From b8f46d9c412213e02e52555937ce505278b2fac6 Mon Sep 17 00:00:00 2001
From: Wytze van der Raay
Date: Thu, 29 Aug 2013 10:03:50 +0000
Subject: [PATCH] Fix for https://bugs.cacert.org/view.php?id=1017 "Chrome
certificate enrollement"
---
pages/account/6.php | 186 +++++++++++++++++++-------------------------
1 file changed, 78 insertions(+), 108 deletions(-)
diff --git a/pages/account/6.php b/pages/account/6.php
index ae72730..0054b7a 100644
--- a/pages/account/6.php
+++ b/pages/account/6.php
@@ -14,12 +14,15 @@
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
-*/ ?>
-
- $certid = 0; if(array_key_exists('cert',$_REQUEST)) $certid=intval($_REQUEST['cert']);
+*/
+
+// Get certificate information
+$certid = 0;
+if(array_key_exists('cert',$_REQUEST)) {
+ $certid = intval($_REQUEST['cert']);
+}
-// $query = "select * from `emailcerts` where `id`='$certid' and `memid`='".intval($_SESSION['profile']['id'])."'";
- $query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
+$query = "select UNIX_TIMESTAMP(`emailcerts`.`created`) as `created`,
UNIX_TIMESTAMP(`emailcerts`.`expire`) - UNIX_TIMESTAMP() as `timeleft`,
UNIX_TIMESTAMP(`emailcerts`.`expire`) as `expired`,
`emailcerts`.`expire` as `expires`,
@@ -32,123 +35,90 @@
`emailcerts`.`crt_name`,
`emailcerts`.`keytype`,
`emailcerts`.`description`
- from `emailcerts`
- where `emailcerts`.`id`='$certid' and `emailcerts`.`memid`='".intval($_SESSION['profile']['id'])."'";
+ from `emailcerts`
+ where `emailcerts`.`id`='$certid' and
+ `emailcerts`.`memid`='".intval($_SESSION['profile']['id'])."'";
+
+$res = mysql_query($query);
+if(mysql_num_rows($res) <= 0) {
+ showheader(_("My CAcert.org Account!"));
+ echo _("No such certificate attached to your account.");
+ showfooter();
+ exit;
+}
+$row = mysql_fetch_assoc($res);
- $res = mysql_query($query);
- if(mysql_num_rows($res) <= 0)
- {
- showheader(_("My CAcert.org Account!"));
- echo _("No such certificate attached to your account.");
- showfooter();
- exit;
+if (array_key_exists('format', $_REQUEST)) {
+ // Which output format?
+ if ($_REQUEST['format'] === 'der') {
+ $outform = '-outform DER';
+ $extension = 'cer';
+ } else {
+ $outform = '-outform PEM';
+ $extension = 'crt';
}
- $row = mysql_fetch_assoc($res);
$crtname=escapeshellarg($row['crt_name']);
- $cert = `/usr/bin/openssl x509 -in $crtname`;
-
- if($row['keytype'] == "NS")
- {
- if(array_key_exists('install',$_REQUEST) && $_REQUEST['install'] == 1)
- {
- header("Content-Type: application/x-x509-user-cert");
- header("Content-Length: ".strlen($cert));
- $fname=sanitizeFilename($row['CN']);
- if($fname=="") $fname="certificate";
- header('Content-Disposition: inline; filename="'.$fname.'.crt"');
- echo $cert;
- exit;
- } else {
- showheader(_("My CAcert.org Account!"));
- echo "
"._("Installing your certificate")."
\n";
- echo "
"._("You are about to install a certificate, if you are using mozilla/netscape based browsers you will not be informed that the certificate was installed successfully, you can go into the options dialog box, security and manage certificates to view if it was installed correctly however.")."
=_("Hit the 'Install your Certificate' button below to install the certificate into MS IE 5.x and above.")?>
+ header("Content-Type: application/pkix-cert");
+ header("Content-Length: ".strlen($cert));
-
-