diff options
author | Evgeny Yurchenko <ey@tm-k.com> | 2011-06-23 20:05:35 -0400 |
---|---|---|
committer | Evgeny Yurchenko <ey@tm-k.com> | 2011-06-23 20:05:35 -0400 |
commit | 1b6d9fa59cdc3a284497abb0bfa415741c258d10 (patch) | |
tree | b6bb43ade136bc7924db4490998c6e60027cdcff /etc | |
parent | 95c8cf48f9bd72da5371aa01a03a070885411dbf (diff) | |
download | pfsense-1b6d9fa59cdc3a284497abb0bfa415741c258d10.zip pfsense-1b6d9fa59cdc3a284497abb0bfa415741c258d10.tar.gz |
Internal CA creation error handling added.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/certs.inc | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/etc/inc/certs.inc b/etc/inc/certs.inc index 67a3540..b1203cf 100644 --- a/etc/inc/certs.inc +++ b/etc/inc/certs.inc @@ -167,16 +167,20 @@ function ca_create(& $ca, $keylen, $lifetime, $dn) { // generate a new key pair $res_key = openssl_pkey_new($args); + if (!$res_key) return false; // generate a certificate signing request $res_csr = openssl_csr_new($dn, $res_key, $args); + if (!$res_csr) return false; // self sign the certificate $res_crt = openssl_csr_sign($res_csr, null, $res_key, $lifetime, $args); + if (!$res_crt) return false; // export our certificate data - openssl_pkey_export($res_key, $str_key); - openssl_x509_export($res_crt, $str_crt); + if (!openssl_pkey_export($res_key, $str_key) || + !openssl_x509_export($res_crt, $str_crt)) + return false; // return our ca information $ca['crt'] = base64_encode($str_crt); |