From: Erik Kapfer <erik.kapfer@ipfire.org>
Date: Thu, 31 Jul 2014 06:43:24 +0000 (+0200)
Subject: OpenVPN: Added a check for empty 'CERT_NAME' field.
X-Git-Url: http://git.ipfire.org/?p=people%2Fteissler%2Fipfire-2.x.git;a=commitdiff_plain;h=156311fbcd67f00002fe658e1ee4b20154bf014a

OpenVPN: Added a check for empty 'CERT_NAME' field.

Fixes: #10581
---

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
index 927616a55..14308e549 100644
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -3968,10 +3968,8 @@ if ($cgiparams{'TYPE'} eq 'net') {
 		$errormessage = $Lang::tr{'name too long'};
 		goto VPNCONF_ERROR;
 	    }
-	    if ($cgiparams{'CERT_NAME'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
+	    if ($cgiparams{'CERT_NAME'} eq '' || $cgiparams{'CERT_NAME'} !~ /^[a-zA-Z0-9 ,\.\-_]+$/) {
 		$errormessage = $Lang::tr{'invalid input for name'};
-		unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
-		rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
 		goto VPNCONF_ERROR;
 	    }
 	    if ($cgiparams{'CERT_EMAIL'} ne '' && (! &General::validemail($cgiparams{'CERT_EMAIL'}))) {