ids.cgi: Add some more sanity checks when adding a new provider.

* Check if the system is online.
* Check if enough free disk space is available.
* Abort whith an error message if the ruleset could not be
  downloaded.

In error case the provider now will be removed again from the file which
keeps the configured providers. Sadly it needs to be added first because
otherwise the downloader could not read the required values from it.....

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

diff --git a/html/cgi-bin/ids.cgi b/html/cgi-bin/ids.cgi
index e72820204087e6ca5a60dd1b04a3ecea3c43cea4..27f72ba4d70b60b7c38f159f703fbff82df088a9 100644 (file)
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -815,34 +815,56 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'ids apply'}) {
 
                # Check if a new provider will be added.
                if ($cgiparams{'PROVIDERS'} eq $Lang::tr{'add'}) {
-                       # Lock the webpage and print notice about downloading
-                       # a new ruleset.
-                       &working_notice("$Lang::tr{'ids working'}");
+                       # Check if the red device is active.
+                       unless (-e "${General::swroot}/red/active") {
+                               $errormessage = "$Lang::tr{'ids could not add provider'} - $Lang::tr{'system is offline'}";
+                       }
+
+                       # Check if enough free disk space is availabe.
+                       if(&IDS::checkdiskspace()) {
+                               $errormessage = "$Lang::tr{'ids could not add provider'} - $Lang::tr{'not enough disk space'}";
+                       }
 
-                       # Download the ruleset.
-                       &IDS::downloadruleset($provider);
+                       # Check if any errors happend.
+                       unless ($errormessage) {
+                               # Lock the webpage and print notice about downloading
+                               # a new ruleset.
+                               &working_notice("$Lang::tr{'ids working'}");
 
-                       # Extract the ruleset
-                       &IDS::extractruleset($provider);
+                               # Download the ruleset.
+                               if(&IDS::downloadruleset($provider)) {
+                                       $errormessage = "$Lang::tr{'ids could not add provider'} - $Lang::tr{'ids unable to download the ruleset'}";
 
-                       # Move the ruleset.
-                       &IDS::move_tmp_ruleset();
+                                       # Call function to store the errormessage.
+                                       &IDS::_store_error_message($errormessage);
 
-                       # Cleanup temporary directory.
-                       &IDS::cleanup_tmp_directory();
+                                       # Remove the configured provider again.
+                                       &remove_provider($id);
+                               } else {
+                                       # Extract the ruleset
+                                       &IDS::extractruleset($provider);
 
-                       # Create new empty file for used rulefiles
-                       # for this provider.
-                       &IDS::write_used_provider_rulefiles_file($provider);
+                                       # Move the ruleset.
+                                       &IDS::move_tmp_ruleset();
 
-                       # Perform a reload of the page.
-                       &reload();
+                                       # Cleanup temporary directory.
+                                       &IDS::cleanup_tmp_directory();
+
+                                       # Create new empty file for used rulefiles
+                                       # for this provider.
+                                       &IDS::write_used_provider_rulefiles_file($provider);
+                               }
+
+                               # Perform a reload of the page.
+                               &reload();
+                       }
                }
 
-               # Undefine providers flag.
-               undef($cgiparams{'PROVIDERS'});
        }
 
+       # Undefine providers flag.
+       undef($cgiparams{'PROVIDERS'});
+
 ## Toggle Enabled/Disabled for an existing provider.
 #
 } elsif ($cgiparams{'PROVIDERS'} eq $Lang::tr{'toggle enable disable'}) {

diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index a4a81fc38980600e6564d179aa054102ccbf4801..bb2e8f8e2a1a3806c61b002d2a04ee34fc417e48 100644 (file)
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -1377,6 +1377,7 @@
 'ids apply ruleset changes' => 'Regeländerungen werden übernommen. Bitte warten Sie, bis dieser Vorgang erfolgreich beendet wurde...',
 'ids autoupdates' => 'Automatische Updates',
 'ids automatic rules update' => 'Automatische Regelaktualisierung',
+'ids could not add provider' => 'Provider konnte nicht hinzugefügt werden',
 'ids customize ruleset' => 'Regelset anpassen',
 'ids download new ruleset' => 'Das neue Regelset wird heruntergeladen und entpackt. Bitte warten Sie, bis dieser Vorgang erfolgreich beendet wurde...',
 'ids enable' => 'Einbruchsverhinderungssystem aktivieren',
@@ -1400,6 +1401,7 @@
 'ids ruleset settings' => 'Regelsatzeinstellungen',
 'ids show' => 'Anzeigen',
 'ids the choosen provider is already in use' => 'Der gewhählte Provider wird bereits verwendet.',
+'ids unable to download the ruleset' => 'Das Regelset konnte nicht heruntergeladen werden.',
 'ids visit provider website' => 'Anbieter-Webseite besuchen',
 'ids working' => 'Änderungen werden übernommen. Bitte warten Sie, bis dieser Vorgang erfolgreich beendet wurde.',
 'iface' => 'Iface',

diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 59496b195e05b85b9d12d03ec5a638a1f649d886..2c7ae2d7c345342bcf3ce22031d36fce48693d33 100644 (file)
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -1406,6 +1406,7 @@
 'ids apply ruleset changes' => 'The ruleset changes are being applied. Please wait until all operations have completed successfully...',
 'ids autoupdates' => 'Automatic updates',
 'ids automatic rules update' => 'Automatic Rule Update',
+'ids could not add provider' => 'Could not add provider',
 'ids customize ruleset' => 'Customize ruleset',
 'ids download new ruleset' => 'Downloading and unpacking new ruleset. Please wait until all operations have completed successfully...',
 'ids enable' => 'Enable Intrusion Prevention System',
@@ -1429,6 +1430,7 @@
 'ids ruleset settings' => 'Ruleset Settings',
 'ids show' => 'Show',
 'ids the choosen provider is already in use' => 'The choosen provider is already in use.',
+'ids unable to download the ruleset' => 'Unable to download the ruleset',
 'ids visit provider website' => 'Visit provider website',
 'ids working' => 'Changes are being applied. Please wait until all operations have completed successfully...',
 'iface' => 'Iface',