/src/usr/local/www/system_crlmanager.php - Diff - pfSense - pfSense bugtracker

« Previous | Next »

Revision 9aa8f6a8

Prevent CRL from using too large a lifetime on ARM. Fixes #9098

     require_once("pfsense-utils.inc");
     require_once("vpn.inc");
     $max_lifetime = crl_get_max_lifetime();
     $default_lifetime = 3650;
     if ($max_lifetime < $default_lifetime) {
     	$default_lifetime = $max_lifetime;
+    }
     global $openssl_crl_status;
     $crl_methods = array(
-...
     if ($act == "new") {
     	$pconfig['method'] = $_REQUEST['method'];
     	$pconfig['caref'] = $_REQUEST['caref'];
     	$pconfig['lifetime'] = "9999";
     	$pconfig['lifetime'] = $default_lifetime;
     	$pconfig['serial'] = "0";
+    }
-...
     	if (preg_match("/[\?\>\<\&\/\\\"\']/", $pconfig['descr'])) {
     		array_push($input_errors, "The field 'Descriptive Name' contains invalid characters.");
+    	}
     	if ($pconfig['lifetime'] > $max_lifetime) {
     		$input_errors[] = gettext("Lifetime is longer than the maximum allowed value. Use a shorter lifetime.");
+    	}
     	/* save modifications */
     	if (!$input_errors) {
-...
     		if ($pconfig['method'] == "internal") {
     			$crl['serial'] = empty($pconfig['serial']) ? 9999 : $pconfig['serial'];
     			$crl['lifetime'] = empty($pconfig['lifetime']) ? 9999 : $pconfig['lifetime'];
     			$crl['lifetime'] = empty($pconfig['lifetime']) ? $default_lifetime : $pconfig['lifetime'];
     			$crl['cert'] = array();
+    		}
-...
     		'Lifetime (Days)',
     		'number',
     		$pconfig['lifetime'],
     		['max' => '9999']
     		['max' => $max_lifetime]
     	));
     	$section->addInput(new Form_Input(

Also available in: Unified diff