lucaspalomodevelop/core
1
0
Fork 0
mirror of https://github.com/lucaspalomodevelop/core.git synced 2026-03-16 01:24:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix style issues for https://github.com/opnsense/core/pull/3768 and make sure openssl_pkey_get_private using the correct params (https://www.php.net/manual/en/function.openssl-pkey-get-private.php).

Browse Source
This commit is contained in:
Ad Schellevis 2019-10-17 18:41:08 +02:00
parent 7431745c71
commit b02c7bb02f
1 changed files with 18 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
src/etc/inc/plugins.inc.d/ipsec.inc
View File

@ -60,20 +60,22 @@ const IPSEC_LOG_LEVELS = [
4 => 'Highest',
];
function getKeyType($f) {
$default="RSA";
if (!($k = openssl_pkey_get_private($f))) return $default;
if (!($d = openssl_pkey_get_details($k))) return $default;
switch ($d['type']) {
case OPENSSL_KEYTYPE_RSA:
return "RSA";
break;
case OPENSSL_KEYTYPE_EC:
return "ECDSA";
break;
default:
return $default;
}
function ipsec_get_key_type($f) {
$keytype="RSA";
if ($k = openssl_pkey_get_private("file://".$f)) {
if ($d = openssl_pkey_get_details($k)) {
switch ($d['type']) {
case OPENSSL_KEYTYPE_RSA:
$keytype = "RSA";
break;
case OPENSSL_KEYTYPE_EC:
$keytype = "ECDSA";
break;
}
}
}
return $keytype;
}
@ -1138,7 +1140,7 @@ function ipsec_configure_do($verbose = false, $interface = '')
@chmod($ph1certfile, 0600);
/* XXX" Traffic selectors? */
$pskconf .= " : ".getKeyType($ph1keyfile)." {$ph1keyfile}\n";
$pskconf .= " : ".ipsec_get_key_type($ph1keyfile)." {$ph1keyfile}\n";
} elseif (!empty($ph1ent['pre-shared-key'])) {
$myid = isset($ph1ent['mobile']) ? trim(ipsec_find_id($ph1ent, "local")) : "";
$peerid_data = isset($ph1ent['mobile']) ? "%any" : ipsec_find_id($ph1ent, "peer");
@ -1180,7 +1182,7 @@ function ipsec_configure_do($verbose = false, $interface = '')
}
@chmod($ph1privatekeyfile, 0600);
$pskconf .= " : ".getKeyType($ph1privatekeyfile)." {$ph1privatekeyfile}\n";
$pskconf .= " : ".ipsec_get_key_type($ph1privatekeyfile)." {$ph1privatekeyfile}\n";
}
if (!empty($ph1ent['peer-kpref'])) {