From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Wed, 17 Jul 2013 17:58:20 +0000 (+0200)
Subject: ovpnmain.cgi: Add check for a valid N2N network.
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=794515c1dc6db1a04a2ce52e7b5e3a04742addb8;p=people%2Fms%2Fipfire-2.x.git

ovpnmain.cgi: Add check for a valid N2N network.

Fixes #10390.
---

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 15da7abbbb..a5e696e070 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -3475,6 +3475,14 @@ if ($cgiparams{'TYPE'} eq 'net') {
       goto VPNCONF_ERROR;			
 		}
 
+    # Check if the input for the transfer net is valid.
+    if (!&General::validipandmask($cgiparams{'OVPN_SUBNET'})){
+			$errormessage = $Lang::tr{'ccd err invalidnet'};
+			unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+	    rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
+			goto VPNCONF_ERROR;
+		}
+
     if ($cgiparams{'OVPN_SUBNET'} eq  $vpnsettings{'DOVPN_SUBNET'}) {
 			$errormessage = $Lang::tr{'openvpn subnet is used'};
 			unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";