Revision 26308930
Added by Marcos M about 1 year ago
| src/etc/inc/ipsec.inc | ||
|---|---|---|
| 2144 | 2144 |
|
| 2145 | 2145 |
if (!empty($ph1ent['caref'])) {
|
| 2146 | 2146 |
$ca = lookup_ca($ph1ent['caref']); |
| 2147 |
$ca = $ca['item']; |
|
| 2147 | 2148 |
if ($ca) {
|
| 2148 | 2149 |
/* Get hash value to use for filename */ |
| 2149 | 2150 |
$ca_details = openssl_x509_parse(base64_decode($ca['crt'])); |
| ... | ... | |
| 2903 | 2904 |
|
| 2904 | 2905 |
$ikeid = $ph1ent['ikeid']; |
| 2905 | 2906 |
$cert = lookup_cert($ph1ent['certref']); |
| 2907 |
$cert = $cert['item']; |
|
| 2906 | 2908 |
|
| 2907 | 2909 |
if (!$cert) {
|
| 2908 | 2910 |
log_error(sprintf(gettext("Error: Invalid phase1 certificate reference for %s"), $ph1ent['name']));
|
| ... | ... | |
| 2989 | 2991 |
array('cert', 'eap-tls', 'xauth_cert_server', 'pkcs11'))) {
|
| 2990 | 2992 |
if (!empty($ph1ent['caref']) && !array_key_exists($ph1ent['caref'], $vpncas)) {
|
| 2991 | 2993 |
$thisca = lookup_ca($ph1ent['caref']); |
| 2994 |
$thisca = $thisca['item']; |
|
| 2992 | 2995 |
$vpncas[$ph1ent['caref']] = $thisca; |
| 2993 | 2996 |
/* follow chain up to root */ |
| 2994 | 2997 |
$cachain = ca_chain_array($thisca); |
Also available in: Unified diff
Use config accessors in certificate functions