webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

OpenVPN: Valid til days is required with OpenVPN-2.4.x

Browse Source 
Check has been integrated that the OpenSSL maximum of '999999' valid days can not be exceeded.
Check for needed entry in 'Valid til days' field has been integrated.
Asterisk for 'Valid til days' field has been set to mark it as required field.

Signed-off-by: Erik Kapfer <erik.kapfer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Erik Kapfer
2018-06-15 08:35:13 +02:00
committed by Michael Tremer
parent 35db8d06fa
commit 425465ede9
1 changed files with 21 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
html/cgi-bin/ovpnmain.cgi
View File

@@ -3980,6 +3980,16 @@ if ($cgiparams{'TYPE'} eq 'net') {
goto VPNCONF_ERROR;
}
# Check for N2N that OpenSSL maximum of valid days will not be exceeded
if ($cgiparams{'TYPE'} eq 'net') {
if ($cgiparams{'DAYS_VALID'} >= '999999') {
$errormessage = $Lang::tr{'invalid input for valid till days'};
unlink ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}/$cgiparams{'NAME'}.conf") or die "Removing Configfile fail: $!";
rmdir ("${General::swroot}/ovpn/n2nconf/$cgiparams{'NAME'}") || die "Removing Directory fail: $!";
goto VPNCONF_ERROR;
}
}
if ($cgiparams{'ENABLED'} !~ /^(on|off)$/) {
$errormessage = $Lang::tr{'invalid input'};
goto VPNCONF_ERROR;
@@ -4157,11 +4167,19 @@ if ($cgiparams{'TYPE'} eq 'net') {
$errormessage = $Lang::tr{'passwords do not match'};
goto VPNCONF_ERROR;
}
if ($cgiparams{'DAYS_VALID'} ne '' && $cgiparams{'DAYS_VALID'} !~ /^[0-9]+$/) {
if ($cgiparams{'DAYS_VALID'} eq '' && $cgiparams{'DAYS_VALID'} !~ /^[0-9]+$/) {
$errormessage = $Lang::tr{'invalid input for valid till days'};
goto VPNCONF_ERROR;
}
# Check for RW that OpenSSL maximum of valid days will not be exceeded
if ($cgiparams{'TYPE'} eq 'host') {
if ($cgiparams{'DAYS_VALID'} >= '999999') {
$errormessage = $Lang::tr{'invalid input for valid till days'};
goto VPNCONF_ERROR;
}
}
# Replace empty strings with a .
(my $ou = $cgiparams{'CERT_OU'}) =~ s/^\s*$/\./;
(my $city = $cgiparams{'CERT_CITY'}) =~ s/^\s*$/\./;
@@ -4813,7 +4831,7 @@ END
if ($cgiparams{'TYPE'} eq 'host') {
print <<END;
</select></td></tr>
<td>&nbsp;</td><td class='base'>$Lang::tr{'valid till'} (days):</td>
<td>&nbsp;</td><td class='base'>$Lang::tr{'valid till'} (days):&nbsp;<img src='/blob.gif' alt='*' /</td>
<td class='base' nowrap='nowrap'><input type='text' name='DAYS_VALID' value='$cgiparams{'DAYS_VALID'}' size='32' $cakeydisabled /></td></tr>
<tr><td>&nbsp;</td>
<td class='base'>$Lang::tr{'pkcs12 file password'}:</td>
@@ -4828,7 +4846,7 @@ END
}else{
print <<END;
</select></td></tr>
<td>&nbsp;</td><td class='base'>$Lang::tr{'valid till'} (days):</td>
<td>&nbsp;</td><td class='base'>$Lang::tr{'valid till'} (days):&nbsp;<img src='/blob.gif' alt='*' /</td>
<td class='base' nowrap='nowrap'><input type='text' name='DAYS_VALID' value='$cgiparams{'DAYS_VALID'}' size='32' $cakeydisabled /></td></tr>
<tr><td>&nbsp;</td><td>&nbsp;</td><td>&nbsp;</td></tr>
<tr><td>&nbsp;</td><td>&nbsp;</td><td>&nbsp;</td></tr>