summaryrefslogtreecommitdiffstats
path: root/usr/local
diff options
context:
space:
mode:
authorjim-p <jimp@pfsense.org>2010-10-21 13:34:09 -0400
committerjim-p <jimp@pfsense.org>2010-10-21 13:34:09 -0400
commitad08687b5575aade26bb6ee4f6e01d3305e3bcc1 (patch)
tree4fa52b34d6d86007bff72cc91d72bfd34c5cdf82 /usr/local
parent9f200d7172d2a1b76c7150c24e0688cae70593ff (diff)
downloadpfsense-ad08687b5575aade26bb6ee4f6e01d3305e3bcc1.zip
pfsense-ad08687b5575aade26bb6ee4f6e01d3305e3bcc1.tar.gz
Add support for deleting a cert from a CRL (unrevoke). As of this point basic CRL functionality does work: Revoke a cert and it cannot connect. Remove it from the CRL and it can. (Have to edit/save OpenVPN server instance to update/refresh CRL though). Ticket #555
Diffstat (limited to 'usr/local')
-rw-r--r--usr/local/www/system_crlmanager.php16
1 files changed, 12 insertions, 4 deletions
diff --git a/usr/local/www/system_crlmanager.php b/usr/local/www/system_crlmanager.php
index 34ecd21..10b80c4 100644
--- a/usr/local/www/system_crlmanager.php
+++ b/usr/local/www/system_crlmanager.php
@@ -80,7 +80,7 @@ if ($act == "del") {
} else {
$name = $a_crl[$id]['descr'];
unset($a_crl[$id]);
- write_config();
+ write_config("Deleted CRL {$name}.");
$savemsg = sprintf(gettext("Certificate Revocation List %s successfully deleted"), $name) . "<br/>";
}
}
@@ -146,16 +146,24 @@ if ($act == "addcert") {
cert_revoke($cert, $crl, OCSP_REVOKED_STATUS_UNSPECIFIED);
write_config("Revoked cert {$cert['descr']} in CRL {$crl['descr']}.");
pfSenseHeader("system_crlmanager.php");
+ exit;
}
}
}
// Not Finished Yet!
if ($act == "delcert") {
- if (!$a_crl[$id]) {
+ $crl =& lookup_crl($_GET['crlref']);
+ if (!$crl['cert'][$id]) {
pfSenseHeader("system_crlmanager.php");
exit;
}
+ $name = $crl['cert'][$id]['descr'];
+ cert_unrevoke($crl['cert'][$id], $crl);
+ write_config("Deleted Cert {$name} from CRL {$crl['descr']}.");
+ $savemsg = sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $crl['descr']) . "<br/>";
+ pfSenseHeader("system_crlmanager.php");
+ exit;
}
if ($_POST) {
@@ -213,7 +221,7 @@ if ($_POST) {
else
$a_crl[] = $crl;
- write_config();
+ write_config("Saved CRL {$crl['caref']}");
pfSenseHeader("system_crlmanager.php");
}
@@ -401,7 +409,7 @@ NOTE: This page is still a work in progress and is not yet fully functional.
<?php echo $name; ?>
</td>
<td class="list">
- <a href="system_crlmanager.php?act=delcert&crlref=<?php echo $crl['refid']; ?>&id=<?php echo $i; ?>">
+ <a href="system_crlmanager.php?act=delcert&crlref=<?php echo $crl['refid']; ?>&id=<?php echo $i; ?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate from the CRL?");?>')">
<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("Delete this certificate from the CRL ");?>" alt="<?=gettext("Delete this certificate from the CRL ");?>" width="17" height="17" border="0" />
</a>
</td>
OpenPOWER on IntegriCloud