dns.cgi: Show error when trying to use ISP nameservers and TLS at the same time.

Because the ISP-assigned nameservers do not have any TLS-hostname
information they cannot be used, when TLS is activated.

They only can be used if they will be added as "regular" DNS servers
with a TLS-hostname.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

html/cgi-bin/dns.cgi

@@ -87,11 +87,20 @@ if ($cgiparams{'GENERAL'} eq $Lang::tr{'save'}) {
 		$cgiparams{'ENABLE_SAFE_SEARCH'} = "off";
 	}
 
-	# Store settings into settings file.
-	&General::writehash("$settings_file", \%cgiparams);
+	# Check if using ISP nameservers and TLS is enabled at the same time.
+	if (($cgiparams{'USE_ISP_NAMESERVERS'} eq "on") && ($cgiparams{'PROTO'} eq "TLS")) {
+		$errormessage = $Lang::tr{'dns isp nameservers and tls not allowed'}
+	}
 
-	# Call function to handle unbound restart, etc.
-	&_handle_unbound_and_more()
+	# Check if there was an error.
+	if ( ! $errormessage) {
+
+		# Store settings into settings file.
+		&General::writehash("$settings_file", \%cgiparams);
+
+		# Call function to handle unbound restart, etc.
+		&_handle_unbound_and_more()
+	}
 }
 
 ###

langs/en/cgi-bin/en.pl

@@ -852,6 +852,7 @@
 'dns forward disable dnssec' => 'Disable DNSSEC (dangerous)',
 'dns forwarding dnssec disabled notice' => '(DNSSEC disabled)',
 'dns header' => 'Assign DNS server addresses only for DHCP on red0',
+'dns isp nameservers and tls not allowed' => 'ISP-assigned DNS servers and TLS cannot be used at the same time.',
 'dns isp assigned nameserver' => 'ISP-assigned DNS server',
 'dns list' => 'List of free public DNS servers',
 'dns menu' => 'Assign DNS Server',