X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=blobdiff_plain;f=html%2Fcgi-bin%2Fovpnmain.cgi;h=8622f6d63894917946babb7d97ab467115bfb043;hp=6def979e455a1de87f11b1458e14a2da83587d69;hb=92b87e17f1497be27cc61038b4852b00e84f5d15;hpb=360378014d0ba62c1ced4b204080f05c2a3de575

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
old mode 100755
new mode 100644
index 6def979e4..8622f6d63
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -2,7 +2,7 @@
 ###############################################################################
 #                                                                             #
 # IPFire.org - A linux based firewall                                         #
-# Copyright (C) 2007-2011  IPFire Team  <info@ipfire.org>                     #
+# Copyright (C) 2007-2013  IPFire Team  <info@ipfire.org>                     #
 #                                                                             #
 # This program is free software: you can redistribute it and/or modify        #
 # it under the terms of the GNU General Public License as published by        #
@@ -863,7 +863,7 @@ if ($cgiparams{'ACTION'} eq $Lang::tr{'save-adv-options'}) {
     }
 		
     if ($cgiparams{'DHCP_DOMAIN'} ne ''){
-	unless (&General::validfqdn($cgiparams{'DHCP_DOMAIN'}) || &General::validip($cgiparams{'DHCP_DOMAIN'})) {
+	unless (&General::validdomainname($cgiparams{'DHCP_DOMAIN'}) || &General::validip($cgiparams{'DHCP_DOMAIN'})) {
 		$errormessage = $Lang::tr{'invalid input for dhcp domain'};
 	goto ADV_ERROR;
     	}
@@ -2339,6 +2339,9 @@ ADV_ERROR:
     if ($cgiparams{'LOG_VERB'} eq '') {
 	$cgiparams{'LOG_VERB'} =  '3';
     }
+    if ($cgiparams{'PMTU_DISCOVERY'} eq '') {
+	$cgiparams{'PMTU_DISCOVERY'} = 'off';
+    }
     $checked{'CLIENT2CLIENT'}{'off'} = '';
     $checked{'CLIENT2CLIENT'}{'on'} = '';
     $checked{'CLIENT2CLIENT'}{$cgiparams{'CLIENT2CLIENT'}} = 'CHECKED';
@@ -2375,7 +2378,7 @@ ADV_ERROR:
     }
     &Header::openbox('100%', 'LEFT', $Lang::tr{'advanced server'});
     print <<END
-    <form method='post' enctype='multipart/form-data' disabled>
+    <form method='post' enctype='multipart/form-data'>
     <table width='100%' border=0>
     <tr>
 	<td colspan='4'><b>$Lang::tr{'dhcp-options'}</b></td>
@@ -2436,7 +2439,7 @@ print <<END;
         <td><input type='text' name='MAX_CLIENTS' value='$cgiparams{'MAX_CLIENTS'}' size='10' /></td>
     </tr>	
      	<tr>
-     	  <td class='base'>Keppalive <br />
+     	  <td class='base'>Keepalive <br />
      	    (ping/ping-restart)</td>
      	  <td><input type='TEXT' name='KEEPALIVE_1' value='$cgiparams{'KEEPALIVE_1'}' size='10' /></td>
      	  <td><input type='TEXT' name='KEEPALIVE_2' value='$cgiparams{'KEEPALIVE_2'}' size='10' /></td>
@@ -3498,21 +3501,36 @@ if ($cgiparams{'TYPE'} eq 'host') {
 ###
 
 if ($cgiparams{'TYPE'} eq 'net') {
-		
-    if ($cgiparams{'DEST_PORT'} eq  $vpnsettings{'DDEST_PORT'}) {
+	if ($cgiparams{'DEST_PORT'} eq  $vpnsettings{'DDEST_PORT'}) {
 			$errormessage = $Lang::tr{'openvpn destination port used'};
 			unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
 	    rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
       goto VPNCONF_ERROR;			
 		}
-    
-    if ($cgiparams{'DEST_PORT'} eq  '') {
+    #Bugfix 10357
+    foreach my $key (sort keys %confighash){
+		if ( ($confighash{$key}[22] eq $cgiparams{'DEST_PORT'} && $cgiparams{'NAME'} ne $confighash{$key}[1]) || ($confighash{$key}[29] eq $cgiparams{'DEST_PORT'} && $cgiparams{'NAME'} ne $confighash{$key}[1])){
 			$errormessage = $Lang::tr{'openvpn destination port used'};
 			unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
 	    rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
+      goto VPNCONF_ERROR;	
+		}
+	}
+    if ($cgiparams{'DEST_PORT'} eq  '') {
+			$errormessage = $Lang::tr{'invalid port'};
+			unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+	    rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
       goto VPNCONF_ERROR;			
 		}
 
+    # Check if the input for the transfer net is valid.
+    if (!&General::validipandmask($cgiparams{'OVPN_SUBNET'})){
+			$errormessage = $Lang::tr{'ccd err invalidnet'};
+			unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+	    rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
+			goto VPNCONF_ERROR;
+		}
+
     if ($cgiparams{'OVPN_SUBNET'} eq  $vpnsettings{'DOVPN_SUBNET'}) {
 			$errormessage = $Lang::tr{'openvpn subnet is used'};
 			unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
@@ -3920,7 +3938,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
 	    }
 	}
 
-        # Save the config
+    # Save the config
 	my $key = $cgiparams{'KEY'};
 	
 	if (! $key) {
@@ -3980,6 +3998,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
 			if ( -e "${General::swroot}/ovpn/ccd/$confighash{$key}[2]"){
 				unlink "${General::swroot}/ovpn/ccd/$cgiparams{'CERT_NAME'}";
 			}
+			$confighash{$key}[2] =~ s/ /_/gi;
 			open ( CCDRWCONF,'>',"${General::swroot}/ovpn/ccd/$confighash{$key}[2]") or die "Unable to create clientconfigfile $!";
 			print CCDRWCONF "# OpenVPN clientconfig from ccd extension by Copymaster#\n\n";
 			if($cgiparams{'CHECK1'} eq 'dynamic'){
@@ -4139,6 +4158,9 @@ if ($cgiparams{'TYPE'} eq 'net') {
     $checked{'MSSFIX'}{'on'} = '';
     $checked{'MSSFIX'}{$cgiparams{'MSSFIX'}} = 'CHECKED';
 
+    if ($cgiparams{'PMTU_DISCOVERY'} eq '') {
+	$cgiparams{'PMTU_DISCOVERY'} = 'off';
+    }
     $checked{'PMTU_DISCOVERY'}{$cgiparams{'PMTU_DISCOVERY'}} = 'checked=\'checked\'';
 
 
@@ -4968,19 +4990,13 @@ END
 }
 
 
-	my $disable_clientdl = "disabled='disabled'";
-	if (( $cgiparams{'ENABLED'} eq 'on') || 
-	    ( $cgiparams{'ENABLED_BLUE'} eq 'on') ||
-	    ( $cgiparams{'ENABLED_ORANGE'} eq 'on')){
-	    $disable_clientdl = "";
-	}
 	print <<END
 	<td align='center'>$active</td>
 		
 	<form method='post' name='frm${key}a'><td align='center'>
-	    <input type='image'  name='$Lang::tr{'dl client arch'}' $disable_clientdl src='/images/openvpn.png' alt='$Lang::tr{'dl client arch'}' title='$Lang::tr{'dl client arch'}' border='0' />
-	    <input type='hidden' name='ACTION' value='$Lang::tr{'dl client arch'}' $disable_clientdl />
-	    <input type='hidden' name='KEY' value='$key' $disable_clientdl />
+	    <input type='image'  name='$Lang::tr{'dl client arch'}' src='/images/openvpn.png' alt='$Lang::tr{'dl client arch'}' title='$Lang::tr{'dl client arch'}' border='0' />
+	    <input type='hidden' name='ACTION' value='$Lang::tr{'dl client arch'}' />
+	    <input type='hidden' name='KEY' value='$key' />
 	</td></form>
 END
 	;

$Lang::tr{'dhcp-options'}
Keppalive +	Keepalive (ping/ping-restart)			- - - + + +