diff options
| author | jim-p <jimp@pfsense.org> | 2017-07-05 12:06:42 -0400 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2017-07-05 13:30:23 -0400 |
| commit | 2e1809ddc3a50f11b88ba12e196b0f62bcb222a7 (patch) | |
| tree | 5bdb17377f581b31a8cb420416595aaa6c039297 /src/etc | |
| parent | 7fbb45be082e3ef6a427ed68aa63fa81e46c9883 (diff) | |
| download | pfsense-2e1809ddc3a50f11b88ba12e196b0f62bcb222a7.zip pfsense-2e1809ddc3a50f11b88ba12e196b0f62bcb222a7.tar.gz | |
Fix some additional cases for CN->SAN handling, and move some code to a function to avoid duplication for other pending uses. Ticket #7666
Diffstat (limited to 'src/etc')
| -rw-r--r-- | src/etc/inc/certs.inc | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/src/etc/inc/certs.inc b/src/etc/inc/certs.inc index b30a607..9e85177 100644 --- a/src/etc/inc/certs.inc +++ b/src/etc/inc/certs.inc @@ -39,6 +39,15 @@ $openssl_crl_status = array( OCSP_REVOKED_STATUS_CERTIFICATEHOLD => "Certificate Hold" ); +global $cert_altname_types; +$cert_altname_types = array( + 'DNS' => gettext('FQDN or Hostname'), + 'IP' => gettext('IP address'), + 'URI' => gettext('URI'), + 'email' => gettext('email address'), +); + + function & lookup_ca($refid) { global $config; @@ -1011,4 +1020,22 @@ function cert_escape_x509_chars($str, $reverse = false) { } } +function cert_add_altname_type($str) { + $type = ""; + if (is_ipaddr($str)) { + $type = "IP"; + } elseif (is_hostname($str)) { + $type = "DNS"; + } elseif (is_URL($str)) { + $type = "URI"; + } elseif (filter_var($str, FILTER_VALIDATE_EMAIL)) { + $type = "email"; + } + if (!empty($type)) { + return "{$type}:" . cert_escape_x509_chars($str); + } else { + return ""; + } +} + ?> |
