diff options
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/config.inc | 36 | ||||
-rw-r--r-- | etc/inc/globals.inc | 2 |
2 files changed, 23 insertions, 15 deletions
diff --git a/etc/inc/config.inc b/etc/inc/config.inc index 5b0ff2a..faf5af7 100644 --- a/etc/inc/config.inc +++ b/etc/inc/config.inc @@ -2166,15 +2166,20 @@ endif; /* Convert 5.5 -> 5.6 */ if ($config['version'] <= 5.5) { - /* migrate ipsec ca's to cert manager */ if (!is_array($config['system']['ca'])) $config['system']['ca'] = array(); if (!is_array($config['system']['cert'])) $config['system']['cert'] = array(); + + /* migrate ipsec ca's to cert manager */ if (is_array($config['ipsec']['cacert'])) { - foreach($config['ipsec']['cacert'], & $cacert) { - $ca = new array(); - $ca['crt'] = $cacert['cert']; + foreach($config['ipsec']['cacert'] as & $cacert) { + $ca = array(); + $ca['refid'] = uniqid(); + if (is_array($cacert['cert'])) + $ca['crt'] = $cacert['cert'][0]; + else + $ca['crt'] = $cacert['cert']; $ca['name'] = $cacert['ident']; $config['system']['ca'][] = $ca; } @@ -2183,19 +2188,22 @@ endif; /* migrate phase1 certificates to cert manager */ if (is_array($config['ipsec']['phase1'])) { - foreach($config['ipsec']['phase1'], & $ph1ent) { - if($ph1ent['cert'] && $ph1ent['private-key']) { - $cert = new array(); - $cert['name'] = "IPsec Peer {$ph1ent['remote-gateway']} Certificate"; + foreach($config['ipsec']['phase1'] as & $ph1ent) { + $cert = array(); + $cert['refid'] = uniqid(); + $cert['name'] = "IPsec Peer {$ph1ent['remote-gateway']} Certificate"; + if (is_array($ph1ent['cert'])) + $cert['crt'] = $ph1ent['cert'][0]; + else $cert['crt'] = $ph1ent['cert']; - $cert['prv'] = $ph1ent['private-key']; - $config['system']['cert'][] = $cert; - } - if($ph1ent['cert']) + $cert['prv'] = $ph1ent['private-key']; + $config['system']['cert'][] = $cert; + $ph1ent['certref'] = $cert['refid']; + if ($ph1ent['cert']) unset($ph1ent['cert']); - if($ph1ent['private-key']) + if ($ph1ent['private-key']) unset($ph1ent['private-key']); - if($ph1ent['peercert']) + if ($ph1ent['peercert']) unset($ph1ent['peercert']); } } diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index 054ce31..66632d9 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -58,7 +58,7 @@ $g = array( "product_website_footer" => "http://www.pfsense.org/?gui20", "product_email" => "coreteam@pfsense.org", "debug" => false, - "latest_config" => "5.5", + "latest_config" => "5.6", "nopkg_platforms" => array("cdrom"), "minimum_ram_warning" => "115", "minimum_ram_warning_text" => "128 megabytes", |