Revision 1e332e98
Added by Jim Pingle almost 15 years ago
| etc/inc/certs.inc | ||
|---|---|---|
| 34 | 34 |
function & lookup_ca($refid) {
|
| 35 | 35 |
global $config; |
| 36 | 36 |
|
| 37 |
if (is_array($config['system']['ca']))
|
|
| 38 |
foreach ($config['system']['ca'] as & $ca)
|
|
| 37 |
if (is_array($config['ca'])) |
|
| 38 |
foreach ($config['ca'] as & $ca) |
|
| 39 | 39 |
if ($ca['refid'] == $refid) |
| 40 | 40 |
return $ca; |
| 41 | 41 |
|
| ... | ... | |
| 45 | 45 |
function & lookup_ca_by_subject($subject) {
|
| 46 | 46 |
global $config; |
| 47 | 47 |
|
| 48 |
if (is_array($config['system']['ca']))
|
|
| 49 |
foreach ($config['system']['ca'] as & $ca)
|
|
| 48 |
if (is_array($config['ca'])) |
|
| 49 |
foreach ($config['ca'] as & $ca) |
|
| 50 | 50 |
{
|
| 51 | 51 |
$ca_subject = cert_get_subject($ca['crt']); |
| 52 | 52 |
if ($ca_subject == $subject) |
| ... | ... | |
| 59 | 59 |
function & lookup_cert($refid) {
|
| 60 | 60 |
global $config; |
| 61 | 61 |
|
| 62 |
if (is_array($config['system']['cert']))
|
|
| 63 |
foreach ($config['system']['cert'] as & $cert)
|
|
| 62 |
if (is_array($config['cert'])) |
|
| 63 |
foreach ($config['cert'] as & $cert) |
|
| 64 | 64 |
if ($cert['refid'] == $refid) |
| 65 | 65 |
return $cert; |
| 66 | 66 |
|
| ... | ... | |
| 119 | 119 |
} |
| 120 | 120 |
|
| 121 | 121 |
/* Correct if child certificate was loaded first */ |
| 122 |
if (is_array($config['system']['ca']))
|
|
| 123 |
foreach ($config['system']['ca'] as & $oca)
|
|
| 122 |
if (is_array($config['ca'])) |
|
| 123 |
foreach ($config['ca'] as & $oca) |
|
| 124 | 124 |
{
|
| 125 | 125 |
$issuer = cert_get_issuer($oca['crt']); |
| 126 | 126 |
if($ca['refid']<>$oca['refid'] && $issuer==$subject) |
| 127 | 127 |
$oca['caref'] = $ca['refid']; |
| 128 | 128 |
} |
| 129 |
if (is_array($config['system']['cert']))
|
|
| 130 |
foreach ($config['system']['cert'] as & $cert)
|
|
| 129 |
if (is_array($config['cert'])) |
|
| 130 |
foreach ($config['cert'] as & $cert) |
|
| 131 | 131 |
{
|
| 132 | 132 |
$issuer = cert_get_issuer($cert['crt']); |
| 133 | 133 |
if($issuer==$subject) |
| ... | ... | |
| 353 | 353 |
function get_all_certs_tree() {
|
| 354 | 354 |
global $config; |
| 355 | 355 |
$cert_tree = array(); |
| 356 |
foreach ($config['system']['ca'] as $ca)
|
|
| 356 |
foreach ($config['ca'] as $ca) |
|
| 357 | 357 |
$cert_tree[$ca['refid']] = $ca; |
| 358 | 358 |
$usercerts = get_all_user_certs(); |
| 359 | 359 |
foreach ($usercerts as $cert) |
| etc/inc/system.inc | ||
|---|---|---|
| 666 | 666 |
// Ensure that we have a webConfigurator CERT |
| 667 | 667 |
$cert =& lookup_cert($config['system']['webgui']['ssl-certref']); |
| 668 | 668 |
if(!is_array($cert) && !$cert['crt'] && !$cert['prv']) {
|
| 669 |
if (!is_array($config['system']['ca']))
|
|
| 670 |
$config['system']['ca'] = array();
|
|
| 671 |
$a_ca =& $config['system']['ca'];
|
|
| 672 |
if (!is_array($config['system']['cert']))
|
|
| 673 |
$config['system']['cert'] = array();
|
|
| 674 |
$a_cert =& $config['system']['cert'];
|
|
| 669 |
if (!is_array($config['ca'])) |
|
| 670 |
$config['ca'] = array(); |
|
| 671 |
$a_ca =& $config['ca']; |
|
| 672 |
if (!is_array($config['cert'])) |
|
| 673 |
$config['cert'] = array(); |
|
| 674 |
$a_cert =& $config['cert']; |
|
| 675 | 675 |
echo "Creating SSL Certificate... "; |
| 676 | 676 |
$cert = array(); |
| 677 | 677 |
$cert['refid'] = uniqid(); |
| etc/inc/vpn.inc | ||
|---|---|---|
| 206 | 206 |
} |
| 207 | 207 |
|
| 208 | 208 |
/* generate CA certificates files */ |
| 209 |
if (is_array($config['system']['ca']) && count($config['system']['ca'])) {
|
|
| 210 |
foreach ($config['system']['ca'] as $ca) {
|
|
| 209 |
if (is_array($config['ca']) && count($config['ca'])) {
|
|
| 210 |
foreach ($config['ca'] as $ca) {
|
|
| 211 | 211 |
if (!isset($ca['crt'])) {
|
| 212 | 212 |
log_error("Error: Invalid certificate info for {$ca['name']}");
|
| 213 | 213 |
continue; |
Also available in: Unified diff
CA/CERT Move