summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorChris Buechler <cmb@pfsense.org>2015-07-23 00:20:46 -0500
committerChris Buechler <cmb@pfsense.org>2015-07-23 00:20:46 -0500
commitfa944e1dde0bb977608e463b04df4322d6ba6a04 (patch)
treedb311dc8bbf5958431a777ab4d08b17f600c6099
parent85cf3f4f781b63d56ac2ec51fd57eff0c205b706 (diff)
downloadpfsense-fa944e1dde0bb977608e463b04df4322d6ba6a04.zip
pfsense-fa944e1dde0bb977608e463b04df4322d6ba6a04.tar.gz
When a CRL is updated, refresh strongswan's CRLs.
-rw-r--r--usr/local/www/system_crlmanager.php6
1 files changed, 6 insertions, 0 deletions
diff --git a/usr/local/www/system_crlmanager.php b/usr/local/www/system_crlmanager.php
index c1ed823..f444da3 100644
--- a/usr/local/www/system_crlmanager.php
+++ b/usr/local/www/system_crlmanager.php
@@ -149,7 +149,9 @@ if ($act == "addcert") {
if (!$input_errors) {
$reason = (empty($pconfig['crlreason'])) ? OCSP_REVOKED_STATUS_UNSPECIFIED : $pconfig['crlreason'];
cert_revoke($cert, $crl, $reason);
+ // refresh IPsec and OpenVPN CRLs
openvpn_refresh_crls();
+ vpn_ipsec_configure();
write_config("Revoked cert {$cert['descr']} in CRL {$crl['descr']}.");
pfSenseHeader("system_crlmanager.php");
exit;
@@ -177,7 +179,9 @@ if ($act == "delcert") {
$crlname = htmlspecialchars($thiscrl['descr']);
if (cert_unrevoke($thiscert, $thiscrl)) {
$savemsg = sprintf(gettext("Deleted Certificate %s from CRL %s"), $certname, $crlname) . "<br />";
+ // refresh IPsec and OpenVPN CRLs
openvpn_refresh_crls();
+ vpn_ipsec_configure();
write_config(sprintf(gettext("Deleted Certificate %s from CRL %s"), $certname, $crlname));
} else {
$savemsg = sprintf(gettext("Failed to delete Certificate %s from CRL %s"), $certname, $crlname) . "<br />";
@@ -247,7 +251,9 @@ if ($_POST) {
$a_crl[] = $crl;
write_config("Saved CRL {$crl['descr']}");
+ // refresh IPsec and OpenVPN CRLs
openvpn_refresh_crls();
+ vpn_ipsec_configure();
pfSenseHeader("system_crlmanager.php");
}
}
OpenPOWER on IntegriCloud