diff options
author | Marcello Coutinho <marcellocoutinho@gmail.com> | 2012-03-23 11:28:56 -0300 |
---|---|---|
committer | Marcello Coutinho <marcellocoutinho@gmail.com> | 2012-03-23 11:28:56 -0300 |
commit | 59c61b820001e28adca65e6c1d77c161648d9396 (patch) | |
tree | d36e904cc4d9019ea229421e78164489ae6dad8c /config/dansguardian | |
parent | 1155622afe7af09ef01ac9b97daf23224fd5487a (diff) | |
download | pfsense-packages-59c61b820001e28adca65e6c1d77c161648d9396.tar.gz pfsense-packages-59c61b820001e28adca65e6c1d77c161648d9396.tar.bz2 pfsense-packages-59c61b820001e28adca65e6c1d77c161648d9396.zip |
dansguardian - include ca_root_nss-3.13.3 package for certificate checks
Diffstat (limited to 'config/dansguardian')
-rwxr-xr-x | config/dansguardian/dansguardian.inc | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc index a568b69e..3d2d83f8 100755 --- a/config/dansguardian/dansguardian.inc +++ b/config/dansguardian/dansguardian.inc @@ -226,6 +226,7 @@ function sync_package_dansguardian() { $ca_pk = "caprivatekeypath = '/etc/ssl/demoCA/private/cakey.pem'"; } if(base64_decode($ca_cert['crt'])) { + $cert_hash=array(); file_put_contents("/etc/ssl/demoCA/cacert.pem",base64_decode($ca_cert['crt'])); exec("/usr/bin/openssl x509 -hash -noout -in /etc/ssl/demoCA/cacert.pem",$cert_hash); file_put_contents("/usr/local/share/certs/".$cert_hash[0].".0",base64_decode($ca_cert['crt'])); @@ -1033,6 +1034,25 @@ function dansguardian_validate_input($post, &$input_errors) { } function dansguardian_php_install_command() { + conf_mount_rw(); + #create ca-root hashes from ca-root-nss package + print "Creating root certificate bundle hashes from the Mozilla Project\n"; + $cas=file('/usr/local/share/certs/ca-root-nss.crt'); + $cert=0; + foreach ($cas as $ca){ + if (preg_match("/--BEGIN CERTIFICATE--/",$ca)) + $cert=1; + if ($cert == 1) + $crt.=$ca; + if (preg_match("/-END CERTIFICATE-/",$ca)){ + file_put_contents("/tmp/cert.pem",$crt, LOCK_EX); + $cert_hash=array(); + exec("/usr/bin/openssl x509 -hash -noout -in /tmp/cert.pem",$cert_hash); + file_put_contents("/usr/local/share/certs/".$cert_hash[0].".0",$crt,LOCK_EX); + $crt=""; + $cert=0; + } + } sync_package_dansguardian(); } |