Bug #10442
closed
ACME: special characters in descriptions trigger silent error and rollback
100%
Description
pfSense: 2.4.5
Acme: 0.6.6
Re-create:
1) ACME > Certificates: create new certificate
2) enter any settings for domain etc.
3) enter any name as "Name"
4) enter a "Description" with a special character like german Umlauts "öäü" or anything alike
5) hit save
Result:
There'll be no error while saving, it just brings you to the certificate list screen without any entry (the newly created one isn't saved) and the error-bell shows one notification:
pfSense is restoring the configuration /cf/conf/backup/config-1586268777.xml @ 2020-04-07 16:13:31
Supposedly some kind of missing character encoding in the description field I suppose :)
Updated by Jens Groh about 4 years ago
small addition:
is related to Acme 0.6.6 (still happens on 2.5.x snapshots)
There are special chars that work (e.g. !, ) and special chars that aren't correclty translated back from HTML entities (like x%x and ") but if you enter some others like a § sign, the same thing as with äöü will happen (config rollback). So I'm thinking some problem with htmlentities() back and forth?
Updated by Jim Pingle about 4 years ago
- Priority changed from Normal to Low
No, it's not from htmlentities. It's that those characters are not valid in XML. So the field probably needs to have its value CDATA escaped (either by adding this field name to the base system CDATA list or by changing the field name to one that's already escaped).
Updated by Jens Groh about 4 years ago
Ah I see. Would just filtering out those characters via an error message before trying to save it be a better approach?
I know, it's no serious bug at all, but it really cost me 30min to hunt it down while trying to setup an LE certificate via ACME package on a customer's system and not understanding why it happened. After falling back to english descriptions instead of local (german) text, of course it worked immediately ;) but as quite a few customers switch their base language of pfSense to german (besides me recommending they do not) special chars like Umlaute can happen easily when writing a quick description for rules or certificates :)
Updated by Viktor Gurov about 4 years ago
this fix uses descr field name instead of desc,
it's included in the $cdata_fields of xmlparser.inc:
https://github.com/pfsense/FreeBSD-ports/pull/837
Updated by Jim Pingle about 4 years ago
- Status changed from New to Pull Request Review
Updated by Renato Botelho almost 4 years ago
- Status changed from Pull Request Review to Feedback
- Assignee set to Renato Botelho
- % Done changed from 0 to 100
PR has been merged. Thanks!
Updated by Viktor Gurov almost 4 years ago
- Status changed from Feedback to Resolved
tested acme 0.6.7 - now you can use any characters in the Description field