patch from Phillip (Mantis #778)
authorMarkus Warg <mw@it-sls.de>
Mon, 29 Mar 2010 09:13:48 +0000 (11:13 +0200)
committerMarkus Warg <mw@it-sls.de>
Mon, 29 Mar 2010 09:13:48 +0000 (11:13 +0200)
https://bugs.cacert.org/view.php?id=778

includes/general.php
www/gpg.php

index 80b16a0..938df4e 100644 (file)
                $newcsr = str_replace("\n\n","\n",$newcsr);
                return(preg_replace("/[^A-Za-z0-9\n\r\-\:\=\+\/ ]/","",$newcsr));
        }
+       function clean_gpgcsr($CSR)
+       {
+               return(preg_replace("/[^A-Za-z0-9\n\r\-\:\=\+\/ ]/","",trim($CSR)));
+       }
 
        function sanitizeFilename($text)
        {
index 38e5426..f97966f 100644 (file)
@@ -82,7 +82,7 @@ function verifyEmail($email)
        $state=0;
        if($oldid == "0" && $CSR != "")
        {
-               $debugkey = $gpgkey = clean_csr($CSR);
+               $debugkey = $gpgkey = clean_gpgcsr($CSR);
                $debugpg = $gpg = trim(`echo "$gpgkey"|gpg --with-colons --homedir /tmp 2>&1`);
                $lines = "";
                $gpgarr = explode("\n", $gpg);
@@ -268,7 +268,7 @@ function verifyEmail($email)
                mkdir($cwd,0755);
 
                $fp = fopen("$cwd/gpg.csr", "w");
-               fputs($fp, clean_csr($CSR));
+               fputs($fp, clean_gpgcsr($CSR));
                fclose($fp);