Assume a default value of 1 for cert_depth to disallow chaining.

author: jim-p <jimp@pfsense.org> 2011-10-11 11:56:53 -0400
committer: jim-p <jimp@pfsense.org> 2011-10-27 10:28:02 -0400
commit: 41936accf08413ae20e4ffa74cb4e11881edd57b (patch)
tree: 121eec056d9241a09cb9e5cd3508a74624125338 /usr/local/www/vpn_openvpn_server.php
parent: 98963f2771f4ee7ac6c278a1b80f5c5e7ebfaa7d (diff)
download: pfsense-41936accf08413ae20e4ffa74cb4e11881edd57b.zip
pfsense-41936accf08413ae20e4ffa74cb4e11881edd57b.tar.gz
1 files changed, 5 insertions, 1 deletions
diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php
index b70bbf3..a166048 100644
--- a/usr/local/www/vpn_openvpn_server.php
+++ b/usr/local/www/vpn_openvpn_server.php
@@ -95,6 +95,7 @@ if($_GET['act']=="new"){
 	$pconfig['interface'] = "wan";
 	$pconfig['local_port'] = openvpn_port_next('UDP');
 	$pconfig['pool_enable'] = "yes";
+	$pconfig['cert_depth'] = 1;
 }
 
 if($_GET['act']=="edit"){
@@ -123,7 +124,10 @@ if($_GET['act']=="edit"){
 			$pconfig['crlref'] = $a_server[$id]['crlref'];
 			$pconfig['certref'] = $a_server[$id]['certref'];
 			$pconfig['dh_length'] = $a_server[$id]['dh_length'];
-			$pconfig['cert_depth'] = $a_server[$id]['cert_depth'];
+			if (isset($a_server[$id]['cert_depth']))
+				$pconfig['cert_depth'] = $a_server[$id]['cert_depth'];
+			else
+				$pconfig['cert_depth'] = 1;
 			if ($pconfig['mode'] == "server_tls_user")
 				$pconfig['strictusercn'] = $a_server[$id]['strictusercn'];
 		} else
author	jim-p <jimp@pfsense.org>	2011-10-11 11:56:53 -0400
committer	jim-p <jimp@pfsense.org>	2011-10-27 10:28:02 -0400
commit	41936accf08413ae20e4ffa74cb4e11881edd57b (patch)
tree	121eec056d9241a09cb9e5cd3508a74624125338 /usr/local/www/vpn_openvpn_server.php
parent	98963f2771f4ee7ac6c278a1b80f5c5e7ebfaa7d (diff)
download	pfsense-41936accf08413ae20e4ffa74cb4e11881edd57b.zip pfsense-41936accf08413ae20e4ffa74cb4e11881edd57b.tar.gz