]> git.ipfire.org Git - ipfire-2.x.git/commitdiff
dns.cgi: Show error when trying to use ISP nameservers and TLS at the same time.
authorStefan Schantl <stefan.schantl@ipfire.org>
Mon, 13 Jan 2020 16:40:29 +0000 (17:40 +0100)
committerStefan Schantl <stefan.schantl@ipfire.org>
Mon, 13 Jan 2020 16:40:29 +0000 (17:40 +0100)
Because the ISP-assigned nameservers do not have any TLS-hostname
information they cannot be used, when TLS is activated.

They only can be used if they will be added as "regular" DNS servers
with a TLS-hostname.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
html/cgi-bin/dns.cgi
langs/en/cgi-bin/en.pl

index d35bc4eabba600cccc1938ae2fd697a69b566d39..a16d6971db9ac8d22b49960c67b53497b963d85a 100755 (executable)
@@ -87,11 +87,20 @@ if ($cgiparams{'GENERAL'} eq $Lang::tr{'save'}) {
                $cgiparams{'ENABLE_SAFE_SEARCH'} = "off";
        }
 
-       # Store settings into settings file.
-       &General::writehash("$settings_file", \%cgiparams);
+       # Check if using ISP nameservers and TLS is enabled at the same time.
+       if (($cgiparams{'USE_ISP_NAMESERVERS'} eq "on") && ($cgiparams{'PROTO'} eq "TLS")) {
+               $errormessage = $Lang::tr{'dns isp nameservers and tls not allowed'}
+       }
 
-       # Call function to handle unbound restart, etc.
-       &_handle_unbound_and_more()
+       # Check if there was an error.
+       if ( ! $errormessage) {
+
+               # Store settings into settings file.
+               &General::writehash("$settings_file", \%cgiparams);
+
+               # Call function to handle unbound restart, etc.
+               &_handle_unbound_and_more()
+       }
 }
 
 ###
index fb864440502fd8c615a5e1a5cf5da642a2333315..338110fa8e9ebb52dcb2b82ded6b0e1f1e9f9a75 100644 (file)
 'dns forward disable dnssec' => 'Disable DNSSEC (dangerous)',
 'dns forwarding dnssec disabled notice' => '(DNSSEC disabled)',
 'dns header' => 'Assign DNS server addresses only for DHCP on red0',
+'dns isp nameservers and tls not allowed' => 'ISP-assigned DNS servers and TLS cannot be used at the same time.',
 'dns isp assigned nameserver' => 'ISP-assigned DNS server',
 'dns list' => 'List of free public DNS servers',
 'dns menu' => 'Assign DNS Server',