From: Adolf Belka <adolf.belka@ipfire.org>
Date: Thu, 15 Jun 2023 19:55:01 +0000 (+0200)
Subject: vpnmain.cgi: unique_subject = yes in index.txt.attr for first attempt with fresh... 
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0746122a1609805e49c97934a06279746722d2cb;p=people%2Fstevee%2Fipfire-2.x.git

vpnmain.cgi: unique_subject = yes in index.txt.attr for first attempt with fresh install

- The patches for Bug#13138
   https://patchwork.ipfire.org/project/ipfire/patch/20230603140541.13834-1-adolf.belka@ipfire.org/
   https://patchwork.ipfire.org/project/ipfire/patch/20230606104050.8290-1-adolf.belka@ipfire.org/
   work for an update to Core Update 175 but a fresh install of CU175 will still fail with
   the error when creating the root/host certificate set for the first time.
- This patch ensures that the unique_subject = yes line is addeed to index.txt.attr
   when the root/host certificate set is attempted to be created or is uploaded also for
   the first attempt.

Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
---

diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index f2aeecdf96..63f875c6ad 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -870,6 +870,8 @@ END
 } elsif ($cgiparams{'ACTION'} eq $Lang::tr{'generate root/host certificates'} ||
 	$cgiparams{'ACTION'} eq $Lang::tr{'upload p12 file'}) {
 
+	&newcleanssldatabase();
+
 	if (-f "${General::swroot}/ca/cacert.pem") {
 		$errormessage = $Lang::tr{'valid root certificate already exists'};
 		goto ROOTCERT_SKIP;