X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2Fcerts%2FCertificateIssueForm.java;h=d07b65d46842b268643e76a321b42663d5b68e08;hp=87cf0e379e750d45f5031e7136b2be8162a4bf83;hb=1db93167c35304e1d56e99dae6aa1cfa83842a2e;hpb=ed2a1041c12f9fcdba56472e1d938bb121166566 diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java index 87cf0e37..d07b65d4 100644 --- a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java +++ b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java @@ -133,11 +133,6 @@ public class CertificateIssueForm extends Form { return result; } - public static String escapeAVA(String value) { - - return value.replace("\\", "\\\\").replace("/", "\\/"); - } - @Override public boolean submit(PrintWriter out, HttpServletRequest req) { String csr = req.getParameter("CSR"); @@ -251,11 +246,14 @@ public class CertificateIssueForm extends Form { selectedDigest = Digest.valueOf(hashAlg); } profile = CertificateProfile.getByName(req.getParameter("profile")); - Organisation neworg = Organisation.getById(Integer.parseInt(req.getParameter("org"))); - if (neworg == null || u.getOrganisations().contains(neworg)) { - org = neworg; - } else { - outputError(out, req, "Selected Organisation is not part of your account."); + String newOrgStr = req.getParameter("org"); + if (newOrgStr != null) { + Organisation neworg = Organisation.getById(Integer.parseInt(newOrgStr)); + if (neworg == null || u.getOrganisations().contains(neworg)) { + org = neworg; + } else { + outputError(out, req, "Selected Organisation is not part of your account."); + } } ou = req.getParameter("OU"); if ( !u.canIssue(profile)) { @@ -292,39 +290,31 @@ public class CertificateIssueForm extends Form { SANs = filteredSANs; if ( !u.isValidName(CN) && !server && !CN.equals(DEFAULT_CN)) { CN = DEFAULT_CN; - outputError(out, req, "The real name entered cannot be verified with your account."); + outputError(out, req, "The name entered, does not match the details in your account. You cannot issue certificates with this name. Enter a name that matches the one that has been assured in your account."); } - final StringBuffer subject = new StringBuffer(); + HashMap subject = new HashMap<>(); if (server && pDNS != null) { - subject.append("/commonName="); - subject.append(escapeAVA(pDNS)); + subject.put("CN", pDNS); if (pMail != null) { outputError(out, req, "No email is included in this certificate."); } if (CN.equals("")) { CN = ""; - outputError(out, req, "No real name is included in this certificate."); + outputError(out, req, "No real name is included in this certificate. The real name, you entered will be ignored."); } } else { - subject.append("/commonName="); - subject.append(escapeAVA(CN)); + subject.put("CN", CN); if (pMail != null) { - subject.append("/emailAddress="); - subject.append(escapeAVA(pMail)); + subject.put("EMAIL", pMail); } } if (org != null) { - subject.append("/O="); - subject.append(escapeAVA(org.getName())); - subject.append("/C="); - subject.append(escapeAVA(org.getState())); - subject.append("/ST="); - subject.append(escapeAVA(org.getProvince())); - subject.append("/L="); - subject.append(escapeAVA(org.getCity())); - subject.append("/OU="); - subject.append(escapeAVA(ou)); + subject.put("O", org.getName()); + subject.put("C", org.getState()); + subject.put("ST", org.getProvince()); + subject.put("L", org.getCity()); + subject.put("OU", ou); } if (req.getParameter("CCA") == null) { outputError(out, req, "You need to accept the CCA."); @@ -333,7 +323,7 @@ public class CertificateIssueForm extends Form { return false; } - result = new Certificate(LoginPage.getUser(req), subject.toString(), selectedDigest.toString(), // + result = new Certificate(LoginPage.getUser(req), subject, selectedDigest.toString(), // this.csr, this.csrType, profile, SANs.toArray(new SubjectAlternateName[SANs.size()])); result.issue(issueDate.getFrom(), issueDate.getTo()).waitFor(60000); return true;