/ - Diff - pfSense - pfSense bugtracker

« Previous | Next »

Revision 4d775dd0

Added by Ermal LUÇI over 14 years ago

ID 4d775dd000e6efd78959fb627a28cd7aaeda744d
Parent 602cb4b0
Child d0f980d4

Be consistent on shifting array during authentication. Also check for array to avoid strange errors.

     function xmlrpc_auth(&$params) {
     	global $config;
     	if (!is_array($config['system']['user']))
     	if (!is_array($config['system']['user'])) {
     		array_shift($params);
     		unset($params['xmlrpcauth']);
     		return false;
     	if (!isset($config['system']['user'][0]['password']))
+    	}
     	if (!isset($config['system']['user'][0]['password'])) {
     		array_shift($params);
     		unset($params['xmlrpcauth']);
     		return false;
+    	}
     	$localpass =  $config['system']['user'][0]['password'];
     	if(crypt($params[0], $localpass) == $localpass) {
     		array_shift($params);
     		unset($params['xmlrpcauth']);
     		return true;
     	} else if(crypt($params['xmlrpcauth'],  $localpass)  ==  $localpass)  {
     		array_shift($params);
     		unset($params['xmlrpcauth']);
     		return true;
+    	}
     	unset($params['xmlrpcauth']);
     	array_shift($params);
     	unset($params['xmlrpcauth']);
     	return false;
+    }

     	if(!xmlrpc_auth($params))
     		return $xmlrpc_g['return']['authfail'];
     	$vipbackup = array();
     	if (isset($params[1]['virtualip'])) {
     	if (isset($params[0]['virtualip'])) {
     		if(is_array($config['virtualip']['vip'])) {
     			foreach ($config['virtualip']['vip'] as $vip)
     				interface_vip_bring_down($vip);
-...
             // For vip section, first keep items sent from the master
     	$config = array_merge($config, $params[0]);
             // Then add ipalias and proxyarp types already defined on the backup
             foreach ($vipbackup as $vip) {
                     if (($vip['mode'] == 'ipalias') || ($vip['mode'] == 'proxyarp'))
                             $config['virtualip']['vip'][]=$vip ;
     	if (is_array($vipbackup)) {
     		foreach ($vipbackup as $vip) {
     			if (($vip['mode'] == 'ipalias') || ($vip['mode'] == 'proxyarp'))
     				$config['virtualip']['vip'][]=$vip ;
+    		}
+    	}
     	$mergedkeys = implode(",", array_keys($params[0]));
     	write_config(sprintf(gettext("Merged in config (%s sections) from XMLRPC client."),$mergedkeys));
-...
     	$params = xmlrpc_params_to_php($raw_params);
     	if(!xmlrpc_auth($params))
     		return $xmlrpc_g['return']['authfail'];
     	if (isset($params[1]['virtualip'])) {
     	if (isset($params[0]['virtualip'])) {
                     if(is_array($config['virtualip']['vip'])) {
                             foreach ($config['virtualip']['vip'] as $vip)
                                     interface_vip_bring_down($vip);

Also available in: Unified diff

Project

General

Profile

pfSense

Revision 4d775dd0

Added by Ermal LUÇI over 14 years ago