diff options
author | jim-p <jimp@pfsense.org> | 2010-09-01 15:05:33 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2010-09-01 15:06:43 -0400 |
commit | 9ad72e5e30abdae3ff9902e54358ca7850913f8c (patch) | |
tree | aaf3b737e09bcdbc6592a1b436c110519afc29b8 | |
parent | 064e18072d28f6e393db409c71bb7c9c1a086c5f (diff) | |
download | pfsense-9ad72e5e30abdae3ff9902e54358ca7850913f8c.zip pfsense-9ad72e5e30abdae3ff9902e54358ca7850913f8c.tar.gz |
Moving certs and ca out from under system. Provide upgrade code to move existing certs.
-rw-r--r-- | etc/inc/upgrade_config.inc | 56 |
1 files changed, 33 insertions, 23 deletions
diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index e943454..0012cf0 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -1311,10 +1311,10 @@ function upgrade_050_to_051() { function upgrade_051_to_052() { global $config; $config['openvpn'] = array(); - if (!is_array($config['system']['ca'])) - $config['system']['ca'] = array(); - if (!is_array($config['system']['cert'])) - $config['system']['cert'] = array(); + if (!is_array($config['ca'])) + $config['ca'] = array(); + if (!is_array($config['cert'])) + $config['cert'] = array(); $vpnid = 1; @@ -1336,7 +1336,7 @@ function upgrade_051_to_052() { $ca['name'] = "OpenVPN Server CA #{$index}"; $ca['crt'] = $server['ca_cert']; $ca['crl'] = $server['crl']; - $config['system']['ca'][] = $ca; + $config['ca'][] = $ca; /* create ca reference */ unset($server['ca_cert']); @@ -1349,7 +1349,7 @@ function upgrade_051_to_052() { $cert['name'] = "OpenVPN Server Certificate #{$index}"; $cert['crt'] = $server['server_cert']; $cert['prv'] = $server['server_key']; - $config['system']['cert'][] = $cert; + $config['cert'][] = $cert; /* create cert reference */ unset($server['server_cert']); @@ -1466,7 +1466,7 @@ function upgrade_051_to_052() { $ca['name'] = "OpenVPN Client CA #{$index}"; $ca['crt'] = $client['ca_cert']; $ca['crl'] = $client['crl']; - $config['system']['ca'][] = $ca; + $config['ca'][] = $ca; /* create ca reference */ unset($client['ca_cert']); @@ -1479,7 +1479,7 @@ function upgrade_051_to_052() { $cert['name'] = "OpenVPN Client Certificate #{$index}"; $cert['crt'] = $client['client_cert']; $cert['prv'] = $client['client_key']; - $config['system']['cert'][] = $cert; + $config['cert'][] = $cert; /* create cert reference */ unset($client['client_cert']); @@ -1629,10 +1629,10 @@ function upgrade_051_to_052() { function upgrade_052_to_053() { global $config; - if (!is_array($config['system']['ca'])) - $config['system']['ca'] = array(); - if (!is_array($config['system']['cert'])) - $config['system']['cert'] = array(); + if (!is_array($config['ca'])) + $config['ca'] = array(); + if (!is_array($config['cert'])) + $config['cert'] = array(); /* migrate advanced admin page webui ssl to certifcate mngr */ if ($config['system']['webgui']['certificate'] && @@ -1644,7 +1644,7 @@ function upgrade_052_to_053() { $cert['name'] = "webConfigurator SSL Certificate"; $cert['crt'] = $config['system']['webgui']['certificate']; $cert['prv'] = $config['system']['webgui']['private-key']; - $config['system']['cert'][] = $cert; + $config['cert'][] = $cert; /* create cert reference */ unset($config['system']['webgui']['certificate']); @@ -1853,10 +1853,10 @@ function upgrade_054_to_055() { function upgrade_055_to_056() { global $config; - if (!is_array($config['system']['ca'])) - $config['system']['ca'] = array(); - if (!is_array($config['system']['cert'])) - $config['system']['cert'] = array(); + if (!is_array($config['ca'])) + $config['ca'] = array(); + if (!is_array($config['cert'])) + $config['cert'] = array(); /* migrate ipsec ca's to cert manager */ if (is_array($config['ipsec']['cacert'])) { @@ -1868,7 +1868,7 @@ function upgrade_055_to_056() { else $ca['crt'] = $cacert['cert']; $ca['name'] = $cacert['ident']; - $config['system']['ca'][] = $ca; + $config['ca'][] = $ca; } unset($config['ipsec']['cacert']); } @@ -1884,7 +1884,7 @@ function upgrade_055_to_056() { else $cert['crt'] = $ph1ent['cert']; $cert['prv'] = $ph1ent['private-key']; - $config['system']['cert'][] = $cert; + $config['cert'][] = $cert; $ph1ent['certref'] = $cert['refid']; if ($ph1ent['cert']) unset($ph1ent['cert']); @@ -1940,9 +1940,9 @@ function upgrade_058_to_059() { function upgrade_059_to_060() { global $config; require_once("/etc/inc/certs.inc"); - if (is_array($config['system']['ca'])) { + if (is_array($config['ca'])) { /* Locate issuer for all CAs */ - foreach ($config['system']['ca'] as & $ca) { + foreach ($config['ca'] as & $ca) { $subject = cert_get_subject($ca['crt']); $issuer = cert_get_issuer($ca['crt']); if($issuer <> $subject) { @@ -1953,8 +1953,8 @@ function upgrade_059_to_060() { } /* Locate issuer for all certificates */ - if (is_array($config['system']['cert'])) { - foreach ($config['system']['cert'] as & $cert) { + if (is_array($config['cert'])) { + foreach ($config['cert'] as & $cert) { $subject = cert_get_subject($cert['crt']); $issuer = cert_get_issuer($cert['crt']); if($issuer <> $subject) { @@ -2146,4 +2146,14 @@ function upgrade_065_to_066() { } } +function upgrade_066_to_067() { + global $config; + if (isset($config['system']['ca'])) { + $config['ca'] = $config['system']['ca']; + } + if (isset($config['system']['cert'])) { + $config['cert'] = $config['system']['cert']; + } +} + ?> |