pfSense

function pkg_conf_setup($repo_path) {

	$auth_ca = "/etc/ssl/netgate-ca.pem";

	$auth_cert = "/etc/ssl/pfSense-repo-custom.cert";

	$auth_key = "/etc/ssl/pfSense-repo-custom.key";

	if (strpos($repo_path, "{$g['product_name']}-repo-custom") &&

	    file_exists($auth_ca) && file_exists($auth_cert) &&

	    file_exists($auth_key)) {

		$pkg_conf[] = "PKG_ENV {\n";

		$pkg_conf[] = "\tSSL_CA_CERT_FILE=$auth_ca\n";

		$pkg_conf[] = "\tSSL_CLIENT_CERT_FILE=$auth_cert\n";

		$pkg_conf[] = "\tSSL_CLIENT_KEY_FILE=$auth_key\n";

		$pkg_conf[] = "}\n";

	}

	pkg_conf_setup($path);

$cafilesrc = "/usr/local/share/{$g['product_name']}/ssl/netgate-ca.pem";

$cafile = "/etc/ssl/netgate-ca.pem";

 * migration to another update repository should the existing one become

	global $g, $cafile, $cafilesrc, $config, $idfile, $FQDN, $repopath;

	/* Copy the CA file to the proper place before start. */

	if (!file_exists($cafile) && file_exists($cafilesrc)) {

		copy($cafilesrc, $cafile);

	}

		if (!empty($repo['conf']))		{file_put_contents($basename . "conf", base64_decode($repo['conf']));}

		if (!empty($repo['descr']))		{file_put_contents($basename . "descr", $repo['descr']);}

		if (!empty($repo['abi']))		{file_put_contents($basename . "abi", $repo['abi']);}

		if (!empty($repo['altabi']))	{file_put_contents($basename . "altabi", $repo['altabi']);}

		if (!empty($repo['name']))		{file_put_contents($basename . "name", $repo['name']);}

		if (!empty($repo['help']))		{file_put_contents($basename . "help", $repo['help']);}

		// Save the client Cert & key

		if (!empty($repo['cert']) && !empty($repo['key'])) {

			$certbasename = "/etc/ssl/{$g['product_name']}-repo-custom.";

			file_put_contents($certbasename . "cert", $repo['cert']);

			file_put_contents($certbasename . "key", $repo['key']);

			chmod($certbasename . "key", 0600);

		}

# Copy default openssl config file and Netgate CA

[ -f /usr/local/share/${product_name}/ssl/netgate-ca.pem ] \

	&& cp -f /usr/local/share/${product_name}/ssl/netgate-ca.pem /etc/ssl

<?php

/*

 * system_register.inc

 *

 * part of pfSense plus (https://www.netgate.com)

 * Copyright (c) 2014-2022 Rubicon Communications, LLC (Netgate)

 * All rights reserved.

 */

$FQDN = "https://ews.netgate.com/plus";

$idfile = "/var/db/uniqueid";

// Transmit the NDI and activation token so that user registration is recorded

// $action = "check" determines if this instance is a candidate for registion

// "register" performs the registration

function activate_plus($action, $token) {

	global $g, $FQDN, $idfile;

	if (file_exists($idfile)) {

		if (function_exists('curl_version')) {

			$post = ['act' => $action, 'uid' => file_get_contents($idfile), 'token' => $token, 'product' => "CE"];

			$url = $FQDN;

			$ch = curl_init();

			curl_setopt($ch, CURLOPT_HEADER, 0);

			curl_setopt($ch, CURLOPT_VERBOSE, 0);

			curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);

			curl_setopt($ch, CURLOPT_USERAGENT, $g['product_label'] . '/' . $g['product_version']);

			curl_setopt($ch, CURLOPT_URL, $url);

			curl_setopt($ch, CURLOPT_POST, true);

			curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post));

			curl_setopt($ch, CURLOPT_CONNECTTIMEOUT ,4);

			$response = curl_exec($ch);

			$status = curl_getinfo($ch, CURLINFO_HTTP_CODE);

			curl_close($ch);

			if ($status == 200) {

				return trim($response);

			}

		}

	}

	return "FAIL";

}

?>

-----BEGIN CERTIFICATE-----

MIIGdjCCBF6gAwIBAgIUMHOwWSamn5M+UgESNeiPVzCtWeEwDQYJKoZIhvcNAQEL

BQAwgZIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEPMA0GA1UEBwwGQXVz

dGluMS4wLAYDVQQKDCVSdWJpY29uIENvbW11bmljYXRpb25zLCBMTEMgKE5ldGdh

dGUpMRgwFgYDVQQLDA9OZXRnYXRlIHJvb3QgQ0ExGDAWBgNVBAMMD05ldGdhdGUg

cm9vdCBDQTAgFw0yMTExMjMyMDM5MzFaGA8zMDIxMDMyNjIwMzkzMVowgZIxCzAJ

BgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEPMA0GA1UEBwwGQXVzdGluMS4wLAYD

VQQKDCVSdWJpY29uIENvbW11bmljYXRpb25zLCBMTEMgKE5ldGdhdGUpMRgwFgYD

VQQLDA9OZXRnYXRlIHJvb3QgQ0ExGDAWBgNVBAMMD05ldGdhdGUgcm9vdCBDQTCC

AiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANNDuUCzYYKMqqIsnlfHqlhd

NjS8p8wrvlIqMyOFLBWdGRzF3CP6AyJNlwHgbKPNmZluoWwqA28lmQmbS/sMK13q

+UuH/l8r0oYQVizPWyY0dug9e7qhI+7fxHW4QOa0KbZfS227sFMEXuJNNagX2atP

QTaWzmFoOqi546703a0ng6VhSDJUkseEqjJg/7SSKsVO3+2TIfDJGBjMsnU8kgzK

DXbeQdCj6+rzNyI5zT3ijeNB1kPy6qGvj+NJ1xhdX0DG1xooGAH+5jVy8dWumMj1

Q1VY9S9OzAtiwOSUJGJnq5qaAY3QYdOYzEa6oL9zL9411ovZO16XDC9PR6uC8nBL

tcJvuv4sxEnEKzmgGM/FqKgke/hb5jd36BItfSiAaUrbANjD/qYZM+RVd6Y8w/uj

k01xMWqV4iUNiKjxBp9cqCDGBLQF7c8sCbhiDWfKdY2um4mxY6YqPetEV/brbDFv

L+bDQTULz+6GS4B/ZoaeajyOqU7AEHUIxZ6AGiXApDWZTZUbzDtzA81XWFy8Tnkh

XYauijrwPgze6IroZa77/kFqBqCXrja+f6rSWBTEDcfED1JNcaHILcQFL3bm+9sZ

59Jp4DTwStcQb6XroVUVlcCv+gYYoy3MipTGfFLZEqH095NfW40iwaM0IMp8691N

JUholIL+9AN/Ut2/5Ca1AgMBAAGjgb8wgbwwHgYDVR0RBBcwFYETc3VwcG9ydEBu

ZXRnYXRlLmNvbTA5BgNVHR8EMjAwMC6gLKAqhihodHRwczovL2ZpbGVzLm5ldGdh

dGUuY29tL25ldGdhdGUtY2EuY3JsMB0GA1UdDgQWBBRyuXEWmup+y05X8qIIribW

XT/SLDAfBgNVHSMEGDAWgBRyuXEWmup+y05X8qIIribWXT/SLDAPBgNVHRMBAf8E

BTADAQH/MA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOCAgEAWlBbCQgp

qF3tWR/DmyVP3yzn1+yA7qbqT5LDfJFjiaSoQ460oHVMT3jnpSLoxf4AUO/cgvEB

/1M1LpERIDP18UWsSEnI/+W+vAddLpVIPIKvUz4koC0yDbf8DpSHVYCjUNUHLbTx

Fi8ol1SDBl+9ZOukG4Je1UuxhWQIlFcf7bhwvq7WTFPT/1PF/2Zl3vkkJd07Bwgb

Oa6IkpKR9FGahYnOamMifrzbgezjQrnJE/KUZav810BhT2p8LR9h00WonZpcOwuk

I6vxt9Own3wtpyXiAaVJenE+zv3BCl6r6/WqiRV8rxJrVBo3RrCiwkW5xq+ygOU0

jfAqG0d2V7jStiNBUXunfZ2sofaOZLz3/hGbpJjgM0Gv9/yrqV/ssYLAk2gw/smb

WOXZj6ydyf6cpSS8EE4rJUKnuJK01K5/Ga5uNn0QxcB6cXhC+0SiXdiCwxMXzAzl

bPR6/0CsobZWGenQjiBl+3YBciidFRZB/6q0iGDblKTFsZaEOLZewhcXGAfc5Ism

mh9fLo++pd33Lt5whlE72WYYzo2MmV9Xs7OJBrXJJ2NSdDRm8LqUh3cxyQIhGett

9WClUxIZjGS9tilIBW8rQ+Ww/zQP96MMYk2RYTP8IccHTU2PfMjBqg+BU1/LyP5h

ZFtuKxBSYN+btbZiY2RZ0AfVmxjYeZKNYMQ=

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

MIIGbDCCBFSgAwIBAgIUPz3/XJJeCD7Ci9X8spWXaJ1LoMgwDQYJKoZIhvcNAQEL

BQAwgZIxCzAJBgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEPMA0GA1UEBwwGQXVz

dGluMS4wLAYDVQQKDCVSdWJpY29uIENvbW11bmljYXRpb25zLCBMTEMgKE5ldGdh

dGUpMRgwFgYDVQQLDA9OZXRnYXRlIHJvb3QgQ0ExGDAWBgNVBAMMD05ldGdhdGUg

cm9vdCBDQTAgFw0yMTExMjMyMDM5NTFaGA8yMTIxMTAzMDIwMzk1MVowgYgxCzAJ

BgNVBAYTAlVTMQ4wDAYDVQQIDAVUZXhhczEPMA0GA1UEBwwGQXVzdGluMS4wLAYD

VQQKDCVSdWJpY29uIENvbW11bmljYXRpb25zLCBMTEMgKE5ldGdhdGUpMRMwEQYD

VQQLDApOZXRnYXRlIENBMRMwEQYDVQQDDApOZXRnYXRlIENBMIICIjANBgkqhkiG

9w0BAQEFAAOCAg8AMIICCgKCAgEAwMgrMImVMVuXPuf82/RK08hSJvxFrAcT5KHw

79qb3Gz7nz32EfVzc7TJsNSjH9xWuYX0KB2VkrLV9j4IbBJ5Lk0cNjUiXFhY4S5h

CN63NM0OigWIcAb4CAdc90rDGp2i+2QBIx9VbY2WvDcEACLd/mc7L1wJZp01R8IW

05oID0UoWeMnd2vbvwR8YPmn6d2o5RQbl0V9+Yp2Ocw2+ZAwe8wKSBWKevqi6cBP

CCM3Hr3aZ9kXnQv3gCy6Hx3NWX3O6UvHL3UXodCYpL0xbc+sC0IIDwnO8VT8x7jY

t3Evx8J8kVct69dQ5Yw6TNRAtj4zSw0TJ3Y1KF9YdSLWaA9yw4VjKAUYahytPfwD

d3hlBI0xDnQADxMj+c/KKActV3D/fCwKqshKG+G/q+2au85ZovsIf9Lh9V7GcZnD

IxsG57jXlUpXX/ZPCfWHMbfeirNPYlDeaxCop4nLFFKlgP8Js4vB/yJ0h/rM2bXU

VSnUaLs8udPKE+czpGbEzs2CDhnB6yi9DYz+AZKKAES4Sl5oA6NNmTgS6wqb57Lz

wuWlTKNkCs0k9HhPp26psSAu0KicB52DOx5yGo/4mAnZCMhFUKtWyfDccFJfn58H

vx2EGEpPP2DBbWaVwitfTe9C2+hjGhPA/syDlZgvwcZYQUztDDJEf2WiqIp0ktz6

3n/56p8CAwEAAaOBvzCBvDAeBgNVHREEFzAVgRNzdXBwb3J0QG5ldGdhdGUuY29t

MDkGA1UdHwQyMDAwLqAsoCqGKGh0dHBzOi8vZmlsZXMubmV0Z2F0ZS5jb20vbmV0

Z2F0ZS1jYS5jcmwwHQYDVR0OBBYEFGKcg07Bso+TcUQqu50dodwFAMQoMB8GA1Ud

IwQYMBaAFHK5cRaa6n7LTlfyogiuJtZdP9IsMA8GA1UdEwEB/wQFMAMBAf8wDgYD

VR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4ICAQAhVNe5H5J0dt6SgPHgoLdQ

g6Uhagl9+zlDdC+JyBTHroj5CG2nC6147HOOKeKZLm3OsTLDx0nxj/MGrc/Q9wmf

5/YEGDuja3NPVAM3RR7+YRIIrEg7cbWoxdkQ4SkZ+I13ZoRKiOWR/pXH/LKM+JNY

DyUb6XjZLYspqlU58QtmEy3kxPtVjPSmh/lG9wT7MYz3bq1msi2gCwZqStXiHZ9M

0hvqqucOtqf9vWkQfGJN34Xi/HLUt8ZVeMS5uTW+hiJN3Mz0vE0V89hbHIP7lloB

z7jrJV3uky2dQEA70yXK4Bv9z5RqEyfzvMgGfRhUSRn75sbYc8GJkJMVMDiuXkQE

zqf+J40LMqhPl9Ox47hCkL4iSZH2gJI7H1xNZfrMJvbG7hf4t+Kukb/40648QXRz

v2cPfQkfzp/Rg5OaBEa1cr73AzwiPXOrqhbA/bPFzk0rs5Yfr7nRZDC8BEtZE109

X1Mldd/k/Q/DUDYfd0KyE043QiZiYRC069OI4m2dB7mGepIimRz7bTMK2UCRbVuS

UXCjjVzDwdvat4oyz6lfaUXmzZHTmK2CXg8KdapBNoN6ufLUjVtL0inQMUUsOR20

+jKm2YnRxTePtFdhaeAjAPmNEBt3iRqLBvx/mSJFznWn8a6EBikdJ2zgvr+7ASfv

+TZYDL1cfSVwg+6H+PbP1g==

-----END CERTIFICATE-----

$system_menu[] = array(gettext("Register"), "/system_register.php");

	$help_menu[] = array(gettext("Upgrade to pfSense Plus"), "https://redirects.netgate.com/upgrade");

<?php

/*

 * system_register.php

 *

 * part of pfSense (https://www.pfsense.org)

 * Copyright (c) 2013-2016 Electric Sheep Fencing

 * Copyright (c) 2014-2022 Rubicon Communications, LLC (Netgate)

 * All rights reserved.

 *

 * originally based on m0n0wall (http://m0n0.ch/wall)

 * Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.

 * All rights reserved.

 *

 * Licensed under the Apache License, Version 2.0 (the "License");

 * you may not use this file except in compliance with the License.

 * You may obtain a copy of the License at

 *

 * http://www.apache.org/licenses/LICENSE-2.0

 *

 * Unless required by applicable law or agreed to in writing, software

 * distributed under the License is distributed on an "AS IS" BASIS,

 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

 * See the License for the specific language governing permissions and

 * limitations under the License.

 */

##|+PRIV

##|*IDENT=page-system-register

##|*NAME=System: Register

##|*DESCR=Allow access to the 'System: Register' page.

##|*MATCH=system_register.php*

##|-PRIV

require_once("guiconfig.inc");

require_once("system_register.inc");

include("head.inc");

// Possible helpblock messages

$pgtitle = array(gettext("System"), gettext("Register"));

$pghelp = sprintf(gettext('Thank you for choosing %1s%2s'), $g['product_label_html'], '<br /><br />');

$pghelp_notrequired = gettext("Your device does not require registration, we recognize it already." .

   " You may have already registered, or it may be a pre-registered Netgate appliance.");

$pghelp_offline = gettext("The registration system is not currently available. Please check your network connection and try again.");

$pghelp_ok = gettext('pfSense<sup>&reg;</sup> Community Edition software may be upgraded to pfSense<sup>&reg;</sup> Plus software by purchasing an upgrade from the Netgate store here: ' .

'<a href="https://redirects.netgate.com/upgrade">Upgrade</a>' .

'<br />Once your upgrade purchase is complete, you will receive an activation token by email.' .

'Please paste that token into the field below, then click “Register”.' .

'<br /><br>Registration ensures you have access to the services included with pfSense<sup>&reg;</sup> Plus software.' .

'<br />If you do not receive the activation token email within a few minutes of placing the order, please contact <a href="https://go.netgate.com">Netgate TAC</a>.');

$pghelp_exists = sprintf(gettext("This device has already been registered. " .

   "If you believe that to be incorrect, please contact Netgate TAC support for assistance by visiting %1s."),

   '<a href="go.netgate.com", target="_blank">go.netgate.com</a>');

$pghelp_notready = sprintf(gettext("The registration service is not available yet. Please watch %1s, %2s, %3s,  for updates."),

   '<a href="https://www.netgate.com/blog/" target="_blank">our blog</a>',

   '<a href="https://twitter.com/NetgateUSA" target="_blank">Twitter</a>',

   '<a href="https://www.reddit.com/r/Netgate/" target="_blank">Reddit</a>'

);

$pghelp_success = gettext("Your firewall has been successfully registered. On your next visit to the System/Update page, select pfSense<sup>&reg;</sup> Plus software from the list of repositories.");

$pghelp_notfound = sprintf(gettext("This activation token is not valid. " .

   "Please contact Netgate TAC support for assistance by visiting %1s"), '<a href="https://go.netgate.com" target="_blank">go.netgate.com</a>');

$disabled = "disabled";

$activation_token = "";

$alert_color = 'info';

// On registration (POST), call the activate_plus() function to register the token and NDI with the server.

// Otherwise call check_plus() to determine if this device is suitable for registration.

// Choose from one of the above messages on return

if ($_POST && $_REQUEST['Submit'] == 'Register') {

	$activation_token = $_REQUEST['activation_token'];

	if ( !empty($activation_token)) {

		unset($input_errors);

		$activation_token = str_replace(' ', '', trim($activation_token));

		$activation_token = str_replace("\n", '', $activation_token);

		$activation_token = str_replace("\r", '', $activation_token);

		if (preg_match('/(^[A-Za-z0-9-_]*\.[A-Za-z0-9-_]*\.[A-Za-z0-9-_]*$)/', $activation_token)) {

			makehelp(activate_plus("register", $activation_token));

		} else {

			$input_errors[] = $activation_token . ' ' . gettext('is not a valid activation token!');

		}

	} else {

		$input_errors[] = gettext('An activation token must be provided.');

	}

} else {

	makeHelp(activate_plus("check", ""));

}

if ($input_errors) {

	print_input_errors($input_errors);

	$disabled = "";

}

print('<div class="infoblock blockopen">');

print_info_box($pghelp,$alert_color, false);

print('</div>');

$form = new Form(false);

$section = new Form_Section('Register ' . $g['product_label']);

$section->addInput(new Form_Textarea(

	'activation_token',

	'*Activation token',

	$activation_token

))->setAttribute($disabled, true)

  ->setAttribute('rows', '10')

  ->removeClass('form-control')

  ->addClass('row-fluid col-sm-8');

$form->add($section);

$form->addGlobal(new Form_Button(

	'Submit',

	'Register',

	null,

	'fa-registered'

))->addClass('btn-primary')->setAttribute($disabled, true);

print $form;

// Display the appropriate message, color and input activation based on the web service response

function makeHelp($res) {

	global $pghelp, $disabled, $pghelp_ok, $pghelp_offline, $alert_color;

	global $pghelp_notrequired, $pghelp_notready, $pghelp_success, $pghelp_notfound;

	switch ($res) {

		case "OK" :

			$pghelp .= $pghelp_ok;

			$disabled = "";

		break;

		case "FAIL" :

			$pghelp .= $pghelp_offline;

			$alert_color = 'danger';

		break;

		case "EXISTS" :

			$pghelp .= $pghelp_notrequired;

			$alert_color = 'warning';

		break;

		case "NOTREADY" :

			$pghelp .= $pghelp_notready;

			$alert_color = 'warning';

		break;

		case "REGOK" :

			$pghelp .= $pghelp_success;

			$alert_color = 'success';

		break;

		case "NOTFOUND" :

			$pghelp .= $pghelp_notfound;

			$disabled = false;

			$alert_color = 'danger';

		break;

	}

}

include("foot.inc");

?>