diff options
author | jim-p <jimp@pfsense.org> | 2015-12-03 17:22:43 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2015-12-03 17:22:43 -0500 |
commit | 7039bd10d12d81879d7a1c03d4e4cd5fa3aab938 (patch) | |
tree | efe7114cdc7ff982477fbbd2bf756eb89f31aa83 /config | |
parent | cbc591cad92ac42aa15aab2f377b13c4341a7685 (diff) | |
download | pfsense-packages-7039bd10d12d81879d7a1c03d4e4cd5fa3aab938.tar.gz pfsense-packages-7039bd10d12d81879d7a1c03d4e4cd5fa3aab938.tar.bz2 pfsense-packages-7039bd10d12d81879d7a1c03d4e4cd5fa3aab938.zip |
More ACB SSL_VERIFYPEER fixes. Fixes #5560
Diffstat (limited to 'config')
-rw-r--r-- | config/autoconfigbackup/autoconfigbackup.inc | 8 | ||||
-rw-r--r-- | config/autoconfigbackup/autoconfigbackup.php | 35 | ||||
-rw-r--r-- | config/autoconfigbackup/autoconfigbackup.xml | 2 | ||||
-rw-r--r-- | config/autoconfigbackup/autoconfigbackup_stats.php | 7 |
4 files changed, 43 insertions, 9 deletions
diff --git a/config/autoconfigbackup/autoconfigbackup.inc b/config/autoconfigbackup/autoconfigbackup.inc index 704fd165..f7baf74b 100644 --- a/config/autoconfigbackup/autoconfigbackup.inc +++ b/config/autoconfigbackup/autoconfigbackup.inc @@ -145,7 +145,6 @@ function test_connection($post) { } else { curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 1); } - curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($curl_session, CURLOPT_POST, 1); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_CONNECTTIMEOUT, 55); @@ -260,7 +259,12 @@ function upload_config($reasonm = "") { curl_setopt($curl_session, CURLOPT_POST, count($post_fields)); curl_setopt($curl_session, CURLOPT_POSTFIELDS, $fields_string); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); - curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + if ($pf_version < 2.2) { + // pre-2.2 doesn't have ca-root-nss + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + } else { + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 1); + } curl_setopt($curl_session, CURLOPT_CONNECTTIMEOUT, 55); curl_setopt($curl_session, CURLOPT_TIMEOUT, 30); curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); diff --git a/config/autoconfigbackup/autoconfigbackup.php b/config/autoconfigbackup/autoconfigbackup.php index 9a7d67a1..f29a73c5 100644 --- a/config/autoconfigbackup/autoconfigbackup.php +++ b/config/autoconfigbackup/autoconfigbackup.php @@ -94,7 +94,12 @@ function get_hostnames() { $curl_session = curl_init(); curl_setopt($curl_session, CURLOPT_URL, $stats_url); curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}"))); - curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + if ($pf_version < 2.2) { + // pre-2.2 doesn't have ca-root-nss + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + } else { + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 1); + } curl_setopt($curl_session, CURLOPT_POST, 1); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=showstats"); @@ -180,7 +185,12 @@ function get_hostnames() { curl_setopt($curl_session, CURLOPT_URL, $del_url); curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}"))); curl_setopt($curl_session, CURLOPT_POST, 3); - curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + if ($pf_version < 2.2) { + // pre-2.2 doesn't have ca-root-nss + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + } else { + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 1); + } curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=delete" . "&hostname=" . urlencode($hostname) . "&revision=" . urlencode($_REQUEST['rmver'])); curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); @@ -209,7 +219,12 @@ function get_hostnames() { curl_setopt($curl_session, CURLOPT_URL, $get_url); curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}"))); curl_setopt($curl_session, CURLOPT_POST, 3); - curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + if ($pf_version < 2.2) { + // pre-2.2 doesn't have ca-root-nss + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + } else { + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 1); + } curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=restore" . "&hostname=" . urlencode($hostname) . "&revision=" . urlencode($_REQUEST['newver'])); curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); @@ -279,7 +294,12 @@ EOF; curl_setopt($curl_session, CURLOPT_URL, $get_url); curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}"))); curl_setopt($curl_session, CURLOPT_POST, 3); - curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + if ($pf_version < 2.2) { + // pre-2.2 doesn't have ca-root-nss + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + } else { + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 1); + } curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=restore" . "&hostname=" . urlencode($hostname) . "&revision=" . urlencode($_REQUEST['download'])); curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); @@ -335,7 +355,12 @@ EOF; $curl_session = curl_init(); curl_setopt($curl_session, CURLOPT_URL, $get_url); curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}"))); - curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + if ($pf_version < 2.2) { + // pre-2.2 doesn't have ca-root-nss + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + } else { + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 1); + } curl_setopt($curl_session, CURLOPT_POST, 1); curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=showbackups&hostname={$hostname}"); diff --git a/config/autoconfigbackup/autoconfigbackup.xml b/config/autoconfigbackup/autoconfigbackup.xml index f2fd8785..107a9722 100644 --- a/config/autoconfigbackup/autoconfigbackup.xml +++ b/config/autoconfigbackup/autoconfigbackup.xml @@ -43,7 +43,7 @@ <description>Automatically backs up your pfSense configuration. All contents are encrypted before being sent to the server. Requires Gold Subscription from https://portal.pfsense.org</description> <requirements>pfSense Portal subscription</requirements> <name>AutoConfigBackup</name> - <version>1.32</version> + <version>1.34</version> <title>Diagnostics: Auto Configuration Backup</title> <savetext>Change</savetext> <include_file>/usr/local/pkg/autoconfigbackup.inc</include_file> diff --git a/config/autoconfigbackup/autoconfigbackup_stats.php b/config/autoconfigbackup/autoconfigbackup_stats.php index 73dd54e2..eeb36641 100644 --- a/config/autoconfigbackup/autoconfigbackup_stats.php +++ b/config/autoconfigbackup/autoconfigbackup_stats.php @@ -71,7 +71,12 @@ if ($_REQUEST['delhostname']) { curl_setopt($curl_session, CURLOPT_URL, $del_url); curl_setopt($curl_session, CURLOPT_HTTPHEADER, array("Authorization: Basic " . base64_encode("{$username}:{$password}"))); curl_setopt($curl_session, CURLOPT_POST, 2); - curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + if ($pf_version < 2.2) { + // pre-2.2 doesn't have ca-root-nss + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 0); + } else { + curl_setopt($curl_session, CURLOPT_SSL_VERIFYPEER, 1); + } curl_setopt($curl_session, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl_session, CURLOPT_POSTFIELDS, "action=deletehostname&delhostname=" . urlencode($_REQUEST['delhostname'])); curl_setopt($curl_session, CURLOPT_USERAGENT, $g['product_name'] . '/' . rtrim(file_get_contents("/etc/version"))); |