diff options
author | jim-p <jimp@pfsense.org> | 2016-12-12 13:29:33 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2016-12-12 13:29:33 -0500 |
commit | 6d40829b6905bf55c238bffc6c779e9bf063297f (patch) | |
tree | b1d67093f2a00020fb803c864a9b651e91c8ac65 /src/usr/local/www/system_camanager.php | |
parent | d4ed1bd9a86a23ff3d4baed97db32eb90cd21947 (diff) | |
download | pfsense-6d40829b6905bf55c238bffc6c779e9bf063297f.zip pfsense-6d40829b6905bf55c238bffc6c779e9bf063297f.tar.gz |
Fix CA input validation to (again) allow an import without a key. Fixes #7001
Diffstat (limited to 'src/usr/local/www/system_camanager.php')
-rw-r--r-- | src/usr/local/www/system_camanager.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/usr/local/www/system_camanager.php b/src/usr/local/www/system_camanager.php index 0d5c753..f0ff257 100644 --- a/src/usr/local/www/system_camanager.php +++ b/src/usr/local/www/system_camanager.php @@ -175,7 +175,7 @@ if ($_POST) { if ($_POST['key'] && strstr($_POST['key'], "ENCRYPTED")) { $input_errors[] = gettext("Encrypted private keys are not yet supported."); } - if (cert_get_modulus($_POST['cert'], false) != prv_get_modulus($_POST['key'], false)) { + if (!$input_errors && !empty($_POST['key']) && cert_get_modulus($_POST['cert'], false) != prv_get_modulus($_POST['key'], false)) { $input_errors[] = gettext("The submitted private key does not match the submitted certificate data."); } } |