Accueil Explorer Aide
S'inscrire Connexion
Apq
/
nginx-proxy-manager
miroir de https://github.com/NginxProxyManager/nginx-proxy-manager.git
1
0
Fork 0
Fichiers Tickets 0 Wiki
Parcourir la source

Removes explicit privkeytype check and adds passphrase error

chaptergy il y a 4 ans
Parent
bc1c50ac92
commit
6af13d4f40
3 fichiers modifiés avec 25 ajouts et 13 suppressions
Vue séparée Afficher les stats Diff
  1. 20 12
      backend/internal/certificate.js
  2. 3 0
      frontend/js/app/nginx/certificates/form.ejs
  3. 2 1
      frontend/js/i18n/messages.json

+ 20 - 12
backend/internal/certificate.js
Voir le fichier 

@@ -615,18 +615,26 @@ const internalCertificate = {
 
 	checkPrivateKey: (private_key) => {
 
 		return tempWrite(private_key, '/tmp')
 
 			.then((filepath) => {
 
-				let key_type = private_key.includes('-----BEGIN RSA') ? 'rsa' : 'ec';
 
-				return utils.exec('openssl ' + key_type + ' -in ' + filepath + ' -check -noout 2>&1 ')
 
-					.then((result) => {
 
-						if (!result.toLowerCase().includes('key ok') && !result.toLowerCase().includes('key valid') ) {
 
-							throw new error.ValidationError('Result Validation Error: ' + result);
 
-						}
 
-						fs.unlinkSync(filepath);
 
-						return true;
 
-					}).catch((err) => {
 
-						fs.unlinkSync(filepath);
 
-						throw new error.ValidationError('Certificate Key is not valid (' + err.message + ')', err);
 
-					});
 
+				return new Promise((resolve, reject) => {
 
+					const failTimeout = setTimeout(() => {
 
+						reject(new error.ValidationError('Result Validation Error: Validation timed out. This could be due to the key being passphrase-protected.'));
 
+					}, 10000);
 
+					utils
 
+						.exec('openssl pkey -in ' + filepath + ' -check -noout 2>&1 ')
 
+						.then((result) => {
 
+							clearTimeout(failTimeout);
 
+							if (!result.toLowerCase().includes('key is valid')) {
 
+								reject(new error.ValidationError('Result Validation Error: ' + result));
 
+							}
 
+							fs.unlinkSync(filepath);
 
+							resolve(true);
 
+						})
 
+						.catch((err) => {
 
+							clearTimeout(failTimeout);
 
+							fs.unlinkSync(filepath);
 
+							reject(new error.ValidationError('Certificate Key is not valid (' + err.message + ')', err));
 
+						});
 
+				});
 
 			});
 
 	},

+ 3 - 0
frontend/js/app/nginx/certificates/form.ejs
Voir le fichier 

@@ -129,6 +129,9 @@
 
                     </div>
 
                 <% } else if (provider === 'other') { %>
 
                     <!-- Other -->
 
+                    <div class="col-sm-12 col-md-12">
 
+                        <div class="text-blue mb-4"><i class="fe fe-alert-triangle"></i> <%= i18n('ssl', 'passphrase-protection-support-info') %></div>
 
+                    </div>
 
                     <div class="col-sm-12 col-md-12">
 
                         <div class="form-group">
 
                             <label class="form-label"><%- i18n('str', 'name') %> <span class="form-required">*</span></label>

+ 2 - 1
frontend/js/i18n/messages.json
Voir le fichier 

@@ -112,7 +112,8 @@
 
       "stored-as-plaintext-info": "This data will be stored as plaintext in the database and in a file!",
 
       "propagation-seconds": "Propagation Seconds",
 
       "propagation-seconds-info": "Leave empty to use the plugins default value. Number of seconds to wait for DNS propagation.",
 
-      "processing-info": "Processing... This might take a few minutes."
 
+      "processing-info": "Processing... This might take a few minutes.",
 
+      "passphrase-protection-support-info": "Key files protected with a passphrase are not supported."
 
     },
 
     "proxy-hosts": {
 
       "title": "Proxy Hosts",