verified.");
823 showfooter();
824 exit;
825 }
826
827 mysql_query($query);
828 $CSRid = mysql_insert_id();
829
830 if(is_array($_SESSION['_config']['rowid']))
831 foreach($_SESSION['_config']['rowid'] as $dom)
832 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
833 if(is_array($_SESSION['_config']['altid']))
834 foreach($_SESSION['_config']['altid'] as $dom)
835 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
836
837 $CSRname=generatecertpath("csr","server",$CSRid);
838 rename($_SESSION['_config']['tmpfname'], $CSRname);
839 chmod($CSRname,0644);
840 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
841 waitForResult("domaincerts", $CSRid, 11);
842 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
843 $res = mysql_query($query);
844 if(mysql_num_rows($res) <= 0)
845 {
846 $id = 11;
847 showheader(_("My CAcert.org Account!"));
848 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
849 showfooter();
850 exit;
851 } else {
852 $id = 15;
853 $cert = $CSRid;
854 $_REQUEST['cert']=$CSRid;
855 }
856 }
857
858 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
859 {
860 csrf_check('srvcerchange');
861 $id = 12;
862 showheader(_("My CAcert.org Account!"));
863 if(is_array($_REQUEST['revokeid']))
864 {
865 echo _("Now renewing the following certificates:")."<br>\n";
866 foreach($_REQUEST['revokeid'] as $id)
867 {
868 $id = intval($id);
869 echo _("Processing request")." $id:<br/>";
870 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
871 where `domaincerts`.`id`='$id' and
872 `domaincerts`.`domid`=`domains`.`id` and
873 `domains`.`memid`='".$_SESSION['profile']['id']."'";
874 $res = mysql_query($query);
875 if(mysql_num_rows($res) <= 0)
876 {
877 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
878 continue;
879 }
880
881 $row = mysql_fetch_assoc($res);
882
883 if (($weakKey = checkWeakKeyX509(file_get_contents(
884 $row['crt_name']))) !== "")
885 {
886 echo $weakKey, "<br/>\n";
887 continue;
888 }
889
890 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
891 $query = "insert into `domaincerts` set
892 `domid`='".intval($row['domid'])."',
893 `CN`='".mysql_real_escape_string($row['CN'])."',
894 `subject`='".mysql_real_escape_string($row['subject'])."',".
895 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
896 "`created`='".mysql_real_escape_string($row['created'])."',
897 `modified`=NOW(),
898 `rootcert`='".intval($row['rootcert'])."',
899 `type`='".intval($row['type'])."',
900 `pkhash`='".mysql_real_escape_string($row['pkhash'])."',
901 `description`='".mysql_real_escape_string($row['description'])."'";
902 mysql_query($query);
903 $newid = mysql_insert_id();
904 $newfile=generatecertpath("csr","server",$newid);
905 copy($row['csr_name'], $newfile);
906 $newfile_esc = escapeshellarg($newfile);
907 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d "\\0"|grep "Subject:"`);
908 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
909 foreach($bits as $val)
910 {
911 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
912 }
913 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
914 extractit();
915 getcn();
916 getalt();
917
918 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
919 {
920 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
921 continue;
922 }
923
924 $subject = buildSubjectFromSession();
925 $subject = mysql_real_escape_string($subject);
926 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
927
928 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
929 waitForResult("domaincerts", $newid,$oldid,0);
930 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
931 $res = mysql_query($query);
932 if(mysql_num_rows($res) <= 0)
933 {
934 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
935 } else {
936 $drow = mysql_fetch_assoc($res);
937 $crt_name = escapeshellarg($drow['crt_name']);
938 $cert = `/usr/bin/openssl x509 -in $crt_name`;
939 echo "<pre>\n$cert\n</pre>\n";
940 }
941 }
942 }
943 else
944 {
945 echo _("You did not select any certificates for renewal.");
946 }
947
948 showfooter();
949 exit;
950 }
951
952 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
953 {
954 csrf_check('srvcerchange');
955 $id = 12;
956 showheader(_("My CAcert.org Account!"));
957 if(is_array($_REQUEST['revokeid']))
958 {
959 echo _("Now revoking the following certificates:")."<br>\n";
960 foreach($_REQUEST['revokeid'] as $id)
961 {
962 $id = intval($id);
963 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
964 where `domaincerts`.`id`='$id' and
965 `domaincerts`.`domid`=`domains`.`id` and
966 `domains`.`memid`='".$_SESSION['profile']['id']."'";
967 $res = mysql_query($query);
968 if(mysql_num_rows($res) <= 0)
969 {
970 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
971 continue;
972 }
973 $row = mysql_fetch_assoc($res);
974 if($row['revoke'] > 0)
975 {
976 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
977 continue;
978 }
979 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
980 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
981 }
982
983 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
984 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
985
986 }
987 else
988 {
989 echo _("You did not select any certificates for revocation.");
990 }
991
992 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
993 {
994 echo _("Now deleting the following pending requests:")."<br>\n";
995 foreach($_REQUEST['delid'] as $id)
996 {
997 $id = intval($id);
998 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
999 where `domaincerts`.`id`='$id' and
1000 `domaincerts`.`domid`=`domains`.`id` and
1001 `domains`.`memid`='".$_SESSION['profile']['id']."'";
1002 $res = mysql_query($query);
1003 if(mysql_num_rows($res) <= 0)
1004 {
1005 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1006 continue;
1007 }
1008 $row = mysql_fetch_assoc($res);
1009 if($row['expired'] > 0)
1010 {
1011 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1012 continue;
1013 }
1014 mysql_query("delete from `domaincerts` where `id`='$id'");
1015 @unlink($row['csr_name']);
1016 @unlink($row['crt_name']);
1017 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1018 }
1019 }
1020 showfooter();
1021 exit;
1022 }
1023
1024 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1025 {
1026 showheader(_("My CAcert.org Account!"));
1027 foreach($_REQUEST as $id => $val)
1028 {
1029 if(substr($id,0,14)=="check_comment_")
1030 {
1031 $cid = intval(substr($id,14));
1032 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1033 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1034 }
1035 }
1036 echo(_("Certificate settings have been changed.")."<br/>\n");
1037 showfooter();
1038 exit;
1039 }
1040
1041
1042 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1043 {
1044 showheader(_("My CAcert.org Account!"));
1045 if(is_array($_REQUEST['revokeid']))
1046 {
1047 echo _("Now renewing the following certificates:")."<br>\n";
1048 foreach($_REQUEST['revokeid'] as $id)
1049 {
1050 $id = intval($id);
1051 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1052 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1053 $res = mysql_query($query);
1054 if(mysql_num_rows($res) <= 0)
1055 {
1056 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1057 continue;
1058 }
1059
1060 $row = mysql_fetch_assoc($res);
1061
1062 if (($weakKey = checkWeakKeyX509(file_get_contents(
1063 $row['crt_name']))) !== "")
1064 {
1065 echo $weakKey, "<br/>\n";
1066 continue;
1067 }
1068
1069 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1070 $query = "insert into emailcerts set
1071 `memid`='".intval($row['memid'])."',
1072 `CN`='".mysql_real_escape_string($row['CN'])."',
1073 `subject`='".mysql_real_escape_string($row['subject'])."',
1074 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1075 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1076 `created`='".mysql_real_escape_string($row['created'])."',
1077 `modified`=NOW(),
1078 `disablelogin`='".intval($row['disablelogin'])."',
1079 `codesign`='".intval($row['codesign'])."',
1080 `rootcert`='".intval($row['rootcert'])."',
1081 `description`='".mysql_real_escape_string($row['description'])."'";
1082 mysql_query($query);
1083 $newid = mysql_insert_id();
1084 $newfile=generatecertpath("csr","client",$newid);
1085 copy($row['csr_name'], $newfile);
1086 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1087 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1088 while($r2 = mysql_fetch_assoc($res))
1089 {
1090 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1091 `emailcertsid`='$newid'");
1092 }
1093 waitForResult("emailcerts", $newid,$oldid,0);
1094 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1095 $res = mysql_query($query);
1096 if(mysql_num_rows($res) <= 0)
1097 {
1098 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1099 } else {
1100 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1101 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1102 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1103 }
1104 }
1105 }
1106 else
1107 {
1108 echo _("You did not select any certificates for renewal.")."<br/>";
1109 }
1110
1111 showfooter();
1112 exit;
1113 }
1114
1115 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1116 {
1117 $id = 5;
1118 showheader(_("My CAcert.org Account!"));
1119 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1120 {
1121 echo _("Now revoking the following certificates:")."<br>\n";
1122 foreach($_REQUEST['revokeid'] as $id)
1123 {
1124 $id = intval($id);
1125 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1126 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1127 $res = mysql_query($query);
1128 if(mysql_num_rows($res) <= 0)
1129 {
1130 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1131 continue;
1132 }
1133 $row = mysql_fetch_assoc($res);
1134 if($row['revoke'] > 0)
1135 {
1136 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1137 continue;
1138 }
1139 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1140 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1141 }
1142
1143 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1144 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1145 }
1146 else
1147 {
1148 echo _("You did not select any certificates for revocation.");
1149 }
1150
1151 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1152 {
1153 echo _("Now deleting the following pending requests:")."<br>\n";
1154 foreach($_REQUEST['delid'] as $id)
1155 {
1156 $id = intval($id);
1157 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1158 where `id`='$id' and `memid`='".$_SESSION['profile']['id']."'";
1159 $res = mysql_query($query);
1160 if(mysql_num_rows($res) <= 0)
1161 {
1162 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1163 continue;
1164 }
1165 $row = mysql_fetch_assoc($res);
1166 if($row['expired'] > 0)
1167 {
1168 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1169 continue;
1170 }
1171 mysql_query("delete from `emailcerts` where `id`='$id'");
1172 @unlink($row['csr_name']);
1173 @unlink($row['crt_name']);
1174 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1175 }
1176 }
1177 showfooter();
1178 exit;
1179 }
1180
1181 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1182 {
1183 showheader(_("My CAcert.org Account!"));
1184 foreach($_REQUEST as $id => $val)
1185 {
1186 if(substr($id,0,5)=="cert_")
1187 {
1188 $cid = intval(substr($id,5));
1189 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1190 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1191 }
1192 if(substr($id,0,14)=="check_comment_")
1193 {
1194 $cid = intval(substr($id,14));
1195 if(!empty($_REQUEST['check_comment_'.$cid])) {
1196 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1197 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".$_SESSION['profile']['id']."'");
1198 }
1199 }
1200 }
1201 echo(_("Certificate settings have been changed.")."<br/>\n");
1202 showfooter();
1203 exit;
1204 }
1205
1206 if($oldid == 13 && $process != "" && $showdetails!="")
1207 {
1208 csrf_check("perschange");
1209 $_SESSION['_config']['user'] = $_SESSION['profile'];
1210
1211 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1212 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1213 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1214 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1215 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1216 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1217 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1218 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1219 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1220 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1221
1222 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1223 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1224 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1225 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1226 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1227 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1228 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1229 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1230 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1231 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1232 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1233 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1234 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1235 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1236 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1237 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1238 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1239 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1240 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1241 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1242 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1243 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1244 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1245 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1246 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1247 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1248 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1249 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1250 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1251 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1252 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1253 {
1254 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1255 $id = $oldid;
1256 $oldid=0;
1257 }
1258
1259 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1260 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1261 $_SESSION['_config']['user']['Q5'] == "")
1262 {
1263 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1264 $id = $oldid;
1265 $oldid=0;
1266 }
1267 }
1268
1269 if($oldid == 13 && $process != "")
1270 {
1271 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1272 $ddres = mysql_query($ddquery);
1273 $ddrow = mysql_fetch_assoc($ddres);
1274 $_SESSION['profile']['points'] = $ddrow['total'];
1275
1276 if($_SESSION['profile']['points'] == 0)
1277 {
1278 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1279 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1280 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1281 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1282 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1283 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1284 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1285
1286 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1287 {
1288 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1289 $id = $oldid;
1290 $oldid=0;
1291 }
1292 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1293 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1294 {
1295 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1296 $id = $oldid;
1297 $oldid=0;
1298 }
1299 }
1300 }
1301
1302 if($oldid == 13 && $process != "")
1303 {
1304 if($_SESSION['profile']['points'] == 0)
1305 {
1306 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1307 `mname`='".$_SESSION['_config']['user']['mname']."',
1308 `lname`='".$_SESSION['_config']['user']['lname']."',
1309 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1310 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1311 where `id`='".$_SESSION['profile']['id']."'";
1312 mysql_query($query);
1313 }
1314 if ($showdetails!="") {
1315 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1316 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1317 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1318 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1319 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1320 `A1`='".$_SESSION['_config']['user']['A1']."',
1321 `A2`='".$_SESSION['_config']['user']['A2']."',
1322 `A3`='".$_SESSION['_config']['user']['A3']."',
1323 `A4`='".$_SESSION['_config']['user']['A4']."',
1324 `A5`='".$_SESSION['_config']['user']['A5']."'
1325 where `id`='".$_SESSION['profile']['id']."'";
1326 mysql_query($query);
1327 }
1328
1329 //!!!Should be rewritten
1330 $_SESSION['_config']['user']['otphash'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otphash']))));
1331 $_SESSION['_config']['user']['otppin'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['otppin']))));
1332 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1333 {
1334 $query = "update `users` set `otphash`='".$_SESSION['_config']['user']['otphash']."',
1335 `otppin`='".$_SESSION['_config']['user']['otppin']."' where `id`='".$_SESSION['profile']['id']."'";
1336 mysql_query($query);
1337 }
1338
1339 $_SESSION['_config']['user']['set'] = 0;
1340 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."'"));
1341 $_SESSION['profile']['loggedin'] = 1;
1342
1343 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".$_SESSION['profile']['id']."' group by `to`";
1344 $ddres = mysql_query($ddquery);
1345 $ddrow = mysql_fetch_assoc($ddres);
1346 $_SESSION['profile']['points'] = $ddrow['total'];
1347
1348
1349 $id = 13;
1350 showheader(_("My CAcert.org Account!"));
1351 echo _("Your details have been updated with the database.");
1352 showfooter();
1353 exit;
1354 }
1355
1356 if($oldid == 14 && $process != "")
1357 {
1358 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1359 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1360 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1361
1362 $id = 14;
1363 csrf_check("pwchange");
1364
1365 showheader(_("My CAcert.org Account!"));
1366 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1367 {
1368 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1369 '</h3>', "\n";
1370 echo _("New Pass Phrases specified don't match or were blank.");
1371 } else {
1372 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1373 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1374
1375 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1376 {
1377 $match = mysql_query("select * from `users` where `id`='".$_SESSION['profile']['id']."' and
1378 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1379 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1380 $rc = mysql_num_rows($match);
1381 } else {
1382 $rc = 1;
1383 }
1384
1385 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1386 echo '<h3 style="color:red">',
1387 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1388 echo _("The Pass Phrase you submitted was too short.");
1389 } else if($score < 3) {
1390 echo '<h3 style="color:red">',
1391 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1392 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1393 } else if($rc <= 0) {
1394 echo '<h3 style="color:red">',
1395 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1396 echo _("You failed to correctly enter your current Pass Phrase.");
1397 } else {
1398 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1399 where `id`='".$_SESSION['profile']['id']."'");
1400 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1401 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1402 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1403 $body .= _("You are receiving this email because you or someone else ".
1404 "has changed the password on your account.")."\n\n";
1405
1406 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1407
1408 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1409 "support@cacert.org", "", "", "CAcert Support");
1410 }
1411 }
1412 showfooter();
1413 exit;
1414 }
1415
1416 if($oldid == 16)
1417 {
1418 $id = 16;
1419 $_SESSION['_config']['emails'] = array();
1420
1421 foreach($_REQUEST['emails'] as $val)
1422 {
1423 $val = mysql_real_escape_string(stripslashes(trim($val)));
1424 $bits = explode("@", $val);
1425 $count = count($bits);
1426 if($count != 2)
1427 continue;
1428
1429 if(checkownership($bits[1]) == false)
1430 continue;
1431
1432 if(!is_array($_SESSION['_config']['row']))
1433 continue;
1434 else if($_SESSION['_config']['row']['id'] > 0)
1435 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1436
1437 if($val != "")
1438 $_SESSION['_config']['emails'][] = $val;
1439 }
1440 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1441 $_SESSION['_config']['OU'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['OU'])));
1442
1443
1444 if(trim($_REQUEST['description']) != ""){
1445 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1446 }else{
1447 $_SESSION['_config']['description']= "";
1448 }
1449 }
1450
1451 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1452 {
1453 $id = 16;
1454 showheader(_("My CAcert.org Account!"));
1455 echo _("I couldn't match any emails against your organisational account.");
1456 showfooter();
1457 exit;
1458 }
1459
1460 if($oldid == 16 && $process != "")
1461 {
1462 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1463 {
1464 $_REQUEST['codesign'] = 1;
1465 $_SESSION['_config']['codesign'] = 1;
1466 }
1467 else
1468 {
1469 $_REQUEST['codesign'] = 0;
1470 $_SESSION['_config']['codesign'] = 0;
1471 }
1472
1473 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1474 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1475 $_SESSION['_config']['rootcert'] = 1;
1476
1477 if(trim($_REQUEST['description']) != ""){
1478 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1479 }else{
1480 $_SESSION['_config']['description']= "";
1481 }
1482
1483 if(@count($_SESSION['_config']['emails']) > 0)
1484 $id = 17;
1485 }
1486
1487 if($oldid == 17)
1488 {
1489 $org = $_SESSION['_config']['row'];
1490 if($_REQUEST['keytype'] == "NS")
1491 {
1492 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1493
1494 if($spkac == "" || strlen($spkac) < 128)
1495 {
1496 $id = 17;
1497 showheader(_("My CAcert.org Account!"));
1498 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1499 showfooter();
1500 exit;
1501 }
1502
1503 $count = 0;
1504 $emails = "";
1505 $addys = array();
1506 if(is_array($_SESSION['_config']['emails']))
1507 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1508 {
1509 if(!$emails)
1510 $defaultemail = $_REQUEST['email'];
1511 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1512 $count++;
1513 }
1514 if($_SESSION['_config']['name'] != "")
1515 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1516 if($_SESSION['_config']['OU'])
1517 $emails .= "organizationalUnitName = ".$_SESSION['_config']['OU']."\n";
1518 if($org['O'])
1519 $emails .= "organizationName = ".$org['O']."\n";
1520 if($org['L'])
1521 $emails .= "localityName = ".$org['L']."\n";
1522 if($org['ST'])
1523 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1524 if($org['C'])
1525 $emails .= "countryName = ".$org['C']."\n";
1526 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1527 $_SESSION['_config']['rootcert'] = 1;
1528
1529
1530 $emails .= "SPKAC = $spkac";
1531 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1532 {
1533 $id = 17;
1534 showheader(_("My CAcert.org Account!"));
1535 echo $weakKey;
1536 showfooter();
1537 exit;
1538 }
1539
1540 $query = "insert into `orgemailcerts` set
1541 `CN`='$defaultemail',
1542 `ou`='".$_SESSION['_config']['OU']."',
1543 `keytype`='NS',
1544 `orgid`='".$org['orgid']."',
1545 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1546 `codesign`='".$_SESSION['_config']['codesign']."',
1547 `rootcert`='".$_SESSION['_config']['rootcert']."',
1548 `description`='".$_SESSION['_config']['description']."'";
1549 mysql_query($query);
1550 $emailid = mysql_insert_id();
1551
1552 foreach($_SESSION['_config']['domids'] as $addy)
1553 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1554
1555 $CSRname=generatecertpath("csr","orgclient",$emailid);
1556 $fp = fopen($CSRname, "w");
1557 fputs($fp, $emails);
1558 fclose($fp);
1559 $challenge=$_SESSION['spkac_hash'];
1560 $CSRname_esc = escapeshellarg($CSRname);
1561 $res=`openssl spkac -verify -in $CSRname_esc`;
1562 if(!strstr($res,"Challenge String: ".$challenge))
1563 {
1564 $id = $oldid;
1565 showheader(_("My CAcert.org Account!"));
1566 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1567 showfooter();
1568 exit;
1569 }
1570 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1571 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1572 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1573
1574 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1575 {
1576 $id = 17;
1577 showheader(_("My CAcert.org Account!"));
1578 echo $weakKey;
1579 showfooter();
1580 exit;
1581 }
1582
1583 $tmpfname = tempnam("/tmp", "id17CSR");
1584 $fp = fopen($tmpfname, "w");
1585 fputs($fp, $csr);
1586 fclose($fp);
1587
1588 $addys = array();
1589 $defaultemail = "";
1590 $csrsubject="";
1591
1592 if($_SESSION['_config']['name'] != "")
1593 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1594 if(is_array($_SESSION['_config']['emails']))
1595 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1596 {
1597 if($defaultemail == "")
1598 $defaultemail = $_REQUEST['email'];
1599 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1600 }
1601 if($_SESSION['_config']['OU'])
1602 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1603 if($org['O'])
1604 $csrsubject .= "/organizationName=".$org['O'];
1605 if($org['L'])
1606 $csrsubject .= "/localityName=".$org['L'];
1607 if($org['ST'])
1608 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1609 if($org['C'])
1610 $csrsubject .= "/countryName=".$org['C'];
1611
1612 $tmpname = tempnam("/tmp", "id17csr");
1613 $tmpfname_esc = escapeshellarg($tmpfname);
1614 $tmpname_esc = escapeshellarg($tmpname);
1615 $do = `/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc`;
1616 @unlink($tmpfname);
1617 $csr = "";
1618 $fp = fopen($tmpname, "r");
1619 while($data = fgets($fp, 4096))
1620 $csr .= $data;
1621 fclose($fp);
1622 @unlink($tmpname);
1623
1624 if($csr == "")
1625 {
1626 showheader(_("My CAcert.org Account!"));
1627 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1628 showfooter();
1629 exit;
1630 }
1631 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1632 $_SESSION['_config']['rootcert'] = 1;
1633
1634 $query = "insert into `orgemailcerts` set
1635 `CN`='$defaultemail',
1636 `ou`='".$_SESSION['_config']['OU']."',
1637 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1638 `orgid`='".$org['orgid']."',
1639 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1640 `subject`='$csrsubject',
1641 `codesign`='".$_SESSION['_config']['codesign']."',
1642 `rootcert`='".$_SESSION['_config']['rootcert']."',
1643 `description`='".$_SESSION['_config']['description']."'";
1644 mysql_query($query);
1645 $emailid = mysql_insert_id();
1646
1647 foreach($_SESSION['_config']['domids'] as $addy)
1648 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1649
1650 $CSRname=generatecertpath("csr","orgclient",$emailid);
1651 $fp = fopen($CSRname, "w");
1652 fputs($fp, $csr);
1653 fclose($fp);
1654 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1655 }
1656 waitForResult("orgemailcerts", $emailid,$oldid);
1657 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1658 $res = mysql_query($query);
1659 if(mysql_num_rows($res) <= 0)
1660 {
1661 showheader(_("My CAcert.org Account!"));
1662 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1663 showfooter();
1664 exit;
1665 } else {
1666 $id = 19;
1667 $cert = $emailid;
1668 $_REQUEST['cert']=$emailid;
1669 }
1670 }
1671
1672 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1673 {
1674 csrf_check('clicerchange');
1675 showheader(_("My CAcert.org Account!"));
1676 if(is_array($_REQUEST['revokeid']))
1677 {
1678 $id = 18;
1679 echo _("Now renewing the following certificates:")."<br>\n";
1680 foreach($_REQUEST['revokeid'] as $id)
1681 {
1682 echo "Renewing certificate #$id ...\n<br/>";
1683 $id = intval($id);
1684 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1685 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1686 `org`.`orgid`=`orgemailcerts`.`orgid`";
1687 $res = mysql_query($query);
1688 if(mysql_num_rows($res) <= 0)
1689 {
1690 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1691 continue;
1692 }
1693
1694 $row = mysql_fetch_assoc($res);
1695
1696 if (($weakKey = checkWeakKeyX509(file_get_contents(
1697 $row['crt_name']))) !== "")
1698 {
1699 echo $weakKey, "<br/>\n";
1700 continue;
1701 }
1702
1703 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1704 if($row['revoke'] > 0)
1705 {
1706 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1707 continue;
1708 }
1709 $query = "insert into `orgemailcerts` set
1710 `orgid`='".intval($row['orgid'])."',
1711 `CN`='".mysql_real_escape_string($row['CN'])."',
1712 `ou`='".mysql_real_escape_string($row['ou'])."',
1713 `subject`='".mysql_real_escape_string($row['subject'])."',
1714 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1715 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1716 `created`='".mysql_real_escape_string($row['created'])."',
1717 `modified`=NOW(),
1718 `codesign`='".intval($row['codesign'])."',
1719 `rootcert`='".intval($row['rootcert'])."',
1720 `description`='".mysql_real_escape_string($row['description'])."'";
1721 mysql_query($query);
1722 $newid = mysql_insert_id();
1723 $newfile=generatecertpath("csr","orgclient",$newid);
1724 copy($row['csr_name'], $newfile);
1725 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1726 waitForResult("orgemailcerts", $newid,$oldid,0);
1727 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1728 $res = mysql_query($query);
1729 if(mysql_num_rows($res) > 0)
1730 {
1731 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1732 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1733 _("Click here")."</a> "._("to install your certificate.");
1734 }
1735 echo("<br/>");
1736 }
1737 }
1738 else
1739 {
1740 echo _("You did not select any certificates for renewal.");
1741 }
1742 showfooter();
1743 exit;
1744 }
1745
1746 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1747 {
1748 csrf_check('clicerchange');
1749 $id = 18;
1750 showheader(_("My CAcert.org Account!"));
1751 if(is_array($_REQUEST['revokeid']))
1752 {
1753 echo _("Now revoking the following certificates:")."<br>\n";
1754 foreach($_REQUEST['revokeid'] as $id)
1755 {
1756 $id = intval($id);
1757 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1758 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1759 `org`.`orgid`=`orgemailcerts`.`orgid`";
1760 $res = mysql_query($query);
1761 if(mysql_num_rows($res) <= 0)
1762 {
1763 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1764 continue;
1765 }
1766 $row = mysql_fetch_assoc($res);
1767 if($row['revoke'] > 0)
1768 {
1769 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1770 continue;
1771 }
1772 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1773 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1774 }
1775
1776 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1777 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1778 }
1779 else
1780 {
1781 echo _("You did not select any certificates for revocation.");
1782 }
1783
1784 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1785 {
1786 echo _("Now deleting the following pending requests:")."<br>\n";
1787 foreach($_REQUEST['delid'] as $id)
1788 {
1789 $id = intval($id);
1790 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1791 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".$_SESSION['profile']['id']."' and
1792 `org`.`orgid`=`orgemailcerts`.`orgid`";
1793 $res = mysql_query($query);
1794 if(mysql_num_rows($res) <= 0)
1795 {
1796 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1797 continue;
1798 }
1799 $row = mysql_fetch_assoc($res);
1800 if($row['expired'] > 0)
1801 {
1802 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1803 continue;
1804 }
1805 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1806 @unlink($row['csr_name']);
1807 @unlink($row['crt_name']);
1808 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1809 }
1810 }
1811 showfooter();
1812 exit;
1813 }
1814
1815 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1816 {
1817 showheader(_("My CAcert.org Account!"));
1818 foreach($_REQUEST as $id => $val)
1819 {
1820 if(substr($id,0,14)=="check_comment_")
1821 {
1822 $cid = intval(substr($id,14));
1823 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1824 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1825 }
1826 }
1827 echo(_("Certificate settings have been changed.")."<br/>\n");
1828 showfooter();
1829 exit;
1830 }
1831
1832 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1833 {
1834 $id=18;
1835 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1836 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1837 $_SESSION['_config']['status']=$_REQUEST['status'];
1838 }
1839
1840 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1841 {
1842 $id=18;
1843 $_SESSION['_config']['orgfilterid']=0;
1844 $_SESSION['_config']['sorting']=0;
1845 $_SESSION['_config']['status']=0;
1846 }
1847
1848 if($process != "" && $oldid == 20)
1849 {
1850 $CSR = clean_csr($_REQUEST['CSR']);
1851
1852 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1853 {
1854 $id = 20;
1855 showheader(_("My CAcert.org Account!"));
1856 echo $weakKey;
1857 showfooter();
1858 exit;
1859 }
1860
1861 if(trim($_REQUEST['description']) != ""){
1862 $_SESSION['_config']['description']= trim(mysql_real_escape_string(stripslashes($_REQUEST['description'])));
1863 }else{
1864 $_SESSION['_config']['description']= "";
1865 }
1866
1867 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1868 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1869 fputs($fp, $CSR);
1870 fclose($fp);
1871 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
1872 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep "Subject:"`);
1873 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1874 foreach($bits as $val)
1875 {
1876 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1877 }
1878 $id = 21;
1879
1880 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1881 extractit();
1882 getcn2();
1883 getalt2();
1884
1885 $query = "select * from `orginfo`,`org`,`orgdomains` where
1886 `org`.`memid`='".$_SESSION['profile']['id']."' and
1887 `org`.`orgid`=`orginfo`.`id` and
1888 `org`.`orgid`=`orgdomains`.`orgid` and
1889 `orgdomains`.`domain`='".$_SESSION['_config']['0.CN']."'";
1890 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1891 $query = "select * from `orginfo`,`org`,`orgdomains` where
1892 `org`.`memid`='".$_SESSION['profile']['id']."' and
1893 `org`.`orgid`=`orginfo`.`id` and
1894 `org`.`orgid`=`orgdomains`.`orgid` and
1895 `orgdomains`.`domain`='".$_SESSION['_config']['0.subjectAltName']."'";
1896 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1897 //echo "<pre>"; print_r($_SESSION['_config']); die;
1898
1899 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1900 {
1901 $id = 20;
1902 showheader(_("My CAcert.org Account!"));
1903 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1904 showfooter();
1905 exit;
1906 }
1907
1908 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1909 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1910 $_SESSION['_config']['rootcert'] = 1;
1911 }
1912
1913 if($process != "" && $oldid == 21)
1914 {
1915 $id = 21;
1916
1917 if(!file_exists($_SESSION['_config']['tmpfname']))
1918 {
1919 showheader(_("My CAcert.org Account!"));
1920 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1921 showfooter();
1922 exit;
1923 }
1924
1925 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1926 $_SESSION['_config']['tmpfname']))) !== "")
1927 {
1928 showheader(_("My CAcert.org Account!"));
1929 echo $weakKey;
1930 showfooter();
1931 exit;
1932 }
1933
1934 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1935 {
1936 showheader(_("My CAcert.org Account!"));
1937 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1938 showfooter();
1939 exit;
1940 }
1941
1942 if($_SESSION['_config']['rowid']['0'] > 0)
1943 {
1944 $query = "select * from `org`,`orginfo` where
1945 `orginfo`.`id`='".$_SESSION['_config']['rowid']['0']."' and
1946 `orginfo`.`id`=`org`.`orgid` and
1947 `org`.`memid`='".$_SESSION['profile']['id']."'";
1948 } else {
1949 $query = "select * from `org`,`orginfo` where
1950 `orginfo`.`id`='".$_SESSION['_config']['altid']['0']."' and
1951 `orginfo`.`id`=`org`.`orgid` and
1952 `org`.`memid`='".$_SESSION['profile']['id']."'";
1953 }
1954 $org = mysql_fetch_assoc(mysql_query($query));
1955 $csrsubject = "";
1956
1957 if($_SESSION['_config']['OU'])
1958 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1959 if($org['O'])
1960 $csrsubject .= "/organizationName=".$org['O'];
1961 if($org['L'])
1962 $csrsubject .= "/localityName=".$org['L'];
1963 if($org['ST'])
1964 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1965 if($org['C'])
1966 $csrsubject .= "/countryName=".$org['C'];
1967 //if($org['contact'])
1968 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1969
1970 $csrsubject .= buildSubjectFromSession();
1971
1972 $type="";
1973 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1974 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1975 $_SESSION['_config']['rootcert'] = 1;
1976
1977 if($_SESSION['_config']['rowid']['0'] > 0)
1978 {
1979 $query = "insert into `orgdomaincerts` set
1980 `CN`='".$_SESSION['_config']['rows']['0']."',
1981 `orgid`='".$org['id']."',
1982 `created`=NOW(),
1983 `subject`='$csrsubject',
1984 `rootcert`='".$_SESSION['_config']['rootcert']."',
1985 `type`='$type',
1986 `description`='".$_SESSION['_config']['description']."'";
1987 } else {
1988 $query = "insert into `orgdomaincerts` set
1989 `CN`='".$_SESSION['_config']['altrows']['0']."',
1990 `orgid`='".$org['id']."',
1991 `created`=NOW(),
1992 `subject`='$csrsubject',
1993 `rootcert`='".$_SESSION['_config']['rootcert']."',
1994 `type`='$type',
1995 `description`='".$_SESSION['_config']['description']."'";
1996 }
1997 mysql_query($query);
1998 $CSRid = mysql_insert_id();
1999
2000 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2001 rename($_SESSION['_config']['tmpfname'], $CSRname);
2002 chmod($CSRname,0644);
2003 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2004 if(is_array($_SESSION['_config']['rowid']))
2005 foreach($_SESSION['_config']['rowid'] as $id)
2006 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2007 if(is_array($_SESSION['_config']['altid']))
2008 foreach($_SESSION['_config']['altid'] as $id)
2009 mysql_query("insert into `orgdomlink` set `orgdomid`='$id', `orgcertid`='$CSRid'");
2010 waitForResult("orgdomaincerts", $CSRid,$oldid);
2011 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2012 $res = mysql_query($query);
2013 if(mysql_num_rows($res) <= 0)
2014 {
2015 showheader(_("My CAcert.org Account!"));
2016 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2017 showfooter();
2018 exit;
2019 } else {
2020 $id = 23;
2021 $cert = $CSRid;
2022 $_REQUEST['cert']=$CSRid;
2023 }
2024 }
2025
2026 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2027 {
2028 csrf_check('orgsrvcerchange');
2029 showheader(_("My CAcert.org Account!"));
2030 if(is_array($_REQUEST['revokeid']))
2031 {
2032 echo _("Now renewing the following certificates:")."<br>\n";
2033 foreach($_REQUEST['revokeid'] as $id)
2034 {
2035 $id = intval($id);
2036 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2037 `orgdomaincerts`,`org`
2038 where `orgdomaincerts`.`id`='$id' and
2039 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2040 `org`.`memid`='".$_SESSION['profile']['id']."'";
2041 $res = mysql_query($query);
2042 if(mysql_num_rows($res) <= 0)
2043 {
2044 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2045 continue;
2046 }
2047
2048 $row = mysql_fetch_assoc($res);
2049
2050 if (($weakKey = checkWeakKeyX509(file_get_contents(
2051 $row['crt_name']))) !== "")
2052 {
2053 echo $weakKey, "<br/>\n";
2054 continue;
2055 }
2056
2057 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2058 if($row['revoke'] > 0)
2059 {
2060 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2061 continue;
2062 }
2063 $query = "insert into `orgdomaincerts` set
2064 `orgid`='".intval($row['orgid'])."',
2065 `CN`='".mysql_real_escape_string($row['CN'])."',
2066 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
2067 `created`='".mysql_real_escape_string($row['created'])."',
2068 `modified`=NOW(),
2069 `subject`='".mysql_real_escape_string($row['subject'])."',
2070 `type`='".intval($row['type'])."',
2071 `rootcert`='".intval($row['rootcert'])."',
2072 `description`='".mysql_real_escape_string($row['description'])."'";
2073 mysql_query($query);
2074 $newid = mysql_insert_id();
2075 //echo "NewID: $newid<br/>\n";
2076 $newfile=generatecertpath("csr","orgserver",$newid);
2077 copy($row['csr_name'], $newfile);
2078 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2079 echo _("Renewing").": ".$row['CN']."<br>\n";
2080 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2081 while($r2 = mysql_fetch_assoc($res))
2082 mysql_query("insert into `orgdomlink` set `orgdomid`='".$r2['id']."', `orgcertid`='$newid'");
2083 waitForResult("orgdomaincerts", $newid,$oldid,0);
2084 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2085 $res = mysql_query($query);
2086 if(mysql_num_rows($res) <= 0)
2087 {
2088 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2089 } else {
2090 $drow = mysql_fetch_assoc($res);
2091 $crtname = escapeshellarg($drow['crt_name']);
2092 $cert = `/usr/bin/openssl x509 -in $crtname`;
2093 echo "<pre>\n$cert\n</pre>\n";
2094 }
2095 }
2096 }
2097 else
2098 {
2099 echo _("You did not select any certificates for renewal.");
2100 }
2101 showfooter();
2102 exit;
2103 }
2104
2105 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2106 {
2107 csrf_check('orgsrvcerchange');
2108 showheader(_("My CAcert.org Account!"));
2109 if(is_array($_REQUEST['revokeid']))
2110 {
2111 echo _("Now revoking the following certificates:")."<br>\n";
2112 foreach($_REQUEST['revokeid'] as $id)
2113 {
2114 $id = intval($id);
2115 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2116 `orgdomaincerts`,`org`
2117 where `orgdomaincerts`.`id`='$id' and
2118 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2119 `org`.`memid`='".$_SESSION['profile']['id']."'";
2120 $res = mysql_query($query);
2121 if(mysql_num_rows($res) <= 0)
2122 {
2123 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2124 continue;
2125 }
2126 $row = mysql_fetch_assoc($res);
2127 if($row['revoke'] > 0)
2128 {
2129 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2130 continue;
2131 }
2132 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2133 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
2134 }
2135
2136 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
2137 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
2138 }
2139 else
2140 {
2141 echo _("You did not select any certificates for revocation.");
2142 }
2143
2144 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2145 {
2146 echo _("Now deleting the following pending requests:")."<br>\n";
2147 foreach($_REQUEST['delid'] as $id)
2148 {
2149 $id = intval($id);
2150 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2151 `orgdomaincerts`,`org`
2152 where `orgdomaincerts`.`id`='$id' and
2153 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2154 `org`.`memid`='".$_SESSION['profile']['id']."'";
2155 $res = mysql_query($query);
2156 if(mysql_num_rows($res) <= 0)
2157 {
2158 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2159 continue;
2160 }
2161 $row = mysql_fetch_assoc($res);
2162 if($row['expired'] > 0)
2163 {
2164 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2165 continue;
2166 }
2167 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2168 @unlink($row['csr_name']);
2169 @unlink($row['crt_name']);
2170 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2171 }
2172 }
2173 showfooter();
2174 exit;
2175 }
2176
2177 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2178 {
2179 showheader(_("My CAcert.org Account!"));
2180 foreach($_REQUEST as $id => $val)
2181 {
2182 if(substr($id,0,14)=="check_comment_")
2183 {
2184 $cid = intval(substr($id,14));
2185 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2186 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2187 }
2188 }
2189 echo(_("Certificate settings have been changed.")."<br/>\n");
2190 showfooter();
2191 exit;
2192 }
2193
2194 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2195 {
2196 $id=22;
2197 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2198 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2199 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2200 }
2201
2202 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2203 {
2204 $id=22;
2205 $_SESSION['_config']['dorgfilterid']=0;
2206 $_SESSION['_config']['dsorting']=0;
2207 $_SESSION['_config']['dstatus']=0;
2208 }
2209
2210
2211 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2212 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2213 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2214 $_SESSION['profile']['orgadmin'] != 1)
2215 {
2216 showheader(_("My CAcert.org Account!"));
2217 echo _("You don't have access to this area.");
2218 showfooter();
2219 exit;
2220 }
2221
2222 if($oldid == 24 && $process != "")
2223 {
2224 $id = intval($oldid);
2225 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2226 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2227 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2228 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2229 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2230 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2231
2232 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2233 {
2234 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2235 } else {
2236 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2237 `contact`='".$_SESSION['_config']['contact']."',
2238 `L`='".$_SESSION['_config']['L']."',
2239 `ST`='".$_SESSION['_config']['ST']."',
2240 `C`='".$_SESSION['_config']['C']."',
2241 `comments`='".$_SESSION['_config']['comments']."'");
2242 showheader(_("My CAcert.org Account!"));
2243 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2244 showfooter();
2245 exit;
2246 }
2247 }
2248
2249 if($oldid == 27 && $process != "")
2250 {
2251 csrf_check('orgdetchange');
2252 $id = intval($oldid);
2253 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2254 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2255 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2256 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2257 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2258 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2259
2260 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2261 {
2262 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2263 } else {
2264 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2265 `contact`='".$_SESSION['_config']['contact']."',
2266 `L`='".$_SESSION['_config']['L']."',
2267 `ST`='".$_SESSION['_config']['ST']."',
2268 `C`='".$_SESSION['_config']['C']."',
2269 `comments`='".$_SESSION['_config']['comments']."'
2270 where `id`='".$_SESSION['_config']['orgid']."'");
2271 showheader(_("My CAcert.org Account!"));
2272 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2273 showfooter();
2274 exit;
2275 }
2276 }
2277
2278 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2279 {
2280 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2281 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2282 if(mysql_num_rows($res1) > 0)
2283 {
2284 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2285 $id = $oldid;
2286 $oldid=0;
2287 }
2288 }
2289
2290 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2291 {
2292 $oldid=0;
2293 $id = 25;
2294 }
2295
2296 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2297 {
2298 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2299 showheader(_("My CAcert.org Account!"));
2300 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2301 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2302 showfooter();
2303 exit;
2304 }
2305
2306 if($oldid == 29 && $process != "")
2307 {
2308 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2309
2310 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2311 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2312 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2313 {
2314 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2315 $id = $oldid;
2316 $oldid=0;
2317 }
2318 }
2319
2320 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2321 {
2322 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2323 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2324 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and</