Merge branch 'bug-1047' into bug-1042
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 /**
26 * Build a subject string as needed by the signer
27 *
28 * @param array(string) $domains
29 * First domain is used as CN and repeated in subjectAltName. Duplicates
30 * should already been removed
31 *
32 * @param bool $include_xmpp_addr
33 * [default: true] Whether to include the XmppAddr in the subjectAltName.
34 * This is needed if the Jabber server is jabber.example.com but a Jabber ID
35 * on that server would be alice@example.com
36 *
37 * @return string
38 */
39 function buildSubject(array $domains, $include_xmpp_addr = true) {
40 $subject = "/CN=${domains[0]}";
41
42 foreach ($domains as $domain) {
43 $subject .= "/subjectAltName=DNS:$domain";
44
45 if ($include_xmpp_addr) {
46 $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$domain";
47 }
48 }
49
50 return $subject;
51 }
52
53 /**
54 * Builds the subject string from the session variables
55 * $_SESSION['_config']['rows'] and $_SESSION['_config']['altrows']
56 *
57 * @return string
58 */
59 function buildSubjectFromSession() {
60 $domains = array();
61
62 if (is_array($_SESSION['_config']['rows'])) {
63 $domains = array_merge($domains, $_SESSION['_config']['rows']);
64 }
65
66 if (is_array($_SESSION['_config']['altrows']))
67 foreach ($_SESSION['_config']['altrows'] as $row) {
68 if (substr($row, 0, 4) === "DNS:") {
69 $domains[] = substr($row, 4);
70 }
71 }
72
73 return buildSubject(array_unique($domains));
74 }
75
76 $id = array_key_exists("id",$_REQUEST) ? intval($_REQUEST['id']) : 0;
77 $oldid = array_key_exists("oldid",$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
78 $process = array_key_exists("process",$_REQUEST) ? $_REQUEST['process'] : "";
79 // $showdetalis refers to Secret Question and Answers from account/13.php
80 $showdetails = array_key_exists("showdetails",$_REQUEST) ? intval($_REQUEST['showdetails']) : 0;
81
82 $cert = array_key_exists('cert',$_REQUEST) ? intval($_REQUEST['cert']) : 0;
83 $orgid = array_key_exists('orgid',$_REQUEST) ? intval($_REQUEST['orgid']) : 0;
84 $memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
85 $domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
86
87 $actionrequest = array_key_exists('action',$_REQUEST) ? $_REQUEST['action'] : "";
88
89 $ticketno = array_key_exists('ticketno',$_REQUEST) ? $_REQUEST['ticketno'] : "";
90 $ticketvalidation = FALSE;
91
92
93 if(!$_SESSION['mconn'])
94 {
95 echo _("Several CAcert Services are currently unavailable. Please try again later.");
96 exit;
97 }
98
99 if ($process == _("Cancel"))
100 {
101 // General reset CANCEL process requests
102 $process = "";
103 }
104
105
106 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
107 {
108 $id = 1;
109 $oldid=0;
110 }
111
112 if($process != "" && $oldid == 1)
113 {
114 $id = 1;
115 csrf_check('addemail');
116 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
117 {
118 showheader(_("My CAcert.org Account!"));
119 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
120 showfooter();
121 exit;
122 }
123 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
124 {
125 showheader(_("My CAcert.org Account!"));
126 printf(_("Not a valid email address. Can't continue."));
127 showfooter();
128 exit;
129 }
130 $oldid=0;
131 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
132 if(check_email_exists($_REQUEST['email'])==true)
133 {
134 showheader(_("My CAcert.org Account!"));
135 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
136 showfooter();
137 exit;
138 }
139 $checkemail = checkEmail($_REQUEST['newemail']);
140 if($checkemail != "OK")
141 {
142 showheader(_("My CAcert.org Account!"));
143 if (substr($checkemail, 0, 1) == "4")
144 {
145 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
146 } else {
147 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
148 }
149 echo "<p>$checkemail</p>\n";
150 showfooter();
151 exit;
152 }
153 $hash = make_hash();
154 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
155 mysql_query($query);
156 $emailid = mysql_insert_id();
157
158 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
159 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
160 $body .= _("Best regards")."\n"._("CAcert.org Support!");
161
162 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
163
164 showheader(_("My CAcert.org Account!"));
165 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
166 showfooter();
167 exit;
168 }
169
170 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
171 {
172 $id = 2;
173 $emailid = intval($_REQUEST['emailid']);
174 $query = "select * from `email` where `id`='$emailid' and `memid`='".intval($_SESSION['profile']['id'])."' and `hash` = '' and `deleted`=0";
175 $res = mysql_query($query);
176 if(mysql_num_rows($res) <= 0)
177 {
178 showheader(_("Error!"));
179 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
180 showfooter();
181 exit;
182 }
183 $row = mysql_fetch_assoc($res);
184 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
185 $body .= _("You are receiving this email because you or someone else ".
186 "has changed the default email on your account.")."\n\n";
187
188 $body .= _("Best regards")."\n"._("CAcert.org Support!");
189
190 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
191 "support@cacert.org", "", "", "CAcert Support");
192
193 $_SESSION['profile']['email'] = $row['email'];
194 $query = "update `users` set `email`='".mysql_real_escape_string($row['email'])."' where `id`='".intval($_SESSION['profile']['id'])."'";
195 mysql_query($query);
196 showheader(_("My CAcert.org Account!"));
197 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
198 showfooter();
199 exit;
200 }
201
202 if($process != "" && $oldid == 2)
203 {
204 $id = 2;
205 csrf_check("chgdef");
206 showheader(_("My CAcert.org Account!"));
207 $delcount = 0;
208 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
209 {
210 $deltitle=false;
211 foreach($_REQUEST['delid'] as $id)
212 {
213 if (!$deltitle) {
214 echo _('The following email addresses have been removed:')."<br>\n";
215 $deltitle=true;
216 }
217 $id = intval($id);
218 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
219 `email`!='".mysql_real_escape_string($_SESSION['profile']['email'])."'";
220 $res = mysql_query($query);
221 if(mysql_num_rows($res) > 0)
222 {
223 $row = mysql_fetch_assoc($res);
224 echo $row['email']."<br>\n";
225 account_email_delete($row['id']);
226 $delcount++;
227 }
228 }
229 }
230 else
231 {
232 echo _("You did not select any email accounts for removal.");
233 }
234 if(0 == $delcount)
235 {
236 echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
237 }
238
239 showfooter();
240 exit;
241 }
242
243 if($process != "" && $oldid == 3)
244 {
245 if(!array_key_exists('CCA',$_REQUEST))
246 {
247 showheader(_("My CAcert.org Account!"));
248 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
249 showfooter();
250 exit;
251 }
252
253 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
254 {
255 showheader(_("My CAcert.org Account!"));
256 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
257 showfooter();
258 exit;
259 }
260
261 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
262
263 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
264 if($_SESSION['profile']['points'] >= 50)
265 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
266 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
267 {
268 $_REQUEST['codesign'] = 0;
269 }
270 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
271 {
272 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
273 $_SESSION['_config']['incname'] = 1;
274 }
275 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
276 $_SESSION['_config']['codesign'] = 1;
277 else
278 $_SESSION['_config']['codesign'] = 0;
279
280 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
281 $_SESSION['_config']['disablelogin'] = 0;
282 else
283 $_SESSION['_config']['disablelogin'] = 1;
284
285 $_SESSION['_config']['rootcert'] = 1;
286 if($_SESSION['profile']['points'] >= 50)
287 {
288 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
289 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
290 $_SESSION['_config']['rootcert'] = 1;
291 }
292
293 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
294
295 $csr = "";
296 if(trim($_REQUEST['optionalCSR']) == "")
297 {
298 $id = 4;
299 } else {
300 $oldid = 4;
301 $_REQUEST['keytype'] = "MS";
302 $csr = clean_csr($_REQUEST['optionalCSR']);
303 }
304
305 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
306 }
307
308 if($oldid == 4)
309 {
310 if($_REQUEST['keytype'] == "NS")
311 {
312 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
313
314 if($spkac=="" || $spkac == "deadbeef")
315 {
316 $id = 4;
317 showheader(_("My CAcert.org Account!"));
318 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
319 showfooter();
320 exit;
321 }
322 $count = 0;
323 $emails = "";
324 $addys = array();
325 $defaultemail="";
326 if(is_array($_SESSION['_config']['addid']))
327 foreach($_SESSION['_config']['addid'] as $id)
328 {
329 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
330 if(mysql_num_rows($res) > 0)
331 {
332 $row = mysql_fetch_assoc($res);
333 if(!$emails)
334 $defaultemail = $row['email'];
335 $emails .= "$count.emailAddress = ".$row['email']."\n";
336 $count++;
337 $addys[] = intval($row['id']);
338 }
339 }
340 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
341 {
342 $id = 4;
343 showheader(_("My CAcert.org Account!"));
344 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
345 showfooter();
346 exit;
347 }
348 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
349 if($_SESSION['_config']['SSO'] == 1)
350 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
351
352 if(strlen($user['mname']) == 1)
353 $user['mname'] .= '.';
354 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
355 {
356 $emails .= "commonName = CAcert WoT User\n";
357 }
358 else
359 {
360 if($_SESSION['_config']['incname'] == 1)
361 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
362 if($_SESSION['_config']['incname'] == 2)
363 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
364 if($_SESSION['_config']['incname'] == 3)
365 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
366 if($_SESSION['_config']['incname'] == 4)
367 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
368 }
369 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
370 $_SESSION['_config']['rootcert'] = 1;
371
372 $emails .= "SPKAC = $spkac";
373 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
374 {
375 $id = 4;
376 showheader(_("My CAcert.org Account!"));
377 echo $weakKey;
378 showfooter();
379 exit;
380 }
381
382 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
383
384 $query = "insert into emailcerts set
385 `CN`='$defaultemail',
386 `keytype`='NS',
387 `memid`='".intval($_SESSION['profile']['id'])."',
388 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
389 `codesign`='".intval($_SESSION['_config']['codesign'])."',
390 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
391 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
392 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
393 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
394 mysql_query($query);
395 $emailid = mysql_insert_id();
396 if(is_array($addys))
397 foreach($addys as $addy)
398 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
399 $CSRname=generatecertpath("csr","client",$emailid);
400 $fp = fopen($CSRname, "w");
401 fputs($fp, $emails);
402 fclose($fp);
403 $challenge=$_SESSION['spkac_hash'];
404 $CSRname_esc = escapeshellarg($CSRname);
405 $res=shell_exec("openssl spkac -verify -in $CSRname_esc");
406 if(!strstr($res,"Challenge String: ".$challenge))
407 {
408 $id = $oldid;
409 showheader(_("My CAcert.org Account!"));
410 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
411 showfooter();
412 exit;
413 }
414 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
415 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
416 if($csr == "")
417 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
418
419 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
420 {
421 $id = 4;
422 showheader(_("My CAcert.org Account!"));
423 echo $weakKey;
424 showfooter();
425 exit;
426 }
427
428 $tmpfname = tempnam("/tmp", "id4CSR");
429 $fp = fopen($tmpfname, "w");
430 fputs($fp, $csr);
431 fclose($fp);
432
433 $addys = array();
434 $defaultemail = "";
435 $csrsubject="";
436
437 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
438 if(strlen($user['mname']) == 1)
439 $user['mname'] .= '.';
440 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
441 $csrsubject = "/CN=CAcert WoT User";
442 if($_SESSION['_config']['incname'] == 1)
443 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
444 if($_SESSION['_config']['incname'] == 2)
445 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
446 if($_SESSION['_config']['incname'] == 3)
447 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
448 if($_SESSION['_config']['incname'] == 4)
449 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
450 if(is_array($_SESSION['_config']['addid']))
451 foreach($_SESSION['_config']['addid'] as $id)
452 {
453 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
454 if(mysql_num_rows($res) > 0)
455 {
456 $row = mysql_fetch_assoc($res);
457 if($defaultemail == "")
458 $defaultemail = $row['email'];
459 $csrsubject .= "/emailAddress=".$row['email'];
460 $addys[] = $row['id'];
461 }
462 }
463 if($_SESSION['_config']['SSO'] == 1)
464 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
465
466 $tmpname = tempnam("/tmp", "id4csr");
467 $tmpfname_esc = escapeshellarg($tmpfname);
468 $tmpname_esc = escapeshellarg($tmpname);
469 $do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc"); // -subj "$csr";
470 @unlink($tmpfname);
471 $csr = "";
472 $fp = fopen($tmpname, "r");
473 while($data = fgets($fp, 4096))
474 $csr .= $data;
475 fclose($fp);
476 @unlink($tmpname);
477 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
478 $_SESSION['_config']['rootcert'] = 1;
479
480 if($csr == "")
481 {
482 $id = 4;
483 showheader(_("My CAcert.org Account!"));
484 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
485 showfooter();
486 exit;
487 }
488 $query = "insert into emailcerts set
489 `CN`='$defaultemail',
490 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
491 `memid`='".intval($_SESSION['profile']['id'])."',
492 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
493 `subject`='".mysql_real_escape_string($csrsubject)."',
494 `codesign`='".intval($_SESSION['_config']['codesign'])."',
495 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
496 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
497 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
498 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
499 mysql_query($query);
500 $emailid = mysql_insert_id();
501 if(is_array($addys))
502 foreach($addys as $addy)
503 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
504 $CSRname=generatecertpath("csr","client",$emailid);
505 $fp = fopen($CSRname, "w");
506 fputs($fp, $csr);
507 fclose($fp);
508 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
509 }
510 waitForResult("emailcerts", $emailid, 4);
511 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
512 $res = mysql_query($query);
513 if(mysql_num_rows($res) <= 0)
514 {
515 $id = 4;
516 showheader(_("My CAcert.org Account!"));
517 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
518 showfooter();
519 exit;
520 } else {
521 $id = 6;
522 $cert = $emailid;
523 $_REQUEST['cert']=$emailid;
524 }
525 }
526
527 if($oldid == 7)
528 {
529 csrf_check("adddomain");
530 if(strstr($_REQUEST['newdomain'],"\x00"))
531 {
532 showheader(_("My CAcert.org Account!"));
533 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
534 showfooter();
535 exit;
536 }
537
538 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
539 while($newdomain['0'] == '-')
540 $newdomain = substr($newdomain, 1);
541 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
542 {
543 showheader(_("My CAcert.org Account!"));
544 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
545 showfooter();
546 exit;
547 }
548
549 $newdom = trim(escapeshellarg($newdomain));
550 $newdomain = mysql_real_escape_string(trim($newdomain));
551
552 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
553 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
554 $res2 = mysql_query($query);
555 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
556 {
557 $oldid=0;
558 $id = 7;
559 showheader(_("My CAcert.org Account!"));
560 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
561 showfooter();
562 exit;
563 }
564 }
565
566 if($oldid == 7)
567 {
568 $oldid=0;
569 $id = 8;
570 $addy = array();
571 $adds = array();
572 if(strtolower(substr($newdom, -4, 3)) != ".jp")
573 $adds = explode("\n", trim(shell_exec("/usr/bin/whois $newdom|grep \"@\"")));
574 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
575 {
576 if(is_array($adds))
577 foreach($adds as $line)
578 {
579 $bits = explode(":", $line, 2);
580 $line = trim($bits[1]);
581 if(!in_array($line, $addy) && $line != "")
582 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
583 }
584 } else {
585 if(is_array($adds))
586 foreach($adds as $line)
587 {
588 $line = trim(str_replace("\t", " ", $line));
589 $line = trim(str_replace("(", "", $line));
590 $line = trim(str_replace(")", " ", $line));
591 $line = trim(str_replace(":", " ", $line));
592
593 $bits = explode(" ", $line);
594 foreach($bits as $bit)
595 {
596 if(strstr($bit, "@"))
597 $line = $bit;
598 }
599 if(!in_array($line, $addy) && $line != "")
600 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
601 }
602 }
603
604 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
605 foreach($rfc as $sub)
606 if(!in_array($sub, $addy))
607 $addy[] = $sub;
608 $_SESSION['_config']['addy'] = $addy;
609 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
610 }
611
612 if($process != "" && $oldid == 8)
613 {
614 csrf_check('ctcinfo');
615 $oldid=0;
616 $id = 8;
617
618 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
619
620 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
621 {
622 showheader(_("My CAcert.org Account!"));
623 echo _("The address you submitted isn't a valid authority address for the domain.");
624 showfooter();
625 exit;
626 }
627
628 if(!in_array($authaddy, $_SESSION['_config']['addy']))
629 {
630 showheader(_("My CAcert.org Account!"));
631 echo _("The address you submitted isn't a valid authority address for the domain.");
632 showfooter();
633 exit;
634 }
635
636 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
637 $res = mysql_query($query);
638 if(mysql_num_rows($res) > 0)
639 {
640 showheader(_("My CAcert.org Account!"));
641 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
642 showfooter();
643 exit;
644 }
645 $checkemail = checkEmail($authaddy);
646 if($checkemail != "OK")
647 {
648 showheader(_("My CAcert.org Account!"));
649 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
650 if (substr($checkemail, 0, 1) == "4")
651 {
652 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
653 } else {
654 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
655 }
656 echo "<p>$checkemail</p>\n";
657 showfooter();
658 exit;
659 }
660
661 $hash = make_hash();
662 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
663 `memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
664 mysql_query($query);
665 $domainid = mysql_insert_id();
666
667 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
668 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
669 $body .= _("Best regards")."\n"._("CAcert.org Support!");
670
671 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
672
673 showheader(_("My CAcert.org Account!"));
674 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
675 showfooter();
676 exit;
677 }
678
679 if($process != "" && $oldid == 9)
680 {
681 $id = 9;
682 showheader(_("My CAcert.org Account!"));
683 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
684 {
685 echo _("The following domains have been removed:")."<br>
686 ("._("Any valid certificates will be revoked as well").")<br>\n";
687
688 foreach($_REQUEST['delid'] as $id)
689 {
690 $id = intval($id);
691 $query = "select * from `domains` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
692 $res = mysql_query($query);
693 if(mysql_num_rows($res) > 0)
694 {
695 $row = mysql_fetch_assoc($res);
696 echo $row['domain']."<br>\n";
697 account_domain_delete($row['id']);
698 }
699
700 }
701 }
702 else
703 {
704 echo _("You did not select any domains for removal.");
705 }
706
707 showfooter();
708 exit;
709 }
710
711 if($process != "" && $oldid == 10)
712 {
713 if(!array_key_exists('CCA',$_REQUEST))
714 {
715 showheader(_("My CAcert.org Account!"));
716 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
717 showfooter();
718 exit;
719 }
720
721 $CSR = clean_csr($_REQUEST['CSR']);
722 if(strpos($CSR,"---BEGIN")===FALSE)
723 {
724 // In case the CSR is missing the ---BEGIN lines, add them automatically:
725 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
726 }
727
728 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
729 {
730 showheader(_("My CAcert.org Account!"));
731 echo $weakKey;
732 showfooter();
733 exit;
734 }
735
736 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
737
738 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
739 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
740 fputs($fp, $CSR);
741 fclose($fp);
742 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
743 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
744 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
745 foreach($bits as $val)
746 {
747 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
748 }
749 $id = 11;
750
751 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
752 extractit();
753 getcn();
754 getalt();
755
756 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
757 {
758 showheader(_("My CAcert.org Account!"));
759 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
760 showfooter();
761 exit;
762 }
763
764 $_SESSION['_config']['rootcert'] = 1;
765 if($_SESSION['profile']['points'] >= 50)
766 {
767 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
768 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
769 $_SESSION['_config']['rootcert'] = 1;
770 }
771
772 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
773 }
774
775 if($process != "" && $oldid == 11)
776 {
777 if(!file_exists($_SESSION['_config']['tmpfname']))
778 {
779 showheader(_("My CAcert.org Account!"));
780 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
781 showfooter();
782 exit;
783 }
784
785 if (($weakKey = checkWeakKeyCSR(file_get_contents(
786 $_SESSION['_config']['tmpfname']))) !== "")
787 {
788 showheader(_("My CAcert.org Account!"));
789 echo $weakKey;
790 showfooter();
791 exit;
792 }
793
794 $id = 11;
795 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
796 {
797 showheader(_("My CAcert.org Account!"));
798 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
799 showfooter();
800 exit;
801 }
802
803 $subject = buildSubjectFromSession();
804
805 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
806 $_SESSION['_config']['rootcert'] = 1;
807
808 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
809
810 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
811 {
812 $query = "insert into `domaincerts` set
813 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
814 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
815 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
816 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
817 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
818 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
819 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
820 $query = "insert into `domaincerts` set
821 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
822 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
823 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
824 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
825 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
826 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
827 } else {
828 showheader(_("My CAcert.org Account!"));
829 echo _("Domain not verified.");
830 showfooter();
831 exit;
832 }
833
834 mysql_query($query);
835 $CSRid = mysql_insert_id();
836
837 if(is_array($_SESSION['_config']['rowid']))
838 foreach($_SESSION['_config']['rowid'] as $dom)
839 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
840 if(is_array($_SESSION['_config']['altid']))
841 foreach($_SESSION['_config']['altid'] as $dom)
842 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
843
844 $CSRname=generatecertpath("csr","server",$CSRid);
845 rename($_SESSION['_config']['tmpfname'], $CSRname);
846 chmod($CSRname,0644);
847 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
848 waitForResult("domaincerts", $CSRid, 11);
849 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
850 $res = mysql_query($query);
851 if(mysql_num_rows($res) <= 0)
852 {
853 $id = 11;
854 showheader(_("My CAcert.org Account!"));
855 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
856 showfooter();
857 exit;
858 } else {
859 $id = 15;
860 $cert = $CSRid;
861 $_REQUEST['cert']=$CSRid;
862 }
863 }
864
865 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
866 {
867 csrf_check('srvcerchange');
868 $id = 12;
869 showheader(_("My CAcert.org Account!"));
870 if(is_array($_REQUEST['revokeid']))
871 {
872 echo _("Now renewing the following certificates:")."<br>\n";
873 foreach($_REQUEST['revokeid'] as $id)
874 {
875 $id = intval($id);
876 echo _("Processing request")." $id:<br/>";
877 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
878 where `domaincerts`.`id`='$id' and
879 `domaincerts`.`domid`=`domains`.`id` and
880 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
881 $res = mysql_query($query);
882 if(mysql_num_rows($res) <= 0)
883 {
884 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
885 continue;
886 }
887
888 $row = mysql_fetch_assoc($res);
889
890 if (($weakKey = checkWeakKeyX509(file_get_contents(
891 $row['crt_name']))) !== "")
892 {
893 echo $weakKey, "<br/>\n";
894 continue;
895 }
896
897 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
898 $query = "insert into `domaincerts` set
899 `domid`='".intval($row['domid'])."',
900 `CN`='".mysql_real_escape_string($row['CN'])."',
901 `subject`='".mysql_real_escape_string($row['subject'])."',".
902 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
903 "`created`='".mysql_real_escape_string($row['created'])."',
904 `modified`=NOW(),
905 `rootcert`='".intval($row['rootcert'])."',
906 `type`='".intval($row['type'])."',
907 `pkhash`='".mysql_real_escape_string($row['pkhash'])."',
908 `description`='".mysql_real_escape_string($row['description'])."'";
909 mysql_query($query);
910 $newid = mysql_insert_id();
911 $newfile=generatecertpath("csr","server",$newid);
912 copy($row['csr_name'], $newfile);
913 $newfile_esc = escapeshellarg($newfile);
914 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep \"Subject:\""));
915 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
916 foreach($bits as $val)
917 {
918 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
919 }
920 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
921 extractit();
922 getcn();
923 getalt();
924
925 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
926 {
927 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
928 continue;
929 }
930
931 $subject = buildSubjectFromSession();
932 $subject = mysql_real_escape_string($subject);
933 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
934
935 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
936 waitForResult("domaincerts", $newid,$oldid,0);
937 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
938 $res = mysql_query($query);
939 if(mysql_num_rows($res) <= 0)
940 {
941 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
942 } else {
943 $drow = mysql_fetch_assoc($res);
944 $crt_name = escapeshellarg($drow['crt_name']);
945 $cert = shell_exec("/usr/bin/openssl x509 -in $crt_name");
946 echo "<pre>\n$cert\n</pre>\n";
947 }
948 }
949 }
950 else
951 {
952 echo _("You did not select any certificates for renewal.");
953 }
954
955 showfooter();
956 exit;
957 }
958
959 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
960 {
961 csrf_check('srvcerchange');
962 $id = 12;
963 showheader(_("My CAcert.org Account!"));
964 if(is_array($_REQUEST['revokeid']))
965 {
966 echo _("Now revoking the following certificates:")."<br>\n";
967 foreach($_REQUEST['revokeid'] as $id)
968 {
969 $id = intval($id);
970 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
971 where `domaincerts`.`id`='$id' and
972 `domaincerts`.`domid`=`domains`.`id` and
973 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
974 $res = mysql_query($query);
975 if(mysql_num_rows($res) <= 0)
976 {
977 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
978 continue;
979 }
980 $row = mysql_fetch_assoc($res);
981 if($row['revoke'] > 0)
982 {
983 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
984 continue;
985 }
986 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
987 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
988 }
989
990 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
991 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
992
993 }
994 else
995 {
996 echo _("You did not select any certificates for revocation.");
997 }
998
999 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1000 {
1001 echo _("Now deleting the following pending requests:")."<br>\n";
1002 foreach($_REQUEST['delid'] as $id)
1003 {
1004 $id = intval($id);
1005 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
1006 where `domaincerts`.`id`='$id' and
1007 `domaincerts`.`domid`=`domains`.`id` and
1008 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
1009 $res = mysql_query($query);
1010 if(mysql_num_rows($res) <= 0)
1011 {
1012 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1013 continue;
1014 }
1015 $row = mysql_fetch_assoc($res);
1016 if($row['expired'] > 0)
1017 {
1018 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1019 continue;
1020 }
1021 mysql_query("delete from `domaincerts` where `id`='$id'");
1022 @unlink($row['csr_name']);
1023 @unlink($row['crt_name']);
1024 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1025 }
1026 }
1027 showfooter();
1028 exit;
1029 }
1030
1031 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1032 {
1033 showheader(_("My CAcert.org Account!"));
1034 foreach($_REQUEST as $id => $val)
1035 {
1036 if(substr($id,0,14)=="check_comment_")
1037 {
1038 $cid = intval(substr($id,14));
1039 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1040 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1041 }
1042 }
1043 echo(_("Certificate settings have been changed.")."<br/>\n");
1044 showfooter();
1045 exit;
1046 }
1047
1048
1049 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1050 {
1051 showheader(_("My CAcert.org Account!"));
1052 if(is_array($_REQUEST['revokeid']))
1053 {
1054 echo _("Now renewing the following certificates:")."<br>\n";
1055 foreach($_REQUEST['revokeid'] as $id)
1056 {
1057 $id = intval($id);
1058 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1059 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1060 $res = mysql_query($query);
1061 if(mysql_num_rows($res) <= 0)
1062 {
1063 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1064 continue;
1065 }
1066
1067 $row = mysql_fetch_assoc($res);
1068
1069 if (($weakKey = checkWeakKeyX509(file_get_contents(
1070 $row['crt_name']))) !== "")
1071 {
1072 echo $weakKey, "<br/>\n";
1073 continue;
1074 }
1075
1076 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1077 $query = "insert into emailcerts set
1078 `memid`='".intval($row['memid'])."',
1079 `CN`='".mysql_real_escape_string($row['CN'])."',
1080 `subject`='".mysql_real_escape_string($row['subject'])."',
1081 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1082 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1083 `created`='".mysql_real_escape_string($row['created'])."',
1084 `modified`=NOW(),
1085 `disablelogin`='".intval($row['disablelogin'])."',
1086 `codesign`='".intval($row['codesign'])."',
1087 `rootcert`='".intval($row['rootcert'])."',
1088 `description`='".mysql_real_escape_string($row['description'])."'";
1089 mysql_query($query);
1090 $newid = mysql_insert_id();
1091 $newfile=generatecertpath("csr","client",$newid);
1092 copy($row['csr_name'], $newfile);
1093 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1094 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1095 while($r2 = mysql_fetch_assoc($res))
1096 {
1097 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1098 `emailcertsid`='$newid'");
1099 }
1100 waitForResult("emailcerts", $newid,$oldid,0);
1101 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1102 $res = mysql_query($query);
1103 if(mysql_num_rows($res) <= 0)
1104 {
1105 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1106 } else {
1107 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1108 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1109 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1110 }
1111 }
1112 }
1113 else
1114 {
1115 echo _("You did not select any certificates for renewal.")."<br/>";
1116 }
1117
1118 showfooter();
1119 exit;
1120 }
1121
1122 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1123 {
1124 $id = 5;
1125 showheader(_("My CAcert.org Account!"));
1126 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1127 {
1128 echo _("Now revoking the following certificates:")."<br>\n";
1129 foreach($_REQUEST['revokeid'] as $id)
1130 {
1131 $id = intval($id);
1132 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1133 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1134 $res = mysql_query($query);
1135 if(mysql_num_rows($res) <= 0)
1136 {
1137 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1138 continue;
1139 }
1140 $row = mysql_fetch_assoc($res);
1141 if($row['revoke'] > 0)
1142 {
1143 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1144 continue;
1145 }
1146 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1147 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1148 }
1149
1150 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1151 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1152 }
1153 else
1154 {
1155 echo _("You did not select any certificates for revocation.");
1156 }
1157
1158 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1159 {
1160 echo _("Now deleting the following pending requests:")."<br>\n";
1161 foreach($_REQUEST['delid'] as $id)
1162 {
1163 $id = intval($id);
1164 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1165 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1166 $res = mysql_query($query);
1167 if(mysql_num_rows($res) <= 0)
1168 {
1169 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1170 continue;
1171 }
1172 $row = mysql_fetch_assoc($res);
1173 if($row['expired'] > 0)
1174 {
1175 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1176 continue;
1177 }
1178 mysql_query("delete from `emailcerts` where `id`='$id'");
1179 @unlink($row['csr_name']);
1180 @unlink($row['crt_name']);
1181 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1182 }
1183 }
1184 showfooter();
1185 exit;
1186 }
1187
1188 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1189 {
1190 showheader(_("My CAcert.org Account!"));
1191 foreach($_REQUEST as $id => $val)
1192 {
1193 if(substr($id,0,5)=="cert_")
1194 {
1195 $cid = intval(substr($id,5));
1196 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1197 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1198 }
1199 if(substr($id,0,14)=="check_comment_")
1200 {
1201 $cid = intval(substr($id,14));
1202 if(!empty($_REQUEST['check_comment_'.$cid])) {
1203 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1204 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1205 }
1206 }
1207 }
1208 echo(_("Certificate settings have been changed.")."<br/>\n");
1209 showfooter();
1210 exit;
1211 }
1212
1213 if($oldid == 13 && $process != "" && $showdetails!="")
1214 {
1215 csrf_check("perschange");
1216 $_SESSION['_config']['user'] = $_SESSION['profile'];
1217
1218 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1219 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1220 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1221 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1222 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1223 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1224 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1225 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1226 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1227 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1228
1229 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1230 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1231 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1232 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1233 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1234 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1235 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1236 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1237 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1238 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1239 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1240 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1241 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1242 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1243 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1244 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1245 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1246 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1247 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1248 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1249 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1250 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1251 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1252 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1253 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1254 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1255 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1256 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1257 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1258 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1259 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1260 {
1261 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1262 $id = $oldid;
1263 $oldid=0;
1264 }
1265
1266 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1267 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1268 $_SESSION['_config']['user']['Q5'] == "")
1269 {
1270 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1271 $id = $oldid;
1272 $oldid=0;
1273 }
1274 }
1275
1276 if($oldid == 13 && $process != "")
1277 {
1278 update_points_in_profile();
1279
1280 if($_SESSION['profile']['points'] == 0)
1281 {
1282 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1283 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1284 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1285 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1286 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1287 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1288 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1289
1290 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1291 {
1292 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1293 $id = $oldid;
1294 $oldid=0;
1295 }
1296 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1297 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1298 {
1299 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1300 $id = $oldid;
1301 $oldid=0;
1302 }
1303 }
1304 }
1305
1306 if($oldid == 13 && $process != "")
1307 {
1308 if($_SESSION['profile']['points'] == 0)
1309 {
1310 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1311 `mname`='".$_SESSION['_config']['user']['mname']."',
1312 `lname`='".$_SESSION['_config']['user']['lname']."',
1313 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1314 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1315 where `id`='".intval($_SESSION['profile']['id'])."'";
1316 mysql_query($query);
1317 }
1318 if ($showdetails!="") {
1319 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1320 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1321 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1322 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1323 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1324 `A1`='".$_SESSION['_config']['user']['A1']."',
1325 `A2`='".$_SESSION['_config']['user']['A2']."',
1326 `A3`='".$_SESSION['_config']['user']['A3']."',
1327 `A4`='".$_SESSION['_config']['user']['A4']."',
1328 `A5`='".$_SESSION['_config']['user']['A5']."'
1329 where `id`='".intval($_SESSION['profile']['id'])."'";
1330 mysql_query($query);
1331 }
1332
1333 $_SESSION['_config']['user']['set'] = 0;
1334 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
1335 $_SESSION['profile']['loggedin'] = 1;
1336
1337 update_points_in_profile();
1338
1339
1340 $id = 13;
1341 showheader(_("My CAcert.org Account!"));
1342 echo _("Your details have been updated with the database.");
1343 showfooter();
1344 exit;
1345 }
1346
1347 if($oldid == 14 && $process != "")
1348 {
1349 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1350 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1351 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1352
1353 $id = 14;
1354 csrf_check("pwchange");
1355
1356 showheader(_("My CAcert.org Account!"));
1357 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1358 {
1359 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1360 '</h3>', "\n";
1361 echo _("New Pass Phrases specified don't match or were blank.");
1362 } else {
1363 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1364 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1365
1366 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1367 {
1368 $match = mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and
1369 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1370 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1371 $rc = mysql_num_rows($match);
1372 } else {
1373 $rc = 1;
1374 }
1375
1376 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1377 echo '<h3 style="color:red">',
1378 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1379 echo _("The Pass Phrase you submitted was too short.");
1380 } else if($score < 3) {
1381 echo '<h3 style="color:red">',
1382 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1383 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1384 } else if($rc <= 0) {
1385 echo '<h3 style="color:red">',
1386 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1387 echo _("You failed to correctly enter your current Pass Phrase.");
1388 } else {
1389 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1390 where `id`='".intval($_SESSION['profile']['id'])."'");
1391 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1392 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1393 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1394 $body .= _("You are receiving this email because you or someone else ".
1395 "has changed the password on your account.")."\n\n";
1396
1397 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1398
1399 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1400 "support@cacert.org", "", "", "CAcert Support");
1401 }
1402 }
1403 showfooter();
1404 exit;
1405 }
1406
1407 if($oldid == 16)
1408 {
1409 $id = 16;
1410 $_SESSION['_config']['emails'] = array();
1411
1412 foreach($_REQUEST['emails'] as $val)
1413 {
1414 $val = mysql_real_escape_string(stripslashes(trim($val)));
1415 $bits = explode("@", $val);
1416 $count = count($bits);
1417 if($count != 2)
1418 continue;
1419
1420 if(checkownership($bits[1]) == false)
1421 continue;
1422
1423 if(!is_array($_SESSION['_config']['row']))
1424 continue;
1425 else if($_SESSION['_config']['row']['id'] > 0)
1426 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1427
1428 if($val != "")
1429 $_SESSION['_config']['emails'][] = $val;
1430 }
1431 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1432 $_SESSION['_config']['OU'] = stripslashes(trim($_REQUEST['OU']));
1433
1434 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1435 }
1436
1437 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1438 {
1439 $id = 16;
1440 showheader(_("My CAcert.org Account!"));
1441 echo _("I couldn't match any emails against your organisational account.");
1442 showfooter();
1443 exit;
1444 }
1445
1446 if($oldid == 16 && $process != "")
1447 {
1448 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1449 {
1450 $_REQUEST['codesign'] = 1;
1451 $_SESSION['_config']['codesign'] = 1;
1452 }
1453 else
1454 {
1455 $_REQUEST['codesign'] = 0;
1456 $_SESSION['_config']['codesign'] = 0;
1457 }
1458
1459 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1460 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1461 $_SESSION['_config']['rootcert'] = 1;
1462
1463 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1464
1465 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1466
1467 if(@count($_SESSION['_config']['emails']) > 0)
1468 $id = 17;
1469 }
1470
1471 if($oldid == 17)
1472 {
1473 $org = $_SESSION['_config']['row'];
1474 if($_REQUEST['keytype'] == "NS")
1475 {
1476 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1477
1478 if($spkac == "" || strlen($spkac) < 128)
1479 {
1480 $id = 17;
1481 showheader(_("My CAcert.org Account!"));
1482 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1483 showfooter();
1484 exit;
1485 }
1486
1487 $count = 0;
1488 $emails = "";
1489 $addys = array();
1490 if(is_array($_SESSION['_config']['emails']))
1491 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1492 {
1493 if(!$emails)
1494 $defaultemail = $_REQUEST['email'];
1495 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1496 $count++;
1497 }
1498 if($_SESSION['_config']['name'] != "")
1499 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1500 if($_SESSION['_config']['OU'])
1501 $emails .= "organizationalUnitName = ".mysql_real_escape_string($_SESSION['_config']['OU'])."\n";
1502 if($org['O'])
1503 $emails .= "organizationName = ".$org['O']."\n";
1504 if($org['L'])
1505 $emails .= "localityName = ".$org['L']."\n";
1506 if($org['ST'])
1507 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1508 if($org['C'])
1509 $emails .= "countryName = ".$org['C']."\n";
1510 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1511 $_SESSION['_config']['rootcert'] = 1;
1512
1513
1514 $emails .= "SPKAC = $spkac";
1515 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1516 {
1517 $id = 17;
1518 showheader(_("My CAcert.org Account!"));
1519 echo $weakKey;
1520 showfooter();
1521 exit;
1522 }
1523
1524 $query = "insert into `orgemailcerts` set
1525 `CN`='$defaultemail',
1526 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1527 `keytype`='NS',
1528 `orgid`='".intval($org['orgid'])."',
1529 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1530 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1531 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1532 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1533 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1534 mysql_query($query);
1535 $emailid = mysql_insert_id();
1536
1537 foreach($_SESSION['_config']['domids'] as $addy)
1538 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1539
1540 $CSRname=generatecertpath("csr","orgclient",$emailid);
1541 $fp = fopen($CSRname, "w");
1542 fputs($fp, $emails);
1543 fclose($fp);
1544 $challenge=$_SESSION['spkac_hash'];
1545 $CSRname_esc = escapeshellarg($CSRname);
1546 $res=shell_exec("openssl spkac -verify -in $CSRname_esc");
1547 if(!strstr($res,"Challenge String: ".$challenge))
1548 {
1549 $id = $oldid;
1550 showheader(_("My CAcert.org Account!"));
1551 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1552 showfooter();
1553 exit;
1554 }
1555 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1556 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1557 $csr = clean_csr($_REQUEST['CSR']);
1558 if(strpos($csr,"---BEGIN") === FALSE)
1559 {
1560 // In case the CSR is missing the ---BEGIN lines, add them automatically:
1561 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".$csr."\n-----END CERTIFICATE REQUEST-----\n";
1562 }
1563
1564 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1565 {
1566 $id = 17;
1567 showheader(_("My CAcert.org Account!"));
1568 echo $weakKey;
1569 showfooter();
1570 exit;
1571 }
1572
1573 $tmpfname = tempnam("/tmp", "id17CSR");
1574 $fp = fopen($tmpfname, "w");
1575 fputs($fp, $csr);
1576 fclose($fp);
1577
1578 $addys = array();
1579 $defaultemail = "";
1580 $csrsubject="";
1581
1582 if($_SESSION['_config']['name'] != "")
1583 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1584 if(is_array($_SESSION['_config']['emails']))
1585 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1586 {
1587 if($defaultemail == "")
1588 $defaultemail = $_REQUEST['email'];
1589 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1590 }
1591 if($_SESSION['_config']['OU'])
1592 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1593 if($org['O'])
1594 $csrsubject .= "/organizationName=".$org['O'];
1595 if($org['L'])
1596 $csrsubject .= "/localityName=".$org['L'];
1597 if($org['ST'])
1598 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1599 if($org['C'])
1600 $csrsubject .= "/countryName=".$org['C'];
1601
1602 $tmpname = tempnam("/tmp", "id17csr");
1603 $tmpfname_esc = escapeshellarg($tmpfname);
1604 $tmpname_esc = escapeshellarg($tmpname);
1605 $do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc");
1606 @unlink($tmpfname);
1607 $csr = "";
1608 $fp = fopen($tmpname, "r");
1609 while($data = fgets($fp, 4096))
1610 $csr .= $data;
1611 fclose($fp);
1612 @unlink($tmpname);
1613
1614 if($csr == "")
1615 {
1616 showheader(_("My CAcert.org Account!"));
1617 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1618 showfooter();
1619 exit;
1620 }
1621 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1622 $_SESSION['_config']['rootcert'] = 1;
1623
1624 $query = "insert into `orgemailcerts` set
1625 `CN`='$defaultemail',
1626 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1627 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1628 `orgid`='".intval($org['orgid'])."',
1629 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1630 `subject`='".mysql_real_escape_string($csrsubject)."',
1631 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1632 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1633 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1634 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1635 mysql_query($query);
1636 $emailid = mysql_insert_id();
1637
1638 foreach($_SESSION['_config']['domids'] as $addy)
1639 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1640
1641 $CSRname=generatecertpath("csr","orgclient",$emailid);
1642 $fp = fopen($CSRname, "w");
1643 fputs($fp, $csr);
1644 fclose($fp);
1645 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1646 }
1647 waitForResult("orgemailcerts", $emailid,$oldid);
1648 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1649 $res = mysql_query($query);
1650 if(mysql_num_rows($res) <= 0)
1651 {
1652 showheader(_("My CAcert.org Account!"));
1653 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1654 showfooter();
1655 exit;
1656 } else {
1657 $id = 19;
1658 $cert = $emailid;
1659 $_REQUEST['cert']=$emailid;
1660 }
1661 }
1662
1663 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1664 {
1665 csrf_check('clicerchange');
1666 showheader(_("My CAcert.org Account!"));
1667 if(is_array($_REQUEST['revokeid']))
1668 {
1669 $id = 18;
1670 echo _("Now renewing the following certificates:")."<br>\n";
1671 foreach($_REQUEST['revokeid'] as $id)
1672 {
1673 echo "Renewing certificate #$id ...\n<br/>";
1674 $id = intval($id);
1675 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1676 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1677 `org`.`orgid`=`orgemailcerts`.`orgid`";
1678 $res = mysql_query($query);
1679 if(mysql_num_rows($res) <= 0)
1680 {
1681 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1682 continue;
1683 }
1684
1685 $row = mysql_fetch_assoc($res);
1686
1687 if (($weakKey = checkWeakKeyX509(file_get_contents(
1688 $row['crt_name']))) !== "")
1689 {
1690 echo $weakKey, "<br/>\n";
1691 continue;
1692 }
1693
1694 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1695 if($row['revoke'] > 0)
1696 {
1697 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1698 continue;
1699 }
1700 $query = "insert into `orgemailcerts` set
1701 `orgid`='".intval($row['orgid'])."',
1702 `CN`='".mysql_real_escape_string($row['CN'])."',
1703 `ou`='".mysql_real_escape_string($row['ou'])."',
1704 `subject`='".mysql_real_escape_string($row['subject'])."',
1705 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1706 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1707 `created`='".mysql_real_escape_string($row['created'])."',
1708 `modified`=NOW(),
1709 `codesign`='".intval($row['codesign'])."',
1710 `rootcert`='".intval($row['rootcert'])."',
1711 `description`='".mysql_real_escape_string($row['description'])."'";
1712 mysql_query($query);
1713 $newid = mysql_insert_id();
1714 $newfile=generatecertpath("csr","orgclient",$newid);
1715 copy($row['csr_name'], $newfile);
1716 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1717 waitForResult("orgemailcerts", $newid,$oldid,0);
1718 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1719 $res = mysql_query($query);
1720 if(mysql_num_rows($res) > 0)
1721 {
1722 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1723 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1724 _("Click here")."</a> "._("to install your certificate.");
1725 }
1726 echo("<br/>");
1727 }
1728 }
1729 else
1730 {
1731 echo _("You did not select any certificates for renewal.");
1732 }
1733 showfooter();
1734 exit;
1735 }
1736
1737 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1738 {
1739 csrf_check('clicerchange');
1740 $id = 18;
1741 showheader(_("My CAcert.org Account!"));
1742 if(is_array($_REQUEST['revokeid']))
1743 {
1744 echo _("Now revoking the following certificates:")."<br>\n";
1745 foreach($_REQUEST['revokeid'] as $id)
1746 {
1747 $id = intval($id);
1748 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1749 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1750 `org`.`orgid`=`orgemailcerts`.`orgid`";
1751 $res = mysql_query($query);
1752 if(mysql_num_rows($res) <= 0)
1753 {
1754 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1755 continue;
1756 }
1757 $row = mysql_fetch_assoc($res);
1758 if($row['revoke'] > 0)
1759 {
1760 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1761 continue;
1762 }
1763 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1764 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1765 }
1766
1767 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1768 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1769 }
1770 else
1771 {
1772 echo _("You did not select any certificates for revocation.");
1773 }
1774
1775 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1776 {
1777 echo _("Now deleting the following pending requests:")."<br>\n";
1778 foreach($_REQUEST['delid'] as $id)
1779 {
1780 $id = intval($id);
1781 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1782 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1783 `org`.`orgid`=`orgemailcerts`.`orgid`";
1784 $res = mysql_query($query);
1785 if(mysql_num_rows($res) <= 0)
1786 {
1787 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1788 continue;
1789 }
1790 $row = mysql_fetch_assoc($res);
1791 if($row['expired'] > 0)
1792 {
1793 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1794 continue;
1795 }
1796 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1797 @unlink($row['csr_name']);
1798 @unlink($row['crt_name']);
1799 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1800 }
1801 }
1802 showfooter();
1803 exit;
1804 }
1805
1806 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1807 {
1808 showheader(_("My CAcert.org Account!"));
1809 foreach($_REQUEST as $id => $val)
1810 {
1811 if(substr($id,0,14)=="check_comment_")
1812 {
1813 $cid = intval(substr($id,14));
1814 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1815 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1816 }
1817 }
1818 echo(_("Certificate settings have been changed.")."<br/>\n");
1819 showfooter();
1820 exit;
1821 }
1822
1823 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1824 {
1825 $id=18;
1826 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1827 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1828 $_SESSION['_config']['status']=$_REQUEST['status'];
1829 }
1830
1831 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1832 {
1833 $id=18;
1834 $_SESSION['_config']['orgfilterid']=0;
1835 $_SESSION['_config']['sorting']=0;
1836 $_SESSION['_config']['status']=0;
1837 }
1838
1839 if($process != "" && $oldid == 20)
1840 {
1841 $CSR = clean_csr($_REQUEST['CSR']);
1842
1843 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1844 {
1845 $id = 20;
1846 showheader(_("My CAcert.org Account!"));
1847 echo $weakKey;
1848 showfooter();
1849 exit;
1850 }
1851
1852 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1853
1854 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1855 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1856 fputs($fp, $CSR);
1857 fclose($fp);
1858 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
1859 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
1860 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
1861 foreach($bits as $val)
1862 {
1863 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1864 }
1865 $id = 21;
1866
1867 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1868 extractit();
1869 getcn2();
1870 getalt2();
1871
1872 $query = "select * from `orginfo`,`org`,`orgdomains` where
1873 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1874 `org`.`orgid`=`orginfo`.`id` and
1875 `org`.`orgid`=`orgdomains`.`orgid` and
1876 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.CN'])."'";
1877 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1878 $query = "select * from `orginfo`,`org`,`orgdomains` where
1879 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1880 `org`.`orgid`=`orginfo`.`id` and
1881 `org`.`orgid`=`orgdomains`.`orgid` and
1882 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.subjectAltName'])."'";
1883 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1884 //echo "<pre>"; print_r($_SESSION['_config']); die;
1885
1886 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1887 {
1888 $id = 20;
1889 showheader(_("My CAcert.org Account!"));
1890 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1891 showfooter();
1892 exit;
1893 }
1894
1895 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1896 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1897 $_SESSION['_config']['rootcert'] = 1;
1898
1899 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1900 }
1901
1902 if($process != "" && $oldid == 21)
1903 {
1904 $id = 21;
1905
1906 if(!file_exists($_SESSION['_config']['tmpfname']))
1907 {
1908 showheader(_("My CAcert.org Account!"));
1909 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1910 showfooter();
1911 exit;
1912 }
1913
1914 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1915 $_SESSION['_config']['tmpfname']))) !== "")
1916 {
1917 showheader(_("My CAcert.org Account!"));
1918 echo $weakKey;
1919 showfooter();
1920 exit;
1921 }
1922
1923 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1924 {
1925 showheader(_("My CAcert.org Account!"));
1926 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1927 showfooter();
1928 exit;
1929 }
1930
1931 if($_SESSION['_config']['rowid']['0'] > 0)
1932 {
1933 $query = "select * from `org`,`orginfo` where
1934 `orginfo`.`id`='".intval($_SESSION['_config']['rowid']['0'])."' and
1935 `orginfo`.`id`=`org`.`orgid` and
1936 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1937 } else {
1938 $query = "select * from `org`,`orginfo` where
1939 `orginfo`.`id`='".intval($_SESSION['_config']['altid']['0'])."' and
1940 `orginfo`.`id`=`org`.`orgid` and
1941 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1942 }
1943 $org = mysql_fetch_assoc(mysql_query($query));
1944 $csrsubject = "";
1945
1946 if($_SESSION['_config']['OU'])
1947 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1948 if($org['O'])
1949 $csrsubject .= "/organizationName=".$org['O'];
1950 if($org['L'])
1951 $csrsubject .= "/localityName=".$org['L'];
1952 if($org['ST'])
1953 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1954 if($org['C'])
1955 $csrsubject .= "/countryName=".$org['C'];
1956 //if($org['contact'])
1957 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1958
1959 $csrsubject .= buildSubjectFromSession();
1960
1961 $type="";
1962 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1963 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1964 $_SESSION['_config']['rootcert'] = 1;
1965
1966 if($_SESSION['_config']['rowid']['0'] > 0)
1967 {
1968 $query = "insert into `orgdomaincerts` set
1969 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
1970 `orgid`='".intval($org['id'])."',
1971 `created`=NOW(),
1972 `subject`='".mysql_real_escape_string($csrsubject)."',
1973 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1974 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1975 `type`='".$type."',
1976 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1977 } else {
1978 $query = "insert into `orgdomaincerts` set
1979 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
1980 `orgid`='".intval($org['id'])."',
1981 `created`=NOW(),
1982 `subject`='".mysql_real_escape_string($csrsubject)."',
1983 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1984 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1985 `type`='".$type."',
1986 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1987 }
1988 mysql_query($query);
1989 $CSRid = mysql_insert_id();
1990
1991 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1992 rename($_SESSION['_config']['tmpfname'], $CSRname);
1993 chmod($CSRname,0644);
1994 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1995 if(is_array($_SESSION['_config']['rowid']))
1996 foreach($_SESSION['_config']['rowid'] as $id)
1997 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
1998 if(is_array($_SESSION['_config']['altid']))
1999 foreach($_SESSION['_config']['altid'] as $id)
2000 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
2001 waitForResult("orgdomaincerts", $CSRid,$oldid);
2002 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2003 $res = mysql_query($query);
2004 if(mysql_num_rows($res) <= 0)
2005 {
2006 showheader(_("My CAcert.org Account!"));
2007 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2008 showfooter();
2009 exit;
2010 } else {
2011 $id = 23;
2012 $cert = $CSRid;
2013 $_REQUEST['cert']=$CSRid;
2014 }
2015 }
2016
2017 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2018 {
2019 csrf_check('orgsrvcerchange');
2020 showheader(_("My CAcert.org Account!"));
2021 if(is_array($_REQUEST['revokeid']))
2022 {
2023 echo _("Now renewing the following certificates:")."<br>\n";
2024 foreach($_REQUEST['revokeid'] as $id)
2025 {
2026 $id = intval($id);
2027 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2028 `orgdomaincerts`,`org`
2029 where `orgdomaincerts`.`id`='$id' and
2030 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2031 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2032 $res = mysql_query($query);
2033 if(mysql_num_rows($res) <= 0)
2034 {
2035 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2036 continue;
2037 }
2038
2039 $row = mysql_fetch_assoc($res);
2040
2041 if (($weakKey = checkWeakKeyX509(file_get_contents(
2042 $row['crt_name']))) !== "")
2043 {
2044 echo $weakKey, "<br/>\n";
2045 continue;
2046 }
2047
2048 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2049 if($row['revoke'] > 0)
2050 {
2051 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2052 continue;
2053 }
2054 $query = "insert into `orgdomaincerts` set
2055 `orgid`='".intval($row['orgid'])."',
2056 `CN`='".mysql_real_escape_string($row['CN'])."',
2057 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
2058 `created`='".mysql_real_escape_string($row['created'])."',
2059 `modified`=NOW(),
2060 `subject`='".mysql_real_escape_string($row['subject'])."',
2061 `type`='".intval($row['type'])."',
2062 `rootcert`='".intval($row['rootcert'])."',
2063 `description`='".mysql_real_escape_string($row['description'])."'";
2064 mysql_query($query);
2065 $newid = mysql_insert_id();
2066 //echo "NewID: $newid<br/>\n";
2067 $newfile=generatecertpath("csr","orgserver",$newid);
2068 copy($row['csr_name'], $newfile);
2069 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2070 echo _("Renewing").": ".$row['CN']."<br>\n";
2071 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2072 while($r2 = mysql_fetch_assoc($res))
2073 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($r2['orgdomid'])."', `orgcertid`='$newid'");
2074 waitForResult("orgdomaincerts", $newid,$oldid,0);
2075 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2076 $res = mysql_query($query);
2077 if(mysql_num_rows($res) <= 0)
2078 {
2079 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2080 } else {
2081 $drow = mysql_fetch_assoc($res);
2082 $crtname = escapeshellarg($drow['crt_name']);
2083 $cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
2084 echo "<pre>\n$cert\n</pre>\n";
2085 }
2086 }
2087 }
2088 else
2089 {
2090 echo _("You did not select any certificates for renewal.");
2091 }
2092 showfooter();
2093 exit;
2094 }
2095
2096 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2097 {
2098 csrf_check('orgsrvcerchange');
2099 showheader(_("My CAcert.org Account!"));
2100 if(is_array($_REQUEST['revokeid']))
2101 {
2102 echo _("Now revoking the following certificates:")."<br>\n";
2103 foreach($_REQUEST['revokeid'] as $id)
2104 {
2105 $id = intval($id);
2106 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2107 `orgdomaincerts`,`org`
2108 where `orgdomaincerts`.`id`='$id' and
2109 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2110 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2111 $res = mysql_query($query);
2112 if(mysql_num_rows($res) <= 0)
2113 {
2114 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2115 continue;
2116 }
2117 $row = mysql_fetch_assoc($res);
2118 if($row['revoke'] > 0)
2119 {
2120 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2121 continue;
2122 }
2123 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2124 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
2125 }
2126
2127 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
2128 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
2129 }
2130 else
2131 {
2132 echo _("You did not select any certificates for revocation.");
2133 }
2134
2135 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2136 {
2137 echo _("Now deleting the following pending requests:")."<br>\n";
2138 foreach($_REQUEST['delid'] as $id)
2139 {
2140 $id = intval($id);
2141 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2142 `orgdomaincerts`,`org`
2143 where `orgdomaincerts`.`id`='$id' and
2144 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2145 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2146 $res = mysql_query($query);
2147 if(mysql_num_rows($res) <= 0)
2148 {
2149 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2150 continue;
2151 }
2152 $row = mysql_fetch_assoc($res);
2153 if($row['expired'] > 0)
2154 {
2155 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2156 continue;
2157 }
2158 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2159 @unlink($row['csr_name']);
2160 @unlink($row['crt_name']);
2161 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2162 }
2163 }
2164 showfooter();
2165 exit;
2166 }
2167
2168 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2169 {
2170 showheader(_("My CAcert.org Account!"));
2171 foreach($_REQUEST as $id => $val)
2172 {
2173 if(substr($id,0,14)=="check_comment_")
2174 {
2175 $cid = intval(substr($id,14));
2176 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2177 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2178 }
2179 }
2180 echo(_("Certificate settings have been changed.")."<br/>\n");
2181 showfooter();
2182 exit;
2183 }
2184
2185 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2186 {
2187 $id=22;
2188 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2189 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2190 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2191 }
2192
2193 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2194 {
2195 $id=22;
2196 $_SESSION['_config']['dorgfilterid']=0;
2197 $_SESSION['_config']['dsorting']=0;
2198 $_SESSION['_config']['dstatus']=0;
2199 }
2200
2201
2202 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2203 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2204 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2205 $_SESSION['profile']['orgadmin'] != 1)
2206 {
2207 showheader(_("My CAcert.org Account!"));
2208 echo _("You don't have access to this area.");
2209 showfooter();
2210 exit;
2211 }
2212
2213 if($oldid == 24 && $process != "")
2214 {
2215 $id = intval($oldid);
2216 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2217 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2218 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2219 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2220 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2221 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2222
2223 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2224 {
2225 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2226 } else {
2227 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2228 `contact`='".$_SESSION['_config']['contact']."',
2229 `L`='".$_SESSION['_config']['L']."',
2230 `ST`='".$_SESSION['_config']['ST']."',
2231 `C`='".$_SESSION['_config']['C']."',
2232 `comments`='".$_SESSION['_config']['comments']."'");
2233 showheader(_("My CAcert.org Account!"));
2234 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2235 showfooter();
2236 exit;
2237 }
2238 }
2239
2240 if($oldid == 27 && $process != "")
2241 {
2242 csrf_check('orgdetchange');
2243 $id = intval($oldid);
2244 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2245 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2246 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2247 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2248 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2249 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2250
2251 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2252 {
2253 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2254 } else {
2255 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2256 `contact`='".$_SESSION['_config']['contact']."',
2257 `L`='".$_SESSION['_config']['L']."',
2258 `ST`='".$_SESSION['_config']['ST']."',
2259 `C`='".$_SESSION['_config']['C']."',
2260 `comments`='".$_SESSION['_config']['comments']."'
2261 where `id`='".intval($_SESSION['_config']['orgid'])."'");
2262 showheader(_("My CAcert.org Account!"));
2263 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2264 showfooter();
2265 exit;
2266 }
2267 }
2268
2269 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2270 {
2271 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2272 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2273 if(mysql_num_rows($res1) > 0)
2274 {
2275 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2276 $id = $oldid;
2277 $oldid=0;
2278 }
2279 }
2280
2281 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2282 {
2283 $oldid=0;
2284 $id = 25;
2285 }
2286
2287 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2288 {
2289 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2290 showheader(_("My CAcert.org Account!"));
2291 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2292 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2293 showfooter();
2294 exit;
2295 }
2296
2297 if($oldid == 29 && $process != "")
2298 {
2299 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2300
2301 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2302 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2303 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2304 {
2305 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2306 $id = $oldid;
2307 $oldid=0;
2308 }
2309 }
2310
2311 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2312 {
2313 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2314 `orgdomlink