Source code taken from cacert-20141124.tar.bz2
[cacert.git] / includes / account.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18 require_once("../includes/loggedin.php");
19 require_once("../includes/lib/l10n.php");
20 require_once("../includes/lib/check_weak_key.php");
21 require_once("../includes/notary.inc.php");
22
23 loadem("account");
24
25 /**
26 * Build a subject string as needed by the signer
27 *
28 * @param array(string) $domains
29 * First domain is used as CN and repeated in subjectAltName. Duplicates
30 * should already been removed
31 *
32 * @param bool $include_xmpp_addr
33 * [default: true] Whether to include the XmppAddr in the subjectAltName.
34 * This is needed if the Jabber server is jabber.example.com but a Jabber ID
35 * on that server would be alice@example.com
36 *
37 * @return string
38 */
39 function buildSubject(array $domains, $include_xmpp_addr = true) {
40 $subject = "/CN=${domains[0]}";
41
42 foreach ($domains as $domain) {
43 $subject .= "/subjectAltName=DNS:$domain";
44
45 if ($include_xmpp_addr) {
46 $subject .= "/subjectAltName=otherName:1.3.6.1.5.5.7.8.5;UTF8:$domain";
47 }
48 }
49
50 return $subject;
51 }
52
53 /**
54 * Builds the subject string from the session variables
55 * $_SESSION['_config']['rows'] and $_SESSION['_config']['altrows']
56 *
57 * @return string
58 */
59 function buildSubjectFromSession() {
60 $domains = array();
61
62 if (is_array($_SESSION['_config']['rows'])) {
63 $domains = array_merge($domains, $_SESSION['_config']['rows']);
64 }
65
66 if (is_array($_SESSION['_config']['altrows']))
67 foreach ($_SESSION['_config']['altrows'] as $row) {
68 if (substr($row, 0, 4) === "DNS:") {
69 $domains[] = substr($row, 4);
70 }
71 }
72
73 return buildSubject(array_unique($domains));
74 }
75
76 $id = array_key_exists("id",$_REQUEST) ? intval($_REQUEST['id']) : 0;
77 $oldid = array_key_exists("oldid",$_REQUEST) ? intval($_REQUEST['oldid']) : 0;
78 $process = array_key_exists("process",$_REQUEST) ? $_REQUEST['process'] : "";
79 // $showdetalis refers to Secret Question and Answers from account/13.php
80 $showdetails = array_key_exists("showdetails",$_REQUEST) ? intval($_REQUEST['showdetails']) : 0;
81
82 $cert = array_key_exists('cert',$_REQUEST) ? intval($_REQUEST['cert']) : 0;
83 $orgid = array_key_exists('orgid',$_REQUEST) ? intval($_REQUEST['orgid']) : 0;
84 $memid = array_key_exists('memid',$_REQUEST) ? intval($_REQUEST['memid']) : 0;
85 $domid = array_key_exists('domid',$_REQUEST) ? intval($_REQUEST['domid']) : 0;
86
87 $actionrequest = array_key_exists('action',$_REQUEST) ? $_REQUEST['action'] : "";
88
89 $ticketno = array_key_exists('ticketno',$_REQUEST) ? $_REQUEST['ticketno'] : "";
90 $ticketvalidation = FALSE;
91
92
93 if(!$_SESSION['mconn'])
94 {
95 echo _("Several CAcert Services are currently unavailable. Please try again later.");
96 exit;
97 }
98
99 if ($process == _("Cancel"))
100 {
101 // General reset CANCEL process requests
102 $process = "";
103 }
104
105
106 if($id == 45 || $id == 46 || $oldid == 45 || $oldid == 46)
107 {
108 $id = 1;
109 $oldid=0;
110 }
111
112 if($process != "" && $oldid == 1)
113 {
114 $id = 1;
115 csrf_check('addemail');
116 if(strstr($_REQUEST['newemail'], "xn--") && $_SESSION['profile']['codesign'] <= 0)
117 {
118 showheader(_("My CAcert.org Account!"));
119 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
120 showfooter();
121 exit;
122 }
123 if(trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail']))) == "")
124 {
125 showheader(_("My CAcert.org Account!"));
126 printf(_("Not a valid email address. Can't continue."));
127 showfooter();
128 exit;
129 }
130 $oldid=0;
131 $_REQUEST['email'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['newemail'])));
132 if(check_email_exists($_REQUEST['email'])==true)
133 {
134 showheader(_("My CAcert.org Account!"));
135 printf(_("The email address '%s' is already in a different account. Can't continue."), sanitizeHTML($_REQUEST['email']));
136 showfooter();
137 exit;
138 }
139 $checkemail = checkEmail($_REQUEST['newemail']);
140 if($checkemail != "OK")
141 {
142 showheader(_("My CAcert.org Account!"));
143 if (substr($checkemail, 0, 1) == "4")
144 {
145 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
146 } else {
147 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
148 }
149 echo "<p>$checkemail</p>\n";
150 showfooter();
151 exit;
152 }
153 $hash = make_hash();
154 $query = "insert into `email` set `email`='".$_REQUEST['email']."',`memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
155 mysql_query($query);
156 $emailid = mysql_insert_id();
157
158 $body = _("Below is the link you need to open to verify your email address. Once your address is verified you will be able to start issuing certificates to your heart's content!")."\n\n";
159 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=email&emailid=$emailid&hash=$hash\n\n";
160 $body .= _("Best regards")."\n"._("CAcert.org Support!");
161
162 sendmail($_REQUEST['email'], "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
163
164 showheader(_("My CAcert.org Account!"));
165 printf(_("The email address '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), sanitizeHTML($_REQUEST['email']));
166 showfooter();
167 exit;
168 }
169
170 if(array_key_exists("makedefault",$_REQUEST) && $_REQUEST['makedefault'] != "" && $oldid == 2)
171 {
172 $id = 2;
173 $emailid = intval($_REQUEST['emailid']);
174 $query = "select * from `email` where `id`='$emailid' and `memid`='".intval($_SESSION['profile']['id'])."' and `hash` = '' and `deleted`=0";
175 $res = mysql_query($query);
176 if(mysql_num_rows($res) <= 0)
177 {
178 showheader(_("Error!"));
179 echo _("You currently don't have access to the email address you selected, or you haven't verified it yet.");
180 showfooter();
181 exit;
182 }
183 $row = mysql_fetch_assoc($res);
184 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
185 $body .= _("You are receiving this email because you or someone else ".
186 "has changed the default email on your account.")."\n\n";
187
188 $body .= _("Best regards")."\n"._("CAcert.org Support!");
189
190 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Default Account Changed"), $body,
191 "support@cacert.org", "", "", "CAcert Support");
192
193 $_SESSION['profile']['email'] = $row['email'];
194 $query = "update `users` set `email`='".mysql_real_escape_string($row['email'])."' where `id`='".intval($_SESSION['profile']['id'])."'";
195 mysql_query($query);
196 showheader(_("My CAcert.org Account!"));
197 printf(_("Your default email address has been updated to '%s'."), sanitizeHTML($row['email']));
198 showfooter();
199 exit;
200 }
201
202 if($process != "" && $oldid == 2)
203 {
204 $id = 2;
205 csrf_check("chgdef");
206 showheader(_("My CAcert.org Account!"));
207 $delcount = 0;
208 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
209 {
210 $deltitle=false;
211 foreach($_REQUEST['delid'] as $id)
212 {
213 if (!$deltitle) {
214 echo _('The following email addresses have been removed:')."<br>\n";
215 $deltitle=true;
216 }
217 $id = intval($id);
218 $query = "select * from `email` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."' and
219 `email`!='".mysql_real_escape_string($_SESSION['profile']['email'])."'";
220 $res = mysql_query($query);
221 if(mysql_num_rows($res) > 0)
222 {
223 $row = mysql_fetch_assoc($res);
224 echo $row['email']."<br>\n";
225 account_email_delete($row['id']);
226 $delcount++;
227 }
228 }
229 }
230 else
231 {
232 echo _("You did not select any email accounts for removal.");
233 }
234 if(0 == $delcount)
235 {
236 echo _("You did not select any accounts to be removed, or you attempted to remove the default account. No action was taken.");
237 }
238
239 showfooter();
240 exit;
241 }
242
243 if($process != "" && $oldid == 3)
244 {
245 if(!array_key_exists('CCA',$_REQUEST))
246 {
247 showheader(_("My CAcert.org Account!"));
248 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
249 showfooter();
250 exit;
251 }
252
253 if(!(array_key_exists('addid',$_REQUEST) && is_array($_REQUEST['addid'])) && $_REQUEST['SSO'] != '1')
254 {
255 showheader(_("My CAcert.org Account!"));
256 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
257 showfooter();
258 exit;
259 }
260
261 $_SESSION['_config']['SSO'] = intval($_REQUEST['SSO']);
262
263 $_SESSION['_config']['addid'] = $_REQUEST['addid'];
264 if($_SESSION['profile']['points'] >= 50)
265 $_SESSION['_config']['incname'] = intval($_REQUEST['incname']);
266 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] != 0 && ($_SESSION['profile']['codesign'] == 0 || $_SESSION['profile']['points'] < 100))
267 {
268 $_REQUEST['codesign'] = 0;
269 }
270 if($_SESSION['profile']['points'] >= 100 && $_SESSION['profile']['codesign'] > 0 && array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1)
271 {
272 if($_SESSION['_config']['incname'] < 1 || $_SESSION['_config']['incname'] > 4)
273 $_SESSION['_config']['incname'] = 1;
274 }
275 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] == 1 && $_SESSION['profile']['points'] >= 100)
276 $_SESSION['_config']['codesign'] = 1;
277 else
278 $_SESSION['_config']['codesign'] = 0;
279
280 if(array_key_exists('login',$_REQUEST) && $_REQUEST['login'] == 1)
281 $_SESSION['_config']['disablelogin'] = 0;
282 else
283 $_SESSION['_config']['disablelogin'] = 1;
284
285 $_SESSION['_config']['rootcert'] = 1;
286 if($_SESSION['profile']['points'] >= 50)
287 {
288 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
289 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
290 $_SESSION['_config']['rootcert'] = 1;
291 }
292
293 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
294
295 $csr = "";
296 if(trim($_REQUEST['optionalCSR']) == "")
297 {
298 $id = 4;
299 } else {
300 $oldid = 4;
301 $_REQUEST['keytype'] = "MS";
302 $csr = clean_csr($_REQUEST['optionalCSR']);
303 }
304
305 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
306 }
307
308 if($oldid == 4)
309 {
310 if($_REQUEST['keytype'] == "NS")
311 {
312 $spkac=""; if(array_key_exists('SPKAC',$_REQUEST) && preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
313
314 if($spkac=="" || $spkac == "deadbeef")
315 {
316 $id = 4;
317 showheader(_("My CAcert.org Account!"));
318 echo _("I didn't receive a valid Certificate Request, please try a different browser.");
319 showfooter();
320 exit;
321 }
322 $count = 0;
323 $emails = "";
324 $addys = array();
325 $defaultemail="";
326 if(is_array($_SESSION['_config']['addid']))
327 foreach($_SESSION['_config']['addid'] as $id)
328 {
329 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
330 if(mysql_num_rows($res) > 0)
331 {
332 $row = mysql_fetch_assoc($res);
333 if(!$emails)
334 $defaultemail = $row['email'];
335 $emails .= "$count.emailAddress = ".$row['email']."\n";
336 $count++;
337 $addys[] = intval($row['id']);
338 }
339 }
340 if($count <= 0 && $_SESSION['_config']['SSO'] != 1)
341 {
342 $id = 4;
343 showheader(_("My CAcert.org Account!"));
344 echo _("You submitted invalid email addresses, or email address you no longer have control of. Can't continue with certificate request.");
345 showfooter();
346 exit;
347 }
348 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
349 if($_SESSION['_config']['SSO'] == 1)
350 $emails .= "$count.emailAddress = ".$user['uniqueID']."\n";
351
352 if(strlen($user['mname']) == 1)
353 $user['mname'] .= '.';
354 if(!array_key_exists('incname',$_SESSION['_config']) || $_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
355 {
356 $emails .= "commonName = CAcert WoT User\n";
357 }
358 else
359 {
360 if($_SESSION['_config']['incname'] == 1)
361 $emails .= "commonName = ".$user['fname']." ".$user['lname']."\n";
362 if($_SESSION['_config']['incname'] == 2)
363 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']."\n";
364 if($_SESSION['_config']['incname'] == 3)
365 $emails .= "commonName = ".$user['fname']." ".$user['lname']." ".$user['suffix']."\n";
366 if($_SESSION['_config']['incname'] == 4)
367 $emails .= "commonName = ".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix']."\n";
368 }
369 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
370 $_SESSION['_config']['rootcert'] = 1;
371
372 $emails .= "SPKAC = $spkac";
373 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
374 {
375 $id = 4;
376 showheader(_("My CAcert.org Account!"));
377 echo $weakKey;
378 showfooter();
379 exit;
380 }
381
382 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
383
384 $query = "insert into emailcerts set
385 `CN`='$defaultemail',
386 `keytype`='NS',
387 `memid`='".intval($_SESSION['profile']['id'])."',
388 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
389 `codesign`='".intval($_SESSION['_config']['codesign'])."',
390 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
391 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
392 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
393 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
394 mysql_query($query);
395 $emailid = mysql_insert_id();
396 if(is_array($addys))
397 foreach($addys as $addy)
398 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
399 $CSRname=generatecertpath("csr","client",$emailid);
400 $fp = fopen($CSRname, "w");
401 fputs($fp, $emails);
402 fclose($fp);
403 $challenge=$_SESSION['spkac_hash'];
404 $CSRname_esc = escapeshellarg($CSRname);
405 $res=shell_exec("openssl spkac -verify -in $CSRname_esc");
406 if(!strstr($res,"Challenge String: ".$challenge))
407 {
408 $id = $oldid;
409 showheader(_("My CAcert.org Account!"));
410 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
411 showfooter();
412 exit;
413 }
414 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='".intval($emailid)."'");
415 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype'] == "VI") {
416 if($csr == "")
417 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."\n-----END CERTIFICATE REQUEST-----\n";
418
419 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
420 {
421 $id = 4;
422 showheader(_("My CAcert.org Account!"));
423 echo $weakKey;
424 showfooter();
425 exit;
426 }
427
428 $tmpfname = tempnam("/tmp", "id4CSR");
429 $fp = fopen($tmpfname, "w");
430 fputs($fp, $csr);
431 fclose($fp);
432
433 $addys = array();
434 $defaultemail = "";
435 $csrsubject="";
436
437 $user = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
438 if(strlen($user['mname']) == 1)
439 $user['mname'] .= '.';
440 if($_SESSION['_config']['incname'] <= 0 || $_SESSION['_config']['incname'] > 4)
441 $csrsubject = "/CN=CAcert WoT User";
442 if($_SESSION['_config']['incname'] == 1)
443 $csrsubject = "/CN=".$user['fname']." ".$user['lname'];
444 if($_SESSION['_config']['incname'] == 2)
445 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname'];
446 if($_SESSION['_config']['incname'] == 3)
447 $csrsubject = "/CN=".$user['fname']." ".$user['lname']." ".$user['suffix'];
448 if($_SESSION['_config']['incname'] == 4)
449 $csrsubject = "/CN=".$user['fname']." ".$user['mname']." ".$user['lname']." ".$user['suffix'];
450 if(is_array($_SESSION['_config']['addid']))
451 foreach($_SESSION['_config']['addid'] as $id)
452 {
453 $res = mysql_query("select * from `email` where `memid`='".intval($_SESSION['profile']['id'])."' and `id`='".intval($id)."'");
454 if(mysql_num_rows($res) > 0)
455 {
456 $row = mysql_fetch_assoc($res);
457 if($defaultemail == "")
458 $defaultemail = $row['email'];
459 $csrsubject .= "/emailAddress=".$row['email'];
460 $addys[] = $row['id'];
461 }
462 }
463 if($_SESSION['_config']['SSO'] == 1)
464 $csrsubject .= "/emailAddress = ".$user['uniqueID'];
465
466 $tmpname = tempnam("/tmp", "id4csr");
467 $tmpfname_esc = escapeshellarg($tmpfname);
468 $tmpname_esc = escapeshellarg($tmpname);
469 $do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc"); // -subj "$csr";
470 @unlink($tmpfname);
471 $csr = "";
472 $fp = fopen($tmpname, "r");
473 while($data = fgets($fp, 4096))
474 $csr .= $data;
475 fclose($fp);
476 @unlink($tmpname);
477 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
478 $_SESSION['_config']['rootcert'] = 1;
479
480 if($csr == "")
481 {
482 $id = 4;
483 showheader(_("My CAcert.org Account!"));
484 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
485 showfooter();
486 exit;
487 }
488 $query = "insert into emailcerts set
489 `CN`='$defaultemail',
490 `keytype`='".sanitizeHTML($_REQUEST['keytype'])."',
491 `memid`='".intval($_SESSION['profile']['id'])."',
492 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
493 `subject`='".mysql_real_escape_string($csrsubject)."',
494 `codesign`='".intval($_SESSION['_config']['codesign'])."',
495 `disablelogin`='".($_SESSION['_config']['disablelogin']?1:0)."',
496 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
497 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
498 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
499 mysql_query($query);
500 $emailid = mysql_insert_id();
501 if(is_array($addys))
502 foreach($addys as $addy)
503 mysql_query("insert into `emaillink` set `emailcertsid`='$emailid', `emailid`='".mysql_real_escape_string($addy)."'");
504 $CSRname=generatecertpath("csr","client",$emailid);
505 $fp = fopen($CSRname, "w");
506 fputs($fp, $csr);
507 fclose($fp);
508 mysql_query("update `emailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
509 }
510 waitForResult("emailcerts", $emailid, 4);
511 $query = "select * from `emailcerts` where `id`='$emailid' and `crt_name` != ''";
512 $res = mysql_query($query);
513 if(mysql_num_rows($res) <= 0)
514 {
515 $id = 4;
516 showheader(_("My CAcert.org Account!"));
517 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
518 showfooter();
519 exit;
520 } else {
521 $id = 6;
522 $cert = $emailid;
523 $_REQUEST['cert']=$emailid;
524 }
525 }
526
527 if($oldid == 7)
528 {
529 csrf_check("adddomain");
530 if(strstr($_REQUEST['newdomain'],"\x00"))
531 {
532 showheader(_("My CAcert.org Account!"));
533 echo _("Due to the possibility for nullbyte domain exploits we currently do not allow any domain names with nullbytes.");
534 showfooter();
535 exit;
536 }
537
538 list($newdomain) = explode(" ", $_REQUEST['newdomain'], 2); // Ignore the rest
539 while($newdomain['0'] == '-')
540 $newdomain = substr($newdomain, 1);
541 if(strstr($newdomain, "xn--") && $_SESSION['profile']['codesign'] <= 0)
542 {
543 showheader(_("My CAcert.org Account!"));
544 echo _("Due to the possibility for punycode domain exploits we currently do not allow any certificates to sign punycode domains or email addresses.");
545 showfooter();
546 exit;
547 }
548
549 $newdom = trim(escapeshellarg($newdomain));
550 $newdomain = mysql_real_escape_string(trim($newdomain));
551
552 $res1 = mysql_query("select * from `orgdomains` where `domain`='$newdomain'");
553 $query = "select * from `domains` where `domain`='$newdomain' and `deleted`=0";
554 $res2 = mysql_query($query);
555 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2))
556 {
557 $oldid=0;
558 $id = 7;
559 showheader(_("My CAcert.org Account!"));
560 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($newdomain));
561 showfooter();
562 exit;
563 }
564 }
565
566 if($oldid == 7)
567 {
568 $oldid=0;
569 $id = 8;
570 $addy = array();
571 $adds = array();
572 if(strtolower(substr($newdom, -4, 3)) != ".jp")
573 $adds = explode("\n", trim(shell_exec("/usr/bin/whois $newdom|grep \"@\"")));
574 if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
575 {
576 if(is_array($adds))
577 foreach($adds as $line)
578 {
579 $bits = explode(":", $line, 2);
580 $line = trim($bits[1]);
581 if(!in_array($line, $addy) && $line != "")
582 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
583 }
584 } else {
585 if(is_array($adds))
586 foreach($adds as $line)
587 {
588 $line = trim(str_replace("\t", " ", $line));
589 $line = trim(str_replace("(", "", $line));
590 $line = trim(str_replace(")", " ", $line));
591 $line = trim(str_replace(":", " ", $line));
592
593 $bits = explode(" ", $line);
594 foreach($bits as $bit)
595 {
596 if(strstr($bit, "@"))
597 $line = $bit;
598 }
599 if(!in_array($line, $addy) && $line != "")
600 $addy[] = trim(mysql_real_escape_string(stripslashes($line)));
601 }
602 }
603
604 $rfc = array("root@$newdomain", "hostmaster@$newdomain", "postmaster@$newdomain", "admin@$newdomain", "webmaster@$newdomain");
605 foreach($rfc as $sub)
606 if(!in_array($sub, $addy))
607 $addy[] = $sub;
608 $_SESSION['_config']['addy'] = $addy;
609 $_SESSION['_config']['domain'] = mysql_real_escape_string($newdomain);
610 }
611
612 if($process != "" && $oldid == 8)
613 {
614 csrf_check('ctcinfo');
615 $oldid=0;
616 $id = 8;
617
618 $authaddy = trim(mysql_real_escape_string(stripslashes($_REQUEST['authaddy'])));
619
620 if($authaddy == "" || !is_array($_SESSION['_config']['addy']))
621 {
622 showheader(_("My CAcert.org Account!"));
623 echo _("The address you submitted isn't a valid authority address for the domain.");
624 showfooter();
625 exit;
626 }
627
628 if(!in_array($authaddy, $_SESSION['_config']['addy']))
629 {
630 showheader(_("My CAcert.org Account!"));
631 echo _("The address you submitted isn't a valid authority address for the domain.");
632 showfooter();
633 exit;
634 }
635
636 $query = "select * from `domains` where `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."' and `deleted`=0";
637 $res = mysql_query($query);
638 if(mysql_num_rows($res) > 0)
639 {
640 showheader(_("My CAcert.org Account!"));
641 printf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($_SESSION['_config']['domain']));
642 showfooter();
643 exit;
644 }
645 $checkemail = checkEmail($authaddy);
646 if($checkemail != "OK")
647 {
648 showheader(_("My CAcert.org Account!"));
649 //echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
650 if (substr($checkemail, 0, 1) == "4")
651 {
652 echo "<p>"._("The mail server responsible for your domain indicated a temporary failure. This may be due to anti-SPAM measures, such as greylisting. Please try again in a few minutes.")."</p>\n";
653 } else {
654 echo "<p>"._("Email Address given was invalid, or a test connection couldn't be made to your server, or the server rejected the email address as invalid")."</p>\n";
655 }
656 echo "<p>$checkemail</p>\n";
657 showfooter();
658 exit;
659 }
660
661 $hash = make_hash();
662 $query = "insert into `domains` set `domain`='".mysql_real_escape_string($_SESSION['_config']['domain'])."',
663 `memid`='".intval($_SESSION['profile']['id'])."',`created`=NOW(),`hash`='$hash'";
664 mysql_query($query);
665 $domainid = mysql_insert_id();
666
667 $body = sprintf(_("Below is the link you need to open to verify your domain '%s'. Once your address is verified you will be able to start issuing certificates to your heart's content!"),$_SESSION['_config']['domain'])."\n\n";
668 $body .= "http://".$_SESSION['_config']['normalhostname']."/verify.php?type=domain&domainid=$domainid&hash=$hash\n\n";
669 $body .= _("Best regards")."\n"._("CAcert.org Support!");
670
671 sendmail($authaddy, "[CAcert.org] "._("Email Probe"), $body, "support@cacert.org", "", "", "CAcert Support");
672
673 showheader(_("My CAcert.org Account!"));
674 printf(_("The domain '%s' has been added to the system, however before any certificates for this can be issued you need to open the link in a browser that has been sent to your email address."), $_SESSION['_config']['domain']);
675 showfooter();
676 exit;
677 }
678
679 if($process != "" && $oldid == 9)
680 {
681 $id = 9;
682 showheader(_("My CAcert.org Account!"));
683 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
684 {
685 echo _("The following domains have been removed:")."<br>
686 ("._("Any valid certificates will be revoked as well").")<br>\n";
687
688 foreach($_REQUEST['delid'] as $id)
689 {
690 $id = intval($id);
691 $query = "select * from `domains` where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
692 $res = mysql_query($query);
693 if(mysql_num_rows($res) > 0)
694 {
695 $row = mysql_fetch_assoc($res);
696 echo $row['domain']."<br>\n";
697 account_domain_delete($row['id']);
698 }
699
700 }
701 }
702 else
703 {
704 echo _("You did not select any domains for removal.");
705 }
706
707 showfooter();
708 exit;
709 }
710
711 if($process != "" && $oldid == 10)
712 {
713 if(!array_key_exists('CCA',$_REQUEST))
714 {
715 showheader(_("My CAcert.org Account!"));
716 echo _("You did not accept the CAcert Community Agreement (CCA), hit the back button and try again.");
717 showfooter();
718 exit;
719 }
720
721 $CSR = clean_csr($_REQUEST['CSR']);
722 if(strpos($CSR,"---BEGIN")===FALSE)
723 {
724 // In case the CSR is missing the ---BEGIN lines, add them automatically:
725 $CSR = "-----BEGIN CERTIFICATE REQUEST-----\n".$CSR."\n-----END CERTIFICATE REQUEST-----\n";
726 }
727
728 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
729 {
730 showheader(_("My CAcert.org Account!"));
731 echo $weakKey;
732 showfooter();
733 exit;
734 }
735
736 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
737
738 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id10CSR");
739 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
740 fputs($fp, $CSR);
741 fclose($fp);
742 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
743 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
744 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
745 foreach($bits as $val)
746 {
747 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
748 }
749 $id = 11;
750
751 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
752 extractit();
753 getcn();
754 getalt();
755
756 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
757 {
758 showheader(_("My CAcert.org Account!"));
759 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
760 showfooter();
761 exit;
762 }
763
764 $_SESSION['_config']['rootcert'] = 1;
765 if($_SESSION['profile']['points'] >= 50)
766 {
767 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
768 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
769 $_SESSION['_config']['rootcert'] = 1;
770 }
771
772 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
773 }
774
775 if($process != "" && $oldid == 11)
776 {
777 if(!file_exists($_SESSION['_config']['tmpfname']))
778 {
779 showheader(_("My CAcert.org Account!"));
780 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
781 showfooter();
782 exit;
783 }
784
785 if (($weakKey = checkWeakKeyCSR(file_get_contents(
786 $_SESSION['_config']['tmpfname']))) !== "")
787 {
788 showheader(_("My CAcert.org Account!"));
789 echo $weakKey;
790 showfooter();
791 exit;
792 }
793
794 $id = 11;
795 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
796 {
797 showheader(_("My CAcert.org Account!"));
798 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
799 showfooter();
800 exit;
801 }
802
803 $subject = buildSubjectFromSession();
804
805 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
806 $_SESSION['_config']['rootcert'] = 1;
807
808 write_user_agreement(intval($_SESSION['profile']['id']), "CCA", "certificate creation", "", 1);
809
810 if(array_key_exists('0',$_SESSION['_config']['rowid']) && $_SESSION['_config']['rowid']['0'] > 0)
811 {
812 $query = "insert into `domaincerts` set
813 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
814 `domid`='".mysql_real_escape_string($_SESSION['_config']['rowid']['0'])."',
815 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
816 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
817 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
818 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
819 } elseif(array_key_exists('0',$_SESSION['_config']['altid']) && $_SESSION['_config']['altid']['0'] > 0) {
820 $query = "insert into `domaincerts` set
821 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
822 `domid`='".mysql_real_escape_string($_SESSION['_config']['altid']['0'])."',
823 `created`=NOW(),`subject`='".mysql_real_escape_string($subject)."',
824 `rootcert`='".mysql_real_escape_string($_SESSION['_config']['rootcert'])."',
825 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
826 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
827 } else {
828 showheader(_("My CAcert.org Account!"));
829 echo _("Domain not verified.");
830 showfooter();
831 exit;
832 }
833
834 mysql_query($query);
835 $CSRid = mysql_insert_id();
836
837 if(is_array($_SESSION['_config']['rowid']))
838 foreach($_SESSION['_config']['rowid'] as $dom)
839 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
840 if(is_array($_SESSION['_config']['altid']))
841 foreach($_SESSION['_config']['altid'] as $dom)
842 mysql_query("insert into `domlink` set `certid`='$CSRid', `domid`='$dom'");
843
844 $CSRname=generatecertpath("csr","server",$CSRid);
845 rename($_SESSION['_config']['tmpfname'], $CSRname);
846 chmod($CSRname,0644);
847 mysql_query("update `domaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
848 waitForResult("domaincerts", $CSRid, 11);
849 $query = "select * from `domaincerts` where `id`='$CSRid' and `crt_name` != ''";
850 $res = mysql_query($query);
851 if(mysql_num_rows($res) <= 0)
852 {
853 $id = 11;
854 showheader(_("My CAcert.org Account!"));
855 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
856 showfooter();
857 exit;
858 } else {
859 $id = 15;
860 $cert = $CSRid;
861 $_REQUEST['cert']=$CSRid;
862 }
863 }
864
865 if($oldid == 12 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
866 {
867 csrf_check('srvcerchange');
868 $id = 12;
869 showheader(_("My CAcert.org Account!"));
870 if(is_array($_REQUEST['revokeid']))
871 {
872 echo _("Now renewing the following certificates:")."<br>\n";
873 foreach($_REQUEST['revokeid'] as $id)
874 {
875 $id = intval($id);
876 echo _("Processing request")." $id:<br/>";
877 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
878 where `domaincerts`.`id`='$id' and
879 `domaincerts`.`domid`=`domains`.`id` and
880 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
881 $res = mysql_query($query);
882 if(mysql_num_rows($res) <= 0)
883 {
884 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br/>\n", $id);
885 continue;
886 }
887
888 $row = mysql_fetch_assoc($res);
889
890 if (($weakKey = checkWeakKeyX509(file_get_contents(
891 $row['crt_name']))) !== "")
892 {
893 echo $weakKey, "<br/>\n";
894 continue;
895 }
896
897 mysql_query("update `domaincerts` set `renewed`='1' where `id`='$id'");
898 $query = "insert into `domaincerts` set
899 `domid`='".intval($row['domid'])."',
900 `CN`='".mysql_real_escape_string($row['CN'])."',
901 `subject`='".mysql_real_escape_string($row['subject'])."',".
902 //`csr_name`='".$row['csr_name']."', // RACE CONDITION
903 "`created`='".mysql_real_escape_string($row['created'])."',
904 `modified`=NOW(),
905 `rootcert`='".intval($row['rootcert'])."',
906 `type`='".intval($row['type'])."',
907 `pkhash`='".mysql_real_escape_string($row['pkhash'])."',
908 `description`='".mysql_real_escape_string($row['description'])."'";
909 mysql_query($query);
910 $newid = mysql_insert_id();
911 $newfile=generatecertpath("csr","server",$newid);
912 copy($row['csr_name'], $newfile);
913 $newfile_esc = escapeshellarg($newfile);
914 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep \"Subject:\""));
915 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
916 foreach($bits as $val)
917 {
918 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
919 }
920 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
921 extractit();
922 getcn();
923 getalt();
924
925 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
926 {
927 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
928 continue;
929 }
930
931 $subject = buildSubjectFromSession();
932 $subject = mysql_real_escape_string($subject);
933 mysql_query("update `domaincerts` set `subject`='$subject',`csr_name`='$newfile' where `id`='$newid'");
934
935 echo _("Renewing").": ".sanitizeHTML($_SESSION['_config']['0.CN'])."<br>\n";
936 waitForResult("domaincerts", $newid,$oldid,0);
937 $query = "select * from `domaincerts` where `id`='$newid' and `crt_name` != ''";
938 $res = mysql_query($query);
939 if(mysql_num_rows($res) <= 0)
940 {
941 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
942 } else {
943 $drow = mysql_fetch_assoc($res);
944 $crt_name = escapeshellarg($drow['crt_name']);
945 $cert = shell_exec("/usr/bin/openssl x509 -in $crt_name");
946 echo "<pre>\n$cert\n</pre>\n";
947 }
948 }
949 }
950 else
951 {
952 echo _("You did not select any certificates for renewal.");
953 }
954
955 showfooter();
956 exit;
957 }
958
959 if($oldid == 12 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
960 {
961 csrf_check('srvcerchange');
962 $id = 12;
963 showheader(_("My CAcert.org Account!"));
964 if(is_array($_REQUEST['revokeid']))
965 {
966 echo _("Now revoking the following certificates:")."<br>\n";
967 foreach($_REQUEST['revokeid'] as $id)
968 {
969 $id = intval($id);
970 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`revoked`) as `revoke` from `domaincerts`,`domains`
971 where `domaincerts`.`id`='$id' and
972 `domaincerts`.`domid`=`domains`.`id` and
973 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
974 $res = mysql_query($query);
975 if(mysql_num_rows($res) <= 0)
976 {
977 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
978 continue;
979 }
980 $row = mysql_fetch_assoc($res);
981 if($row['revoke'] > 0)
982 {
983 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
984 continue;
985 }
986 mysql_query("update `domaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
987 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
988 }
989
990 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
991 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
992
993 }
994 else
995 {
996 echo _("You did not select any certificates for revocation.");
997 }
998
999 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1000 {
1001 echo _("Now deleting the following pending requests:")."<br>\n";
1002 foreach($_REQUEST['delid'] as $id)
1003 {
1004 $id = intval($id);
1005 $query = "select *,UNIX_TIMESTAMP(`domaincerts`.`expire`) as `expired` from `domaincerts`,`domains`
1006 where `domaincerts`.`id`='$id' and
1007 `domaincerts`.`domid`=`domains`.`id` and
1008 `domains`.`memid`='".intval($_SESSION['profile']['id'])."'";
1009 $res = mysql_query($query);
1010 if(mysql_num_rows($res) <= 0)
1011 {
1012 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1013 continue;
1014 }
1015 $row = mysql_fetch_assoc($res);
1016 if($row['expired'] > 0)
1017 {
1018 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1019 continue;
1020 }
1021 mysql_query("delete from `domaincerts` where `id`='$id'");
1022 @unlink($row['csr_name']);
1023 @unlink($row['crt_name']);
1024 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1025 }
1026 }
1027 showfooter();
1028 exit;
1029 }
1030
1031 if($oldid == 12 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1032 {
1033 showheader(_("My CAcert.org Account!"));
1034 foreach($_REQUEST as $id => $val)
1035 {
1036 if(substr($id,0,14)=="check_comment_")
1037 {
1038 $cid = intval(substr($id,14));
1039 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1040 mysql_query("update `domaincerts` set `description`='$comment' where `id`='$cid'");
1041 }
1042 }
1043 echo(_("Certificate settings have been changed.")."<br/>\n");
1044 showfooter();
1045 exit;
1046 }
1047
1048
1049 if($oldid == 5 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1050 {
1051 showheader(_("My CAcert.org Account!"));
1052 if(is_array($_REQUEST['revokeid']))
1053 {
1054 echo _("Now renewing the following certificates:")."<br>\n";
1055 foreach($_REQUEST['revokeid'] as $id)
1056 {
1057 $id = intval($id);
1058 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1059 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1060 $res = mysql_query($query);
1061 if(mysql_num_rows($res) <= 0)
1062 {
1063 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1064 continue;
1065 }
1066
1067 $row = mysql_fetch_assoc($res);
1068
1069 if (($weakKey = checkWeakKeyX509(file_get_contents(
1070 $row['crt_name']))) !== "")
1071 {
1072 echo $weakKey, "<br/>\n";
1073 continue;
1074 }
1075
1076 mysql_query("update `emailcerts` set `renewed`='1' where `id`='$id'");
1077 $query = "insert into emailcerts set
1078 `memid`='".intval($row['memid'])."',
1079 `CN`='".mysql_real_escape_string($row['CN'])."',
1080 `subject`='".mysql_real_escape_string($row['subject'])."',
1081 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1082 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1083 `created`='".mysql_real_escape_string($row['created'])."',
1084 `modified`=NOW(),
1085 `disablelogin`='".intval($row['disablelogin'])."',
1086 `codesign`='".intval($row['codesign'])."',
1087 `rootcert`='".intval($row['rootcert'])."',
1088 `description`='".mysql_real_escape_string($row['description'])."'";
1089 mysql_query($query);
1090 $newid = mysql_insert_id();
1091 $newfile=generatecertpath("csr","client",$newid);
1092 copy($row['csr_name'], $newfile);
1093 mysql_query("update `emailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1094 $res = mysql_query("select * from `emaillink` where `emailcertsid`='".$row['id']."'");
1095 while($r2 = mysql_fetch_assoc($res))
1096 {
1097 mysql_query("insert into `emaillink` set `emailid`='".$r2['emailid']."',
1098 `emailcertsid`='$newid'");
1099 }
1100 waitForResult("emailcerts", $newid,$oldid,0);
1101 $query = "select * from `emailcerts` where `id`='$newid' and `crt_name` != ''";
1102 $res = mysql_query($query);
1103 if(mysql_num_rows($res) <= 0)
1104 {
1105 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1106 } else {
1107 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1108 echo "<br/>\n<a href='account.php?id=6&cert=$newid' target='_new'>".
1109 _("Click here")."</a> "._("to install your certificate.")."<br/><br/>\n";
1110 }
1111 }
1112 }
1113 else
1114 {
1115 echo _("You did not select any certificates for renewal.")."<br/>";
1116 }
1117
1118 showfooter();
1119 exit;
1120 }
1121
1122 if($oldid == 5 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1123 {
1124 $id = 5;
1125 showheader(_("My CAcert.org Account!"));
1126 if(array_key_exists('revokeid',$_REQUEST) && is_array($_REQUEST['revokeid']))
1127 {
1128 echo _("Now revoking the following certificates:")."<br>\n";
1129 foreach($_REQUEST['revokeid'] as $id)
1130 {
1131 $id = intval($id);
1132 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `emailcerts`
1133 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1134 $res = mysql_query($query);
1135 if(mysql_num_rows($res) <= 0)
1136 {
1137 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1138 continue;
1139 }
1140 $row = mysql_fetch_assoc($res);
1141 if($row['revoke'] > 0)
1142 {
1143 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1144 continue;
1145 }
1146 mysql_query("update `emailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1147 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1148 }
1149
1150 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1151 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1152 }
1153 else
1154 {
1155 echo _("You did not select any certificates for revocation.");
1156 }
1157
1158 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1159 {
1160 echo _("Now deleting the following pending requests:")."<br>\n";
1161 foreach($_REQUEST['delid'] as $id)
1162 {
1163 $id = intval($id);
1164 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `emailcerts`
1165 where `id`='$id' and `memid`='".intval($_SESSION['profile']['id'])."'";
1166 $res = mysql_query($query);
1167 if(mysql_num_rows($res) <= 0)
1168 {
1169 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1170 continue;
1171 }
1172 $row = mysql_fetch_assoc($res);
1173 if($row['expired'] > 0)
1174 {
1175 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1176 continue;
1177 }
1178 mysql_query("delete from `emailcerts` where `id`='$id'");
1179 @unlink($row['csr_name']);
1180 @unlink($row['crt_name']);
1181 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1182 }
1183 }
1184 showfooter();
1185 exit;
1186 }
1187
1188 if($oldid == 5 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1189 {
1190 showheader(_("My CAcert.org Account!"));
1191 foreach($_REQUEST as $id => $val)
1192 {
1193 if(substr($id,0,5)=="cert_")
1194 {
1195 $cid = intval(substr($id,5));
1196 $dis=(array_key_exists('disablelogin_'.$cid,$_REQUEST) && $_REQUEST['disablelogin_'.$cid]=="1")?"0":"1";
1197 mysql_query("update `emailcerts` set `disablelogin`='$dis' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1198 }
1199 if(substr($id,0,14)=="check_comment_")
1200 {
1201 $cid = intval(substr($id,14));
1202 if(!empty($_REQUEST['check_comment_'.$cid])) {
1203 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1204 mysql_query("update `emailcerts` set `description`='$comment' where `id`='$cid' and `memid`='".intval($_SESSION['profile']['id'])."'");
1205 }
1206 }
1207 }
1208 echo(_("Certificate settings have been changed.")."<br/>\n");
1209 showfooter();
1210 exit;
1211 }
1212
1213 if($oldid == 13 && $process != "" && $showdetails!="")
1214 {
1215 csrf_check("perschange");
1216 $_SESSION['_config']['user'] = $_SESSION['profile'];
1217
1218 $_SESSION['_config']['user']['Q1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q1']))));
1219 $_SESSION['_config']['user']['Q2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q2']))));
1220 $_SESSION['_config']['user']['Q3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q3']))));
1221 $_SESSION['_config']['user']['Q4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q4']))));
1222 $_SESSION['_config']['user']['Q5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['Q5']))));
1223 $_SESSION['_config']['user']['A1'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A1']))));
1224 $_SESSION['_config']['user']['A2'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A2']))));
1225 $_SESSION['_config']['user']['A3'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A3']))));
1226 $_SESSION['_config']['user']['A4'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A4']))));
1227 $_SESSION['_config']['user']['A5'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['A5']))));
1228
1229 if($_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q2'] ||
1230 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q3'] ||
1231 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q4'] ||
1232 $_SESSION['_config']['user']['Q1'] == $_SESSION['_config']['user']['Q5'] ||
1233 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q3'] ||
1234 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q4'] ||
1235 $_SESSION['_config']['user']['Q2'] == $_SESSION['_config']['user']['Q5'] ||
1236 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q4'] ||
1237 $_SESSION['_config']['user']['Q3'] == $_SESSION['_config']['user']['Q5'] ||
1238 $_SESSION['_config']['user']['Q4'] == $_SESSION['_config']['user']['Q5'] ||
1239 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q1'] ||
1240 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q2'] ||
1241 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q3'] ||
1242 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q4'] ||
1243 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['Q5'] ||
1244 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q3'] ||
1245 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q4'] ||
1246 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['Q5'] ||
1247 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q4'] ||
1248 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['Q5'] ||
1249 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['Q5'] ||
1250 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A2'] ||
1251 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A3'] ||
1252 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A4'] ||
1253 $_SESSION['_config']['user']['A1'] == $_SESSION['_config']['user']['A5'] ||
1254 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A3'] ||
1255 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A4'] ||
1256 $_SESSION['_config']['user']['A2'] == $_SESSION['_config']['user']['A5'] ||
1257 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A4'] ||
1258 $_SESSION['_config']['user']['A3'] == $_SESSION['_config']['user']['A5'] ||
1259 $_SESSION['_config']['user']['A4'] == $_SESSION['_config']['user']['A5'])
1260 {
1261 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 different password questions and answers. You aren't allowed to duplicate questions, set questions as answers or use the question as the answer.")."<br>\n";
1262 $id = $oldid;
1263 $oldid=0;
1264 }
1265
1266 if($_SESSION['_config']['user']['Q1'] == "" || $_SESSION['_config']['user']['Q2'] == "" ||
1267 $_SESSION['_config']['user']['Q3'] == "" || $_SESSION['_config']['user']['Q4'] == "" ||
1268 $_SESSION['_config']['user']['Q5'] == "")
1269 {
1270 $_SESSION['_config']['errmsg'] .= _("For your own security you must enter 5 lost password questions and answers.")."<br>";
1271 $id = $oldid;
1272 $oldid=0;
1273 }
1274 }
1275
1276 if($oldid == 13 && $process != "")
1277 {
1278 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
1279 $ddres = mysql_query($ddquery);
1280 $ddrow = mysql_fetch_assoc($ddres);
1281 $_SESSION['profile']['points'] = $ddrow['total'];
1282
1283 if($_SESSION['profile']['points'] == 0)
1284 {
1285 $_SESSION['_config']['user']['fname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['fname']))));
1286 $_SESSION['_config']['user']['mname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['mname']))));
1287 $_SESSION['_config']['user']['lname'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['lname']))));
1288 $_SESSION['_config']['user']['suffix'] = trim(mysql_real_escape_string(stripslashes(strip_tags($_REQUEST['suffix']))));
1289 $_SESSION['_config']['user']['day'] = intval($_REQUEST['day']);
1290 $_SESSION['_config']['user']['month'] = intval($_REQUEST['month']);
1291 $_SESSION['_config']['user']['year'] = intval($_REQUEST['year']);
1292
1293 if($_SESSION['_config']['user']['fname'] == "" || $_SESSION['_config']['user']['lname'] == "")
1294 {
1295 $_SESSION['_config']['errmsg'] .= _("First and Last name fields can not be blank.")."<br>";
1296 $id = $oldid;
1297 $oldid=0;
1298 }
1299 if($_SESSION['_config']['user']['year'] < 1900 || $_SESSION['_config']['user']['month'] < 1 || $_SESSION['_config']['user']['month'] > 12 ||
1300 $_SESSION['_config']['user']['day'] < 1 || $_SESSION['_config']['user']['day'] > 31)
1301 {
1302 $_SESSION['_config']['errmsg'] .= _("Invalid date of birth")."<br>\n";
1303 $id = $oldid;
1304 $oldid=0;
1305 }
1306 }
1307 }
1308
1309 if($oldid == 13 && $process != "")
1310 {
1311 if($_SESSION['profile']['points'] == 0)
1312 {
1313 $query = "update `users` set `fname`='".$_SESSION['_config']['user']['fname']."',
1314 `mname`='".$_SESSION['_config']['user']['mname']."',
1315 `lname`='".$_SESSION['_config']['user']['lname']."',
1316 `suffix`='".$_SESSION['_config']['user']['suffix']."',
1317 `dob`='".$_SESSION['_config']['user']['year']."-".$_SESSION['_config']['user']['month']."-".$_SESSION['_config']['user']['day']."'
1318 where `id`='".intval($_SESSION['profile']['id'])."'";
1319 mysql_query($query);
1320 }
1321 if ($showdetails!="") {
1322 $query = "update `users` set `Q1`='".$_SESSION['_config']['user']['Q1']."',
1323 `Q2`='".$_SESSION['_config']['user']['Q2']."',
1324 `Q3`='".$_SESSION['_config']['user']['Q3']."',
1325 `Q4`='".$_SESSION['_config']['user']['Q4']."',
1326 `Q5`='".$_SESSION['_config']['user']['Q5']."',
1327 `A1`='".$_SESSION['_config']['user']['A1']."',
1328 `A2`='".$_SESSION['_config']['user']['A2']."',
1329 `A3`='".$_SESSION['_config']['user']['A3']."',
1330 `A4`='".$_SESSION['_config']['user']['A4']."',
1331 `A5`='".$_SESSION['_config']['user']['A5']."'
1332 where `id`='".intval($_SESSION['profile']['id'])."'";
1333 mysql_query($query);
1334 }
1335
1336 $_SESSION['_config']['user']['set'] = 0;
1337 $_SESSION['profile'] = mysql_fetch_assoc(mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."'"));
1338 $_SESSION['profile']['loggedin'] = 1;
1339
1340 $ddquery = "select sum(`points`) as `total` from `notary` where `to`='".intval($_SESSION['profile']['id'])."' and `deleted` = 0 group by `to`";
1341 $ddres = mysql_query($ddquery);
1342 $ddrow = mysql_fetch_assoc($ddres);
1343 $_SESSION['profile']['points'] = $ddrow['total'];
1344
1345
1346 $id = 13;
1347 showheader(_("My CAcert.org Account!"));
1348 echo _("Your details have been updated with the database.");
1349 showfooter();
1350 exit;
1351 }
1352
1353 if($oldid == 14 && $process != "")
1354 {
1355 $_SESSION['_config']['user']['oldpass'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['oldpassword'])));
1356 $_SESSION['_config']['user']['pword1'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword1'])));
1357 $_SESSION['_config']['user']['pword2'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['pword2'])));
1358
1359 $id = 14;
1360 csrf_check("pwchange");
1361
1362 showheader(_("My CAcert.org Account!"));
1363 if($_SESSION['_config']['user']['pword1'] == "" || $_SESSION['_config']['user']['pword1'] != $_SESSION['_config']['user']['pword2'])
1364 {
1365 echo '<h3 style="color:red">', _("Failure: Pass Phrase not Changed"),
1366 '</h3>', "\n";
1367 echo _("New Pass Phrases specified don't match or were blank.");
1368 } else {
1369 $score = checkpw($_SESSION['_config']['user']['pword1'], $_SESSION['profile']['email'], $_SESSION['profile']['fname'],
1370 $_SESSION['profile']['mname'], $_SESSION['profile']['lname'], $_SESSION['profile']['suffix']);
1371
1372 if($_SESSION['_config']['hostname'] != $_SESSION['_config']['securehostname'])
1373 {
1374 $match = mysql_query("select * from `users` where `id`='".intval($_SESSION['profile']['id'])."' and
1375 (`password`=old_password('".$_SESSION['_config']['user']['oldpass']."') or
1376 `password`=sha1('".$_SESSION['_config']['user']['oldpass']."'))");
1377 $rc = mysql_num_rows($match);
1378 } else {
1379 $rc = 1;
1380 }
1381
1382 if(strlen($_SESSION['_config']['user']['pword1']) < 6) {
1383 echo '<h3 style="color:red">',
1384 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1385 echo _("The Pass Phrase you submitted was too short.");
1386 } else if($score < 3) {
1387 echo '<h3 style="color:red">',
1388 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1389 printf(_("The Pass Phrase you submitted failed to contain enough differing characters and/or contained words from your name and/or email address. Only scored %s points out of 6."), $score);
1390 } else if($rc <= 0) {
1391 echo '<h3 style="color:red">',
1392 _("Failure: Pass Phrase not Changed"), '</h3>', "\n";
1393 echo _("You failed to correctly enter your current Pass Phrase.");
1394 } else {
1395 mysql_query("update `users` set `password`=sha1('".$_SESSION['_config']['user']['pword1']."')
1396 where `id`='".intval($_SESSION['profile']['id'])."'");
1397 echo '<h3>', _("Pass Phrase Changed Successfully"), '</h3>', "\n";
1398 echo _("Your Pass Phrase has been updated and your primary email account has been notified of the change.");
1399 $body = sprintf(_("Hi %s,"),$_SESSION['profile']['fname'])."\n\n";
1400 $body .= _("You are receiving this email because you or someone else ".
1401 "has changed the password on your account.")."\n\n";
1402
1403 $body .= _("Best regards")."\n"._("CAcert.org Support!");
1404
1405 sendmail($_SESSION['profile']['email'], "[CAcert.org] "._("Password Update Notification"), $body,
1406 "support@cacert.org", "", "", "CAcert Support");
1407 }
1408 }
1409 showfooter();
1410 exit;
1411 }
1412
1413 if($oldid == 16)
1414 {
1415 $id = 16;
1416 $_SESSION['_config']['emails'] = array();
1417
1418 foreach($_REQUEST['emails'] as $val)
1419 {
1420 $val = mysql_real_escape_string(stripslashes(trim($val)));
1421 $bits = explode("@", $val);
1422 $count = count($bits);
1423 if($count != 2)
1424 continue;
1425
1426 if(checkownership($bits[1]) == false)
1427 continue;
1428
1429 if(!is_array($_SESSION['_config']['row']))
1430 continue;
1431 else if($_SESSION['_config']['row']['id'] > 0)
1432 $_SESSION['_config']['domids'][] = $_SESSION['_config']['row']['id'];
1433
1434 if($val != "")
1435 $_SESSION['_config']['emails'][] = $val;
1436 }
1437 $_SESSION['_config']['name'] = mysql_real_escape_string(stripslashes(trim($_REQUEST['name'])));
1438 $_SESSION['_config']['OU'] = stripslashes(trim($_REQUEST['OU']));
1439
1440 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1441 }
1442
1443 if($oldid == 16 && (intval(count($_SESSION['_config']['emails'])) + 0) <= 0)
1444 {
1445 $id = 16;
1446 showheader(_("My CAcert.org Account!"));
1447 echo _("I couldn't match any emails against your organisational account.");
1448 showfooter();
1449 exit;
1450 }
1451
1452 if($oldid == 16 && $process != "")
1453 {
1454 if(array_key_exists('codesign',$_REQUEST) && $_REQUEST['codesign'] && $_SESSION['profile']['codesign'] && ($_SESSION['profile']['points'] >= 100))
1455 {
1456 $_REQUEST['codesign'] = 1;
1457 $_SESSION['_config']['codesign'] = 1;
1458 }
1459 else
1460 {
1461 $_REQUEST['codesign'] = 0;
1462 $_SESSION['_config']['codesign'] = 0;
1463 }
1464
1465 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1466 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1467 $_SESSION['_config']['rootcert'] = 1;
1468
1469 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1470
1471 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1472
1473 if(@count($_SESSION['_config']['emails']) > 0)
1474 $id = 17;
1475 }
1476
1477 if($oldid == 17)
1478 {
1479 $org = $_SESSION['_config']['row'];
1480 if($_REQUEST['keytype'] == "NS")
1481 {
1482 $spkac=""; if(preg_match("/^[a-zA-Z0-9+=\/]+$/", trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC']))))) $spkac=trim(str_replace("\n", "", str_replace("\r", "",$_REQUEST['SPKAC'])));
1483
1484 if($spkac == "" || strlen($spkac) < 128)
1485 {
1486 $id = 17;
1487 showheader(_("My CAcert.org Account!"));
1488 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1489 showfooter();
1490 exit;
1491 }
1492
1493 $count = 0;
1494 $emails = "";
1495 $addys = array();
1496 if(is_array($_SESSION['_config']['emails']))
1497 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1498 {
1499 if(!$emails)
1500 $defaultemail = $_REQUEST['email'];
1501 $emails .= "$count.emailAddress = $_REQUEST[email]\n";
1502 $count++;
1503 }
1504 if($_SESSION['_config']['name'] != "")
1505 $emails .= "commonName = ".$_SESSION['_config']['name']."\n";
1506 if($_SESSION['_config']['OU'])
1507 $emails .= "organizationalUnitName = ".mysql_real_escape_string($_SESSION['_config']['OU'])."\n";
1508 if($org['O'])
1509 $emails .= "organizationName = ".$org['O']."\n";
1510 if($org['L'])
1511 $emails .= "localityName = ".$org['L']."\n";
1512 if($org['ST'])
1513 $emails .= "stateOrProvinceName = ".$org['ST']."\n";
1514 if($org['C'])
1515 $emails .= "countryName = ".$org['C']."\n";
1516 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1517 $_SESSION['_config']['rootcert'] = 1;
1518
1519
1520 $emails .= "SPKAC = $spkac";
1521 if (($weakKey = checkWeakKeySPKAC($emails)) !== "")
1522 {
1523 $id = 17;
1524 showheader(_("My CAcert.org Account!"));
1525 echo $weakKey;
1526 showfooter();
1527 exit;
1528 }
1529
1530 $query = "insert into `orgemailcerts` set
1531 `CN`='$defaultemail',
1532 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1533 `keytype`='NS',
1534 `orgid`='".intval($org['orgid'])."',
1535 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1536 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1537 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1538 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1539 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1540 mysql_query($query);
1541 $emailid = mysql_insert_id();
1542
1543 foreach($_SESSION['_config']['domids'] as $addy)
1544 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1545
1546 $CSRname=generatecertpath("csr","orgclient",$emailid);
1547 $fp = fopen($CSRname, "w");
1548 fputs($fp, $emails);
1549 fclose($fp);
1550 $challenge=$_SESSION['spkac_hash'];
1551 $CSRname_esc = escapeshellarg($CSRname);
1552 $res=shell_exec("openssl spkac -verify -in $CSRname_esc");
1553 if(!strstr($res,"Challenge String: ".$challenge))
1554 {
1555 $id = $oldid;
1556 showheader(_("My CAcert.org Account!"));
1557 echo _("The challenge-response code of your certificate request did not match. Can't continue with certificaterequest.");
1558 showfooter();
1559 exit;
1560 }
1561 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1562 } else if($_REQUEST['keytype'] == "MS" || $_REQUEST['keytype']=="VI") {
1563 $csr = "-----BEGIN CERTIFICATE REQUEST-----\n".clean_csr($_REQUEST['CSR'])."-----END CERTIFICATE REQUEST-----\n";
1564
1565 if (($weakKey = checkWeakKeyCSR($csr)) !== "")
1566 {
1567 $id = 17;
1568 showheader(_("My CAcert.org Account!"));
1569 echo $weakKey;
1570 showfooter();
1571 exit;
1572 }
1573
1574 $tmpfname = tempnam("/tmp", "id17CSR");
1575 $fp = fopen($tmpfname, "w");
1576 fputs($fp, $csr);
1577 fclose($fp);
1578
1579 $addys = array();
1580 $defaultemail = "";
1581 $csrsubject="";
1582
1583 if($_SESSION['_config']['name'] != "")
1584 $csrsubject = "/CN=".$_SESSION['_config']['name'];
1585 if(is_array($_SESSION['_config']['emails']))
1586 foreach($_SESSION['_config']['emails'] as $_REQUEST['email'])
1587 {
1588 if($defaultemail == "")
1589 $defaultemail = $_REQUEST['email'];
1590 $csrsubject .= "/emailAddress=$_REQUEST[email]";
1591 }
1592 if($_SESSION['_config']['OU'])
1593 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1594 if($org['O'])
1595 $csrsubject .= "/organizationName=".$org['O'];
1596 if($org['L'])
1597 $csrsubject .= "/localityName=".$org['L'];
1598 if($org['ST'])
1599 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1600 if($org['C'])
1601 $csrsubject .= "/countryName=".$org['C'];
1602
1603 $tmpname = tempnam("/tmp", "id17csr");
1604 $tmpfname_esc = escapeshellarg($tmpfname);
1605 $tmpname_esc = escapeshellarg($tmpname);
1606 $do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc");
1607 @unlink($tmpfname);
1608 $csr = "";
1609 $fp = fopen($tmpname, "r");
1610 while($data = fgets($fp, 4096))
1611 $csr .= $data;
1612 fclose($fp);
1613 @unlink($tmpname);
1614
1615 if($csr == "")
1616 {
1617 showheader(_("My CAcert.org Account!"));
1618 echo _("I didn't receive a valid Certificate Request, hit the back button and try again.");
1619 showfooter();
1620 exit;
1621 }
1622 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1623 $_SESSION['_config']['rootcert'] = 1;
1624
1625 $query = "insert into `orgemailcerts` set
1626 `CN`='$defaultemail',
1627 `ou`='".mysql_real_escape_string($_SESSION['_config']['OU'])."',
1628 `keytype`='" . sanitizeHTML($_REQUEST['keytype']) . "',
1629 `orgid`='".intval($org['orgid'])."',
1630 `created`=FROM_UNIXTIME(UNIX_TIMESTAMP()),
1631 `subject`='".mysql_real_escape_string($csrsubject)."',
1632 `codesign`='".intval($_SESSION['_config']['codesign'])."',
1633 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1634 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1635 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1636 mysql_query($query);
1637 $emailid = mysql_insert_id();
1638
1639 foreach($_SESSION['_config']['domids'] as $addy)
1640 mysql_query("insert into `domemaillink` set `emailcertsid`='$emailid', `emailid`='$addy'");
1641
1642 $CSRname=generatecertpath("csr","orgclient",$emailid);
1643 $fp = fopen($CSRname, "w");
1644 fputs($fp, $csr);
1645 fclose($fp);
1646 mysql_query("update `orgemailcerts` set `csr_name`='$CSRname' where `id`='$emailid'");
1647 }
1648 waitForResult("orgemailcerts", $emailid,$oldid);
1649 $query = "select * from `orgemailcerts` where `id`='$emailid' and `crt_name` != ''";
1650 $res = mysql_query($query);
1651 if(mysql_num_rows($res) <= 0)
1652 {
1653 showheader(_("My CAcert.org Account!"));
1654 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1655 showfooter();
1656 exit;
1657 } else {
1658 $id = 19;
1659 $cert = $emailid;
1660 $_REQUEST['cert']=$emailid;
1661 }
1662 }
1663
1664 if($oldid == 18 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
1665 {
1666 csrf_check('clicerchange');
1667 showheader(_("My CAcert.org Account!"));
1668 if(is_array($_REQUEST['revokeid']))
1669 {
1670 $id = 18;
1671 echo _("Now renewing the following certificates:")."<br>\n";
1672 foreach($_REQUEST['revokeid'] as $id)
1673 {
1674 echo "Renewing certificate #$id ...\n<br/>";
1675 $id = intval($id);
1676 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1677 where `orgemailcerts`.`id`='$id' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1678 `org`.`orgid`=`orgemailcerts`.`orgid`";
1679 $res = mysql_query($query);
1680 if(mysql_num_rows($res) <= 0)
1681 {
1682 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1683 continue;
1684 }
1685
1686 $row = mysql_fetch_assoc($res);
1687
1688 if (($weakKey = checkWeakKeyX509(file_get_contents(
1689 $row['crt_name']))) !== "")
1690 {
1691 echo $weakKey, "<br/>\n";
1692 continue;
1693 }
1694
1695 mysql_query("update `orgemailcerts` set `renewed`='1' where `id`='$id'");
1696 if($row['revoke'] > 0)
1697 {
1698 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1699 continue;
1700 }
1701 $query = "insert into `orgemailcerts` set
1702 `orgid`='".intval($row['orgid'])."',
1703 `CN`='".mysql_real_escape_string($row['CN'])."',
1704 `ou`='".mysql_real_escape_string($row['ou'])."',
1705 `subject`='".mysql_real_escape_string($row['subject'])."',
1706 `keytype`='".mysql_real_escape_string($row['keytype'])."',
1707 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
1708 `created`='".mysql_real_escape_string($row['created'])."',
1709 `modified`=NOW(),
1710 `codesign`='".intval($row['codesign'])."',
1711 `rootcert`='".intval($row['rootcert'])."',
1712 `description`='".mysql_real_escape_string($row['description'])."'";
1713 mysql_query($query);
1714 $newid = mysql_insert_id();
1715 $newfile=generatecertpath("csr","orgclient",$newid);
1716 copy($row['csr_name'], $newfile);
1717 mysql_query("update `orgemailcerts` set `csr_name`='$newfile' where `id`='$newid'");
1718 waitForResult("orgemailcerts", $newid,$oldid,0);
1719 $query = "select * from `orgemailcerts` where `id`='$newid' and `crt_name` != ''";
1720 $res = mysql_query($query);
1721 if(mysql_num_rows($res) > 0)
1722 {
1723 printf(_("Certificate for '%s' has been renewed."), $row['CN']);
1724 echo "<a href='account.php?id=19&cert=$newid' target='_new'>".
1725 _("Click here")."</a> "._("to install your certificate.");
1726 }
1727 echo("<br/>");
1728 }
1729 }
1730 else
1731 {
1732 echo _("You did not select any certificates for renewal.");
1733 }
1734 showfooter();
1735 exit;
1736 }
1737
1738 if($oldid == 18 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
1739 {
1740 csrf_check('clicerchange');
1741 $id = 18;
1742 showheader(_("My CAcert.org Account!"));
1743 if(is_array($_REQUEST['revokeid']))
1744 {
1745 echo _("Now revoking the following certificates:")."<br>\n";
1746 foreach($_REQUEST['revokeid'] as $id)
1747 {
1748 $id = intval($id);
1749 $query = "select *,UNIX_TIMESTAMP(`revoked`) as `revoke` from `orgemailcerts`, `org`
1750 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1751 `org`.`orgid`=`orgemailcerts`.`orgid`";
1752 $res = mysql_query($query);
1753 if(mysql_num_rows($res) <= 0)
1754 {
1755 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1756 continue;
1757 }
1758 $row = mysql_fetch_assoc($res);
1759 if($row['revoke'] > 0)
1760 {
1761 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
1762 continue;
1763 }
1764 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
1765 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
1766 }
1767
1768 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
1769 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
1770 }
1771 else
1772 {
1773 echo _("You did not select any certificates for revocation.");
1774 }
1775
1776 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
1777 {
1778 echo _("Now deleting the following pending requests:")."<br>\n";
1779 foreach($_REQUEST['delid'] as $id)
1780 {
1781 $id = intval($id);
1782 $query = "select *,UNIX_TIMESTAMP(`expire`) as `expired` from `orgemailcerts`, `org`
1783 where `orgemailcerts`.`id`='".intval($id)."' and `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1784 `org`.`orgid`=`orgemailcerts`.`orgid`";
1785 $res = mysql_query($query);
1786 if(mysql_num_rows($res) <= 0)
1787 {
1788 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
1789 continue;
1790 }
1791 $row = mysql_fetch_assoc($res);
1792 if($row['expired'] > 0)
1793 {
1794 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
1795 continue;
1796 }
1797 mysql_query("delete from `orgemailcerts` where `id`='$id'");
1798 @unlink($row['csr_name']);
1799 @unlink($row['crt_name']);
1800 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
1801 }
1802 }
1803 showfooter();
1804 exit;
1805 }
1806
1807 if($oldid == 18 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
1808 {
1809 showheader(_("My CAcert.org Account!"));
1810 foreach($_REQUEST as $id => $val)
1811 {
1812 if(substr($id,0,14)=="check_comment_")
1813 {
1814 $cid = intval(substr($id,14));
1815 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
1816 mysql_query("update `orgemailcerts` set `description`='$comment' where `id`='$cid'");
1817 }
1818 }
1819 echo(_("Certificate settings have been changed.")."<br/>\n");
1820 showfooter();
1821 exit;
1822 }
1823
1824 if($oldid == 18 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
1825 {
1826 $id=18;
1827 $_SESSION['_config']['orgfilterid']=$_REQUEST['orgfilterid'];
1828 $_SESSION['_config']['sorting']=$_REQUEST['sorting'];
1829 $_SESSION['_config']['status']=$_REQUEST['status'];
1830 }
1831
1832 if($oldid == 18 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
1833 {
1834 $id=18;
1835 $_SESSION['_config']['orgfilterid']=0;
1836 $_SESSION['_config']['sorting']=0;
1837 $_SESSION['_config']['status']=0;
1838 }
1839
1840 if($process != "" && $oldid == 20)
1841 {
1842 $CSR = clean_csr($_REQUEST['CSR']);
1843
1844 if (($weakKey = checkWeakKeyCSR($CSR)) !== "")
1845 {
1846 $id = 20;
1847 showheader(_("My CAcert.org Account!"));
1848 echo $weakKey;
1849 showfooter();
1850 exit;
1851 }
1852
1853 $_SESSION['_config']['description']= trim(stripslashes($_REQUEST['description']));
1854
1855 $_SESSION['_config']['tmpfname'] = tempnam("/tmp", "id20CSR");
1856 $fp = fopen($_SESSION['_config']['tmpfname'], "w");
1857 fputs($fp, $CSR);
1858 fclose($fp);
1859 $CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
1860 $_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
1861 $bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
1862 foreach($bits as $val)
1863 {
1864 $_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
1865 }
1866 $id = 21;
1867
1868 $_SESSION['_config']['0.CN'] = $_SESSION['_config']['0.subjectAltName'] = "";
1869 extractit();
1870 getcn2();
1871 getalt2();
1872
1873 $query = "select * from `orginfo`,`org`,`orgdomains` where
1874 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1875 `org`.`orgid`=`orginfo`.`id` and
1876 `org`.`orgid`=`orgdomains`.`orgid` and
1877 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.CN'])."'";
1878 $_SESSION['_config']['CNorg'] = mysql_fetch_assoc(mysql_query($query));
1879 $query = "select * from `orginfo`,`org`,`orgdomains` where
1880 `org`.`memid`='".intval($_SESSION['profile']['id'])."' and
1881 `org`.`orgid`=`orginfo`.`id` and
1882 `org`.`orgid`=`orgdomains`.`orgid` and
1883 `orgdomains`.`domain`='".mysql_real_escape_string($_SESSION['_config']['0.subjectAltName'])."'";
1884 $_SESSION['_config']['SANorg'] = mysql_fetch_assoc(mysql_query($query));
1885 //echo "<pre>"; print_r($_SESSION['_config']); die;
1886
1887 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1888 {
1889 $id = 20;
1890 showheader(_("My CAcert.org Account!"));
1891 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1892 showfooter();
1893 exit;
1894 }
1895
1896 $_SESSION['_config']['rootcert'] = intval($_REQUEST['rootcert']);
1897 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1898 $_SESSION['_config']['rootcert'] = 1;
1899
1900 $_SESSION['_config']['hash_alg'] = HashAlgorithms::clean($_REQUEST['hash_alg']);
1901 }
1902
1903 if($process != "" && $oldid == 21)
1904 {
1905 $id = 21;
1906
1907 if(!file_exists($_SESSION['_config']['tmpfname']))
1908 {
1909 showheader(_("My CAcert.org Account!"));
1910 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions."), "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
1911 showfooter();
1912 exit;
1913 }
1914
1915 if (($weakKey = checkWeakKeyCSR(file_get_contents(
1916 $_SESSION['_config']['tmpfname']))) !== "")
1917 {
1918 showheader(_("My CAcert.org Account!"));
1919 echo $weakKey;
1920 showfooter();
1921 exit;
1922 }
1923
1924 if($_SESSION['_config']['0.CN'] == "" && $_SESSION['_config']['0.subjectAltName'] == "")
1925 {
1926 showheader(_("My CAcert.org Account!"));
1927 echo _("CommonName field was blank. This is usually caused by entering your own name when openssl prompt's you for 'YOUR NAME', or if you try to issue certificates for domains you haven't already verified, as such this process can't continue.");
1928 showfooter();
1929 exit;
1930 }
1931
1932 if($_SESSION['_config']['rowid']['0'] > 0)
1933 {
1934 $query = "select * from `org`,`orginfo` where
1935 `orginfo`.`id`='".intval($_SESSION['_config']['rowid']['0'])."' and
1936 `orginfo`.`id`=`org`.`orgid` and
1937 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1938 } else {
1939 $query = "select * from `org`,`orginfo` where
1940 `orginfo`.`id`='".intval($_SESSION['_config']['altid']['0'])."' and
1941 `orginfo`.`id`=`org`.`orgid` and
1942 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
1943 }
1944 $org = mysql_fetch_assoc(mysql_query($query));
1945 $csrsubject = "";
1946
1947 if($_SESSION['_config']['OU'])
1948 $csrsubject .= "/organizationalUnitName=".$_SESSION['_config']['OU'];
1949 if($org['O'])
1950 $csrsubject .= "/organizationName=".$org['O'];
1951 if($org['L'])
1952 $csrsubject .= "/localityName=".$org['L'];
1953 if($org['ST'])
1954 $csrsubject .= "/stateOrProvinceName=".$org['ST'];
1955 if($org['C'])
1956 $csrsubject .= "/countryName=".$org['C'];
1957 //if($org['contact'])
1958 // $csrsubject .= "/emailAddress=".trim($org['contact']);
1959
1960 $csrsubject .= buildSubjectFromSession();
1961
1962 $type="";
1963 if($_REQUEST["ocspcert"]!="" && $_SESSION['profile']['admin'] == 1) $type="8";
1964 if($_SESSION['_config']['rootcert'] < 1 || $_SESSION['_config']['rootcert'] > 2)
1965 $_SESSION['_config']['rootcert'] = 1;
1966
1967 if($_SESSION['_config']['rowid']['0'] > 0)
1968 {
1969 $query = "insert into `orgdomaincerts` set
1970 `CN`='".mysql_real_escape_string($_SESSION['_config']['rows']['0'])."',
1971 `orgid`='".intval($org['id'])."',
1972 `created`=NOW(),
1973 `subject`='".mysql_real_escape_string($csrsubject)."',
1974 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1975 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1976 `type`='".$type."',
1977 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1978 } else {
1979 $query = "insert into `orgdomaincerts` set
1980 `CN`='".mysql_real_escape_string($_SESSION['_config']['altrows']['0'])."',
1981 `orgid`='".intval($org['id'])."',
1982 `created`=NOW(),
1983 `subject`='".mysql_real_escape_string($csrsubject)."',
1984 `rootcert`='".intval($_SESSION['_config']['rootcert'])."',
1985 `md`='".mysql_real_escape_string($_SESSION['_config']['hash_alg'])."',
1986 `type`='".$type."',
1987 `description`='".mysql_real_escape_string($_SESSION['_config']['description'])."'";
1988 }
1989 mysql_query($query);
1990 $CSRid = mysql_insert_id();
1991
1992 $CSRname=generatecertpath("csr","orgserver",$CSRid);
1993 rename($_SESSION['_config']['tmpfname'], $CSRname);
1994 chmod($CSRname,0644);
1995 mysql_query("update `orgdomaincerts` set `CSR_name`='$CSRname' where `id`='$CSRid'");
1996 if(is_array($_SESSION['_config']['rowid']))
1997 foreach($_SESSION['_config']['rowid'] as $id)
1998 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
1999 if(is_array($_SESSION['_config']['altid']))
2000 foreach($_SESSION['_config']['altid'] as $id)
2001 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($id)."', `orgcertid`='$CSRid'");
2002 waitForResult("orgdomaincerts", $CSRid,$oldid);
2003 $query = "select * from `orgdomaincerts` where `id`='$CSRid' and `crt_name` != ''";
2004 $res = mysql_query($query);
2005 if(mysql_num_rows($res) <= 0)
2006 {
2007 showheader(_("My CAcert.org Account!"));
2008 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." CSRid: $CSRid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2009 showfooter();
2010 exit;
2011 } else {
2012 $id = 23;
2013 $cert = $CSRid;
2014 $_REQUEST['cert']=$CSRid;
2015 }
2016 }
2017
2018 if($oldid == 22 && array_key_exists('renew',$_REQUEST) && $_REQUEST['renew'] != "")
2019 {
2020 csrf_check('orgsrvcerchange');
2021 showheader(_("My CAcert.org Account!"));
2022 if(is_array($_REQUEST['revokeid']))
2023 {
2024 echo _("Now renewing the following certificates:")."<br>\n";
2025 foreach($_REQUEST['revokeid'] as $id)
2026 {
2027 $id = intval($id);
2028 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2029 `orgdomaincerts`,`org`
2030 where `orgdomaincerts`.`id`='$id' and
2031 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2032 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2033 $res = mysql_query($query);
2034 if(mysql_num_rows($res) <= 0)
2035 {
2036 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2037 continue;
2038 }
2039
2040 $row = mysql_fetch_assoc($res);
2041
2042 if (($weakKey = checkWeakKeyX509(file_get_contents(
2043 $row['crt_name']))) !== "")
2044 {
2045 echo $weakKey, "<br/>\n";
2046 continue;
2047 }
2048
2049 mysql_query("update `orgdomaincerts` set `renewed`='1' where `id`='$id'");
2050 if($row['revoke'] > 0)
2051 {
2052 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2053 continue;
2054 }
2055 $query = "insert into `orgdomaincerts` set
2056 `orgid`='".intval($row['orgid'])."',
2057 `CN`='".mysql_real_escape_string($row['CN'])."',
2058 `csr_name`='".mysql_real_escape_string($row['csr_name'])."',
2059 `created`='".mysql_real_escape_string($row['created'])."',
2060 `modified`=NOW(),
2061 `subject`='".mysql_real_escape_string($row['subject'])."',
2062 `type`='".intval($row['type'])."',
2063 `rootcert`='".intval($row['rootcert'])."',
2064 `description`='".mysql_real_escape_string($row['description'])."'";
2065 mysql_query($query);
2066 $newid = mysql_insert_id();
2067 //echo "NewID: $newid<br/>\n";
2068 $newfile=generatecertpath("csr","orgserver",$newid);
2069 copy($row['csr_name'], $newfile);
2070 mysql_query("update `orgdomaincerts` set `csr_name`='$newfile' where `id`='$newid'");
2071 echo _("Renewing").": ".$row['CN']."<br>\n";
2072 $res = mysql_query("select * from `orgdomlink` where `orgcertid`='".$row['id']."'");
2073 while($r2 = mysql_fetch_assoc($res))
2074 mysql_query("insert into `orgdomlink` set `orgdomid`='".intval($r2['orgdomid'])."', `orgcertid`='$newid'");
2075 waitForResult("orgdomaincerts", $newid,$oldid,0);
2076 $query = "select * from `orgdomaincerts` where `id`='$newid' and `crt_name` != ''";
2077 $res = mysql_query($query);
2078 if(mysql_num_rows($res) <= 0)
2079 {
2080 printf(_("Your certificate request has failed to be processed correctly, see %sthe WIKI page%s for reasons and solutions.")." newid: $newid", "<a href='http://wiki.cacert.org/wiki/FAQ/CertificateRenewal'>", "</a>");
2081 } else {
2082 $drow = mysql_fetch_assoc($res);
2083 $crtname = escapeshellarg($drow['crt_name']);
2084 $cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
2085 echo "<pre>\n$cert\n</pre>\n";
2086 }
2087 }
2088 }
2089 else
2090 {
2091 echo _("You did not select any certificates for renewal.");
2092 }
2093 showfooter();
2094 exit;
2095 }
2096
2097 if($oldid == 22 && array_key_exists('revoke',$_REQUEST) && $_REQUEST['revoke'] != "")
2098 {
2099 csrf_check('orgsrvcerchange');
2100 showheader(_("My CAcert.org Account!"));
2101 if(is_array($_REQUEST['revokeid']))
2102 {
2103 echo _("Now revoking the following certificates:")."<br>\n";
2104 foreach($_REQUEST['revokeid'] as $id)
2105 {
2106 $id = intval($id);
2107 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`revoked`) as `revoke` from
2108 `orgdomaincerts`,`org`
2109 where `orgdomaincerts`.`id`='$id' and
2110 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2111 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2112 $res = mysql_query($query);
2113 if(mysql_num_rows($res) <= 0)
2114 {
2115 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2116 continue;
2117 }
2118 $row = mysql_fetch_assoc($res);
2119 if($row['revoke'] > 0)
2120 {
2121 printf(_("It would seem '%s' has already been revoked. I'll skip this for now.")."<br>\n", $row['CN']);
2122 continue;
2123 }
2124 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='$id'");
2125 printf(_("Certificate for '%s' with the serial no '%s' has been revoked.").'<br/>', htmlspecialchars($row['CN']), htmlspecialchars($row['serial']));
2126 }
2127
2128 // TRANSLATORS: Please don't translate "Certificate Revocation List (CRL)", it's a technical term
2129 echo '<br/>'._('All listed certificates will be added to the Certificate Revocation List (CRL) soon.').'<br/>';
2130 }
2131 else
2132 {
2133 echo _("You did not select any certificates for revocation.");
2134 }
2135
2136 if(array_key_exists('delid',$_REQUEST) && is_array($_REQUEST['delid']))
2137 {
2138 echo _("Now deleting the following pending requests:")."<br>\n";
2139 foreach($_REQUEST['delid'] as $id)
2140 {
2141 $id = intval($id);
2142 $query = "select *,UNIX_TIMESTAMP(`orgdomaincerts`.`expire`) as `expired` from
2143 `orgdomaincerts`,`org`
2144 where `orgdomaincerts`.`id`='$id' and
2145 `orgdomaincerts`.`orgid`=`org`.`orgid` and
2146 `org`.`memid`='".intval($_SESSION['profile']['id'])."'";
2147 $res = mysql_query($query);
2148 if(mysql_num_rows($res) <= 0)
2149 {
2150 printf(_("Invalid ID '%s' presented, can't do anything with it.")."<br>\n", $id);
2151 continue;
2152 }
2153 $row = mysql_fetch_assoc($res);
2154 if($row['expired'] > 0)
2155 {
2156 printf(_("Couldn't remove the request for `%s`, request had already been processed.")."<br>\n", $row['CN']);
2157 continue;
2158 }
2159 mysql_query("delete from `orgdomaincerts` where `id`='$id'");
2160 @unlink($row['csr_name']);
2161 @unlink($row['crt_name']);
2162 printf(_("Removed a pending request for '%s'")."<br>\n", $row['CN']);
2163 }
2164 }
2165 showfooter();
2166 exit;
2167 }
2168
2169 if($oldid == 22 && array_key_exists('change',$_REQUEST) && $_REQUEST['change'] != "")
2170 {
2171 showheader(_("My CAcert.org Account!"));
2172 foreach($_REQUEST as $id => $val)
2173 {
2174 if(substr($id,0,14)=="check_comment_")
2175 {
2176 $cid = intval(substr($id,14));
2177 $comment=trim(mysql_real_escape_string(stripslashes($_REQUEST['comment_'.$cid])));
2178 mysql_query("update `orgdomaincerts` set `description`='$comment' where `id`='$cid'");
2179 }
2180 }
2181 echo(_("Certificate settings have been changed.")."<br/>\n");
2182 showfooter();
2183 exit;
2184 }
2185
2186 if($oldid == 22 && array_key_exists('filter',$_REQUEST) && $_REQUEST['filter']!= "")
2187 {
2188 $id=22;
2189 $_SESSION['_config']['dorgfilterid']=$_REQUEST['dorgfilterid'];
2190 $_SESSION['_config']['dsorting']=$_REQUEST['dsorting'];
2191 $_SESSION['_config']['dstatus']=$_REQUEST['dstatus'];
2192 }
2193
2194 if($oldid == 22 && array_key_exists('reset',$_REQUEST) && $_REQUEST['reset']!= "")
2195 {
2196 $id=22;
2197 $_SESSION['_config']['dorgfilterid']=0;
2198 $_SESSION['_config']['dsorting']=0;
2199 $_SESSION['_config']['dstatus']=0;
2200 }
2201
2202
2203 if(($id == 24 || $oldid == 24 || $id == 25 || $oldid == 25 || $id == 26 || $oldid == 26 ||
2204 $id == 27 || $oldid == 27 || $id == 28 || $oldid == 28 || $id == 29 || $oldid == 29 ||
2205 $id == 30 || $oldid == 30 || $id == 31 || $oldid == 31) &&
2206 $_SESSION['profile']['orgadmin'] != 1)
2207 {
2208 showheader(_("My CAcert.org Account!"));
2209 echo _("You don't have access to this area.");
2210 showfooter();
2211 exit;
2212 }
2213
2214 if($oldid == 24 && $process != "")
2215 {
2216 $id = intval($oldid);
2217 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2218 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2219 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2220 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2221 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2222 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2223
2224 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2225 {
2226 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2227 } else {
2228 mysql_query("insert into `orginfo` set `O`='".$_SESSION['_config']['O']."',
2229 `contact`='".$_SESSION['_config']['contact']."',
2230 `L`='".$_SESSION['_config']['L']."',
2231 `ST`='".$_SESSION['_config']['ST']."',
2232 `C`='".$_SESSION['_config']['C']."',
2233 `comments`='".$_SESSION['_config']['comments']."'");
2234 showheader(_("My CAcert.org Account!"));
2235 printf(_("'%s' has just been successfully added as an organisation to the database."), sanitizeHTML($_SESSION['_config']['O']));
2236 showfooter();
2237 exit;
2238 }
2239 }
2240
2241 if($oldid == 27 && $process != "")
2242 {
2243 csrf_check('orgdetchange');
2244 $id = intval($oldid);
2245 $_SESSION['_config']['O'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['O'])));
2246 $_SESSION['_config']['contact'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['contact'])));
2247 $_SESSION['_config']['L'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['L'])));
2248 $_SESSION['_config']['ST'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['ST'])));
2249 $_SESSION['_config']['C'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['C'])));
2250 $_SESSION['_config']['comments'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['comments'])));
2251
2252 if($_SESSION['_config']['O'] == "" || $_SESSION['_config']['contact'] == "")
2253 {
2254 $_SESSION['_config']['errmsg'] = _("Organisation Name and Contact Email are required fields.");
2255 } else {
2256 mysql_query("update `orginfo` set `O`='".$_SESSION['_config']['O']."',
2257 `contact`='".$_SESSION['_config']['contact']."',
2258 `L`='".$_SESSION['_config']['L']."',
2259 `ST`='".$_SESSION['_config']['ST']."',
2260 `C`='".$_SESSION['_config']['C']."',
2261 `comments`='".$_SESSION['_config']['comments']."'
2262 where `id`='".intval($_SESSION['_config']['orgid'])."'");
2263 showheader(_("My CAcert.org Account!"));
2264 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($_SESSION['_config']['O']));
2265 showfooter();
2266 exit;
2267 }
2268 }
2269
2270 if($oldid == 28 && $process != "" && array_key_exists("domainname",$_REQUEST))
2271 {
2272 $domain = $_SESSION['_config']['domain'] = trim(mysql_real_escape_string(stripslashes($_REQUEST['domainname'])));
2273 $res1 = mysql_query("select * from `orgdomains` where `domain`='$domain'");
2274 if(mysql_num_rows($res1) > 0)
2275 {
2276 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2277 $id = $oldid;
2278 $oldid=0;
2279 }
2280 }
2281
2282 if($oldid == 28 && $_SESSION['_config']['orgid'] <= 0)
2283 {
2284 $oldid=0;
2285 $id = 25;
2286 }
2287
2288 if($oldid == 28 && $process != "" && array_key_exists("orgid",$_SESSION["_config"]))
2289 {
2290 mysql_query("insert into `orgdomains` set `orgid`='".intval($_SESSION['_config']['orgid'])."', `domain`='$domain'");
2291 showheader(_("My CAcert.org Account!"));
2292 printf(_("'%s' has just been successfully added to the database."), sanitizeHTML($domain));
2293 echo "<br><br><a href='account.php?id=26&orgid=".intval($_SESSION['_config']['orgid'])."'>"._("Click here")."</a> "._("to continue.");
2294 showfooter();
2295 exit;
2296 }
2297
2298 if($oldid == 29 && $process != "")
2299 {
2300 $domain = mysql_real_escape_string(stripslashes(trim($_REQUEST['domainname'])));
2301
2302 $res1 = mysql_query("select * from `orgdomains` where `domain` like '$domain' and `id`!='".intval($domid)."'");
2303 $res2 = mysql_query("select * from `domains` where `domain` like '$domain' and `deleted`=0");
2304 if(mysql_num_rows($res1) > 0 || mysql_num_rows($res2) > 0)
2305 {
2306 $_SESSION['_config']['errmsg'] = sprintf(_("The domain '%s' is already in a different account and is listed as valid. Can't continue."), sanitizeHTML($domain));
2307 $id = $oldid;
2308 $oldid=0;
2309 }
2310 }
2311
2312 if(($oldid == 29 || $oldid == 30) && $process != "") // _("Cancel") is handled in front of account.php
2313 {
2314 $query = "select `orgdomaincerts`.`id` as `id` from `orgdomlink`, `orgdomaincerts`, `orgdomains` where
2315 `orgdomlink`.`orgdomid`=`orgdomains`.`id` and
2316 `orgdomaincerts`.`id`=`orgdomlink`.`orgcertid` and
2317 `orgdomains`.`id`='".intval($domid)."'";
2318 $res = mysql_query($query);
2319 while($row = mysql_fetch_assoc($res))
2320 mysql_query("update `orgdomaincerts` set `revoked`='1970-01-01 10:00:01' where `id`='".$row['id']."'");
2321
2322 $query = "select `orgemailcerts`.`id` as `id` from `orgemailcerts`, `orgemaillink`, `orgdomains` where
2323 `orgemaillink`.`domid`=`orgdomains`.`id` and
2324 `orgemailcerts`.`id`=`orgemaillink`.`emailcertsid` and
2325 `orgdomains`.`id`='".intval($domid)."'";
2326 $res = mysql_query($query);
2327 while($row = mysql_fetch_assoc($res))
2328 mysql_query("update `orgemailcerts` set `revoked`='1970-01-01 10:00:01' where `id`='".intval($row['id'])."'");
2329 }
2330
2331 if($oldid == 29 && $process != "")
2332 {
2333 $row = mysql_fetch_assoc(mysql_query("select * from `orgdomains` where `id`='".intval($domid)."'"));
2334 mysql_query("update `orgdomains` set `domain`='$domain' where `id`='".intval($domid)."'");
2335 showheader(_("My CAcert.org Account!"));
2336 printf(_("'%s' has just been successfully updated in the database."), sanitizeHTML($domain));
2337 echo "<br><br><a href='account.php?id=26&orgid=".intval($orgid)."'>"._("Click here")."</a> "._("to continue.");
2338 showfooter();
2339 exit;
2340 }
2341
2342 if($oldid == 30 &&