webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-28 11:43:25 +02:00
Code Issues Packages Projects Releases Wiki Activity

ovpnmain.cgi: Do not determine certificate expiry status for N2N connections

Browse Source 
https://wiki.ipfire.org/devel/telco/2023-04-03

Fixes: #13066
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
This commit is contained in:
Peter Müller
2023-04-04 20:25:55 +00:00
parent d3a520fa68
commit a201764e75
1 changed files with 31 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

51
html/cgi-bin/ovpnmain.cgi
View File

@@ -2,7 +2,7 @@
############################################################################### ###############################################################################
# # # #
# IPFire.org - A linux based firewall # # IPFire.org - A linux based firewall #
# Copyright (C) 2007-2022 IPFire Team <info@ipfire.org> # # Copyright (C) 2007-2023 IPFire Team <info@ipfire.org> #
# # # #
# This program is free software: you can redistribute it and/or modify # # This program is free software: you can redistribute it and/or modify #
# it under the terms of the GNU General Public License as published by # # it under the terms of the GNU General Public License as published by #
@@ -5354,26 +5354,37 @@ END
} }
if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; } if ($confighash{$key}[0] eq 'on') { $gif = 'on.gif'; } else { $gif = 'off.gif'; }
# Fetch information about the certificate
my @cavalid = &General::system_output("/usr/bin/openssl", "x509", "-text",
"-in", "${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem");
my $expiryDate = 0;
# Parse the certificate information
foreach my $line (@cavalid) {
if ($line =~ /Not After : (.*)[\n]/) {
$expiryDate = &Date::Parse::str2time($1);
last;
}
}
# Calculate the remaining time
my $remainingTime = $expiryDate - time();
# Create some simple booleans to check the status # Create some simple booleans to check the status
my $hasExpired = ($remainingTime <= 0); my $hasExpired;
my $expiresSoon = ($remainingTime <= 30 * 24 * 3600); my $expiresSoon;
# Fetch information about the certificate for non-N2N connections only
if ($confighash{$key}[3] ne 'net') {
my @cavalid = &General::system_output("/usr/bin/openssl", "x509", "-text",
"-in", "${General::swroot}/ovpn/certs/$confighash{$key}[1]cert.pem");
my $expiryDate = 0;
# Parse the certificate information
foreach my $line (@cavalid) {
if ($line =~ /Not After : (.*)[\n]/) {
$expiryDate = &Date::Parse::str2time($1);
last;
}
}
# Calculate the remaining time
my $remainingTime = $expiryDate - time();
# Determine whether the certificate has already expired, or will so soon
$hasExpired = ($remainingTime <= 0);
$expiresSoon = ($remainingTime <= 30 * 24 * 3600);
} else {
# Populate booleans with dummy values for N2N connections (#13066)
$hasExpired = 0;
$expiresSoon = 0;
}
print "<tr>"; print "<tr>";