/src/etc/inc/config.lib.inc - Annotate - pfSense - pfSense bugtracker

| Branch: | Tag: | Revision:

root/src/etc/inc/config.lib.inc @ 8b82942f

1	12df7edc	Erik	<?php
2	09221bc3	Renato Botelho	/*
3	8acd654a	Renato Botelho	* config.lib.inc
4			*
5			* part of pfSense (https://www.pfsense.org)
6	2a2396a6	Renato Botelho	* Copyright (c) 2004-2016 Rubicon Communications, LLC (Netgate)
7	8acd654a	Renato Botelho	* Copyright (c) 2009 Erik Kristensen
8			* All rights reserved.
9			*
10			* originally part of m0n0wall (http://m0n0.ch/wall)
11	aaec5634	Renato Botelho	* Copyright (c) 2003-2004 Manuel Kasper <mk@neon1.net>.
12	8acd654a	Renato Botelho	* All rights reserved.
13			*
14			* Redistribution and use in source and binary forms, with or without
15			* modification, are permitted provided that the following conditions are met:
16			*
17			* 1. Redistributions of source code must retain the above copyright notice,
18			* this list of conditions and the following disclaimer.
19			*
20			* 2. Redistributions in binary form must reproduce the above copyright
21			* notice, this list of conditions and the following disclaimer in
22			* the documentation and/or other materials provided with the
23			* distribution.
24			*
25			* 3. All advertising materials mentioning features or use of this software
26			* must display the following acknowledgment:
27			* "This product includes software developed by the pfSense Project
28			* for use in the pfSense® software distribution. (http://www.pfsense.org/).
29			*
30			* 4. The names "pfSense" and "pfSense Project" must not be used to
31			* endorse or promote products derived from this software without
32			* prior written permission. For written permission, please contact
33			* coreteam@pfsense.org.
34			*
35			* 5. Products derived from this software may not be called "pfSense"
36			* nor may "pfSense" appear in their names without prior written
37			* permission of the Electric Sheep Fencing, LLC.
38			*
39			* 6. Redistributions of any form whatsoever must retain the following
40			* acknowledgment:
41			*
42			* "This product includes software developed by the pfSense Project
43			* for use in the pfSense software distribution (http://www.pfsense.org/).
44			*
45			* THIS SOFTWARE IS PROVIDED BY THE pfSense PROJECT ``AS IS'' AND ANY
46			* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
47			* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
48			* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE pfSense PROJECT OR
49			* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
50			* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
51			* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
52			* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
53			* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
54			* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
55			* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
56			* OF THE POSSIBILITY OF SUCH DAMAGE.
57			*/
58	12df7edc	Erik
59			/***f config/encrypted_configxml
60			* NAME
61			* encrypted_configxml - Checks to see if config.xml is encrypted and if so, prompts to unlock.
62			* INPUTS
63			* None
64			* RESULT
65			* $config - rewrites config.xml without encryption
66			******/
67			function encrypted_configxml() {
68			global $g, $config;
69	02e9880e	Ermal
70	1e0b1727	Phil Davis	if (!file_exists($g['conf_path'] . "/config.xml")) {
71	02e9880e	Ermal	return;
72	1e0b1727	Phil Davis	}
73	02e9880e	Ermal
74	1e0b1727	Phil Davis	if (!platform_booting()) {
75	02e9880e	Ermal	return;
76	1e0b1727	Phil Davis	}
77	02e9880e	Ermal
78	1e0b1727	Phil Davis	$configtxt = file_get_contents($g['conf_path'] . "/config.xml");
79			if (tagfile_deformat($configtxt, $configtxt, "config.xml")) {
80	02e9880e	Ermal	$fp = fopen('php://stdin', 'r');
81			$data = "";
82			echo "\n\n* Encrypted config.xml detected *\n";
83	1e0b1727	Phil Davis	while ($data == "") {
84	02e9880e	Ermal	echo "\nEnter the password to decrypt config.xml: ";
85			$decrypt_password = chop(fgets($fp));
86			$data = decrypt_data($configtxt, $decrypt_password);
87	1e0b1727	Phil Davis	if (!strstr($data, "<pfsense>")) {
88	12df7edc	Erik	$data = "";
89	1e0b1727	Phil Davis	}
90			if ($data) {
91	02e9880e	Ermal	$fd = fopen($g['conf_path'] . "/config.xml.tmp", "w");
92			fwrite($fd, $data);
93			fclose($fd);
94			exec("/bin/mv {$g['conf_path']}/config.xml.tmp {$g['conf_path']}/config.xml");
95	9d3d8d00	Vinicius Coque	echo "\n" . gettext("Config.xml unlocked.") . "\n";
96	02e9880e	Ermal	fclose($fp);
97	8a811010	Chris Buechler	pfSense_fsync("{$g['conf_path']}/config.xml");
98	02e9880e	Ermal	} else {
99	9d3d8d00	Vinicius Coque	echo "\n" . gettext("Invalid password entered. Please try again.") . "\n";
100	12df7edc	Erik	}
101			}
102			}
103			}
104
105			/***f config/parse_config
106			* NAME
107			* parse_config - Read in config.cache or config.xml if needed and return $config array
108			* INPUTS
109			* $parse - boolean to force parse_config() to read config.xml and generate config.cache
110			* RESULT
111			* $config - array containing all configuration variables
112			******/
113	1295e769	Scott Ullrich	function parse_config($parse = false) {
114	4e9a3392	Scott Ullrich	global $g, $config_parsed, $config_extra;
115	02e9880e	Ermal
116	12df7edc	Erik	$lockkey = lock('config');
117	0af381c2	Scott Ullrich	$config_parsed = false;
118	02e9880e	Ermal
119	12df7edc	Erik	if (!file_exists("{$g['conf_path']}/config.xml") \|\| filesize("{$g['conf_path']}/config.xml") == 0) {
120			$last_backup = discover_last_backup();
121	1e0b1727	Phil Davis	if ($last_backup) {
122	4e038d31	Carlos Eduardo Ramos	log_error(gettext("No config.xml found, attempting last known config restore."));
123			file_notice("config.xml", gettext("No config.xml found, attempting last known config restore."), "pfSenseConfigurator", "");
124	12df7edc	Erik	restore_backup("{$g['conf_path']}/backup/{$last_backup}");
125			} else {
126			unlock($lockkey);
127	4e038d31	Carlos Eduardo Ramos	die(gettext("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup."));
128	12df7edc	Erik	}
129			}
130	02e9880e	Ermal
131	086cf944	Phil Davis	if (platform_booting(true)) {
132	02e9880e	Ermal	echo ".";
133	086cf944	Phil Davis	}
134	02e9880e	Ermal
135	12df7edc	Erik	// Check for encrypted config.xml
136			encrypted_configxml();
137	02e9880e	Ermal
138	1e0b1727	Phil Davis	if (!$parse) {
139	02e9880e	Ermal	if (file_exists($g['tmp_path'] . '/config.cache')) {
140	12df7edc	Erik	$config = unserialize(file_get_contents($g['tmp_path'] . '/config.cache'));
141	381b8f1c	Chris Buechler	if (!is_array($config)) {
142	02e9880e	Ermal	$parse = true;
143	1e0b1727	Phil Davis	}
144			} else {
145	02e9880e	Ermal	$parse = true;
146	1e0b1727	Phil Davis	}
147	02e9880e	Ermal	}
148			if ($parse == true) {
149	1e0b1727	Phil Davis	if (!file_exists($g['conf_path'] . "/config.xml")) {
150			if (platform_booting(true)) {
151	02e9880e	Ermal	echo ".";
152	1e0b1727	Phil Davis	}
153	12df7edc	Erik	log_error("No config.xml found, attempting last known config restore.");
154			file_notice("config.xml", "No config.xml found, attempting last known config restore.", "pfSenseConfigurator", "");
155			$last_backup = discover_last_backup();
156	1e0b1727	Phil Davis	if ($last_backup) {
157	12df7edc	Erik	restore_backup("/cf/conf/backup/{$last_backup}");
158	1e0b1727	Phil Davis	} else {
159	4e038d31	Carlos Eduardo Ramos	log_error(gettext("Could not restore config.xml."));
160	50cafcf3	Ermal	unlock($lockkey);
161	4816e5ca	Renato Botelho	die(gettext("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup."));
162	50cafcf3	Ermal	}
163	12df7edc	Erik	}
164	990d7c03	Erik Fonnesbeck	$config = parse_xml_config($g['conf_path'] . '/config.xml', array($g['xml_rootobj'], 'pfsense'));
165	1e0b1727	Phil Davis	if ($config == -1) {
166	12df7edc	Erik	$last_backup = discover_last_backup();
167	1e0b1727	Phil Davis	if ($last_backup) {
168	12df7edc	Erik	restore_backup("/cf/conf/backup/{$last_backup}");
169	1e0b1727	Phil Davis	} else {
170	12df7edc	Erik	log_error(gettext("Could not restore config.xml."));
171	50cafcf3	Ermal	unlock($lockkey);
172			die("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup.");
173			}
174	12df7edc	Erik	}
175			generate_config_cache($config);
176			}
177	02e9880e	Ermal
178	1e0b1727	Phil Davis	if (platform_booting(true)) {
179	02e9880e	Ermal	echo ".";
180	1e0b1727	Phil Davis	}
181	02e9880e	Ermal
182	12df7edc	Erik	$config_parsed = true;
183			unlock($lockkey);
184
185	02e9880e	Ermal	alias_make_table($config);
186
187	12df7edc	Erik	return $config;
188			}
189
190			/***f config/generate_config_cache
191			* NAME
192			* generate_config_cache - Write serialized configuration to cache.
193			* INPUTS
194			* $config - array containing current firewall configuration
195			* RESULT
196			* boolean - true on completion
197			******/
198			function generate_config_cache($config) {
199	4e9a3392	Scott Ullrich	global $g, $config_extra;
200	12df7edc	Erik
201			$configcache = fopen($g['tmp_path'] . '/config.cache', "w");
202			fwrite($configcache, serialize($config));
203			fclose($configcache);
204	88f2c335	Chris Buechler	pfSense_fsync("{$g['tmp_path']}/config.cache");
205	6990ad35	Phil Davis
206	4e9a3392	Scott Ullrich	unset($configcache);
207			/* Used for config.extra.xml */
208	1e0b1727	Phil Davis	if (file_exists($g['tmp_path'] . '/config.extra.cache') && $config_extra) {
209	4e9a3392	Scott Ullrich	$configcacheextra = fopen($g['tmp_path'] . '/config.extra.cache', "w");
210			fwrite($configcacheextra, serialize($config_extra));
211	1e0b1727	Phil Davis	fclose($configcacheextra);
212	fd29caa1	Chris Buechler	pfSense_fsync("{$g['tmp_path']}/config.extra.cache");
213	4e9a3392	Scott Ullrich	unset($configcacheextra);
214			}
215	12df7edc	Erik	}
216
217			function discover_last_backup() {
218	692c21fd	Renato Botelho	$backups = glob('/cf/conf/backup/*.xml');
219	12df7edc	Erik	$last_backup = "";
220	692c21fd	Renato Botelho	$last_mtime = 0;
221	1e0b1727	Phil Davis	foreach ($backups as $backup) {
222			if (filemtime($backup) > $last_mtime) {
223	692c21fd	Renato Botelho	$last_mtime = filemtime($backup);
224			$last_backup = $backup;
225			}
226			}
227	12df7edc	Erik
228	692c21fd	Renato Botelho	return basename($last_backup);
229	12df7edc	Erik	}
230
231			function restore_backup($file) {
232			global $g;
233
234			if (file_exists($file)) {
235			conf_mount_rw();
236			unlink_if_exists("{$g['tmp_path']}/config.cache");
237	086cf944	Phil Davis	copy("$file", "/cf/conf/config.xml");
238	38b35612	Renato Botelho	pfSense_fsync("/cf/conf/config.xml");
239	d7b97ca3	Chris Buechler	pfSense_fsync($g['conf_path']);
240	0f806eca	Erik Fonnesbeck	disable_security_checks();
241	addc0439	Renato Botelho	log_error(sprintf(gettext('%1$s is restoring the configuration %2$s'), $g['product_name'], $file));
242			file_notice("config.xml", sprintf(gettext('%1$s is restoring the configuration %2$s'), $g['product_name'], $file), "pfSenseConfigurator", "");
243	12df7edc	Erik	conf_mount_ro();
244			}
245			}
246
247			/***f config/parse_config_bootup
248			* NAME
249			* parse_config_bootup - Bootup-specific configuration checks.
250			* RESULT
251			* null
252			******/
253			function parse_config_bootup() {
254	50cafcf3	Ermal	global $config, $g;
255	12df7edc	Erik
256	1e0b1727	Phil Davis	if (platform_booting()) {
257	02e9880e	Ermal	echo ".";
258	1e0b1727	Phil Davis	}
259	12df7edc	Erik
260			$lockkey = lock('config');
261	50cafcf3	Ermal	if (!file_exists("{$g['conf_path']}/config.xml")) {
262	285ef132	Ermal LUÇI	if (platform_booting()) {
263	50cafcf3	Ermal	if (strstr($g['platform'], "cdrom")) {
264			/* try copying the default config. to the floppy */
265	4816e5ca	Renato Botelho	echo gettext("Resetting factory defaults...") . "\n";
266	7d7da5e5	Phil Davis	reset_factory_defaults(true, false);
267	50cafcf3	Ermal	if (!file_exists("{$g['conf_path']}/config.xml")) {
268	4816e5ca	Renato Botelho	echo gettext("No XML configuration file found - using factory defaults.\n" .
269			"Make sure that the configuration floppy disk with the conf/config.xml\n" .
270	1c92c5b1	Stephen Beaver	"file is inserted. If it isn't, the configuration changes will be lost\n" .
271	4816e5ca	Renato Botelho	"on reboot.\n");
272	12df7edc	Erik	}
273			} else {
274	50cafcf3	Ermal	$last_backup = discover_last_backup();
275	1e0b1727	Phil Davis	if ($last_backup) {
276	50cafcf3	Ermal	log_error("No config.xml found, attempting last known config restore.");
277	4816e5ca	Renato Botelho	file_notice("config.xml", gettext("No config.xml found, attempting last known config restore."), "pfSenseConfigurator", "");
278	50cafcf3	Ermal	restore_backup("/cf/conf/backup/{$last_backup}");
279			}
280	1e0b1727	Phil Davis	if (!file_exists("{$g['conf_path']}/config.xml")) {
281	4816e5ca	Renato Botelho	echo sprintf(gettext("XML configuration file not found. %s cannot continue booting."), $g['product_name']) . "\n";
282	02e9880e	Ermal	unlock($lockkey);
283	50cafcf3	Ermal	mwexec("/sbin/halt");
284			exit;
285			}
286	1c92c5b1	Stephen Beaver	log_error("Last known config found and restored. Please double check the configuration file for accuracy.");
287			file_notice("config.xml", gettext("Last known config found and restored. Please double check the configuration file for accuracy."), "pfSenseConfigurator", "");
288	12df7edc	Erik	}
289	50cafcf3	Ermal	} else {
290			unlock($lockkey);
291	b5e8282d	Ermal	log_error(gettext("Could not find a usable configuration file! Exiting...."));
292	50cafcf3	Ermal	exit(0);
293	12df7edc	Erik	}
294			}
295	50cafcf3	Ermal
296	12df7edc	Erik	if (filesize("{$g['conf_path']}/config.xml") == 0) {
297			$last_backup = discover_last_backup();
298	1e0b1727	Phil Davis	if ($last_backup) {
299	4e038d31	Carlos Eduardo Ramos	log_error(gettext("No config.xml found, attempting last known config restore."));
300			file_notice("config.xml", gettext("No config.xml found, attempting last known config restore."), "pfSenseConfigurator", "");
301	12df7edc	Erik	restore_backup("{$g['conf_path']}/backup/{$last_backup}");
302			} else {
303			unlock($lockkey);
304	4e038d31	Carlos Eduardo Ramos	die(gettext("Config.xml is corrupted and is 0 bytes. Could not restore a previous backup."));
305	12df7edc	Erik	}
306			}
307			unlock($lockkey);
308
309	89adb2f3	Ermal	$config = parse_config(true);
310
311	12df7edc	Erik	if ((float)$config['version'] > (float)$g['latest_config']) {
312			echo <<<EOD
313
314
315			*******************************************************************************
316			* WARNING! *
317			* The current configuration has been created with a newer version of {$g['product_name']} *
318			* than this one! This can lead to serious misbehavior and even security *
319			* holes! You are urged to either upgrade to a newer version of {$g['product_name']} or *
320			* revert to the default configuration immediately! *
321			*******************************************************************************
322
323
324			EOD;
325			}
326
327			/* make alias table (for faster lookups) */
328			alias_make_table($config);
329			}
330
331			/***f config/conf_mount_rw
332			* NAME
333			* conf_mount_rw - Mount filesystems read/write.
334			* RESULT
335			* null
336			******/
337			/* mount flash card read/write */
338	63e18082	jim-p	function conf_mount_rw() {
339	7b229013	jim-p	global $g, $config;
340	12df7edc	Erik
341			/* do not mount on cdrom platform */
342	2344bed4	Renato Botelho	if ($g['platform'] == "cdrom" or $g['platform'] == $g['product_name']) {
343	12df7edc	Erik	return;
344	1e0b1727	Phil Davis	}
345	a45e27ba	Ermal
346	1e0b1727	Phil Davis	if ((refcount_reference(1000) > 1) && is_writable("/")) {
347	12df7edc	Erik	return;
348	1e0b1727	Phil Davis	}
349	12df7edc	Erik
350	e8567e89	jim-p	$status = mwexec("/sbin/mount -u -w -o sync,noatime {$g['cf_path']}");
351	1e0b1727	Phil Davis	if ($status <> 0) {
352			if (platform_booting()) {
353	d32c16bc	Ermal LUÇI	echo gettext("/cf Filesystem is dirty.") . "\n";
354	1e0b1727	Phil Davis	}
355	e8567e89	jim-p	$status = mwexec("/sbin/mount -u -w -o sync,noatime {$g['cf_path']}");
356	12df7edc	Erik	}
357
358	2344bed4	Renato Botelho	/* if the platform is soekris or wrap or $product, lets mount the
359	12df7edc	Erik	* compact flash cards root.
360	1e0b1727	Phil Davis	*/
361	e8567e89	jim-p	$status = mwexec("/sbin/mount -u -w -o sync,noatime /");
362	d32c16bc	Ermal LUÇI	/* we could not mount this correctly. */
363	1e0b1727	Phil Davis	if ($status <> 0) {
364	d32c16bc	Ermal LUÇI	log_error(gettext("/ File system is dirty."));
365	e8567e89	jim-p	$status = mwexec("/sbin/mount -u -w -o sync,noatime /");
366	12df7edc	Erik	}
367	1e0b1727	Phil Davis
368	12df7edc	Erik	mark_subsystem_dirty('mount');
369			}
370
371			/***f config/conf_mount_ro
372			* NAME
373			* conf_mount_ro - Mount filesystems readonly.
374			* RESULT
375			* null
376			******/
377	63e18082	jim-p	function conf_mount_ro() {
378	7b229013	jim-p	global $g, $config;
379	12df7edc	Erik
380	7a5ab9e2	Chris Buechler	// do nothing here. redmine #6184
381			return;
382
383	2de8d745	jim-p	/* Do not trust $g['platform'] since this can be clobbered during factory reset. */
384			$platform = trim(file_get_contents("/etc/platform"));
385	23f0ca50	Ermal Lu?i	/* do not umount on cdrom or pfSense platforms */
386	2344bed4	Renato Botelho	if ($platform == "cdrom" or $platform == $g['product_name']) {
387	23f0ca50	Ermal Lu?i	return;
388	1e0b1727	Phil Davis	}
389	23f0ca50	Ermal Lu?i
390	1e0b1727	Phil Davis	if (refcount_unreference(1000) > 0) {
391	52f4c092	Scott Ullrich	return;
392	1e0b1727	Phil Davis	}
393	52f4c092	Scott Ullrich
394	1e0b1727	Phil Davis	if (isset($config['system']['nanobsd_force_rw'])) {
395	b8250344	Renato Botelho	return;
396	1e0b1727	Phil Davis	}
397	b8250344	Renato Botelho
398	1e0b1727	Phil Davis	if (platform_booting()) {
399	12df7edc	Erik	return;
400	1e0b1727	Phil Davis	}
401	12df7edc	Erik
402			clear_subsystem_dirty('mount');
403			/* sync data, then force a remount of /cf */
404	d0577bd2	Renato Botelho	pfSense_fsync($g['cf_path']);
405	e8567e89	jim-p	mwexec("/sbin/mount -u -r -f -o sync,noatime {$g['cf_path']}");
406			mwexec("/sbin/mount -u -r -f -o sync,noatime /");
407	12df7edc	Erik	}
408
409			/***f config/convert_config
410			* NAME
411			* convert_config - Attempt to update config.xml.
412			* DESCRIPTION
413			* convert_config() reads the current global configuration
414			* and attempts to convert it to conform to the latest
415			* config.xml version. This allows major formatting changes
416			* to be made with a minimum of breakage.
417			* RESULT
418			* null
419			******/
420			/* convert configuration, if necessary */
421			function convert_config() {
422			global $config, $g;
423			$now = date("H:i:s");
424	4e038d31	Carlos Eduardo Ramos	log_error(sprintf(gettext("Start Configuration upgrade at %s, set execution timeout to 15 minutes"), $now));
425	59cfe65d	Ermal	//ini_set("max_execution_time", "900");
426	12df7edc	Erik
427			/* special case upgrades */
428			/* fix every minute crontab bogons entry */
429	32a9eb18	Ermal	if (is_array($config['cron'])) {
430			$cron_item_count = count($config['cron']['item']);
431	086cf944	Phil Davis	for ($x = 0; $x < $cron_item_count; $x++) {
432	1e0b1727	Phil Davis	if (stristr($config['cron']['item'][$x]['command'], "rc.update_bogons.sh")) {
433	086cf944	Phil Davis	if ($config['cron']['item'][$x]['hour'] == "*") {
434	1e0b1727	Phil Davis	$config['cron']['item'][$x]['hour'] = "3";
435	32a9eb18	Ermal	write_config(gettext("Updated bogon update frequency to 3am"));
436			log_error(gettext("Updated bogon update frequency to 3am"));
437	1e0b1727	Phil Davis	}
438	32a9eb18	Ermal	}
439	12df7edc	Erik	}
440			}
441	1e0b1727	Phil Davis	if ($config['version'] == $g['latest_config']) {
442	12df7edc	Erik	return; /* already at latest version */
443	1e0b1727	Phil Davis	}
444	12df7edc	Erik
445			// Save off config version
446			$prev_version = $config['version'];
447	1e0b1727	Phil Davis
448	b96cad97	Seth Mos	include_once('auth.inc');
449	12df7edc	Erik	include_once('upgrade_config.inc');
450	1e0b1727	Phil Davis	if (file_exists("/etc/inc/upgrade_config_custom.inc")) {
451	e58da189	Ermal	include_once("upgrade_config_custom.inc");
452	1e0b1727	Phil Davis	}
453	12df7edc	Erik	/* Loop and run upgrade_VER_to_VER() until we're at current version */
454			while ($config['version'] < $g['latest_config']) {
455			$cur = $config['version'] * 10;
456			$next = $cur + 1;
457			$migration_function = sprintf('upgrade_%03d_to_%03d', $cur, $next);
458	1e0b1727	Phil Davis	if (function_exists($migration_function)) {
459	cb0e3f8e	Ermal	$migration_function();
460	1e0b1727	Phil Davis	}
461	e58da189	Ermal	$migration_function = "{$migration_function}_custom";
462	1e0b1727	Phil Davis	if (function_exists($migration_function)) {
463	e58da189	Ermal	$migration_function();
464	1e0b1727	Phil Davis	}
465	12df7edc	Erik	$config['version'] = sprintf('%.1f', $next / 10);
466	1e0b1727	Phil Davis	if (platform_booting()) {
467	92cf9fcd	sullrich	echo ".";
468	1e0b1727	Phil Davis	}
469	12df7edc	Erik	}
470
471			$now = date("H:i:s");
472	4e038d31	Carlos Eduardo Ramos	log_error(sprintf(gettext("Ended Configuration upgrade at %s"), $now));
473	12df7edc	Erik
474	1e0b1727	Phil Davis	if ($prev_version != $config['version']) {
475	addc0439	Renato Botelho	write_config(sprintf(gettext('Upgraded config version level from %1$s to %2$s'), $prev_version, $config['version']));
476	1e0b1727	Phil Davis	}
477	12df7edc	Erik	}
478
479	ddd42db3	Ermal Lu?i	/***f config/safe_write_file
480			* NAME
481			* safe_write_file - Write a file out atomically
482			* DESCRIPTION
483			* safe_write_file() Writes a file out atomically by first writing to a
484			* temporary file of the same name but ending with the pid of the current
485			* process, them renaming the temporary file over the original.
486			* INPUTS
487			* $filename - string containing the filename of the file to write
488	952ff2cb	Renato Botelho	* $content - string or array containing the file content to write to file
489	ddd42db3	Ermal Lu?i	* $force_binary - boolean denoting whether we should force binary
490			* mode writing.
491			* RESULT
492			* boolean - true if successful, false if not
493			******/
494	e9c60f20	Renato Botelho	function safe_write_file($file, $content, $force_binary = false) {
495	628d1548	Ermal	$tmp_file = $file . "." . getmypid();
496			$write_mode = $force_binary ? "wb" : "w";
497	ddd42db3	Ermal Lu?i
498	628d1548	Ermal	$fd = fopen($tmp_file, $write_mode);
499			if (!$fd) {
500			// Unable to open temporary file for writing
501			return false;
502	1e0b1727	Phil Davis	}
503	952ff2cb	Renato Botelho	if (is_array($content)) {
504			foreach ($content as $line) {
505			if (!fwrite($fd, $line . "\n")) {
506			// Unable to write to temporary file
507			fclose($fd);
508			return false;
509			}
510			}
511			} elseif (!fwrite($fd, $content)) {
512	628d1548	Ermal	// Unable to write to temporary file
513	00bc5bcc	Scott Ullrich	fclose($fd);
514	628d1548	Ermal	return false;
515			}
516			fflush($fd);
517			fclose($fd);
518	ddd42db3	Ermal Lu?i
519	a83602e8	Renato Botelho	if (!pfSense_fsync($tmp_file) \|\| !rename($tmp_file, $file)) {
520	628d1548	Ermal	// Unable to move temporary file to original
521			@unlink($tmp_file);
522			return false;
523			}
524	00bc5bcc	Scott Ullrich
525	628d1548	Ermal	// Sync file before returning
526	8a811010	Chris Buechler	return pfSense_fsync($file);
527	ddd42db3	Ermal Lu?i	}
528
529	12df7edc	Erik	/***f config/write_config
530			* NAME
531			* write_config - Backup and write the firewall configuration.
532			* DESCRIPTION
533			* write_config() handles backing up the current configuration,
534			* applying changes, and regenerating the configuration cache.
535			* INPUTS
536			* $desc - string containing the a description of configuration changes
537			* $backup - boolean: do not back up current configuration if false.
538	f5315ac1	NOYB	* $write_config_only - boolean: do not sync or reload anything; just save the configuration if true.
539	12df7edc	Erik	* RESULT
540			* null
541			******/
542			/* save the system configuration */
543	429e0911	NOYB	function write_config($desc="Unknown", $backup = true, $write_config_only = false) {
544	12df7edc	Erik	global $config, $g;
545
546	a74260cb	jim-p	if (!empty($_SERVER['REMOTE_ADDR'])) {
547	1e0b1727	Phil Davis	if (!session_id()) {
548	a74260cb	jim-p	@session_start();
549	1e0b1727	Phil Davis	}
550	cf0dae69	Ermal	if (!empty($_SESSION['Username']) && ($_SESSION['Username'] != "admin")) {
551			$user = getUserEntry($_SESSION['Username']);
552			if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) {
553			session_commit();
554			return false;
555			}
556	4111fcf5	Ermal	}
557	170cb2bc	jim-p	}
558	4111fcf5	Ermal
559	1e0b1727	Phil Davis	if (!isset($argc)) {
560	9d584d5d	Ermal	session_commit();
561	1e0b1727	Phil Davis	}
562	4111fcf5	Ermal
563	1e0b1727	Phil Davis	if ($backup) {
564	12df7edc	Erik	backup_config();
565	1e0b1727	Phil Davis	}
566	12df7edc	Erik
567	ba1d9714	jim-p	$config['revision'] = make_config_revision_entry($desc);
568	12df7edc	Erik
569	b6c34bfc	Ermal	conf_mount_rw();
570			$lockkey = lock('config', LOCK_EX);
571	12df7edc	Erik
572			/* generate configuration XML */
573			$xmlconfig = dump_xml_config($config, $g['xml_rootobj']);
574
575	41bf8e8e	Scott Ullrich	/* write new configuration */
576	e9c60f20	Renato Botelho	if (!safe_write_file("{$g['cf_conf_path']}/config.xml", $xmlconfig)) {
577	89a8d28e	Chris Buechler	log_error(gettext("WARNING: Config contents could not be saved. Could not open file!"));
578	12df7edc	Erik	unlock($lockkey);
579	4e038d31	Carlos Eduardo Ramos	file_notice("config.xml", sprintf(gettext("Unable to open %s/config.xml for writing in write_config()%s"), $g['cf_conf_path'], "\n"));
580	541989d5	Ermal	return -1;
581	e5977136	Scott Ullrich	}
582	1e0b1727	Phil Davis
583	e1ebe9e2	jim-p	cleanup_backupcache(true);
584	12df7edc	Erik
585			/* re-read configuration */
586	541989d5	Ermal	/* NOTE: We assume that the file can be parsed since we wrote it. */
587	12df7edc	Erik	$config = parse_xml_config("{$g['conf_path']}/config.xml", $g['xml_rootobj']);
588	e490f995	Ermal	if ($config == -1) {
589	557300a7	jim-p	copy("{$g['conf_path']}/config.xml", "{$g['conf_path']}/config.xml.bad");
590	e490f995	Ermal	$last_backup = discover_last_backup();
591	557300a7	jim-p	if ($last_backup) {
592	e490f995	Ermal	restore_backup("/cf/conf/backup/{$last_backup}");
593	557300a7	jim-p	$config = parse_xml_config("{$g['conf_path']}/config.xml", $g['xml_rootobj']);
594	285ef132	Ermal LUÇI	if (platform_booting()) {
595	557300a7	jim-p	echo "\n\n ************ WARNING ************";
596	6177fd92	jim-p	echo "\n\n Configuration could not be validated. A previous configuration was restored. \n";
597	05d5503b	Ermal	echo "\n The failed configuration file has been saved as {$g['conf_path']}/config.xml.bad \n\n";
598	557300a7	jim-p	}
599	1e0b1727	Phil Davis	} else {
600	e490f995	Ermal	log_error(gettext("Could not restore config.xml."));
601	1e0b1727	Phil Davis	}
602			} else {
603	e490f995	Ermal	generate_config_cache($config);
604	1e0b1727	Phil Davis	}
605	12df7edc	Erik
606			unlock($lockkey);
607
608	429e0911	NOYB	if ($write_config_only) {
609			/* tell kernel to sync fs data */
610			conf_mount_ro();
611			return $config;
612			}
613
614	12df7edc	Erik	unlink_if_exists("/usr/local/pkg/pf/carp_sync_client.php");
615	16b96ea6	Scott Ullrich
616	b6c34bfc	Ermal	/* tell kernel to sync fs data */
617			conf_mount_ro();
618
619	12df7edc	Erik	/* sync carp entries to other firewalls */
620	16b96ea6	Scott Ullrich	carp_sync_client();
621	12df7edc	Erik
622	1e0b1727	Phil Davis	if (is_dir("/usr/local/pkg/write_config")) {
623	12df7edc	Erik	/* process packager manager custom rules */
624			run_plugins("/usr/local/pkg/write_config/");
625			}
626
627			return $config;
628			}
629
630			/***f config/reset_factory_defaults
631			* NAME
632			* reset_factory_defaults - Reset the system to its default configuration.
633			* RESULT
634			* integer - indicates completion
635			******/
636	7d7da5e5	Phil Davis	function reset_factory_defaults($lock = false, $reboot_required = true) {
637	12df7edc	Erik	global $g;
638
639	961884ae	Renato Botelho	conf_mount_rw();
640	7222324e	Renato Botelho
641	961884ae	Renato Botelho	/* Remove all additional packages */
642	5e8c3fa0	Renato Botelho	mwexec("/bin/sh /usr/local/sbin/{$g['product_name']}-upgrade " .
643			"-r ALL_PACKAGES");
644	7222324e	Renato Botelho
645	1e0b1727	Phil Davis	if (!$lock) {
646	b6c34bfc	Ermal	$lockkey = lock('config', LOCK_EX);
647	1e0b1727	Phil Davis	}
648	12df7edc	Erik
649			/* create conf directory, if necessary */
650	5e8c3fa0	Renato Botelho	safe_mkdir($g['cf_conf_path']);
651	12df7edc	Erik
652			/* clear out /conf */
653			$dh = opendir($g['conf_path']);
654			while ($filename = readdir($dh)) {
655	5e8c3fa0	Renato Botelho	if (($filename != ".") && ($filename != "..") &&
656			(!is_dir($g['conf_path'] . "/" . $filename))) {
657	12df7edc	Erik	unlink_if_exists($g['conf_path'] . "/" . $filename);
658			}
659			}
660			closedir($dh);
661	63dd9f08	Ermal	unlink_if_exists($g['tmp_path'] . "/config.cache");
662	12df7edc	Erik
663			/* copy default configuration */
664	5e8c3fa0	Renato Botelho	copy("{$g['conf_default_path']}/config.xml",
665			"{$g['cf_conf_path']}/config.xml");
666	12df7edc	Erik
667	0f806eca	Erik Fonnesbeck	disable_security_checks();
668
669	12df7edc	Erik	/* call the wizard */
670	7d7da5e5	Phil Davis	if ($reboot_required) {
671			// If we need a reboot first then touch a different trigger file.
672			touch("/conf/trigger_initial_wizard_after_reboot");
673			} else {
674			touch("/conf/trigger_initial_wizard");
675			}
676	1e0b1727	Phil Davis	if (!$lock) {
677	12df7edc	Erik	unlock($lockkey);
678	1e0b1727	Phil Davis	}
679	b6c34bfc	Ermal	conf_mount_ro();
680	673966e4	jim-p	setup_serial_port();
681	12df7edc	Erik	return 0;
682			}
683
684			function config_restore($conffile) {
685			global $config, $g;
686
687	1e0b1727	Phil Davis	if (!file_exists($conffile)) {
688	12df7edc	Erik	return 1;
689	1e0b1727	Phil Davis	}
690	12df7edc	Erik
691			backup_config();
692
693	f2087c85	Scott Ullrich	conf_mount_rw();
694	1e0b1727	Phil Davis
695	b6c34bfc	Ermal	$lockkey = lock('config', LOCK_EX);
696	12df7edc	Erik
697			unlink_if_exists("{$g['tmp_path']}/config.cache");
698	e490f995	Ermal	copy($conffile, "{$g['cf_conf_path']}/config.xml");
699	12df7edc	Erik
700	0f806eca	Erik Fonnesbeck	disable_security_checks();
701
702	12df7edc	Erik	unlock($lockkey);
703
704			$config = parse_config(true);
705
706			conf_mount_ro();
707
708	d18f3f6e	Phil Davis	write_config(sprintf(gettext("Reverted to %s."), array_pop(explode("/", $conffile))), false);
709	e296b183	Ermal Lu?i
710	12df7edc	Erik	return 0;
711			}
712
713			function config_install($conffile) {
714			global $config, $g;
715
716	1e0b1727	Phil Davis	if (!file_exists($conffile)) {
717	12df7edc	Erik	return 1;
718	1e0b1727	Phil Davis	}
719	12df7edc	Erik
720	1e0b1727	Phil Davis	if (!config_validate("{$conffile}")) {
721	12df7edc	Erik	return 1;
722	1e0b1727	Phil Davis	}
723	12df7edc	Erik
724	1e0b1727	Phil Davis	if (platform_booting()) {
725	4e038d31	Carlos Eduardo Ramos	echo gettext("Installing configuration...") . "\n";
726	1e0b1727	Phil Davis	} else {
727	4e038d31	Carlos Eduardo Ramos	log_error(gettext("Installing configuration ...."));
728	1e0b1727	Phil Davis	}
729	12df7edc	Erik
730			conf_mount_rw();
731	b6c34bfc	Ermal	$lockkey = lock('config', LOCK_EX);
732	12df7edc	Erik
733			copy($conffile, "{$g['conf_path']}/config.xml");
734
735	0f806eca	Erik Fonnesbeck	disable_security_checks();
736
737	12df7edc	Erik	/* unlink cache file if it exists */
738	1e0b1727	Phil Davis	if (file_exists("{$g['tmp_path']}/config.cache")) {
739	12df7edc	Erik	unlink("{$g['tmp_path']}/config.cache");
740	1e0b1727	Phil Davis	}
741	12df7edc	Erik
742			unlock($lockkey);
743			conf_mount_ro();
744
745	1e0b1727	Phil Davis	return 0;
746	12df7edc	Erik	}
747
748	0f806eca	Erik Fonnesbeck	/*
749			* Disable security checks for DNS rebind and HTTP referrer until next time
750			* they pass (or reboot), to aid in preventing accidental lockout when
751			* restoring settings like hostname, domain, IP addresses, and settings
752			* related to the DNS rebind and HTTP referrer checks.
753			* Intended for use when restoring a configuration or directly
754			* modifying config.xml without an unconditional reboot.
755			*/
756			function disable_security_checks() {
757			global $g;
758			touch("{$g['tmp_path']}/disable_security_checks");
759			}
760
761			/* Restores security checks. Should be called after all succeed. */
762			function restore_security_checks() {
763			global $g;
764			unlink_if_exists("{$g['tmp_path']}/disable_security_checks");
765			}
766
767			/* Returns status of security check temporary disable. */
768			function security_checks_disabled() {
769			global $g;
770			return file_exists("{$g['tmp_path']}/disable_security_checks");
771			}
772
773	12df7edc	Erik	function config_validate($conffile) {
774
775			global $g, $xmlerr;
776
777			$xml_parser = xml_parser_create();
778
779			if (!($fp = fopen($conffile, "r"))) {
780	4e038d31	Carlos Eduardo Ramos	$xmlerr = gettext("XML error: unable to open file");
781	12df7edc	Erik	return false;
782			}
783
784			while ($data = fread($fp, 4096)) {
785			if (!xml_parse($xml_parser, $data, feof($fp))) {
786	addc0439	Renato Botelho	$xmlerr = sprintf(gettext('%1$s at line %2$d'),
787	12df7edc	Erik	xml_error_string(xml_get_error_code($xml_parser)),
788			xml_get_current_line_number($xml_parser));
789			return false;
790			}
791			}
792			xml_parser_free($xml_parser);
793
794			fclose($fp);
795
796			return true;
797			}
798
799	e1ebe9e2	jim-p	function cleanup_backupcache($lock = false) {
800	8c5b9920	jim-p	global $config, $g;
801	12df7edc	Erik	$i = false;
802	e1ebe9e2	jim-p
803	3d256eb1	stilez	$revisions = intval(is_numericint($config['system']['backupcount']) ? $config['system']['backupcount'] : $g['default_config_backup_count']);
804	e1ebe9e2	jim-p
805	1e0b1727	Phil Davis	if (!$lock) {
806	12df7edc	Erik	$lockkey = lock('config');
807	1e0b1727	Phil Davis	}
808	cd25a2b2	jim-p
809			conf_mount_rw();
810
811			$backups = get_backups();
812			if ($backups) {
813	12df7edc	Erik	$baktimes = $backups['versions'];
814			unset($backups['versions']);
815	cd25a2b2	jim-p	} else {
816			$backups = array();
817			$baktimes = array();
818			}
819			$newbaks = array();
820			$bakfiles = glob($g['cf_conf_path'] . "/backup/config-*");
821			$tocache = array();
822	12df7edc	Erik
823	1e0b1727	Phil Davis	foreach ($bakfiles as $backup) { // Check for backups in the directory not represented in the cache.
824	bfe615ee	jim-p	$backupsize = filesize($backup);
825	1e0b1727	Phil Davis	if ($backupsize == 0) {
826	cd25a2b2	jim-p	unlink($backup);
827			continue;
828			}
829	b3bbed58	Ermal LUÇI	$backupexp = explode('-', $backup);
830			$backupexp = explode('.', array_pop($backupexp));
831			$tocheck = array_shift($backupexp);
832			unset($backupexp);
833	1e0b1727	Phil Davis	if (!in_array($tocheck, $baktimes)) {
834	cd25a2b2	jim-p	$i = true;
835	1e0b1727	Phil Davis	if (platform_booting()) {
836	cd25a2b2	jim-p	echo ".";
837	1e0b1727	Phil Davis	}
838	990d7c03	Erik Fonnesbeck	$newxml = parse_xml_config($backup, array($g['xml_rootobj'], 'pfsense'));
839	1e0b1727	Phil Davis	if ($newxml == "-1") {
840	4e038d31	Carlos Eduardo Ramos	log_error(sprintf(gettext("The backup cache file %s is corrupted. Unlinking."), $backup));
841	cd25a2b2	jim-p	unlink($backup);
842	4e038d31	Carlos Eduardo Ramos	log_error(sprintf(gettext("The backup cache file %s is corrupted. Unlinking."), $backup));
843	cd25a2b2	jim-p	continue;
844	12df7edc	Erik	}
845	1e0b1727	Phil Davis	if ($newxml['revision']['description'] == "") {
846	cd25a2b2	jim-p	$newxml['revision']['description'] = "Unknown";
847	1e0b1727	Phil Davis	}
848			if ($newxml['version'] == "") {
849	92420c0a	jim-p	$newxml['version'] = "?";
850	1e0b1727	Phil Davis	}
851	bfe615ee	jim-p	$tocache[$tocheck] = array('description' => $newxml['revision']['description'], 'version' => $newxml['version'], 'filesize' => $backupsize);
852	12df7edc	Erik	}
853	cd25a2b2	jim-p	}
854	1e0b1727	Phil Davis	foreach ($backups as $checkbak) {
855			if (count(preg_grep('/' . $checkbak['time'] . '/i', $bakfiles)) != 0) {
856	cd25a2b2	jim-p	$newbaks[] = $checkbak;
857			} else {
858			$i = true;
859	285ef132	Ermal LUÇI	if (platform_booting()) print " " . $tocheck . "r";
860	cd25a2b2	jim-p	}
861			}
862	1e0b1727	Phil Davis	foreach ($newbaks as $todo) {
863			$tocache[$todo['time']] = array('description' => $todo['description'], 'version' => $todo['version'], 'filesize' => $todo['filesize']);
864			}
865			if (is_int($revisions) and (count($tocache) > $revisions)) {
866	cd25a2b2	jim-p	$toslice = array_slice(array_keys($tocache), 0, $revisions);
867	1e0b1727	Phil Davis	foreach ($toslice as $sliced) {
868	cd25a2b2	jim-p	$newcache[$sliced] = $tocache[$sliced];
869	1e0b1727	Phil Davis	}
870			foreach ($tocache as $version => $versioninfo) {
871			if (!in_array($version, array_keys($newcache))) {
872	cd25a2b2	jim-p	unlink_if_exists($g['conf_path'] . '/backup/config-' . $version . '.xml');
873	12df7edc	Erik	}
874			}
875	cd25a2b2	jim-p	$tocache = $newcache;
876	12df7edc	Erik	}
877	cd25a2b2	jim-p	$bakout = fopen($g['cf_conf_path'] . '/backup/backup.cache', "w");
878			fwrite($bakout, serialize($tocache));
879			fclose($bakout);
880	8a811010	Chris Buechler	pfSense_fsync("{$g['cf_conf_path']}/backup/backup.cache");
881	cd25a2b2	jim-p	conf_mount_ro();
882
883	1e0b1727	Phil Davis	if (!$lock) {
884	12df7edc	Erik	unlock($lockkey);
885	1e0b1727	Phil Davis	}
886	12df7edc	Erik	}
887
888			function get_backups() {
889			global $g;
890	1e0b1727	Phil Davis	if (file_exists("{$g['cf_conf_path']}/backup/backup.cache")) {
891	12df7edc	Erik	$confvers = unserialize(file_get_contents("{$g['cf_conf_path']}/backup/backup.cache"));
892			$bakvers = array_keys($confvers);
893			$toreturn = array();
894			sort($bakvers);
895			// $bakvers = array_reverse($bakvers);
896	1e0b1727	Phil Davis	foreach (array_reverse($bakvers) as $bakver) {
897	bfe615ee	jim-p	$toreturn[] = array('time' => $bakver, 'description' => $confvers[$bakver]['description'], 'version' => $confvers[$bakver]['version'], 'filesize' => $confvers[$bakver]['filesize']);
898	1e0b1727	Phil Davis	}
899	12df7edc	Erik	} else {
900			return false;
901			}
902			$toreturn['versions'] = $bakvers;
903			return $toreturn;
904			}
905
906			function backup_config() {
907			global $config, $g;
908
909	1e0b1727	Phil Davis	if ($g['platform'] == "cdrom") {
910	12df7edc	Erik	return;
911	1e0b1727	Phil Davis	}
912	12df7edc	Erik
913			conf_mount_rw();
914
915			/* Create backup directory if needed */
916			safe_mkdir("{$g['cf_conf_path']}/backup");
917	1e0b1727	Phil Davis	if ($config['revision']['time'] == "") {
918			$baktime = 0;
919			} else {
920			$baktime = $config['revision']['time'];
921			}
922	8a811010	Chris Buechler
923	1e0b1727	Phil Davis	if ($config['revision']['description'] == "") {
924			$bakdesc = "Unknown";
925			} else {
926			$bakdesc = $config['revision']['description'];
927			}
928	8059f9cb	jim-p
929			$bakver = ($config['version'] == "") ? "?" : $config['version'];
930	bfe615ee	jim-p	$bakfilename = $g['cf_conf_path'] . '/backup/config-' . $baktime . '.xml';
931			copy($g['cf_conf_path'] . '/config.xml', $bakfilename);
932	8a811010	Chris Buechler
933	1e0b1727	Phil Davis	if (file_exists($g['cf_conf_path'] . '/backup/backup.cache')) {
934			$backupcache = unserialize(file_get_contents($g['cf_conf_path'] . '/backup/backup.cache'));
935			} else {
936			$backupcache = array();
937			}
938	bfe615ee	jim-p	$backupcache[$baktime] = array('description' => $bakdesc, 'version' => $bakver, 'filesize' => filesize($bakfilename));
939	1e0b1727	Phil Davis	$bakout = fopen($g['cf_conf_path'] . '/backup/backup.cache', "w");
940			fwrite($bakout, serialize($backupcache));
941			fclose($bakout);
942	8a811010	Chris Buechler	pfSense_fsync("{$g['cf_conf_path']}/backup/backup.cache");
943	12df7edc	Erik
944			conf_mount_ro();
945
946			return true;
947			}
948
949			function set_device_perms() {
950			$devices = array(
951	6c07db48	Phil Davis	'pf' => array(
952			'user' => 'root',
953			'group' => 'proxy',
954			'mode' => 0660),
955	12df7edc	Erik	);
956
957			foreach ($devices as $name => $attr) {
958			$path = "/dev/$name";
959			if (file_exists($path)) {
960			chown($path, $attr['user']);
961			chgrp($path, $attr['group']);
962			chmod($path, $attr['mode']);
963			}
964			}
965			}
966
967	ba1d9714	jim-p	function get_config_user() {
968			if (empty($_SESSION["Username"])) {
969	362ec35d	Ermal	$username = getenv("USER");
970	1e0b1727	Phil Davis	if (empty($conuser) \|\| $conuser == "root") {
971	ba1d9714	jim-p	$username = "(system)";
972	1e0b1727	Phil Davis	}
973			} else {
974	ba1d9714	jim-p	$username = $_SESSION["Username"];
975	1e0b1727	Phil Davis	}
976	ba1d9714	jim-p
977	1e0b1727	Phil Davis	if (!empty($_SERVER['REMOTE_ADDR'])) {
978	ba1d9714	jim-p	$username .= '@' . $_SERVER['REMOTE_ADDR'];
979	1e0b1727	Phil Davis	}
980	ba1d9714	jim-p
981			return $username;
982			}
983
984			function make_config_revision_entry($desc = null, $override_user = null) {
985	1e0b1727	Phil Davis	if (empty($override_user)) {
986	ba1d9714	jim-p	$username = get_config_user();
987	1e0b1727	Phil Davis	} else {
988	ba1d9714	jim-p	$username = $override_user;
989	1e0b1727	Phil Davis	}
990	ba1d9714	jim-p
991			$revision = array();
992
993	1e0b1727	Phil Davis	if (time() > mktime(0, 0, 0, 9, 1, 2004)) { /* make sure the clock settings are plausible */
994	ba1d9714	jim-p	$revision['time'] = time();
995	1e0b1727	Phil Davis	}
996	ba1d9714	jim-p
997			/* Log the running script so it's not entirely unlogged what changed */
998	1e0b1727	Phil Davis	if ($desc == "Unknown") {
999	ba1d9714	jim-p	$desc = sprintf(gettext("%s made unknown change"), $_SERVER['SCRIPT_NAME']);
1000	1e0b1727	Phil Davis	}
1001			if (!empty($desc)) {
1002	ba1d9714	jim-p	$revision['description'] = "{$username}: " . $desc;
1003	1e0b1727	Phil Davis	}
1004	ba1d9714	jim-p	$revision['username'] = $username;
1005			return $revision;
1006			}
1007
1008	00e55088	Ermal	function pfSense_clear_globals() {
1009			global $config, $FilterIfList, $GatewaysList, $filterdns, $aliases, $aliastable;
1010
1011	be2d7eb7	Chris Buechler	$error = error_get_last();
1012	1e0b1727	Phil Davis
1013			if ($error !== NULL) {
1014	e102e1d9	PiBa-NL	if (in_array($error['type'], array(E_ERROR, E_COMPILE_ERROR, E_CORE_ERROR, E_RECOVERABLE_ERROR))) {
1015	be2d7eb7	Chris Buechler	$errorstr = "PHP ERROR: Type: {$error['type']}, File: {$error['file']}, Line: {$error['line']}, Message: {$error['message']}";
1016	b3f2f476	PiBa-NL	print($errorstr);
1017			log_error($errorstr);
1018	e102e1d9	PiBa-NL	file_notice("phperror", $errorstr, 'PHP errors');
1019	6c07db48	Phil Davis	} else if ($error['type'] != E_NOTICE) {
1020	b3f2f476	PiBa-NL	$errorstr = "PHP WARNING: Type: {$error['type']}, File: {$error['file']}, Line: {$error['line']}, Message: {$error['message']}";
1021	e8e494f3	Chris Buechler	// XXX: comment out for now, should re-enable post-2.2
1022			//print($errorstr);
1023			//log_error($errorstr);
1024	e102e1d9	PiBa-NL	//file_notice("phpwarning", $errorstr, 'PHP warning');
1025	be2d7eb7	Chris Buechler	}
1026			}
1027
1028	1e0b1727	Phil Davis	if (isset($FilterIfList)) {
1029	00e55088	Ermal	unset($FilterIfList);
1030	1e0b1727	Phil Davis	}
1031	00e55088	Ermal
1032	1e0b1727	Phil Davis	if (isset($GatewaysList)) {
1033	00e55088	Ermal	unset($GatewaysList);
1034	1e0b1727	Phil Davis	}
1035	00e55088	Ermal
1036			/* Used for the hostname dns resolver */
1037	1e0b1727	Phil Davis	if (isset($filterdns)) {
1038	00e55088	Ermal	unset($filterdns);
1039	1e0b1727	Phil Davis	}
1040	00e55088	Ermal
1041			/* Used for aliases and interface macros */
1042	1e0b1727	Phil Davis	if (isset($aliases)) {
1043	00e55088	Ermal	unset($aliases);
1044	1e0b1727	Phil Davis	}
1045			if (isset($aliastable)) {
1046	00e55088	Ermal	unset($aliastable);
1047	1e0b1727	Phil Davis	}
1048	00e55088	Ermal
1049			unset($config);
1050			}
1051
1052			register_shutdown_function('pfSense_clear_globals');
1053
1054	09221bc3	Renato Botelho	?>

Project

General

Profile

pfSense