X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2Fcerts%2FCertificateIssueForm.java;h=428e39a6439f54480486cdbbc78dc8b5b4811e53;hb=06860e55306d268f5db3c49ac9090c4455752cc0;hp=87cf0e379e750d45f5031e7136b2be8162a4bf83;hpb=ed2a1041c12f9fcdba56472e1d938bb121166566;p=gigi.git diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java index 87cf0e37..428e39a6 100644 --- a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java +++ b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java @@ -30,8 +30,8 @@ import org.cacert.gigi.dbObjects.Organisation; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.CertificateValiditySelector; -import org.cacert.gigi.output.Form; -import org.cacert.gigi.output.template.HashAlgorithms; +import org.cacert.gigi.output.HashAlgorithms; +import org.cacert.gigi.output.template.Form; import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.Template; import org.cacert.gigi.pages.LoginPage; @@ -133,11 +133,6 @@ public class CertificateIssueForm extends Form { return result; } - public static String escapeAVA(String value) { - - return value.replace("\\", "\\\\").replace("/", "\\/"); - } - @Override public boolean submit(PrintWriter out, HttpServletRequest req) { String csr = req.getParameter("CSR"); @@ -251,11 +246,14 @@ public class CertificateIssueForm extends Form { selectedDigest = Digest.valueOf(hashAlg); } profile = CertificateProfile.getByName(req.getParameter("profile")); - Organisation neworg = Organisation.getById(Integer.parseInt(req.getParameter("org"))); - if (neworg == null || u.getOrganisations().contains(neworg)) { - org = neworg; - } else { - outputError(out, req, "Selected Organisation is not part of your account."); + String newOrgStr = req.getParameter("org"); + if (newOrgStr != null) { + Organisation neworg = Organisation.getById(Integer.parseInt(newOrgStr)); + if (neworg == null || u.getOrganisations().contains(neworg)) { + org = neworg; + } else { + outputError(out, req, "Selected Organisation is not part of your account."); + } } ou = req.getParameter("OU"); if ( !u.canIssue(profile)) { @@ -292,39 +290,31 @@ public class CertificateIssueForm extends Form { SANs = filteredSANs; if ( !u.isValidName(CN) && !server && !CN.equals(DEFAULT_CN)) { CN = DEFAULT_CN; - outputError(out, req, "The real name entered cannot be verified with your account."); + outputError(out, req, "The name entered, does not match the details in your account. You cannot issue certificates with this name. Enter a name that matches the one that has been assured in your account."); } - final StringBuffer subject = new StringBuffer(); + HashMap subject = new HashMap<>(); if (server && pDNS != null) { - subject.append("/commonName="); - subject.append(escapeAVA(pDNS)); + subject.put("CN", pDNS); if (pMail != null) { outputError(out, req, "No email is included in this certificate."); } if (CN.equals("")) { CN = ""; - outputError(out, req, "No real name is included in this certificate."); + outputError(out, req, "No real name is included in this certificate. The real name, you entered will be ignored."); } } else { - subject.append("/commonName="); - subject.append(escapeAVA(CN)); + subject.put("CN", CN); if (pMail != null) { - subject.append("/emailAddress="); - subject.append(escapeAVA(pMail)); + subject.put("EMAIL", pMail); } } if (org != null) { - subject.append("/O="); - subject.append(escapeAVA(org.getName())); - subject.append("/C="); - subject.append(escapeAVA(org.getState())); - subject.append("/ST="); - subject.append(escapeAVA(org.getProvince())); - subject.append("/L="); - subject.append(escapeAVA(org.getCity())); - subject.append("/OU="); - subject.append(escapeAVA(ou)); + subject.put("O", org.getName()); + subject.put("C", org.getState()); + subject.put("ST", org.getProvince()); + subject.put("L", org.getCity()); + subject.put("OU", ou); } if (req.getParameter("CCA") == null) { outputError(out, req, "You need to accept the CCA."); @@ -333,7 +323,7 @@ public class CertificateIssueForm extends Form { return false; } - result = new Certificate(LoginPage.getUser(req), subject.toString(), selectedDigest.toString(), // + result = new Certificate(LoginPage.getUser(req), subject, selectedDigest.toString(), // this.csr, this.csrType, profile, SANs.toArray(new SubjectAlternateName[SANs.size()])); result.issue(issueDate.getFrom(), issueDate.getTo()).waitFor(60000); return true;