2004-11-10 06:12:43 +00:00
|
|
|
<? /*
|
|
|
|
Copyright (C) 2004 by Duane Groth <duane_at_CAcert_dot_org>
|
|
|
|
|
|
|
|
This file is part of CAcert.
|
|
|
|
|
|
|
|
CAcert has been released under the CAcert Source License
|
|
|
|
which can be found included with these source files or can
|
|
|
|
be downloaded from the internet from the following address:
|
|
|
|
http://www.cacert.org/src-lic.php
|
|
|
|
|
|
|
|
CAcert is distributed WITHOUT ANY WARRANTY; without even
|
|
|
|
the implied warranty of MERCHANTABILITY or FITNESS FOR A
|
|
|
|
PARTICULAR PURPOSE. See the License for more details.
|
|
|
|
*/ ?>
|
|
|
|
<?
|
|
|
|
require_once("../includes/loggedin.php");
|
|
|
|
|
2006-02-03 18:45:23 +00:00
|
|
|
$id = intval($_REQUEST['id']);
|
|
|
|
$oldid = $_REQUEST['oldid'] = intval($_REQUEST['oldid']);
|
|
|
|
|
2005-02-16 18:11:53 +00:00
|
|
|
if($_SESSION['profile']['points'] < 50)
|
|
|
|
{
|
|
|
|
header("location: /account.php");
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
2004-11-10 06:12:43 +00:00
|
|
|
loadem("account");
|
|
|
|
|
2004-11-18 23:21:15 +00:00
|
|
|
if($oldid == "0")
|
2004-11-10 06:12:43 +00:00
|
|
|
{
|
2006-08-03 13:20:55 +00:00
|
|
|
if($_REQUEST['process'] == _("Submit") && $_REQUEST['CSR'] == "")
|
2004-11-10 06:12:43 +00:00
|
|
|
{
|
2004-11-18 23:21:15 +00:00
|
|
|
$_SESSION['_config']['errmsg'] = _("You failed to paste a valid GPG/PGP key.");
|
2004-11-10 06:12:43 +00:00
|
|
|
$id = $oldid;
|
|
|
|
unset($oldid);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2007-02-07 13:50:25 +00:00
|
|
|
$keyid="";
|
|
|
|
|
2006-08-03 13:20:55 +00:00
|
|
|
if($oldid == "0" && $_REQUEST['CSR'] != "")
|
2004-11-10 06:12:43 +00:00
|
|
|
{
|
2006-08-03 13:20:55 +00:00
|
|
|
$debugkey = $gpgkey = clean_csr(stripslashes($_REQUEST['CSR']));
|
|
|
|
$debugpg = $gpg = mysql_real_escape_string(trim(`echo "$gpgkey"|gpg --with-colons --homedir /tmp 2>&1`));
|
2004-11-10 06:12:43 +00:00
|
|
|
$lines = "";
|
2006-08-03 13:20:55 +00:00
|
|
|
$gpgarr = explode("\n", $gpg);
|
|
|
|
foreach($gpgarr as $line)
|
2004-11-10 06:12:43 +00:00
|
|
|
{
|
|
|
|
if(substr($line, 0, 3) == "pub" || substr($line, 0, 3) == "uid")
|
|
|
|
{
|
|
|
|
if($lines != "")
|
|
|
|
$lines .= "\n";
|
|
|
|
$lines .= $line;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
$gpg = $lines;
|
2004-11-18 23:21:15 +00:00
|
|
|
$expires = 0;
|
2004-11-10 06:12:43 +00:00
|
|
|
|
|
|
|
foreach(explode("\n", $gpg) as $line)
|
|
|
|
{
|
|
|
|
$name = $comment = "";
|
|
|
|
$bits = explode(":", $line);
|
|
|
|
if($bits[0] == "pub" && (!$keyid || !$when))
|
|
|
|
{
|
|
|
|
$keyid = $bits[4];
|
|
|
|
$when = $bits[5];
|
2004-11-18 23:21:15 +00:00
|
|
|
if($bits[6] != "")
|
|
|
|
$expires = 1;
|
2004-11-10 06:12:43 +00:00
|
|
|
}
|
|
|
|
if(!strstr($line, "@")) continue;
|
|
|
|
|
|
|
|
$pos = strpos($bits[9], "(") - 1;
|
|
|
|
$nocomment = 0;
|
|
|
|
if($pos < 0)
|
|
|
|
{
|
|
|
|
$nocomment = 1;
|
|
|
|
$pos = strpos($bits[9], "<") - 1;
|
|
|
|
}
|
|
|
|
$name = trim(hex2bin(trim(substr($bits[9], 0, $pos))));
|
|
|
|
if($name != "")
|
|
|
|
$names[] = $name;
|
|
|
|
if($nocomment == 0)
|
|
|
|
{
|
|
|
|
$pos += 2;
|
|
|
|
$pos2 = strpos($bits[9], ")");
|
|
|
|
$comm = trim(hex2bin(trim(substr($bits[9], $pos, $pos2 - $pos))));
|
|
|
|
if($comm != "")
|
|
|
|
$comment[] = $comm;
|
|
|
|
$pos = $pos2 + 3;
|
|
|
|
} else {
|
|
|
|
$pos = strpos($bits[9], "<") + 1;
|
|
|
|
}
|
|
|
|
$pos2 = strpos($bits[9], ">", $pos);
|
|
|
|
$mail = trim(hex2bin(trim(substr($bits[9], $pos, $pos2 - $pos))));
|
|
|
|
if($mail != "")
|
|
|
|
$emailaddies[] = $mail;
|
|
|
|
}
|
|
|
|
|
2004-11-18 23:21:15 +00:00
|
|
|
$multiple = 0;
|
|
|
|
if(count($emailaddies) > 1)
|
|
|
|
$multiple = 1;
|
|
|
|
|
|
|
|
if(is_array($names))
|
2004-11-10 06:12:43 +00:00
|
|
|
{
|
2004-11-18 23:21:15 +00:00
|
|
|
foreach($names as $name)
|
|
|
|
{
|
|
|
|
if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname'])
|
|
|
|
continue;
|
|
|
|
if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname'])
|
|
|
|
continue;
|
|
|
|
if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])
|
|
|
|
continue;
|
|
|
|
if($name == $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'])
|
|
|
|
continue;
|
|
|
|
$_SESSION['_config']['errmsg'] = _("No suitable name combination could be matched from your PGP/GPG keys to what we have in the database ('$name')");
|
2006-08-03 13:20:55 +00:00
|
|
|
unset($_REQUEST['process']);
|
2004-11-18 23:21:15 +00:00
|
|
|
$id = $oldid;
|
|
|
|
unset($oldid);
|
2006-08-03 13:20:55 +00:00
|
|
|
$do = `echo "$debugkey\n--\n$debugpg\n--" >> /www/tmp/gpg.debug`;
|
2004-11-18 23:21:15 +00:00
|
|
|
}
|
2004-11-10 06:12:43 +00:00
|
|
|
}
|
|
|
|
|
2004-11-18 23:21:15 +00:00
|
|
|
if(is_array($emailaddies) && count($emailaddies) >= 1)
|
2004-11-10 06:12:43 +00:00
|
|
|
{
|
2004-11-18 23:21:15 +00:00
|
|
|
foreach($emailaddies as $email)
|
|
|
|
{
|
|
|
|
if(mysql_num_rows(mysql_query("select * from `email` where `memid`='".$_SESSION['profile']['id']."' and
|
2006-04-20 20:48:35 +00:00
|
|
|
`email`='".mysql_real_escape_string($email)."' and `deleted`=0 and `hash`=''")) > 0)
|
2004-11-18 23:21:15 +00:00
|
|
|
continue;
|
|
|
|
$_SESSION['_config']['errmsg'] = _("No suitable emails could be matched from your PGP/GPG keys to what we have in the database. ('$email')");
|
2006-08-03 13:20:55 +00:00
|
|
|
unset($_REQUEST['process']);
|
2004-11-18 23:21:15 +00:00
|
|
|
$id = $oldid;
|
|
|
|
unset($oldid);
|
2006-08-03 13:20:55 +00:00
|
|
|
$do = `echo "$debugkey\n--\n$debugpg\n--" >> /www/tmp/gpg.debug`;
|
2004-11-18 23:21:15 +00:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
$_SESSION['_config']['errmsg'] = _("No emails found on your key");
|
2006-08-03 13:20:55 +00:00
|
|
|
unset($_REQUEST['process']);
|
2004-11-10 06:12:43 +00:00
|
|
|
$id = $oldid;
|
|
|
|
unset($oldid);
|
2006-08-03 13:20:55 +00:00
|
|
|
$do = `echo "$debugkey\n--\n$debugpg\n--" >> /www/tmp/gpg.debug`;
|
2004-11-10 06:12:43 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2006-08-03 13:20:55 +00:00
|
|
|
if($oldid == "0" && $_REQUEST['CSR'] != "")
|
2004-11-10 06:12:43 +00:00
|
|
|
{
|
2004-11-18 23:21:15 +00:00
|
|
|
$query = "insert into `gpg` set `memid`='".$_SESSION['profile']['id']."',
|
2006-04-20 20:48:35 +00:00
|
|
|
`email`='".mysql_real_escape_string($emailaddies['0'])."',
|
2005-02-16 18:11:53 +00:00
|
|
|
`level`='1',
|
2006-04-20 20:48:35 +00:00
|
|
|
`expires`='".mysql_real_escape_string($expires)."',
|
|
|
|
`multiple`='".mysql_real_escape_string($multiple)."'";
|
2004-11-10 06:12:43 +00:00
|
|
|
mysql_query($query);
|
|
|
|
$id = mysql_insert_id();
|
|
|
|
|
2007-02-07 13:50:25 +00:00
|
|
|
|
|
|
|
$cwd = '/tmp/gpgspace'.$id;
|
|
|
|
mkdir($cwd,0755);
|
|
|
|
|
|
|
|
$fp = fopen("$cwd/gpg.csr", "w");
|
2006-08-03 13:20:55 +00:00
|
|
|
fputs($fp, clean_csr(stripslashes($_REQUEST['CSR'])));
|
2004-11-10 06:12:43 +00:00
|
|
|
fclose($fp);
|
|
|
|
|
2007-02-07 13:50:25 +00:00
|
|
|
|
|
|
|
system("gpg --homedir $cwd --import $cwd/gpg.csr");
|
|
|
|
|
|
|
|
$descriptorspec = array(
|
|
|
|
0 => array("pipe", "r"), // stdin is a pipe that the child will read from
|
|
|
|
1 => array("pipe", "w"), // stdout is a pipe that the child will write to
|
|
|
|
2 => array("pipe", "w") // stderr is a file to write to
|
|
|
|
);
|
|
|
|
|
|
|
|
$stderr = fopen('php://stderr', 'w');
|
|
|
|
|
|
|
|
|
|
|
|
//echo "Keyid: $keyid\n";
|
|
|
|
|
|
|
|
$process = proc_open("/usr/bin/gpg --homedir $cwd --command-fd 0 --status-fd 1 --logger-fd 2 --edit-key $keyid", $descriptorspec, $pipes);
|
|
|
|
|
|
|
|
//echo "Process: $process\n";
|
|
|
|
//fputs($stderr,"Process: $process\n");
|
|
|
|
$ToBeDeleted=array(2);
|
|
|
|
|
|
|
|
if (is_resource($process)) {
|
|
|
|
//fputs($stderr,"it is a resource\n");
|
|
|
|
// $pipes now looks like this:
|
|
|
|
// 0 => writeable handle connected to child stdin
|
|
|
|
// 1 => readable handle connected to child stdout
|
|
|
|
// Any error output will be appended to /tmp/error-output.txt
|
|
|
|
while (!feof($pipes[1]))
|
|
|
|
{
|
|
|
|
$buffer = fgets($pipes[1], 4096);
|
|
|
|
echo $buffer;
|
|
|
|
|
|
|
|
if($buffer == "[GNUPG:] GET_BOOL keyedit.sign_all.okay\n")
|
|
|
|
{
|
|
|
|
fprintf($pipes[0],"yes\n");
|
|
|
|
}
|
|
|
|
elseif($buffer == "[GNUPG:] GOT_IT\n")
|
|
|
|
{
|
|
|
|
}
|
|
|
|
elseif(ereg("^\[GNUPG:\] GET_BOOL keyedit\.remove\.uid\.okay\s*",$buffer))
|
|
|
|
{
|
|
|
|
fprintf($pipes[0],"yes\n");
|
|
|
|
}
|
|
|
|
elseif($buffer == "[GNUPG:] GET_LINE keyedit.prompt")
|
|
|
|
{
|
|
|
|
if(count($ToBeDeleted)>0)
|
|
|
|
{
|
|
|
|
fprintf($pipes[0],pop($ToBeDeleted)."\n");
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
fprintf($pipes[0],$state?"save\n":"deluid\n");
|
|
|
|
$state++;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
elseif($buffer == "[GNUPG:] GOOD_PASSPHRASE\n")
|
|
|
|
{
|
|
|
|
}
|
|
|
|
elseif(ereg("^\[GNUPG:\] KEYEXPIRED ",$buffer))
|
|
|
|
{
|
|
|
|
echo "Key expired!\n";
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
elseif($buffer == "")
|
|
|
|
{
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
echo "ERROR: UNKNOWN $buffer\n";
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
//echo "Fertig\n";
|
|
|
|
fclose($pipes[0]);
|
|
|
|
|
|
|
|
//echo stream_get_contents($pipes[1]);
|
|
|
|
fclose($pipes[1]);
|
|
|
|
|
|
|
|
// It is important that you close any pipes before calling
|
|
|
|
// proc_close in order to avoid a deadlock
|
|
|
|
$return_value = proc_close($process);
|
|
|
|
|
|
|
|
//echo "command returned $return_value\n";
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
echo "Keine ressource!\n";
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
$do=`gpg --homedir $cwd --batch --export-options export-minimal --export $keyid >../csr/gpg-$id.csr`;
|
|
|
|
|
|
|
|
//echo "Export: $do\n";
|
|
|
|
|
|
|
|
//$fp = fopen("../csr/gpg-$id.csr", "w");
|
|
|
|
//fputs($fp, clean_csr(stripslashes($_REQUEST['CSR'])));
|
|
|
|
//fclose($fp);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2004-11-10 06:12:43 +00:00
|
|
|
mysql_query("update `gpg` set `csr`='../csr/gpg-$id.csr' where `id`='$id'");
|
|
|
|
|
2007-01-28 18:34:05 +00:00
|
|
|
waitForResult('gpg', $id);
|
2004-11-10 06:12:43 +00:00
|
|
|
showheader(_("Welcome to CAcert.org"));
|
|
|
|
$query = "select * from `gpg` where `id`='$id' and `crt`!=''";
|
|
|
|
$res = mysql_query($query);
|
|
|
|
if(mysql_num_rows($res) <= 0)
|
|
|
|
{
|
2006-08-03 13:20:55 +00:00
|
|
|
echo _("Your certificate request has failed to be processed correctly, please try submitting it again.")."<br>\n";
|
|
|
|
echo _("If this is a re-occuring problem, please send a copy of the key you are trying to signed to support@cacert.org. Thank you.");
|
2004-11-10 06:12:43 +00:00
|
|
|
} else {
|
|
|
|
echo "<pre>";
|
|
|
|
readfile("../crt/gpg-$id.crt");
|
|
|
|
echo "</pre>";
|
|
|
|
}
|
|
|
|
|
|
|
|
showfooter();
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
2004-11-18 23:21:15 +00:00
|
|
|
$id = intval($id);
|
|
|
|
$_SESSION['_config']['cert'] = intval($cert);
|
|
|
|
|
2004-11-10 06:12:43 +00:00
|
|
|
showheader(_("Welcome to CAcert.org"));
|
|
|
|
includeit($id, "gpg");
|
|
|
|
showfooter();
|
|
|
|
?>
|