/src/etc/inc/config.lib.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/etc/inc/config.lib.inc @ 4bf6e70f

1	12df7edc	Erik	<?php
2	09221bc3	Renato Botelho	/*
3	12df7edc	Erik	config.lib.inc
4	09221bc3	Renato Botelho
5	12df7edc	Erik	Ported from config.inc by Erik Kristensen
6	09221bc3	Renato Botelho
7			part of pfSense (https://www.pfsense.org)
8			Copyright (c) 2004-2016 Electric Sheep Fencing, LLC. All rights reserved.
9	12df7edc	Erik
10			originally part of m0n0wall (http://m0n0.ch/wall)
11			Copyright (C) 2003-2004 Manuel Kasper <mk@neon1.net>.
12			All rights reserved.
13
14			Redistribution and use in source and binary forms, with or without
15			modification, are permitted provided that the following conditions are met:
16
17			1. Redistributions of source code must retain the above copyright notice,
18			this list of conditions and the following disclaimer.
19
20			2. Redistributions in binary form must reproduce the above copyright
21	09221bc3	Renato Botelho	notice, this list of conditions and the following disclaimer in
22			the documentation and/or other materials provided with the
23			distribution.
24
25			3. All advertising materials mentioning features or use of this software
26			must display the following acknowledgment:
27			"This product includes software developed by the pfSense Project
28			for use in the pfSense® software distribution. (http://www.pfsense.org/).
29
30			4. The names "pfSense" and "pfSense Project" must not be used to
31			endorse or promote products derived from this software without
32			prior written permission. For written permission, please contact
33			coreteam@pfsense.org.
34
35			5. Products derived from this software may not be called "pfSense"
36			nor may "pfSense" appear in their names without prior written
37			permission of the Electric Sheep Fencing, LLC.
38
39			6. Redistributions of any form whatsoever must retain the following
40			acknowledgment:
41
42			"This product includes software developed by the pfSense Project
43			for use in the pfSense software distribution (http://www.pfsense.org/).
44
45			THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY
46			EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
47			IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
48			PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR
49			ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
50			SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
51			NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
52			LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
53			HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
54			STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
55			ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
56			OF THE POSSIBILITY OF SUCH DAMAGE.
57	12df7edc	Erik	*/
58
59			/***f config/encrypted_configxml
60			* NAME
61			* encrypted_configxml - Checks to see if config.xml is encrypted and if so, prompts to unlock.
62			* INPUTS
63			* None
64			* RESULT
65			* $config - rewrites config.xml without encryption
66			******/
67			function encrypted_configxml() {
68			global $g, $config;
69	02e9880e	Ermal
70	1e0b1727	Phil Davis	if (!file_exists($g['conf_path'] . "/config.xml")) {
71	02e9880e	Ermal	return;
72	1e0b1727	Phil Davis	}
73	02e9880e	Ermal
74	1e0b1727	Phil Davis	if (!platform_booting()) {
75	02e9880e	Ermal	return;
76	1e0b1727	Phil Davis	}
77	02e9880e	Ermal
78	1e0b1727	Phil Davis	$configtxt = file_get_contents($g['conf_path'] . "/config.xml");
79			if (tagfile_deformat($configtxt, $configtxt, "config.xml")) {
80	02e9880e	Ermal	$fp = fopen('php://stdin', 'r');
81			$data = "";
82			echo "\n\n* Encrypted config.xml detected *\n";
83	1e0b1727	Phil Davis	while ($data == "") {
84	02e9880e	Ermal	echo "\nEnter the password to decrypt config.xml: ";
85			$decrypt_password = chop(fgets($fp));
86			$data = decrypt_data($configtxt, $decrypt_password);
87	1e0b1727	Phil Davis	if (!strstr($data, "<pfsense>")) {
88	12df7edc	Erik	$data = "";
89	1e0b1727	Phil Davis	}
90			if ($data) {
91	02e9880e	Ermal	$fd = fopen($g['conf_path'] . "/config.xml.tmp", "w");
92			fwrite($fd, $data);
93			fclose($fd);
94			exec("/bin/mv {$g['conf_path']}/config.xml.tmp {$g['conf_path']}/config.xml");
95	9d3d8d00	Vinicius Coque	echo "\n" . gettext("Config.xml unlocked.") . "\n";
96	02e9880e	Ermal	fclose($fp);
97	8a811010	Chris Buechler	pfSense_fsync("{$g['conf_path']}/config.xml");
98	02e9880e	Ermal	} else {
99	9d3d8d00	Vinicius Coque	echo "\n" . gettext("Invalid password entered. Please try again.") . "\n";
100	12df7edc	Erik	}
101			}
102			}
103			}
104
105			/***f config/parse_config
106			* NAME
107			* parse_config - Read in config.cache or config.xml if needed and return $config array
108			* INPUTS
109			* $parse - boolean to force parse_config() to read config.xml and generate config.cache
110			* RESULT
111			* $config - array containing all configuration variables
112			******/
113	1295e769	Scott Ullrich	function parse_config($parse = false) {
114	4e9a3392	Scott Ullrich	global $g, $config_parsed, $config_extra;
115	02e9880e	Ermal
116	12df7edc	Erik	$lockkey = lock('config');
117	0af381c2	Scott Ullrich	$config_parsed = false;
118	02e9880e	Ermal
119	12df7edc	Erik	if (!file_exists("{$g['conf_path']}/config.xml") \|\| filesize("{$g['conf_path']}/config.xml") == 0) {
120			$last_backup = discover_last_backup();
121	1e0b1727	Phil Davis	if ($last_backup) {
122	4e038d31	Carlos Eduardo Ramos	log_error(gettext("No config.xml found, attempting last known config restore."));
123			file_notice("config.xml", gettext("No config.xml found, attempting last known config restore."), "pfSenseConfigurator", "");
124	12df7edc	Erik	restore_backup("{$g['conf_path']}/backup/{$last_backup}");
125			} else {
126			unlock($lockkey);
127	4e038d31	Carlos Eduardo Ramos	die(gettext("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup."));
128	12df7edc	Erik	}
129			}
130	02e9880e	Ermal
131	086cf944	Phil Davis	if (platform_booting(true)) {
132	02e9880e	Ermal	echo ".";
133	086cf944	Phil Davis	}
134	02e9880e	Ermal
135	12df7edc	Erik	// Check for encrypted config.xml
136			encrypted_configxml();
137	02e9880e	Ermal
138	1e0b1727	Phil Davis	if (!$parse) {
139	02e9880e	Ermal	if (file_exists($g['tmp_path'] . '/config.cache')) {
140	12df7edc	Erik	$config = unserialize(file_get_contents($g['tmp_path'] . '/config.cache'));
141	1e0b1727	Phil Davis	if (is_null($config)) {
142	02e9880e	Ermal	$parse = true;
143	1e0b1727	Phil Davis	}
144			} else {
145	02e9880e	Ermal	$parse = true;
146	1e0b1727	Phil Davis	}
147	02e9880e	Ermal	}
148			if ($parse == true) {
149	1e0b1727	Phil Davis	if (!file_exists($g['conf_path'] . "/config.xml")) {
150			if (platform_booting(true)) {
151	02e9880e	Ermal	echo ".";
152	1e0b1727	Phil Davis	}
153	12df7edc	Erik	log_error("No config.xml found, attempting last known config restore.");
154			file_notice("config.xml", "No config.xml found, attempting last known config restore.", "pfSenseConfigurator", "");
155			$last_backup = discover_last_backup();
156	1e0b1727	Phil Davis	if ($last_backup) {
157	12df7edc	Erik	restore_backup("/cf/conf/backup/{$last_backup}");
158	1e0b1727	Phil Davis	} else {
159	4e038d31	Carlos Eduardo Ramos	log_error(gettext("Could not restore config.xml."));
160	50cafcf3	Ermal	unlock($lockkey);
161	4816e5ca	Renato Botelho	die(gettext("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup."));
162	50cafcf3	Ermal	}
163	12df7edc	Erik	}
164	990d7c03	Erik Fonnesbeck	$config = parse_xml_config($g['conf_path'] . '/config.xml', array($g['xml_rootobj'], 'pfsense'));
165	1e0b1727	Phil Davis	if ($config == -1) {
166	12df7edc	Erik	$last_backup = discover_last_backup();
167	1e0b1727	Phil Davis	if ($last_backup) {
168	12df7edc	Erik	restore_backup("/cf/conf/backup/{$last_backup}");
169	1e0b1727	Phil Davis	} else {
170	12df7edc	Erik	log_error(gettext("Could not restore config.xml."));
171	50cafcf3	Ermal	unlock($lockkey);
172			die("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup.");
173			}
174	12df7edc	Erik	}
175			generate_config_cache($config);
176			}
177	02e9880e	Ermal
178	1e0b1727	Phil Davis	if (platform_booting(true)) {
179	02e9880e	Ermal	echo ".";
180	1e0b1727	Phil Davis	}
181	02e9880e	Ermal
182	12df7edc	Erik	$config_parsed = true;
183			unlock($lockkey);
184
185	02e9880e	Ermal	alias_make_table($config);
186
187	12df7edc	Erik	return $config;
188			}
189
190			/***f config/generate_config_cache
191			* NAME
192			* generate_config_cache - Write serialized configuration to cache.
193			* INPUTS
194			* $config - array containing current firewall configuration
195			* RESULT
196			* boolean - true on completion
197			******/
198			function generate_config_cache($config) {
199	4e9a3392	Scott Ullrich	global $g, $config_extra;
200	12df7edc	Erik
201			$configcache = fopen($g['tmp_path'] . '/config.cache', "w");
202			fwrite($configcache, serialize($config));
203			fclose($configcache);
204	88f2c335	Chris Buechler	pfSense_fsync("{$g['tmp_path']}/config.cache");
205	6990ad35	Phil Davis
206	4e9a3392	Scott Ullrich	unset($configcache);
207			/* Used for config.extra.xml */
208	1e0b1727	Phil Davis	if (file_exists($g['tmp_path'] . '/config.extra.cache') && $config_extra) {
209	4e9a3392	Scott Ullrich	$configcacheextra = fopen($g['tmp_path'] . '/config.extra.cache', "w");
210			fwrite($configcacheextra, serialize($config_extra));
211	1e0b1727	Phil Davis	fclose($configcacheextra);
212	fd29caa1	Chris Buechler	pfSense_fsync("{$g['tmp_path']}/config.extra.cache");
213	4e9a3392	Scott Ullrich	unset($configcacheextra);
214			}
215	12df7edc	Erik	}
216
217			function discover_last_backup() {
218	692c21fd	Renato Botelho	$backups = glob('/cf/conf/backup/*.xml');
219	12df7edc	Erik	$last_backup = "";
220	692c21fd	Renato Botelho	$last_mtime = 0;
221	1e0b1727	Phil Davis	foreach ($backups as $backup) {
222			if (filemtime($backup) > $last_mtime) {
223	692c21fd	Renato Botelho	$last_mtime = filemtime($backup);
224			$last_backup = $backup;
225			}
226			}
227	12df7edc	Erik
228	692c21fd	Renato Botelho	return basename($last_backup);
229	12df7edc	Erik	}
230
231			function restore_backup($file) {
232			global $g;
233
234			if (file_exists($file)) {
235			conf_mount_rw();
236			unlink_if_exists("{$g['tmp_path']}/config.cache");
237	086cf944	Phil Davis	copy("$file", "/cf/conf/config.xml");
238	38b35612	Renato Botelho	pfSense_fsync("/cf/conf/config.xml");
239	d7b97ca3	Chris Buechler	pfSense_fsync($g['conf_path']);
240	0f806eca	Erik Fonnesbeck	disable_security_checks();
241	addc0439	Renato Botelho	log_error(sprintf(gettext('%1$s is restoring the configuration %2$s'), $g['product_name'], $file));
242			file_notice("config.xml", sprintf(gettext('%1$s is restoring the configuration %2$s'), $g['product_name'], $file), "pfSenseConfigurator", "");
243	12df7edc	Erik	conf_mount_ro();
244			}
245			}
246
247			/***f config/parse_config_bootup
248			* NAME
249			* parse_config_bootup - Bootup-specific configuration checks.
250			* RESULT
251			* null
252			******/
253			function parse_config_bootup() {
254	50cafcf3	Ermal	global $config, $g;
255	12df7edc	Erik
256	1e0b1727	Phil Davis	if (platform_booting()) {
257	02e9880e	Ermal	echo ".";
258	1e0b1727	Phil Davis	}
259	12df7edc	Erik
260			$lockkey = lock('config');
261	50cafcf3	Ermal	if (!file_exists("{$g['conf_path']}/config.xml")) {
262	285ef132	Ermal LUÇI	if (platform_booting()) {
263	50cafcf3	Ermal	if (strstr($g['platform'], "cdrom")) {
264			/* try copying the default config. to the floppy */
265	4816e5ca	Renato Botelho	echo gettext("Resetting factory defaults...") . "\n";
266	7d7da5e5	Phil Davis	reset_factory_defaults(true, false);
267	50cafcf3	Ermal	if (!file_exists("{$g['conf_path']}/config.xml")) {
268	4816e5ca	Renato Botelho	echo gettext("No XML configuration file found - using factory defaults.\n" .
269			"Make sure that the configuration floppy disk with the conf/config.xml\n" .
270			"file is inserted. If it isn't, your configuration changes will be lost\n" .
271			"on reboot.\n");
272	12df7edc	Erik	}
273			} else {
274	50cafcf3	Ermal	$last_backup = discover_last_backup();
275	1e0b1727	Phil Davis	if ($last_backup) {
276	50cafcf3	Ermal	log_error("No config.xml found, attempting last known config restore.");
277	4816e5ca	Renato Botelho	file_notice("config.xml", gettext("No config.xml found, attempting last known config restore."), "pfSenseConfigurator", "");
278	50cafcf3	Ermal	restore_backup("/cf/conf/backup/{$last_backup}");
279			}
280	1e0b1727	Phil Davis	if (!file_exists("{$g['conf_path']}/config.xml")) {
281	4816e5ca	Renato Botelho	echo sprintf(gettext("XML configuration file not found. %s cannot continue booting."), $g['product_name']) . "\n";
282	02e9880e	Ermal	unlock($lockkey);
283	50cafcf3	Ermal	mwexec("/sbin/halt");
284			exit;
285			}
286			log_error("Last known config found and restored. Please double check your configuration file for accuracy.");
287	4816e5ca	Renato Botelho	file_notice("config.xml", gettext("Last known config found and restored. Please double check your configuration file for accuracy."), "pfSenseConfigurator", "");
288	12df7edc	Erik	}
289	50cafcf3	Ermal	} else {
290			unlock($lockkey);
291	b5e8282d	Ermal	log_error(gettext("Could not find a usable configuration file! Exiting...."));
292	50cafcf3	Ermal	exit(0);
293	12df7edc	Erik	}
294			}
295	50cafcf3	Ermal
296	12df7edc	Erik	if (filesize("{$g['conf_path']}/config.xml") == 0) {
297			$last_backup = discover_last_backup();
298	1e0b1727	Phil Davis	if ($last_backup) {
299	4e038d31	Carlos Eduardo Ramos	log_error(gettext("No config.xml found, attempting last known config restore."));
300			file_notice("config.xml", gettext("No config.xml found, attempting last known config restore."), "pfSenseConfigurator", "");
301	12df7edc	Erik	restore_backup("{$g['conf_path']}/backup/{$last_backup}");
302			} else {
303			unlock($lockkey);
304	4e038d31	Carlos Eduardo Ramos	die(gettext("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup."));
305	12df7edc	Erik	}
306			}
307			unlock($lockkey);
308
309	89adb2f3	Ermal	$config = parse_config(true);
310
311	12df7edc	Erik	if ((float)$config['version'] > (float)$g['latest_config']) {
312			echo <<<EOD
313
314
315			*******************************************************************************
316			* WARNING! *
317			* The current configuration has been created with a newer version of {$g['product_name']} *
318			* than this one! This can lead to serious misbehavior and even security *
319			* holes! You are urged to either upgrade to a newer version of {$g['product_name']} or *
320			* revert to the default configuration immediately! *
321			*******************************************************************************
322
323
324			EOD;
325			}
326
327			/* make alias table (for faster lookups) */
328			alias_make_table($config);
329			}
330
331			/***f config/conf_mount_rw
332			* NAME
333			* conf_mount_rw - Mount filesystems read/write.
334			* RESULT
335			* null
336			******/
337			/* mount flash card read/write */
338	63e18082	jim-p	function conf_mount_rw() {
339	7b229013	jim-p	global $g, $config;
340	12df7edc	Erik
341			/* do not mount on cdrom platform */
342	2344bed4	Renato Botelho	if ($g['platform'] == "cdrom" or $g['platform'] == $g['product_name']) {
343	12df7edc	Erik	return;
344	1e0b1727	Phil Davis	}
345	a45e27ba	Ermal
346	1e0b1727	Phil Davis	if ((refcount_reference(1000) > 1) && is_writable("/")) {
347	12df7edc	Erik	return;
348	1e0b1727	Phil Davis	}
349	12df7edc	Erik
350	e8567e89	jim-p	$status = mwexec("/sbin/mount -u -w -o sync,noatime {$g['cf_path']}");
351	1e0b1727	Phil Davis	if ($status <> 0) {
352			if (platform_booting()) {
353	d32c16bc	Ermal LUÇI	echo gettext("/cf Filesystem is dirty.") . "\n";
354	1e0b1727	Phil Davis	}
355	e8567e89	jim-p	$status = mwexec("/sbin/mount -u -w -o sync,noatime {$g['cf_path']}");
356	12df7edc	Erik	}
357
358	2344bed4	Renato Botelho	/* if the platform is soekris or wrap or $product, lets mount the
359	12df7edc	Erik	* compact flash cards root.
360	1e0b1727	Phil Davis	*/
361	e8567e89	jim-p	$status = mwexec("/sbin/mount -u -w -o sync,noatime /");
362	d32c16bc	Ermal LUÇI	/* we could not mount this correctly. */
363	1e0b1727	Phil Davis	if ($status <> 0) {
364	d32c16bc	Ermal LUÇI	log_error(gettext("/ File system is dirty."));
365	e8567e89	jim-p	$status = mwexec("/sbin/mount -u -w -o sync,noatime /");
366	12df7edc	Erik	}
367	1e0b1727	Phil Davis
368	12df7edc	Erik	mark_subsystem_dirty('mount');
369			}
370
371			/***f config/conf_mount_ro
372			* NAME
373			* conf_mount_ro - Mount filesystems readonly.
374			* RESULT
375			* null
376			******/
377	63e18082	jim-p	function conf_mount_ro() {
378	7b229013	jim-p	global $g, $config;
379	12df7edc	Erik
380	2de8d745	jim-p	/* Do not trust $g['platform'] since this can be clobbered during factory reset. */
381			$platform = trim(file_get_contents("/etc/platform"));
382	23f0ca50	Ermal Lu?i	/* do not umount on cdrom or pfSense platforms */
383	2344bed4	Renato Botelho	if ($platform == "cdrom" or $platform == $g['product_name']) {
384	23f0ca50	Ermal Lu?i	return;
385	1e0b1727	Phil Davis	}
386	23f0ca50	Ermal Lu?i
387	1e0b1727	Phil Davis	if (refcount_unreference(1000) > 0) {
388	52f4c092	Scott Ullrich	return;
389	1e0b1727	Phil Davis	}
390	52f4c092	Scott Ullrich
391	1e0b1727	Phil Davis	if (isset($config['system']['nanobsd_force_rw'])) {
392	b8250344	Renato Botelho	return;
393	1e0b1727	Phil Davis	}
394	b8250344	Renato Botelho
395	1e0b1727	Phil Davis	if (platform_booting()) {
396	12df7edc	Erik	return;
397	1e0b1727	Phil Davis	}
398	12df7edc	Erik
399			clear_subsystem_dirty('mount');
400			/* sync data, then force a remount of /cf */
401	d0577bd2	Renato Botelho	pfSense_fsync($g['cf_path']);
402	e8567e89	jim-p	mwexec("/sbin/mount -u -r -f -o sync,noatime {$g['cf_path']}");
403			mwexec("/sbin/mount -u -r -f -o sync,noatime /");
404	12df7edc	Erik	}
405
406			/***f config/convert_config
407			* NAME
408			* convert_config - Attempt to update config.xml.
409			* DESCRIPTION
410			* convert_config() reads the current global configuration
411			* and attempts to convert it to conform to the latest
412			* config.xml version. This allows major formatting changes
413			* to be made with a minimum of breakage.
414			* RESULT
415			* null
416			******/
417			/* convert configuration, if necessary */
418			function convert_config() {
419			global $config, $g;
420			$now = date("H:i:s");
421	4e038d31	Carlos Eduardo Ramos	log_error(sprintf(gettext("Start Configuration upgrade at %s, set execution timeout to 15 minutes"), $now));
422	59cfe65d	Ermal	//ini_set("max_execution_time", "900");
423	12df7edc	Erik
424			/* special case upgrades */
425			/* fix every minute crontab bogons entry */
426	32a9eb18	Ermal	if (is_array($config['cron'])) {
427			$cron_item_count = count($config['cron']['item']);
428	086cf944	Phil Davis	for ($x = 0; $x < $cron_item_count; $x++) {
429	1e0b1727	Phil Davis	if (stristr($config['cron']['item'][$x]['command'], "rc.update_bogons.sh")) {
430	086cf944	Phil Davis	if ($config['cron']['item'][$x]['hour'] == "*") {
431	1e0b1727	Phil Davis	$config['cron']['item'][$x]['hour'] = "3";
432	32a9eb18	Ermal	write_config(gettext("Updated bogon update frequency to 3am"));
433			log_error(gettext("Updated bogon update frequency to 3am"));
434	1e0b1727	Phil Davis	}
435	32a9eb18	Ermal	}
436	12df7edc	Erik	}
437			}
438	1e0b1727	Phil Davis	if ($config['version'] == $g['latest_config']) {
439	12df7edc	Erik	return; /* already at latest version */
440	1e0b1727	Phil Davis	}
441	12df7edc	Erik
442			// Save off config version
443			$prev_version = $config['version'];
444	1e0b1727	Phil Davis
445	b96cad97	Seth Mos	include_once('auth.inc');
446	12df7edc	Erik	include_once('upgrade_config.inc');
447	1e0b1727	Phil Davis	if (file_exists("/etc/inc/upgrade_config_custom.inc")) {
448	e58da189	Ermal	include_once("upgrade_config_custom.inc");
449	1e0b1727	Phil Davis	}
450	12df7edc	Erik	/* Loop and run upgrade_VER_to_VER() until we're at current version */
451			while ($config['version'] < $g['latest_config']) {
452			$cur = $config['version'] * 10;
453			$next = $cur + 1;
454			$migration_function = sprintf('upgrade_%03d_to_%03d', $cur, $next);
455	1e0b1727	Phil Davis	if (function_exists($migration_function)) {
456	cb0e3f8e	Ermal	$migration_function();
457	1e0b1727	Phil Davis	}
458	e58da189	Ermal	$migration_function = "{$migration_function}_custom";
459	1e0b1727	Phil Davis	if (function_exists($migration_function)) {
460	e58da189	Ermal	$migration_function();
461	1e0b1727	Phil Davis	}
462	12df7edc	Erik	$config['version'] = sprintf('%.1f', $next / 10);
463	1e0b1727	Phil Davis	if (platform_booting()) {
464	92cf9fcd	sullrich	echo ".";
465	1e0b1727	Phil Davis	}
466	12df7edc	Erik	}
467
468			$now = date("H:i:s");
469	4e038d31	Carlos Eduardo Ramos	log_error(sprintf(gettext("Ended Configuration upgrade at %s"), $now));
470	12df7edc	Erik
471	1e0b1727	Phil Davis	if ($prev_version != $config['version']) {
472	addc0439	Renato Botelho	write_config(sprintf(gettext('Upgraded config version level from %1$s to %2$s'), $prev_version, $config['version']));
473	1e0b1727	Phil Davis	}
474	12df7edc	Erik	}
475
476	ddd42db3	Ermal Lu?i	/***f config/safe_write_file
477			* NAME
478			* safe_write_file - Write a file out atomically
479			* DESCRIPTION
480			* safe_write_file() Writes a file out atomically by first writing to a
481			* temporary file of the same name but ending with the pid of the current
482			* process, them renaming the temporary file over the original.
483			* INPUTS
484			* $filename - string containing the filename of the file to write
485			* $content - string containing the file content to write to file
486			* $force_binary - boolean denoting whether we should force binary
487			* mode writing.
488			* RESULT
489			* boolean - true if successful, false if not
490			******/
491			function safe_write_file($file, $content, $force_binary) {
492	628d1548	Ermal	$tmp_file = $file . "." . getmypid();
493			$write_mode = $force_binary ? "wb" : "w";
494	ddd42db3	Ermal Lu?i
495	628d1548	Ermal	$fd = fopen($tmp_file, $write_mode);
496			if (!$fd) {
497			// Unable to open temporary file for writing
498			return false;
499	1e0b1727	Phil Davis	}
500	628d1548	Ermal	if (!fwrite($fd, $content)) {
501			// Unable to write to temporary file
502	00bc5bcc	Scott Ullrich	fclose($fd);
503	628d1548	Ermal	return false;
504			}
505			fflush($fd);
506			fclose($fd);
507	ddd42db3	Ermal Lu?i
508	a83602e8	Renato Botelho	if (!pfSense_fsync($tmp_file) \|\| !rename($tmp_file, $file)) {
509	628d1548	Ermal	// Unable to move temporary file to original
510			@unlink($tmp_file);
511			return false;
512			}
513	00bc5bcc	Scott Ullrich
514	628d1548	Ermal	// Sync file before returning
515	8a811010	Chris Buechler	return pfSense_fsync($file);
516	ddd42db3	Ermal Lu?i	}
517
518	12df7edc	Erik	/***f config/write_config
519			* NAME
520			* write_config - Backup and write the firewall configuration.
521			* DESCRIPTION
522			* write_config() handles backing up the current configuration,
523			* applying changes, and regenerating the configuration cache.
524			* INPUTS
525			* $desc - string containing the a description of configuration changes
526			* $backup - boolean: do not back up current configuration if false.
527	f5315ac1	NOYB	* $write_config_only - boolean: do not sync or reload anything; just save the configuration if true.
528	12df7edc	Erik	* RESULT
529			* null
530			******/
531			/* save the system configuration */
532	429e0911	NOYB	function write_config($desc="Unknown", $backup = true, $write_config_only = false) {
533	12df7edc	Erik	global $config, $g;
534
535	a74260cb	jim-p	if (!empty($_SERVER['REMOTE_ADDR'])) {
536	1e0b1727	Phil Davis	if (!session_id()) {
537	a74260cb	jim-p	@session_start();
538	1e0b1727	Phil Davis	}
539	cf0dae69	Ermal	if (!empty($_SESSION['Username']) && ($_SESSION['Username'] != "admin")) {
540			$user = getUserEntry($_SESSION['Username']);
541			if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) {
542			session_commit();
543			return false;
544			}
545	4111fcf5	Ermal	}
546	170cb2bc	jim-p	}
547	4111fcf5	Ermal
548	1e0b1727	Phil Davis	if (!isset($argc)) {
549	9d584d5d	Ermal	session_commit();
550	1e0b1727	Phil Davis	}
551	4111fcf5	Ermal
552	1e0b1727	Phil Davis	if ($backup) {
553	12df7edc	Erik	backup_config();
554	1e0b1727	Phil Davis	}
555	12df7edc	Erik
556	ba1d9714	jim-p	$config['revision'] = make_config_revision_entry($desc);
557	12df7edc	Erik
558	b6c34bfc	Ermal	conf_mount_rw();
559			$lockkey = lock('config', LOCK_EX);
560	12df7edc	Erik
561			/* generate configuration XML */
562			$xmlconfig = dump_xml_config($config, $g['xml_rootobj']);
563
564	41bf8e8e	Scott Ullrich	/* write new configuration */
565			if (!safe_write_file("{$g['cf_conf_path']}/config.xml", $xmlconfig, false)) {
566	89a8d28e	Chris Buechler	log_error(gettext("WARNING: Config contents could not be saved. Could not open file!"));
567	12df7edc	Erik	unlock($lockkey);
568	4e038d31	Carlos Eduardo Ramos	file_notice("config.xml", sprintf(gettext("Unable to open %s/config.xml for writing in write_config()%s"), $g['cf_conf_path'], "\n"));
569	541989d5	Ermal	return -1;
570	e5977136	Scott Ullrich	}
571	1e0b1727	Phil Davis
572	e1ebe9e2	jim-p	cleanup_backupcache(true);
573	12df7edc	Erik
574			/* re-read configuration */
575	541989d5	Ermal	/* NOTE: We assume that the file can be parsed since we wrote it. */
576	12df7edc	Erik	$config = parse_xml_config("{$g['conf_path']}/config.xml", $g['xml_rootobj']);
577	e490f995	Ermal	if ($config == -1) {
578	557300a7	jim-p	copy("{$g['conf_path']}/config.xml", "{$g['conf_path']}/config.xml.bad");
579	e490f995	Ermal	$last_backup = discover_last_backup();
580	557300a7	jim-p	if ($last_backup) {
581	e490f995	Ermal	restore_backup("/cf/conf/backup/{$last_backup}");
582	557300a7	jim-p	$config = parse_xml_config("{$g['conf_path']}/config.xml", $g['xml_rootobj']);
583	285ef132	Ermal LUÇI	if (platform_booting()) {
584	557300a7	jim-p	echo "\n\n ************ WARNING ************";
585	6177fd92	jim-p	echo "\n\n Configuration could not be validated. A previous configuration was restored. \n";
586	05d5503b	Ermal	echo "\n The failed configuration file has been saved as {$g['conf_path']}/config.xml.bad \n\n";
587	557300a7	jim-p	}
588	1e0b1727	Phil Davis	} else {
589	e490f995	Ermal	log_error(gettext("Could not restore config.xml."));
590	1e0b1727	Phil Davis	}
591			} else {
592	e490f995	Ermal	generate_config_cache($config);
593	1e0b1727	Phil Davis	}
594	12df7edc	Erik
595			unlock($lockkey);
596
597	429e0911	NOYB	if ($write_config_only) {
598			/* tell kernel to sync fs data */
599			conf_mount_ro();
600			return $config;
601			}
602
603	12df7edc	Erik	unlink_if_exists("/usr/local/pkg/pf/carp_sync_client.php");
604	16b96ea6	Scott Ullrich
605	b6c34bfc	Ermal	/* tell kernel to sync fs data */
606			conf_mount_ro();
607
608	12df7edc	Erik	/* sync carp entries to other firewalls */
609	16b96ea6	Scott Ullrich	carp_sync_client();
610	12df7edc	Erik
611	1e0b1727	Phil Davis	if (is_dir("/usr/local/pkg/write_config")) {
612	12df7edc	Erik	/* process packager manager custom rules */
613			run_plugins("/usr/local/pkg/write_config/");
614			}
615
616			return $config;
617			}
618
619			/***f config/reset_factory_defaults
620			* NAME
621			* reset_factory_defaults - Reset the system to its default configuration.
622			* RESULT
623			* integer - indicates completion
624			******/
625	7d7da5e5	Phil Davis	function reset_factory_defaults($lock = false, $reboot_required = true) {
626	12df7edc	Erik	global $g;
627
628	961884ae	Renato Botelho	conf_mount_rw();
629	7222324e	Renato Botelho
630	961884ae	Renato Botelho	/* Remove all additional packages */
631	5e8c3fa0	Renato Botelho	mwexec("/bin/sh /usr/local/sbin/{$g['product_name']}-upgrade " .
632			"-r ALL_PACKAGES");
633	7222324e	Renato Botelho
634	1e0b1727	Phil Davis	if (!$lock) {
635	b6c34bfc	Ermal	$lockkey = lock('config', LOCK_EX);
636	1e0b1727	Phil Davis	}
637	12df7edc	Erik
638			/* create conf directory, if necessary */
639	5e8c3fa0	Renato Botelho	safe_mkdir($g['cf_conf_path']);
640	12df7edc	Erik
641			/* clear out /conf */
642			$dh = opendir($g['conf_path']);
643			while ($filename = readdir($dh)) {
644	5e8c3fa0	Renato Botelho	if (($filename != ".") && ($filename != "..") &&
645			(!is_dir($g['conf_path'] . "/" . $filename))) {
646	12df7edc	Erik	unlink_if_exists($g['conf_path'] . "/" . $filename);
647			}
648			}
649			closedir($dh);
650	63dd9f08	Ermal	unlink_if_exists($g['tmp_path'] . "/config.cache");
651	12df7edc	Erik
652			/* copy default configuration */
653	5e8c3fa0	Renato Botelho	copy("{$g['conf_default_path']}/config.xml",
654			"{$g['cf_conf_path']}/config.xml");
655	12df7edc	Erik
656	0f806eca	Erik Fonnesbeck	disable_security_checks();
657
658	12df7edc	Erik	/* call the wizard */
659	7d7da5e5	Phil Davis	if ($reboot_required) {
660			// If we need a reboot first then touch a different trigger file.
661			touch("/conf/trigger_initial_wizard_after_reboot");
662			} else {
663			touch("/conf/trigger_initial_wizard");
664			}
665	1e0b1727	Phil Davis	if (!$lock) {
666	12df7edc	Erik	unlock($lockkey);
667	1e0b1727	Phil Davis	}
668	b6c34bfc	Ermal	conf_mount_ro();
669	673966e4	jim-p	setup_serial_port();
670	12df7edc	Erik	return 0;
671			}
672
673			function config_restore($conffile) {
674			global $config, $g;
675
676	1e0b1727	Phil Davis	if (!file_exists($conffile)) {
677	12df7edc	Erik	return 1;
678	1e0b1727	Phil Davis	}
679	12df7edc	Erik
680			backup_config();
681
682	f2087c85	Scott Ullrich	conf_mount_rw();
683	1e0b1727	Phil Davis
684	b6c34bfc	Ermal	$lockkey = lock('config', LOCK_EX);
685	12df7edc	Erik
686			unlink_if_exists("{$g['tmp_path']}/config.cache");
687	e490f995	Ermal	copy($conffile, "{$g['cf_conf_path']}/config.xml");
688	12df7edc	Erik
689	0f806eca	Erik Fonnesbeck	disable_security_checks();
690
691	12df7edc	Erik	unlock($lockkey);
692
693			$config = parse_config(true);
694
695			conf_mount_ro();
696
697	d18f3f6e	Phil Davis	write_config(sprintf(gettext("Reverted to %s."), array_pop(explode("/", $conffile))), false);
698	e296b183	Ermal Lu?i
699	12df7edc	Erik	return 0;
700			}
701
702			function config_install($conffile) {
703			global $config, $g;
704
705	1e0b1727	Phil Davis	if (!file_exists($conffile)) {
706	12df7edc	Erik	return 1;
707	1e0b1727	Phil Davis	}
708	12df7edc	Erik
709	1e0b1727	Phil Davis	if (!config_validate("{$conffile}")) {
710	12df7edc	Erik	return 1;
711	1e0b1727	Phil Davis	}
712	12df7edc	Erik
713	1e0b1727	Phil Davis	if (platform_booting()) {
714	4e038d31	Carlos Eduardo Ramos	echo gettext("Installing configuration...") . "\n";
715	1e0b1727	Phil Davis	} else {
716	4e038d31	Carlos Eduardo Ramos	log_error(gettext("Installing configuration ...."));
717	1e0b1727	Phil Davis	}
718	12df7edc	Erik
719			conf_mount_rw();
720	b6c34bfc	Ermal	$lockkey = lock('config', LOCK_EX);
721	12df7edc	Erik
722			copy($conffile, "{$g['conf_path']}/config.xml");
723
724	0f806eca	Erik Fonnesbeck	disable_security_checks();
725
726	12df7edc	Erik	/* unlink cache file if it exists */
727	1e0b1727	Phil Davis	if (file_exists("{$g['tmp_path']}/config.cache")) {
728	12df7edc	Erik	unlink("{$g['tmp_path']}/config.cache");
729	1e0b1727	Phil Davis	}
730	12df7edc	Erik
731			unlock($lockkey);
732			conf_mount_ro();
733
734	1e0b1727	Phil Davis	return 0;
735	12df7edc	Erik	}
736
737	0f806eca	Erik Fonnesbeck	/*
738			* Disable security checks for DNS rebind and HTTP referrer until next time
739			* they pass (or reboot), to aid in preventing accidental lockout when
740			* restoring settings like hostname, domain, IP addresses, and settings
741			* related to the DNS rebind and HTTP referrer checks.
742			* Intended for use when restoring a configuration or directly
743			* modifying config.xml without an unconditional reboot.
744			*/
745			function disable_security_checks() {
746			global $g;
747			touch("{$g['tmp_path']}/disable_security_checks");
748			}
749
750			/* Restores security checks. Should be called after all succeed. */
751			function restore_security_checks() {
752			global $g;
753			unlink_if_exists("{$g['tmp_path']}/disable_security_checks");
754			}
755
756			/* Returns status of security check temporary disable. */
757			function security_checks_disabled() {
758			global $g;
759			return file_exists("{$g['tmp_path']}/disable_security_checks");
760			}
761
762	12df7edc	Erik	function config_validate($conffile) {
763
764			global $g, $xmlerr;
765
766			$xml_parser = xml_parser_create();
767
768			if (!($fp = fopen($conffile, "r"))) {
769	4e038d31	Carlos Eduardo Ramos	$xmlerr = gettext("XML error: unable to open file");
770	12df7edc	Erik	return false;
771			}
772
773			while ($data = fread($fp, 4096)) {
774			if (!xml_parse($xml_parser, $data, feof($fp))) {
775	addc0439	Renato Botelho	$xmlerr = sprintf(gettext('%1$s at line %2$d'),
776	12df7edc	Erik	xml_error_string(xml_get_error_code($xml_parser)),
777			xml_get_current_line_number($xml_parser));
778			return false;
779			}
780			}
781			xml_parser_free($xml_parser);
782
783			fclose($fp);
784
785			return true;
786			}
787
788	e1ebe9e2	jim-p	function cleanup_backupcache($lock = false) {
789	12df7edc	Erik	global $g;
790			$i = false;
791	e1ebe9e2	jim-p
792			$revisions = get_config_backup_count();
793
794	1e0b1727	Phil Davis	if (!$lock) {
795	12df7edc	Erik	$lockkey = lock('config');
796	1e0b1727	Phil Davis	}
797	cd25a2b2	jim-p
798			conf_mount_rw();
799
800			$backups = get_backups();
801			if ($backups) {
802	12df7edc	Erik	$baktimes = $backups['versions'];
803			unset($backups['versions']);
804	cd25a2b2	jim-p	} else {
805			$backups = array();
806			$baktimes = array();
807			}
808			$newbaks = array();
809			$bakfiles = glob($g['cf_conf_path'] . "/backup/config-*");
810			$tocache = array();
811	12df7edc	Erik
812	1e0b1727	Phil Davis	foreach ($bakfiles as $backup) { // Check for backups in the directory not represented in the cache.
813	bfe615ee	jim-p	$backupsize = filesize($backup);
814	1e0b1727	Phil Davis	if ($backupsize == 0) {
815	cd25a2b2	jim-p	unlink($backup);
816			continue;
817			}
818	b3bbed58	Ermal LUÇI	$backupexp = explode('-', $backup);
819			$backupexp = explode('.', array_pop($backupexp));
820			$tocheck = array_shift($backupexp);
821			unset($backupexp);
822	1e0b1727	Phil Davis	if (!in_array($tocheck, $baktimes)) {
823	cd25a2b2	jim-p	$i = true;
824	1e0b1727	Phil Davis	if (platform_booting()) {
825	cd25a2b2	jim-p	echo ".";
826	1e0b1727	Phil Davis	}
827	990d7c03	Erik Fonnesbeck	$newxml = parse_xml_config($backup, array($g['xml_rootobj'], 'pfsense'));
828	1e0b1727	Phil Davis	if ($newxml == "-1") {
829	4e038d31	Carlos Eduardo Ramos	log_error(sprintf(gettext("The backup cache file %s is corrupted. Unlinking."), $backup));
830	cd25a2b2	jim-p	unlink($backup);
831	4e038d31	Carlos Eduardo Ramos	log_error(sprintf(gettext("The backup cache file %s is corrupted. Unlinking."), $backup));
832	cd25a2b2	jim-p	continue;
833	12df7edc	Erik	}
834	1e0b1727	Phil Davis	if ($newxml['revision']['description'] == "") {
835	cd25a2b2	jim-p	$newxml['revision']['description'] = "Unknown";
836	1e0b1727	Phil Davis	}
837			if ($newxml['version'] == "") {
838	92420c0a	jim-p	$newxml['version'] = "?";
839	1e0b1727	Phil Davis	}
840	bfe615ee	jim-p	$tocache[$tocheck] = array('description' => $newxml['revision']['description'], 'version' => $newxml['version'], 'filesize' => $backupsize);
841	12df7edc	Erik	}
842	cd25a2b2	jim-p	}
843	1e0b1727	Phil Davis	foreach ($backups as $checkbak) {
844			if (count(preg_grep('/' . $checkbak['time'] . '/i', $bakfiles)) != 0) {
845	cd25a2b2	jim-p	$newbaks[] = $checkbak;
846			} else {
847			$i = true;
848	285ef132	Ermal LUÇI	if (platform_booting()) print " " . $tocheck . "r";
849	cd25a2b2	jim-p	}
850			}
851	1e0b1727	Phil Davis	foreach ($newbaks as $todo) {
852			$tocache[$todo['time']] = array('description' => $todo['description'], 'version' => $todo['version'], 'filesize' => $todo['filesize']);
853			}
854			if (is_int($revisions) and (count($tocache) > $revisions)) {
855	cd25a2b2	jim-p	$toslice = array_slice(array_keys($tocache), 0, $revisions);
856	1e0b1727	Phil Davis	foreach ($toslice as $sliced) {
857	cd25a2b2	jim-p	$newcache[$sliced] = $tocache[$sliced];
858	1e0b1727	Phil Davis	}
859			foreach ($tocache as $version => $versioninfo) {
860			if (!in_array($version, array_keys($newcache))) {
861	cd25a2b2	jim-p	unlink_if_exists($g['conf_path'] . '/backup/config-' . $version . '.xml');
862	12df7edc	Erik	}
863			}
864	cd25a2b2	jim-p	$tocache = $newcache;
865	12df7edc	Erik	}
866	cd25a2b2	jim-p	$bakout = fopen($g['cf_conf_path'] . '/backup/backup.cache', "w");
867			fwrite($bakout, serialize($tocache));
868			fclose($bakout);
869	8a811010	Chris Buechler	pfSense_fsync("{$g['cf_conf_path']}/backup/backup.cache");
870	cd25a2b2	jim-p	conf_mount_ro();
871
872	1e0b1727	Phil Davis	if (!$lock) {
873	12df7edc	Erik	unlock($lockkey);
874	1e0b1727	Phil Davis	}
875	12df7edc	Erik	}
876
877			function get_backups() {
878			global $g;
879	1e0b1727	Phil Davis	if (file_exists("{$g['cf_conf_path']}/backup/backup.cache")) {
880	12df7edc	Erik	$confvers = unserialize(file_get_contents("{$g['cf_conf_path']}/backup/backup.cache"));
881			$bakvers = array_keys($confvers);
882			$toreturn = array();
883			sort($bakvers);
884			// $bakvers = array_reverse($bakvers);
885	1e0b1727	Phil Davis	foreach (array_reverse($bakvers) as $bakver) {
886	bfe615ee	jim-p	$toreturn[] = array('time' => $bakver, 'description' => $confvers[$bakver]['description'], 'version' => $confvers[$bakver]['version'], 'filesize' => $confvers[$bakver]['filesize']);
887	1e0b1727	Phil Davis	}
888	12df7edc	Erik	} else {
889			return false;
890			}
891			$toreturn['versions'] = $bakvers;
892			return $toreturn;
893			}
894
895			function backup_config() {
896			global $config, $g;
897
898	1e0b1727	Phil Davis	if ($g['platform'] == "cdrom") {
899	12df7edc	Erik	return;
900	1e0b1727	Phil Davis	}
901	12df7edc	Erik
902			conf_mount_rw();
903
904			/* Create backup directory if needed */
905			safe_mkdir("{$g['cf_conf_path']}/backup");
906	1e0b1727	Phil Davis	if ($config['revision']['time'] == "") {
907			$baktime = 0;
908			} else {
909			$baktime = $config['revision']['time'];
910			}
911	8a811010	Chris Buechler
912	1e0b1727	Phil Davis	if ($config['revision']['description'] == "") {
913			$bakdesc = "Unknown";
914			} else {
915			$bakdesc = $config['revision']['description'];
916			}
917	8059f9cb	jim-p
918			$bakver = ($config['version'] == "") ? "?" : $config['version'];
919	bfe615ee	jim-p	$bakfilename = $g['cf_conf_path'] . '/backup/config-' . $baktime . '.xml';
920			copy($g['cf_conf_path'] . '/config.xml', $bakfilename);
921	8a811010	Chris Buechler
922	1e0b1727	Phil Davis	if (file_exists($g['cf_conf_path'] . '/backup/backup.cache')) {
923			$backupcache = unserialize(file_get_contents($g['cf_conf_path'] . '/backup/backup.cache'));
924			} else {
925			$backupcache = array();
926			}
927	bfe615ee	jim-p	$backupcache[$baktime] = array('description' => $bakdesc, 'version' => $bakver, 'filesize' => filesize($bakfilename));
928	1e0b1727	Phil Davis	$bakout = fopen($g['cf_conf_path'] . '/backup/backup.cache', "w");
929			fwrite($bakout, serialize($backupcache));
930			fclose($bakout);
931	8a811010	Chris Buechler	pfSense_fsync("{$g['cf_conf_path']}/backup/backup.cache");
932	12df7edc	Erik
933			conf_mount_ro();
934
935			return true;
936			}
937
938			function set_device_perms() {
939			$devices = array(
940	6c07db48	Phil Davis	'pf' => array(
941			'user' => 'root',
942			'group' => 'proxy',
943			'mode' => 0660),
944	12df7edc	Erik	);
945
946			foreach ($devices as $name => $attr) {
947			$path = "/dev/$name";
948			if (file_exists($path)) {
949			chown($path, $attr['user']);
950			chgrp($path, $attr['group']);
951			chmod($path, $attr['mode']);
952			}
953			}
954			}
955
956	ba1d9714	jim-p	function get_config_user() {
957			if (empty($_SESSION["Username"])) {
958	362ec35d	Ermal	$username = getenv("USER");
959	1e0b1727	Phil Davis	if (empty($conuser) \|\| $conuser == "root") {
960	ba1d9714	jim-p	$username = "(system)";
961	1e0b1727	Phil Davis	}
962			} else {
963	ba1d9714	jim-p	$username = $_SESSION["Username"];
964	1e0b1727	Phil Davis	}
965	ba1d9714	jim-p
966	1e0b1727	Phil Davis	if (!empty($_SERVER['REMOTE_ADDR'])) {
967	ba1d9714	jim-p	$username .= '@' . $_SERVER['REMOTE_ADDR'];
968	1e0b1727	Phil Davis	}
969	ba1d9714	jim-p
970			return $username;
971			}
972
973			function make_config_revision_entry($desc = null, $override_user = null) {
974	1e0b1727	Phil Davis	if (empty($override_user)) {
975	ba1d9714	jim-p	$username = get_config_user();
976	1e0b1727	Phil Davis	} else {
977	ba1d9714	jim-p	$username = $override_user;
978	1e0b1727	Phil Davis	}
979	ba1d9714	jim-p
980			$revision = array();
981
982	1e0b1727	Phil Davis	if (time() > mktime(0, 0, 0, 9, 1, 2004)) { /* make sure the clock settings are plausible */
983	ba1d9714	jim-p	$revision['time'] = time();
984	1e0b1727	Phil Davis	}
985	ba1d9714	jim-p
986			/* Log the running script so it's not entirely unlogged what changed */
987	1e0b1727	Phil Davis	if ($desc == "Unknown") {
988	ba1d9714	jim-p	$desc = sprintf(gettext("%s made unknown change"), $_SERVER['SCRIPT_NAME']);
989	1e0b1727	Phil Davis	}
990			if (!empty($desc)) {
991	ba1d9714	jim-p	$revision['description'] = "{$username}: " . $desc;
992	1e0b1727	Phil Davis	}
993	ba1d9714	jim-p	$revision['username'] = $username;
994			return $revision;
995			}
996
997	e1ebe9e2	jim-p	function get_config_backup_count() {
998			global $config, $g;
999			if (isset($config['system']['backupcount']) && is_numeric($config['system']['backupcount']) && ($config['system']['backupcount'] >= 0)) {
1000			return intval($config['system']['backupcount']);
1001	e61f548f	Ermal	} elseif ($g['platform'] == "nanobsd") {
1002	e1ebe9e2	jim-p	return 5;
1003			} else {
1004			return 30;
1005			}
1006			}
1007
1008	00e55088	Ermal	function pfSense_clear_globals() {
1009			global $config, $FilterIfList, $GatewaysList, $filterdns, $aliases, $aliastable;
1010
1011	be2d7eb7	Chris Buechler	$error = error_get_last();
1012	1e0b1727	Phil Davis
1013			if ($error !== NULL) {
1014	b3f2f476	PiBa-NL	if ($error['type'] == E_ERROR) {
1015	be2d7eb7	Chris Buechler	$errorstr = "PHP ERROR: Type: {$error['type']}, File: {$error['file']}, Line: {$error['line']}, Message: {$error['message']}";
1016	b3f2f476	PiBa-NL	print($errorstr);
1017			log_error($errorstr);
1018	6c07db48	Phil Davis	} else if ($error['type'] != E_NOTICE) {
1019	b3f2f476	PiBa-NL	$errorstr = "PHP WARNING: Type: {$error['type']}, File: {$error['file']}, Line: {$error['line']}, Message: {$error['message']}";
1020	e8e494f3	Chris Buechler	// XXX: comment out for now, should re-enable post-2.2
1021			//print($errorstr);
1022			//log_error($errorstr);
1023	be2d7eb7	Chris Buechler	}
1024			}
1025
1026	1e0b1727	Phil Davis	if (isset($FilterIfList)) {
1027	00e55088	Ermal	unset($FilterIfList);
1028	1e0b1727	Phil Davis	}
1029	00e55088	Ermal
1030	1e0b1727	Phil Davis	if (isset($GatewaysList)) {
1031	00e55088	Ermal	unset($GatewaysList);
1032	1e0b1727	Phil Davis	}
1033	00e55088	Ermal
1034			/* Used for the hostname dns resolver */
1035	1e0b1727	Phil Davis	if (isset($filterdns)) {
1036	00e55088	Ermal	unset($filterdns);
1037	1e0b1727	Phil Davis	}
1038	00e55088	Ermal
1039			/* Used for aliases and interface macros */
1040	1e0b1727	Phil Davis	if (isset($aliases)) {
1041	00e55088	Ermal	unset($aliases);
1042	1e0b1727	Phil Davis	}
1043			if (isset($aliastable)) {
1044	00e55088	Ermal	unset($aliastable);
1045	1e0b1727	Phil Davis	}
1046	00e55088	Ermal
1047			unset($config);
1048			}
1049
1050			register_shutdown_function('pfSense_clear_globals');
1051
1052	09221bc3	Renato Botelho	?>

Project

General

Profile

pfSense