X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Fclub%2Fwpia%2Fgigi%2FGigi.java;h=6d8996c97cac5633a1d14b9ef5e7eb953bdc47e5;hp=00993b52aa06fa889cc4185207ca87778479a2a2;hb=e010e578f0e53056972097049110fcab0e11fd34;hpb=e6aca75e8a6b981e05cedcfbca640aedde615c77

diff --git a/src/club/wpia/gigi/Gigi.java b/src/club/wpia/gigi/Gigi.java
index 00993b52..6d8996c9 100644
--- a/src/club/wpia/gigi/Gigi.java
+++ b/src/club/wpia/gigi/Gigi.java
@@ -3,6 +3,7 @@ package club.wpia.gigi;
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.io.UnsupportedEncodingException;
+import java.math.BigInteger;
 import java.security.KeyStore;
 import java.security.cert.X509Certificate;
 import java.util.Calendar;
@@ -66,6 +67,7 @@ import club.wpia.gigi.pages.admin.support.SupportEnterTicketPage;
 import club.wpia.gigi.pages.admin.support.SupportUserDetailsPage;
 import club.wpia.gigi.pages.error.AccessDenied;
 import club.wpia.gigi.pages.error.PageNotFound;
+import club.wpia.gigi.pages.main.CertStatusRequestPage;
 import club.wpia.gigi.pages.main.KeyCompromisePage;
 import club.wpia.gigi.pages.main.RegisterPage;
 import club.wpia.gigi.pages.orga.CreateOrgPage;
@@ -141,6 +143,7 @@ public final class Gigi extends HttpServlet {
             putPage(StatisticsRoles.PATH, new StatisticsRoles(), mainMenu);
             putPage("/about", new AboutPage(), mainMenu);
             putPage(RegisterPage.PATH, new RegisterPage(), mainMenu);
+            putPage(CertStatusRequestPage.PATH, new CertStatusRequestPage(), mainMenu);
             putPage(KeyCompromisePage.PATH, new KeyCompromisePage(), mainMenu);
 
             putPage(Verify.PATH, new Verify(), null);
@@ -357,11 +360,11 @@ public final class Gigi extends HttpServlet {
             return;
         }
         HttpSession hs = req.getSession();
-        String clientSerial = (String) hs.getAttribute(CERT_SERIAL);
+        BigInteger clientSerial = (BigInteger) hs.getAttribute(CERT_SERIAL);
         if (clientSerial != null) {
             X509Certificate[] cert = (X509Certificate[]) req.getAttribute("javax.servlet.request.X509Certificate");
             if (cert == null || cert[0] == null//
-                    || !cert[0].getSerialNumber().toString(16).toLowerCase().equals(clientSerial) //
+                    || !cert[0].getSerialNumber().equals(clientSerial) //
                     || !cert[0].getIssuerDN().equals(hs.getAttribute(CERT_ISSUER))) {
                 hs.invalidate();
                 resp.sendError(403, "Certificate mismatch.");