View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000117 | Main CAcert Website | GPG/PGP | public | 2006-01-07 06:46 | 2013-01-10 02:44 |
Reporter | Sourcerer | Assigned To | |||
Priority | low | Severity | feature | Reproducibility | always |
Status | needs work | Resolution | open | ||
Summary | 0000117: Key upload through File Upload | ||||
Description | It would be good to be able to upload the Key through the File Upload mechanism instead of Copy&Pasting it. It´s difficult with some editors/operating systems to upload larger keys that way. | ||||
Tags | No tags attached. | ||||
Reviewed by | |||||
Test Instructions | |||||
2007-07-18 14:55
|
cacert-gpgupload.patch (3,276 bytes)
diff -rU3 cacert.orig/pages/gpg/0.php cacert/pages/gpg/0.php --- cacert.orig/pages/gpg/0.php 2007-01-30 15:08:15.000000000 +0100 +++ cacert/pages/gpg/0.php 2007-07-18 13:55:10.000000000 +0200 @@ -20,3 +20,11 @@ <input type="submit" name="process" value="<?=_("Submit")?>"> <input type="hidden" name="oldid" value="<?=$id?>"> </form> + +<p><?=_("Alternatively, you can upload a file containing your key.")?></p> +<p><?=_("DO NOT upload your complete keyring!")?></p> +<form method="post" action="gpg.php" enctype="multipart/form-data"> +<input type="file" name="CSRfile"> +<input type="submit" name="process" value="<?=_("Submit")?>"> +<input type="hidden" name="oldid" value="<?=$id?>"> +</form> diff -rU3 cacert.orig/www/gpg.php cacert/www/gpg.php --- cacert.orig/www/gpg.php 2007-02-07 16:51:20.000000000 +0100 +++ cacert/www/gpg.php 2007-07-18 14:41:12.000000000 +0200 @@ -28,7 +28,7 @@ if($oldid == "0") { - if($_REQUEST['process'] == _("Submit") && $_REQUEST['CSR'] == "") + if($_REQUEST['process'] == _("Submit") && $_REQUEST['CSR'] == "" && $_FILES['CSRfile']['tmp_name'] == "") { $_SESSION['_config']['errmsg'] = _("You failed to paste a valid GPG/PGP key."); $id = $oldid; @@ -38,10 +38,17 @@ $keyid=""; - if($oldid == "0" && $_REQUEST['CSR'] != "") + if($oldid == "0" && ($_REQUEST['CSR'] != "" + || $_FILES['CSRfile']['tmp_name'] != "")) { - $debugkey = $gpgkey = clean_csr(stripslashes($_REQUEST['CSR'])); - $debugpg = $gpg = mysql_real_escape_string(trim(`echo "$gpgkey"|gpg --with-colons --homedir /tmp 2>&1`)); + if ($_REQUEST['CSR'] != "") { + $debugkey = $gpgkey = clean_csr(stripslashes($_REQUEST['CSR'])); + $debugpg = $gpg = mysql_real_escape_string(trim(`echo "$gpgkey"|gpg --with-colons --homedir /tmp 2>&1`)); + } else { + $debugkey = $gpgkey = $_FILES['CSRfile']['tmp_name']; + $debugpg = $gpg = mysql_real_escape_string(trim(`gpg --with-colons --homedir /tmp 2>&1 "$gpgkey"`)); + echo "<pre>\n$gpgkey\n$gpg\n</pre>"; + } $lines = ""; $gpgarr = explode("\n", $gpg); foreach($gpgarr as $line) @@ -140,9 +147,13 @@ unset($oldid); $do = `echo "$debugkey\n--\n$debugpg\n--" >> /www/tmp/gpg.debug`; } + if ($oldid != "0" && $_FILES['CSRfile']['tmp_name'] != "") { + unlink($_FILES['CSRfile']['tmp_name']); + } } - if($oldid == "0" && $_REQUEST['CSR'] != "") + if($oldid == "0" && ($_REQUEST['CSR'] != "" + || $_FILES['CSRfile']['tmp_name'] != "")) { $query = "insert into `gpg` set `memid`='".$_SESSION['profile']['id']."', `email`='".mysql_real_escape_string($emailaddies['0'])."', @@ -156,12 +167,15 @@ $cwd = '/tmp/gpgspace'.$id; mkdir($cwd,0755); - $fp = fopen("$cwd/gpg.csr", "w"); - fputs($fp, clean_csr(stripslashes($_REQUEST['CSR']))); - fclose($fp); - - - system("gpg --homedir $cwd --import $cwd/gpg.csr"); + if ($_REQUEST['CSR'] != "") { + $fp = fopen("$cwd/gpg.csr", "w"); + fputs($fp, clean_csr(stripslashes($_REQUEST['CSR']))); + fclose($fp); + system("gpg --homedir $cwd --import $cwd/gpg.csr"); + } else { + system("gpg --homedir $cwd --import \"$gpgkey\""); + unlink($_FILES['CSRfile']['tmp_name']); + } $descriptorspec = array( 0 => array("pipe", "r"), // stdin is a pipe that the child will read from |
Date Modified | Username | Field | Change |
---|---|---|---|
2006-01-07 06:46 | Sourcerer | New Issue | |
2006-08-17 04:11 | duane | Status | new => needs work |
2006-08-17 04:11 | duane | Assigned To | => duane |
2007-06-25 08:12 | evaldo | Assigned To | duane => |
2007-06-25 08:12 | evaldo | Status | needs work => confirmed |
2007-06-25 08:12 | evaldo | Projection | none => minor fix |
2007-07-18 14:55 | pc | File Added: cacert-gpgupload.patch | |
2012-12-20 18:46 | Werner Dworak | Relationship added | related to 0000060 |
2013-01-10 02:36 | Werner Dworak | Status | confirmed => needs work |
2013-01-10 02:44 | Werner Dworak | Relationship added | related to 0001079 |