diff options
Diffstat (limited to 'src/etc/inc/certs.inc')
| -rw-r--r-- | src/etc/inc/certs.inc | 76 |
1 files changed, 59 insertions, 17 deletions
diff --git a/src/etc/inc/certs.inc b/src/etc/inc/certs.inc index 6d260e6..d49f478 100644 --- a/src/etc/inc/certs.inc +++ b/src/etc/inc/certs.inc @@ -1,9 +1,10 @@ <?php /* certs.inc - Copyright (C) 2008 Shrew Soft Inc - Copyright (C) 2010 Jim Pingle <jimp@pfsense.org> - All rights reserved. + + part of pfSense (https://www.pfsense.org) + Copyright (c) 2008-2016 Electric Sheep Fencing, LLC. All rights reserved. + Copyright (c) 2008 Shrew Soft Inc. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: @@ -12,19 +13,42 @@ this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + + 3. All advertising materials mentioning features or use of this software + must display the following acknowledgment: + "This product includes software developed by the pfSense Project + for use in the pfSense® software distribution. (http://www.pfsense.org/). + + 4. The names "pfSense" and "pfSense Project" must not be used to + endorse or promote products derived from this software without + prior written permission. For written permission, please contact + coreteam@pfsense.org. + + 5. Products derived from this software may not be called "pfSense" + nor may "pfSense" appear in their names without prior written + permission of the Electric Sheep Fencing, LLC. + + 6. Redistributions of any form whatsoever must retain the following + acknowledgment: + + "This product includes software developed by the pfSense Project + for use in the pfSense software distribution (http://www.pfsense.org/). + + THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY + EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR + ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + OF THE POSSIBILITY OF SUCH DAMAGE. */ define("OPEN_SSL_CONF_PATH", "/etc/ssl/openssl.cnf"); @@ -668,6 +692,22 @@ function is_webgui_cert($certref) { } } +function is_package_cert($certref) { + $pluginparams = array(); + $pluginparams['type'] = 'certificates'; + $pluginparams['event'] = 'used_certificates'; + + $certificates_used_by_packages = pkg_call_plugins('plugin_certificates', $pluginparams); + + /* Check if any package is using certificate */ + foreach ($certificates_used_by_packages as $name => $package) { + if (is_array($package['certificatelist'][$certref]) && + isset($package['certificatelist'][$certref]) > 0) { + return true; + } + } +} + function is_captiveportal_cert($certref) { global $config; if (!is_array($config['captiveportal'])) { @@ -682,12 +722,14 @@ function is_captiveportal_cert($certref) { } function cert_in_use($certref) { + return (is_webgui_cert($certref) || is_user_cert($certref) || is_openvpn_server_cert($certref) || is_openvpn_client_cert($certref) || is_ipsec_cert($certref) || - is_captiveportal_cert($certref)); + is_captiveportal_cert($certref) || + is_package_cert($certref)); } function crl_create(& $crl, $caref, $name, $serial = 0, $lifetime = 9999) { |
