From 8de8bfb8712855ee391c3702604f2acb6ffa124e Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <fox@madoka.volgo-balt.ru>
Date: Mon, 28 Mar 2011 09:45:23 +0400
Subject: authenticate against a hash of identifyable information from
 certificate instead of only serial (refs #324)

---
 modules/pref-prefs.php | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

(limited to 'modules/pref-prefs.php')

diff --git a/modules/pref-prefs.php b/modules/pref-prefs.php
index 1a2b2cd77..ab54ea174 100644
--- a/modules/pref-prefs.php
+++ b/modules/pref-prefs.php
@@ -435,17 +435,21 @@
 				} else if ($pref_name == "SSL_CERT_SERIAL") {
 
 					print "<input dojoType=\"dijit.form.ValidationTextBox\"
-						id=\"SSL_CERT_SERIAL\"
+						id=\"SSL_CERT_SERIAL\" readonly=\"1\"
 						name=\"$pref_name\" value=\"$value\">";
 
-					$cert_serial = htmlspecialchars($_SERVER["REDIRECT_SSL_CLIENT_M_SERIAL"]);
+					$cert_serial = htmlspecialchars(get_ssl_certificate_id());
 
 					if ($cert_serial) {
 						print " <button dojoType=\"dijit.form.Button\"
 							onclick=\"insertSSLserial('$cert_serial')\">" .
-							__('Fill automatically') . "</button>";
+							__('Register') . "</button>";
 					}
 
+					print " <button dojoType=\"dijit.form.Button\"
+						onclick=\"insertSSLserial('')\">" .
+						__('Clear') . "</button>";
+
 				} else {
 					$regexp = ($type_name == 'integer') ? 'regexp="^\d*$"' : '';
 
-- 
cgit v1.2.3