diff options
author | jim-p <jimp@pfsense.org> | 2014-07-02 15:19:00 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2014-07-02 15:20:51 -0400 |
commit | 6916360eb140fb20d5ef997bd2d244bb0a739be6 (patch) | |
tree | 2206b7cd71d767018069d5ee732d0877694331c7 | |
parent | 7c8f3711075d9671eda430b86ac59d6013d12cae (diff) | |
download | pfsense-6916360eb140fb20d5ef997bd2d244bb0a739be6.zip pfsense-6916360eb140fb20d5ef997bd2d244bb0a739be6.tar.gz |
Also check and verify the package server's SSL certificate if using HTTPS. Issue 484
Our current XMLRPC client version doesn't have support on its own to validate this in a way we can use to test in a usable for printing an error message. For now, a cURL query to the XMLRPC URL is used in its place.
-rw-r--r-- | etc/inc/pkg-utils.inc | 48 | ||||
-rw-r--r-- | usr/local/www/pkg_mgr.php | 4 | ||||
-rw-r--r-- | usr/local/www/pkg_mgr_installed.php | 4 | ||||
-rw-r--r-- | usr/local/www/pkg_mgr_settings.php | 4 |
4 files changed, 57 insertions, 3 deletions
diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index 96bdf5f..a820cf9 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -1434,15 +1434,57 @@ function verify_package_server($server) { return false; } +/* Test the package server certificate to ensure that it validates properly */ +function check_package_server_ssl() { + global $g; + $xmlrpcurl = get_active_xml_rpc_base_url() . $g['xmlrpcpath']; + + /* If the package server is using HTTP, we can't verify SSL */ + if (substr($xmlrpcurl, 0, 5) == "http:") { + return "http"; + } + + /* Setup a basic cURL connection. We do not care about the content of + the result, only the SSL verification. */ + $ch = curl_init($xmlrpcurl); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); + curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, '30'); + curl_setopt($ch, CURLOPT_TIMEOUT, 60); + curl_setopt($ch, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); + $result_page = curl_exec($ch); + $verifyfail = curl_getinfo($ch, CURLINFO_SSL_VERIFYRESULT); + curl_close($ch); + + /* The result from curl is 1 on failure, 0 on success. */ + if ($verifyfail == 0) + return true; + else + return false; +} + +/* Keep this message centrally since it will be used several times on pages + in the GUI. */ +function package_server_ssl_failure_message() { + $msg = "The package server's SSL certificate could not be verified. " + . "The SSL certificate itself may be invalid, its chain of trust may " + . "have failed validation, or the server may have been impersonated. " + . "Downloaded packages may come from an untrusted source. " + . "Proceed with caution."; + + return sprintf(gettext($msg), htmlspecialchars(get_active_xml_rpc_base_url())); +} + /* Keep this message centrally since it will be used several times on pages in the GUI. */ function package_server_mismatch_message() { - return sprintf(gettext("The package server currently configured on " + $msg = "The package server currently configured on " . "this firewall (%s) is NOT an official package server. The contents " . "of such servers cannot be verified and may contain malicious files. " . "Return the package server settings to their default values to " - . "ensure that verifiable and trusted packages are received."), - htmlspecialchars(get_active_xml_rpc_base_url())) . '<br/><br/>' + . "ensure that verifiable and trusted packages are received."; + + return sprintf(gettext($msg), htmlspecialchars(get_active_xml_rpc_base_url())) . '<br/><br/>' . '<a href="/pkg_mgr_settings.php">' . gettext("Package Manager Settings") . '</a>'; } diff --git a/usr/local/www/pkg_mgr.php b/usr/local/www/pkg_mgr.php index 79e6961..63e2c75 100644 --- a/usr/local/www/pkg_mgr.php +++ b/usr/local/www/pkg_mgr.php @@ -120,6 +120,10 @@ include("head.inc"); if (!verify_all_package_servers()) print_info_box(package_server_mismatch_message()); + /* Print package server SSL warning. See https://redmine.pfsense.org/issues/484 */ + if (check_package_server_ssl() === false) + print_info_box(package_server_ssl_failure_message()); + if ($savemsg) print_info_box($savemsg); ?> diff --git a/usr/local/www/pkg_mgr_installed.php b/usr/local/www/pkg_mgr_installed.php index 19b5950..17839eb 100644 --- a/usr/local/www/pkg_mgr_installed.php +++ b/usr/local/www/pkg_mgr_installed.php @@ -95,6 +95,10 @@ include("head.inc"); if (!verify_all_package_servers()) print_info_box(package_server_mismatch_message()); ?> + /* Print package server SSL warning. See https://redmine.pfsense.org/issues/484 */ + if (check_package_server_ssl() === false) + print_info_box(package_server_ssl_failure_message()); + <table width="100%" border="0" cellpadding="0" cellspacing="0" summary="packages installed"> <tr> <td> diff --git a/usr/local/www/pkg_mgr_settings.php b/usr/local/www/pkg_mgr_settings.php index 5a8f4ca..cd7fa42 100644 --- a/usr/local/www/pkg_mgr_settings.php +++ b/usr/local/www/pkg_mgr_settings.php @@ -83,6 +83,10 @@ function enable_altpkgrepourl(enable_over) { if (!verify_all_package_servers()) print_info_box(package_server_mismatch_message()); ?> + /* Print package server SSL warning. See https://redmine.pfsense.org/issues/484 */ + if (check_package_server_ssl() === false) + print_info_box(package_server_ssl_failure_message()); + <?php if ($input_errors) print_input_errors($input_errors); ?> <form action="pkg_mgr_settings.php" method="post" name="iform" id="iform"> |