Merge branch 'bug-1276' into release
[cacert-devel.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 /**
26 * Build a subject string as needed by the signer
27 *
28 * @param array(string) $domains
29 * First domain is used as CN and repeated in subjectAltName. Duplicates
30 * should already been removed
31 *
32 * @param bool $include_xmpp_addr
33 * [default: true] Whether to include the XmppAddr in the subjectAltName.
34 * This is needed if the Jabber server is jabber.example.com but a Jabber ID
35 * on that server would be alice@example.com
36 *
37 * @return string
38 */
39 function buildSubject(array $domains, $include_xmpp_addr = true) {
40 $subject = "/CN=${domains[0]}";
41
42 foreach ($domains as $domain) {
43 $subject .= "/subjectAltName=DNS:$domain";
44
45 if ($include_xmpp_addr) {
46 $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$domain";
47 }
48 }
49
50 return $subject;
51 }
52
53 /**
54 * Builds the subject string from the session variables
55 * $_SESSION['_config']['rows'] and $_SESSION['_config']['altrows']
56 *
57 * @return string
58 */
59 function buildSubjectFromSession() {
60 $domains = array();
61
62 if (is_array($_SESSION['_config']['rows'])) {
63 $domains = array_merge($domains, $_SESSION['_config']['rows']);
64 }
65
66 if (is_array($_SESSION['_config']['altrows']))
67 foreach ($_SESSION['_config']['altrows'] as $row) {
68 if (substr($row, 0, 4) === "DNS:") {
69 $domains[] = substr($row, 4);
70 }
71 }
72
73 return buildSubject(array_unique($domains));
74 }
75
76 $id = array_key_exists("id",$_REQUEST) ? intval($_REQUEST['id']) : 0;
77 $oldid = array_key_exists("oldid",$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
78 $process = array_key_exists("process",$_REQUEST) ? $_REQUEST['process'] : "";
79 // $showdetalis refers to Secret Question and Answers from account/13.php
80 $showdetails = array_key_exists("showdetails",$_REQUEST) ? intval($_REQUEST['showdetails']) : 0;
81
82 $cert = array_key_exists('cert',$_REQUEST) ? intval($_REQUEST['cert']) : 0;
83 $orgid = array_key_exists('orgid',$_REQUEST) ? intval($_REQUEST['orgid']) : 0;
84 $memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
85 $domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
86
87 $actionrequest = array_key_exists('action',$_REQUEST) ? $_REQUEST['action'] : "";
88
89 $ticketno = array_key_exists('ticketno',$_REQUEST) ? $_REQUEST['ticketno'] : "";
90 $ticketvalidation = FALSE;
91
92
93 if(!$_SESSION['mconn'])
94 {
95 echo _("Several CAcert Services are currently unavailable. Please try again later.");
96 exit;
97 }
98
99 if ($process == _("Cancel"))
100 {
101 // General reset CANCEL process requests
102 $process = "";
103 }
104
105
106 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
107 {
108 $id = 1;
109 $oldid=0;
110 }
111
112 if($process != "" && $oldid == 1)
113 {
114 $id = 1;
115 csrf_check('addemail');
116 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
117 {
118 showheader(_("My CAcert.org Account!"));
119 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
120 showfooter();
121 exit;
122 }
123 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
124 {
125 showheader(_("My CAcert.org Account!"));
126 printf(_("Not a valid email address. Can't continue."));
127 showfooter();
128 exit;
129 }
130 $oldid=0;
131 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
132 if(check_email_exists($_REQUEST['email'])==true)
133 {
134 showheader(_("My CAcert.org Account!"));
135 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
136 showfooter();
137 exit;
138 }
139 $checkemail = checkEmail($_REQUEST['newemail']);
140 if($checkemail != "OK")
141 {
142 showheader(_("My CAcert.org Account!"));
143 if (substr($checkemail, 0, 1) == "4")
144 {
145 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
146 } else {
147 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
148 }
149 echo "<p>$checkemail</p>\n";
150 showfooter();
151 exit;
152 }
153 $hash = make_hash();
154 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
155 mysql_query($query);
156 $emailid = mysql_insert_id();
157
158 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
159 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
160 $body .= _("Best regards")."\n"._("CAcert.org Support!");
161
162 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
163
164 showheader(_("My CAcert.org Account!"));
165 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
166 showfooter();
167 exit;
168 }
169
170 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
171 {
172 $id = 2;
173 $emailid = intval($_REQUEST['emailid']);
174 $query = "select * from `email` where `id`='$emailid' and `memid`='".intval($_SESSION['profile']['id'])."' and `hash` = '' and `deleted`=0";
175 $res = mysql_query($query);
176 if(mysql_num_rows($res) <= 0)
177 {
178 showheader(_("Error!"));
179 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
180 showfooter();
181 exit;
182 }
183 $row = mysql_fetch_assoc($res);
184 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
185 $body .= _("You are receiving this email because you or someone else ".
186 "has changed the default email on your account.")."\n\n";
187
188 $body .= _("Best regards")."\n"._("CAcert.org Support!");
189
190 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
191 "support@cacert.org", "", "", "CAcert Support");
192
193 $_SESSION['profile']['email'] = $row['email'];
194 $query = "update `users` set `email`='".mysql_real_escape_string($row['email'])."' where `id`='".intval($_SESSION['profile']['id'])."'";
195 mysql_query($query);
196 showheader(_("My CAcert.org Account!"));
197 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
198 showfooter();
199 exit;
200 }
201
202 if($process != "" && $oldid == 2)
203 {
204 $id = 2;
205 csrf_check("chgdef");
206 showheader(_("My CAcert.org Account!"));
207 $delcount = 0;
208 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
209 {
210 $deltitle=false;
211 foreach($_REQUEST['delid'] as $id)
212 {
213 if (!$deltitle) {
214 echo _('The following email addresses have been removed:')."<br>\n";
215 $deltitle=true;
216 }
217 $id = intval($id);
218 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
219 `email`!='".mysql_real_escape_string($_SESSION['profile']['email'])."'";
220 $res = mysql_query($query);
221 if(mysql_num_rows($res) > 0)
222 {
223 $row = mysql_fetch_assoc($res);
224 echo $row['email']."<br>\n";
225 account_email_delete($row['id']);
226 $delcount++;
227 }
228 }
229 }
230 else
231 {
232 echo _("You did not select any email accounts for removal.");
233 }
234 if(0 == $delcount)
235 {
236 echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
237 }
238
239 showfooter();
240 exit;
241 }
242
243 if($process != "" && $oldid == 3)
244 {
245 if(!array_key_exists('CCA',$_REQUEST))
246 {
247 showheader(_("My CAcert.org Account!"));
248 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
249 showfooter();
250 exit;
251 }
252
253 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
254 {
255 showheader(_("My CAcert.org Account!"));
256 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
257 showfooter();
258 exit;
259 }
260
261 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
262
263 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
264 if($_SESSION['profile']['points'] >= 50)
265 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
266 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
267 {
268 $_REQUEST['codesign'] = 0;
269 }
270 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
271 {
272 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
273 $_SESSION['_config']['incname'] = 1;
274 }
275 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
276 $_SESSION['_config']['codesign'] = 1;
277 else
278 $_SESSION['_config']['codesign'] = 0;
279
280 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
281 $_SESSION['_config']['disablelogin'] = 0;
282 else
283 $_SESSION['_config']['disablelogin'] = 1;
284
285 $_SESSION['_config']['rootcert'] = 1;
286 if($_SESSION['profile']['points'] >= 50)
287 {
288 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
289 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
290 $_SESSION['_config']['rootcert'] = 1;
291 }
292
293 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
294
295 $csr = "";
296 if(trim($_REQUEST['optionalCSR']) == "")
297 {
298 $id = 4;
299 } else {
300 $oldid = 4;
301 $_REQUEST['keytype'] = "MS";
302 $csr = clean_csr($_REQUEST['optionalCSR']);
303 }
304
305 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
306 }
307
308 if($oldid == 4)
309 {
310 if($_REQUEST['keytype'] == "NS")
311 {
312 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
313
314 if($spkac=="" || $spkac == "deadbeef")
315 {
316 $id = 4;
317 showheader(_("My CAcert.org Account!"));
318 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
319 showfooter();
320 exit;
321 }
322 $count = 0;
323 $emails = "";
324 $addys = array();
325 $defaultemail="";
326 if(is_array($_SESSION['_config']['addid']))
327 foreach($_SESSION['_config']['addid'] as $id)
328 {
329 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
330 if(mysql_num_rows($res) > 0)
331 {
332 $row = mysql_fetch_assoc($res);
333 if(!$emails)
334 $defaultemail = $row['email'];
335 $emails .= "$count.emailAddress = ".$row['email']."\n";
336 $count++;
337 $addys[] = intval($row['id']);
338 }
339 }
340 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
341 {
342 $id = 4;
343 showheader(_("My CAcert.org Account!"));
344 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
345 showfooter();
346 exit;
347 }
348 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
349 if($_SESSION['_config']['SSO'] == 1)
350 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
351
352 if(strlen($user['mname']) == 1)
353 $user['mname'] .= '.';
354 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
355 {
356 $emails .= "commonName = CAcert WoT User\n";
357 }
358 else
359 {
360 if($_SESSION['_config']['incname'] == 1)
361 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
362 if($_SESSION['_config']['incname'] == 2)
363 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
364 if($_SESSION['_config']['incname'] == 3)
365 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
366 if($_SESSION['_config']['incname'] == 4)
367 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
368 }
369 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
370 $_SESSION['_config']['rootcert'] = 1;
371
372 $emails .= "SPKAC = $spkac";
373 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
374 {
375 $id = 4;
376 showheader(_("My CAcert.org Account!"));
377 echo $weakKey;
378 showfooter();
379 exit;
380 }
381
382 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
383
384 $query = "insert into emailcerts set
385 `CN`='$defaultemail',
386 `keytype`='NS',
387 `memid`='".intval($_SESSION['profile']['id'])."',
388 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
389 `codesign`='".intval($_SESSION['_config']['codesign'])."',
390 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
391 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
392 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
393 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
394 mysql_query($query);
395 $emailid = mysql_insert_id();
396 if(is_array($addys))
397 foreach($addys as $addy)
398 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
399 $CSRname=generatecertpath("csr","client",$emailid);
400 $fp = fopen($CSRname, "w");
401 fputs($fp, $emails);
402 fclose($fp);
403 $challenge=$_SESSION['spkac_hash'];
404 $CSRname_esc = escapeshellarg($CSRname);
405 $res=`openssl spkac -verify -in $CSRname_esc`;
406 if(!strstr($res,"Challenge String: ".$challenge))
407 {
408 $id = $oldid;
409 showheader(_("My CAcert.org Account!"));
410 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
411 showfooter();
412 exit;
413 }
414 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
415 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
416 if($csr == "")
417 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
418
419 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
420 {
421 $id = 4;
422 showheader(_("My CAcert.org Account!"));
423 echo $weakKey;
424 showfooter();
425 exit;
426 }
427
428 $tmpfname = tempnam("/tmp", "id4CSR");
429 $fp = fopen($tmpfname, "w");
430 fputs($fp, $csr);
431 fclose($fp);
432
433 $addys = array();
434 $defaultemail = "";
435 $csrsubject="";
436
437 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
438 if(strlen($user['mname']) == 1)
439 $user['mname'] .= '.';
440 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
441 $csrsubject = "/CN=CAcert WoT User";
442 if($_SESSION['_config']['incname'] == 1)
443 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
444 if($_SESSION['_config']['incname'] == 2)
445 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
446 if($_SESSION['_config']['incname'] == 3)
447 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
448 if($_SESSION['_config']['incname'] == 4)
449 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
450 if(is_array($_SESSION['_config']['addid']))
451 foreach($_SESSION['_config']['addid'] as $id)
452 {
453 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
454 if(mysql_num_rows($res) > 0)
455 {
456 $row = mysql_fetch_assoc($res);
457 if($defaultemail == "")
458 $defaultemail = $row['email'];
459 $csrsubject .= "/emailAddress=".$row['email'];
460 $addys[] = $row['id'];
461 }
462 }
463 if($_SESSION['_config']['SSO'] == 1)
464 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
465
466 $tmpname = tempnam("/tmp", "id4csr");
467 $tmpfname_esc = escapeshellarg($tmpfname);
468 $tmpname_esc = escapeshellarg($tmpname);
469 $do = `/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc`; // -subj "$csr"`;
470 @unlink($tmpfname);
471 $csr = "";
472 $fp = fopen($tmpname, "r");
473 while($data = fgets($fp, 4096))
474 $csr .= $data;
475 fclose($fp);
476 @unlink($tmpname);
477 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
478 $_SESSION['_config']['rootcert'] = 1;
479
480 if($csr == "")
481 {
482 $id = 4;
483 showheader(_("My CAcert.org Account!"));
484 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
485 showfooter();
486 exit;
487 }
488 $query = "insert into emailcerts set
489 `CN`='$defaultemail',
490 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
491 `memid`='".intval($_SESSION['profile']['id'])."',
492 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
493 `subject`='".mysql_real_escape_string($csrsubject)."',
494 `codesign`='".intval($_SESSION['_config']['codesign'])."',
495 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
496 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
497 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
498 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
499 mysql_query($query);
500 $emailid = mysql_insert_id();
501 if(is_array($addys))
502 foreach($addys as $addy)
503 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
504 $CSRname=generatecertpath("csr","client",$emailid);
505 $fp = fopen($CSRname, "w");
506 fputs($fp, $csr);
507 fclose($fp);
508 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
509 }
510 waitForResult("emailcerts", $emailid, 4);
511 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
512 $res = mysql_query($query);
513 if(mysql_num_rows($res) <= 0)
514 {
515 $id = 4;
516 showheader(_("My CAcert.org Account!"));
517 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
518 showfooter();
519 exit;
520 } else {
521 $id = 6;
522 $cert = $emailid;
523 $_REQUEST['cert']=$emailid;
524 }
525 }
526
527 if($oldid == 7)
528 {
529 csrf_check("adddomain");
530 if(strstr($_REQUEST['newdomain'],"\x00"))
531 {
532 showheader(_("My CAcert.org Account!"));
533 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
534 showfooter();
535 exit;
536 }
537
538 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
539 while($newdomain['0'] == '-')
540 $newdomain = substr($newdomain, 1);
541 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
542 {
543 showheader(_("My CAcert.org Account!"));
544 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
545 showfooter();
546 exit;
547 }
548
549 $newdom = trim(escapeshellarg($newdomain));
550 $newdomain = mysql_real_escape_string(trim($newdomain));
551
552 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
553 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
554 $res2 = mysql_query($query);
555 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
556 {
557 $oldid=0;
558 $id = 7;
559 showheader(_("My CAcert.org Account!"));
560 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
561 showfooter();
562 exit;
563 }
564 }
565
566 if($oldid == 7)
567 {
568 $oldid=0;
569 $id = 8;
570 $addy = array();
571 $adds = array();
572 if(strtolower(substr($newdom, -4, 3)) != ".jp")
573 $adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
574 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
575 {
576 if(is_array($adds))
577 foreach($adds as $line)
578 {
579 $bits = explode(":", $line, 2);
580 $line = trim($bits[1]);
581 if(!in_array($line, $addy) && $line != "")
582 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
583 }
584 } else {
585 if(is_array($adds))
586 foreach($adds as $line)
587 {
588 $line = trim(str_replace("\t", " ", $line));
589 $line = trim(str_replace("(", "", $line));
590 $line = trim(str_replace(")", " ", $line));
591 $line = trim(str_replace(":", " ", $line));
592
593 $bits = explode(" ", $line);
594 foreach($bits as $bit)
595 {
596 if(strstr($bit, "@"))
597 $line = $bit;
598 }
599 if(!in_array($line, $addy) && $line != "")
600 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
601 }
602 }
603
604 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
605 foreach($rfc as $sub)
606 if(!in_array($sub, $addy))
607 $addy[] = $sub;
608 $_SESSION['_config']['addy'] = $addy;
609 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
610 }
611
612 if($process != "" && $oldid == 8)
613 {
614 csrf_check('ctcinfo');
615 $oldid=0;
616 $id = 8;
617
618 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
619
620 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
621 {
622 showheader(_("My CAcert.org Account!"));
623 echo _("The address you submitted isn't a valid authority address for the domain.");
624 showfooter();
625 exit;
626 }
627
628 if(!in_array($authaddy, $_SESSION['_config']['addy']))
629 {
630 showheader(_("My CAcert.org Account!"));
631 echo _("The address you submitted isn't a valid authority address for the domain.");
632 showfooter();
633 exit;
634 }
635
636 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
637 $res = mysql_query($query);
638 if(mysql_num_rows($res) > 0)
639 {
640 showheader(_("My CAcert.org Account!"));
641 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
642 showfooter();
643 exit;
644 }
645 $checkemail = checkEmail($authaddy);
646 if($checkemail != "OK")
647 {
648 showheader(_("My CAcert.org Account!"));
649 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
650 if (substr($checkemail, 0, 1) == "4")
651 {
652 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
653 } else {
654 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
655 }
656 echo "<p>$checkemail</p>\n";
657 showfooter();
658 exit;
659 }
660
661 $hash = make_hash();
662 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
663 `memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
664 mysql_query($query);
665 $domainid = mysql_insert_id();
666
667 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
668 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
669 $body .= _("Best regards")."\n"._("CAcert.org Support!");
670
671 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
672
673 showheader(_("My CAcert.org Account!"));
674 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
675 showfooter();
676 exit;
677 }
678
679 if($process != "" && $oldid == 9)
680 {
681 $id = 9;
682 showheader(_("My CAcert.org Account!"));
683 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
684 {
685 echo _("The following domains have been removed:")."<br>
686 ("._("Any valid certificates will be revoked as well").")<br>\n";
687
688 foreach($_REQUEST['delid'] as $id)
689 {
690 $id = intval($id);
691 $query = "select * from `domains` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
692 $res = mysql_query($query);
693 if(mysql_num_rows($res) > 0)
694 {
695 $row = mysql_fetch_assoc($res);
696 echo $row['domain']."<br>\n";
697 account_domain_delete($row['id']);
698 }
699
700 }
701 }
702 else
703 {
704 echo _("You did not select any domains for removal.");
705 }
706
707 showfooter();
708 exit;
709 }
710
711 if($process != "" && $oldid == 10)
712 {
713 if(!array_key_exists('CCA',$_REQUEST))
714 {
715 showheader(_("My CAcert.org Account!"));
716 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
717 showfooter();
718 exit;
719 }
720
721 $CSR = clean_csr($_REQUEST['CSR']);
722 if(strpos($CSR,"---BEGIN")===FALSE)
723 {
724 // In case the CSR is missing the ---BEGIN lines, add them automatically:
725 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
726 }
727
728 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
729 {
730 showheader(_("My CAcert.org Account!"));
731 echo $weakKey;
732 showfooter();
733 exit;
734 }
735
736 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
737
738 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
739 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
740 fputs($fp, $CSR);
741 fclose($fp);
742 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
743 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep "Subject:"`);
744 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
745 foreach($bits as $val)
746 {
747 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
748 }
749 $id = 11;
750
751 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
752 extractit();
753 getcn();
754 getalt();
755
756 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
757 {
758 showheader(_("My CAcert.org Account!"));
759 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
760 showfooter();
761 exit;
762 }
763
764 $_SESSION['_config']['rootcert'] = 1;
765 if($_SESSION['profile']['points'] >= 50)
766 {
767 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
768 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
769 $_SESSION['_config']['rootcert'] = 1;
770 }
771
772 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
773 }
774
775 if($process != "" && $oldid == 11)
776 {
777 if(!file_exists($_SESSION['_config']['tmpfname']))
778 {
779 showheader(_("My CAcert.org Account!"));
780 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
781 showfooter();
782 exit;
783 }
784
785 if (($weakKey = checkWeakKeyCSR(file_get_contents(
786 $_SESSION['_config']['tmpfname']))) !== "")
787 {
788 showheader(_("My CAcert.org Account!"));
789 echo $weakKey;
790 showfooter();
791 exit;
792 }
793
794 $id = 11;
795 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
796 {
797 showheader(_("My CAcert.org Account!"));
798 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
799 showfooter();
800 exit;
801 }
802
803 $subject = buildSubjectFromSession();
804
805 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
806 $_SESSION['_config']['rootcert'] = 1;
807
808 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
809
810 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
811 {
812 $query = "insert into `domaincerts` set
813 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
814 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
815 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
816 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
817 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
818 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
819 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
820 $query = "insert into `domaincerts` set
821 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
822 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
823 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
824 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
825 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
826 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
827 } else {
828 showheader(_("My CAcert.org Account!"));
829 echo _("Domain not verified.");
830 showfooter();
831 exit;
832 }
833
834 mysql_query($query);
835 $CSRid = mysql_insert_id();
836
837 if(is_array($_SESSION['_config']['rowid']))
838 foreach($_SESSION['_config']['rowid'] as $dom)
839 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
840 if(is_array($_SESSION['_config']['altid']))
841 foreach($_SESSION['_config']['altid'] as $dom)
842 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
843
844 $CSRname=generatecertpath("csr","server",$CSRid);
845 rename($_SESSION['_config']['tmpfname'], $CSRname);
846 chmod($CSRname,0644);
847 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
848 waitForResult("domaincerts", $CSRid, 11);
849 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
850 $res = mysql_query($query);
851 if(mysql_num_rows($res) <= 0)
852 {
853 $id = 11;
854 showheader(_("My CAcert.org Account!"));
855 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
856 showfooter();
857 exit;
858 } else {
859 $id = 15;
860 $cert = $CSRid;
861 $_REQUEST['cert']=$CSRid;
862 }
863 }
864
865 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
866 {
867 csrf_check('srvcerchange');
868 $id = 12;
869 showheader(_("My CAcert.org Account!"));
870 if(is_array($_REQUEST['revokeid']))
871 {
872 echo _("Now renewing the following certificates:")."<br>\n";
873 foreach($_REQUEST['revokeid'] as $id)
874 {
875 $id = intval($id);
876 echo _("Processing request")." $id:<br/>";
877 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
878 where `domaincerts`.`id`='$id' and
879 `domaincerts`.`domid`=`domains`.`id` and
880 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
881 $res = mysql_query($query);
882 if(mysql_num_rows($res) <= 0)
883 {
884 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
885 continue;
886 }
887
888 $row = mysql_fetch_assoc($res);
889
890 if (($weakKey = checkWeakKeyX509(file_get_contents(
891 $row['crt_name']))) !== "")
892 {
893 echo $weakKey, "<br/>\n";
894 continue;
895 }
896
897 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
898 $query = "insert into `domaincerts` set
899 `domid`='".intval($row['domid'])."',
900 `CN`='".mysql_real_escape_string($row['CN'])."',
901 `subject`='".mysql_real_escape_string($row['subject'])."',".
902 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
903 "`created`='".mysql_real_escape_string($row['created'])."',
904 `modified`=NOW(),
905 `rootcert`='".intval($row['rootcert'])."',
906 `type`='".intval($row['type'])."',
907 `pkhash`='".mysql_real_escape_string($row['pkhash'])."',
908 `description`='".mysql_real_escape_string($row['description'])."'";
909 mysql_query($query);
910 $newid = mysql_insert_id();
911 $newfile=generatecertpath("csr","server",$newid);
912 copy($row['csr_name'], $newfile);
913 $newfile_esc = escapeshellarg($newfile);
914 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d "\\0"|grep "Subject:"`);
915 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
916 foreach($bits as $val)
917 {
918 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
919 }
920 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
921 extractit();
922 getcn();
923 getalt();
924
925 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
926 {
927 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
928 continue;
929 }
930
931 $subject = buildSubjectFromSession();
932 $subject = mysql_real_escape_string($subject);
933 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
934
935 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
936 waitForResult("domaincerts", $newid,$oldid,0);
937 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
938 $res = mysql_query($query);
939 if(mysql_num_rows($res) <= 0)
940 {
941 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
942 } else {
943 $drow = mysql_fetch_assoc($res);
944 $crt_name = escapeshellarg($drow['crt_name']);
945 $cert = `/usr/bin/openssl x509 -in $crt_name`;
946 echo "<pre>\n$cert\n</pre>\n";
947 }
948 }
949 }
950 else
951 {
952 echo _("You did not select any certificates for renewal.");
953 }
954
955 showfooter();
956 exit;
957 }
958
959 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
960 {
961 csrf_check('srvcerchange');
962 $id = 12;
963 showheader(_("My CAcert.org Account!"));
964 if(is_array($_REQUEST['revokeid']))
965 {
966 echo _("Now revoking the following certificates:")."<br>\n";
967 foreach($_REQUEST['revokeid'] as $id)
968 {
969 $id = intval($id);
970 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
971 where `domaincerts`.`id`='$id' and
972 `domaincerts`.`domid`=`domains`.`id` and
973 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
974 $res = mysql_query($query);
975 if(mysql_num_rows($res) <= 0)
976 {
977 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
978 continue;
979 }
980 $row = mysql_fetch_assoc($res);
981 if($row['revoke'] > 0)
982 {
983 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
984 continue;
985 }
986 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
987 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
988 }
989
990 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
991 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
992
993 }
994 else
995 {
996 echo _("You did not select any certificates for revocation.");
997 }
998
999 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1000 {
1001 echo _("Now deleting the following pending requests:")."<br>\n";
1002 foreach($_REQUEST['delid'] as $id)
1003 {
1004 $id = intval($id);
1005 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
1006 where `domaincerts`.`id`='$id' and
1007 `domaincerts`.`domid`=`domains`.`id` and
1008 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
1009 $res = mysql_query($query);
1010 if(mysql_num_rows($res) <= 0)
1011 {
1012 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1013 continue;
1014 }
1015 $row = mysql_fetch_assoc($res);
1016 if($row['expired'] > 0)
1017 {
1018 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1019 continue;
1020 }
1021 mysql_query("delete from `domaincerts` where `id`='$id'");
1022 @unlink($row['csr_name']);
1023 @unlink($row['crt_name']);
1024 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1025 }
1026 }
1027 showfooter();
1028 exit;
1029 }
1030
1031 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1032 {
1033 showheader(_("My CAcert.org Account!"));
1034 foreach($_REQUEST as $id => $val)
1035 {
1036 if(substr($id,0,14)=="check_comment_")
1037 {
1038 $cid = intval(substr($id,14));
1039 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1040 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1041 }
1042 }
1043 echo(_("Certificate settings have been changed.")."<br/>\n");
1044 showfooter();
1045 exit;
1046 }
1047
1048
1049 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1050 {
1051 showheader(_("My CAcert.org Account!"));
1052 if(is_array($_REQUEST['revokeid']))
1053 {
1054 echo _("Now renewing the following certificates:")."<br>\n";
1055 foreach($_REQUEST['revokeid'] as $id)
1056 {
1057 $id = intval($id);
1058 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1059 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1060 $res = mysql_query($query);
1061 if(mysql_num_rows($res) <= 0)
1062 {
1063 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1064 continue;
1065 }
1066
1067 $row = mysql_fetch_assoc($res);
1068
1069 if (($weakKey = checkWeakKeyX509(file_get_contents(
1070 $row['crt_name']))) !== "")
1071 {
1072 echo $weakKey, "<br/>\n";
1073 continue;
1074 }
1075
1076 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1077 $query = "insert into emailcerts set
1078 `memid`='".intval($row['memid'])."',
1079 `CN`='".mysql_real_escape_string($row['CN'])."',
1080 `subject`='".mysql_real_escape_string($row['subject'])."',
1081 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1082 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1083 `created`='".mysql_real_escape_string($row['created'])."',
1084 `modified`=NOW(),
1085 `disablelogin`='".intval($row['disablelogin'])."',
1086 `codesign`='".intval($row['codesign'])."',
1087 `rootcert`='".intval($row['rootcert'])."',
1088 `description`='".mysql_real_escape_string($row['description'])."'";
1089 mysql_query($query);
1090 $newid = mysql_insert_id();
1091 $newfile=generatecertpath("csr","client",$newid);
1092 copy($row['csr_name'], $newfile);
1093 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1094 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1095 while($r2 = mysql_fetch_assoc($res))
1096 {
1097 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1098 `emailcertsid`='$newid'");
1099 }
1100 waitForResult("emailcerts", $newid,$oldid,0);
1101 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1102 $res = mysql_query($query);
1103 if(mysql_num_rows($res) <= 0)
1104 {
1105 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1106 } else {
1107 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1108 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1109 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1110 }
1111 }
1112 }
1113 else
1114 {
1115 echo _("You did not select any certificates for renewal.")."<br/>";
1116 }
1117
1118 showfooter();
1119 exit;
1120 }
1121
1122 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1123 {
1124 $id = 5;
1125 showheader(_("My CAcert.org Account!"));
1126 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1127 {
1128 echo _("Now revoking the following certificates:")."<br>\n";
1129 foreach($_REQUEST['revokeid'] as $id)
1130 {
1131 $id = intval($id);
1132 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1133 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1134 $res = mysql_query($query);
1135 if(mysql_num_rows($res) <= 0)
1136 {
1137 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1138 continue;
1139 }
1140 $row = mysql_fetch_assoc($res);
1141 if($row['revoke'] > 0)
1142 {
1143 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1144 continue;
1145 }
1146 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1147 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1148 }
1149
1150 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1151 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1152 }
1153 else
1154 {
1155 echo _("You did not select any certificates for revocation.");
1156 }
1157
1158 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1159 {
1160 echo _("Now deleting the following pending requests:")."<br>\n";
1161 foreach($_REQUEST['delid'] as $id)
1162 {
1163 $id = intval($id);
1164 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1165 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1166 $res = mysql_query($query);
1167 if(mysql_num_rows($res) <= 0)
1168 {
1169 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1170 continue;
1171 }
1172 $row = mysql_fetch_assoc($res);
1173 if($row['expired'] > 0)
1174 {
1175 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1176 continue;
1177 }
1178 mysql_query("delete from `emailcerts` where `id`='$id'");
1179 @unlink($row['csr_name']);
1180 @unlink($row['crt_name']);
1181 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1182 }
1183 }
1184 showfooter();
1185 exit;
1186 }
1187
1188 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1189 {
1190 showheader(_("My CAcert.org Account!"));
1191 foreach($_REQUEST as $id => $val)
1192 {
1193 if(substr($id,0,5)=="cert_")
1194 {
1195 $cid = intval(substr($id,5));
1196 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1197 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1198 }
1199 if(substr($id,0,14)=="check_comment_")
1200 {
1201 $cid = intval(substr($id,14));
1202 if(!empty($_REQUEST['check_comment_'.$cid])) {
1203 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1204 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1205 }
1206 }
1207 }
1208 echo(_("Certificate settings have been changed.")."<br/>\n");
1209 showfooter();
1210 exit;
1211 }
1212
1213 if($oldid == 13 && $process != "" && $showdetails!="")
1214 {
1215 csrf_check("perschange");
1216 $_SESSION['_config']['user'] = $_SESSION['profile'];
1217
1218 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1219 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1220 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1221 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1222 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1223 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1224 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1225 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1226 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1227 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1228
1229 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1230 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1231 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1232 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1233 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1234 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1235 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1236 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1237 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1238 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1239 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1240 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1241 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1242 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1243 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1244 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1245 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1246 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1247 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1248 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1249 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1250 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1251 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1252 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1253 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1254 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1255 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1256 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1257 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1258 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1259 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1260 {
1261 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1262 $id = $oldid;
1263 $oldid=0;
1264 }
1265
1266 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1267 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1268 $_SESSION['_config']['user']['Q5'] == "")
1269 {
1270 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1271 $id = $oldid;
1272 $oldid=0;
1273 }
1274 }
1275
1276 if($oldid == 13 && $process != "")
1277 {
1278 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
1279 $ddres = mysql_query($ddquery);
1280 $ddrow = mysql_fetch_assoc($ddres);
1281 $_SESSION['profile']['points'] = $ddrow['total'];
1282
1283 if($_SESSION['profile']['points'] == 0)
1284 {
1285 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1286 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1287 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1288 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1289 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1290 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1291 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1292
1293 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1294 {
1295 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1296 $id = $oldid;
1297 $oldid=0;
1298 }
1299 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1300 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1301 {
1302 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1303 $id = $oldid;
1304 $oldid=0;
1305 }
1306 }
1307 }
1308
1309 if($oldid == 13 && $process != "")
1310 {
1311 if($_SESSION['profile']['points'] == 0)
1312 {
1313 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1314 `mname`='".$_SESSION['_config']['user']['mname']."',
1315 `lname`='".$_SESSION['_config']['user']['lname']."',
1316 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1317 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1318 where `id`='".intval($_SESSION['profile']['id'])."'";
1319 mysql_query($query);
1320 }
1321 if ($showdetails!="") {
1322 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1323 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1324 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1325 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1326 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1327 `A1`='".$_SESSION['_config']['user']['A1']."',
1328 `A2`='".$_SESSION['_config']['user']['A2']."',
1329 `A3`='".$_SESSION['_config']['user']['A3']."',
1330 `A4`='".$_SESSION['_config']['user']['A4']."',
1331 `A5`='".$_SESSION['_config']['user']['A5']."'
1332 where `id`='".intval($_SESSION['profile']['id'])."'";
1333 mysql_query($query);
1334 }
1335
1336 //!!!Should be rewritten
1337 $_SESSION['_config']['user']['otphash'] = trim(stripslashes(strip_tags($_REQUEST['otphash'])));
1338 $_SESSION['_config']['user']['otppin'] = trim(stripslashes(strip_tags($_REQUEST['otppin'])));
1339 if($_SESSION['_config']['user']['otphash'] != "" && $_SESSION['_config']['user']['otppin'] != "")
1340 {
1341 $query = "update `users` set `otphash`='".mysql_real_escape_string($_SESSION['_config']['user']['otphash'])."',
1342 `otppin`='".mysql_real_escape_string($_SESSION['_config']['user']['otppin'])."' where `id`='".intval($_SESSION['profile']['id'])."'";
1343 mysql_query($query);
1344 }
1345
1346 $_SESSION['_config']['user']['set'] = 0;
1347 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
1348 $_SESSION['profile']['loggedin'] = 1;
1349
1350 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
1351 $ddres = mysql_query($ddquery);
1352 $ddrow = mysql_fetch_assoc($ddres);
1353 $_SESSION['profile']['points'] = $ddrow['total'];
1354
1355
1356 $id = 13;
1357 showheader(_("My CAcert.org Account!"));
1358 echo _("Your details have been updated with the database.");
1359 showfooter();
1360 exit;
1361 }
1362
1363 if($oldid == 14 && $process != "")
1364 {
1365 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1366 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1367 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1368
1369 $id = 14;
1370 csrf_check("pwchange");
1371
1372 showheader(_("My CAcert.org Account!"));
1373 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1374 {
1375 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1376 '</h3>', "\n";
1377 echo _("New Pass Phrases specified don't match or were blank.");
1378 } else {
1379 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1380 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1381
1382 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1383 {
1384 $match = mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and
1385 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1386 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1387 $rc = mysql_num_rows($match);
1388 } else {
1389 $rc = 1;
1390 }
1391
1392 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1393 echo '<h3 style="color:red">',
1394 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1395 echo _("The Pass Phrase you submitted was too short.");
1396 } else if($score < 3) {
1397 echo '<h3 style="color:red">',
1398 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1399 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1400 } else if($rc <= 0) {
1401 echo '<h3 style="color:red">',
1402 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1403 echo _("You failed to correctly enter your current Pass Phrase.");
1404 } else {
1405 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1406 where `id`='".intval($_SESSION['profile']['id'])."'");
1407 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1408 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1409 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1410 $body .= _("You are receiving this email because you or someone else ".
1411 "has changed the password on your account.")."\n\n";
1412
1413 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1414
1415 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1416 "support@cacert.org", "", "", "CAcert Support");
1417 }
1418 }
1419 showfooter();
1420 exit;
1421 }
1422
1423 if($oldid == 16)
1424 {
1425 $id = 16;
1426 $_SESSION['_config']['emails'] = array();
1427
1428 foreach($_REQUEST['emails'] as $val)
1429 {
1430 $val = mysql_real_escape_string(stripslashes(trim($val)));
1431 $bits = explode("@", $val);
1432 $count = count($bits);
1433 if($count != 2)
1434 continue;
1435
1436 if(checkownership($bits[1]) == false)
1437 continue;
1438
1439 if(!is_array($_SESSION['_config']['row']))
1440 continue;
1441 else if($_SESSION['_config']['row']['id'] > 0)
1442 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1443
1444 if($val != "")
1445 $_SESSION['_config']['emails'][] = $val;
1446 }
1447 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1448 $_SESSION['_config']['OU'] = stripslashes(trim($_REQUEST['OU']));
1449
1450 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1451 }
1452
1453 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1454 {
1455 $id = 16;
1456 showheader(_("My CAcert.org Account!"));
1457 echo _("I couldn't match any emails against your organisational account.");
1458 showfooter();
1459 exit;
1460 }
1461
1462 if($oldid == 16 && $process != "")
1463 {
1464 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1465 {
1466 $_REQUEST['codesign'] = 1;
1467 $_SESSION['_config']['codesign'] = 1;
1468 }
1469 else
1470 {
1471 $_REQUEST['codesign'] = 0;
1472 $_SESSION['_config']['codesign'] = 0;
1473 }
1474
1475 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1476 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1477 $_SESSION['_config']['rootcert'] = 1;
1478
1479 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1480
1481 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1482
1483 if(@count($_SESSION['_config']['emails']) > 0)
1484 $id = 17;
1485 }
1486
1487 if($oldid == 17)
1488 {
1489 $org = $_SESSION['_config']['row'];
1490 if($_REQUEST['keytype'] == "NS")
1491 {
1492 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1493
1494 if($spkac == "" || strlen($spkac) < 128)
1495 {
1496 $id = 17;
1497 showheader(_("My CAcert.org Account!"));
1498 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1499 showfooter();
1500 exit;
1501 }
1502
1503 $count = 0;
1504 $emails = "";
1505 $addys = array();
1506 if(is_array($_SESSION['_config']['emails']))
1507 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1508 {
1509 if(!$emails)
1510 $defaultemail = $_REQUEST['email'];
1511 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1512 $count++;
1513 }
1514 if($_SESSION['_config']['name'] != "")
1515 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1516 if($_SESSION['_config']['OU'])
1517 $emails .= "organizationalUnitName = ".mysql_real_escape_string($_SESSION['_config']['OU'])."\n";
1518 if($org['O'])
1519 $emails .= "organizationName = ".$org['O']."\n";
1520 if($org['L'])
1521 $emails .= "localityName = ".$org['L']."\n";
1522 if($org['ST'])
1523 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1524 if($org['C'])
1525 $emails .= "countryName = ".$org['C']."\n";
1526 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1527 $_SESSION['_config']['rootcert'] = 1;
1528
1529
1530 $emails .= "SPKAC = $spkac";
1531 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1532 {
1533 $id = 17;
1534 showheader(_("My CAcert.org Account!"));
1535 echo $weakKey;
1536 showfooter();
1537 exit;
1538 }
1539
1540 $query = "insert into `orgemailcerts` set
1541 `CN`='$defaultemail',
1542 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1543 `keytype`='NS',
1544 `orgid`='".intval($org['orgid'])."',
1545 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1546 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1547 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1548 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1549 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1550 mysql_query($query);
1551 $emailid = mysql_insert_id();
1552
1553 foreach($_SESSION['_config']['domids'] as $addy)
1554 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1555
1556 $CSRname=generatecertpath("csr","orgclient",$emailid);
1557 $fp = fopen($CSRname, "w");
1558 fputs($fp, $emails);
1559 fclose($fp);
1560 $challenge=$_SESSION['spkac_hash'];
1561 $CSRname_esc = escapeshellarg($CSRname);
1562 $res=`openssl spkac -verify -in $CSRname_esc`;
1563 if(!strstr($res,"Challenge String: ".$challenge))
1564 {
1565 $id = $oldid;
1566 showheader(_("My CAcert.org Account!"));
1567 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1568 showfooter();
1569 exit;
1570 }
1571 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1572 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1573 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1574
1575 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1576 {
1577 $id = 17;
1578 showheader(_("My CAcert.org Account!"));
1579 echo $weakKey;
1580 showfooter();
1581 exit;
1582 }
1583
1584 $tmpfname = tempnam("/tmp", "id17CSR");
1585 $fp = fopen($tmpfname, "w");
1586 fputs($fp, $csr);
1587 fclose($fp);
1588
1589 $addys = array();
1590 $defaultemail = "";
1591 $csrsubject="";
1592
1593 if($_SESSION['_config']['name'] != "")
1594 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1595 if(is_array($_SESSION['_config']['emails']))
1596 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1597 {
1598 if($defaultemail == "")
1599 $defaultemail = $_REQUEST['email'];
1600 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1601 }
1602 if($_SESSION['_config']['OU'])
1603 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1604 if($org['O'])
1605 $csrsubject .= "/organizationName=".$org['O'];
1606 if($org['L'])
1607 $csrsubject .= "/localityName=".$org['L'];
1608 if($org['ST'])
1609 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1610 if($org['C'])
1611 $csrsubject .= "/countryName=".$org['C'];
1612
1613 $tmpname = tempnam("/tmp", "id17csr");
1614 $tmpfname_esc = escapeshellarg($tmpfname);
1615 $tmpname_esc = escapeshellarg($tmpname);
1616 $do = `/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc`;
1617 @unlink($tmpfname);
1618 $csr = "";
1619 $fp = fopen($tmpname, "r");
1620 while($data = fgets($fp, 4096))
1621 $csr .= $data;
1622 fclose($fp);
1623 @unlink($tmpname);
1624
1625 if($csr == "")
1626 {
1627 showheader(_("My CAcert.org Account!"));
1628 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1629 showfooter();
1630 exit;
1631 }
1632 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1633 $_SESSION['_config']['rootcert'] = 1;
1634
1635 $query = "insert into `orgemailcerts` set
1636 `CN`='$defaultemail',
1637 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1638 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1639 `orgid`='".intval($org['orgid'])."',
1640 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1641 `subject`='".mysql_real_escape_string($csrsubject)."',
1642 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1643 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1644 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1645 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1646 mysql_query($query);
1647 $emailid = mysql_insert_id();
1648
1649 foreach($_SESSION['_config']['domids'] as $addy)
1650 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1651
1652 $CSRname=generatecertpath("csr","orgclient",$emailid);
1653 $fp = fopen($CSRname, "w");
1654 fputs($fp, $csr);
1655 fclose($fp);
1656 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1657 }
1658 waitForResult("orgemailcerts", $emailid,$oldid);
1659 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1660 $res = mysql_query($query);
1661 if(mysql_num_rows($res) <= 0)
1662 {
1663 showheader(_("My CAcert.org Account!"));
1664 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1665 showfooter();
1666 exit;
1667 } else {
1668 $id = 19;
1669 $cert = $emailid;
1670 $_REQUEST['cert']=$emailid;
1671 }
1672 }
1673
1674 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1675 {
1676 csrf_check('clicerchange');
1677 showheader(_("My CAcert.org Account!"));
1678 if(is_array($_REQUEST['revokeid']))
1679 {
1680 $id = 18;
1681 echo _("Now renewing the following certificates:")."<br>\n";
1682 foreach($_REQUEST['revokeid'] as $id)
1683 {
1684 echo "Renewing certificate #$id ...\n<br/>";
1685 $id = intval($id);
1686 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1687 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1688 `org`.`orgid`=`orgemailcerts`.`orgid`";
1689 $res = mysql_query($query);
1690 if(mysql_num_rows($res) <= 0)
1691 {
1692 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1693 continue;
1694 }
1695
1696 $row = mysql_fetch_assoc($res);
1697
1698 if (($weakKey = checkWeakKeyX509(file_get_contents(
1699 $row['crt_name']))) !== "")
1700 {
1701 echo $weakKey, "<br/>\n";
1702 continue;
1703 }
1704
1705 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1706 if($row['revoke'] > 0)
1707 {
1708 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1709 continue;
1710 }
1711 $query = "insert into `orgemailcerts` set
1712 `orgid`='".intval($row['orgid'])."',
1713 `CN`='".mysql_real_escape_string($row['CN'])."',
1714 `ou`='".mysql_real_escape_string($row['ou'])."',
1715 `subject`='".mysql_real_escape_string($row['subject'])."',
1716 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1717 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1718 `created`='".mysql_real_escape_string($row['created'])."',
1719 `modified`=NOW(),
1720 `codesign`='".intval($row['codesign'])."',
1721 `rootcert`='".intval($row['rootcert'])."',
1722 `description`='".mysql_real_escape_string($row['description'])."'";
1723 mysql_query($query);
1724 $newid = mysql_insert_id();
1725 $newfile=generatecertpath("csr","orgclient",$newid);
1726 copy($row['csr_name'], $newfile);
1727 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1728 waitForResult("orgemailcerts", $newid,$oldid,0);
1729 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1730 $res = mysql_query($query);
1731 if(mysql_num_rows($res) > 0)
1732 {
1733 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1734 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1735 _("Click here")."</a> "._("to install your certificate.");
1736 }
1737 echo("<br/>");
1738 }
1739 }
1740 else
1741 {
1742 echo _("You did not select any certificates for renewal.");
1743 }
1744 showfooter();
1745 exit;
1746 }
1747
1748 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1749 {
1750 csrf_check('clicerchange');
1751 $id = 18;
1752 showheader(_("My CAcert.org Account!"));
1753 if(is_array($_REQUEST['revokeid']))
1754 {
1755 echo _("Now revoking the following certificates:")."<br>\n";
1756 foreach($_REQUEST['revokeid'] as $id)
1757 {
1758 $id = intval($id);
1759 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1760 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1761 `org`.`orgid`=`orgemailcerts`.`orgid`";
1762 $res = mysql_query($query);
1763 if(mysql_num_rows($res) <= 0)
1764 {
1765 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1766 continue;
1767 }
1768 $row = mysql_fetch_assoc($res);
1769 if($row['revoke'] > 0)
1770 {
1771 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1772 continue;
1773 }
1774 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1775 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1776 }
1777
1778 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1779 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1780 }
1781 else
1782 {
1783 echo _("You did not select any certificates for revocation.");
1784 }
1785
1786 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1787 {
1788 echo _("Now deleting the following pending requests:")."<br>\n";
1789 foreach($_REQUEST['delid'] as $id)
1790 {
1791 $id = intval($id);
1792 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1793 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1794 `org`.`orgid`=`orgemailcerts`.`orgid`";
1795 $res = mysql_query($query);
1796 if(mysql_num_rows($res) <= 0)
1797 {
1798 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1799 continue;
1800 }
1801 $row = mysql_fetch_assoc($res);
1802 if($row['expired'] > 0)
1803 {
1804 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1805 continue;
1806 }
1807 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1808 @unlink($row['csr_name']);
1809 @unlink($row['crt_name']);
1810 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1811 }
1812 }
1813 showfooter();
1814 exit;
1815 }
1816
1817 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1818 {
1819 showheader(_("My CAcert.org Account!"));
1820 foreach($_REQUEST as $id => $val)
1821 {
1822 if(substr($id,0,14)=="check_comment_")
1823 {
1824 $cid = intval(substr($id,14));
1825 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1826 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1827 }
1828 }
1829 echo(_("Certificate settings have been changed.")."<br/>\n");
1830 showfooter();
1831 exit;
1832 }
1833
1834 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1835 {
1836 $id=18;
1837 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1838 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1839 $_SESSION['_config']['status']=$_REQUEST['status'];
1840 }
1841
1842 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1843 {
1844 $id=18;
1845 $_SESSION['_config']['orgfilterid']=0;
1846 $_SESSION['_config']['sorting']=0;
1847 $_SESSION['_config']['status']=0;
1848 }
1849
1850 if($process != "" && $oldid == 20)
1851 {
1852 $CSR = clean_csr($_REQUEST['CSR']);
1853
1854 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1855 {
1856 $id = 20;
1857 showheader(_("My CAcert.org Account!"));
1858 echo $weakKey;
1859 showfooter();
1860 exit;
1861 }
1862
1863 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1864
1865 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1866 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1867 fputs($fp, $CSR);
1868 fclose($fp);
1869 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
1870 $_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep "Subject:"`);
1871 $bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
1872 foreach($bits as $val)
1873 {
1874 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1875 }
1876 $id = 21;
1877
1878 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1879 extractit();
1880 getcn2();
1881 getalt2();
1882
1883 $query = "select * from `orginfo`,`org`,`orgdomains` where
1884 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1885 `org`.`orgid`=`orginfo`.`id` and
1886 `org`.`orgid`=`orgdomains`.`orgid` and
1887 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.CN'])."'";
1888 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1889 $query = "select * from `orginfo`,`org`,`orgdomains` where
1890 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1891 `org`.`orgid`=`orginfo`.`id` and
1892 `org`.`orgid`=`orgdomains`.`orgid` and
1893 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.subjectAltName'])."'";
1894 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1895 //echo "<pre>"; print_r($_SESSION['_config']); die;
1896
1897 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1898 {
1899 $id = 20;
1900 showheader(_("My CAcert.org Account!"));
1901 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1902 showfooter();
1903 exit;
1904 }
1905
1906 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1907 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1908 $_SESSION['_config']['rootcert'] = 1;
1909
1910 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1911 }
1912
1913 if($process != "" && $oldid == 21)
1914 {
1915 $id = 21;
1916
1917 if(!file_exists($_SESSION['_config']['tmpfname']))
1918 {
1919 showheader(_("My CAcert.org Account!"));
1920 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1921 showfooter();
1922 exit;
1923 }
1924
1925 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1926 $_SESSION['_config']['tmpfname']))) !== "")
1927 {
1928 showheader(_("My CAcert.org Account!"));
1929 echo $weakKey;
1930 showfooter();
1931 exit;
1932 }
1933
1934 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1935 {
1936 showheader(_("My CAcert.org Account!"));
1937 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1938 showfooter();
1939 exit;
1940 }
1941
1942 if($_SESSION['_config']['rowid']['0'] > 0)
1943 {
1944 $query = "select * from `org`,`orginfo` where
1945 `orginfo`.`id`='".intval($_SESSION['_config']['rowid']['0'])."' and
1946 `orginfo`.`id`=`org`.`orgid` and
1947 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1948 } else {
1949 $query = "select * from `org`,`orginfo` where
1950 `orginfo`.`id`='".intval($_SESSION['_config']['altid']['0'])."' and
1951 `orginfo`.`id`=`org`.`orgid` and
1952 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1953 }
1954 $org = mysql_fetch_assoc(mysql_query($query));
1955 $csrsubject = "";
1956
1957 if($_SESSION['_config']['OU'])
1958 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1959 if($org['O'])
1960 $csrsubject .= "/organizationName=".$org['O'];
1961 if($org['L'])
1962 $csrsubject .= "/localityName=".$org['L'];
1963 if($org['ST'])
1964 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1965 if($org['C'])
1966 $csrsubject .= "/countryName=".$org['C'];
1967 //if($org['contact'])
1968 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1969
1970 $csrsubject .= buildSubjectFromSession();
1971
1972 $type="";
1973 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1974 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1975 $_SESSION['_config']['rootcert'] = 1;
1976
1977 if($_SESSION['_config']['rowid']['0'] > 0)
1978 {
1979 $query = "insert into `orgdomaincerts` set
1980 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
1981 `orgid`='".intval($org['id'])."',
1982 `created`=NOW(),
1983 `subject`='".mysql_real_escape_string($csrsubject)."',
1984 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1985 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1986 `type`='".$type."',
1987 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1988 } else {
1989 $query = "insert into `orgdomaincerts` set
1990 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
1991 `orgid`='".intval($org['id'])."',
1992 `created`=NOW(),
1993 `subject`='".mysql_real_escape_string($csrsubject)."',
1994 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1995 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1996 `type`='".$type."',
1997 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1998 }
1999 mysql_query($query);
2000 $CSRid = mysql_insert_id();
2001
2002 $CSRname=generatecertpath("csr","orgserver",$CSRid);
2003 rename($_SESSION['_config']['tmpfname'], $CSRname);
2004 chmod($CSRname,0644);
2005 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
2006 if(is_array($_SESSION['_config']['rowid']))
2007 foreach($_SESSION['_config']['rowid'] as $id)
2008 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
2009 if(is_array($_SESSION['_config']['altid']))
2010 foreach($_SESSION['_config']['altid'] as $id)
2011 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
2012 waitForResult("orgdomaincerts", $CSRid,$oldid);
2013 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2014 $res = mysql_query($query);
2015 if(mysql_num_rows($res) <= 0)
2016 {
2017 showheader(_("My CAcert.org Account!"));
2018 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2019 showfooter();
2020 exit;
2021 } else {
2022 $id = 23;
2023 $cert = $CSRid;
2024 $_REQUEST['cert']=$CSRid;
2025 }
2026 }
2027
2028 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2029 {
2030 csrf_check('orgsrvcerchange');
2031 showheader(_("My CAcert.org Account!"));
2032 if(is_array($_REQUEST['revokeid']))
2033 {
2034 echo _("Now renewing the following certificates:")."<br>\n";
2035 foreach($_REQUEST['revokeid'] as $id)
2036 {
2037 $id = intval($id);
2038 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2039 `orgdomaincerts`,`org`
2040 where `orgdomaincerts`.`id`='$id' and
2041 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2042 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2043 $res = mysql_query($query);
2044 if(mysql_num_rows($res) <= 0)
2045 {
2046 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2047 continue;
2048 }
2049
2050 $row = mysql_fetch_assoc($res);
2051
2052 if (($weakKey = checkWeakKeyX509(file_get_contents(
2053 $row['crt_name']))) !== "")
2054 {
2055 echo $weakKey, "<br/>\n";
2056 continue;
2057 }
2058
2059 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2060 if($row['revoke'] > 0)
2061 {
2062 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2063 continue;
2064 }
2065 $query = "insert into `orgdomaincerts` set
2066 `orgid`='".intval($row['orgid'])."',
2067 `CN`='".mysql_real_escape_string($row['CN'])."',
2068 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
2069 `created`='".mysql_real_escape_string($row['created'])."',
2070 `modified`=NOW(),
2071 `subject`='".mysql_real_escape_string($row['subject'])."',
2072 `type`='".intval($row['type'])."',
2073 `rootcert`='".intval($row['rootcert'])."',
2074 `description`='".mysql_real_escape_string($row['description'])."'";
2075 mysql_query($query);
2076 $newid = mysql_insert_id();
2077 //echo "NewID: $newid<br/>\n";
2078 $newfile=generatecertpath("csr","orgserver",$newid);
2079 copy($row['csr_name'], $newfile);
2080 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2081 echo _("Renewing").": ".$row['CN']."<br>\n";
2082 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2083 while($r2 = mysql_fetch_assoc($res))
2084 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($r2['orgdomid'])."', `orgcertid`='$newid'");
2085 waitForResult("orgdomaincerts", $newid,$oldid,0);
2086 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2087 $res = mysql_query($query);
2088 if(mysql_num_rows($res) <= 0)
2089 {
2090 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2091 } else {
2092 $drow = mysql_fetch_assoc($res);
2093 $crtname = escapeshellarg($drow['crt_name']);
2094 $cert = `/usr/bin/openssl x509 -in $crtname`;
2095 echo "<pre>\n$cert\n</pre>\n";
2096 }
2097 }
2098 }
2099 else
2100 {
2101 echo _("You did not select any certificates for renewal.");
2102 }
2103 showfooter();
2104 exit;
2105 }
2106
2107 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2108 {
2109 csrf_check('orgsrvcerchange');
2110 showheader(_("My CAcert.org Account!"));
2111 if(is_array($_REQUEST['revokeid']))
2112 {
2113 echo _("Now revoking the following certificates:")."<br>\n";
2114 foreach($_REQUEST['revokeid'] as $id)
2115 {
2116 $id = intval($id);
2117 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2118 `orgdomaincerts`,`org`
2119 where `orgdomaincerts`.`id`='$id' and
2120 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2121 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2122 $res = mysql_query($query);
2123 if(mysql_num_rows($res) <= 0)
2124 {
2125 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2126 continue;
2127 }
2128 $row = mysql_fetch_assoc($res);
2129 if($row['revoke'] > 0)
2130 {
2131 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2132 continue;
2133 }
2134 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2135 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
2136 }
2137
2138 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
2139 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
2140 }
2141 else
2142 {
2143 echo _("You did not select any certificates for revocation.");
2144 }
2145
2146 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2147 {
2148 echo _("Now deleting the following pending requests:")."<br>\n";
2149 foreach($_REQUEST['delid'] as $id)
2150 {
2151 $id = intval($id);
2152 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2153 `orgdomaincerts`,`org`
2154 where `orgdomaincerts`.`id`='$id' and
2155 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2156 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2157 $res = mysql_query($query);
2158 if(mysql_num_rows($res) <= 0)
2159 {
2160 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2161 continue;
2162 }
2163 $row = mysql_fetch_assoc($res);
2164 if($row['expired'] > 0)
2165 {
2166 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2167 continue;
2168 }
2169 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2170 @unlink($row['csr_name']);
2171 @unlink($row['crt_name']);
2172 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2173 }
2174 }
2175 showfooter();
2176 exit;
2177 }
2178
2179 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2180 {
2181 showheader(_("My CAcert.org Account!"));
2182 foreach($_REQUEST as $id => $val)
2183 {
2184 if(substr($id,0,14)=="check_comment_")
2185 {
2186 $cid = intval(substr($id,14));
2187 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2188 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2189 }
2190 }
2191 echo(_("Certificate settings have been changed.")."<br/>\n");
2192 showfooter();
2193 exit;
2194 }
2195
2196 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2197 {
2198 $id=22;
2199 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2200 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2201 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2202 }
2203
2204 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2205 {
2206 $id=22;
2207 $_SESSION['_config']['dorgfilterid']=0;
2208 $_SESSION['_config']['dsorting']=0;
2209 $_SESSION['_config']['dstatus']=0;
2210 }
2211
2212
2213 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2214 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2215 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2216 $_SESSION['profile']['orgadmin'] != 1)
2217 {
2218 showheader(_("My CAcert.org Account!"));
2219 echo _("You don't have access to this area.");
2220 showfooter();
2221 exit;
2222 }
2223
2224 if($oldid == 24 && $process != "")
2225 {
2226 $id = intval($oldid);
2227 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2228 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2229 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2230 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2231 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2232 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2233
2234 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2235 {
2236 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2237 } else {
2238 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2239 `contact`='".$_SESSION['_config']['contact']."',
2240 `L`='".$_SESSION['_config']['L']."',
2241 `ST`='".$_SESSION['_config']['ST']."',
2242 `C`='".$_SESSION['_config']['C']."',
2243 `comments`='".$_SESSION['_config']['comments']."'");
2244 showheader(_("My CAcert.org Account!"));
2245 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2246 showfooter();
2247 exit;
2248 }
2249 }
2250
2251 if($oldid == 27 && $process != "")
2252 {
2253 csrf_check('orgdetchange');
2254 $id = intval($oldid);
2255 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2256 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2257 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2258 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2259 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2260 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2261
2262 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2263 {
2264 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2265 } else {
2266 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2267 `contact`='".$_SESSION['_config']['contact']."',
2268 `L`='".$_SESSION['_config']['L']."',
2269 `ST`='".$_SESSION['_config']['ST']."',
2270 `C`='".$_SESSION['_config']['C']."',
2271 `comments`='".$_SESSION['_config']['comments']."'
2272 where `id`='".intval($_SESSION['_config']['orgid'])."'");
2273 showheader(_("My CAcert.org Account!"));
2274 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2275 showfooter();
2276 exit;
2277 }
2278 }
2279
2280 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2281 {
2282 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2283 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2284 if(mysql_num_rows($res1) > 0)
2285 {
2286 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2287 $id = $oldid;
2288 $oldid=0;
2289 }
2290 }
2291
2292 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2293 {
2294 $oldid=0;
2295 $id = 25;
2296 }
2297
2298 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2299 {
2300 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2301 showheader(_("My CAcert.org Account!"));
2302 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2303 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2304 showfooter();
2305 exit;
2306 }
2307
2308 if($oldid ==