summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2017-03-08 09:57:19 -0500
committerjim-p <jimp@pfsense.org>2017-03-08 09:58:23 -0500
commit505c08631efd901112203bb735394025a222c639 (patch)
treeb5b1f21fb5020b0b4e0a53afb596277424b1be07
parent939e4b6a43a0137fd12549e53b589ea630cf9152 (diff)
downloadpfsense-505c08631efd901112203bb735394025a222c639.zip
pfsense-505c08631efd901112203bb735394025a222c639.tar.gz
Fix display of openssl errors when working with CA or certificate entries. Found this while looking into ticket #7370
-rw-r--r--src/usr/local/www/system_camanager.php15
-rw-r--r--src/usr/local/www/system_certmanager.php12
2 files changed, 17 insertions, 10 deletions
diff --git a/src/usr/local/www/system_camanager.php b/src/usr/local/www/system_camanager.php
index d20d14d..28d2fa5 100644
--- a/src/usr/local/www/system_camanager.php
+++ b/src/usr/local/www/system_camanager.php
@@ -305,9 +305,11 @@ if ($_POST) {
$dn['organizationalUnitName'] = $pconfig['dn_organizationalunit'];
}
if (!ca_create($ca, $pconfig['keylen'], $pconfig['lifetime'], $dn, $pconfig['digest_alg'])) {
+ $input_errors = array();
while ($ssl_err = openssl_error_string()) {
- $input_errors = array();
- array_push($input_errors, "openssl library returns: " . $ssl_err);
+ if (strpos($ssl_err, 'NCONF_get_string:no value') === false) {
+ array_push($input_errors, "openssl library returns: " . $ssl_err);
+ }
}
}
} else if ($pconfig['method'] == "intermediate") {
@@ -322,9 +324,11 @@ if ($_POST) {
$dn['organizationalUnitName'] = $pconfig['dn_organizationalunit'];
}
if (!ca_inter_create($ca, $pconfig['keylen'], $pconfig['lifetime'], $dn, $pconfig['caref'], $pconfig['digest_alg'])) {
+ $input_errors = array();
while ($ssl_err = openssl_error_string()) {
- $input_errors = array();
- array_push($input_errors, "openssl library returns: " . $ssl_err);
+ if (strpos($ssl_err, 'NCONF_get_string:no value') === false) {
+ array_push($input_errors, "openssl library returns: " . $ssl_err);
+ }
}
}
}
@@ -339,9 +343,8 @@ if ($_POST) {
if (!$input_errors) {
write_config();
+ pfSenseHeader("system_camanager.php");
}
-
- pfSenseHeader("system_camanager.php");
}
}
diff --git a/src/usr/local/www/system_certmanager.php b/src/usr/local/www/system_certmanager.php
index a8ee194..d6684ef 100644
--- a/src/usr/local/www/system_certmanager.php
+++ b/src/usr/local/www/system_certmanager.php
@@ -436,9 +436,11 @@ if ($_POST) {
}
if (!cert_create($cert, $pconfig['caref'], $pconfig['keylen'], $pconfig['lifetime'], $dn, $pconfig['type'], $pconfig['digest_alg'])) {
+ $input_errors = array();
while ($ssl_err = openssl_error_string()) {
- $input_errors = array();
- array_push($input_errors, "openssl library returns: " . $ssl_err);
+ if (strpos($ssl_err, 'NCONF_get_string:no value') === false) {
+ array_push($input_errors, "openssl library returns: " . $ssl_err);
+ }
}
}
}
@@ -463,9 +465,11 @@ if ($_POST) {
}
if (!csr_generate($cert, $pconfig['csr_keylen'], $dn, $pconfig['csr_digest_alg'])) {
+ $input_errors = array();
while ($ssl_err = openssl_error_string()) {
- $input_errors = array();
- array_push($input_errors, "openssl library returns: " . $ssl_err);
+ if (strpos($ssl_err, 'NCONF_get_string:no value') === false) {
+ array_push($input_errors, "openssl library returns: " . $ssl_err);
+ }
}
}
}
OpenPOWER on IntegriCloud