From efc8cdbc90ee0e8cf1f731923b6aed700e3b9d65 Mon Sep 17 00:00:00 2001
From: Alexander Marx <alexander.marx@ipfire.org>
Date: Thu, 27 Aug 2015 15:20:11 +0200
Subject: [PATCH] BUG10916: check comma in PSK field

---
 html/cgi-bin/vpnmain.cgi | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/html/cgi-bin/vpnmain.cgi b/html/cgi-bin/vpnmain.cgi
index 8c44b7e93..4f47742cb 100644
--- a/html/cgi-bin/vpnmain.cgi
+++ b/html/cgi-bin/vpnmain.cgi
@@ -1413,6 +1413,10 @@ END
 		$errormessage = $Lang::tr{'invalid characters found in pre-shared key'};
 		goto VPNCONF_ERROR;
 	    }
+		if ($cgiparams{'PSK'} =~ /,/) {
+			$errormessage = $Lang::tr{'invalid characters found in pre-shared key'};
+			goto VPNCONF_ERROR;
+		}
 	} elsif ($cgiparams{'AUTH'} eq 'certreq') {
 	    if ($cgiparams{'KEY'}) {
 		$errormessage = $Lang::tr{'cant change certificates'};
-- 
2.47.2