From mboxrd@z Thu Jan 1 00:00:00 1970
From: Erik Kapfer <ummeegge@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] OpenVPN: Fix for N2N plausibility checks
Date: Wed, 15 Apr 2020 15:24:04 +0200
Message-ID: <20200415132404.25688-1-ummeegge@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============3865503431474733058=="
List-Id: <development.lists.ipfire.org>
--===============3865503431474733058==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Fixes #12335
If no N2N name has been set, no directory and config has been created so it c=
an not be deleted.
'goto VPNCONF_ERROR;' has been missing for N2N checks.
Fixed also code formatting.
Signed-off-by: Erik Kapfer <ummeegge(a)ipfire.org>
---
html/cgi-bin/ovpnmain.cgi | 55 ++++++++++++++++++++++++---------------------=
--
1 file changed, 28 insertions(+), 27 deletions(-)
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 00ecd77a0..1e61ddb42 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -3765,41 +3765,42 @@ if ($cgiparams{'TYPE'} eq 'host') {
#CCD End
=20
=09
- if ($cgiparams{'TYPE'} !~ /^(host|net)$/) {
- $errormessage =3D $Lang::tr{'connection type is invalid'};
- if ($cgiparams{'TYPE'} eq 'net') {
- unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams=
{'NAME'}.conf") or die "Removing Configfile fail: $!";
- rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Re=
moving Directory fail: $!";
- }
- goto VPNCONF_ERROR;
+ if ($cgiparams{'TYPE'} !~ /^(host|net)$/) {
+ $errormessage =3D $Lang::tr{'connection type is invalid'};
+ if ($cgiparams{'TYPE'} eq 'net') {
+ unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'N=
AME'}.conf") or die "Removing Configfile fail: $!";
+ rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Remo=
ving Directory fail: $!";
+ goto VPNCONF_ERROR;
+ }
+ goto VPNCONF_ERROR;
}
=20
-
if ($cgiparams{'NAME'} !~ /^[a-zA-Z0-9]+$/) {
- $errormessage =3D $Lang::tr{'name must only contain characters'};
- if ($cgiparams{'TYPE'} eq 'net') {
- unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams=
{'NAME'}.conf") or die "Removing Configfile fail: $!";
- rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Re=
moving Directory fail: $!";
- }
- goto VPNCONF_ERROR;
- }
+ $errormessage =3D $Lang::tr{'name must only contain characters'};
+ if ($cgiparams{'TYPE'} eq 'net') {
+ goto VPNCONF_ERROR;
+ }
+ goto VPNCONF_ERROR;
+ }
=20
if ($cgiparams{'NAME'} =3D~ /^(host|01|block|private|clear|packetdefault)$/=
) {
- $errormessage =3D $Lang::tr{'name is invalid'};
- if ($cgiparams{'TYPE'} eq 'net') {
- unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams=
{'NAME'}.conf") or die "Removing Configfile fail: $!";
- rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Re=
moving Directory fail: $!";
- }
- goto VPNCONF_ERROR;
+ $errormessage =3D $Lang::tr{'name is invalid'};
+ if ($cgiparams{'TYPE'} eq 'net') {
+ unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'N=
AME'}.conf") or die "Removing Configfile fail: $!";
+ rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Remo=
ving Directory fail: $!";
+ goto VPNCONF_ERROR;
+ }
+ goto VPNCONF_ERROR;
}
=20
if (length($cgiparams{'NAME'}) >60) {
- $errormessage =3D $Lang::tr{'name too long'};
- if ($cgiparams{'TYPE'} eq 'net') {
- unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams=
{'NAME'}.conf") or die "Removing Configfile fail: $!";
- rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Re=
moving Directory fail: $!";
- }
- goto VPNCONF_ERROR;
+ $errormessage =3D $Lang::tr{'name too long'};
+ if ($cgiparams{'TYPE'} eq 'net') {
+ unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'N=
AME'}.conf") or die "Removing Configfile fail: $!";
+ rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Remo=
ving Directory fail: $!";
+ goto VPNCONF_ERROR;
+ }
+ goto VPNCONF_ERROR;
}
=20
###
--=20
2.12.2
--===============3865503431474733058==--