diff options
author | Renato Botelho <renato.botelho@bluepex.com> | 2010-07-08 17:05:48 -0300 |
---|---|---|
committer | Renato Botelho <renato.botelho@bluepex.com> | 2010-07-08 17:05:48 -0300 |
commit | 482b642a4c927f695ad23898d487a73105ccc056 (patch) | |
tree | e2c5237b54bb81b2e19ab0e61e29e1060f808b04 | |
parent | 0651f092405d773060d1cefd1050d0d152f0572a (diff) | |
parent | dab2e7699e8735fc8055b793847a27977950e7ca (diff) | |
download | pfsense-482b642a4c927f695ad23898d487a73105ccc056.zip pfsense-482b642a4c927f695ad23898d487a73105ccc056.tar.gz |
Merge remote branch 'mainline/master' into 1_diag
-rw-r--r-- | etc/inc/certs.inc | 30 | ||||
-rw-r--r-- | usr/local/www/system_camanager.php | 33 | ||||
-rwxr-xr-x | usr/local/www/wizard.php | 12 |
3 files changed, 67 insertions, 8 deletions
diff --git a/etc/inc/certs.inc b/etc/inc/certs.inc index 88fb2b9..763c25d 100644 --- a/etc/inc/certs.inc +++ b/etc/inc/certs.inc @@ -101,10 +101,12 @@ function ca_chain(& $cert) { return ""; } -function ca_import(& $ca, $str) { +function ca_import(& $ca, $str, $key="") { global $config; $ca['crt'] = base64_encode($str); + if (!empty($key)) + $ca['prv'] = base64_encode($key); $subject = cert_get_subject($str, false); $issuer = cert_get_issuer($str, false); @@ -333,4 +335,30 @@ function cert_get_issuer($str_crt, $decode = true) { return $issuer; } +function get_all_user_certs($certsonly=false) { + global $config; + $usercerts = array(); + if (!is_array($config['system']['user'])) + return; + foreach ($config['system']['user'] as $user) { + if (!is_array($user['cert'])) + continue; + foreach ($user['cert'] as $cert) { + $usercerts[] = $certsonly ? $cert['crt'] : $cert; + } + } + return $usercerts; +} + +function get_all_certs_tree() { + global $config; + $cert_tree = array(); + foreach ($config['system']['ca'] as $ca) + $cert_tree[$ca['refid']] = $ca; + $usercerts = get_all_user_certs(); + foreach ($usercerts as $cert) + $cert_tree[$cert['caref']]['certs'][] = $cert; + return $cert_tree; +} + ?> diff --git a/usr/local/www/system_camanager.php b/usr/local/www/system_camanager.php index 0ca9494..7aae43e 100644 --- a/usr/local/www/system_camanager.php +++ b/usr/local/www/system_camanager.php @@ -110,6 +110,24 @@ if ($act == "exp") { exit; } +if ($act == "expkey") { + + if (!$a_ca[$id]) { + pfSenseHeader("system_camanager.php"); + exit; + } + + $exp_name = urlencode("{$a_ca[$id]['name']}.key"); + $exp_data = base64_decode($a_ca[$id]['prv']); + $exp_size = strlen($exp_data); + + header("Content-Type: application/octet-stream"); + header("Content-Disposition: attachment; filename={$exp_name}"); + header("Content-Length: $exp_size"); + echo $exp_data; + exit; +} + if ($_POST) { unset($input_errors); @@ -157,7 +175,7 @@ if ($_POST) { $ca['name'] = $pconfig['name']; if ($pconfig['method'] == "existing") - ca_import($ca, $pconfig['cert']); + ca_import($ca, $pconfig['cert'], $pconfig['key']); if ($pconfig['method'] == "internal") { @@ -275,6 +293,14 @@ function method_change() { <?=gettext("Paste a certificate in X.509 PEM format here.");?></td> </td> </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate Private Key");?><br/><?=gettext("(optional)");?></td> + <td width="78%" class="vtable"> + <textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?=$pconfig['key'];?></textarea> + <br> + <?=gettext("Paste the private key for the above certificate here. This is optional in most cases, but required if you need to generate a Certificate Revocation List (CRL).");?></td> + </td> + </tr> </table> <table width="100%" border="0" cellpadding="6" cellspacing="0" id="internal"> @@ -457,6 +483,11 @@ function method_change() { <a href="system_camanager.php?act=exp&id=<?=$i;?>")"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export ca");?>" alt="<?=gettext("export ca");?>" width="17" height="17" border="0" /> </a> + <?php if ($ca['prv']): ?> + <a href="system_camanager.php?act=expkey&id=<?=$i;?>")"> + <img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("export ca private key");?>" alt="<?=gettext("export ca private key");?>" width="17" height="17" border="0" /> + </a> + <?php endif; ?> <a href="system_camanager.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate Authority and all associated certificates?");?>')"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("delete ca");?>" alt="<?=gettext("delete ca"); ?>" width="17" height="17" border="0" /> </a> diff --git a/usr/local/www/wizard.php b/usr/local/www/wizard.php index 5ba3ff8..800bf30 100755 --- a/usr/local/www/wizard.php +++ b/usr/local/www/wizard.php @@ -36,6 +36,7 @@ ##|-PRIV +require("globals.inc"); require("guiconfig.inc"); require("functions.inc"); require("filter.inc"); @@ -47,6 +48,8 @@ function gentitle_pkg($pgname) { return $config['system']['hostname'] . "." . $config['system']['domain'] . " - " . $pgname; } +global $g; + $stepid = htmlspecialchars($_GET['stepid']); if (isset($_POST['stepid'])) $stepid = htmlspecialchars($_POST['stepid']); @@ -75,9 +78,9 @@ if (!is_array($pkg)) { die; } -$title = $pkg['step'][$stepid]['title']; -$description = $pkg['step'][$stepid]['description']; -$totalsteps = $pkg['totalsteps']; +$title = preg_replace("/pfSense/i", $g['product_name'], $pkg['step'][$stepid]['title']); +$description = preg_replace("/pfSense/i", $g['product_name'], $pkg['step'][$stepid]['description']); +$totalsteps = $pkg['totalsteps']; if ($pkg['includefile']) require_once($pkg['includefile']); @@ -119,9 +122,6 @@ if ($_POST) { $stepid = $totalsteps; } -$title = $pkg['step'][$stepid]['title']; -$description = $pkg['step'][$stepid]['description']; - function update_config_field($field, $updatetext, $unset, $arraynum, $field_type) { global $config; $field_split = split("->",$field); |