From: Alexander Marx Date: Mon, 22 Sep 2014 05:56:12 +0000 (+0200) Subject: BUG10627: Check if a OpenVPN N2N has same remote subnet as another N2N X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=refs%2Fheads%2FBUG10627;p=people%2Famarx%2Fipfire-2.x.git BUG10627: Check if a OpenVPN N2N has same remote subnet as another N2N --- diff --git a/config/cfgroot/general-functions.pl b/config/cfgroot/general-functions.pl index 8ed87fc80..5246e9ffb 100644 --- a/config/cfgroot/general-functions.pl +++ b/config/cfgroot/general-functions.pl @@ -461,7 +461,6 @@ sub checksubnets my @ccdconf=(); my $ccdname=$_[0]; my $ccdnet=$_[1]; - my $ownnet=$_[2]; my $errormessage; my ($ip,$cidr)=split(/\//,$ccdnet); $cidr=&iporsubtocidr($cidr); @@ -478,15 +477,13 @@ sub checksubnets } #check if we try to use same network as another ovpn N2N - if($ownnet ne 'ovpn'){ - &readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ovpnconfhash); - foreach my $key (keys %ovpnconfhash) { - if ($ovpnconfhash{$key}[3] eq 'net'){ - my @ovpnnet=split (/\//,$ovpnconfhash{$key}[11]); - if (&IpInSubnet($ip,$ovpnnet[0],&iporsubtodec($ovpnnet[1]))){ - $errormessage=$errormessage.$Lang::tr{'ccd err isovpnn2n'}." $ovpnconfhash{$key}[1]
"; - return $errormessage; - } + &readhasharray("${General::swroot}/ovpn/ovpnconfig", \%ovpnconfhash); + foreach my $key (keys %ovpnconfhash) { + if ($ovpnconfhash{$key}[3] eq 'net'){ + my @ovpnnet=split (/\//,$ovpnconfhash{$key}[11]); + if (&IpInSubnet($ip,$ovpnnet[0],&iporsubtodec($ovpnnet[1]))){ + $errormessage=$errormessage.$Lang::tr{'ccd err isovpnn2n'}." $ovpnconfhash{$key}[1]
"; + return $errormessage; } } } diff --git a/html/cgi-bin/ovpnmain.cgi b/html/cgi-bin/ovpnmain.cgi old mode 100644 new mode 100755 index 969b2557f..b31216299 --- a/html/cgi-bin/ovpnmain.cgi +++ b/html/cgi-bin/ovpnmain.cgi @@ -3755,9 +3755,12 @@ if ($cgiparams{'TYPE'} eq 'net') { } #Check if remote subnet is used elsewhere my ($n2nip,$n2nsub)=split("/",$cgiparams{'REMOTE_SUBNET'}); - $warnmessage=&General::checksubnets('',$n2nip,'ovpn'); + if ($cgiparams{'oldremote'} ne $cgiparams{'REMOTE_SUBNET'}){ + $warnmessage=&General::checksubnets('',$n2nip); + #$cgiparams{'oldremote'}=''; + } if ($warnmessage){ - $warnmessage=$Lang::tr{'remote subnet'}." ($cgiparams{'REMOTE_SUBNET'})
".$warnmessage; + $warnmessage=$Lang::tr{'remote subnet'}." ($cgiparams{'REMOTE_SUBNET'})
$cgiparams{'oldremote'}".$warnmessage; } } @@ -4390,6 +4393,7 @@ if ($cgiparams{'TYPE'} eq 'net') { } &Header::openbox('100%', 'LEFT', "$Lang::tr{'connection'}:"); + $cgiparams{'oldremote'}=$cgiparams{'REMOTE_SUBNET'}; print "\n"; print ""; @@ -4798,6 +4802,7 @@ END &Header::closebox(); } print "
"; + print ""; if ($cgiparams{'KEY'}) { # print ""; }
$Lang::tr{'name'}: