ids.cgi: Add some more sanity checks when adding a new provider.

* Check if the system is online. * Check if enough free disk space is available. * Abort whith an error message if the ruleset could not be downloaded. In error case the provider now will be removed again from the file which keeps the configured providers. Sadly it needs to be added first because otherwise the downloader could not read the required values from it..... Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
2026-04-27 11:13:24 +02:00 · 2021-04-14 20:32:14 +02:00
parent 214f34ec4e
commit 969983eba4
3 changed files with 44 additions and 18 deletions
--- a/html/cgi-bin/ids.cgi
+++ b/html/cgi-bin/ids.cgi
@@ -815,34 +815,56 @@ if ($cgiparams{'RULESET'} eq $Lang::tr{'ids apply'}) {

 		# Check if a new provider will be added.
 		if ($cgiparams{'PROVIDERS'} eq $Lang::tr{'add'}) {
-			# Lock the webpage and print notice about downloading
-			# a new ruleset.
-			&working_notice("$Lang::tr{'ids working'}");
+			# Check if the red device is active.
+			unless (-e "${General::swroot}/red/active") {
+				$errormessage = "$Lang::tr{'ids could not add provider'} - $Lang::tr{'system is offline'}";
+			}

-			# Download the ruleset.
-			&IDS::downloadruleset($provider);
+			# Check if enough free disk space is availabe.
+			if(&IDS::checkdiskspace()) {
+				$errormessage = "$Lang::tr{'ids could not add provider'} - $Lang::tr{'not enough disk space'}";
+			}

-			# Extract the ruleset
-			&IDS::extractruleset($provider);
+			# Check if any errors happend.
+			unless ($errormessage) {
+				# Lock the webpage and print notice about downloading
+				# a new ruleset.
+				&working_notice("$Lang::tr{'ids working'}");

-			# Move the ruleset.
-			&IDS::move_tmp_ruleset();
+				# Download the ruleset.
+				if(&IDS::downloadruleset($provider)) {
+					$errormessage = "$Lang::tr{'ids could not add provider'} - $Lang::tr{'ids unable to download the ruleset'}";

-			# Cleanup temporary directory.
-			&IDS::cleanup_tmp_directory();
+					# Call function to store the errormessage.
+					&IDS::_store_error_message($errormessage);

-			# Create new empty file for used rulefiles
-			# for this provider.
-			&IDS::write_used_provider_rulefiles_file($provider);
+					# Remove the configured provider again.
+					&remove_provider($id);
+				} else {
+					# Extract the ruleset
+					&IDS::extractruleset($provider);

-			# Perform a reload of the page.
-			&reload();
+					# Move the ruleset.
+					&IDS::move_tmp_ruleset();
+
+					# Cleanup temporary directory.
+					&IDS::cleanup_tmp_directory();
+
+					# Create new empty file for used rulefiles
+					# for this provider.
+					&IDS::write_used_provider_rulefiles_file($provider);
+				}
+
+				# Perform a reload of the page.
+				&reload();
+			}
 		}

-		# Undefine providers flag.
-		undef($cgiparams{'PROVIDERS'});
 	}

+	# Undefine providers flag.
+	undef($cgiparams{'PROVIDERS'});
+
 ## Toggle Enabled/Disabled for an existing provider.
 #
 } elsif ($cgiparams{'PROVIDERS'} eq $Lang::tr{'toggle enable disable'}) {