aboutsummaryrefslogtreecommitdiffstats
path: root/config/dansguardian
diff options
context:
space:
mode:
authorMarcello Coutinho <marcellocoutinho@gmail.com>2012-03-23 11:28:56 -0300
committerMarcello Coutinho <marcellocoutinho@gmail.com>2012-03-23 11:28:56 -0300
commit59c61b820001e28adca65e6c1d77c161648d9396 (patch)
treed36e904cc4d9019ea229421e78164489ae6dad8c /config/dansguardian
parent1155622afe7af09ef01ac9b97daf23224fd5487a (diff)
downloadpfsense-packages-59c61b820001e28adca65e6c1d77c161648d9396.tar.gz
pfsense-packages-59c61b820001e28adca65e6c1d77c161648d9396.tar.bz2
pfsense-packages-59c61b820001e28adca65e6c1d77c161648d9396.zip
dansguardian - include ca_root_nss-3.13.3 package for certificate checks
Diffstat (limited to 'config/dansguardian')
-rwxr-xr-xconfig/dansguardian/dansguardian.inc20
1 files changed, 20 insertions, 0 deletions
diff --git a/config/dansguardian/dansguardian.inc b/config/dansguardian/dansguardian.inc
index a568b69e..3d2d83f8 100755
--- a/config/dansguardian/dansguardian.inc
+++ b/config/dansguardian/dansguardian.inc
@@ -226,6 +226,7 @@ function sync_package_dansguardian() {
$ca_pk = "caprivatekeypath = '/etc/ssl/demoCA/private/cakey.pem'";
}
if(base64_decode($ca_cert['crt'])) {
+ $cert_hash=array();
file_put_contents("/etc/ssl/demoCA/cacert.pem",base64_decode($ca_cert['crt']));
exec("/usr/bin/openssl x509 -hash -noout -in /etc/ssl/demoCA/cacert.pem",$cert_hash);
file_put_contents("/usr/local/share/certs/".$cert_hash[0].".0",base64_decode($ca_cert['crt']));
@@ -1033,6 +1034,25 @@ function dansguardian_validate_input($post, &$input_errors) {
}
function dansguardian_php_install_command() {
+ conf_mount_rw();
+ #create ca-root hashes from ca-root-nss package
+ print "Creating root certificate bundle hashes from the Mozilla Project\n";
+ $cas=file('/usr/local/share/certs/ca-root-nss.crt');
+ $cert=0;
+ foreach ($cas as $ca){
+ if (preg_match("/--BEGIN CERTIFICATE--/",$ca))
+ $cert=1;
+ if ($cert == 1)
+ $crt.=$ca;
+ if (preg_match("/-END CERTIFICATE-/",$ca)){
+ file_put_contents("/tmp/cert.pem",$crt, LOCK_EX);
+ $cert_hash=array();
+ exec("/usr/bin/openssl x509 -hash -noout -in /tmp/cert.pem",$cert_hash);
+ file_put_contents("/usr/local/share/certs/".$cert_hash[0].".0",$crt,LOCK_EX);
+ $crt="";
+ $cert=0;
+ }
+ }
sync_package_dansguardian();
}