Project

General

Profile

Actions

Bug #14458

closed

PHP error in IPsec tunnels list

Added by Steve Wilson over 1 year ago. Updated over 1 year ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
IPsec
Target version:
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
23.05.1
Release Notes:
Default
Affected Version:
2.7.0
Affected Architecture:

Description

The following PHP error is thrown when accessing the IPsec Tunnels page:

Crash report begins. Anonymous machine information:

amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT #1 plus-RELENG_23_05-n256102-7cd3d043045: Mon May 22 06:35:01 UTC 2023 root@freebsd:/var/jenkins/workspace/pfSense-Plus-snapshots-23_05-main/obj/amd64/LkEyii3W/var/jenkins/workspace/pfSense-Plus-snapshots-23_05-main/sources/FreeBS

Crash report details:

PHP Errors:
[06-Jun-2023 17:25:38 America/Los_Angeles] PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/vpn_ipsec.php:411
Stack trace:
#0 {main}
thrown in /usr/local/www/vpn_ipsec.php on line 411
[06-Jun-2023 17:25:52 America/Los_Angeles] PHP Fatal error: Uncaught TypeError: Cannot access offset of type string on string in /usr/local/www/vpn_ipsec.php:411
Stack trace:
#0 {main}
thrown in /usr/local/www/vpn_ipsec.php on line 411


Steps to reproduce:

1. From top menu navigate to VPN -> IPsec
2. Error is shown in IPsec Tunnels table under P1 Protocol table heading

NB: no IPsec tunnels have been configured on this machine yet. Possibly related to an as yet empty/unpopulated field in the config file?

Actions #1

Updated by Marcos M over 1 year ago

  • Category changed from VPN (Multiple Types) to IPsec
  • Affected Architecture deleted (amd64)

Would you provide the contents of the <ipsec> section in /conf/config.xml file? Make sure to redact any sensitive info.

Actions #2

Updated by Steve Wilson over 1 year ago

<ipsec>
<phase1>
<disabled></disabled>
<encryption>
<item>
<encryption-algorithm></encryption-algorithm>
<hash-algorithm></hash-algorithm>
<dhgroup></dhgroup>
</item>
</encryption>
<protocol>inet</protocol>
<reauth_time>0</reauth_time>
</phase1>
<logging>
<dmn>1</dmn>
<mgr>1</mgr>
<ike>1</ike>
<chd>1</chd>
<job>1</job>
<cfg>1</cfg>
<knl>1</knl>
<net>1</net>
<asn>1</asn>
<enc>1</enc>
<imc>1</imc>
<imv>1</imv>
<pts>1</pts>
<tls>1</tls>
<esp>1</esp>
<lib>1</lib>
</logging>
<vtimaps></vtimaps>
</ipsec>

Actions #3

Updated by Jim Pingle over 1 year ago

  • Project changed from pfSense Plus to pfSense
  • Category changed from IPsec to IPsec
  • Status changed from New to Confirmed
  • Assignee set to Jim Pingle
  • Target version set to 2.7.0
  • Affected Plus Version deleted (23.05)
  • Plus Target Version set to 23.05.1

That Phase 1 entry in the config is invalid, not sure where it came from. It's full of empty tags that aren't possible to get from the GUI. May have been some other past bug that led to it.

Here is the problem entry with fixed formatting so it's easier to drop into a test config:

        <phase1>
            <disabled></disabled>
            <encryption>
                <item>
                    <encryption-algorithm></encryption-algorithm>
                    <hash-algorithm></hash-algorithm>
                    <dhgroup></dhgroup>
                </item>
            </encryption>
            <protocol>inet</protocol>
            <reauth_time>0</reauth_time>
        </phase1>
Actions #4

Updated by Jim Pingle over 1 year ago

  • Status changed from Confirmed to Feedback
  • % Done changed from 0 to 100
Actions #5

Updated by Steve Wilson over 1 year ago

After applying the patch the PHP error has been resolved. Thanks for the quick fix.

Actions #6

Updated by Danilo Zrenjanin over 1 year ago

  • Status changed from Feedback to Resolved

I could reproduce the issue.

23.05-RELEASE (amd64)
built on Mon May 22 15:04:36 UTC 2023
FreeBSD 14.0-CURRENT

The patch indeed fixes it. I am marking this ticket resolved.

Actions #7

Updated by Jim Pingle over 1 year ago

  • Subject changed from PHP Error When Accessing IPsec Tunnels Page to PHP error in IPsec tunnels list

Updating subject for release notes.

Actions #8

Updated by Jim Pingle over 1 year ago

  • Affected Version set to 2.7.0
Actions

Also available in: Atom PDF