ids.cgi: Check if the selected ruleset requires an oinkcode

Fixes #11983

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>

html/cgi-bin/ids.cgi

@@ -296,18 +296,32 @@ if(-f $IDS::used_rulefiles_file) {
 # Save ruleset configuration.
 if ($cgiparams{'RULESET'} eq $Lang::tr{'save'}) {
 	my %oldsettings;
+	my %rulesetsources;
 
 	# Read-in current (old) IDS settings.
 	&General::readhash("$IDS::rules_settings_file", \%oldsettings);
 
+	# Get all available ruleset locations.
+	&General::readhash("$IDS::rulesetsourcesfile", \%rulesetsources);
+
 	# Prevent form name from been stored in conf file.
 	delete $cgiparams{'RULESET'};
 
-	# Check if an oinkcode has been provided.
-	if ($cgiparams{'OINKCODE'}) {
-		# Check if the oinkcode contains unallowed chars.
-		unless ($cgiparams{'OINKCODE'} =~ /^[a-z0-9]+$/) {
-			$errormessage = $Lang::tr{'invalid input for oink code'};
+	# Grab the URL based on the choosen vendor.
+	my $url = $rulesetsources{$cgiparams{'RULES'}};
+
+	# Check if the choosen vendor (URL) requires an subscription/oinkcode.
+	if ($url =~ /\<oinkcode\>/ ) {
+		# Check if an subscription/oinkcode has been provided.
+		if ($cgiparams{'OINKCODE'}) {
+			# Check if the oinkcode contains unallowed chars.
+			unless ($cgiparams{'OINKCODE'} =~ /^[a-z0-9]+$/) {
+				$errormessage = $Lang::tr{'invalid input for oink code'};
+			}
+		} else {
+			# Print an error message, that an subsription/oinkcode is required for this
+			# vendor.
+			$errormessage = $Lang::tr{'ids oinkcode required'};
 		}
 	}
 

langs/de/cgi-bin/de.pl

@@ -1336,6 +1336,7 @@
 'ids monitor traffic only' => 'Netzwerk-Pakete nur überpfrüfen',
 'ids no network zone' => 'Mindestends eine Netzwerk-Zone muss überwacht werden!',
 'ids no ruleset available' => 'Kein Regelset verfügbar, bitte downloaden Sie eines!',
+'ids oinkcode required' => 'Für das ausgewählte Regelset wird eine Subscription oder ein Oinkcode benötigt',
 'ids ruleset settings' => 'Regelset-Einstellungen',
 'ids preprocessor' => 'IDS-Präprozessor',
 'ids rules license' => 'Um  Sourcefire VRT Zertifizierte Regeln zu nutzen, müssen Sie sich unter',

langs/en/cgi-bin/en.pl

@@ -1368,6 +1368,7 @@
 'ids monitor traffic only' => 'Monitor traffic only',
 'ids no network zone' => 'At least one network zone has to be monitored!',
 'ids no ruleset available' => 'No ruleset available, please download one!',
+'ids oinkcode required' => 'The selected ruleset requires a subscription or an oinkcode',
 'ids ruleset settings' => 'Ruleset settings',
 'ids preprocessor' => 'IDS preprocessor',
 'ids rules license' => 'To utilize Sourcefire VRT Certified Rules, you need to register on',