diff options
| -rw-r--r-- | README.md | 11 | ||||
| -rw-r--r-- | functions/crl.php | 10 |
2 files changed, 16 insertions, 5 deletions
@@ -4,6 +4,17 @@ Simple PHP script which decodes an SSL connection or certificate and displays in ### Features +* Tries to give all the information you need instead of a rating. +* Open source, so you can self host it. +* Shows the entire certificate chain. +* Allows to paste a CRL/Cert +* Validates the certificate, chain, CRL and OCSP (of every cert in the chain) +* Has easy copy-pastable PEM versions of certs +* Ciphersuite enumeration as an option. +* Fast. + +### Features + - Connection information - Decodes CSR - Decodes Certificates diff --git a/functions/crl.php b/functions/crl.php index 3b76ed9..362a01c 100644 --- a/functions/crl.php +++ b/functions/crl.php @@ -43,16 +43,16 @@ function crl_verify($raw_cert_data, $verbose=true) { echo '<pre>Curl error: ' . htmlspecialchars(curl_error($ch)) ."</pre>"; } curl_close($ch); - if(stat("/tmp/" . $random_blurp . "." . $key . ".crl")['size'] < 10 ) { + if(stat("/tmp/" . $random_blurp . "." . escapeshellcmd($key) . ".crl")['size'] < 10 ) { return false; } - $crl_text = shell_exec("openssl crl -noout -text -inform der -in /tmp/" . $random_blurp . "." . $key . ".crl 2>&1"); + $crl_text = shell_exec("openssl crl -noout -text -inform der -in /tmp/" . $random_blurp . "." . escapeshellcmd($key) . ".crl 2>&1"); - $crl_last_update = shell_exec("openssl crl -noout -lastupdate -inform der -in /tmp/" . $random_blurp . "." . $key . ".crl"); + $crl_last_update = shell_exec("openssl crl -noout -lastupdate -inform der -in /tmp/" . $random_blurp . "." . escapeshellcmd($key) . ".crl"); - $crl_next_update = shell_exec("openssl crl -noout -nextupdate -inform der -in /tmp/" . $random_blurp . "." . $key . ".crl"); + $crl_next_update = shell_exec("openssl crl -noout -nextupdate -inform der -in /tmp/" . $random_blurp . "." . escapeshellcmd($key) . ".crl"); - unlink("/tmp/" . $random_blurp . "." . $key . ".crl"); + unlink("/tmp/" . $random_blurp . "." . escapeshellcmd($key) . ".crl"); if ( strpos($crl_text, "unable to load CRL") === 0 ) { if ( $verbose ) { |