diff options
| author | jim-p <jimp@pfsense.org> | 2017-03-08 10:03:19 -0500 |
|---|---|---|
| committer | jim-p <jimp@pfsense.org> | 2017-03-08 10:03:19 -0500 |
| commit | 841418461212fd2eb985553122642a5cc758246b (patch) | |
| tree | 5d1c09a214f952da368618d2156228ea3f50cdfb /src/usr/local | |
| parent | 5ce9bcf5edf5e6b3ba8acfb3538bbb4979f0cac0 (diff) | |
| download | pfsense-841418461212fd2eb985553122642a5cc758246b.zip pfsense-841418461212fd2eb985553122642a5cc758246b.tar.gz | |
Remove whirlpool from the list of CA/Cert digest algorithms as it does not work properly. OpenSSL claims it's not valid ("unknown signature algorithm"). Fixes #7370
While I'm here, stop needlessly repeating the algo list, it's a global in certs.inc, so use that single copy of the list.
Diffstat (limited to 'src/usr/local')
| -rw-r--r-- | src/usr/local/www/system_camanager.php | 2 | ||||
| -rw-r--r-- | src/usr/local/www/system_certmanager.php | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/src/usr/local/www/system_camanager.php b/src/usr/local/www/system_camanager.php index 99bc84e..997ca8e 100644 --- a/src/usr/local/www/system_camanager.php +++ b/src/usr/local/www/system_camanager.php @@ -36,7 +36,7 @@ $ca_methods = array( "intermediate" => gettext("Create an intermediate Certificate Authority")); $ca_keylens = array("512", "1024", "2048", "3072", "4096", "7680", "8192", "15360", "16384"); -$openssl_digest_algs = array("sha1", "sha224", "sha256", "sha384", "sha512", "whirlpool"); +global $openssl_digest_algs; if (isset($_REQUEST['id']) && is_numericint($_REQUEST['id'])) { $id = $_REQUEST['id']; diff --git a/src/usr/local/www/system_certmanager.php b/src/usr/local/www/system_certmanager.php index fb5c5be..777d416 100644 --- a/src/usr/local/www/system_certmanager.php +++ b/src/usr/local/www/system_certmanager.php @@ -42,7 +42,7 @@ $cert_types = array( "user" => "User Certificate"); $altname_types = array("DNS", "IP", "email", "URI"); -$openssl_digest_algs = array("sha1", "sha224", "sha256", "sha384", "sha512", "whirlpool"); +global $openssl_digest_algs; if (isset($_REQUEST['userid']) && is_numericint($_REQUEST['userid'])) { $userid = $_REQUEST['userid']; |
