From 40198569f8c1805b88505dab41319f07afa348c6 Mon Sep 17 00:00:00 2001 From: root Date: Wed, 7 Feb 2007 13:50:25 +0000 Subject: [PATCH] Improved GnuPG Handling, --export-minimal --- www/gpg.php | 110 +++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 109 insertions(+), 1 deletion(-) diff --git a/www/gpg.php b/www/gpg.php index 0131531..c456a0c 100644 --- a/www/gpg.php +++ b/www/gpg.php @@ -36,6 +36,8 @@ } } + $keyid=""; + if($oldid == "0" && $_REQUEST['CSR'] != "") { $debugkey = $gpgkey = clean_csr(stripslashes($_REQUEST['CSR'])); @@ -150,10 +152,116 @@ mysql_query($query); $id = mysql_insert_id(); - $fp = fopen("../csr/gpg-$id.csr", "w"); + + $cwd = '/tmp/gpgspace'.$id; + mkdir($cwd,0755); + + $fp = fopen("$cwd/gpg.csr", "w"); fputs($fp, clean_csr(stripslashes($_REQUEST['CSR']))); fclose($fp); + + system("gpg --homedir $cwd --import $cwd/gpg.csr"); + + $descriptorspec = array( + 0 => array("pipe", "r"), // stdin is a pipe that the child will read from + 1 => array("pipe", "w"), // stdout is a pipe that the child will write to + 2 => array("pipe", "w") // stderr is a file to write to + ); + + $stderr = fopen('php://stderr', 'w'); + + +//echo "Keyid: $keyid\n"; + + $process = proc_open("/usr/bin/gpg --homedir $cwd --command-fd 0 --status-fd 1 --logger-fd 2 --edit-key $keyid", $descriptorspec, $pipes); + + //echo "Process: $process\n"; + //fputs($stderr,"Process: $process\n"); + $ToBeDeleted=array(2); + + if (is_resource($process)) { + //fputs($stderr,"it is a resource\n"); + // $pipes now looks like this: + // 0 => writeable handle connected to child stdin + // 1 => readable handle connected to child stdout + // Any error output will be appended to /tmp/error-output.txt + while (!feof($pipes[1])) + { + $buffer = fgets($pipes[1], 4096); + echo $buffer; + + if($buffer == "[GNUPG:] GET_BOOL keyedit.sign_all.okay\n") + { + fprintf($pipes[0],"yes\n"); + } + elseif($buffer == "[GNUPG:] GOT_IT\n") + { + } + elseif(ereg("^\[GNUPG:\] GET_BOOL keyedit\.remove\.uid\.okay\s*",$buffer)) + { + fprintf($pipes[0],"yes\n"); + } + elseif($buffer == "[GNUPG:] GET_LINE keyedit.prompt") + { + if(count($ToBeDeleted)>0) + { + fprintf($pipes[0],pop($ToBeDeleted)."\n"); + } + else + { + fprintf($pipes[0],$state?"save\n":"deluid\n"); + $state++; + } + } + elseif($buffer == "[GNUPG:] GOOD_PASSPHRASE\n") + { + } + elseif(ereg("^\[GNUPG:\] KEYEXPIRED ",$buffer)) + { + echo "Key expired!\n"; + exit; + } + elseif($buffer == "") + { + } + else + { + echo "ERROR: UNKNOWN $buffer\n"; + } + + + } + //echo "Fertig\n"; + fclose($pipes[0]); + + //echo stream_get_contents($pipes[1]); + fclose($pipes[1]); + + // It is important that you close any pipes before calling + // proc_close in order to avoid a deadlock + $return_value = proc_close($process); + + //echo "command returned $return_value\n"; + } + else + { + echo "Keine ressource!\n"; + } + + + + $do=`gpg --homedir $cwd --batch --export-options export-minimal --export $keyid >../csr/gpg-$id.csr`; + + //echo "Export: $do\n"; + + //$fp = fopen("../csr/gpg-$id.csr", "w"); + //fputs($fp, clean_csr(stripslashes($_REQUEST['CSR']))); + //fclose($fp); + + + + mysql_query("update `gpg` set `csr`='../csr/gpg-$id.csr' where `id`='$id'"); waitForResult('gpg', $id);