diff options
author | jim-p <jimp@netgate.com> | 2018-08-31 09:22:53 -0400 |
---|---|---|
committer | jim-p <jimp@netgate.com> | 2018-08-31 09:22:53 -0400 |
commit | b5a4633f9ffeb365aba1d8b451f3638b37452b23 (patch) | |
tree | 1c6d93c7081380af8e363fe5fb174bcc95390f0c | |
parent | 463b52b606d98b72cbaeb2f6d3c348689106c414 (diff) | |
download | pfsense-b5a4633f9ffeb365aba1d8b451f3638b37452b23.zip pfsense-b5a4633f9ffeb365aba1d8b451f3638b37452b23.tar.gz |
Use safe_mkdir() for IPsec dirs. Fixes #8856
Simplifies the process of making IPsec dirs, though it may not correct
the original reported issue since that appears to be a disk problem,
it's still better/safer than what was done here before.
-rw-r--r-- | src/etc/inc/vpn.inc | 42 |
1 files changed, 12 insertions, 30 deletions
diff --git a/src/etc/inc/vpn.inc b/src/etc/inc/vpn.inc index 0479b82..bd688e1 100644 --- a/src/etc/inc/vpn.inc +++ b/src/etc/inc/vpn.inc @@ -167,41 +167,23 @@ function vpn_ipsec_configure($restart = false) { $ipsec_vti_cleanup_ifs = array(); /* needed for config files */ - if (!is_dir("{$g['varetc_path']}/ipsec")) { - mkdir("{$g['varetc_path']}/ipsec"); - } - if (!is_dir("{$g['varetc_path']}/ipsec/ipsec.d")) { - mkdir("{$g['varetc_path']}/ipsec/ipsec.d"); - } + safe_mkdir("{$g['varetc_path']}/ipsec"); + safe_mkdir("{$g['varetc_path']}/ipsec/ipsec.d"); + // delete these paths first to ensure old CAs, certs and CRLs aren't left behind. redmine #5238 rmdir_recursive($capath); rmdir_recursive($keypath); rmdir_recursive($crlpath); rmdir_recursive($certpath); - if (!is_dir($capath)) { - mkdir($capath); - } - if (!is_dir($keypath)) { - mkdir($keypath); - } - if (!is_dir($crlpath)) { - mkdir($crlpath); - } - if (!is_dir($certpath)) { - mkdir($certpath); - } - if (!is_dir("{$g['varetc_path']}/ipsec/ipsec.d/aacerts")) { - mkdir("{$g['varetc_path']}/ipsec/ipsec.d/aacerts"); - } - if (!is_dir("{$g['varetc_path']}/ipsec/ipsec.d/acerts")) { - mkdir("{$g['varetc_path']}/ipsec/ipsec.d/acerts"); - } - if (!is_dir("{$g['varetc_path']}/ipsec/ipsec.d/ocspcerts")) { - mkdir("{$g['varetc_path']}/ipsec/ipsec.d/ocspcerts"); - } - if (!is_dir("{$g['varetc_path']}/ipsec/ipsec.d/reqs")) { - mkdir("{$g['varetc_path']}/ipsec/ipsec.d/reqs"); - } + + safe_mkdir($capath); + safe_mkdir($keypath); + safe_mkdir($crlpath); + safe_mkdir($certpath); + safe_mkdir("{$g['varetc_path']}/ipsec/ipsec.d/aacerts"); + safe_mkdir("{$g['varetc_path']}/ipsec/ipsec.d/acerts"); + safe_mkdir("{$g['varetc_path']}/ipsec/ipsec.d/ocspcerts"); + safe_mkdir("{$g['varetc_path']}/ipsec/ipsec.d/reqs"); if (!file_exists("/usr/local/etc/ipsec.d") || !is_link("/usr/local/etc/ipsec.d")) { |