webadmin/bpfire
1
0
Fork 0
mirror of https://github.com/vincentmli/bpfire.git synced 2026-04-09 18:45:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

ovpnmain.cgi: Fixes bug#13404 - prevents certs being saved if common name is already used

Browse Source 
- This was fixed by moving the code for checking if the common name is already used, to
   the same location as the code for checking if the connection name is already used.
- Tested out on vm testbed and confirmed that the certificates are not created and the
   index.txt not updated if the common name is flagged as already being used. If the
   entry is changed to use a new CN and Save pressed then the certs are saved and the
   index.txt updated. If Cancel is pressed then no certs are saved and index.txt is not
   updated.

Fixes: Bug#13404
Tested-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Adolf Belka <adolf.belka@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
This commit is contained in:
Adolf Belka
2024-02-26 16:05:00 +01:00
committed by Michael Tremer
parent 033252e043
commit f433fdcd90
1 changed files with 19 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
html/cgi-bin/ovpnmain.cgi
View File

@@ -4216,15 +4216,25 @@ if ($cgiparams{'TYPE'} eq 'net') {
}
}
# Check for RW if client name is already set
if ($cgiparams{'TYPE'} eq 'host') {
foreach my $key (keys %confighash) {
if ($confighash{$key}[1] eq $cgiparams{'NAME'}) {
$errormessage = $Lang::tr{'a connection with this name already exists'};
goto VPNCONF_ERROR;
}
}
}
# Check for RW if client name is already set
if ($cgiparams{'TYPE'} eq 'host') {
foreach my $key (keys %confighash) {
if ($confighash{$key}[1] eq $cgiparams{'NAME'}) {
$errormessage = $Lang::tr{'a connection with this name already exists'};
goto VPNCONF_ERROR;
}
}
}
# Check if there is no other entry with this common name
if ((! $cgiparams{'KEY'}) && ($cgiparams{'AUTH'} ne 'psk')) {
foreach my $key (keys %confighash) {
if ($confighash{$key}[2] eq $cgiparams{'CERT_NAME'}) {
$errormessage = $Lang::tr{'a connection with this common name already exists'};
goto VPNCONF_ERROR;
}
}
}
# Replace empty strings with a .
(my $ou = $cgiparams{'CERT_OU'}) =~ s/^\s*$/\./;
@@ -4309,16 +4319,6 @@ if ($cgiparams{'TYPE'} eq 'net') {
goto VPNCONF_ERROR;
}
# Check if there is no other entry with this common name
if ((! $cgiparams{'KEY'}) && ($cgiparams{'AUTH'} ne 'psk')) {
foreach my $key (keys %confighash) {
if ($confighash{$key}[2] eq $cgiparams{'CERT_NAME'}) {
$errormessage = $Lang::tr{'a connection with this common name already exists'};
goto VPNCONF_ERROR;
}
}
}
# Save the config
my $key = $cgiparams{'KEY'};