diff options
| author | jim-p <jimp@pfsense.org> | 2013-01-14 16:27:33 -0500 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2013-01-14 16:28:40 -0500 |
| commit | b2a0a8e939179e2277450135ecaf78724f406934 (patch) | |
| tree | 6b727faa47288077aeb341469fb5bbc0d113fad4 | |
| parent | 02f3e0bb6c987fb6652df33344f3bc619ba30f56 (diff) | |
| download | pfsense-b2a0a8e939179e2277450135ecaf78724f406934.zip pfsense-b2a0a8e939179e2277450135ecaf78724f406934.tar.gz | |
Something in the LDAP libraries has changed and it no longer likes spaces in the CA filename. Use the refid for the CA filename since it will always be unqiue, and it will never contain any spaces, unlike authname or the CA's descr.
| -rw-r--r-- | etc/inc/auth.inc | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 7bd10ad..56a55eb 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -687,14 +687,14 @@ function ldap_setup_caenv($authcfg) { } if (!is_dir("{$g['varrun_path']}/certs")) @mkdir("{$g['varrun_path']}/certs"); - if (file_exists("{$g['varrun_path']}/certs/{$authcfg['name']}.ca")) - @unlink("{$g['varrun_path']}/certs/{$authcfg['name']}.ca"); - file_put_contents("{$g['varrun_path']}/certs/{$authcfg['name']}.ca", base64_decode($caref['crt'])); - @chmod("{$g['varrun_path']}/certs/{$authcfg['name']}.ca", 0600); + if (file_exists("{$g['varrun_path']}/certs/{$caref['refid']}.ca")) + @unlink("{$g['varrun_path']}/certs/{$caref['refid']}.ca"); + file_put_contents("{$g['varrun_path']}/certs/{$caref['refid']}.ca", base64_decode($caref['crt'])); + @chmod("{$g['varrun_path']}/certs/{$caref['refid']}.ca", 0600); putenv('LDAPTLS_REQCERT=hard'); /* XXX: Probably even the hashed link should be created for this? */ putenv("LDAPTLS_CACERTDIR={$g['varrun_path']}/certs"); - putenv("LDAPTLS_CACERT={$g['varrun_path']}/certs/{$authcfg['name']}.ca"); + putenv("LDAPTLS_CACERT={$g['varrun_path']}/certs/{$caref['refid']}.ca"); } } |
