source code taken from cacert-20090625.tar.bz2
[cacert.git] / cacert / scripts / gpgcheck3.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/mysql.php"); //general.php");
19
20 echo("Content-Type: text/csv; charset=utf-8");
21
22 function mb_replace($str, $match, $replacement) {
23 if ($match == "") { return $str; }
24 $mlen = mb_strlen($match, "UTF-8");
25 while (($pos = mb_strpos($str, $match, 0, "UTF-8")) != "") {
26 //print "$str, $match, $replacement, $pos\n";
27 $str = mb_substr($str, 0, $pos, "UTF-8")
28 . ":" . $replacement . ":"
29 . mb_substr($str, $pos + $mlen,
30 mb_strlen($str, "UTF-8") - $pos - $mlen,
31 "UTF-8");
32 //$pos = mb_strpos($str, $match, 0, "UTF-8");
33 //print "$str, $match, $replacement, $pos\n";
34 }
35 $replacement .= "__C_A_S_E__M_I_S_M_A_T_C_H";
36 while ($_GET['case']
37 && ($pos = mb_stripos($str, $match, 0, "UTF-8")) != "") {
38 $str = mb_substr($str, 0, $pos, "UTF-8")
39 . ":" . $replacement . ":"
40 . mb_substr($str, $pos + $mlen,
41 mb_strlen($str, "UTF-8") - $pos - $mlen,
42 "UTF-8");
43 }
44 return $str;
45 }
46
47 function deUmlaut($str) {
48 return iconv("UTF-8", "US-ASCII//TRANSLIT",
49 mb_convert_encoding($str, "UTF-8"));
50 }
51
52 function deUmlaut2($str) {
53 return mb_ereg_replace(iconv("ISO-8859-1", "UTF-8", "Ä"), "Ae",
54 mb_ereg_replace(iconv("ISO-8859-1", "UTF-8", "Ö"), "Oe",
55 mb_ereg_replace(iconv("ISO-8859-1", "UTF-8", "Ü"), "Ue",
56 mb_ereg_replace(iconv("ISO-8859-1", "UTF-8", "ä"), "ae",
57 mb_ereg_replace(iconv("ISO-8859-1", "UTF-8", "ö"), "oe",
58 mb_ereg_replace(iconv("ISO-8859-1", "UTF-8", "ü"), "ue",
59 mb_ereg_replace(iconv("ISO-8859-1", "UTF-8", "ß"), "ss",
60 mb_convert_encoding($str, "UTF-8"))))))));
61 }
62
63 function csvize($str) {
64 if (strpos($str, "\"") != "" || strpos($str, ",") != "") {
65 return "\"" . str_replace("\"", "\"\"", $str) . "\"";
66 }
67 return $str;
68 }
69 mb_regex_encoding("UTF-8");
70
71 $res = mysql_query("SELECT id, memid FROM gpg WHERE crt != ''");
72 if (!$res) {
73 echo "Query FROM gpg failed!\n";
74 exit;
75 }
76
77 $keys = array();
78 while ($row = mysql_fetch_row($res)) {
79 array_push($keys, $row);
80 }
81 mysql_free_result($res);
82
83 foreach ($keys as $key) {
84 $crt = "../crt/gpg-" . $key[0] . ".crt";
85 if (!is_file($crt)) {
86 echo "Missing cert $crt!\n";
87 continue;
88 }
89
90 $res = mysql_query("SELECT fname, mname, lname, suffix FROM users WHERE id = " . $key[1]);
91 if (!$res) {
92 echo "Query FROM users failed!\n";
93 exit;
94 }
95 $user = mysql_fetch_assoc($res);
96 if (!$user) {
97 echo "User #" . $key[1] . " not found?!\n";
98 continue;
99 }
100 mysql_free_result($res);
101
102 $res = mysql_query("SELECT email FROM email WHERE hash = '' AND memid = " . $key[1]);
103 if (!$res) {
104 echo "Query FROM email failed!\n";
105 exit;
106 }
107 $addrs = array();
108 while ($addr = mysql_fetch_row($res)) {
109 array_push($addrs, $addr[0]);
110 }
111 mysql_free_result($res);
112
113 $gpg = `gpg --with-colons --homedir /tmp $crt 2>/dev/null`;
114 //echo "gpg says\n".htmlspecialchars($gpg);
115 foreach (explode("\n", $gpg) as $line) {
116 $bits = explode(":", $line);
117 if ($bits[0] != "pub" && $bits[0] != "uid") {
118 continue;
119 }
120 $match = false;
121 $problem = "";
122 $uid = " ".preg_replace('~\\\\x([0-9a-f])([0-9a-f])~ei', 'chr(hexdec("\\1\\2"))', $bits[9]);
123 //print "$uid\n";
124 if (iconv("UTF-8", "UTF-8", $uid)) {
125 $uid = mb_ereg_replace("\\\\", "\\x5c", $uid);
126 $uid = mb_ereg_replace("\\:", "\\x3a", $uid);
127 } else {
128 if ($tmp = iconv("ISO-8859-1", "UTF-8", $uid)) {
129 $problem = ":BAD_ENCODING:";
130 $uid = $tmp;
131 $uid = mb_ereg_replace("\\\\", "\\x5c",
132 $uid);
133 $uid = mb_ereg_replace("\\:", "\\x3a",
134 $uid);
135 } else {
136 $problem = ":UNKNOWN_ENCODING:";
137 $uid = $bits[9];
138 }
139 }
140 //print "$uid\n";
141 foreach ($addrs as $addr) {
142 //print "$uid, $addr\n";
143 //print mb_convert_encoding($addr, "UTF-8")."\n";
144 $uid = mb_replace($uid,
145 mb_convert_encoding($addr,
146 "UTF-8"),
147 "V_A_L_I_D__E_M_A_I_L");
148 }
149 //print "$uid\n";
150 $uid = mb_replace($uid,
151 mb_convert_encoding($user['lname'],
152 "UTF-8"),
153 "L_N_A_M_E");
154 $uid = mb_replace($uid,
155 mb_convert_encoding($user['fname'],
156 "UTF-8"),
157 "F_N_A_M_E");
158 $uid = mb_replace($uid,
159 mb_convert_encoding($user['mname'],
160 "UTF-8"),
161 "M_N_A_M_E");
162 $uid = mb_replace($uid,
163 mb_convert_encoding($user['suffix'],
164 "UTF-8"),
165 "S_U_F_F_I_X");
166 $uid = mb_replace($uid, deUmlaut($user['lname']),
167 "L_N_A_M_E__U_M_L_A_U_T");
168 $uid = mb_replace($uid, deUmlaut($user['fname']),
169 "F_N_A_M_E__U_M_L_A_U_T");
170 $uid = mb_replace($uid, deUmlaut($user['mname']),
171 "M_N_A_M_E__U_M_L_A_U_T");
172 $uid = mb_replace($uid, deUmlaut($user['suffix']),
173 "S_U_F_F_I_X__U_M_L_A_U_T");
174 //print deUmlaut2($user['lname'])."\n";
175 $uid = mb_replace($uid, deUmlaut2($user['lname']),
176 "L_N_A_M_E__U_M_L_A_U_T");
177 $uid = mb_replace($uid, deUmlaut2($user['fname']),
178 "F_N_A_M_E__U_M_L_A_U_T");
179 $uid = mb_replace($uid, deUmlaut2($user['mname']),
180 "M_N_A_M_E__U_M_L_A_U_T");
181 $uid = mb_replace($uid, deUmlaut2($user['suffix']),
182 "S_U_F_F_I_X__U_M_L_A_U_T");
183 if (strlen($user['mname']) > 0) {
184 $uid = mb_replace($uid,
185 mb_convert_encoding(substr($user['mname'], 0, 1) . ".",
186 "UTF-8"),
187 "M_N_A_M_E__I_N_I_T_I_A_L");
188 }
189 if (strlen($user['fname']) > 0) {
190 $uid = mb_replace($uid,
191 mb_convert_encoding(substr($user['fname'], 0, 1) . ".",
192 "UTF-8"),
193 "F_N_A_M_E__I_N_I_T_I_A_L");
194 }
195 $nameRegEx = "^ (:F_N_A_M_E([^:]*):\s+"
196 . "(:M_N_A_M_E([^:]*):\s+)?"
197 . ":L_N_A_M_E([^:]*):"
198 . "(\s+:S_U_F_F_I_X([^:]*):)?)?"
199 . "(\s*\(.*\))?" // optional comment
200 . "(\s*<?:V_A_L_I_D__E_M_A_I_L([^:]*):>?)?"
201 . "\$";
202 if (!mb_ereg_search_init($uid, $nameRegEx)) {
203 $problem .= ":REGEX_FAILED:";
204 }
205 $res = mb_ereg_search_regs();
206 if ($res) {
207 $match = true;
208 if ($res[8] != "") {
209 $problem .= ":UNPARSED_COMMENT:";
210 }
211 if ($res[2] != "") {
212 $problem .= ":".$res[2].":";
213 }
214 if ($res[4] != "") {
215 $problem .= ":".$res[4].":";
216 }
217 if ($res[5] != "") {
218 $problem .= ":".$res[5].":";
219 }
220 if ($res[7] != "") {
221 $problem .= ":".$res[7].":";
222 }
223 //print $res[0].",".$res[1].",".$res[2].",".$res[3].",".$res[4].","
224 // .$res[5].",".$res[6].",".$res[7].",".$res[8].",".$res[9].","
225 // .$res[10]."\n";
226 } else {
227 $problem = ":MISMATCH:$problem";
228 }
229 if (!$match || $problem != "") {
230 print $key[0] . "," . csvize($problem) . ","
231 . csvize($uid) . ","
232 . csvize(preg_replace('/([^ -~])/ei', '"\\\\x".sprintf("%02x", ord("\\1"))', $bits[9])) . ","
233 . mb_convert_encoding(csvize($user['fname']), "UTF-8") . ","
234 . mb_convert_encoding(csvize($user['mname']), "UTF-8") . ","
235 . mb_convert_encoding(csvize($user['lname']), "UTF-8") . ","
236 . mb_convert_encoding(csvize($user['suffix']), "UTF-8");
237 foreach ($addrs as $addr) {
238 print "," . mb_convert_encoding(csvize($addr), "UTF-8");
239 }
240 print "\n";
241 }
242 }
243 }
244
245 ?>