From e201b6d5376939eaeec36417f09d9fe6b6dcfe5d Mon Sep 17 00:00:00 2001
From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Mon, 21 Jan 2013 21:15:50 +0100
Subject: [PATCH 1/2] proxy.cgi: Also allow to use a hostname for the LDAP
 server.

Fixes #10265.
---
 html/cgi-bin/proxy.cgi | 7 +++++--
 langs/de/cgi-bin/de.pl | 2 +-
 langs/en/cgi-bin/en.pl | 2 +-
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi
index b217de361..52b68aec9 100644
--- a/html/cgi-bin/proxy.cgi
+++ b/html/cgi-bin/proxy.cgi
@@ -512,8 +512,11 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'}
 		}
 		if (!&General::validip($proxysettings{'LDAP_SERVER'}))
 		{
-			$errormessage = $Lang::tr{'advproxy errmsg ldap server'};
-			goto ERROR;
+			if (!&General::validdomainname($proxysettings{'LDAP_SERVER'}))
+			{
+				$errormessage = $Lang::tr{'advproxy errmsg ldap server'};
+				goto ERROR;
+			}
 		}
 		if (!&General::validport($proxysettings{'LDAP_PORT'}))
 		{
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index a2a9e1e76..f2353be41 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -229,7 +229,7 @@
 'advproxy errmsg ldap base dn' => 'LDAP base DN erforderlich',
 'advproxy errmsg ldap bind dn' => 'LDAP bind DN Benutzername und Passwort erforderlich',
 'advproxy errmsg ldap port' => 'Ungültige LDAP-Portnummer',
-'advproxy errmsg ldap server' => 'Ungültige IP-Adresse für den LDAP-Server',
+'advproxy errmsg ldap server' => 'Ungültige IP-Adresse/Hostname für den LDAP-Server',
 'advproxy errmsg max userip' => 'Ungültige Anzahl von IP-Adressen pro Benutzer',
 'advproxy errmsg mem cache size' => 'Ungültiger Wert für die Größe des RAM-Cachespeichers',
 'advproxy errmsg no browser' => 'Mindestens ein Browser oder Client muss für den Web-Zugriff zugelassen sein',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index 23df6bd6a..c739b1a48 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -229,7 +229,7 @@
 'advproxy errmsg ldap base dn' => 'LDAP base DN required',
 'advproxy errmsg ldap bind dn' => 'LDAP bind DN username and password required',
 'advproxy errmsg ldap port' => 'Invalid LDAP port number',
-'advproxy errmsg ldap server' => 'Invalid IP address for LDAP Server',
+'advproxy errmsg ldap server' => 'Invalid IP address/hostname for LDAP Server',
 'advproxy errmsg max userip' => 'Invalid number of IP addresses per user',
 'advproxy errmsg mem cache size' => 'Invalid value for memory cache size',
 'advproxy errmsg no browser' => 'At least one browser or client must be selected for web access',

From dcfc6334b91b8b6d24df73bb30e35e2fd865ee08 Mon Sep 17 00:00:00 2001
From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Tue, 22 Jan 2013 19:38:12 +0100
Subject: [PATCH 2/2] proxy.cgi: Allow to set a hostname as upstream proxy.

Fixes #10215.
---
 html/cgi-bin/proxy.cgi | 17 +++++++++++------
 langs/de/cgi-bin/de.pl |  2 +-
 langs/en/cgi-bin/en.pl |  2 +-
 3 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/html/cgi-bin/proxy.cgi b/html/cgi-bin/proxy.cgi
index 52b68aec9..0b28c2adf 100644
--- a/html/cgi-bin/proxy.cgi
+++ b/html/cgi-bin/proxy.cgi
@@ -358,12 +358,17 @@ if (($proxysettings{'ACTION'} eq $Lang::tr{'save'}) || ($proxysettings{'ACTION'}
 		$errormessage = $Lang::tr{'advproxy errmsg invalid proxy port'};
 		goto ERROR;
 	}
-	if (!($proxysettings{'UPSTREAM_PROXY'} eq '')) {
-	  my @temp = split(/:/,$proxysettings{'UPSTREAM_PROXY'});
-	  if (!(&General::validip($temp[0]))) {
-	    $errormessage = $Lang::tr{'advproxy errmsg invalid upstream proxy'};
-	    goto ERROR;
-          }
+	if (!($proxysettings{'UPSTREAM_PROXY'} eq ''))
+	{
+		my @temp = split(/:/,$proxysettings{'UPSTREAM_PROXY'});
+		if (!(&General::validip($temp[0])))
+		{
+			if (!(&General::validdomainname($temp[0])))
+			{
+				$errormessage = $Lang::tr{'advproxy errmsg invalid upstream proxy'};
+				goto ERROR;
+			}
+		}
         }
 	if (!($proxysettings{'CACHE_SIZE'} =~ /^\d+/) ||
 		($proxysettings{'CACHE_SIZE'} < 10))
diff --git a/langs/de/cgi-bin/de.pl b/langs/de/cgi-bin/de.pl
index f2353be41..48f9a4400 100644
--- a/langs/de/cgi-bin/de.pl
+++ b/langs/de/cgi-bin/de.pl
@@ -223,7 +223,7 @@
 'advproxy errmsg invalid mac' => 'Ungültige MAC-Adresse',
 'advproxy errmsg invalid pdc' => 'Ungültiger Hostname für den Primary Domain Controller',
 'advproxy errmsg invalid proxy port' => 'Ungültiger Proxy-Port',
-'advproxy errmsg invalid upstream proxy' => 'Ungültige IP für Upstream-Proxy',
+'advproxy errmsg invalid upstream proxy' => 'Ungültige IP/Hostname für Upstream-Proxy',
 'advproxy errmsg invalid upstream proxy username or password setting' => 'Ungültiger Benutzername oder ungültiges Kennwort für Upstream Proxy',
 'advproxy errmsg invalid user' => 'Benutzername existiert nicht',
 'advproxy errmsg ldap base dn' => 'LDAP base DN erforderlich',
diff --git a/langs/en/cgi-bin/en.pl b/langs/en/cgi-bin/en.pl
index c739b1a48..6a3120b60 100644
--- a/langs/en/cgi-bin/en.pl
+++ b/langs/en/cgi-bin/en.pl
@@ -223,7 +223,7 @@
 'advproxy errmsg invalid mac' => 'Invalid MAC address',
 'advproxy errmsg invalid pdc' => 'Invalid hostname for primary domain controller',
 'advproxy errmsg invalid proxy port' => 'Invalid proxy port',
-'advproxy errmsg invalid upstream proxy' => 'Invalid upstream proxy IP',
+'advproxy errmsg invalid upstream proxy' => 'Invalid upstream proxy IP/hostname',
 'advproxy errmsg invalid upstream proxy username or password setting' => 'Invalid upstream proxy username or password setting',
 'advproxy errmsg invalid user' => 'Username does not exist',
 'advproxy errmsg ldap base dn' => 'LDAP base DN required',