/src/usr/local/www/xmlrpc.php - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/usr/local/www/xmlrpc.php @ 35bc0edf

-d49018
+<?php
 /*
-            c5d81585
+ * xmlrpc.php
-cb31d
+            Stephen Beaver
-            c5d81585
+ * part of pfSense (https://www.pfsense.org)
-d47
+ * Copyright (c) 2004-2013 BSD Perimeter
  * Copyright (c) 2013-2016 Electric Sheep Fencing
-d79e
+ * Copyright (c) 2014-2020 Rubicon Communications, LLC (Netgate)
-            c5d81585
+ * Copyright (c) 2005 Colin Smith
  * All rights reserved.
-cb31d
+            Stephen Beaver
-            b12ea3fb
+ * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
-cb31d
+            Stephen Beaver
-            b12ea3fb
+ * http://www.apache.org/licenses/LICENSE-2.0
-cb31d
+            Stephen Beaver
-            b12ea3fb
+ * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
-cb31d
+ */
-d49018
+            Colin Smith
-b07c15a
+##|+PRIV
 ##|*IDENT=page-xmlrpclibrary
-f468
+##|*NAME=XMLRPC Library
-b07c15a
+##|*DESCR=Allow access to the 'XMLRPC Library' page.
 ##|*MATCH=xmlrpc.php*
 ##|-PRIV
-            c81ef6e2
+require_once("config.inc");
 require_once("functions.inc");
-            f81e7cc4
+require_once("auth.inc");
-            f6339216
+require_once("filter.inc");
-            c81ef6e2
+require_once("ipsec.inc");
 require_once("vpn.inc");
-cab6335
+require_once("captiveportal.inc");
-            c81ef6e2
+require_once("shaper.inc");
-            f81e7cc4
+require_once("XML/RPC2/Server.php");
-d49018
+            Colin Smith
-            f81e7cc4
+class pfsense_xmlrpc_server {
-            c87f4b70
+            Ermal
-            f81e7cc4
+	private $loop_detected = false;
 	private $remote_addr;
-            c87f4b70
+            Ermal
-            dc5f639f
+	private function auth() {
-            f81e7cc4
+		global $config;
-            dc5f639f
+		$username = $_SERVER['PHP_AUTH_USER'];
 		$password = $_SERVER['PHP_AUTH_PW'];
-da3de34
+            Colin Smith
-            fb1234ab
+		$login_ok = false;
-            f81e7cc4
+		if (!empty($username) && !empty($password)) {
 			$attributes = array();
 			$authcfg = auth_get_authserver(
 			    $config['system']['webgui']['authmode']);
-            c3638879
+            Scott Ullrich
-            f81e7cc4
+			if (authenticate_user($username, $password,
 			    $authcfg, $attributes) ||
 			    authenticate_user($username, $password)) {
-            fb1234ab
+				$login_ok = true;
-            f81e7cc4
+            Renato Botelho
+		}
-dd2a278
+            Scott Ullrich
-            fb1234ab
+		if (!$login_ok) {
-e0d4751
+			log_auth(sprintf(gettext("webConfigurator authentication error for user '%1\$s' from: %2\$s"),
 			    $username,
 			    $this->remote_addr));
-f46d8
+            Ermal
-            fb1234ab
+			require_once("XML/RPC2/Exception.php");
 			throw new XML_RPC2_FaultException(gettext(
 			    'Authentication failed: Invalid username or password'),
 			    -1);
+		}
 		$user_entry = getUserEntry($username);
 		/*
 		 * admin (uid = 0) is allowed
 		 * or regular user with necessary privilege
 		 */
 		if (isset($user_entry['uid']) && $user_entry['uid'] != '0' &&
 		    !userHasPrivilege($user_entry, 'system-xmlrpc-ha-sync')) {
 			log_auth("webConfigurator authentication error for '" .
 			    $username . "' from " . $this->remote_addr .
 			    " not enough privileges");
 			require_once("XML/RPC2/Exception.php");
 			throw new XML_RPC2_FaultException(gettext(
 			    'Authentication failed: not enough privileges'),
 			    -2);
+		}
 		return;
-dd2a278
+            Scott Ullrich
-            f81e7cc4
+            Renato Botelho
 	private function array_overlay($a1, $a2) {
 		foreach ($a1 as $k => $v) {
 			if (!array_key_exists($k, $a2)) {
 				continue;
+			}
 			if (is_array($v) && is_array($a2[$k])) {
 				$a1[$k] = $this->array_overlay($v, $a2[$k]);
 			} else {
 				$a1[$k] = $a2[$k];
+			}
+		}
 		return $a1;
-f215d
+            Phil Davis
-            c3638879
+            Scott Ullrich
-            f81e7cc4
+	public function __construct() {
 		global $config;
-            c3638879
+            Scott Ullrich
-            f82f991c
+		$this->remote_addr = $_SERVER['REMOTE_ADDR'];
-f46d8
+            Ermal
-            f81e7cc4
+		/* grab sync to ip if enabled */
 		if (isset($config['hasync']['synchronizetoip']) &&
-d44b2cb
+		    $config['hasync']['synchronizetoip'] == $this->remote_addr) {
-            f81e7cc4
+			$this->loop_detected = true;
+		}
-dd2a278
+            Scott Ullrich
-f46d8
+            Ermal
-            f81e7cc4
+	/**
 	 * Get host version information
+	 *
 	 * @return array
 	 */
-            dc5f639f
+	public function host_firmware_version($dummy = 1) {
 		$this->auth();
-            f81e7cc4
+		return host_firmware_version();
+	}
-dc3a7d
+            Colin Smith
-            f81e7cc4
+	/**
 	 * Executes a PHP block of code
+	 *
 	 * @param string $code
+	 *
 	 * @return bool
 	 */
-            dc5f639f
+	public function exec_php($code) {
 		$this->auth();
-f46d8
+            Ermal
-            f81e7cc4
+		eval($code);
 		if ($toreturn) {
 			return $toreturn;
+		}
-            c87f4b70
+            Ermal
-            f81e7cc4
+		return true;
-dd2a278
+            Scott Ullrich
-f46d8
+            Ermal
-            f81e7cc4
+	/**
 	 * Executes shell commands
+	 *
 	 * @param string $code
+	 *
 	 * @return bool
 	 */
-            dc5f639f
+	public function exec_shell($code) {
 		$this->auth();
-d49018
+            Colin Smith
-            f81e7cc4
+		mwexec($code);
 		return true;
+	}
-dc3a7d
+            Colin Smith
-            f81e7cc4
+	/**
 	 * Backup chosen config sections
+	 *
 	 * @param array $section
+	 *
 	 * @return array
 	 */
-            dc5f639f
+	public function backup_config_section($section) {
 		$this->auth();
-f46d8
+            Ermal
-            f81e7cc4
+		global $config;
-            d026178f
+            Renato Botelho
-            f81e7cc4
+		return array_intersect_key($config, array_flip($section));
-            fb0eb20b
+            Ermal
-            c87f4b70
+            Ermal
-            f81e7cc4
+	/**
 	 * Restore defined config section into local config
+	 *
 	 * @param array $sections
+	 *
 	 * @return bool
 	 */
-            dc5f639f
+	public function restore_config_section($sections) {
 		$this->auth();
-            f81e7cc4
+            Renato Botelho
-cab6335
+		global $config, $cpzone, $cpzoneid;
-b99e1e5
+            jim-p
-            f81e7cc4
+		$old_config = $config;
 		$old_ipsec_enabled = ipsec_enabled();
 		if ($this->loop_detected) {
 			log_error("Disallowing CARP sync loop");
 			return true;
+		}
 		/*
 		 * Some sections should just be copied and not merged or we end
 		 * up unable to sync the deletion of the last item in a section
 		 */
 		$sync_full_sections = array(
 			'aliases',
 			'ca',
 			'cert',
 			'crl',
 			'dhcpd',
 			'dhcpv6',
-            c9a96f16
+			'dnshaper',
-            f81e7cc4
+			'dnsmasq',
 			'filter',
 			'ipsec',
 			'nat',
 			'openvpn',
 			'schedules',
-            c9a96f16
+			'shaper',
-            f81e7cc4
+			'unbound',
 			'wol',
 		);
 		$syncd_full_sections = array();
 		foreach ($sync_full_sections as $section) {
 			if (!isset($sections[$section])) {
 				continue;
+			}
 			$config[$section] = $sections[$section];
 			unset($sections[$section]);
 			$syncd_full_sections[] = $section;
-b99e1e5
+            jim-p
-cab6335
+		/* Create a list of CP zones to be deleted locally */
 		$cp_to_del = array();
 		if (is_array($config['captiveportal'])) {
 			if (is_array($sections['captiveportal'])) {
 				$remote_cp = $sections['captiveportal'];
 			} else {
 				$remote_cp = array();
+			}
 			foreach ($config['captiveportal'] as $zone => $item) {
 				if (!isset($remote_cp[$zone])) {
 					$cp_to_del[] = $zone;
+				}
+			}
 			unset($remote_cp);
+		}
-            d3cc158c
+		/* Only touch users if users are set to synchronize from the primary node
 		 * See https://redmine.pfsense.org/issues/8450
 		 */
 		if ($sections['system']['user'] && $sections['system']['group']) {
 			$g2add = array();
 			$g2del = array();
 			$g2del_idx = array();
 			$g2keep = array();
 			if (is_array($sections['system']['group'])) {
 				$local_groups = isset($config['system']['group'])
 				    ? $config['system']['group']
 				    : array();
 				foreach ($sections['system']['group'] as $group) {
 					$idx = array_search($group['name'],
 					    array_column($local_groups, 'name'));
 					if ($idx === false) {
 						$g2add[] = $group;
 					} else if ($group['gid'] < 1999) {
 						$g2keep[] = $idx;
 					} else if ($group != $local_groups[$idx]) {
 						$g2add[] = $group;
 						$g2del[] = $group;
 						$g2del_idx[] = $idx;
 					} else {
 						$g2keep[] = $idx;
+					}
-f7bc7f
+            Renato Botelho
+			}
-            d3cc158c
+			if (is_array($config['system']['group'])) {
 				foreach ($config['system']['group'] as $idx => $group) {
 					if (array_search($idx, $g2keep) === false &&
 					    array_search($idx, $g2del_idx) === false) {
 						$g2del[] = $group;
 						$g2del_idx[] = $idx;
+					}
-f7bc7f
+            Renato Botelho
+			}
-            d3cc158c
+			unset($sections['system']['group'], $g2keep, $g2del_idx);
 			$u2add = array();
 			$u2del = array();
 			$u2del_idx = array();
 			$u2keep = array();
 			if (is_array($sections['system']['user'])) {
 				$local_users = isset($config['system']['user'])
 				    ? $config['system']['user']
 				    : array();
 				foreach ($sections['system']['user'] as $user) {
 					$idx = array_search($user['name'],
 					    array_column($local_users, 'name'));
 					if ($idx === false) {
 						$u2add[] = $user;
 					} else if ($user['uid'] < 2000) {
 						$u2keep[] = $idx;
 					} else if ($user != $local_users[$idx]) {
 						$u2add[] = $user;
 						$u2del[] = $user;
 						$u2del_idx[] = $idx;
 					} else {
 						$u2keep[] = $idx;
+					}
-f7bc7f
+            Renato Botelho
+			}
-            d3cc158c
+			if (is_array($config['system']['user'])) {
 				foreach ($config['system']['user'] as $idx => $user) {
 					if (array_search($idx, $u2keep) === false &&
 					    array_search($idx, $u2del_idx) === false) {
 						$u2del[] = $user;
 						$u2del_idx[] = $idx;
+					}
-f7bc7f
+            Renato Botelho
+			}
-            d3cc158c
+			unset($sections['system']['user'], $u2keep, $u2del_idx);
-f7bc7f
+            Renato Botelho
-            b8963db6
+		$voucher = array();
 		if (is_array($sections['voucher'])) {
 			/* Save voucher rolls to process after merge */
 			$voucher = $sections['voucher'];
 			foreach($sections['voucher'] as $zone => $item) {
 				unset($sections['voucher'][$zone]['roll']);
 				if (isset($config['voucher'][$zone]['vouchersyncdbip'])) {
 					$sections['voucher'][$zone]['vouchersyncdbip'] =
 					    $config['voucher'][$zone]['vouchersyncdbip'];
 				} else {
 					unset($sections['voucher'][$zone]['vouchersyncdbip']);
+				}
 				if (isset($config['voucher'][$zone]['vouchersyncport'])) {
 					$sections['voucher'][$zone]['vouchersyncport'] =
 					    $config['voucher'][$zone]['vouchersyncport'];
 				} else {
 					unset($sections['voucher'][$zone]['vouchersyncport']);
+				}
 				if (isset($config['voucher'][$zone]['vouchersyncusername'])) {
 					$sections['voucher'][$zone]['vouchersyncusername'] =
 					    $config['voucher'][$zone]['vouchersyncusername'];
 				} else {
 					unset($sections['voucher'][$zone]['vouchersyncusername']);
+				}
 				if (isset($config['voucher'][$zone]['vouchersyncpass'])) {
 					$sections['voucher'][$zone]['vouchersyncpass'] =
 					    $config['voucher'][$zone]['vouchersyncpass'];
 				} else {
 					unset($sections['voucher'][$zone]['vouchersyncpass']);
+				}
+			}
+		}
-            f81e7cc4
+		$vipbackup = array();
 		$oldvips = array();
 		if (isset($sections['virtualip']) &&
 		    is_array($config['virtualip']['vip'])) {
 			foreach ($config['virtualip']['vip'] as $vip) {
-            c14781e3
+				if ($vip['mode'] == "carp") {
-            f81e7cc4
+					$key = $vip['interface'] .
 					    "_vip" . $vip['vhid'];
 					$oldvips[$key]['content'] =
 					    $vip['password'] .
 					    $vip['advskew'] .
 					    $vip['subnet'] .
 					    $vip['subnet_bits'] .
 					    $vip['advbase'];
 					$oldvips[$key]['interface'] =
 					    $vip['interface'];
 					$oldvips[$key]['subnet'] =
 					    $vip['subnet'];
 				} else if ($vip['mode'] == "ipalias" &&
 				    (substr($vip['interface'], 0, 4) == '_vip'
 				    || strstr($vip['interface'], "lo0"))) {
 					$oldvips[$vip['subnet']]['content'] =
 					    $vip['interface'] .
 					    $vip['subnet'] .
 					    $vip['subnet_bits'];
 					$oldvips[$vip['subnet']]['interface'] =
 					    $vip['interface'];
 					$oldvips[$vip['subnet']]['subnet'] =
 					    $vip['subnet'];
 				} else if (($vip['mode'] == "ipalias" ||
 				    $vip['mode'] == 'proxyarp') &&
 				    !(substr($vip['interface'], 0, 4) == '_vip')
 				    || strstr($vip['interface'], "lo0")) {
-            51611440
+					$vipbackup[] = $vip;
-            c14781e3
+            Renato Botelho
-            51611440
+            Ermal
-b5c3e7
+            Ermal
-            f51d4f98
+            Ermal
-            f81e7cc4
+		/* For vip section, first keep items sent from the master */
 		$config = array_merge_recursive_unique($config, $sections);
-            51611440
+            Ermal
-cab6335
+		/* Remove local CP zones removed remote */
 		foreach ($cp_to_del as $zone) {
 			$cpzone = $zone;
 			$cpzoneid = $config['captiveportal'][$cpzone]['zoneid'];
 			unset($config['captiveportal'][$cpzone]['enable']);
 			captiveportal_configure_zone(
 			    $config['captiveportal'][$cpzone]);
 			unset($config['captiveportal'][$cpzone]);
 			if (isset($config['voucher'][$cpzone])) {
 				unset($config['voucher'][$cpzone]);
+			}
+		}
-            b8963db6
+		/* Remove locally items removed remote */
 		foreach ($voucher as $zone => $item) {
 			/* No rolls on master, delete local ones */
 			if (!is_array($item['roll'])) {
 				unset($config['voucher'][$zone]['roll']);
+			}
+		}
 		$l_rolls = array();
 		if (is_array($config['voucher'])) {
 			foreach ($config['voucher'] as $zone => $item) {
 				if (!is_array($item['roll'])) {
 					continue;
+				}
 				foreach ($item['roll'] as $idx => $roll) {
 					/* Make it easy to find roll by # */
 					$l_rolls[$zone][$roll['number']] = $idx;
+				}
+			}
+		}
 		/*
 		 * Process vouchers sent by primary node and:
 		 * - Add new items
 		 * - Update existing items based on 'lastsync' field
 		 */
 		foreach ($voucher as $zone => $item) {
 			if (!is_array($item['roll'])) {
 				continue;
+			}
 			foreach ($item['roll'] as $idx => $roll) {
 				if (!isset($l_rolls[$zone][$roll['number']])) {
 					$config['voucher'][$zone]['roll'][] =
 					    $roll;
 					continue;
+				}
 				$l_roll_idx = $l_rolls[$zone][$roll['number']];
-            c6c398c6
+				init_config_arr(array('voucher', $zone));
-            b8963db6
+				$l_vouchers = &$config['voucher'][$zone];
 				$l_roll = $l_vouchers['roll'][$l_roll_idx];
 				if (!isset($l_roll['lastsync'])) {
 					$l_roll['lastsync'] = 0;
+				}
 				if (isset($roll['lastsync']) &&
 				    $roll['lastsync'] != $l_roll['lastsync']) {
 					$l_vouchers['roll'][$l_roll_idx] =
 					    $roll;
 					unset($l_rolls[$zone][$roll['number']]);
+				}
+			}
+		}
 		/*
 		 * At this point $l_rolls contains only items that are not
 		 * present on primary node. They must be removed
 		 */
 		foreach ($l_rolls as $zone => $item) {
 			foreach ($item as $number => $idx) {
 				unset($config['voucher'][$zone][$idx]);
+			}
+		}
-            f81e7cc4
+		/*
 		 * Then add ipalias and proxyarp types already defined
 		 * on the backup
 		 */
 		if (is_array($vipbackup) && !empty($vipbackup)) {
 			if (!is_array($config['virtualip'])) {
 				$config['virtualip'] = array();
+			}
 			if (!is_array($config['virtualip']['vip'])) {
 				$config['virtualip']['vip'] = array();
+			}
 			foreach ($vipbackup as $vip) {
 				array_unshift($config['virtualip']['vip'], $vip);
+			}
-f215d
+            Phil Davis
-            51611440
+            Ermal
-            f81e7cc4
+		/* Log what happened */
-cb29dac
+		$mergedkeys = implode(", ", array_merge(array_keys($sections),
-            f81e7cc4
+		    $syncd_full_sections));
 		write_config(sprintf(gettext(
 		    "Merged in config (%s sections) from XMLRPC client."),
 		    $mergedkeys));
 		/*
 		 * The real work on handling the vips specially
 		 * This is a copy of intefaces_vips_configure with addition of
 		 * not reloading existing/not changed carps
 		 */
 		if (isset($sections['virtualip']) &&
 		    is_array($config['virtualip']) &&
 		    is_array($config['virtualip']['vip'])) {
 			$carp_setuped = false;
 			$anyproxyarp = false;
 			foreach ($config['virtualip']['vip'] as $vip) {
 				$key = "{$vip['interface']}_vip{$vip['vhid']}";
 				if ($vip['mode'] == "carp" &&
 				    isset($oldvips[$key])) {
 					if ($oldvips[$key]['content'] ==
 					    $vip['password'] .
 					    $vip['advskew'] .
 					    $vip['subnet'] .
 					    $vip['subnet_bits'] .
 					    $vip['advbase'] &&
 					    does_vip_exist($vip)) {
 						unset($oldvips[$key]);
 						/*
 						 * Skip reconfiguring this vips
 						 * since nothing has changed.
 						 */
 						continue;
-ed1624
+            Ermal
-fda51cd
+            jim-p
-            f81e7cc4
+				} elseif ($vip['mode'] == "ipalias" &&
-fda51cd
+				    (substr($vip['interface'], 0, 4) == '_vip'
 				    || strstr($vip['interface'], "lo0")) &&
-            f81e7cc4
+				    isset($oldvips[$vip['subnet']])) {
 					$key = $vip['subnet'];
 					if ($oldvips[$key]['content'] ==
 					    $vip['interface'] .
 					    $vip['subnet'] .
 					    $vip['subnet_bits'] &&
 					    does_vip_exist($vip)) {
 						unset($oldvips[$key]);
 						/*
 						 * Skip reconfiguring this vips
 						 * since nothing has changed.
 						 */
 						continue;
-a5cf
+            Ermal
-            f81e7cc4
+					unset($oldvips[$key]);
-a5cf
+            Ermal
-            51611440
+            Ermal
-            f81e7cc4
+				switch ($vip['mode']) {
-f215d
+				case "proxyarp":
 					$anyproxyarp = true;
 					break;
 				case "ipalias":
 					interface_ipalias_configure($vip);
 					break;
 				case "carp":
-            f81e7cc4
+					$carp_setuped = true;
-f215d
+					interface_carp_configure($vip);
 					break;
-            f81e7cc4
+            Renato Botelho
-            51611440
+            Ermal
-            f81e7cc4
+            Renato Botelho
 			/* Cleanup remaining old carps */
 			foreach ($oldvips as $oldvipar) {
 				$oldvipif = get_real_interface(
 				    $oldvipar['interface']);
 				if (empty($oldvipif)) {
 					continue;
+				}
-f215d
+				if (is_ipaddrv6($oldvipar['subnet'])) {
-            f81e7cc4
+					 mwexec("/sbin/ifconfig " .
 					     escapeshellarg($oldvipif) .
 					     " inet6 " .
 					     escapeshellarg($oldvipar['subnet']) .
 					     " delete");
-f215d
+				} else {
-            f81e7cc4
+					pfSense_interface_deladdress($oldvipif,
 					    $oldvipar['subnet']);
-f215d
+            Phil Davis
-            e3cffd6c
+            Ermal LUÇI
-            f81e7cc4
+			if ($carp_setuped == true) {
 				interfaces_sync_setup();
+			}
 			if ($anyproxyarp == true) {
 				interface_proxyarp_configure();
+			}
-            51611440
+            Ermal
-            f81e7cc4
+            Renato Botelho
 		if ($old_ipsec_enabled !== ipsec_enabled()) {
-            c6220dcf
+			ipsec_configure();
-f215d
+            Phil Davis
-f46d8
+            Ermal
-            f81e7cc4
+		unset($old_config);
-f7bc7f
+		local_sync_accounts($u2add, $u2del, $g2add, $g2del);
-fead243
+		$this->filter_configure(false);
-f7bc7f
+            Renato Botelho
-            f81e7cc4
+		return true;
-f215d
+            Phil Davis
-            d026178f
+            Renato Botelho
-            f81e7cc4
+	/**
 	 * Merge items into installedpackages config section
+	 *
 	 * @param array $section
+	 *
 	 * @return bool
 	 */
-            dc5f639f
+	public function merge_installedpackages_section($section) {
 		$this->auth();
-            d026178f
+            Renato Botelho
-            f81e7cc4
+		global $config;
-d49018
+            Colin Smith
-            f81e7cc4
+		if ($this->loop_detected) {
 			log_error("Disallowing CARP sync loop");
 			return true;
+		}
-ae5cfc
+            Scott Ullrich
-            f81e7cc4
+		$config['installedpackages'] = array_merge(
 		    $config['installedpackages'], $section);
-cb29dac
+		$mergedkeys = implode(", ", array_keys($section));
-            f81e7cc4
+		write_config(sprintf(gettext(
 		    "Merged in config (%s sections) from XMLRPC client."),
 		    $mergedkeys));
-f46d8
+            Ermal
-            f81e7cc4
+		return true;
-            fb0eb20b
+            Ermal
-            c87f4b70
+            Ermal
-            f81e7cc4
+	/**
 	 * Merge items into config
+	 *
 	 * @param array $section
+	 *
 	 * @return bool
 	 */
-            dc5f639f
+	public function merge_config_section($section) {
 		$this->auth();
-f46d8
+            Ermal
-            f81e7cc4
+		global $config;
-ae5cfc
+            Scott Ullrich
-            f81e7cc4
+		if ($this->loop_detected) {
 			log_error("Disallowing CARP sync loop");
 			return true;
+		}
-            dc1cd85d
+            Scott Ullrich
-            f81e7cc4
+		$config_new = $this->array_overlay($config, $section);
 		$config = $config_new;
-cb29dac
+		$mergedkeys = implode(", ", array_keys($section));
-            f81e7cc4
+		write_config(sprintf(gettext(
 		    "Merged in config (%s sections) from XMLRPC client."),
 		    $mergedkeys));
-            c87f4b70
+            Ermal
-            f81e7cc4
+		return true;
-            fb0eb20b
+            Ermal
-            c87f4b70
+            Ermal
-            f81e7cc4
+	/**
 	 * Wrapper for filter_configure()
+	 *
 	 * @return bool
-b5da70
+	 */
-f7bc7f
+	public function filter_configure($reset_accounts = true) {
-            dc5f639f
+		$this->auth();
-            f81e7cc4
+            Renato Botelho
 		global $g, $config;
 		filter_configure();
 		system_routing_configure();
 		setup_gateways_monitor();
 		require_once("openvpn.inc");
 		openvpn_resync_all();
 		/*
 		 * The DNS Resolver and the DNS Forwarder may both be active so
 		 * long as * they are running on different ports.
 		 * See ticket #5882
 		 */
 		if (isset($config['dnsmasq']['enable'])) {
 			/* Configure dnsmasq but tell it NOT to restart DHCP */
 			services_dnsmasq_configure(false);
 		} else {
 			/* kill any running dnsmasq instance */
 			if (isvalidpid("{$g['varrun_path']}/dnsmasq.pid")) {
 				sigkillbypid("{$g['varrun_path']}/dnsmasq.pid",
 				    "TERM");
+			}
-b5da70
+            jim-p
-            f81e7cc4
+		if (isset($config['unbound']['enable'])) {
 			/* Configure unbound but tell it NOT to restart DHCP */
 			services_unbound_configure(false);
 		} else {
 			/* kill any running Unbound instance */
 			if (isvalidpid("{$g['varrun_path']}/unbound.pid")) {
 				sigkillbypid("{$g['varrun_path']}/unbound.pid",
 				    "TERM");
+			}
-b5da70
+            jim-p
-f46d8
+            Ermal
-            f81e7cc4
+		/*
 		 * Call this separately since the above are manually set to
 		 * skip the DHCP restart they normally perform.
 		 * This avoids restarting dhcpd twice as described on
 		 * ticket #3797
 		 */
 		services_dhcpd_configure();
-f46d8
+            Ermal
-f7bc7f
+		if ($reset_accounts) {
 			local_reset_accounts();
+		}
-            c87f4b70
+            Ermal
-cab6335
+		captiveportal_configure();
-            f81e7cc4
+		return true;
-dd2a278
+            Scott Ullrich
-f46d8
+            Ermal
-            f81e7cc4
+	/**
 	 * Wrapper for configuring CARP interfaces
+	 *
 	 * @return bool
 	 */
-            dc5f639f
+	public function interfaces_carp_configure() {
 		$this->auth();
-            efe7562e
+            Scott Ullrich
-            f81e7cc4
+		if ($this->loop_detected) {
 			log_error("Disallowing CARP sync loop");
 			return true;
+		}
-            0567899d
+            Ermal
-            f81e7cc4
+		interfaces_vips_configure();
-            e501de37
+            Ermal
-            f81e7cc4
+		return true;
+	}
-            e501de37
+            Ermal
-            f81e7cc4
+	/**
 	 * Wrapper for rc.reboot
+	 *
 	 * @return bool
 	 */
-            dc5f639f
+	public function reboot() {
 		$this->auth();
-            e501de37
+            Ermal
-            f81e7cc4
+		mwexec_bg("/etc/rc.reboot");
-f46d8
+            Ermal
-            f81e7cc4
+		return true;
-dd2a278
+            Scott Ullrich
-            d9064267
+            Colin Smith
-            f3f98e97
+// run script until its done and can 'unlock' the xmlrpc.lock, this prevents hanging php-fpm / webgui
-b0
+ignore_user_abort(true);
-af2d
+set_time_limit(0);
-d78c87
+$xmlrpclockkey = lock('xmlrpc', LOCK_EX);
-            f81e7cc4
+XML_RPC2_Backend::setBackend('php');
 $HTTP_RAW_POST_DATA = file_get_contents('php://input');
 $options = array(
 	'prefix' => 'pfsense.',
 	'encoding' => 'utf-8',
-f78ae1d
+	'autoDocument' => false,
-d49018
+);
-            b298dd06
+            Scott Ullrich
-            f81e7cc4
+$server = XML_RPC2_Server::create(new pfsense_xmlrpc_server(), $options);
 $server->handleCall();
-d78c87
+            Ermal
-            f81e7cc4
+unlock($xmlrpclockkey);
-b581a8a
+            Scott Ullrich
-            de63649b
+?>

Project

General

Profile

pfSense