BUG10627: Check if a OpenVPN N2N has same remote subnet as another N2N

diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl
index 8ed87fc80e58d5b40f3a5cc108d2d3e36fb767c8..5246e9ffbad7bba57fb07ee39f7f00410f472436 100644 (file)
--- a/config/cfgroot/general-functions.pl
+++ b/config/cfgroot/general-functions.pl
@@ -461,7 +461,6 @@ sub checksubnets
        my @ccdconf=();
        my $ccdname=$_[0];
        my $ccdnet=$_[1];
-       my $ownnet=$_[2];
        my $errormessage;
        my ($ip,$cidr)=split(/\//,$ccdnet);
        $cidr=&iporsubtocidr($cidr);
@@ -478,15 +477,13 @@ sub checksubnets
        }
 
        #check if we try to use same network as another ovpn N2N
-       if($ownnet ne 'ovpn'){
-               &readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ovpnconfhash);
-               foreach my $key (keys %ovpnconfhash) {
-                       if ($ovpnconfhash{$key}[3] eq 'net'){
-                               my @ovpnnet=split (/\//,$ovpnconfhash{$key}[11]);
-                               if (&IpInSubnet($ip,$ovpnnet[0],&iporsubtodec($ovpnnet[1]))){
-                                       $errormessage=$errormessage.$Lang::tr{'ccd err isovpnn2n'}." $ovpnconfhash{$key}[1] <br>";
-                                       return $errormessage;
-                               }
+       &readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ovpnconfhash);
+       foreach my $key (keys %ovpnconfhash) {
+               if ($ovpnconfhash{$key}[3] eq 'net'){
+                       my @ovpnnet=split (/\//,$ovpnconfhash{$key}[11]);
+                       if (&IpInSubnet($ip,$ovpnnet[0],&iporsubtodec($ovpnnet[1]))){
+                               $errormessage=$errormessage.$Lang::tr{'ccd err isovpnn2n'}." $ovpnconfhash{$key}[1] <br>";
+                               return $errormessage;
                        }
                }
        }

diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi
old mode 100644 (file)
new mode 100755 (executable)
index 969b255..b312162
--- a/html/cgi-bin/ovpnmain.cgi
+++ b/html/cgi-bin/ovpnmain.cgi
@@ -3755,9 +3755,12 @@ if ($cgiparams{'TYPE'} eq 'net') {
        }
        #Check if remote subnet is used elsewhere
        my ($n2nip,$n2nsub)=split("/",$cgiparams{'REMOTE_SUBNET'});
-       $warnmessage=&General::checksubnets('',$n2nip,'ovpn');
+       if ($cgiparams{'oldremote'} ne $cgiparams{'REMOTE_SUBNET'}){
+               $warnmessage=&General::checksubnets('',$n2nip);
+               #$cgiparams{'oldremote'}='';
+       }
        if ($warnmessage){
-               $warnmessage=$Lang::tr{'remote subnet'}." ($cgiparams{'REMOTE_SUBNET'}) <br>".$warnmessage;
+               $warnmessage=$Lang::tr{'remote subnet'}." ($cgiparams{'REMOTE_SUBNET'}) <br>$cgiparams{'oldremote'}".$warnmessage;
        }
 }
 
@@ -4390,6 +4393,7 @@ if ($cgiparams{'TYPE'} eq 'net') {
        }
 
        &Header::openbox('100%', 'LEFT', "$Lang::tr{'connection'}:");
+       $cgiparams{'oldremote'}=$cgiparams{'REMOTE_SUBNET'};
        print "<table width='100%'  border='0'>\n";
 
        print "<tr><td width='14%' class='boldbase'>$Lang::tr{'name'}: </td>";
@@ -4798,6 +4802,7 @@ END
      &Header::closebox();
 }
        print "<div align='center'><input type='submit' name='ACTION' value='$Lang::tr{'save'}' />";
+       print "<input type='hidden' name='oldremote' value='$cgiparams{'oldremote'}' />";
        if ($cgiparams{'KEY'}) {
 #          print "<input type='submit' name='ACTION' value='$Lang::tr{'advanced'}' />";
        }