/usr/local/www/system_crlmanager.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/usr/local/www/system_crlmanager.php @ 889c83d7

1	81bfb231	jim-p	<?php
2			/*
3			system_crlmanager.php
4
5			Copyright (C) 2010 Jim Pingle
6			All rights reserved.
7
8			Redistribution and use in source and binary forms, with or without
9			modification, are permitted provided that the following conditions are met:
10
11			1. Redistributions of source code must retain the above copyright notice,
12			this list of conditions and the following disclaimer.
13
14			2. Redistributions in binary form must reproduce the above copyright
15			notice, this list of conditions and the following disclaimer in the
16			documentation and/or other materials provided with the distribution.
17
18			THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19			INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20			AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21			AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22			OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23			SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24			INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25			CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27			POSSIBILITY OF SUCH DAMAGE.
28			*/
29			/*
30			pfSense_MODULE: certificate_managaer
31			*/
32
33			##\|+PRIV
34			##\|*IDENT=page-system-crlmanager
35			##\|*NAME=System: CRL Manager
36			##\|*DESCR=Allow access to the 'System: CRL Manager' page.
37			##\|MATCH=system_crlmanager.php
38			##\|-PRIV
39
40			require("guiconfig.inc");
41			require_once("certs.inc");
42	94efbf8b	jim-p	require_once('openvpn.inc');
43	81bfb231	jim-p
44	fc54f29b	jim-p	global $openssl_crl_status;
45
46	81bfb231	jim-p	$pgtitle = array(gettext("System"), gettext("Certificate Revocation List Manager"));
47
48			$crl_methods = array(
49			"internal" => gettext("Create an internal Certificate Revocation List"),
50			"existing" => gettext("Import an existing Certificate Revocation List"));
51
52	d22169cf	jim-p	if (ctype_alnum($_GET['id']))
53	0e6cf71b	Renato Botelho	$id = $_GET['id'];
54	d22169cf	jim-p	if (isset($_POST['id']) && ctype_alnum($_POST['id']))
55	81bfb231	jim-p	$id = $_POST['id'];
56
57			if (!is_array($config['ca']))
58			$config['ca'] = array();
59
60			$a_ca =& $config['ca'];
61
62			if (!is_array($config['cert']))
63			$config['cert'] = array();
64
65			$a_cert =& $config['cert'];
66
67			if (!is_array($config['crl']))
68			$config['crl'] = array();
69
70			$a_crl =& $config['crl'];
71
72	c1f95f5c	jim-p	foreach ($a_crl as $cid => $acrl)
73			if (!isset($acrl['refid']))
74			unset ($a_crl[$cid]);
75
76	81bfb231	jim-p	$act = $_GET['act'];
77			if ($_POST['act'])
78			$act = $_POST['act'];
79
80	c1f95f5c	jim-p	if (!empty($id))
81			$thiscrl =& lookup_crl($id);
82	81bfb231	jim-p
83	c1f95f5c	jim-p	// If we were given an invalid crlref in the id, no sense in continuing as it would only cause errors.
84			if (!$thiscrl && (($act != "") && ($act != "new"))) {
85			pfSenseHeader("system_crlmanager.php");
86			$act="";
87			$savemsg = gettext("Invalid CRL reference.");
88			}
89
90			if ($act == "del") {
91			$name = $thiscrl['descr'];
92			if (crl_in_use($id)) {
93	ad8df715	jim-p	$savemsg = sprintf(gettext("Certificate Revocation List %s is in use and cannot be deleted"), $name) . "<br/>";
94			} else {
95	c1f95f5c	jim-p	foreach ($a_crl as $cid => $acrl)
96			if ($acrl['refid'] == $thiscrl['refid'])
97			unset($a_crl[$cid]);
98	ad08687b	jim-p	write_config("Deleted CRL {$name}.");
99	ad8df715	jim-p	$savemsg = sprintf(gettext("Certificate Revocation List %s successfully deleted"), $name) . "<br/>";
100			}
101	81bfb231	jim-p	}
102
103			if ($act == "new") {
104			$pconfig['method'] = $_GET['method'];
105			$pconfig['caref'] = $_GET['caref'];
106			$pconfig['lifetime'] = "9999";
107			$pconfig['serial'] = "0";
108			}
109
110			if ($act == "exp") {
111	48f1333b	jim-p	crl_update($thiscrl);
112	c1f95f5c	jim-p	$exp_name = urlencode("{$thiscrl['descr']}.crl");
113			$exp_data = base64_decode($thiscrl['text']);
114	81bfb231	jim-p	$exp_size = strlen($exp_data);
115
116			header("Content-Type: application/octet-stream");
117			header("Content-Disposition: attachment; filename={$exp_name}");
118			header("Content-Length: $exp_size");
119			echo $exp_data;
120			exit;
121			}
122
123	28ff7ace	jim-p	if ($act == "addcert") {
124			if ($_POST) {
125			unset($input_errors);
126			$pconfig = $_POST;
127
128			if (!$pconfig['crlref'] \|\| !$pconfig['certref']) {
129			pfSenseHeader("system_crlmanager.php");
130			exit;
131			}
132
133			// certref, crlref
134			$crl =& lookup_crl($pconfig['crlref']);
135			$cert = lookup_cert($pconfig['certref']);
136
137			if (!$crl['caref'] \|\| !$cert['caref']) {
138			$input_errors[] = gettext("Both the Certificate and CRL must be specified.");
139			}
140
141			if ($crl['caref'] != $cert['caref']) {
142			$input_errors[] = gettext("CA mismatch between the Certificate and CRL. Unable to Revoke.");
143			}
144			if (!is_crl_internal($crl)) {
145			$input_errors[] = gettext("Cannot revoke certificates for an imported/external CRL.");
146			}
147
148			if (!$input_errors) {
149	fc54f29b	jim-p	$reason = (empty($pconfig['crlreason'])) ? OCSP_REVOKED_STATUS_UNSPECIFIED : $pconfig['crlreason'];
150			cert_revoke($cert, $crl, $reason);
151	8e022a76	jim-p	openvpn_refresh_crls();
152	cfcc6994	jim-p	write_config("Revoked cert {$cert['descr']} in CRL {$crl['descr']}.");
153	28ff7ace	jim-p	pfSenseHeader("system_crlmanager.php");
154	ad08687b	jim-p	exit;
155	28ff7ace	jim-p	}
156			}
157			}
158
159			if ($act == "delcert") {
160	c1f95f5c	jim-p	if (!is_array($thiscrl['cert'])) {
161	28ff7ace	jim-p	pfSenseHeader("system_crlmanager.php");
162			exit;
163			}
164	c1f95f5c	jim-p	$found = false;
165			foreach ($thiscrl['cert'] as $acert) {
166			if ($acert['refid'] == $_GET['certref']) {
167			$found = true;
168			$thiscert = $acert;
169			}
170			}
171			if (!$found) {
172			pfSenseHeader("system_crlmanager.php");
173			exit;
174			}
175			$name = $thiscert['descr'];
176			if (cert_unrevoke($thiscert, $thiscrl)) {
177			$savemsg = sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br/>";
178			openvpn_refresh_crls();
179	cfcc6994	jim-p	write_config(sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr']));
180	c1f95f5c	jim-p	} else {
181			$savemsg = sprintf(gettext("Failed to delete Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br/>";
182			}
183			$act="edit";
184	28ff7ace	jim-p	}
185
186	81bfb231	jim-p	if ($_POST) {
187			unset($input_errors);
188			$pconfig = $_POST;
189
190			/* input validation */
191	6f3d3a07	jim-p	if (($pconfig['method'] == "existing") \|\| ($act == "editimported")) {
192	5293bfec	jim-p	$reqdfields = explode(" ", "descr crltext");
193	81bfb231	jim-p	$reqdfieldsn = array(
194			gettext("Descriptive name"),
195			gettext("Certificate Revocation List data"));
196			}
197			if ($pconfig['method'] == "internal") {
198			$reqdfields = explode(" ",
199	5293bfec	jim-p	"descr caref");
200	81bfb231	jim-p	$reqdfieldsn = array(
201			gettext("Descriptive name"),
202			gettext("Certificate Authority"));
203			}
204
205			do_input_validation($_POST, $reqdfields, $reqdfieldsn, &$input_errors);
206
207			/* if this is an AJAX caller then handle via JSON */
208			if (isAjax() && is_array($input_errors)) {
209			input_errors2Ajax($input_errors);
210			exit;
211			}
212
213			/* save modifications */
214			if (!$input_errors) {
215			$result = false;
216
217	304af9d8	jim-p	if ($thiscrl) {
218	c1f95f5c	jim-p	$crl =& $thiscrl;
219	304af9d8	jim-p	} else {
220			$crl = array();
221			$crl['refid'] = uniqid();
222			}
223	81bfb231	jim-p
224	f2a86ca9	jim-p	$crl['descr'] = $pconfig['descr'];
225	6f3d3a07	jim-p	if ($act != "editimported") {
226			$crl['caref'] = $pconfig['caref'];
227			$crl['method'] = $pconfig['method'];
228			}
229	81bfb231	jim-p
230	6f3d3a07	jim-p	if (($pconfig['method'] == "existing") \|\| ($act == "editimported")) {
231	304af9d8	jim-p	$crl['text'] = base64_encode($pconfig['crltext']);
232	81bfb231	jim-p	}
233
234			if ($pconfig['method'] == "internal") {
235			$crl['serial'] = empty($pconfig['serial']) ? 9999 : $pconfig['serial'];
236			$crl['lifetime'] = empty($pconfig['lifetime']) ? 9999 : $pconfig['lifetime'];
237			$crl['cert'] = array();
238			}
239
240	c1f95f5c	jim-p	if (!$thiscrl)
241	81bfb231	jim-p	$a_crl[] = $crl;
242
243	304af9d8	jim-p	write_config("Saved CRL {$crl['descr']}");
244	6f3d3a07	jim-p	openvpn_refresh_crls();
245	81bfb231	jim-p	pfSenseHeader("system_crlmanager.php");
246			}
247			}
248
249			include("head.inc");
250			?>
251
252			<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
253			<?php include("fbegin.inc"); ?>
254			<script type="text/javascript">
255	0d15afff	Colin Fleming	//<![CDATA[
256	81bfb231	jim-p
257			function method_change() {
258
259	44bcc1be	jim-p	method = document.iform.method.value;
260	81bfb231	jim-p
261			switch (method) {
262	44bcc1be	jim-p	case "internal":
263	81bfb231	jim-p	document.getElementById("existing").style.display="none";
264			document.getElementById("internal").style.display="";
265			break;
266	44bcc1be	jim-p	case "existing":
267	81bfb231	jim-p	document.getElementById("existing").style.display="";
268			document.getElementById("internal").style.display="none";
269			break;
270			}
271			}
272
273	0d15afff	Colin Fleming	//]]>
274	81bfb231	jim-p	</script>
275			<?php
276			if ($input_errors)
277			print_input_errors($input_errors);
278			if ($savemsg)
279			print_info_box($savemsg);
280			?>
281	0d15afff	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="CRL manager">
282	81bfb231	jim-p	<tr>
283			<td>
284			<?php
285			$tab_array = array();
286			$tab_array[] = array(gettext("CAs"), false, "system_camanager.php");
287			$tab_array[] = array(gettext("Certificates"), false, "system_certmanager.php");
288			$tab_array[] = array(gettext("Certificate Revocation"), true, "system_crlmanager.php");
289			display_top_tabs($tab_array);
290			?>
291			</td>
292			</tr>
293			<tr>
294			<td id="mainarea">
295			<div class="tabcont">
296
297			<?php if ($act == "new" \|\| $act == gettext("Save") \|\| $input_errors): ?>
298
299			<form action="system_crlmanager.php" method="post" name="iform" id="iform">
300	0d15afff	Colin Fleming	<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
301	81bfb231	jim-p	<?php if (!isset($id)): ?>
302			<tr>
303			<td width="22%" valign="top" class="vncellreq"><?=gettext("Method");?></td>
304			<td width="78%" class="vtable">
305			<select name='method' id='method' class="formselect" onchange='method_change()'>
306			<?php
307			foreach($crl_methods as $method => $desc):
308	44bcc1be	jim-p	if (($_GET['importonly'] == "yes") && ($method != "existing"))
309			continue;
310	81bfb231	jim-p	$selected = "";
311			if ($pconfig['method'] == $method)
312	0d15afff	Colin Fleming	$selected = "selected=\"selected\"";
313	81bfb231	jim-p	?>
314			<option value="<?=$method;?>"<?=$selected;?>><?=$desc;?></option>
315			<?php endforeach; ?>
316			</select>
317			</td>
318			</tr>
319			<?php endif; ?>
320			<tr>
321			<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
322			<td width="78%" class="vtable">
323	f2a86ca9	jim-p	<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($pconfig['descr']);?>"/>
324	81bfb231	jim-p	</td>
325			</tr>
326			<tr>
327			<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate Authority");?></td>
328			<td width="78%" class="vtable">
329			<select name='caref' id='caref' class="formselect">
330			<?php
331			foreach($a_ca as $ca):
332			$selected = "";
333			if ($pconfig['caref'] == $ca['refid'])
334	0d15afff	Colin Fleming	$selected = "selected=\"selected\"";
335	81bfb231	jim-p	?>
336	f2a86ca9	jim-p	<option value="<?=$ca['refid'];?>"<?=$selected;?>><?=$ca['descr'];?></option>
337	81bfb231	jim-p	<?php endforeach; ?>
338			</select>
339			</td>
340			</tr>
341			</table>
342
343	0d15afff	Colin Fleming	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="existing" summary="existing">
344	81bfb231	jim-p	<tr>
345			<td colspan="2" class="list" height="12"></td>
346			</tr>
347			<tr>
348			<td colspan="2" valign="top" class="listtopic"><?=gettext("Existing Certificate Revocation List");?></td>
349			</tr>
350
351			<tr>
352			<td width="22%" valign="top" class="vncellreq"><?=gettext("CRL data");?></td>
353			<td width="78%" class="vtable">
354	364ecdd1	jim-p	<textarea name="crltext" id="crltext" cols="65" rows="7" class="formfld_crl"><?=$pconfig['crltext'];?></textarea>
355	0d15afff	Colin Fleming	<br/>
356			<?=gettext("Paste a Certificate Revocation List in X.509 CRL format here.");?>
357	81bfb231	jim-p	</td>
358			</tr>
359			</table>
360
361	0d15afff	Colin Fleming	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="internal" summary="internal">
362	81bfb231	jim-p	<tr>
363			<td colspan="2" class="list" height="12"></td>
364			</tr>
365			<tr>
366			<td colspan="2" valign="top" class="listtopic"><?=gettext("Internal Certificate Revocation List");?></td>
367			</tr>
368			<tr>
369			<td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td>
370			<td width="78%" class="vtable">
371			<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/>
372			<?=gettext("days");?><br/>
373			<?=gettext("Default: 9999");?>
374			</td>
375			</tr>
376			<tr>
377			<td width="22%" valign="top" class="vncellreq"><?=gettext("Serial");?></td>
378			<td width="78%" class="vtable">
379	0d15afff	Colin Fleming	<input name="serial" type="text" class="formfld unknown" id="serial" size="5" value="<?=htmlspecialchars($pconfig['serial']);?>"/>
380	81bfb231	jim-p	<br/>
381			<?=gettext("Default: 0");?>
382			</td>
383			</tr>
384			</table>
385
386	0d15afff	Colin Fleming	<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="save">
387	81bfb231	jim-p	<tr>
388			<td width="22%" valign="top"> </td>
389			<td width="78%">
390			<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
391	c1f95f5c	jim-p	<?php if (isset($id) && $thiscrl): ?>
392	0e6cf71b	Renato Botelho	<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
393	81bfb231	jim-p	<?php endif;?>
394			</td>
395			</tr>
396			</table>
397			</form>
398	6f3d3a07	jim-p	<?php elseif ($act == "editimported"): ?>
399			<?php $crl = $thiscrl; ?>
400			<form action="system_crlmanager.php" method="post" name="iform" id="iform">
401	0d15afff	Colin Fleming	<table width="100%" border="0" cellpadding="6" cellspacing="0" id="editimported" summary="import">
402	6f3d3a07	jim-p	<tr>
403			<td colspan="2" valign="top" class="listtopic"><?=gettext("Edit Imported Certificate Revocation List");?></td>
404			</tr>
405			<tr>
406			<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
407			<td width="78%" class="vtable">
408			<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($crl['descr']);?>"/>
409			</td>
410			</tr>
411			<tr>
412			<td width="22%" valign="top" class="vncellreq"><?=gettext("CRL data");?></td>
413			<td width="78%" class="vtable">
414			<textarea name="crltext" id="crltext" cols="65" rows="7" class="formfld_crl"><?=base64_decode($crl['text']);?></textarea>
415	0d15afff	Colin Fleming	<br/>
416	6f3d3a07	jim-p	<?=gettext("Paste a Certificate Revocation List in X.509 CRL format here.");?></td>
417			</td>
418			</tr>
419			<tr>
420			<td width="22%" valign="top"> </td>
421			<td width="78%">
422			<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
423	0e6cf71b	Renato Botelho	<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
424	6f3d3a07	jim-p	<input name="act" type="hidden" value="editimported" />
425			</td>
426			</tr>
427			</table>
428			</form>
429
430	28ff7ace	jim-p	<?php elseif ($act == "edit"): ?>
431	c1f95f5c	jim-p	<?php $crl = $thiscrl; ?>
432	28ff7ace	jim-p	<form action="system_crlmanager.php" method="post" name="iform" id="iform">
433	0d15afff	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="revoke">
434	28ff7ace	jim-p	<thead>
435			<tr>
436	fc54f29b	jim-p	<th width="90%" class="listhdrr" colspan="3"><b><?php echo gettext("Currently Revoked Certificates for CRL") . ': ' . $crl['descr']; ?></b></th>
437			<th width="10%" class="list"></th>
438			</tr>
439			<tr>
440			<th width="30%" class="listhdrr"><b><?php echo gettext("Certificate Name")?></b></th>
441			<th width="30%" class="listhdrr"><b><?php echo gettext("Revocation Reason")?></b></th>
442			<th width="30%" class="listhdrr"><b><?php echo gettext("Revoked At")?></b></th>
443			<th width="10%" class="list"></th>
444	28ff7ace	jim-p	</tr>
445			</thead>
446			<tbody>
447			<?php /* List Certs on CRL */
448			if (!is_array($crl['cert']) \|\| (count($crl['cert']) == 0)): ?>
449			<tr>
450	fc54f29b	jim-p	<td class="listlr" colspan="3">
451	28ff7ace	jim-p	<?php echo gettext("No Certificates Found for this CRL."); ?>
452			</td>
453			<td class="list"> </td>
454			</td>
455			<?php else:
456			foreach($crl['cert'] as $i => $cert):
457			$name = htmlspecialchars($cert['descr']);
458			?>
459			<tr>
460			<td class="listlr">
461			<?php echo $name; ?>
462			</td>
463	fc54f29b	jim-p	<td class="listlr">
464			<?php echo $openssl_crl_status[$cert["reason"]]; ?>
465			</td>
466			<td class="listlr">
467			<?php echo date("D M j G:i:s T Y", $cert["revoke_time"]); ?>
468			</td>
469	28ff7ace	jim-p	<td class="list">
470	0d15afff	Colin Fleming	<a href="system_crlmanager.php?act=delcert&id=<?php echo $crl['refid']; ?>&certref=<?php echo $cert['refid']; ?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate from the CRL?");?>')">
471	28ff7ace	jim-p	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("Delete this certificate from the CRL ");?>" alt="<?=gettext("Delete this certificate from the CRL ");?>" width="17" height="17" border="0" />
472			</a>
473			</td>
474			</tr>
475			<?php
476			endforeach;
477			endif;
478			?>
479			<?php /* Drop-down with other certs from this CA. */
480			// Map Certs to CAs in one pass
481			$ca_certs = array();
482			foreach($a_cert as $cert)
483			if ($cert['caref'] == $crl['caref'])
484			$ca_certs[] = $cert;
485			if (count($ca_certs) == 0): ?>
486			<tr>
487	fc54f29b	jim-p	<td class="listlr" colspan="3">
488	28ff7ace	jim-p	<?php echo gettext("No Certificates Found for this CA."); ?>
489			</td>
490			<td class="list"> </td>
491			</td>
492			<?php else: ?>
493			<tr>
494	fc54f29b	jim-p	<td class="listlr" colspan="3" align="center">
495	28ff7ace	jim-p	<b><?php echo gettext("Choose a Certificate to Revoke"); ?></b>: <select name='certref' id='certref' class="formselect">
496			<?php foreach($ca_certs as $cert): ?>
497	fc54f29b	jim-p	<option value="<?=$cert['refid'];?>"><?=htmlspecialchars($cert['descr'])?></option>
498	28ff7ace	jim-p	<?php endforeach; ?>
499	fc54f29b	jim-p	</select>
500			<b><?php echo gettext("Reason");?></b>:
501			<select name='crlreason' id='crlreason' class="formselect">
502			<?php foreach($openssl_crl_status as $code => $reason): ?>
503			<option value="<?= $code ?>"><?= htmlspecialchars($reason) ?></option>
504			<?php endforeach; ?>
505			</select>
506	28ff7ace	jim-p	<input name="act" type="hidden" value="addcert" />
507			<input name="crlref" type="hidden" value="<?=$crl['refid'];?>" />
508	c1f95f5c	jim-p	<input name="id" type="hidden" value="<?=$crl['refid'];?>" />
509	28ff7ace	jim-p	<input id="submit" name="add" type="submit" class="formbtn" value="<?=gettext("Add"); ?>" />
510			</td>
511			<td class="list"> </td>
512			</tr>
513			<?php endif; ?>
514			</tbody>
515			</table>
516			</form>
517	81bfb231	jim-p	<?php else: ?>
518
519	0d15afff	Colin Fleming	<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="ocpms">
520	81bfb231	jim-p	<thead>
521			<tr>
522			<td width="35%" class="listhdrr"><?=gettext("Name");?></td>
523			<td width="10%" class="listhdrr"><?=gettext("Internal");?></td>
524			<td width="35%" class="listhdrr"><?=gettext("Certificates");?></td>
525			<td width="10%" class="listhdrr"><?=gettext("In Use");?></td>
526			<td width="10%" class="list"></td>
527			</tr>
528			</thead>
529	0d15afff	Colin Fleming	<tfoot>
530			<tr>
531			<td colspan="5">
532			<p>
533			<?=gettext("Additional Certificate Revocation Lists can be added here.");?>
534			</p>
535			</td>
536			</tr>
537			</tfoot> <tbody>
538	81bfb231	jim-p	<?php
539	0d5c21f7	Chris Buechler	$caimg = "/themes/{$g['theme']}/images/icons/icon_frmfld_cert.png";
540	28ff7ace	jim-p	// Map CRLs to CAs in one pass
541	81bfb231	jim-p	$ca_crl_map = array();
542			foreach($a_crl as $crl)
543			$ca_crl_map[$crl['caref']][] = $crl['refid'];
544
545			$i = 0;
546			foreach($a_ca as $ca):
547	f2a86ca9	jim-p	$name = htmlspecialchars($ca['descr']);
548	81bfb231	jim-p
549			if($ca['prv']) {
550	44bcc1be	jim-p	$cainternal = "YES";
551	81bfb231	jim-p	} else
552	44bcc1be	jim-p	$cainternal = "NO";
553	81bfb231	jim-p	?>
554			<tr>
555			<td class="listlr" colspan="4">
556	0d15afff	Colin Fleming	<table border="0" cellpadding="0" cellspacing="0" summary="icon">
557	81bfb231	jim-p	<tr>
558	0d15afff	Colin Fleming	<td align="left" valign="middle">
559	81bfb231	jim-p	<img src="<?=$caimg;?>" alt="CA" title="CA" border="0" height="16" width="16" />
560			</td>
561			<td align="left" valign="middle">
562			<?=$name;?>
563			</td>
564			</tr>
565			</table>
566			</td>
567			<td class="list">
568	44bcc1be	jim-p	<?php if ($cainternal == "YES"): ?>
569	d5059f4c	bcyrill	<a href="system_crlmanager.php?act=new&caref=<?php echo $ca['refid']; ?>">
570	b1e4005f	Vinicius Coque	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?php printf(gettext("Add or Import CRL for %s"),$ca['descr']);?>" alt="<?=gettext("add crl");?>" width="17" height="17" border="0" />
571	81bfb231	jim-p	</a>
572	44bcc1be	jim-p	<?php else: ?>
573	d5059f4c	bcyrill	<a href="system_crlmanager.php?act=new&caref=<?php echo $ca['refid']; ?>&importonly=yes">
574	b1e4005f	Vinicius Coque	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?php printf(gettext("Import CRL for %s"),$ca['descr']);?>" alt="<?=gettext("add crl");?>" width="17" height="17" border="0" />
575	44bcc1be	jim-p	</a>
576			<?php endif; ?>
577	81bfb231	jim-p	</td>
578			</tr>
579
580			<?php
581			if (is_array($ca_crl_map[$ca['refid']])):
582			foreach($ca_crl_map[$ca['refid']] as $crl):
583			$tmpcrl = lookup_crl($crl);
584	ad8df715	jim-p	$internal = is_crl_internal($tmpcrl);
585			$inuse = crl_in_use($tmpcrl['refid']);
586	81bfb231	jim-p	?>
587			<tr>
588	f2a86ca9	jim-p	<td class="listlr"><?php echo $tmpcrl['descr']; ?></td>
589	ad8df715	jim-p	<td class="listr"><?php echo ($internal) ? "YES" : "NO"; ?></td>
590			<td class="listr"><?php echo ($internal) ? count($tmpcrl['cert']) : "Unknown (imported)"; ?></td>
591			<td class="listr"><?php echo ($inuse) ? "YES" : "NO"; ?></td>
592	0d15afff	Colin Fleming	<td valign="middle" class="list nowrap">
593			<a href="system_crlmanager.php?act=exp&id=<?=$tmpcrl['refid'];?>">
594	f2a86ca9	jim-p	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" />
595	81bfb231	jim-p	</a>
596	28ff7ace	jim-p	<?php if ($internal): ?>
597	0d15afff	Colin Fleming	<a href="system_crlmanager.php?act=edit&id=<?=$tmpcrl['refid'];?>">
598	c1f95f5c	jim-p	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" />
599	28ff7ace	jim-p	</a>
600	6f3d3a07	jim-p	<?php else: ?>
601	d5059f4c	bcyrill	<a href="system_crlmanager.php?act=editimported&id=<?=$tmpcrl['refid'];?>">
602	6f3d3a07	jim-p	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" />
603			</a>
604	28ff7ace	jim-p	<?php endif; ?>
605	ad8df715	jim-p	<?php if (!$inuse): ?>
606	0d15afff	Colin Fleming	<a href="system_crlmanager.php?act=del&id=<?=$tmpcrl['refid'];?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate Revocation List?") . ' (' . htmlspecialchars($tmpcrl['descr']) . ')';?>')">
607	f2a86ca9	jim-p	<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("Delete CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Delete CRL") . " " . htmlspecialchars($tmpcrl['descr']); ?>" width="17" height="17" border="0" />
608	81bfb231	jim-p	</a>
609	ad8df715	jim-p	<?php endif; ?>
610	81bfb231	jim-p	</td>
611			</tr>
612			<?php
613			$i++;
614			endforeach;
615			endif;
616			?>
617			<tr><td colspan="5"> </td></tr>
618			<?php
619			$i++;
620			endforeach;
621			?>
622			</tbody>
623			</table>
624
625			<?php endif; ?>
626
627			</div>
628			</td>
629			</tr>
630			</table>
631			<?php include("fend.inc");?>
632			<script type="text/javascript">
633	0d15afff	Colin Fleming	//<![CDATA[
634	81bfb231	jim-p
635			method_change();
636
637	0d15afff	Colin Fleming	//]]>
638	81bfb231	jim-p	</script>
639
640			</body>
641	0e6cf71b	Renato Botelho	</html>

Project

General

Profile

pfSense