ovpnmain.cgi: Fix remote IP address validation.
authorMichael Tremer <michael.tremer@ipfire.org>
Mon, 19 Aug 2013 15:33:23 +0000 (17:33 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Mon, 19 Aug 2013 15:33:23 +0000 (17:33 +0200)
html/cgi-bin/ovpnmain.cgi

index 5e18d3cb53bf1a01e15565d7a78d50845185f2b0..e6ea1ef596936e6092d602b7daf627a4c0d8f9d1 100644 (file)
@@ -3604,35 +3604,33 @@ if ($cgiparams{'TYPE'} eq 'net') {
        }
 
        # Check if a remote host/IP has been set for the client.
-       if ($cgiparams{'REMOTE'} eq '' && $cgiparams{'SIDE'} ne 'server') {
-           $errormessage = $Lang::tr{'invalid input for remote host/ip'};
+       if ($cgiparams{'TYPE'} eq 'net') {
+               if ($cgiparams{'SIDE'} ne 'server' && $cgiparams{'REMOTE'} eq '') {
+                       $errormessage = $Lang::tr{'invalid input for remote host/ip'};
 
-           # Check if this is a N2N connection and drop temporary config.
-           if ($cgiparams{'TYPE'} eq 'net') {
-               unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
-               rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
-           }
-           goto VPNCONF_ERROR;
-       }
+                       # Check if this is a N2N connection and drop temporary config.
+                       unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+                       rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
 
-       # Check if a remote host/IP has been configured - the field can be empty on the server side.
-       if ($cgiparams{'REMOTE'} ne '') {
+                       goto VPNCONF_ERROR;
+               }
 
-           # Check if the given IP is valid - otherwise check if it is a valid domain.
-           if (! &General::validip($cgiparams{'REMOTE'})) {
+               # Check if a remote host/IP has been configured - the field can be empty on the server side.
+               if ($cgiparams{'REMOTE'} ne '') {
+                       # Check if the given IP is valid - otherwise check if it is a valid domain.
+                       if (! &General::validip($cgiparams{'REMOTE'})) {
+                               # Check for a valid domain.
+                               if (! &General::validfqdn ($cgiparams{'REMOTE'}))  {
+                                       $errormessage = $Lang::tr{'invalid input for remote host/ip'};
 
-               # Check for a valid domain.
-               if (! &General::validfqdn ($cgiparams{'REMOTE'}))  {
-                   $errormessage = $Lang::tr{'invalid input for remote host/ip'};
+                                       # Check if this is a N2N connection and drop temporary config.
+                                       unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
+                                       rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
 
-                   # Check if this is a N2N connection and drop temporary config.
-                   if ($cgiparams{'TYPE'} eq 'net') {
-                       unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
-                       rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
-                   }
-                   goto VPNCONF_ERROR;
+                                       goto VPNCONF_ERROR;
+                               }
+                       }
                }
-           }
        }
 
        if ($cgiparams{'TYPE'} ne 'host') {