"Replace all backtick operators with calls to runCommand() or shell_exec()"
This commit is contained in:
Wytze van der Raay
parent
ca2fe0bc16
commit
4f70392a23
9 changed files with 41 additions and 34 deletions
|
|
@ -402,7 +402,7 @@ function buildSubjectFromSession() {
|
|||
fclose($fp);
|
||||
$challenge=$_SESSION['spkac_hash'];
|
||||
$CSRname_esc = escapeshellarg($CSRname);
|
||||
$res=`openssl spkac -verify -in $CSRname_esc`;
|
||||
$res=shell_exec("openssl spkac -verify -in $CSRname_esc");
|
||||
if(!strstr($res,"Challenge String: ".$challenge))
|
||||
{
|
||||
$id = $oldid;
|
||||
|
|
@ -466,7 +466,7 @@ function buildSubjectFromSession() {
|
|||
$tmpname = tempnam("/tmp", "id4csr");
|
||||
$tmpfname_esc = escapeshellarg($tmpfname);
|
||||
$tmpname_esc = escapeshellarg($tmpname);
|
||||
$do = `/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc`; // -subj "$csr"`;
|
||||
$do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc"); // -subj "$csr";
|
||||
@unlink($tmpfname);
|
||||
$csr = "";
|
||||
$fp = fopen($tmpname, "r");
|
||||
|
|
@ -570,7 +570,7 @@ function buildSubjectFromSession() {
|
|||
$addy = array();
|
||||
$adds = array();
|
||||
if(strtolower(substr($newdom, -4, 3)) != ".jp")
|
||||
$adds = explode("\n", trim(`/usr/bin/whois $newdom|grep "@"`));
|
||||
$adds = explode("\n", trim(shell_exec("/usr/bin/whois $newdom|grep \"@\"")));
|
||||
if(substr($newdomain, -4) == ".org" || substr($newdomain, -5) == ".info")
|
||||
{
|
||||
if(is_array($adds))
|
||||
|
|
@ -740,8 +740,8 @@ function buildSubjectFromSession() {
|
|||
fputs($fp, $CSR);
|
||||
fclose($fp);
|
||||
$CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
|
||||
$_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep "Subject:"`);
|
||||
$bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
|
||||
$_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
|
||||
$bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
|
||||
foreach($bits as $val)
|
||||
{
|
||||
$_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
|
||||
|
|
@ -911,8 +911,8 @@ function buildSubjectFromSession() {
|
|||
$newfile=generatecertpath("csr","server",$newid);
|
||||
copy($row['csr_name'], $newfile);
|
||||
$newfile_esc = escapeshellarg($newfile);
|
||||
$_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d "\\0"|grep "Subject:"`);
|
||||
$bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
|
||||
$_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep \"Subject:\""));
|
||||
$bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $newfile_esc |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
|
||||
foreach($bits as $val)
|
||||
{
|
||||
$_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
|
||||
|
|
@ -942,7 +942,7 @@ function buildSubjectFromSession() {
|
|||
} else {
|
||||
$drow = mysql_fetch_assoc($res);
|
||||
$crt_name = escapeshellarg($drow['crt_name']);
|
||||
$cert = `/usr/bin/openssl x509 -in $crt_name`;
|
||||
$cert = shell_exec("/usr/bin/openssl x509 -in $crt_name");
|
||||
echo "<pre>\n$cert\n</pre>\n";
|
||||
}
|
||||
}
|
||||
|
|
@ -1549,7 +1549,7 @@ function buildSubjectFromSession() {
|
|||
fclose($fp);
|
||||
$challenge=$_SESSION['spkac_hash'];
|
||||
$CSRname_esc = escapeshellarg($CSRname);
|
||||
$res=`openssl spkac -verify -in $CSRname_esc`;
|
||||
$res=shell_exec("openssl spkac -verify -in $CSRname_esc");
|
||||
if(!strstr($res,"Challenge String: ".$challenge))
|
||||
{
|
||||
$id = $oldid;
|
||||
|
|
@ -1603,7 +1603,7 @@ function buildSubjectFromSession() {
|
|||
$tmpname = tempnam("/tmp", "id17csr");
|
||||
$tmpfname_esc = escapeshellarg($tmpfname);
|
||||
$tmpname_esc = escapeshellarg($tmpname);
|
||||
$do = `/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc`;
|
||||
$do = shell_exec("/usr/bin/openssl req -in $tmpfname_esc -out $tmpname_esc");
|
||||
@unlink($tmpfname);
|
||||
$csr = "";
|
||||
$fp = fopen($tmpname, "r");
|
||||
|
|
@ -1857,8 +1857,8 @@ function buildSubjectFromSession() {
|
|||
fputs($fp, $CSR);
|
||||
fclose($fp);
|
||||
$CSR = escapeshellarg($_SESSION['_config']['tmpfname']);
|
||||
$_SESSION['_config']['subject'] = trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep "Subject:"`);
|
||||
$bits = explode(",", trim(`/usr/bin/openssl req -text -noout -in $CSR |tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
|
||||
$_SESSION['_config']['subject'] = trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep \"Subject:\""));
|
||||
$bits = explode(",", trim(shell_exec("/usr/bin/openssl req -text -noout -in $CSR |tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:")));
|
||||
foreach($bits as $val)
|
||||
{
|
||||
$_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
|
||||
|
|
@ -2081,7 +2081,7 @@ function buildSubjectFromSession() {
|
|||
} else {
|
||||
$drow = mysql_fetch_assoc($res);
|
||||
$crtname = escapeshellarg($drow['crt_name']);
|
||||
$cert = `/usr/bin/openssl x509 -in $crtname`;
|
||||
$cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
|
||||
echo "<pre>\n$cert\n</pre>\n";
|
||||
}
|
||||
}
|
||||
|
|
@ -2802,8 +2802,10 @@ function buildSubjectFromSession() {
|
|||
{
|
||||
$CSR = clean_csr($CSR);
|
||||
$_SESSION['_config']['CSR'] = $CSR;
|
||||
$_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text -noout|tr -d "\\0"|grep "Subject:"`);
|
||||
$bits = explode(",", trim(`echo "$CSR"|/usr/bin/openssl req -text -noout|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
|
||||
runCommand("/usr/bin/openssl req -text -noout|tr -d \"\\0\"|grep \"Subject:\"", $CSR, $CSRSubjects);
|
||||
runCommand("/usr/bin/openssl req -text -noout|tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:", $CSR, $CSRAlts);
|
||||
$_SESSION['_config']['subject'] = trim($CSRSubjects);
|
||||
$bits = explode(",", trim($CSRAlts));
|
||||
foreach($bits as $val)
|
||||
{
|
||||
$_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
|
||||
|
|
@ -2827,8 +2829,11 @@ function buildSubjectFromSession() {
|
|||
if($process != "" && $oldid == 46)
|
||||
{
|
||||
$CSR = clean_csr($_SESSION['_config']['CSR']);
|
||||
$_SESSION['_config']['subject'] = trim(`echo "$CSR"|/usr/bin/openssl req -text -noout|tr -d "\\0"|grep "Subject:"`);
|
||||
$bits = explode(",", trim(`echo "$CSR"|/usr/bin/openssl req -text -noout|tr -d "\\0"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:`));
|
||||
runCommand("/usr/bin/openssl req -text -noout|tr -d \"\\0\"|grep \"Subject:\"", $CSR, $CSRSubjects);
|
||||
runCommand("/usr/bin/openssl req -text -noout|tr -d \"\\0\"|grep -A1 'X509v3 Subject Alternative Name:'|grep DNS:", $CSR, $CSRAlts);
|
||||
|
||||
$_SESSION['_config']['subject'] = trim($CSRSubjects);
|
||||
$bits = explode(",", trim($CSRAlts));
|
||||
foreach($bits as $val)
|
||||
{
|
||||
$_SESSION['_config']['subject'] .= "/subjectAltName=".trim($val);
|
||||
|
|
|
|||
|
|
@ -219,7 +219,7 @@
|
|||
//echo "Points due to name matches: $points<br/>";
|
||||
|
||||
$shellpwd = escapeshellarg($pwd);
|
||||
$do = `grep -F -- $shellpwd /usr/share/dict/american-english`;
|
||||
$do = shell_exec("grep -F -- $shellpwd /usr/share/dict/american-english");
|
||||
if($do)
|
||||
$points--;
|
||||
|
||||
|
|
@ -527,7 +527,8 @@
|
|||
$fp = fopen($tmpfname, "w");
|
||||
fputs($fp, $message);
|
||||
fclose($fp);
|
||||
$do = `/usr/bin/gpg --homedir /home/gpg --clearsign "$tmpfname"|/usr/sbin/sendmail "$to"`;
|
||||
$to_esc = escapeshellarg($to);
|
||||
$do = shell_exec("/usr/bin/gpg --homedir /home/gpg --clearsign \"$tmpfname\"|/usr/sbin/sendmail ".$to_esc);
|
||||
@unlink($tmpfname);
|
||||
}
|
||||
|
||||
|
|
@ -538,9 +539,9 @@
|
|||
{
|
||||
list($username,$domain)=explode('@',$email,2);
|
||||
$dom = escapeshellarg($domain);
|
||||
$line = trim(`dig +short MX $dom 2>&1`);
|
||||
$line = trim(shell_exec("dig +short MX $dom 2>&1"));
|
||||
#echo $email."-$dom-$line-\n";
|
||||
#echo `dig +short mx heise.de 2>&1`."-<br>\n";
|
||||
#echo shell_exec("dig +short mx heise.de 2>&1")."-<br>\n";
|
||||
|
||||
$list = explode("\n", $line);
|
||||
foreach($list as $row) {
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@
|
|||
}
|
||||
$row = mysql_fetch_assoc($res);
|
||||
$crtname=escapeshellarg($row['crt_name']);
|
||||
$cert = `/usr/bin/openssl x509 -in $crtname`;
|
||||
$cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
|
||||
?>
|
||||
<h3><?=_("Below is your Server Certificate")?></h3>
|
||||
<pre>
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@
|
|||
}
|
||||
$row = mysql_fetch_assoc($res);
|
||||
$crtname=escapeshellarg($row['crt_name']);
|
||||
$cert = `/usr/bin/openssl x509 -in $crtname`;
|
||||
$cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
|
||||
|
||||
if($row['keytype'] == "NS")
|
||||
{
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@
|
|||
}
|
||||
$row = mysql_fetch_assoc($res);
|
||||
$crtname=escapeshellarg($row['crt_name']);
|
||||
$cert = `/usr/bin/openssl x509 -in $crtname`;
|
||||
$cert = shell_exec("/usr/bin/openssl x509 -in $crtname");
|
||||
?>
|
||||
<h3><?=_("Below is your Server Certificate")?></h3>
|
||||
<pre>
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ if (array_key_exists('format', $_REQUEST)) {
|
|||
}
|
||||
|
||||
$crtname=escapeshellarg($row['crt_name']);
|
||||
$cert = `/usr/bin/openssl x509 -in $crtname $outform`;
|
||||
$cert = shell_exec("/usr/bin/openssl x509 -in $crtname $outform");
|
||||
|
||||
header("Content-Type: application/pkix-cert");
|
||||
header("Content-Length: ".strlen($cert));
|
||||
|
|
@ -82,7 +82,7 @@ if (array_key_exists('format', $_REQUEST)) {
|
|||
} else {
|
||||
// All other browsers
|
||||
$crtname=escapeshellarg($row['crt_name']);
|
||||
$cert = `/usr/bin/openssl x509 -in $crtname -outform DER`;
|
||||
$cert = shell_exec("/usr/bin/openssl x509 -in $crtname -outform DER");
|
||||
|
||||
header("Content-Type: application/x-x509-user-cert");
|
||||
header("Content-Length: ".strlen($cert));
|
||||
|
|
@ -111,7 +111,7 @@ if (array_key_exists('format', $_REQUEST)) {
|
|||
|
||||
// Allow to directly copy and paste the cert in PEM format
|
||||
$crtname=escapeshellarg($row['crt_name']);
|
||||
$cert = `/usr/bin/openssl x509 -in $crtname -outform PEM`;
|
||||
$cert = shell_exec("/usr/bin/openssl x509 -in $crtname -outform PEM");
|
||||
echo "<pre>$cert</pre>";
|
||||
|
||||
?>
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
#!/usr/bin/php -q
|
||||
<? /*
|
||||
<?php /*
|
||||
LibreSSL - CAcert web application
|
||||
Copyright (C) 2004-2008 CAcert Inc.
|
||||
|
||||
|
|
@ -18,6 +18,7 @@
|
|||
*/
|
||||
|
||||
require_once(dirname(__FILE__).'/../../includes/mysql.php');
|
||||
require_once(dirname(__FILE__).'/../../includes/lib/general.php');
|
||||
|
||||
$days = array("1" => "3", "15" => "2", "30" => "1", "45" => "0");
|
||||
|
||||
|
|
@ -39,7 +40,7 @@
|
|||
$row['crt_name'] = str_replace("../", "www/", $row['crt_name']);
|
||||
$row['crt_name'] = "/home/cacert/".$row['crt_name'];
|
||||
$crt_name = escapeshellarg($row['crt_name']);
|
||||
$subject = `openssl x509 -in $crt_name -text -noout|grep Subject:`;
|
||||
$subject = runCommand("openssl x509 -in $crt_name -text -noout|grep Subject:");
|
||||
$bits = explode("/", $subject);
|
||||
foreach($bits as $val)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -75,7 +75,7 @@ require_once '../../includes/lib/check_weak_key.php';
|
|||
fclose($fp);
|
||||
$incsr_esc = escapeshellarg($incsr);
|
||||
$checkedcsr_esc = escapeshellarg($checkedcsr);
|
||||
$do = `/usr/bin/openssl req -in $incsr_esc -out $checkedcsr_esc`;
|
||||
$do = shell_exec("/usr/bin/openssl req -in $incsr_esc -out $checkedcsr_esc");
|
||||
@unlink($incsr);
|
||||
if(filesize($checkedcsr) <= 0)
|
||||
die("404,Invalid or missing CSR");
|
||||
|
|
@ -97,7 +97,7 @@ require_once '../../includes/lib/check_weak_key.php';
|
|||
foreach($emails as $emailid => $email)
|
||||
mysql_query("insert into `emaillink` set `emailcertsid`='$certid', `emailid`='".intval($emailid)."'");
|
||||
|
||||
$do = `../../scripts/runclient`;
|
||||
$do = shell_exec("../../scripts/runclient");
|
||||
sleep(10); // THIS IS BROKEN AND SHOULD BE FIXED
|
||||
$query = "select * from `emailcerts` where `id`='$certid' and `crt_name` != ''";
|
||||
$res = mysql_query($query);
|
||||
|
|
|
|||
|
|
@ -112,7 +112,7 @@ function verifyEmail($email)
|
|||
clean_gpgcsr($CSR),
|
||||
$gpg);
|
||||
|
||||
`rm -r $tmpdir`;
|
||||
shell_exec("rm -r $tmpdir");
|
||||
}
|
||||
|
||||
if ($err)
|
||||
|
|
@ -340,7 +340,7 @@ function verifyEmail($email)
|
|||
|
||||
|
||||
$cmd_keyid = escapeshellarg($keyid);
|
||||
$gpg = trim(`gpg --homedir $cwd --with-colons --fixed-list-mode --list-keys $cmd_keyid 2>&1`);
|
||||
$gpg = trim(shell_exec("gpg --homedir $cwd --with-colons --fixed-list-mode --list-keys $cmd_keyid 2>&1"));
|
||||
$lines = "";
|
||||
$gpgarr = explode("\n", $gpg);
|
||||
foreach($gpgarr as $line)
|
||||
|
|
@ -525,7 +525,7 @@ function verifyEmail($email)
|
|||
|
||||
$csrname=generatecertpath("csr","gpg",$insert_id);
|
||||
$cmd_keyid = escapeshellarg($keyid);
|
||||
$do=`gpg --homedir $cwd --batch --export-options export-minimal --export $cmd_keyid >$csrname`;
|
||||
$do=shell_exec("gpg --homedir $cwd --batch --export-options export-minimal --export $cmd_keyid >$csrname");
|
||||
|
||||
mysql_query("update `gpg` set `csr`='$csrname' where `id`='$insert_id'");
|
||||
waitForResult('gpg', $insert_id);
|
||||
|
|
|
|||
Loading…
Reference in a new issue