MNET MDL-13503 allow path to openssl.cnf to be set in config so that …

…windows installs and packages can reliably enable networking.
safatshahin · Sep 11, 2009 · 45e4294 · 45e4294
1 parent 4313fa8
commit 45e4294
Showing 1 changed file with 17 additions and 5 deletions.
diff --git a/mnet/lib.php b/mnet/lib.php
@@ -386,14 +386,22 @@ function mnet_generate_keypair($dn = null, $days=28) {
 
     // ensure we remove trailing slashes
     $dn["commonName"] = preg_replace(':/$:', '', $dn["commonName"]);
-
-    $new_key = openssl_pkey_new();
+    if (!empty($CFG->opensslcnf)) { //allow specification of openssl.cnf especially for Windows installs
+        $new_key = openssl_pkey_new(array("config" => $CFG->opensslcnf));
+    } else {
+        $new_key = openssl_pkey_new();
+    }
     if ($new_key === false) {
         // can not generate keys - missing openssl.cnf??
         return null;
     }
-    $csr_rsc = openssl_csr_new($dn, $new_key, array('private_key_bits',2048));
-    $selfSignedCert = openssl_csr_sign($csr_rsc, null, $new_key, $days);
+    if (!empty($CFG->opensslcnf)) { //allow specification of openssl.cnf especially for Windows installs
+        $csr_rsc = openssl_csr_new($dn, $new_key, array("config" => $CFG->opensslcnf));
+        $selfSignedCert = openssl_csr_sign($csr_rsc, null, $new_key, $days, array("config" => $CFG->opensslcnf));
+    } else {
+        $csr_rsc = openssl_csr_new($dn, $new_key, array('private_key_bits',2048));
+        $selfSignedCert = openssl_csr_sign($csr_rsc, null, $new_key, $days);
+    }
     unset($csr_rsc); // Free up the resource
 
     // We export our self-signed certificate to a string.
@@ -402,7 +410,11 @@ function mnet_generate_keypair($dn = null, $days=28) {
 
     // Export your public/private key pair as a PEM encoded string. You
     // can protect it with an optional passphrase if you wish.
-    $export = openssl_pkey_export($new_key, $keypair['keypair_PEM'] /* , $passphrase */);
+    if (!empty($CFG->opensslcnf)) { //allow specification of openssl.cnf especially for Windows installs
+        $export = openssl_pkey_export($new_key, $keypair['keypair_PEM'], null, array("config" => $CFG->opensslcnf));
+    } else {
+        $export = openssl_pkey_export($new_key, $keypair['keypair_PEM'] /* , $passphrase */);
+    }
     openssl_pkey_free($new_key);
     unset($new_key); // Free up the resource