Project

General

Profile

Download (22.3 KB) Statistics
| Branch: | Tag: | Revision:

univnautes / usr / local / www / system_crlmanager.php @ a1b66bec

1
<?php
2
/*
3
	system_crlmanager.php
4
	
5
	Copyright (C) 2010 Jim Pingle
6
	All rights reserved.
7
	
8
	Redistribution and use in source and binary forms, with or without
9
	modification, are permitted provided that the following conditions are met:
10
	
11
	1. Redistributions of source code must retain the above copyright notice,
12
	this list of conditions and the following disclaimer.
13
	
14
	2. Redistributions in binary form must reproduce the above copyright
15
	notice, this list of conditions and the following disclaimer in the
16
	documentation and/or other materials provided with the distribution.
17
	
18
	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
19
	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
20
	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
21
	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
22
	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
23
	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
24
	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
25
	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
26
	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
27
	POSSIBILITY OF SUCH DAMAGE.
28
*/
29
/*
30
	pfSense_MODULE:	certificate_managaer
31
*/
32

    
33
##|+PRIV
34
##|*IDENT=page-system-crlmanager
35
##|*NAME=System: CRL Manager
36
##|*DESCR=Allow access to the 'System: CRL Manager' page.
37
##|*MATCH=system_crlmanager.php*
38
##|-PRIV
39

    
40
require("guiconfig.inc");
41
require_once("certs.inc");
42
require_once('openvpn.inc');
43

    
44
global $openssl_crl_status;
45

    
46
$pgtitle = array(gettext("System"), gettext("Certificate Revocation List Manager"));
47

    
48
$crl_methods = array(
49
	"internal" => gettext("Create an internal Certificate Revocation List"),
50
	"existing" => gettext("Import an existing Certificate Revocation List"));
51

    
52
if (ctype_alnum($_GET['id']))
53
	$id = $_GET['id'];
54
if (isset($_POST['id']) && ctype_alnum($_POST['id']))
55
	$id = $_POST['id'];
56

    
57
if (!is_array($config['ca']))
58
	$config['ca'] = array();
59

    
60
$a_ca =& $config['ca'];
61

    
62
if (!is_array($config['cert']))
63
	$config['cert'] = array();
64

    
65
$a_cert =& $config['cert'];
66

    
67
if (!is_array($config['crl']))
68
	$config['crl'] = array();
69

    
70
$a_crl =& $config['crl'];
71

    
72
foreach ($a_crl as $cid => $acrl)
73
	if (!isset($acrl['refid']))
74
		unset ($a_crl[$cid]);
75

    
76
$act = $_GET['act'];
77
if ($_POST['act'])
78
	$act = $_POST['act'];
79

    
80
if (!empty($id))
81
	$thiscrl =& lookup_crl($id);
82

    
83
// If we were given an invalid crlref in the id, no sense in continuing as it would only cause errors.
84
if (!$thiscrl && (($act != "") && ($act != "new"))) {
85
	pfSenseHeader("system_crlmanager.php");
86
	$act="";
87
	$savemsg = gettext("Invalid CRL reference.");
88
}
89

    
90
if ($act == "del") {
91
	$name = $thiscrl['descr'];
92
	if (crl_in_use($id)) {
93
		$savemsg = sprintf(gettext("Certificate Revocation List %s is in use and cannot be deleted"), $name) . "<br />";
94
	} else {
95
		foreach ($a_crl as $cid => $acrl)
96
			if ($acrl['refid'] == $thiscrl['refid'])
97
				unset($a_crl[$cid]);
98
		write_config("Deleted CRL {$name}.");
99
		$savemsg = sprintf(gettext("Certificate Revocation List %s successfully deleted"), $name) . "<br />";
100
	}
101
}
102

    
103
if ($act == "new") {
104
	$pconfig['method'] = $_GET['method'];
105
	$pconfig['caref'] = $_GET['caref'];
106
	$pconfig['lifetime'] = "9999";
107
	$pconfig['serial'] = "0";
108
}
109

    
110
if ($act == "exp") {
111
	crl_update($thiscrl);
112
	$exp_name = urlencode("{$thiscrl['descr']}.crl");
113
	$exp_data = base64_decode($thiscrl['text']);
114
	$exp_size = strlen($exp_data);
115

    
116
	header("Content-Type: application/octet-stream");
117
	header("Content-Disposition: attachment; filename={$exp_name}");
118
	header("Content-Length: $exp_size");
119
	echo $exp_data;
120
	exit;
121
}
122

    
123
if ($act == "addcert") {
124
	if ($_POST) {
125
		unset($input_errors);
126
		$pconfig = $_POST;
127

    
128
		if (!$pconfig['crlref'] || !$pconfig['certref']) {
129
			pfSenseHeader("system_crlmanager.php");
130
			exit;
131
		}
132

    
133
		// certref, crlref
134
		$crl =& lookup_crl($pconfig['crlref']);
135
		$cert = lookup_cert($pconfig['certref']);
136

    
137
		if (!$crl['caref'] || !$cert['caref']) {
138
			$input_errors[] = gettext("Both the Certificate and CRL must be specified.");
139
		}
140

    
141
		if ($crl['caref'] != $cert['caref']) {
142
			$input_errors[] = gettext("CA mismatch between the Certificate and CRL. Unable to Revoke.");
143
		}
144
		if (!is_crl_internal($crl)) {
145
			$input_errors[] = gettext("Cannot revoke certificates for an imported/external CRL.");
146
		}
147

    
148
		if (!$input_errors) {
149
			$reason = (empty($pconfig['crlreason'])) ? OCSP_REVOKED_STATUS_UNSPECIFIED : $pconfig['crlreason'];
150
			cert_revoke($cert, $crl, $reason);
151
			openvpn_refresh_crls();
152
			write_config("Revoked cert {$cert['descr']} in CRL {$crl['descr']}.");
153
			pfSenseHeader("system_crlmanager.php");
154
			exit;
155
		}
156
	}
157
}
158

    
159
if ($act == "delcert") {
160
	if (!is_array($thiscrl['cert'])) {
161
		pfSenseHeader("system_crlmanager.php");
162
		exit;
163
	}
164
	$found = false;
165
	foreach ($thiscrl['cert'] as $acert) {
166
		if ($acert['refid'] == $_GET['certref']) {
167
			$found = true;
168
			$thiscert = $acert;
169
		}
170
	}
171
	if (!$found) {
172
		pfSenseHeader("system_crlmanager.php");
173
		exit;
174
	}
175
	$name = $thiscert['descr'];
176
	if (cert_unrevoke($thiscert, $thiscrl)) {
177
		$savemsg = sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br />";
178
		openvpn_refresh_crls();
179
		write_config(sprintf(gettext("Deleted Certificate %s from CRL %s"), $name, $thiscrl['descr']));
180
	} else {
181
		$savemsg = sprintf(gettext("Failed to delete Certificate %s from CRL %s"), $name, $thiscrl['descr']) . "<br />";
182
	}
183
	$act="edit";
184
}
185

    
186
if ($_POST) {
187
	unset($input_errors);
188
	$pconfig = $_POST;
189

    
190
	/* input validation */
191
	if (($pconfig['method'] == "existing") || ($act == "editimported")) {
192
		$reqdfields = explode(" ", "descr crltext");
193
		$reqdfieldsn = array(
194
				gettext("Descriptive name"),
195
				gettext("Certificate Revocation List data"));
196
	}
197
	if ($pconfig['method'] == "internal") {
198
		$reqdfields = explode(" ",
199
				"descr caref");
200
		$reqdfieldsn = array(
201
				gettext("Descriptive name"),
202
				gettext("Certificate Authority"));
203
	}
204

    
205
	do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
206

    
207
	/* if this is an AJAX caller then handle via JSON */
208
	if (isAjax() && is_array($input_errors)) {
209
		input_errors2Ajax($input_errors);
210
		exit;
211
	}
212

    
213
	/* save modifications */
214
	if (!$input_errors) {
215
		$result = false;
216

    
217
		if ($thiscrl) {
218
			$crl =& $thiscrl;
219
		} else {
220
			$crl = array();
221
			$crl['refid'] = uniqid();
222
		}
223

    
224
		$crl['descr'] = $pconfig['descr'];
225
		if ($act != "editimported") {
226
			$crl['caref'] = $pconfig['caref'];
227
			$crl['method'] = $pconfig['method'];
228
		}
229

    
230
		if (($pconfig['method'] == "existing") || ($act == "editimported")) {
231
			$crl['text'] = base64_encode($pconfig['crltext']);
232
		}
233

    
234
		if ($pconfig['method'] == "internal") {
235
			$crl['serial'] = empty($pconfig['serial']) ? 9999 : $pconfig['serial'];
236
			$crl['lifetime'] = empty($pconfig['lifetime']) ? 9999 : $pconfig['lifetime'];
237
			$crl['cert'] = array();
238
		}
239

    
240
		if (!$thiscrl)
241
			$a_crl[] = $crl;
242

    
243
		write_config("Saved CRL {$crl['descr']}");
244
		openvpn_refresh_crls();
245
		pfSenseHeader("system_crlmanager.php");
246
	}
247
}
248

    
249
include("head.inc");
250
?>
251

    
252
<body link="#000000" vlink="#000000" alink="#000000" onload="<?= $jsevents["body"]["onload"] ?>">
253
<?php include("fbegin.inc"); ?>
254
<script type="text/javascript">
255
//<![CDATA[
256

    
257
function method_change() {
258

    
259
	method = document.iform.method.value;
260

    
261
	switch (method) {
262
		case "internal":
263
			document.getElementById("existing").style.display="none";
264
			document.getElementById("internal").style.display="";
265
			break;
266
		case "existing":
267
			document.getElementById("existing").style.display="";
268
			document.getElementById("internal").style.display="none";
269
			break;
270
	}
271
}
272

    
273
//]]>
274
</script>
275
<?php
276
	if ($input_errors)
277
		print_input_errors($input_errors);
278
	if ($savemsg)
279
		print_info_box($savemsg);
280
?>
281
<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="CRL manager">
282
	<tr>
283
		<td>
284
		<?php
285
			$tab_array = array();
286
			$tab_array[] = array(gettext("CAs"), false, "system_camanager.php");
287
			$tab_array[] = array(gettext("Certificates"), false, "system_certmanager.php");
288
			$tab_array[] = array(gettext("Certificate Revocation"), true, "system_crlmanager.php");
289
			display_top_tabs($tab_array);
290
		?>
291
		</td>
292
	</tr>
293
	<tr>
294
		<td id="mainarea">
295
			<div class="tabcont">
296

    
297
				<?php if ($act == "new" || $act == gettext("Save") || $input_errors): ?>
298

    
299
				<form action="system_crlmanager.php" method="post" name="iform" id="iform">
300
					<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area">
301
						<?php if (!isset($id)): ?>
302
						<tr>
303
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Method");?></td>
304
							<td width="78%" class="vtable">
305
								<select name='method' id='method' class="formselect" onchange='method_change()'>
306
								<?php
307
									$rowIndex = 0;
308
									foreach($crl_methods as $method => $desc):
309
									if (($_GET['importonly'] == "yes") && ($method != "existing"))
310
										continue;
311
									$selected = "";
312
									if ($pconfig['method'] == $method)
313
										$selected = "selected=\"selected\"";
314
									$rowIndex++;
315
								?>
316
									<option value="<?=$method;?>" <?=$selected;?>><?=$desc;?></option>
317
								<?php endforeach;
318
								if ($rowIndex == 0)
319
									echo "<option></option>";
320
								?>
321
								</select>
322
							</td>
323
						</tr>
324
						<?php endif; ?>
325
						<tr>
326
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
327
							<td width="78%" class="vtable">
328
								<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($pconfig['descr']);?>"/>
329
							</td>
330
						</tr>
331
						<tr>
332
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate Authority");?></td>
333
							<td width="78%" class="vtable">
334
								<select name='caref' id='caref' class="formselect">
335
								<?php
336
									$rowIndex = 0;
337
									foreach($a_ca as $ca):
338
									$selected = "";
339
									if ($pconfig['caref'] == $ca['refid'])
340
										$selected = "selected=\"selected\"";
341
									$rowIndex++;
342
								?>
343
									<option value="<?=$ca['refid'];?>" <?=$selected;?>><?=$ca['descr'];?></option>
344
								<?php endforeach;
345
								if ($rowIndex == 0)
346
									echo "<option></option>";
347
								?>
348
								</select>
349
							</td>
350
						</tr>
351
					</table>
352

    
353
					<table width="100%" border="0" cellpadding="6" cellspacing="0" id="existing" summary="existing">
354
						<tr>
355
							<td colspan="2" class="list" height="12"></td>
356
						</tr>
357
						<tr>
358
							<td colspan="2" valign="top" class="listtopic"><?=gettext("Existing Certificate Revocation List");?></td>
359
						</tr>
360

    
361
						<tr>
362
							<td width="22%" valign="top" class="vncellreq"><?=gettext("CRL data");?></td>
363
							<td width="78%" class="vtable">
364
								<textarea name="crltext" id="crltext" cols="65" rows="7" class="formfld_crl"><?=$pconfig['crltext'];?></textarea>
365
								<br />
366
								<?=gettext("Paste a Certificate Revocation List in X.509 CRL format here.");?>
367
							</td>
368
						</tr>
369
					</table>
370

    
371
					<table width="100%" border="0" cellpadding="6" cellspacing="0" id="internal" summary="internal">
372
						<tr>
373
							<td colspan="2" class="list" height="12"></td>
374
						</tr>
375
						<tr>
376
							<td colspan="2" valign="top" class="listtopic"><?=gettext("Internal Certificate Revocation List");?></td>
377
						</tr>
378
						<tr>
379
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td>
380
							<td width="78%" class="vtable">
381
								<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?=htmlspecialchars($pconfig['lifetime']);?>"/>
382
								<?=gettext("days");?><br />
383
								<?=gettext("Default: 9999");?>
384
							</td>
385
						</tr>
386
						<tr>
387
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Serial");?></td>
388
							<td width="78%" class="vtable">
389
								<input name="serial" type="text" class="formfld unknown" id="serial" size="5" value="<?=htmlspecialchars($pconfig['serial']);?>"/>
390
								<br />
391
								<?=gettext("Default: 0");?>
392
							</td>
393
						</tr>
394
					</table>
395

    
396
					<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="save">
397
						<tr>
398
							<td width="22%" valign="top">&nbsp;</td>
399
							<td width="78%">
400
								<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
401
								<?php if (isset($id) && $thiscrl): ?>
402
								<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
403
								<?php endif;?>
404
							</td>
405
						</tr>
406
					</table>
407
				</form>
408
				<?php elseif ($act == "editimported"): ?>
409
				<?php 	$crl = $thiscrl; ?>
410
				<form action="system_crlmanager.php" method="post" name="iform" id="iform">
411
					<table width="100%" border="0" cellpadding="6" cellspacing="0" id="editimported" summary="import">
412
						<tr>
413
							<td colspan="2" valign="top" class="listtopic"><?=gettext("Edit Imported Certificate Revocation List");?></td>
414
						</tr>
415
						<tr>
416
							<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
417
							<td width="78%" class="vtable">
418
								<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?=htmlspecialchars($crl['descr']);?>"/>
419
							</td>
420
						</tr>
421
						<tr>
422
							<td width="22%" valign="top" class="vncellreq"><?=gettext("CRL data");?></td>
423
							<td width="78%" class="vtable">
424
								<textarea name="crltext" id="crltext" cols="65" rows="7" class="formfld_crl"><?=base64_decode($crl['text']);?></textarea>
425
								<br />
426
								<?=gettext("Paste a Certificate Revocation List in X.509 CRL format here.");?></td>
427
							</td>
428
						</tr>
429
						<tr>
430
							<td width="22%" valign="top">&nbsp;</td>
431
							<td width="78%">
432
								<input id="submit" name="save" type="submit" class="formbtn" value="<?=gettext("Save"); ?>" />
433
								<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
434
								<input name="act" type="hidden" value="editimported" />
435
							</td>
436
						</tr>
437
					</table>
438
				</form>
439

    
440
				<?php elseif ($act == "edit"): ?>
441
				<?php 	$crl = $thiscrl; ?>
442
				<form action="system_crlmanager.php" method="post" name="iform" id="iform">
443
				<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="revoke">
444
					<thead>
445
					<tr>
446
						<th width="90%" class="listhdrr" colspan="3"><b><?php echo gettext("Currently Revoked Certificates for CRL") . ': ' . $crl['descr']; ?></b></th>
447
						<th width="10%" class="list"></th>
448
					</tr>
449
					<tr>
450
						<th width="30%" class="listhdrr"><b><?php echo gettext("Certificate Name")?></b></th>
451
						<th width="30%" class="listhdrr"><b><?php echo gettext("Revocation Reason")?></b></th>
452
						<th width="30%" class="listhdrr"><b><?php echo gettext("Revoked At")?></b></th>
453
						<th width="10%" class="list"></th>
454
					</tr>
455
					</thead>
456
					<tbody>
457
				<?php /* List Certs on CRL */
458
					if (!is_array($crl['cert']) || (count($crl['cert']) == 0)): ?>
459
					<tr>
460
						<td class="listlr" colspan="3">
461
							&nbsp;&nbsp;&nbsp;&nbsp;<?php echo gettext("No Certificates Found for this CRL."); ?>
462
						</td>
463
						<td class="list">&nbsp;</td>
464
					</tr>
465
				<?php	else:
466
					foreach($crl['cert'] as $i => $cert):
467
						$name = htmlspecialchars($cert['descr']);
468
				 ?>
469
					<tr>
470
						<td class="listlr">
471
							<?php echo $name; ?>
472
						</td>
473
						<td class="listlr">
474
							<?php echo $openssl_crl_status[$cert["reason"]]; ?>
475
						</td>
476
						<td class="listlr">
477
							<?php echo date("D M j G:i:s T Y", $cert["revoke_time"]); ?>
478
						</td>
479
						<td class="list">
480
							<a href="system_crlmanager.php?act=delcert&amp;id=<?php echo $crl['refid']; ?>&amp;certref=<?php echo $cert['refid']; ?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate from the CRL?");?>')">
481
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("Delete this certificate from the CRL ");?>" alt="<?=gettext("Delete this certificate from the CRL ");?>" width="17" height="17" border="0" />
482
							</a>
483
						</td>
484
					</tr>
485
					<?php
486
					endforeach;
487
					endif;
488
					?>
489
				<?php /* Drop-down with other certs from this CA. */
490
					// Map Certs to CAs in one pass
491
					$ca_certs = array();
492
					foreach($a_cert as $cert)
493
						if ($cert['caref'] == $crl['caref'])
494
							$ca_certs[] = $cert;
495
					if (count($ca_certs) == 0): ?>
496
					<tr>
497
						<td class="listlr" colspan="3">
498
							&nbsp;&nbsp;&nbsp;&nbsp;<?php echo gettext("No Certificates Found for this CA."); ?>
499
						</td>
500
						<td class="list">&nbsp;</td>
501
					</tr>
502
				<?php	else: ?>
503
					<tr>
504
						<td class="listlr" colspan="3" align="center">
505
							<b><?php echo gettext("Choose a Certificate to Revoke"); ?></b>: <select name='certref' id='certref' class="formselect">
506
				<?php	$rowIndex = 0;
507
						foreach($ca_certs as $cert): 
508
							$rowIndex++; ?>
509
							<option value="<?=$cert['refid'];?>"><?=htmlspecialchars($cert['descr'])?></option>
510
				<?php	endforeach;
511
						if ($rowIndex == 0)
512
							echo "<option></option>"; ?>
513
							</select>
514
							<b><?php echo gettext("Reason");?></b>:
515
							<select name='crlreason' id='crlreason' class="formselect">
516
				<?php	$rowIndex = 0;
517
						foreach($openssl_crl_status as $code => $reason): 
518
							$rowIndex++; ?>
519
							<option value="<?= $code ?>"><?= htmlspecialchars($reason) ?></option>
520
				<?php	endforeach;
521
						if ($rowIndex == 0)
522
							echo "<option></option>"; ?>
523
							</select>
524
							<input name="act" type="hidden" value="addcert" />
525
							<input name="crlref" type="hidden" value="<?=$crl['refid'];?>" />
526
							<input name="id" type="hidden" value="<?=$crl['refid'];?>" />
527
							<input id="submit" name="add" type="submit" class="formbtn" value="<?=gettext("Add"); ?>" />
528
						</td>
529
						<td class="list">&nbsp;</td>
530
					</tr>
531
				<?php	endif; ?>
532
					</tbody>
533
				</table>
534
				</form>
535
				<?php else: ?>
536

    
537
				<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="ocpms">
538
					<thead>
539
					<tr>
540
						<td width="35%" class="listhdrr"><?=gettext("Name");?></td>
541
						<td width="10%" class="listhdrr"><?=gettext("Internal");?></td>
542
						<td width="35%" class="listhdrr"><?=gettext("Certificates");?></td>
543
						<td width="10%" class="listhdrr"><?=gettext("In Use");?></td>
544
						<td width="10%" class="list"></td>
545
					</tr>
546
					</thead>
547
					<tfoot>
548
					<tr>
549
						<td colspan="5">
550
							<p>
551
								<?=gettext("Additional Certificate Revocation Lists can be added here.");?>
552
							</p>
553
						</td>
554
					</tr>
555
					</tfoot>					<tbody>
556
					<?php
557
						$caimg = "/themes/{$g['theme']}/images/icons/icon_frmfld_cert.png";
558
						// Map CRLs to CAs in one pass
559
						$ca_crl_map = array();
560
						foreach($a_crl as $crl)
561
							$ca_crl_map[$crl['caref']][] = $crl['refid'];
562

    
563
						$i = 0;
564
						foreach($a_ca as $ca):
565
							$name = htmlspecialchars($ca['descr']);
566

    
567
							if($ca['prv']) {
568
								$cainternal = "YES";
569
							} else 
570
								$cainternal = "NO";
571
					?>
572
					<tr>
573
						<td class="listlr" colspan="4">
574
							<table border="0" cellpadding="0" cellspacing="0" summary="icon">
575
								<tr>
576
									<td align="left" valign="middle">
577
										<img src="<?=$caimg;?>" alt="CA" title="CA" border="0" height="16" width="16" />
578
									</td>
579
									<td align="left" valign="middle">
580
										<?=$name;?>
581
									</td>
582
								</tr>
583
							</table>
584
						</td>
585
						<td class="list">
586
						<?php if ($cainternal == "YES"): ?>
587
							<a href="system_crlmanager.php?act=new&amp;caref=<?php echo $ca['refid']; ?>">
588
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?php printf(gettext("Add or Import CRL for %s"),$ca['descr']);?>" alt="<?=gettext("add crl");?>" width="17" height="17" border="0" />
589
							</a>
590
						<?php else: ?>
591
							<a href="system_crlmanager.php?act=new&amp;caref=<?php echo $ca['refid']; ?>&amp;importonly=yes">
592
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_plus.gif" title="<?php printf(gettext("Import CRL for %s"),$ca['descr']);?>" alt="<?=gettext("add crl");?>" width="17" height="17" border="0" />
593
							</a>
594
						<?php endif; ?>
595
						</td>
596
					</tr>
597
					
598
						<?php
599
						if (is_array($ca_crl_map[$ca['refid']])):
600
							foreach($ca_crl_map[$ca['refid']] as $crl):
601
								$tmpcrl = lookup_crl($crl);
602
								$internal = is_crl_internal($tmpcrl);
603
								$inuse = crl_in_use($tmpcrl['refid']);
604
						?>
605
					<tr>
606
						<td class="listlr"><?php echo $tmpcrl['descr']; ?></td>
607
						<td class="listr"><?php echo ($internal) ? "YES" : "NO"; ?></td>
608
						<td class="listr"><?php echo ($internal) ? count($tmpcrl['cert']) : "Unknown (imported)"; ?></td>
609
						<td class="listr"><?php echo ($inuse) ? "YES" : "NO"; ?></td>
610
						<td valign="middle" class="list nowrap">
611
							<a href="system_crlmanager.php?act=exp&amp;id=<?=$tmpcrl['refid'];?>">
612
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_down.gif" title="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Export CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" />
613
							</a>
614
							<?php if ($internal): ?>
615
							<a href="system_crlmanager.php?act=edit&amp;id=<?=$tmpcrl['refid'];?>">
616
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" />
617
							</a>
618
							<?php else: ?>
619
							<a href="system_crlmanager.php?act=editimported&amp;id=<?=$tmpcrl['refid'];?>">
620
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_e.gif" title="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Edit CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" width="17" height="17" border="0" />
621
							</a>
622
							<?php endif; ?>
623
							<?php if (!$inuse): ?>
624
							<a href="system_crlmanager.php?act=del&amp;id=<?=$tmpcrl['refid'];?>" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate Revocation List?") . ' (' . htmlspecialchars($tmpcrl['descr']) . ')';?>')">
625
								<img src="/themes/<?= $g['theme'];?>/images/icons/icon_x.gif" title="<?=gettext("Delete CRL") . " " . htmlspecialchars($tmpcrl['descr']);?>" alt="<?=gettext("Delete CRL") . " " . htmlspecialchars($tmpcrl['descr']); ?>" width="17" height="17" border="0" />
626
							</a>
627
							<?php endif; ?>
628
						</td>
629
					</tr>
630
						<?php
631
								$i++;
632
							endforeach;
633
						endif;
634
						?>
635
					<tr><td colspan="5">&nbsp;</td></tr>
636
					<?php
637
							$i++;
638
						endforeach;
639
					?>
640
					</tbody>
641
				</table>
642

    
643
				<?php endif; ?>
644

    
645
			</div>
646
		</td>
647
	</tr>
648
</table>
649
<?php include("fend.inc");?>
650
<script type="text/javascript">
651
//<![CDATA[
652

    
653
method_change();
654

    
655
//]]>
656
</script>
657

    
658
</body>
659
</html>
(214-214/256)