Project

General

Profile

Actions

Bug #10798

closed

Unable to save CP zone named 'VIP'

Added by Viktor Gurov about 1 year ago. Updated about 1 year ago.

Status:
Resolved
Priority:
Normal
Category:
Captive Portal
Target version:
Start date:
07/29/2020
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.5-p1
Affected Architecture:

Description

https://forum.netgate.com/topic/155549/captive-portal-settings-not-saved:
I did more tests, tried to add several captive portal zones, it seems that when I use "VIP" as zone name, it will shows as the capture, i.e. zone name and interface info columns show nothing. When I use other names as zone name, for example "abc" or "test", it will display well.

If mouse is moving over the edit or delete icon of the blank one (the screen capture in last post, VIP zone), I can see the link shows as:

https://192.168.1.1/services_captiveportal.php?zone=vip
https://192.168.1.1/services_captiveportal_zones.php?act=del&zone=vip

If I click "edit", it shows the zone is not enabled (but I did enable it before), I enable it (again), finish the settings in the configuration page, then Save. It is still the same, then I click "edit", it shows the zone is not enabled...

I also checked captive portal config files created via SSH, the zone config file named "vip" does exisit here.

ls l /var/etc/nginx*
rw-r--r- 1 root wheel 2592 Jul 25 09:20 /var/etc/nginx-abc-CaptivePortal-SSL.conf
rw-r--r- 1 root wheel 2099 Jul 25 09:20 /var/etc/nginx-abc-CaptivePortal.conf
rw-r--r- 1 root wheel 2596 Jul 25 09:12 /var/etc/nginx-test-CaptivePortal-SSL.conf
rw-r--r- 1 root wheel 2101 Jul 25 09:12 /var/etc/nginx-test-CaptivePortal.conf
rw-r--r- 1 root wheel 2450 Jul 25 09:13 /var/etc/nginx-vip-CaptivePortal-SSL.conf
rw-r--r- 1 root wheel 1957 Jul 25 09:13 /var/etc/nginx-vip-CaptivePortal.conf
rw-r--r- 1 root wheel 2365 Jul 24 21:48 /var/etc/nginx-webConfigurator.conf

I got the php logs every minute:

Jul 26 18:12:57 php-cgi rc.prunecaptiveportal: vip is not a valid zone in the configuration!


Files

Actions #1

Updated by Viktor Gurov about 1 year ago

config.xml after creating 'VIP' zone:

<captiveportal>
                <vip>VIP</vip>
                <vip></vip>
                <vip></vip>
                <vip>2</vip>
                <vip>lan</vip>
                <vip>test</vip>
                <vip></vip>
                <vip></vip>
                <vip></vip>
                <vip></vip>
                <vip></vip>
                <vip></vip>
                <vip></vip>
                <vip>authserver</vip>
                <vip>ldap - Serv1LDAP</vip>
                <vip></vip>
                <vip>LocalRADIUS</vip>
                <vip></vip>
                <vip></vip>
                <vip></vip>
                <vip></vip>
                <vip>5efaed056f950</vip>
                <vip></vip>
                <vip>default</vip>
                <vip></vip>
                <vip></vip>
                <vip></vip>
        </captiveportal>

Actions #2

Updated by Jim Pingle about 1 year ago

  • Target version set to 2.5.0

It's because the zone name is used as an XML tag in the config, but "vip" is a listtag, meaning it gets treated like an array. We should add input validation to prevent any list tags from being accepted as zone names.

See source:src/etc/inc/xmlparse.inc#L29 -- listtags() and listtags_pkg()

Actions #4

Updated by Jim Pingle about 1 year ago

  • Status changed from New to Pull Request Review
Actions #5

Updated by Renato Botelho about 1 year ago

  • Status changed from Pull Request Review to Feedback
  • Assignee set to Renato Botelho
  • % Done changed from 0 to 100

PR has been merged. Thanks!

Actions #6

Updated by Danilo Zrenjanin about 1 year ago

Tested on:
2.5.0-DEVELOPMENT (amd64)
built on Mon Aug 24 07:02:12 EDT 2020
FreeBSD 12.1-STABLE

I was not able to add the zone named vip, tunnel, user, or any other name from the listtags listing.

I am resolving the ticket.

Actions

Also available in: Atom PDF