/usr/local/www/system_crlmanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/system_crlmanager.php @ 2174be22

1	81bfb231	jim-p	<?php
2			/*
3			system_crlmanager.php
4
5			Copyright (C) 2010 Jim Pingle
6			All rights reserved.
7
8			Redistribution and use in source and binary forms, with or without
9			modification, are permitted provided that the following conditions are met:
10
11			1. Redistributions of source code must retain the above copyright notice,
12			this list of conditions and the following disclaimer.
13
14			2. Redistributions in binary form must reproduce the above copyright
15			notice, this list of conditions and the following disclaimer in the
16			documentation and/or other materials provided with the distribution.
17
18			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27			POSSIBILITY OF SUCH DAMAGE.
28			*/
29			/*
30			pfSense_MODULE: certificate_managaer
31			*/
32
33			##\|+PRIV
34			##\|*IDENT=page-system-crlmanager
35			##\|*NAME=System: CRL Manager
36			##\|*DESCR=Allow access to the 'System: CRL Manager' page.
37			##\|MATCH=system_crlmanager.php
38			##\|-PRIV
39
40			require("guiconfig.inc");
41			require_once("certs.inc");
42	94efbf8b	jim-p	require_once('openvpn.inc');
43	81bfb231	jim-p
44	fc54f29b	jim-p	global $openssl_crl_status;
45
46	81bfb231	jim-p	$pgtitle = array(gettext("System"), gettext("Certificate Revocation List Manager"));
47
48			$crl_methods = array(
49			"internal" => gettext("Create an internal Certificate Revocation List"),
50			"existing" => gettext("Import an existing Certificate Revocation List"));
51
52			$id = $_GET['id'];
53			if (isset($_POST['id']))
54			$id = $_POST['id'];
55
56			if (!is_array($config['ca']))
57			$config['ca'] = array();
58
59			$a_ca =& $config['ca'];
60
61			if (!is_array($config['cert']))
62			$config['cert'] = array();
63
64			$a_cert =& $config['cert'];
65
66			if (!is_array($config['crl']))
67			$config['crl'] = array();
68
69			$a_crl =& $config['crl'];
70
71	c1f95f5c	jim-p	foreach ($a_crl as $cid => $acrl)
72			if (!isset($acrl['refid']))
73			unset ($a_crl[$cid]);
74
75	81bfb231	jim-p	$act = $_GET['act'];
76			if ($_POST['act'])
77			$act = $_POST['act'];
78
79	c1f95f5c	jim-p	if (!empty($id))
80			$thiscrl =& lookup_crl($id);
81	81bfb231	jim-p
82	c1f95f5c	jim-p	// If we were given an invalid crlref in the id, no sense in continuing as it would only cause errors.
83			if (!$thiscrl && (($act != "") && ($act != "new"))) {
84			pfSenseHeader("system_crlmanager.php");
85			$act="";
86			$savemsg = gettext("Invalid CRL reference.");
87			}
88
89			if ($act == "del") {
90			$name = $thiscrl['descr'];
91			if (crl_in_use($id)) {
92	ad8df715	jim-p	$savemsg = sprintf(gettext("Certificate Revocation List %s is in use and cannot be deleted"), $name) . "<br/>";
93			} else {
94	c1f95f5c	jim-p	foreach ($a_crl as $cid => $acrl)
95			if ($acrl['refid'] == $thiscrl['refid'])
96			unset($a_crl[$cid]);
97	ad08687b	jim-p	write_config("Deleted CRL {$name}.");
98	ad8df715	jim-p	$savemsg = sprintf(gettext("Certificate Revocation List %s successfully deleted"), $name) . "<br/>";
99			}
100	81bfb231	jim-p	}
101
102			if ($act == "new") {
103			$pconfig['method'] = $_GET['method'];
104			$pconfig['caref'] = $_GET['caref'];
105			$pconfig['lifetime'] = "9999";
106			$pconfig['serial'] = "0";
107			}
108
109			if ($act == "exp") {
110	c1f95f5c	jim-p	$exp_name = urlencode("{$thiscrl['descr']}.crl");
111			$exp_data = base64_decode($thiscrl['text']);
112	81bfb231	jim-p	$exp_size = strlen($exp_data);
113
114			header("Content-Type: application/octet-stream");
115			header("Content-Disposition: attachment; filename={$exp_name}");
116			header("Content-Length: $exp_size");
117			echo $exp_data;
118			exit;
119			}
120
121	28ff7ace	jim-p	if ($act == "addcert") {
122			if ($_POST) {
123			unset($input_errors);
124			$pconfig = $_POST;
125
126			if (!$pconfig['crlref'] \|\| !$pconfig['certref']) {
127			pfSenseHeader("system_crlmanager.php");
128			exit;
129			}
130
131			// certref, crlref
132			$crl =& lookup_crl($pconfig['crlref']);
133			$cert = lookup_cert($pconfig['certref']);
134
135			if (!$crl['caref'] \|\| !$cert['caref']) {
136			$input_errors[] = gettext("Both the Certificate and CRL must be specified.");
137			}
138
139			if ($crl['caref'] != $cert['caref']) {
140			$input_errors[] = gettext("CA mismatch between the Certificate and CRL. Unable to Revoke.");
141			}
142			if (!is_crl_internal($crl)) {
143			$input_errors[] = gettext("Cannot revoke certificates for an imported/external CRL.");
144			}
145
146			if (!$input_errors) {
147	fc54f29b	jim-p	$reason = (empty($pconfig['crlreason'])) ? OCSP_REVOKED_STATUS_UNSPECIFIED : $pconfig['crlreason'];
148			cert_revoke($cert, $crl, $reason);
149	8e022a76	jim-p	openvpn_refresh_crls();
150	cfcc6994	jim-p	write_config("Revoked cert {$cert['descr']} in CRL {$crl['descr']}.");
151	28ff7ace	jim-p	pfSenseHeader("system_crlmanager.php");
152	ad08687b	jim-p	exit;
153	28ff7ace	jim-p	}
154			}
155			}
156
157			if ($act == "delcert") {
158	c1f95f5c	jim-p	if (!is_array($thiscrl['cert'])) {
159	28ff7ace	jim-p	pfSenseHeader("system_crlmanager.php");
160			exit;
161			}
162	c1f95f5c	jim-p	$found = false;
163			foreach ($thiscrl['cert'] as $acert) {
164			if ($acert['refid'] == $_GET['certref']) {
165			$found = true;
166			$thiscert = $acert;
167			}
168			}
169			if (!$found) {
170			pfSenseHeader("system_crlmanager.php");
171			exit;
172			}
173			$name = $thiscert['descr'];
174			if (cert_unrevoke($thiscert, $thiscrl)) {
175			$savemsg = sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br/>";
176			openvpn_refresh_crls();
177	cfcc6994	jim-p	write_config(sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr']));
178	c1f95f5c	jim-p	} else {
179			$savemsg = sprintf(gettext("Failed to delete Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br/>";
180			}
181			$act="edit";
182	28ff7ace	jim-p	}
183
184	81bfb231	jim-p	if ($_POST) {
185			unset($input_errors);
186			$pconfig = $_POST;
187
188			/* input validation */
189	6f3d3a07	jim-p	if (($pconfig['method'] == "existing") \|\| ($act == "editimported")) {
190	5293bfec	jim-p	$reqdfields = explode(" ", "descr crltext");
191	81bfb231	jim-p	$reqdfieldsn = array(
192			gettext("Descriptive name"),
193			gettext("Certificate Revocation List data"));
194			}
195			if ($pconfig['method'] == "internal") {
196			$reqdfields = explode(" ",
197	5293bfec	jim-p	"descr caref");
198	81bfb231	jim-p	$reqdfieldsn = array(
199			gettext("Descriptive name"),
200			gettext("Certificate Authority"));
201			}
202
203			do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
204
205			/* if this is an AJAX caller then handle via JSON */
206			if (isAjax() && is_array($input_errors)) {
207			input_errors2Ajax($input_errors);
208			exit;
209			}
210
211			/* save modifications */
212			if (!$input_errors) {
213			$result = false;
214
215	304af9d8	jim-p	if ($thiscrl) {
216	c1f95f5c	jim-p	$crl =& $thiscrl;
217	304af9d8	jim-p	} else {
218			$crl = array();
219			$crl['refid'] = uniqid();
220			}
221	81bfb231	jim-p
222	f2a86ca9	jim-p	$crl['descr'] = $pconfig['descr'];
223	6f3d3a07	jim-p	if ($act != "editimported") {
224			$crl['caref'] = $pconfig['caref'];
225			$crl['method'] = $pconfig['method'];
226			}
227	81bfb231	jim-p
228	6f3d3a07	jim-p	if (($pconfig['method'] == "existing") \|\| ($act == "editimported")) {
229	304af9d8	jim-p	$crl['text'] = base64_encode($pconfig['crltext']);
230	81bfb231	jim-p	}
231
232			if ($pconfig['method'] == "internal") {
233			$crl['serial'] = empty($pconfig['serial']) ? 9999 : $pconfig['serial'];
234			$crl['lifetime'] = empty($pconfig['lifetime']) ? 9999 : $pconfig['lifetime'];
235			$crl['cert'] = array();
236			}
237
238	c1f95f5c	jim-p	if (!$thiscrl)
239	81bfb231	jim-p	$a_crl[] = $crl;
240
241	304af9d8	jim-p	write_config("Saved CRL {$crl['descr']}");
242	6f3d3a07	jim-p	openvpn_refresh_crls();
243	81bfb231	jim-p	pfSenseHeader("system_crlmanager.php");
244			}
245			}
246
247			include("head.inc");
248			?>
249
250			<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
251			<?php include("fbegin.inc"); ?>
252			<script type="text/javascript">
253			<!--
254
255			function method_change() {
256
257	44bcc1be	jim-p	method = document.iform.method.value;
258	81bfb231	jim-p
259			switch (method) {
260	44bcc1be	jim-p	case "internal":
261	81bfb231	jim-p	document.getElementById("existing").style.display="none";
262			document.getElementById("internal").style.display="";
263			break;
264	44bcc1be	jim-p	case "existing":
265	81bfb231	jim-p	document.getElementById("existing").style.display="";
266			document.getElementById("internal").style.display="none";
267			break;
268			}
269			}
270
271			//-->
272			</script>
273			<?php
274			if ($input_errors)
275			print_input_errors($input_errors);
276			if ($savemsg)
277			print_info_box($savemsg);
278			?>
279			<table width="100%" border="0" cellpadding="0" cellspacing="0">
280			<tr>
281			<td>
282			<?php
283			$tab_array = array();
284			$tab_array[] = array(gettext("CAs"), false, "system_camanager.php");
285			$tab_array[] = array(gettext("Certificates"), false, "system_certmanager.php");
286			$tab_array[] = array(gettext("Certificate Revocation"), true, "system_crlmanager.php");
287			display_top_tabs($tab_array);
288			?>
289			</td>
290			</tr>
291			<tr>
292			<td id="mainarea">
293			<div class="tabcont">
294
295			<?php if ($act == "new" \|\| $act == gettext("Save") \|\| $input_errors): ?>
296
297			<form action="system_crlmanager.php" method="post" name="iform" id="iform">
298			<table width="100%" border="0" cellpadding="6" cellspacing="0">
299			<?php if (!isset($id)): ?>
300			<tr>
301			<td width="22%" valign="top" class="vncellreq"><?=gettext("Method");?></td>
302			<td width="78%" class="vtable">
303			<select name='method' id='method' class="formselect" onchange='method_change()'>
304			<?php
305			foreach($crl_methods as $method => $desc):
306	44bcc1be	jim-p	if (($_GET['importonly'] == "yes") && ($method != "existing"))
307			continue;
308	81bfb231	jim-p	$selected = "";
309			if ($pconfig['method'] == $method)
310			$selected = "selected";
311			?>
312			<option value="<?=$method;?>"<?=$selected;?>><?=$desc;?></option>
313			<?php endforeach; ?>
314			</select>
315			</td>
316			</tr>
317			<?php endif; ?>
318			<tr>
319			<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
320			<td width="78%" class="vtable">
321	f2a86ca9	jim-p	<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($pconfig['descr']);?>"/>
322	81bfb231	jim-p	</td>
323			</tr>
324			<tr>
325			<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate Authority");?></td>
326			<td width="78%" class="vtable">
327			<select name='caref' id='caref' class="formselect">
328			<?php
329			foreach($a_ca as $ca):
330			$selected = "";
331			if ($pconfig['caref'] == $ca['refid'])
332			$selected = "selected";
333			?>
334	f2a86ca9	jim-p	<option value="<?=$ca['refid'];?>"<?=$selected;?>><?=$ca['descr'];?></option>
335	81bfb231	jim-p	<?php endforeach; ?>
336			</select>
337			</td>
338			</tr>
339			</table>
340
341			<table width="100%" border="0" cellpadding="6" cellspacing="0" id="existing">
342			<tr>
343			<td colspan="2" class="list" height="12"></td>
344			</tr>
345			<tr>
346			<td colspan="2" valign="top" class="listtopic"><?=gettext("Existing Certificate Revocation List");?></td>
347			</tr>
348
349			<tr>
350			<td width="22%" valign="top" class="vncellreq"><?=gettext("CRL data");?></td>
351			<td width="78%" class="vtable">
352	364ecdd1	jim-p	<textarea name="crltext" id="crltext" cols="65" rows="7" class="formfld_crl"><?=$pconfig['crltext'];?></textarea>
353	81bfb231	jim-p	<br>
354			<?=gettext("Paste a Certificate Revocation List in X.509 CRL format here.");?></td>
355			</td>
356			</tr>
357			</table>
358
359			<table width="100%" border="0" cellpadding="6" cellspacing="0" id="internal">
360			<tr>
361			<td colspan="2" class="list" height="12"></td>
362			</tr>
363			<tr>
364			<td colspan="2" valign="top" class="listtopic"><?=gettext("Internal Certificate Revocation List");?></td>
365			</tr>
366			<tr>
367			<td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td>
368			<td width="78%" class="vtable">
369			<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/>
370			<?=gettext("days");?><br/>
371			<?=gettext("Default: 9999");?>
372			</td>
373			</tr>
374			<tr>
375			<td width="22%" valign="top" class="vncellreq"><?=gettext("Serial");?></td>
376			<td width="78%" class="vtable">
377			<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['serial']);?>"/>
378			<br/>
379			<?=gettext("Default: 0");?>
380			</td>
381			</tr>
382			</table>
383
384			<table width="100%" border="0" cellpadding="6" cellspacing="0">
385			<tr>
386			<td width="22%" valign="top"> </td>
387			<td width="78%">
388			<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
389	c1f95f5c	jim-p	<?php if (isset($id) && $thiscrl): ?>
390	81bfb231	jim-p	<input name="id" type="hidden" value="<?=$id;?>" />
391			<?php endif;?>
392			</td>
393			</tr>
394			</table>
395			</form>
396	6f3d3a07	jim-p	<?php elseif ($act == "editimported"): ?>
397			<?php $crl = $thiscrl; ?>
398			<form action="system_crlmanager.php" method="post" name="iform" id="iform">
399			<table width="100%" border="0" cellpadding="6" cellspacing="0" id="editimported">
400			<tr>
401			<td colspan="2" valign="top" class="listtopic"><?=gettext("Edit Imported Certificate Revocation List");?></td>
402			</tr>
403			<tr>
404			<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
405			<td width="78%" class="vtable">
406			<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($crl['descr']);?>"/>
407			</td>
408			</tr>
409			<tr>
410			<td width="22%" valign="top" class="vncellreq"><?=gettext("CRL data");?></td>
411			<td width="78%" class="vtable">
412			<textarea name="crltext" id="crltext" cols="65" rows="7" class="formfld_crl"><?=base64_decode($crl['text']);?></textarea>
413			<br>
414			<?=gettext("Paste a Certificate Revocation List in X.509 CRL format here.");?></td>
415			</td>
416			</tr>
417			<tr>
418			<td width="22%" valign="top"> </td>
419			<td width="78%">
420			<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
421			<input name="id" type="hidden" value="<?=$id;?>" />
422			<input name="act" type="hidden" value="editimported" />
423			</td>
424			</tr>
425			</table>
426			</form>
427
428	28ff7ace	jim-p	<?php elseif ($act == "edit"): ?>
429	c1f95f5c	jim-p	<?php $crl = $thiscrl; ?>
430	28ff7ace	jim-p	<form action="system_crlmanager.php" method="post" name="iform" id="iform">
431			<table width="100%" border="0" cellpadding="0" cellspacing="0">
432			<thead>
433			<tr>
434	fc54f29b	jim-p	<th width="90%" class="listhdrr" colspan="3"><b><?php echo gettext("Currently Revoked Certificates for CRL") . ': ' . $crl['descr']; ?></b></th>
435			<th width="10%" class="list"></th>
436			</tr>
437			<tr>
438			<th width="30%" class="listhdrr"><b><?php echo gettext("Certificate Name")?></b></th>
439			<th width="30%" class="listhdrr"><b><?php echo gettext("Revocation Reason")?></b></th>
440			<th width="30%" class="listhdrr"><b><?php echo gettext("Revoked At")?></b></th>
441			<th width="10%" class="list"></th>
442	28ff7ace	jim-p	</tr>
443			</thead>
444			<tbody>
445			<?php /* List Certs on CRL */
446			if (!is_array($crl['cert']) \|\| (count($crl['cert']) == 0)): ?>
447			<tr>
448	fc54f29b	jim-p	<td class="listlr" colspan="3">
449	28ff7ace	jim-p	<?php echo gettext("No Certificates Found for this CRL."); ?>
450			</td>
451			<td class="list"> </td>
452			</td>
453			<?php else:
454			foreach($crl['cert'] as $i => $cert):
455			$name = htmlspecialchars($cert['descr']);
456			?>
457			<tr>
458			<td class="listlr">
459			<?php echo $name; ?>
460			</td>
461	fc54f29b	jim-p	<td class="listlr">
462			<?php echo $openssl_crl_status[$cert["reason"]]; ?>
463			</td>
464			<td class="listlr">
465			<?php echo date("D M j G:i:s T Y", $cert["revoke_time"]); ?>
466			</td>
467	28ff7ace	jim-p	<td class="list">
468	c1f95f5c	jim-p	<a href="system_crlmanager.php?act=delcert&id=<?php echo $crl['refid']; ?>&certref=<?php echo $cert['refid']; ?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate from the CRL?");?>')">
469	28ff7ace	jim-p	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("Delete this certificate from the CRL ");?>" alt="<?=gettext("Delete this certificate from the CRL ");?>" width="17" height="17" border="0" />
470			</a>
471			</td>
472			</tr>
473			<?php
474			endforeach;
475			endif;
476			?>
477			<?php /* Drop-down with other certs from this CA. */
478			// Map Certs to CAs in one pass
479			$ca_certs = array();
480			foreach($a_cert as $cert)
481			if ($cert['caref'] == $crl['caref'])
482			$ca_certs[] = $cert;
483			if (count($ca_certs) == 0): ?>
484			<tr>
485	fc54f29b	jim-p	<td class="listlr" colspan="3">
486	28ff7ace	jim-p	<?php echo gettext("No Certificates Found for this CA."); ?>
487			</td>
488			<td class="list"> </td>
489			</td>
490			<?php else: ?>
491			<tr>
492	fc54f29b	jim-p	<td class="listlr" colspan="3" align="center">
493	28ff7ace	jim-p	<b><?php echo gettext("Choose a Certificate to Revoke"); ?></b>: <select name='certref' id='certref' class="formselect">
494			<?php foreach($ca_certs as $cert): ?>
495	fc54f29b	jim-p	<option value="<?=$cert['refid'];?>"><?=htmlspecialchars($cert['descr'])?></option>
496	28ff7ace	jim-p	<?php endforeach; ?>
497	fc54f29b	jim-p	</select>
498			<b><?php echo gettext("Reason");?></b>:
499			<select name='crlreason' id='crlreason' class="formselect">
500			<?php foreach($openssl_crl_status as $code => $reason): ?>
501			<option value="<?= $code ?>"><?= htmlspecialchars($reason) ?></option>
502			<?php endforeach; ?>
503			</select>
504	28ff7ace	jim-p	<input name="act" type="hidden" value="addcert" />
505			<input name="crlref" type="hidden" value="<?=$crl['refid'];?>" />
506	c1f95f5c	jim-p	<input name="id" type="hidden" value="<?=$crl['refid'];?>" />
507	28ff7ace	jim-p	<input id="submit" name="add" type="submit" class="formbtn" value="<?=gettext("Add"); ?>" />
508			</td>
509			<td class="list"> </td>
510			</tr>
511			<?php endif; ?>
512			</tbody>
513			</table>
514			</form>
515	81bfb231	jim-p	<?php else: ?>
516
517			<table width="100%" border="0" cellpadding="0" cellspacing="0">
518			<thead>
519			<tr>
520			<td width="35%" class="listhdrr"><?=gettext("Name");?></td>
521			<td width="10%" class="listhdrr"><?=gettext("Internal");?></td>
522			<td width="35%" class="listhdrr"><?=gettext("Certificates");?></td>
523			<td width="10%" class="listhdrr"><?=gettext("In Use");?></td>
524			<td width="10%" class="list"></td>
525			</tr>
526			</thead>
527			<tbody>
528			<?php
529	0d5c21f7	Chris Buechler	$caimg = "/themes/{$g['theme']}/images/icons/icon_frmfld_cert.png";
530	28ff7ace	jim-p	// Map CRLs to CAs in one pass
531	81bfb231	jim-p	$ca_crl_map = array();
532			foreach($a_crl as $crl)
533			$ca_crl_map[$crl['caref']][] = $crl['refid'];
534
535			$i = 0;
536			foreach($a_ca as $ca):
537	f2a86ca9	jim-p	$name = htmlspecialchars($ca['descr']);
538	81bfb231	jim-p
539			if($ca['prv']) {
540	44bcc1be	jim-p	$cainternal = "YES";
541	81bfb231	jim-p	} else
542	44bcc1be	jim-p	$cainternal = "NO";
543	81bfb231	jim-p	?>
544			<tr>
545			<td class="listlr" colspan="4">
546			<table border="0" cellpadding="0" cellspacing="0">
547			<tr>
548			<td align="left" valign="center">
549			<img src="<?=$caimg;?>" alt="CA" title="CA" border="0" height="16" width="16" />
550			</td>
551			<td align="left" valign="middle">
552			<?=$name;?>
553			</td>
554			</tr>
555			</table>
556			</td>
557			<td class="list">
558	44bcc1be	jim-p	<?php if ($cainternal == "YES"): ?>
559	d5059f4c	bcyrill	<a href="system_crlmanager.php?act=new&caref=<?php echo $ca['refid']; ?>">
560	b1e4005f	Vinicius Coque	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?php printf(gettext("Add or Import CRL for %s"),$ca['descr']);?>" alt="<?=gettext("add crl");?>" width="17" height="17" border="0" />
561	81bfb231	jim-p	</a>
562	44bcc1be	jim-p	<?php else: ?>
563	d5059f4c	bcyrill	<a href="system_crlmanager.php?act=new&caref=<?php echo $ca['refid']; ?>&importonly=yes">
564	b1e4005f	Vinicius Coque	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?php printf(gettext("Import CRL for %s"),$ca['descr']);?>" alt="<?=gettext("add crl");?>" width="17" height="17" border="0" />
565	44bcc1be	jim-p	</a>
566			<?php endif; ?>
567	81bfb231	jim-p	</td>
568			</tr>
569
570			<?php
571			if (is_array($ca_crl_map[$ca['refid']])):
572			foreach($ca_crl_map[$ca['refid']] as $crl):
573			$tmpcrl = lookup_crl($crl);
574	ad8df715	jim-p	$internal = is_crl_internal($tmpcrl);
575			$inuse = crl_in_use($tmpcrl['refid']);
576	81bfb231	jim-p	?>
577			<tr>
578	f2a86ca9	jim-p	<td class="listlr"><?php echo $tmpcrl['descr']; ?></td>
579	ad8df715	jim-p	<td class="listr"><?php echo ($internal) ? "YES" : "NO"; ?></td>
580			<td class="listr"><?php echo ($internal) ? count($tmpcrl['cert']) : "Unknown (imported)"; ?></td>
581			<td class="listr"><?php echo ($inuse) ? "YES" : "NO"; ?></td>
582	81bfb231	jim-p	<td valign="middle" nowrap class="list">
583	916ee745	jim-p	<?php if (!$internal \|\| count($tmpcrl['cert'])): ?>
584	d5059f4c	bcyrill	<a href="system_crlmanager.php?act=exp&id=<?=$tmpcrl['refid'];?>">
585	f2a86ca9	jim-p	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" />
586	81bfb231	jim-p	</a>
587	916ee745	jim-p	<?php endif; ?>
588	28ff7ace	jim-p	<?php if ($internal): ?>
589	d5059f4c	bcyrill	<a href="system_crlmanager.php?act=edit&id=<?=$tmpcrl['refid'];?>">
590	c1f95f5c	jim-p	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" />
591	28ff7ace	jim-p	</a>
592	6f3d3a07	jim-p	<?php else: ?>
593	d5059f4c	bcyrill	<a href="system_crlmanager.php?act=editimported&id=<?=$tmpcrl['refid'];?>">
594	6f3d3a07	jim-p	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" />
595			</a>
596	28ff7ace	jim-p	<?php endif; ?>
597	ad8df715	jim-p	<?php if (!$inuse): ?>
598	c1f95f5c	jim-p	<a href="system_crlmanager.php?act=del&id=<?=$tmpcrl['refid'];?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate Revocation List?") . ' (' . htmlspecialchars($tmpcrl['descr']) . ')';?>')">
599	f2a86ca9	jim-p	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("Delete CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Delete CRL") . " " . htmlspecialchars($tmpcrl['descr']); ?>" width="17" height="17" border="0" />
600	81bfb231	jim-p	</a>
601	ad8df715	jim-p	<?php endif; ?>
602	81bfb231	jim-p	</td>
603			</tr>
604			<?php
605			$i++;
606			endforeach;
607			endif;
608			?>
609			<tr><td colspan="5"> </td></tr>
610			<?php
611			$i++;
612			endforeach;
613			?>
614			</tbody>
615			<tfoot>
616			<tr>
617			<td colspan="5">
618			<p>
619			<?=gettext("Additional Certificate Revocation Lists can be added here.");?>
620			</p>
621			</td>
622			</tr>
623			</tfoot>
624			</table>
625
626			<?php endif; ?>
627
628			</div>
629			</td>
630			</tr>
631			</table>
632			<?php include("fend.inc");?>
633			<script type="text/javascript">
634			<!--
635
636			method_change();
637
638			//-->
639			</script>
640
641			</body>
642	d5059f4c	bcyrill	</html>

Project

General

Profile

pfSense