TSA fixes

Signed-off-by: Janos SUTO <sj@acts.hu>

util/sign.php

@@ -1,11 +1,11 @@
 <?php
 
-define(COUNT, 'count');
+define('COUNT', 'count');
-define(HASH_VALUE, 'hash_value');
+define('HASH_VALUE', 'hash_value');
-define(RESPONSE_STRING, 'response_string');
+define('RESPONSE_STRING', 'response_string');
-define(RESPONSE_TIME, 'response_time');
+define('RESPONSE_TIME', 'response_time');
-define(START_ID, 'start_id');
+define('START_ID', 'start_id');
-define(STOP_ID, 'stop_id');
+define('STOP_ID', 'stop_id');
 
 ini_set("session.save_path", "/tmp");
 
@@ -136,12 +136,12 @@ function get_hash_values() {
 
    if(MODE == 'time') { $stop_id = $start_id + $count - 1; }
 
-   return array(
+   return [
       START_ID => $start_id,
       STOP_ID => $stop_id,
       COUNT => $count,
       HASH_VALUE => sha1($s)
-          );
+   ];
 
 }
 

webui/system/helper/TrustedTimestamps.php

@@ -167,15 +167,24 @@ class TrustedTimestamps
          *
          * every other case (Certificate not found / invalid / openssl is not installed / ts command not known)
          * are being handled the same way -> retcode 1 + any retarray NOT containing "message imprint mismatch"
+         *
+         * For openssl 1.1.x it's 2 lines actually:
+         *
+         * Using configuration from /usr/lib/ssl/openssl.cnf
+         * Verification: OK
+         *
          */
 
-        if ($retcode === 0 && strtolower(trim($retarray[0])) == "verification: ok")
+        if ($retcode === 0) {
-        {
+           foreach ($retarray as $line) {
+              if(strtolower(trim($line)) == "verification: ok") {
                  if (self::getTimestampFromAnswer ($base64_response_string) != $response_time)
                     throw new Exception("The responsetime of the request was changed");
 
                  return true;
               }
+           }
+        }
 
         foreach ($retarray as $retline)
         {
@@ -205,5 +214,3 @@ class TrustedTimestamps
         return $tempfilename;
     }
 }
-
-?>