From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Wed, 17 Jul 2013 17:58:20 +0000 (+0200)
Subject: ovpnmain.cgi: Add check for a valid N2N network.
X-Git-Tag: v2.13-core72^2~40^2^2~2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f48074bacbf1e3835ca8975d82e5dd2dc514bcb1;p=people%2Fms%2Fipfire-2.x.git

ovpnmain.cgi: Add check for a valid N2N network.

Fixes #10390.
---

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index a4953ffe49..38dad1ded1 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -3520,6 +3520,14 @@ if ($cgiparams{'TYPE'} eq 'net') {
       goto VPNCONF_ERROR;			
 		}
 
+    # Check if the input for the transfer net is valid.
+    if (!&General::validipandmask($cgiparams{'OVPN_SUBNET'})){
+			$errormessage = $Lang::tr{'ccd err invalidnet'};
+			unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+	    rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
+			goto VPNCONF_ERROR;
+		}
+
     if ($cgiparams{'OVPN_SUBNET'} eq  $vpnsettings{'DOVPN_SUBNET'}) {
 			$errormessage = $Lang::tr{'openvpn subnet is used'};
 			unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";