Project

General

Profile

Actions
Copy link

Bug #15384

closed

Reordering IPsec Phase 2 entries may result in a malformed configuration

Added by Georgiy Tyutyunnik 28 days ago. Updated 24 days ago.

Status:
Resolved
Priority:
Normal
Assignee:
Jim Pingle
Category:
IPsec
Target version:
2.8.0
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
24.03
Release Notes:
Default
Affected Version:
Affected Architecture:

Description

Changing the order of phase2 entries for the tunnels and saving produces bad config and results in "configuration restore" events.

Files

clipboard-202404060923-if4ij.png (25.5 KB) clipboard-202404060923-if4ij.png Lev Prokofev, 04/06/2024 05:22 AM

Related issues

Related to Bug #15157: PHP error when generating a notification after detecting a malformed configurationResolvedSteve Wheeler

Actions
Actions
Copy link
 #1

Updated by Georgiy Tyutyunnik 28 days ago

  • Related to Bug #15157: PHP error when generating a notification after detecting a malformed configuration added
Actions
Copy link
 #2

Updated by Lev Prokofev 27 days ago

I can confirm this behavior on

    23.09.1-RELEASE (amd64)
built on Wed Dec 20 21:27:00 MSK 2023
FreeBSD 14.0-CURRENT

To replicate it you just need to select one of the P2 entries and click on the anchor icon.

Crash report begins.  Anonymous machine information:

amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT amd64 1400094 #1 plus-RELENG_23_09_1-n256200-3de1e293f3a: Wed Dec  6 21:00:32 UTC 2023     root@freebsd:/var/jenkins/workspace/pfSense-Plus-snapshots-23_09_1-main/obj/amd64/Obhu6gXB/var/jenkins/workspace/pfSense-Plus-snapshots-23_09_1

Crash report details:

PHP Errors:
[06-Apr-2024 08:17:54 Europe/Moscow] PHP Fatal error:  Uncaught TypeError: array_path_enabled(): Argument #1 ($arr) must be of type array, int given, called in /etc/inc/config.lib.inc on line 1264 and defined in /etc/inc/util.inc:3748
Stack trace:
#0 /etc/inc/config.lib.inc(1264): array_path_enabled(-1, 'notifications/s...', 'disable')
#1 /etc/inc/notices.inc(379): config_path_enabled('notifications/s...', 'disable')
#2 /etc/inc/notices.inc(662): notify_via_smtp('Netgate pfSense...')
#3 /etc/inc/notices.inc(151): notify_all_remote('Netgate pfSense...')
#4 /etc/inc/config.lib.inc(239): file_notice('config.xml', 'Netgate pfSense...', 'pfSenseConfigur...', '')
#5 /etc/inc/config.lib.inc(695): restore_backup('/cf/conf/backup...')
#6 /usr/local/www/vpn_ipsec.php(264): write_config('Saved configura...')
#7 {main}
  thrown in /etc/inc/util.inc on line 3748
[06-Apr-2024 08:17:54 Europe/Moscow] PHP Fatal error:  Uncaught TypeError: array_path_enabled(): Argument #1 ($arr) must be of type array, int given, called in /etc/inc/config.lib.inc on line 1264 and defined in /etc/inc/util.inc:3748
Stack trace:
#0 /etc/inc/config.lib.inc(1264): array_path_enabled(-1, 'notifications/s...', 'disable')
#1 /etc/inc/notices.inc(379): config_path_enabled('notifications/s...', 'disable')
#2 /etc/inc/notices.inc(662): notify_via_smtp('PHP ERROR: Type...')
#3 /etc/inc/notices.inc(151): notify_all_remote('PHP ERROR: Type...')
#4 /etc/inc/config.lib.inc(1168): file_notice('phperror', 'PHP ERROR: Type...', 'PHP errors')
#5 [internal function]: pfSense_clear_globals()
#6 {main}
  thrown in /etc/inc/util.inc on line 3748
[06-Apr-2024 08:18:10 Europe/Moscow] PHP Fatal error:  Uncaught TypeError: array_path_enabled(): Argument #1 ($arr) must be of type array, int given, called in /etc/inc/config.lib.inc on line 1264 and defined in /etc/inc/util.inc:3748
Stack trace:
#0 /etc/inc/config.lib.inc(1264): array_path_enabled(-1, 'notifications/s...', 'disable')
#1 /etc/inc/notices.inc(379): config_path_enabled('notifications/s...', 'disable')
#2 /etc/inc/notices.inc(662): notify_via_smtp('Netgate pfSense...')
#3 /etc/inc/notices.inc(151): notify_all_remote('Netgate pfSense...')
#4 /etc/inc/config.lib.inc(239): file_notice('config.xml', 'Netgate pfSense...', 'pfSenseConfigur...', '')
#5 /etc/inc/config.lib.inc(695): restore_backup('/cf/conf/backup...')
#6 /usr/local/www/vpn_ipsec.php(264): write_config('Saved configura...')
#7 {main}
  thrown in /etc/inc/util.inc on line 3748
[06-Apr-2024 08:18:10 Europe/Moscow] PHP Fatal error:  Uncaught TypeError: array_path_enabled(): Argument #1 ($arr) must be of type array, int given, called in /etc/inc/config.lib.inc on line 1264 and defined in /etc/inc/util.inc:3748
Stack trace:
#0 /etc/inc/config.lib.inc(1264): array_path_enabled(-1, 'notifications/s...', 'disable')
#1 /etc/inc/notices.inc(379): config_path_enabled('notifications/s...', 'disable')
#2 /etc/inc/notices.inc(662): notify_via_smtp('PHP ERROR: Type...')
#3 /etc/inc/notices.inc(151): notify_all_remote('PHP ERROR: Type...')
#4 /etc/inc/config.lib.inc(1168): file_notice('phperror', 'PHP ERROR: Type...', 'PHP errors')
#5 [internal function]: pfSense_clear_globals()
#6 {main}
  thrown in /etc/inc/util.inc on line 3748
[06-Apr-2024 08:18:41 Europe/Moscow] PHP Fatal error:  Uncaught TypeError: array_path_enabled(): Argument #1 ($arr) must be of type array, int given, called in /etc/inc/config.lib.inc on line 1264 and defined in /etc/inc/util.inc:3748
Stack trace:
#0 /etc/inc/config.lib.inc(1264): array_path_enabled(-1, 'notifications/s...', 'disable')
#1 /etc/inc/notices.inc(379): config_path_enabled('notifications/s...', 'disable')
#2 /etc/inc/notices.inc(662): notify_via_smtp('Netgate pfSense...')
#3 /etc/inc/notices.inc(151): notify_all_remote('Netgate pfSense...')
#4 /etc/inc/config.lib.inc(239): file_notice('config.xml', 'Netgate pfSense...', 'pfSenseConfigur...', '')
#5 /etc/inc/config.lib.inc(695): restore_backup('/cf/conf/backup...')
#6 /usr/local/www/vpn_ipsec.php(264): write_config('Saved configura...')
#7 {main}
  thrown in /etc/inc/util.inc on line 3748
[06-Apr-2024 08:18:41 Europe/Moscow] PHP Fatal error:  Uncaught TypeError: array_path_enabled(): Argument #1 ($arr) must be of type array, int given, called in /etc/inc/config.lib.inc on line 1264 and defined in /etc/inc/util.inc:3748
Stack trace:
#0 /etc/inc/config.lib.inc(1264): array_path_enabled(-1, 'notifications/s...', 'disable')
#1 /etc/inc/notices.inc(379): config_path_enabled('notifications/s...', 'disable')
#2 /etc/inc/notices.inc(662): notify_via_smtp('PHP ERROR: Type...')
#3 /etc/inc/notices.inc(151): notify_all_remote('PHP ERROR: Type...')
#4 /etc/inc/config.lib.inc(1168): file_notice('phperror', 'PHP ERROR: Type...', 'PHP errors')
#5 [internal function]: pfSense_clear_globals()
#6 {main}
  thrown in /etc/inc/util.inc on line 3748

No FreeBSD crash data found.
Actions
Copy link
 #3

Updated by Jim Pingle 25 days ago

  • Assignee set to Jim Pingle
  • Target version set to 2.8.0
  • Plus Target Version set to 24.03

This only happens if you try to move something into the first position. If you move any P2 into any other place it works as expected, moving the selected entry into the spot above the row where the anchor was clicked.

Actions
Copy link
 #4

Updated by Jim Pingle 25 days ago

  • Status changed from New to Feedback
  • % Done changed from 0 to 100
Actions
Copy link
 #5

Updated by Jim Pingle 25 days ago

  • Subject changed from IPSec phase2 reordering doesn't work correctly to Reordering IPsec Phase 2 entries may result in a malformed configuration
Actions
Copy link
 #6

Updated by dylan mendez 25 days ago

Confirmed on 2.7.2 change fixes the problem.

Actions
Copy link
 #7

Updated by Jim Pingle 24 days ago

  • Status changed from Feedback to Resolved
Actions
Copy link

Also available in: Atom PDF