From 00d5594c737d475abab8e0361bb3ff7f93b98ac8 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Tue, 12 Sep 2017 13:49:55 -0400
Subject: Relax OpenVPN wizard cert validation to match that of the cert
 manager and encode values before using them. Fixes #7854 Also, CDATA escape
 these fields in config.xml since they will most likely contain characters
 which are invalid in XML. While here, fix a cert display issue where a SAN
 value could be reused from a previous entry in the cert list display.

---
 src/etc/inc/xmlparse.inc | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'src/etc')

diff --git a/src/etc/inc/xmlparse.inc b/src/etc/inc/xmlparse.inc
index 5d00d29..60028c3 100644
--- a/src/etc/inc/xmlparse.inc
+++ b/src/etc/inc/xmlparse.inc
@@ -244,6 +244,12 @@ function dump_xml_config_sub($arr, $indent) {
 						} else if ((substr($ent, 0, 5) == "descr") ||
 						    (substr($ent, 0, 6) == "detail") ||
 						    (substr($ent, 0, 12) == "login_banner") ||
+						    (substr($ent, 0, 5) == "state") ||
+						    (substr($ent, 0, 4) == "city") ||
+						    (substr($ent, 0, 12) == "organization") ||
+						    (substr($ent, 0, 5) == "email") ||
+						    (substr($ent, 0, 6) == "certca") ||
+						    (substr($ent, 0, 8) == "certname") ||
 						    (substr($ent, 0, 9) == "ldap_attr") ||
 						    (substr($ent, 0, 9) == "ldap_bind") ||
 						    (substr($ent, 0, 11) == "ldap_basedn") ||
@@ -275,6 +281,12 @@ function dump_xml_config_sub($arr, $indent) {
 				if ((substr($ent, 0, 5) == "descr") ||
 				    (substr($ent, 0, 6) == "detail") ||
 				    (substr($ent, 0, 12) == "login_banner") ||
+				    (substr($ent, 0, 5) == "state") ||
+				    (substr($ent, 0, 4) == "city") ||
+				    (substr($ent, 0, 12) == "organization") ||
+				    (substr($ent, 0, 5) == "email") ||
+				    (substr($ent, 0, 6) == "certca") ||
+				    (substr($ent, 0, 8) == "certname") ||
 				    (substr($ent, 0, 9) == "ldap_attr") ||
 				    (substr($ent, 0, 9) == "ldap_bind") ||
 				    (substr($ent, 0, 11) == "ldap_basedn") ||
-- 
cgit v1.1