diff options
author | Evgeny Yurchenko <ey@tm-k.com> | 2011-06-23 20:28:31 -0400 |
---|---|---|
committer | Evgeny Yurchenko <ey@tm-k.com> | 2011-06-23 20:28:31 -0400 |
commit | 22b380aa6f4b7401b887945262a2e595d03dac26 (patch) | |
tree | 95287ab9963d0ae90c21d01935ac554dc40218b0 /usr/local/www | |
parent | 1b6d9fa59cdc3a284497abb0bfa415741c258d10 (diff) | |
download | pfsense-22b380aa6f4b7401b887945262a2e595d03dac26.zip pfsense-22b380aa6f4b7401b887945262a2e595d03dac26.tar.gz |
Internal cert and CSR creation error handling added.
Diffstat (limited to 'usr/local/www')
-rw-r--r-- | usr/local/www/system_certmanager.php | 23 |
1 files changed, 19 insertions, 4 deletions
diff --git a/usr/local/www/system_certmanager.php b/usr/local/www/system_certmanager.php index 87b8d91..355621b 100644 --- a/usr/local/www/system_certmanager.php +++ b/usr/local/www/system_certmanager.php @@ -240,6 +240,8 @@ if ($_POST) { $cert['descr'] = $pconfig['descr']; + $old_err_level = error_reporting(0); /* otherwise openssl_ functions throw warings directly to a page screwing menu tab */ + if ($pconfig['method'] == "import") cert_import($cert, $pconfig['cert'], $pconfig['key']); @@ -252,8 +254,13 @@ if ($_POST) { 'emailAddress' => $pconfig['dn_email'], 'commonName' => $pconfig['dn_commonname']); - cert_create($cert, $pconfig['caref'], $pconfig['keylen'], - $pconfig['lifetime'], $dn); + if (!cert_create($cert, $pconfig['caref'], $pconfig['keylen'], + $pconfig['lifetime'], $dn)){ + while($ssl_err = openssl_error_string()){ + $input_errors = array(); + array_push($input_errors, "openssl library returns: " . $ssl_err); + } + } } if ($pconfig['method'] == "external") { @@ -265,8 +272,15 @@ if ($_POST) { 'emailAddress' => $pconfig['csr_dn_email'], 'commonName' => $pconfig['csr_dn_commonname']); - csr_generate($cert, $pconfig['csr_keylen'], $dn); + if(!csr_generate($cert, $pconfig['csr_keylen'], $dn)){ + while($ssl_err = openssl_error_string()){ + $input_errors = array(); + array_push($input_errors, "openssl library returns: " . $ssl_err); + } + } } + error_reporting($old_err_level); + if (isset($id) && $a_cert[$id]) $a_cert[$id] = $cert; else @@ -275,7 +289,8 @@ if ($_POST) { $a_user[$userid]['cert'][] = $cert['refid']; } - write_config(); + if (!$input_errors) + write_config(); if ($userid) pfSenseHeader("system_usermanager.php?act=edit&id={$userid}"); |