diff options
| -rw-r--r-- | etc/inc/certs.inc | 3 | ||||
| -rw-r--r-- | usr/local/www/system_crlmanager.php | 43 |
2 files changed, 30 insertions, 16 deletions
diff --git a/etc/inc/certs.inc b/etc/inc/certs.inc index 4d00908..f177c9e 100644 --- a/etc/inc/certs.inc +++ b/etc/inc/certs.inc @@ -444,8 +444,7 @@ $openssl_crl_status = array( OCSP_REVOKED_STATUS_AFFILIATIONCHANGED => "Affiliation Changed", OCSP_REVOKED_STATUS_SUPERSEDED => "Superseded", OCSP_REVOKED_STATUS_CESSATIONOFOPERATION => "Cessation of Operation", - OCSP_REVOKED_STATUS_CERTIFICATEHOLD => "Certificate Hold", - OCSP_REVOKED_STATUS_REMOVEFROMCRL => "Remove from CRL" + OCSP_REVOKED_STATUS_CERTIFICATEHOLD => "Certificate Hold" ); function crl_create(& $crl, $caref, $name, $serial=0, $lifetime=9999) { diff --git a/usr/local/www/system_crlmanager.php b/usr/local/www/system_crlmanager.php index f03b72d..0e4378c 100644 --- a/usr/local/www/system_crlmanager.php +++ b/usr/local/www/system_crlmanager.php @@ -40,6 +40,8 @@ require("guiconfig.inc"); require_once("certs.inc"); +global $openssl_crl_status; + $pgtitle = array(gettext("System"), gettext("Certificate Revocation List Manager")); $crl_methods = array( @@ -143,7 +145,8 @@ if ($act == "addcert") { } if (!$input_errors) { - cert_revoke($cert, $crl, OCSP_REVOKED_STATUS_UNSPECIFIED); + $reason = (empty($pconfig['crlreason'])) ? OCSP_REVOKED_STATUS_UNSPECIFIED : $pconfig['crlreason']; + cert_revoke($cert, $crl, $reason); write_config("Revoked cert {$cert['descr']} in CRL {$crl['descr']}."); require_once('openvpn.inc'); openvpn_refresh_crls(); @@ -384,21 +387,21 @@ NOTE: This page is still a work in progress and is not yet fully functional. <table width="100%" border="0" cellpadding="0" cellspacing="0"> <thead> <tr> - <td width="90%" class="listhdrr"><?=gettext("Edit CRL");?> <?php echo $crl['descr']; ?></td> - <td width="10%" class="list"></td> + <th width="90%" class="listhdrr" colspan="3"><b><?php echo gettext("Currently Revoked Certificates for CRL") . ': ' . $crl['descr']; ?></b></th> + <th width="10%" class="list"></th> + </tr> + <tr> + <th width="30%" class="listhdrr"><b><?php echo gettext("Certificate Name")?></b></th> + <th width="30%" class="listhdrr"><b><?php echo gettext("Revocation Reason")?></b></th> + <th width="30%" class="listhdrr"><b><?php echo gettext("Revoked At")?></b></th> + <th width="10%" class="list"></th> </tr> </thead> <tbody> - <tr> - <td class="listlr"> - <b><?php echo gettext("Currently Revoked Certificates"); ?></b><br/><br/> - </td> - <td class="list"> </td> - </td> <?php /* List Certs on CRL */ if (!is_array($crl['cert']) || (count($crl['cert']) == 0)): ?> <tr> - <td class="listlr"> + <td class="listlr" colspan="3"> <?php echo gettext("No Certificates Found for this CRL."); ?> </td> <td class="list"> </td> @@ -411,6 +414,12 @@ NOTE: This page is still a work in progress and is not yet fully functional. <td class="listlr"> <?php echo $name; ?> </td> + <td class="listlr"> + <?php echo $openssl_crl_status[$cert["reason"]]; ?> + </td> + <td class="listlr"> + <?php echo date("D M j G:i:s T Y", $cert["revoke_time"]); ?> + </td> <td class="list"> <a href="system_crlmanager.php?act=delcert&crlref=<?php echo $crl['refid']; ?>&id=<?php echo $i; ?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate from the CRL?");?>')"> <img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("Delete this certificate from the CRL ");?>" alt="<?=gettext("Delete this certificate from the CRL ");?>" width="17" height="17" border="0" /> @@ -429,22 +438,28 @@ NOTE: This page is still a work in progress and is not yet fully functional. $ca_certs[] = $cert; if (count($ca_certs) == 0): ?> <tr> - <td class="listlr"> + <td class="listlr" colspan="3"> <?php echo gettext("No Certificates Found for this CA."); ?> </td> <td class="list"> </td> </td> <?php else: ?> <tr> - <td class="listlr"> + <td class="listlr" colspan="3" align="center"> <b><?php echo gettext("Choose a Certificate to Revoke"); ?></b>: <select name='certref' id='certref' class="formselect"> <?php foreach($ca_certs as $cert): ?> - <option value="<?=$cert['refid'];?>"><?=htmlspecialchars($cert['descr'])?></option> + <option value="<?=$cert['refid'];?>"><?=htmlspecialchars($cert['descr'])?></option> + <?php endforeach; ?> + </select> + <b><?php echo gettext("Reason");?></b>: + <select name='crlreason' id='crlreason' class="formselect"> + <?php foreach($openssl_crl_status as $code => $reason): ?> + <option value="<?= $code ?>"><?= htmlspecialchars($reason) ?></option> <?php endforeach; ?> + </select> <input name="act" type="hidden" value="addcert" /> <input name="crlref" type="hidden" value="<?=$crl['refid'];?>" /> <input id="submit" name="add" type="submit" class="formbtn" value="<?=gettext("Add"); ?>" /> - </select> </td> <td class="list"> </td> </tr> |
