- This was fixed by moving the code for checking if the common name is already used, to the same location as the code for checking if the connection name is already used. - Tested out on vm testbed and confirmed that the certificates are not created and the index.txt not updated if the common name is flagged as already being used. If the entry is changed to use a new CN and Save pressed then the certs are saved and the index.txt updated. If Cancel is pressed then no certs are saved and index.txt is not updated.
Fixes: Bug#13404 Tested-by: Adolf Belka adolf.belka@ipfire.org Signed-off-by: Adolf Belka adolf.belka@ipfire.org --- html/cgi-bin/ovpnmain.cgi | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-)
diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi index eb89c5095..98900b277 100755 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -4216,15 +4216,25 @@ if ($cgiparams{'TYPE'} eq 'net') { } }
- # Check for RW if client name is already set - if ($cgiparams{'TYPE'} eq 'host') { - foreach my $key (keys %confighash) { - if ($confighash{$key}[1] eq $cgiparams{'NAME'}) { - $errormessage = $Lang::tr{'a connection with this name already exists'}; - goto VPNCONF_ERROR; - } - } - } + # Check for RW if client name is already set + if ($cgiparams{'TYPE'} eq 'host') { + foreach my $key (keys %confighash) { + if ($confighash{$key}[1] eq $cgiparams{'NAME'}) { + $errormessage = $Lang::tr{'a connection with this name already exists'}; + goto VPNCONF_ERROR; + } + } + } + + # Check if there is no other entry with this common name + if ((! $cgiparams{'KEY'}) && ($cgiparams{'AUTH'} ne 'psk')) { + foreach my $key (keys %confighash) { + if ($confighash{$key}[2] eq $cgiparams{'CERT_NAME'}) { + $errormessage = $Lang::tr{'a connection with this common name already exists'}; + goto VPNCONF_ERROR; + } + } + }
# Replace empty strings with a . (my $ou = $cgiparams{'CERT_OU'}) =~ s/^\s*$/./; @@ -4309,16 +4319,6 @@ if ($cgiparams{'TYPE'} eq 'net') { goto VPNCONF_ERROR; }
- # Check if there is no other entry with this common name - if ((! $cgiparams{'KEY'}) && ($cgiparams{'AUTH'} ne 'psk')) { - foreach my $key (keys %confighash) { - if ($confighash{$key}[2] eq $cgiparams{'CERT_NAME'}) { - $errormessage = $Lang::tr{'a connection with this common name already exists'}; - goto VPNCONF_ERROR; - } - } - } - # Save the config my $key = $cgiparams{'KEY'};