Actions
Bug #15384
closedReordering IPsec Phase 2 entries may result in a malformed configuration
Start date:
Due date:
% Done:
100%
Estimated time:
Plus Target Version:
24.03
Release Notes:
Default
Affected Version:
Affected Architecture:
Description
Changing the order of phase2 entries for the tunnels and saving produces bad config and results in "configuration restore" events.
Files
Related issues
Updated by Georgiy Tyutyunnik 8 months ago
- Related to Bug #15157: PHP error when generating a notification after detecting a malformed configuration added
Updated by Lev Prokofev 8 months ago
I can confirm this behavior on
23.09.1-RELEASE (amd64) built on Wed Dec 20 21:27:00 MSK 2023 FreeBSD 14.0-CURRENT
To replicate it you just need to select one of the P2 entries and click on the anchor icon.
Crash report begins. Anonymous machine information:
amd64
14.0-CURRENT
FreeBSD 14.0-CURRENT amd64 1400094 #1 plus-RELENG_23_09_1-n256200-3de1e293f3a: Wed Dec 6 21:00:32 UTC 2023 root@freebsd:/var/jenkins/workspace/pfSense-Plus-snapshots-23_09_1-main/obj/amd64/Obhu6gXB/var/jenkins/workspace/pfSense-Plus-snapshots-23_09_1
Crash report details:
PHP Errors:
[06-Apr-2024 08:17:54 Europe/Moscow] PHP Fatal error: Uncaught TypeError: array_path_enabled(): Argument #1 ($arr) must be of type array, int given, called in /etc/inc/config.lib.inc on line 1264 and defined in /etc/inc/util.inc:3748
Stack trace:
#0 /etc/inc/config.lib.inc(1264): array_path_enabled(-1, 'notifications/s...', 'disable')
#1 /etc/inc/notices.inc(379): config_path_enabled('notifications/s...', 'disable')
#2 /etc/inc/notices.inc(662): notify_via_smtp('Netgate pfSense...')
#3 /etc/inc/notices.inc(151): notify_all_remote('Netgate pfSense...')
#4 /etc/inc/config.lib.inc(239): file_notice('config.xml', 'Netgate pfSense...', 'pfSenseConfigur...', '')
#5 /etc/inc/config.lib.inc(695): restore_backup('/cf/conf/backup...')
#6 /usr/local/www/vpn_ipsec.php(264): write_config('Saved configura...')
#7 {main}
thrown in /etc/inc/util.inc on line 3748
[06-Apr-2024 08:17:54 Europe/Moscow] PHP Fatal error: Uncaught TypeError: array_path_enabled(): Argument #1 ($arr) must be of type array, int given, called in /etc/inc/config.lib.inc on line 1264 and defined in /etc/inc/util.inc:3748
Stack trace:
#0 /etc/inc/config.lib.inc(1264): array_path_enabled(-1, 'notifications/s...', 'disable')
#1 /etc/inc/notices.inc(379): config_path_enabled('notifications/s...', 'disable')
#2 /etc/inc/notices.inc(662): notify_via_smtp('PHP ERROR: Type...')
#3 /etc/inc/notices.inc(151): notify_all_remote('PHP ERROR: Type...')
#4 /etc/inc/config.lib.inc(1168): file_notice('phperror', 'PHP ERROR: Type...', 'PHP errors')
#5 [internal function]: pfSense_clear_globals()
#6 {main}
thrown in /etc/inc/util.inc on line 3748
[06-Apr-2024 08:18:10 Europe/Moscow] PHP Fatal error: Uncaught TypeError: array_path_enabled(): Argument #1 ($arr) must be of type array, int given, called in /etc/inc/config.lib.inc on line 1264 and defined in /etc/inc/util.inc:3748
Stack trace:
#0 /etc/inc/config.lib.inc(1264): array_path_enabled(-1, 'notifications/s...', 'disable')
#1 /etc/inc/notices.inc(379): config_path_enabled('notifications/s...', 'disable')
#2 /etc/inc/notices.inc(662): notify_via_smtp('Netgate pfSense...')
#3 /etc/inc/notices.inc(151): notify_all_remote('Netgate pfSense...')
#4 /etc/inc/config.lib.inc(239): file_notice('config.xml', 'Netgate pfSense...', 'pfSenseConfigur...', '')
#5 /etc/inc/config.lib.inc(695): restore_backup('/cf/conf/backup...')
#6 /usr/local/www/vpn_ipsec.php(264): write_config('Saved configura...')
#7 {main}
thrown in /etc/inc/util.inc on line 3748
[06-Apr-2024 08:18:10 Europe/Moscow] PHP Fatal error: Uncaught TypeError: array_path_enabled(): Argument #1 ($arr) must be of type array, int given, called in /etc/inc/config.lib.inc on line 1264 and defined in /etc/inc/util.inc:3748
Stack trace:
#0 /etc/inc/config.lib.inc(1264): array_path_enabled(-1, 'notifications/s...', 'disable')
#1 /etc/inc/notices.inc(379): config_path_enabled('notifications/s...', 'disable')
#2 /etc/inc/notices.inc(662): notify_via_smtp('PHP ERROR: Type...')
#3 /etc/inc/notices.inc(151): notify_all_remote('PHP ERROR: Type...')
#4 /etc/inc/config.lib.inc(1168): file_notice('phperror', 'PHP ERROR: Type...', 'PHP errors')
#5 [internal function]: pfSense_clear_globals()
#6 {main}
thrown in /etc/inc/util.inc on line 3748
[06-Apr-2024 08:18:41 Europe/Moscow] PHP Fatal error: Uncaught TypeError: array_path_enabled(): Argument #1 ($arr) must be of type array, int given, called in /etc/inc/config.lib.inc on line 1264 and defined in /etc/inc/util.inc:3748
Stack trace:
#0 /etc/inc/config.lib.inc(1264): array_path_enabled(-1, 'notifications/s...', 'disable')
#1 /etc/inc/notices.inc(379): config_path_enabled('notifications/s...', 'disable')
#2 /etc/inc/notices.inc(662): notify_via_smtp('Netgate pfSense...')
#3 /etc/inc/notices.inc(151): notify_all_remote('Netgate pfSense...')
#4 /etc/inc/config.lib.inc(239): file_notice('config.xml', 'Netgate pfSense...', 'pfSenseConfigur...', '')
#5 /etc/inc/config.lib.inc(695): restore_backup('/cf/conf/backup...')
#6 /usr/local/www/vpn_ipsec.php(264): write_config('Saved configura...')
#7 {main}
thrown in /etc/inc/util.inc on line 3748
[06-Apr-2024 08:18:41 Europe/Moscow] PHP Fatal error: Uncaught TypeError: array_path_enabled(): Argument #1 ($arr) must be of type array, int given, called in /etc/inc/config.lib.inc on line 1264 and defined in /etc/inc/util.inc:3748
Stack trace:
#0 /etc/inc/config.lib.inc(1264): array_path_enabled(-1, 'notifications/s...', 'disable')
#1 /etc/inc/notices.inc(379): config_path_enabled('notifications/s...', 'disable')
#2 /etc/inc/notices.inc(662): notify_via_smtp('PHP ERROR: Type...')
#3 /etc/inc/notices.inc(151): notify_all_remote('PHP ERROR: Type...')
#4 /etc/inc/config.lib.inc(1168): file_notice('phperror', 'PHP ERROR: Type...', 'PHP errors')
#5 [internal function]: pfSense_clear_globals()
#6 {main}
thrown in /etc/inc/util.inc on line 3748
No FreeBSD crash data found.
Updated by Jim Pingle 8 months ago
- Assignee set to Jim Pingle
- Target version set to 2.8.0
- Plus Target Version set to 24.03
This only happens if you try to move something into the first position. If you move any P2 into any other place it works as expected, moving the selected entry into the spot above the row where the anchor was clicked.
Updated by Jim Pingle 8 months ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 88670c6c167418e7d12b010c0ce8b7d06c2b757f.
Updated by Jim Pingle 8 months ago
- Subject changed from IPSec phase2 reordering doesn't work correctly to Reordering IPsec Phase 2 entries may result in a malformed configuration
Updated by dylan mendez 8 months ago
Confirmed on 2.7.2 change fixes the problem.
Actions