Project

General

Profile

« Previous | Next » 

Revision d6bbbf35

Added by Viktor Gurov over 3 years ago

Input validation to prevent removing a gateway if it is still in use by DNS servers. Fixes #8390

View differences:

src/etc/inc/gwlb.inc
1750 1750 
				}
1751 1751 
			}
1752 1752 
		}
1753 

  		




  
  1754
  
    
		// Check if the gateway name is used by any DNS Server


  		




  
  1755
  
    
		$dnsgw_counter = 1;


  		




  
  1756
  
    
		while (isset($config["system"]["dns{$dnsgw_counter}gw"])) {


  		




  
  1757
  
    
			if ($gateway_settings['name'] == $config["system"]["dns{$dnsgw_counter}gw"]) {


  		




  
  1758
  
    
				// The user wants to disable this gateway, but there is a static route to the DNS server that refers to the gateway.


  		




  
  1759
  
    
				$input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be disabled because it is in use by DNS Server "%2$s"'), $gateway_settings['name'], $config["system"]["dns{$dnsgw_counter}gw"]);


  		




  
  1760
  
    
			}


  		




  
  1761
  
    
			$dnsgw_counter++;


  		




  
  1762
  
    
		}


  		




  1753
  1763
  
    
	}


  		




  1754
  1764
  
    
	/* skip system gateways which have been automatically added */


  		




  1755
  1765
  
    
	if (($gateway_settings['gateway'] && (!is_ipaddr($gateway_settings['gateway'])) && ($gateway_settings['attribute'] !== "system")) && ($gateway_settings['gateway'] != "dynamic")) {


  		












  

    
      src/usr/local/www/system_gateways.php
    
  





  123
  123
  
    
		}


  		




  124
  124
  
    
	}


  		




  125
  125
  
    

  		




  
  126
  
    
	/* prevent removing a gateway if it's still in use by DNS servers


  		




  
  127
  
    
	 * see https://redmine.pfsense.org/issues/8390 */


  		




  
  128
  
    
	$dnsgw_counter = 1;


  		




  
  129
  
    
	init_config_arr(array('system', 'dnsserver'));


  		




  
  130
  
    
	foreach ($config['system']['dnsserver'] as $dnsserver) {


  		




  
  131
  
    
		if (isset($config["system"]["dns{$dnsgw_counter}gw"]) &&


  		




  
  132
  
    
		    ($a_gateways[$id]['name'] == $config["system"]["dns{$dnsgw_counter}gw"])) {


  		




  
  133
  
    
				if (!$disable) {


  		




  
  134
  
    
					// The user wants to delete this gateway, but there is a static route to the DNS server that refers to the gateway.


  		




  
  135
  
    
					$input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be deleted because it is in use by DNS Server "%2$s"'), $a_gateways[$id]['name'], $dnsserver);


  		




  
  136
  
    
				} else {


  		




  
  137
  
    
					// The user wants to disable this gateway, but there is a static route to the DNS server that refers to the gateway.


  		




  
  138
  
    
					$input_errors[] = sprintf(gettext('Gateway "%1$s" cannot be disabled because it is in use by DNS Server "%2$s"'), $a_gateways[$id]['name'], $dnsserver);


  		




  
  139
  
    
				}


  		




  
  140
  
    
		}


  		




  
  141
  
    
		$dnsgw_counter++;


  		




  
  142
  
    
	}


  		




  
  143
  
    

  		




  126
  144
  
    
	if (isset($input_errors)) {


  		




  127
  145
  
    
		return false;


  		




  128
  146
  
    
	}


  		












Also available in:  Unified diff