diff options
| author | Darren Embry <dse@webonastick.com> | 2012-07-26 18:45:52 -0400 |
|---|---|---|
| committer | Darren Embry <dse@webonastick.com> | 2012-07-26 18:45:52 -0400 |
| commit | 82e7f8e4b0278017fc27d4d5a84b8e5e6a2ce51d (patch) | |
| tree | b2bf6d428ad396f39adbf31b756b1992e262d33f | |
| parent | f5df5e8415f8c05a344bc47c6b3969ff3315aec7 (diff) | |
| parent | 617152591ff0d0b5b3b8b6674d024880cb6bbf12 (diff) | |
| download | pfsense-82e7f8e4b0278017fc27d4d5a84b8e5e6a2ce51d.zip pfsense-82e7f8e4b0278017fc27d4d5a84b8e5e6a2ce51d.tar.gz | |
Merge branch 'master' of git://github.com/bsdperimeter/pfsense
55 files changed, 896 insertions, 451 deletions
diff --git a/etc/devd.conf b/etc/devd.conf index 499fe4b..30f3cc5 100644 --- a/etc/devd.conf +++ b/etc/devd.conf @@ -16,14 +16,14 @@ options { notify 100 { match "system" "IFNET"; match "type" "LINK_UP"; - match "subsystem" "[a-z]+[0-9]+_vip[0-9]+"; + match "subsystem" "[a-zA-Z0-9_]+_vip[0-9]+"; action "/etc/rc.carpmaster $subsystem"; }; notify 100 { match "system" "IFNET"; match "type" "LINK_DOWN"; - match "subsystem" "[a-z]+[0-9]+_vip[0-9]+"; + match "subsystem" "[a-zA-Z0-9_]+_vip[0-9]+"; action "/etc/rc.carpbackup $subsystem"; }; @@ -65,13 +65,6 @@ notify 0 { action "/usr/local/sbin/pfSctl -c 'interface linkup start $subsystem'"; }; -notify 0 { - match "system" "IFNET"; - match "type" "LINK_DOWN"; - match "subsystem" "[a-z]+[0-9]+_wlan[0-9]+"; - action "/usr/local/sbin/pfSctl -c 'interface linkup stop $subsystem'"; -}; - # Notify all users before beginning emergency shutdown when we get # a _CRT or _HOT thermal event and we're going to power down the system # very soon. diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 614c93d..7158b78 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -639,7 +639,7 @@ function ldap_test_connection($authcfg) { $ldapproto = "ldap"; else $ldapproto = "ldaps"; - $ldapserver = "{$ldapproto}://{$authcfg['host']}"; + $ldapserver = "{$ldapproto}://" . ldap_format_host($authcfg['host']); $ldapport = $authcfg['ldap_port']; if (!empty($ldapport)) $ldapserver .= ":{$ldapport}"; @@ -706,7 +706,7 @@ function ldap_test_bind($authcfg) { $ldapproto = "ldap"; else $ldapproto = "ldaps"; - $ldapserver = "{$ldapproto}://{$authcfg['host']}"; + $ldapserver = "{$ldapproto}://" . ldap_format_host($authcfg['host']); $ldapport = $authcfg['ldap_port']; if (!empty($ldapport)) $ldapserver .= ":{$ldapport}"; @@ -769,7 +769,7 @@ function ldap_get_user_ous($show_complete_ou=true, $authcfg) { $ldapproto = "ldap"; else $ldapproto = "ldaps"; - $ldapserver = "{$ldapproto}://{$authcfg['host']}"; + $ldapserver = "{$ldapproto}://" . ldap_format_host($authcfg['host']); $ldapport = $authcfg['ldap_port']; if (!empty($ldapport)) $ldapserver .= ":{$ldapport}"; @@ -876,7 +876,7 @@ function ldap_get_groups($username, $authcfg) { $ldapproto = "ldap"; else $ldapproto = "ldaps"; - $ldapserver = "{$ldapproto}://{$authcfg['host']}"; + $ldapserver = "{$ldapproto}://" . ldap_format_host($authcfg['host']); $ldapport = $authcfg['ldap_port']; if (!empty($ldapport)) $ldapserver .= ":{$ldapport}"; @@ -968,6 +968,10 @@ function ldap_get_groups($username, $authcfg) { return $memberof; } +function ldap_format_host($host) { + return is_ipaddrv6($host) ? "[$host]" : $host ; +} + function ldap_backed($username, $passwd, $authcfg) { global $debug, $config; @@ -991,7 +995,7 @@ function ldap_backed($username, $passwd, $authcfg) { $ldapproto = "ldap"; else $ldapproto = "ldaps"; - $ldapserver = "{$ldapproto}://{$authcfg['host']}"; + $ldapserver = "{$ldapproto}://" . ldap_format_host($authcfg['host']); $ldapport = $authcfg['ldap_port']; if (!empty($ldapport)) $ldapserver .= ":{$ldapport}"; diff --git a/etc/inc/captiveportal.inc b/etc/inc/captiveportal.inc index 55fb46a..12df424 100644 --- a/etc/inc/captiveportal.inc +++ b/etc/inc/captiveportal.inc @@ -454,16 +454,15 @@ function captiveportal_init_webgui_zone($cpcfg) { $use_fastcgi = true; if (isset($cpcfg['httpslogin'])) { - $cert = base64_decode($cpcfg['certificate']); - if (isset($cpcfg['cacertificate'])) - $cacert = base64_decode($cpcfg['cacertificate']); - else - $cacert = ""; - $key = base64_decode($cpcfg['private-key']); + $cert = lookup_cert($cpcfg['certref']); + $crt = base64_decode($cert['crt']); + $key = base64_decode($cert['prv']); + $ca = ca_chain($cert); + /* generate lighttpd configuration */ $listenporthttps = $cpcfg['listenporthttps'] ? $cpcfg['listenporthttps'] : ($cpcfg['zoneid'] + 1); system_generate_lighty_config("{$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal-SSL.conf", - $cert, $key, $cacert, "lighty-{$cpzone}-CaptivePortal-SSL.pid", $listenporthttps, "/usr/local/captiveportal", + $crt, $key, $ca, "lighty-{$cpzone}-CaptivePortal-SSL.pid", $listenporthttps, "/usr/local/captiveportal", "cert-portal.pem", "ca-portal.pem", "1", $use_fastcgi, $cpzone); } @@ -477,7 +476,7 @@ function captiveportal_init_webgui_zone($cpcfg) { $res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal.conf"); /* fire up https instance */ - if (isset($cpcfg['httpslogin']) && $cpcfg['httpslogin']) + if (isset($cpcfg['httpslogin'])) $res = mwexec("/usr/local/sbin/lighttpd -f {$g['varetc_path']}/lighty-{$cpzone}-CaptivePortal-SSL.conf"); } @@ -666,6 +665,8 @@ EOD; /* activate ipfw(4) so CP can work */ mwexec("/sbin/sysctl net.link.ether.ipfw=1"); + /* Make sure not re-entrancy is allowed in ipfw(4) */ + mwexec("/sbin/sysctl net.inet.ip.fw.one_pass=1"); return $cprules; } @@ -1680,7 +1681,7 @@ function portal_mac_radius($clientmac,$clientip) { } function captiveportal_reapply_attributes($cpentry, $attributes) { - global $config, $cpzone; + global $config, $cpzone, $g; /* Add rules for traffic shaping * We don't need to add extra rules since traffic will pass due to the following kernel option diff --git a/etc/inc/certs.inc b/etc/inc/certs.inc index ec3227d..ed1f25c 100644 --- a/etc/inc/certs.inc +++ b/etc/inc/certs.inc @@ -528,12 +528,24 @@ function is_webgui_cert($certref) { return true; } +function is_captiveportal_cert($certref) { + global $config; + if (!is_array($config['captiveportal'])) + return; + foreach ($config['captiveportal'] as $portal) { + if (isset($portal['enable']) && isset($portal['httpslogin']) && ($portal['certref'] == $certref)) + return true; + } + return false; +} + function cert_in_use($certref) { return (is_webgui_cert($certref) || is_user_cert($certref) || is_openvpn_server_cert($certref) || is_openvpn_client_cert($certref) || - is_ipsec_cert($certref)); + is_ipsec_cert($certref) || + is_captiveportal_cert($certref)); } /* diff --git a/etc/inc/config.console.inc b/etc/inc/config.console.inc index aaf54f3..78ad524 100644 --- a/etc/inc/config.console.inc +++ b/etc/inc/config.console.inc @@ -69,7 +69,7 @@ function set_networking_interfaces_ports() { $key = null; /* Only present auto interface option if running from LiveCD and interface mismatch*/ - if ((ereg("cdrom", $g['platform'])) && is_interface_mismatch()) + if ((preg_match("/cdrom/", $g['platform'])) && is_interface_mismatch()) $auto_assign = false; echo <<<EOD diff --git a/etc/inc/config.inc b/etc/inc/config.inc index b8199df..790fbc1 100644 --- a/etc/inc/config.inc +++ b/etc/inc/config.inc @@ -122,7 +122,7 @@ else if ($g['booting'] and !file_exists($g['cf_conf_path'] . "/config.xml") ) { /* config is on floppy disk for CD-ROM version */ $cfgdevice = $cfgpartition = "fd0"; $dmesg = `dmesg -a`; - if(ereg("da0", $dmesg) == true) { + if(preg_match("/da0/", $dmesg) == true) { $cfgdevice = $cfgpartition = "da0" ; if (mwexec("/sbin/mount -r /dev/{$cfgdevice} /cf")) { /* could not mount, fallback to floppy */ diff --git a/etc/inc/dyndns.class b/etc/inc/dyndns.class index 9b97781..504dbf8 100644 --- a/etc/inc/dyndns.class +++ b/etc/inc/dyndns.class @@ -948,7 +948,8 @@ $wan_ip = $this->_checkIP(); conf_mount_rw(); if ($wan_ip > 0) { - $currentTime = time(); + $currentTime = time(); + notify_all_remote(sprintf(gettext("DynDNS updated IP Address on %s (%s) to %s"), convert_real_interface_to_friendly_descr($this->_if), $this->_if, $wan_ip)); log_error("phpDynDNS: updating cache file {$this->_cacheFile}: {$wan_ip}"); @file_put_contents($this->_cacheFile, "{$wan_ip}:{$currentTime}"); } else diff --git a/etc/inc/functions.inc b/etc/inc/functions.inc index 695a1cf..c59d275 100644 --- a/etc/inc/functions.inc +++ b/etc/inc/functions.inc @@ -73,39 +73,40 @@ if(!function_exists("pfSenseHeader")) { /* END compatibility goo with HEAD */ /*fetch menu notices function*/ -function get_menu_messages(){ - global $g,$config; - if (are_notices_pending()) { - $notices = get_notices(); - $requests=array(); +if(!function_exists("get_menu_messages")) { + function get_menu_messages(){ + global $g,$config; + if (are_notices_pending()) { + $notices = get_notices(); + $requests=array(); - ## Get Query Arguments from URL ### - foreach ($_REQUEST as $key => $value) { - if ($key != "PHPSESSID") - $requests[] = $key.'='.$value; - } - if(is_array($requests)) - $request_string = implode("&", $requests); + ## Get Query Arguments from URL ### + foreach ($_REQUEST as $key => $value) { + if ($key != "PHPSESSID") + $requests[] = $key.'='.$value; + } + if(is_array($requests)) + $request_string = implode("&", $requests); - if(is_array($notices)) { - $notice_msgs = "<table colspan=6 id=notice_table>"; - $alert_style="style=\'color:#ffffff; filter:Glow(color=#ff0000, strength=12);\' "; - $notice = "<a href=# onClick=notice_action(\'acknowledge\',\'all\');domTT_close(this); {$alert_style}>".gettext("Acknowledge All Notices")."</a>"; - $alert_link="title=\'".gettext("Click to Acknowledge")."\' {$alert_style}"; - $domtt_width=500; - foreach ($notices as $key => $value) { - $date = date("m-d-y H:i:s", $key); - $noticemsg = ($value['notice'] != "" ? $value['notice'] : $value['id']); - $noticemsg = preg_replace("/(\"|\'|\n|<.?\w+>)/i","",$noticemsg); - if ((strlen($noticemsg)* 8) > $domtt_width) - $domtt_width=(strlen($noticemsg) *8); - if ((strlen($noticemsg)* 8) > 900) - $domtt_width= 900; - $alert_action ="onClick=notice_action(\'acknowledge\',\'{$key}\');domTT_close(this);jQuery(this).parent().parent().remove();"; - $notice_msgs .= "<tr><td valign=\'top\' width=\'120\'><a href=# {$alert_link} {$alert_action}>{$date}</a></td><td valign=\'top\'><a href=# {$alert_link} {$alert_action}>[ ".htmlspecialchars($noticemsg)."]</a></td><tr>"; - } - $notice_msgs .="</table>"; - + if(is_array($notices)) { + $notice_msgs = "<table colspan=6 id=notice_table>"; + $alert_style="style=\'color:#ffffff; filter:Glow(color=#ff0000, strength=12);\' "; + $notice = "<a href=# onClick=notice_action(\'acknowledge\',\'all\');domTT_close(this); {$alert_style}>".gettext("Acknowledge All Notices")."</a>"; + $alert_link="title=\'".gettext("Click to Acknowledge")."\' {$alert_style}"; + $domtt_width=500; + foreach ($notices as $key => $value) { + $date = date("m-d-y H:i:s", $key); + $noticemsg = ($value['notice'] != "" ? $value['notice'] : $value['id']); + $noticemsg = preg_replace("/(\"|\'|\n|<.?\w+>)/i","",$noticemsg); + if ((strlen($noticemsg)* 8) > $domtt_width) + $domtt_width=(strlen($noticemsg) *8); + if ((strlen($noticemsg)* 8) > 900) + $domtt_width= 900; + $alert_action ="onClick=notice_action(\'acknowledge\',\'{$key}\');domTT_close(this);jQuery(this).parent().parent().remove();"; + $notice_msgs .= "<tr><td valign=\'top\' width=\'120\'><a href=# {$alert_link} {$alert_action}>{$date}</a></td><td valign=\'top\'><a href=# {$alert_link} {$alert_action}>[ ".htmlspecialchars($noticemsg)."]</a></td><tr>"; + } + $notice_msgs .="</table>"; + $domtt= "onclick=\"domTT_activate(this, event, 'caption', '{$notice}','content', '<br>{$notice_msgs}', 'trail', false, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle','width','{$domtt_width}','y',5,'type', 'sticky');\""; $menu_messages="<div id='alerts' ; >\n"; if(count($notices)==1) @@ -115,14 +116,29 @@ function get_menu_messages(){ $menu_messages.="<div id='marquee-text' style='z-index:1001;'><a href=# {$domtt}><b> .:. {$msg} .:. </b></a></div>\n"; $menu_messages.="</div>\n"; } - } else { - $menu_messages='<div id="hostname">'; - $menu_messages.=$config['system']['hostname'] . "." . $config['system']['domain']; - $menu_messages.='</div>'; - } - return ($menu_messages); - } + } + else { + $menu_messages='<div id="hostname">'; + $menu_messages.=$config['system']['hostname'] . "." . $config['system']['domain']; + $menu_messages.='</div>'; + } + return ($menu_messages); + } +} +if(!function_exists("dom_title")) { + function dom_title($title_msg,$width=NULL){ + $width=preg_replace("/\D+/","",$width); + if (!empty($width)){ + $width=",'width',$width"; + } + if (!empty($title_msg)){ + $title_msg=preg_replace("/\s+/"," ",$title_msg); + $title_msg=preg_replace("/'/","\'",$title_msg); + return "onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\" onmouseover=\"domTT_activate(this, event, 'content', '{$title_msg}', 'trail', true, 'delay', 250, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle' $width);\""; + } + } + } /* include all configuration functions */ require_once("interfaces.inc"); require_once("gwlb.inc"); @@ -132,4 +148,4 @@ require_once("certs.inc"); require_once("system.inc"); require_once("vslb.inc"); -?> +?>
\ No newline at end of file diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc index 519f28c..23c3a92 100644 --- a/etc/inc/globals.inc +++ b/etc/inc/globals.inc @@ -77,7 +77,7 @@ $g = array( "disablecrashreporter" => false, "crashreporterurl" => "http://crashreporter.pfsense.org/crash_reporter.php", "debug" => false, - "latest_config" => "8.8", + "latest_config" => "8.9", "nopkg_platforms" => array("cdrom"), "minimum_ram_warning" => "101", "minimum_ram_warning_text" => "128 MB", diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc index cf982af..9023451 100644 --- a/etc/inc/gwlb.inc +++ b/etc/inc/gwlb.inc @@ -1,7 +1,7 @@ <?php /* Copyright (C) 2008 Bill Marquette, Seth Mos - Copyright (C) 2010 Ermal Luçi + Copyright (C) 2010 Ermal Luçi All rights reserved. Redistribution and use in source and binary forms, with or without @@ -31,9 +31,20 @@ */ require_once("config.inc"); +/* Returns an array of default values used for apinger.conf */ +function return_apinger_defaults() { + return array( + "latencylow" => "200", + "latencyhigh" => "500", + "losslow" => "10", + "losshigh" => "20", + "interval" => "1", + "down" => "10"); + } + /* * Creates monitoring configuration file and - * adds apropriate static routes. + * adds appropriate static routes. */ function setup_gateways_monitor() { global $config, $g; @@ -46,13 +57,7 @@ function setup_gateways_monitor() { return; } - /* Default settings. Probably should move to globals.inc? */ - $a_settings = array(); - $a_settings['latencylow'] = "200"; - $a_settings['latencyhigh'] = "500"; - $a_settings['losslow'] = "10"; - $a_settings['losshigh'] = "20"; - + $apinger_default = return_apinger_defaults(); $fd = fopen("{$g['varetc_path']}/apinger.conf", "w"); $apingerconfig = <<<EOD @@ -72,7 +77,7 @@ pid_file "{$g['varrun_path']}/apinger.pid" #timestamp_format "%Y%m%d%H%M%S" status { - ## File where the status information whould be written to + ## File where the status information should be written to file "{$g['tmp_path']}/apinger.status" ## Interval between file updates ## when 0 or not set, file is written only when SIGUSR1 is received @@ -84,38 +89,38 @@ status { # Interval between RRD updates rrd interval 60s; -## These parameters can be overriden in a specific alarm configuration +## These parameters can be overridden in a specific alarm configuration alarm default { - command on "/usr/local/sbin/pfSctl -c 'service reload dyndnsall' -c 'service reload ipsecdns' -c 'filter reload'" - command off "/usr/local/sbin/pfSctl -c 'service reload dyndnsall' -c 'service reload ipsecdns' -c 'filter reload'" + command on "/usr/local/sbin/pfSctl -c 'service reload dyndnsall' -c 'service reload ipsecdns' -c 'filter reload' -c 'service reload openvpn'" + command off "/usr/local/sbin/pfSctl -c 'service reload dyndnsall' -c 'service reload ipsecdns' -c 'filter reload' -c 'service reload openvpn'" combine 10s } ## "Down" alarm definition. ## This alarm will be fired when target doesn't respond for 30 seconds. alarm down "down" { - time 10s + time {$apinger_default['down']}s } ## "Delay" alarm definition. ## This alarm will be fired when responses are delayed more than 200ms ## it will be canceled, when the delay drops below 100ms alarm delay "delay" { - delay_low {$a_settings['latencylow']}ms - delay_high {$a_settings['latencyhigh']}ms + delay_low {$apinger_default['latencylow']}ms + delay_high {$apinger_default['latencyhigh']}ms } ## "Loss" alarm definition. ## This alarm will be fired when packet loss goes over 20% ## it will be canceled, when the loss drops below 10% alarm loss "loss" { - percent_low {$a_settings['losslow']} - percent_high {$a_settings['losshigh']} + percent_low {$apinger_default['losslow']} + percent_high {$apinger_default['losshigh']} } target default { ## How often the probe should be sent - interval 1s + interval {$apinger_default['interval']}s ## How many replies should be used to compute average delay ## for controlling "delay" alarms @@ -179,7 +184,7 @@ EOD; $alarms = ""; $alarmscfg = ""; $override = false; - if (!empty($gateway['lowloss'])) { + if (!empty($gateway['losslow'])) { $alarmscfg .= "alarm loss \"{$name}loss\" {\n"; $alarmscfg .= "\tpercent_low {$gateway['losslow']}\n"; $alarmscfg .= "\tpercent_high {$gateway['losshigh']}\n"; @@ -240,8 +245,8 @@ EOD; } else { $inetfamily = "-inet"; } - mwexec("/sbin/route change {$inetfamily} -host " . escapeshellarg($gateway['monitor']) . - " " . escapeshellarg($gateway['gateway']), true); + // mwexec("/sbin/route change {$inetfamily} -host " . escapeshellarg($gateway['monitor']) . + // " " . escapeshellarg($gateway['gateway']), true); } $apingerconfig .= $alarmscfg; @@ -282,6 +287,7 @@ function return_gateways_status($byname = false) { $target = $info[0]; else $target = $info[2]; + $status[$target]['monitorip'] = $info[0]; $status[$target]['srcip'] = $info[1]; $status[$target]['name'] = $info[2]; @@ -291,7 +297,8 @@ function return_gateways_status($byname = false) { $status[$target]['status'] = trim($info[8]); } - /* tack on any gateways that have monitoring disabled */ + /* tack on any gateways that have monitoring disabled + * or are down, which could cause gateway groups to fail */ $gateways_arr = return_gateways_array(); foreach($gateways_arr as $gwitem) { if(isset($gwitem['monitor_disable'])) { @@ -308,13 +315,23 @@ function return_gateways_status($byname = false) { else $target = $tgtip; - $status[$target]['monitorip'] = $tgtip; - $status[$target]['srcip'] = $srcip; - $status[$target]['name'] = $gwitem['name']; - $status[$target]['lastcheck'] = date('r'); - $status[$target]['delay'] = "0.0ms"; - $status[$target]['loss'] = "0.0%"; - $status[$target]['status'] = "none"; + /* failsafe for down interfaces */ + if($target == "") { + $target = $gwitem['name']; + $status[$target]['name'] = $gwitem['name']; + $status[$target]['lastcheck'] = date('r'); + $status[$target]['delay'] = "0.0ms"; + $status[$target]['loss'] = "100.0%"; + $status[$target]['status'] = "down"; + } else { + $status[$target]['monitorip'] = $tgtip; + $status[$target]['srcip'] = $srcip; + $status[$target]['name'] = $gwitem['name']; + $status[$target]['lastcheck'] = date('r'); + $status[$target]['delay'] = "0.0ms"; + $status[$target]['loss'] = "0.0%"; + $status[$target]['status'] = "none"; + } } } return($status); @@ -361,7 +378,7 @@ function return_gateways_array($disabled = false, $localhost = false) { } /* if the gateway is dynamic and we can find the IPv4, Great! */ - if(empty($gateway['gateway']) || ($gateway['gateway'] == "dynamic") && ($gateway['ipprotocol'] == "inet")) { + if((empty($gateway['gateway']) || ($gateway['gateway'] == "dynamic")) && ($gateway['ipprotocol'] == "inet")) { /* we know which interfaces is dynamic, this should be made a function */ switch($wancfg['ipaddr']) { case "dhcp": @@ -383,7 +400,7 @@ function return_gateways_array($disabled = false, $localhost = false) { } /* if the gateway is dynamic6 and we can find the IPv6, Great! */ - if(empty($gateway['gateway']) || ($gateway['gateway'] == "dynamic") && ($gateway['ipprotocol'] == "inet6")) { + if((empty($gateway['gateway']) || ($gateway['gateway'] == "dynamic")) && ($gateway['ipprotocol'] == "inet6")) { /* we know which interfaces is dynamic, this should be made a function, and for v6 too */ switch($wancfg['ipaddrv6']) { case "6rd": @@ -681,7 +698,7 @@ function return_gateway_groups_array() { $dfltgwdown = true; } if ($dfltgwdown == true && !empty($upgw)) { - if (preg_match("/dynamic", $gateways_arr[$upgw]['gateway'])) + if (preg_match("/dynamic/i", $gateways_arr[$upgw]['gateway'])) $gateways_arr[$upgw]['gateway'] = get_interface_gateway($gateways_arr[$upgw]['friendlyiface']); if (is_ipaddr($gateways_arr[$upgw]['gateway'])) { log_error("Default gateway down setting {$upgw} as default!"); @@ -705,7 +722,6 @@ function return_gateway_groups_array() { unset($upgw, $dfltgwfound, $dfltgwdown, $gwname, $gwsttng); } - if (is_array($config['gateways']['gateway_group'])) { foreach($config['gateways']['gateway_group'] as $group) { /* create array with group gateways members seperated by tier */ @@ -789,7 +805,10 @@ function return_gateway_groups_array() { } } /* we should have the 1st available tier now, exit stage left */ - break; + if(is_array($gateway_groups_array[$group['name']])) + break; + else + log_error("GATEWAYS: We did not find the first tier of the gateway group {$group['name']}! That's odd."); } } } @@ -957,4 +976,4 @@ function validate_address_family($ipaddr, $gwname) { } -?> +?>
\ No newline at end of file diff --git a/etc/inc/notices.inc b/etc/inc/notices.inc index b3084bc..284c077 100644 --- a/etc/inc/notices.inc +++ b/etc/inc/notices.inc @@ -393,4 +393,10 @@ function register_via_growl() { } } +/* Notify via remote methods only - not via GUI. */ +function notify_all_remote($msg) { + notify_via_smtp($msg); + notify_via_growl($msg); +} + ?> diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index b72b709..00cf09a 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -334,21 +334,24 @@ function openvpn_reconfigure($mode, $settings) { $dev_mode = $settings['dev_mode']; $cipher = $settings['crypto']; - $interface = $settings['interface']; - $ipaddr = $settings['ipaddr']; - $ipaddrv6 = $settings['ipaddrv6']; + $interface = get_failover_interface($settings['interface']); + /* we will fill out these variables below. */ + // $ipaddr = $settings['ipaddr']; + // $ipaddrv6 = $settings['ipaddrv6']; // If a specific ip address (VIP) is requested, use it. // Otherwise, if a specific interface is requested, use it // If "any" interface was selected, local directive will be ommited. if (is_ipaddrv4($ipaddr)) { $iface_ip=$ipaddr; - } elseif (is_ipaddrv6($ipaddrv6)) { - $iface_ipv6=$ipaddrv6; } else { if ((!empty($interface)) && (strcmp($interface, "any"))) { $iface_ip=get_interface_ip($interface); } + } + if (is_ipaddrv6($ipaddrv6)) { + $iface_ipv6=$ipaddrv6; + } else { if ((!empty($interface)) && (strcmp($interface, "any"))) { $iface_ipv6=get_interface_ipv6($interface); } @@ -387,9 +390,8 @@ function openvpn_reconfigure($mode, $settings) { if (is_ipaddrv4($iface_ip)) { $conf .= "local {$iface_ip}\n"; - } - if (is_ipaddrv6($iface_ipv6)) { - // $conf .= "local {$iface_ipv6}\n"; + } elseif (is_ipaddrv6($iface_ipv6)) { + $conf .= "local {$iface_ipv6}\n"; } if (openvpn_validate_engine($settings['engine']) && ($settings['engine'] != "none")) @@ -681,8 +683,8 @@ function openvpn_restart($mode, $settings) { if (isset($settings['disable'])) return; - /* Do not start if we are a CARP backup on this vip! */ - if (strstr($settings['interface'], "_vip") && (get_carp_interface_status($settings['interface']) == "BACKUP")) + /* Do not start a client if we are a CARP backup on this vip! */ + if (($mode == "client") && strstr($settings['interface'], "_vip") && (get_carp_interface_status($settings['interface']) == "BACKUP")) return; /* start the new process */ diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 8d5dac0..745ef8e 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -956,7 +956,7 @@ function setup_serial_port($when="save", $path="") { else $boot_config = ""; - if($g['platform'] <> "cdrom") { + if(($g['platform'] != "cdrom") && ($g['platform'] != "nanobsd")) { $boot_config_split = explode("\n", $boot_config); $fd = fopen($boot_config_file,"w"); if($fd) { @@ -973,7 +973,11 @@ function setup_serial_port($when="save", $path="") { } fclose($fd); } + } + if($g['platform'] != "cdrom") { /* serial console - write out /boot/loader.conf */ + if ($when == "upgrade") + system("echo \"Reading {$loader_conf_file}...\" >> /conf/upgrade_log.txt"); $boot_config = file_get_contents($loader_conf_file); $boot_config_split = explode("\n", $boot_config); if(count($boot_config_split) > 0) { @@ -1565,6 +1569,23 @@ function load_crypto() { } } +/* + * load_thermal_hardware() - Load temperature monitor kernel module + */ +function load_thermal_hardware() { + global $config, $g; + $thermal_hardware_modules = array('coretemp', 'amdtemp'); + + if (!in_array($config['system']['thermal_hardware'], $thermal_hardware_modules)) + return false; + + $is_loaded = `/sbin/kldstat | /usr/bin/grep -c {$config['system']['thermal_hardware']}`; + if (!empty($config['system']['thermal_hardware']) && ($is_loaded == 0)) { + log_error("Loading {$config['system']['thermal_hardware']} thermal monitor module."); + mwexec("/sbin/kldload {$config['system']['thermal_hardware']}"); + } +} + /****f* pfsense-utils/isvm * NAME * isvm @@ -1632,7 +1653,7 @@ function read_header($ch, $string) { global $file_size, $fout; $length = strlen($string); $regs = ""; - ereg("(Content-Length:) (.*)", $string, $regs); + preg_match("/(Content-Length:) (.*)/", $string, $regs); if($regs[2] <> "") { $file_size = intval($regs[2]); } @@ -1686,7 +1707,7 @@ function read_body($ch, $string) { */ function update_output_window($text) { global $pkg_interface; - $log = ereg_replace("\n", "\\n", $text); + $log = preg_replace("/\n/", "\\n", $text); if($pkg_interface != "console") { echo "\n<script language=\"JavaScript\">\nthis.document.forms[0].output.value = \"" . $log . "\";\n"; echo "this.document.forms[0].output.scrollTop = this.document.forms[0].output.scrollHeight;\n"; @@ -2424,7 +2445,7 @@ function set_language($lang = 'en_US', $encoding = "ISO8859-1") { putenv("LANG={$lang}.{$encoding}"); setlocale(LC_ALL, "{$lang}.{$encoding}"); textdomain("pfSense"); - bindtextdomain("pfSense","/usr/share/locale"); + bindtextdomain("pfSense","/usr/local/share/locale"); bind_textdomain_codeset("pfSense","{$lang}.{$encoding}"); } diff --git a/etc/inc/pkg-utils.inc b/etc/inc/pkg-utils.inc index 4e90b56..8ed44aa 100644 --- a/etc/inc/pkg-utils.inc +++ b/etc/inc/pkg-utils.inc @@ -518,12 +518,11 @@ function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = $fetchdir = $g['tmp_path']; } - $osname = php_uname("s"); - $arch = php_uname("m"); - $rel = strtolower(php_uname("r")); - if (substr_count($rel, '-') > 1) - $rel = substr($rel, 0, strrpos($rel, "-")); - $priv_url = "http://ftp2.{$osname}.org/pub/{$osname}/ports/{$arch}/packages-{$rel}/All"; + /* FreeBSD has no PBI's hosted, so fall back to our own URL for now. (Maybe fail to PC-BSD?) */ + $arch = php_uname("m"); + $arch = ($arch == "i386") ? "" : $arch . '/'; + $rel = get_freebsd_version(); + $priv_url = "http://files.pfsense.org/packages/{$arch}{$rel}/All/"; if (empty($base_url)) $base_url = $priv_url; if (substr($base_url, -1) == "/") @@ -551,7 +550,7 @@ function pkg_fetch_recursive($pkgname, $filename, $dependlevel = 0, $base_url = exec("/usr/local/sbin/pbi_add {$pkgstaging} -f -v --no-checksig {$fetchto} 2>&1", $pkgaddout); pkg_debug($pkgname . " " . print_r($pkgaddout, true) . "\npbi_add successfully completed.\n"); - + setup_library_paths(); exec("/usr/local/sbin/pbi_info " . preg_replace('/\.pbi$/','',$filename) . " | /usr/bin/awk '/Prefix/ {print $2}'",$pbidir); $pbidir = $pbidir[0]; $linkdirs = array('bin','sbin'); @@ -825,7 +824,7 @@ function install_package_xml($pkg) { $pkg_name_for_pbi_match = strtolower($pkg) . "-"; exec("/usr/local/sbin/pbi_info | grep '^{$pkg_name_for_pbi_match}' | xargs /usr/local/sbin/pbi_info | awk '/Prefix/ {print $2}'",$pbidirarray); $pbidir0 = $pbidirarray[0]; - exec("find /usr/local/etc/ -name *.conf | grep {$pkg}",$files); + exec("find /usr/local/etc/ -name *.conf | grep \"{$pkg}\"",$files); foreach($files as $f) { $pbiconf = str_replace('/usr/local',$pbidir0,$f); if(is_file($pbiconf) || is_link($pbiconf)) { diff --git a/etc/inc/services.inc b/etc/inc/services.inc index 3927011..78b810e 100644 --- a/etc/inc/services.inc +++ b/etc/inc/services.inc @@ -1064,7 +1064,7 @@ function services_igmpproxy_configure() { /* kill any running igmpproxy */ killbyname("igmpproxy"); - if (!is_array($config['igmpproxy']['igmpentry'])) + if (!is_array($config['igmpproxy']['igmpentry']) || (count($config['igmpproxy']['igmpentry']) == 0)) return 1; $iflist = get_configured_interface_list(); diff --git a/etc/inc/smtp.inc b/etc/inc/smtp.inc index 1f371f6..5aec015 100644 --- a/etc/inc/smtp.inc +++ b/etc/inc/smtp.inc @@ -223,7 +223,7 @@ class smtp_class || !extension_loaded("openssl")) return(gettext("establishing SSL connections requires the OpenSSL extension enabled")); } - if(ereg('^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$',$domain)) + if(preg_match('/^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$/',$domain)) $ip=$domain; else { diff --git a/etc/inc/system.inc b/etc/inc/system.inc index 65484f6..0501acf 100644 --- a/etc/inc/system.inc +++ b/etc/inc/system.inc @@ -470,10 +470,10 @@ function system_routing_configure($interface = "") { if(preg_match("/^Null/i", $rtent['gateway'])) $blackhole = "-blackhole"; - if (is_ipaddr($gatewayip)) { + if (is_ipaddr($gatewayip) && ((is_ipaddrv6($gatewayip) && is_subnetv6($rtent['network'])) || (is_ipaddrv4($gatewayip) && is_subnetv4($rtent['network'])))) { mwexec("/sbin/route change {$inetfamily} {$blackhole} " . escapeshellarg($rtent['network']) . " " . escapeshellarg($gatewayip)); - } else if (!empty($interfacegw)) { + } else if (!empty($interfacegw) && ((is_ipaddrv6($gatewayip) && is_subnetv6($rtent['network'])) || (is_ipaddrv4($gatewayip) && is_subnetv4($rtent['network'])))) { mwexec("/sbin/route change {$inetfamily} {$blackhole} " . escapeshellarg($rtent['network']) . " -iface " . escapeshellarg($interfacegw)); } @@ -1193,7 +1193,7 @@ EOD; // Harden SSL a bit for PCI conformance testing $lighty_config .= "ssl.use-sslv2 = \"disable\"\n"; - $lighty_config .= "ssl.cipher-list = \"TLSv1+HIGH !SSLv2 RC4+MEDIUM !aNULL !eNULL !3DES @STRENGTH\"\n"; + $lighty_config .= "ssl.cipher-list = \"DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:CAMELLIA256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:CAMELLIA128-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC4-SHA:RC4-MD5:!aNULL:!eNULL:!3DES:@STRENGTH\"\n"; if(!(empty($ca) || (strlen(trim($ca)) == 0))) $lighty_config .= "ssl.ca-file = \"{$g['varetc_path']}/{$ca_location}\"\n\n"; @@ -1271,7 +1271,7 @@ function system_ntp_configure($start_ntpd=true) { $ntpcfg .= "driftfile {$driftfile}\n"; if (empty($config['ntpd']['interface'])) - if (!empty($config['installedpackages']['openntpd']['config'][0]['interface'])) + if (is_array($config['installedpackages']['openntpd']) && !empty($config['installedpackages']['openntpd']['config'][0]['interface'])) $interfaces = explode(",", $config['installedpackages']['openntpd']['config'][0]['interface']); else $interfaces = array(); diff --git a/etc/inc/upgrade_config.inc b/etc/inc/upgrade_config.inc index b8bb978..9c72081 100644 --- a/etc/inc/upgrade_config.inc +++ b/etc/inc/upgrade_config.inc @@ -1907,7 +1907,7 @@ function upgrade_053_to_054() { foreach($lbpool_arr as $lbpool) { if($lbpool['type'] == "gateway") { // Gateway Groups have to have valid names in pf, old lb pools did not. Clean them up. - $group_name = ereg_replace("[^A-Za-z0-9]", "", $lbpool['name'] ); + $group_name = preg_replace("/[^A-Za-z0-9]/", "", $lbpool['name'] ); // If we made and changes, check for collisions and note the change. if ($group_name != $lbpool['name']) { // Make sure the name isn't already in use. @@ -2883,4 +2883,48 @@ function upgrade_087_to_088() { $config['system']['crypto_hardware'] = "glxsb"; } } + +function upgrade_088_to_089() { + global $config; + if (!is_array($config['ca'])) + $config['ca'] = array(); + if (!is_array($config['cert'])) + $config['cert'] = array(); + + /* migrate captive portal ssl to certifcate mngr */ + if (is_array($config['captiveportal'])) { + foreach ($config['captiveportal'] as $id => &$setting) { + if (isset($setting['httpslogin'])) { + /* create cert entry */ + $cert = array(); + $cert['refid'] = uniqid(); + $cert['descr'] = "Captive Portal Cert - {$setting['zone']}"; + $cert['crt'] = $setting['certificate']; + $cert['prv'] = $setting['private-key']; + + if (!empty($setting['cacertificate'])) { + /* create ca entry */ + $ca = array(); + $ca['refid'] = uniqid(); + $ca['descr'] = "Captive Portal CA - {$setting['zone']}"; + $ca['crt'] = $setting['cacertificate']; + $config['ca'][] = $ca; + + /* add ca reference to certificate */ + $cert['caref'] = $ca['refid']; + } + + $config['cert'][] = $cert; + + /* create cert reference */ + $setting['certref'] = $cert['refid']; + + unset($setting['certificate']); + unset($setting['private-key']); + unset($setting['cacertificate']); + + } + } + } +} ?> diff --git a/etc/inc/util.inc b/etc/inc/util.inc index 7737ad1..f95cdb0 100644 --- a/etc/inc/util.inc +++ b/etc/inc/util.inc @@ -1473,6 +1473,7 @@ function is_interface_mismatch() { $do_assign = false; $i = 0; + $missing_interfaces = array(); if (is_array($config['interfaces'])) { foreach ($config['interfaces'] as $ifname => $ifcfg) { if (preg_match("/^enc|^cua|^tun|^tap|^l2tp|^pptp|^ppp|^ovpn|^gif|^gre|^lagg|^bridge|vlan|_wlan/i", $ifcfg['if'])) { @@ -1481,7 +1482,7 @@ function is_interface_mismatch() { continue; } else if (does_interface_exist($ifcfg['if']) == false) { - echo "Warning: Interface '{$ifcfg['if']}' does not exist.\n"; + $missing_interfaces[] = $ifcfg['if']; $do_assign = true; } else $i++; @@ -1491,7 +1492,12 @@ function is_interface_mismatch() { if ($g['minimum_nic_count'] > $i) { $do_assign = true; } else if (file_exists("{$g['tmp_path']}/assign_complete")) - $do_assign = false; + $do_assign = false; + + if (!empty($missing_interfaces) && $do_assign) + file_put_contents("{$g['tmp_path']}/missing_interfaces", implode(' ', $missing_interfaces)); + else + @unlink("{$g['tmp_path']}/missing_interfaces"); return $do_assign; } @@ -1748,8 +1754,10 @@ function get_staticroutes($returnsubnetsonly = false) { if (is_alias($route['network'])) { $subnets = filter_expand_alias_array($route['network']); foreach ($subnets as $net) { - if (is_ipaddr($net)) + if (is_ipaddrv4($net)) $net .= "/32"; + if (is_ipaddrv6($net) && !is_subnetv6($net)) + $net .= "/128"; /* This must be a hostname, we can't use it. */ if (!is_subnet($net)) continue; @@ -1815,4 +1823,13 @@ function array_exclude($needle, $haystack) { return $result; } +function setup_library_paths() { + $current_library_paths = explode(":", exec("/sbin/ldconfig -r | /usr/bin/grep 'search directories' | /usr/bin/awk '{print $3;}'")); + $pbi_library_paths = array_merge(glob("/usr/pbi/*/lib", GLOB_ONLYDIR), glob("/usr/pbi/*/lib/*", GLOB_ONLYDIR)); + foreach ($pbi_library_paths as $pbilib) { + if (!in_array($pbilib, $current_library_paths)) + exec("/sbin/ldconfig -m {$pbilib}"); + } +} + ?> diff --git a/etc/rc.bootup b/etc/rc.bootup index a4479ab..48fe740 100755 --- a/etc/rc.bootup +++ b/etc/rc.bootup @@ -141,7 +141,7 @@ system_check_reset_button(); if (file_exists("/root/firmware.tgz")) unlink("/root/firmware.tgz"); -/* start devd (dhclient now uses it */ +/* start devd (dhclient now uses it) */ echo "Starting device manager (devd)..."; mute_kernel_msgs(); start_devd(); @@ -190,7 +190,12 @@ if($g['platform'] == "jail") { */ while(is_interface_mismatch() == true) { led_assigninterfaces(); - echo "\nNetwork interface mismatch -- Running interface assignment option.\n"; + if (isset($config['revision'])) { + if (file_exists("{$g['tmp_path']}/missing_interfaces")) + echo "Warning: Configuration references interfaces that do not exist: " . file_get_contents("{$g['tmp_path']}/missing_interfaces") . "\n"; + echo "\nNetwork interface mismatch -- Running interface assignment option.\n"; + } else + echo "\nDefault interfaces not found -- Running interface assignment option.\n"; $ifaces = get_interface_list(); if (is_array($ifaces)) { foreach($ifaces as $iface => $ifdata) @@ -218,6 +223,9 @@ echo "done.\n"; /* enable optional crypto modules */ load_crypto(); +/* enable optional thermal sensor modules */ +load_thermal_hardware(); + /* run any early shell commands specified in config.xml */ system_do_shell_commands(1); @@ -310,6 +318,7 @@ echo "Starting NTP time client..."; /* At bootup this will just write the config, ntpd will launch from ntpdate_sync_once.sh */ system_ntp_configure(false); mwexec_bg("/usr/local/sbin/ntpdate_sync_once.sh", true); +echo "done.\n"; /* start load balancer daemon */ relayd_configure(); @@ -431,4 +440,4 @@ led_normalize(); conf_mount_ro(); -?> +?>
\ No newline at end of file diff --git a/etc/rc.dhclient_cron b/etc/rc.dhclient_cron index c57b15b..c57b15b 100644..100755 --- a/etc/rc.dhclient_cron +++ b/etc/rc.dhclient_cron diff --git a/etc/rc.firmware b/etc/rc.firmware index 483b0b4..54a115c 100755 --- a/etc/rc.firmware +++ b/etc/rc.firmware @@ -298,7 +298,9 @@ pfSenseNanoBSDupgrade) # If /tmp/$GLABEL_SLICE/tmp/post_upgrade_command exists # after update then execute the command. + echo "Checking for post_upgrade_command..." >> /conf/upgrade_log.txt if [ -f /tmp/$GLABEL_SLICE/tmp/post_upgrade_command ]; then + echo "Found post_upgrade_command, executing ($GLABEL_SLICE)..." >> /conf/upgrade_log.txt sh /tmp/$GLABEL_SLICE/tmp/post_upgrade_command $GLABEL_SLICE >> /conf/upgrade_log.txt 2>&1 fi diff --git a/etc/rc.initial.toggle_sshd b/etc/rc.initial.toggle_sshd index a7ecf6b..a7ecf6b 100644..100755 --- a/etc/rc.initial.toggle_sshd +++ b/etc/rc.initial.toggle_sshd diff --git a/etc/rc.notify_message b/etc/rc.notify_message index 887b4c6..b2b5f04 100755 --- a/etc/rc.notify_message +++ b/etc/rc.notify_message @@ -32,7 +32,7 @@ require("config.inc"); require("functions.inc"); require("notices.inc"); -$arguments = getopt("e:g:m:"); +$arguments = getopt("egm:"); $send_email = false; $send_growl = false; diff --git a/etc/rc.openvpn b/etc/rc.openvpn new file mode 100755 index 0000000..7fb8cef --- /dev/null +++ b/etc/rc.openvpn @@ -0,0 +1,54 @@ +#!/usr/local/bin/php -f +<?php +/* + $Id$ + part of m0n0wall (http://m0n0.ch/wall) + + Copyright (C) 2007 Manuel Kasper <mk@neon1.net>. + Copyright (C) 2009 Seth Mos <seth.mos@dds.nl>. + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + + /* parse the configuration and include all functions used below */ + require_once("config.inc"); + require_once("functions.inc"); + require_once("filter.inc"); + require_once("openvpn.inc"); + require_once("util.inc"); + + /* make sure to wait until the boot scripts have finished */ + while (file_exists("{$g['varrun_path']}/booting")) { + sleep(1); + } + $openvpnlck = lock('openvpn', LOCK_EX); + + if(isset($config['openvpn']['enable'])) + log_error("OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading."); + + openvpn_resync_all(); + + filter_configure(); + + unlock($openvpnlck); +?> diff --git a/etc/rc.php_ini_setup b/etc/rc.php_ini_setup index 7258eb8..a14de35 100755 --- a/etc/rc.php_ini_setup +++ b/etc/rc.php_ini_setup @@ -54,7 +54,7 @@ fi if [ "$AVAILMEM" -lt "96" ]; then APCSHMEMSIZE="5M" fi -if [ "$AVAILMEM" -lt "128" ]; then +if [ "$AVAILMEM" -le "128" ]; then APCSHMEMSIZE="10M" fi if [ "$AVAILMEM" -gt "128" ]; then @@ -126,6 +126,8 @@ PHPMODULES="$PHPMODULES ssh2" PHPMODULES="$PHPMODULES pfSense" # json PHPMODULES="$PHPMODULES json" +# bcmath +PHPMODULES="$PHPMODULES bcmath" PHP_ZEND_MODULES="ioncube_loader" PHP_ZEND_MODULES_TS="ioncube_loader_ts" @@ -153,6 +155,9 @@ if [ -f /usr/local/lib/php.ini ]; then fi LOADED_MODULES=`/usr/local/bin/php -m | /usr/bin/grep -v "\["` +# Fetch the timezone from the XML and set it here. We set it later too in the running scripts +TIMEZONE=`cat /conf/config.xml | egrep -E '<timezone>(.*?)</timezone>' | awk -F'>' '{print $2}'|awk -F'<' '{print $1}'` + # Get a loaded module list in the stock php # Populate a dummy php.ini to avoid # the file being clobbered and the firewall @@ -163,9 +168,8 @@ output_buffering = "0" expose_php = Off implicit_flush = true magic_quotes_gpc = Off -max_execution_time = 99999999 -max_input_time = 99999999 -set_time_limit = 0 +max_execution_time = 900 +max_input_time = 1800 register_argc_argv = On file_uploads = On upload_tmp_dir = ${UPLOADTMPDIR} @@ -180,6 +184,7 @@ display_errors=on log_errors=on error_log=/tmp/PHP_errors.log extension_dir=${EXTENSIONSDIR} +date.timezone="${TIMEZONE}" ; Extensions diff --git a/etc/rc.start_packages b/etc/rc.start_packages index 4b78718..80e7aaf 100755 --- a/etc/rc.start_packages +++ b/etc/rc.start_packages @@ -39,6 +39,7 @@ require_once("pfsense-utils.inc"); require_once("service-utils.inc"); log_error("Restarting/Starting all packages."); +setup_library_paths(); $rcfiles = glob("{$rcfileprefix}*.sh"); if (!$rcfiles) @@ -121,6 +121,15 @@ $sshconf .= "Protocol 2\n"; /* Run the server on another port if we have one defined */ $sshconf .= "Port $sshport\n"; + + /* Apply package SSHDCond settings if config file exists */ + if(file_exists("/etc/sshd_extra")) + { + $fdExtra = fopen("/etc/sshd_extra", 'r'); + $szExtra = fread($fdExtra, 1048576); // Read up to 1MB from extra file + $sshconf .= $szExtra; + fclose($fdExtra); + } /* Write the new sshd config file */ $fd = fopen("/etc/ssh/sshd_config", "w"); diff --git a/tmp/post_upgrade_command b/tmp/post_upgrade_command index e6c09a8..4050998 100755 --- a/tmp/post_upgrade_command +++ b/tmp/post_upgrade_command @@ -72,7 +72,14 @@ echo "$detect_command" > $CVS_CO_DIR/root/.shrc echo "$detect_command" >> $CVS_CO_DIR/root/.profile # Now turn on or off serial console as needed -/tmp/post_upgrade_command.php $1 +echo "Checking for /tmp/$1/tmp/post_upgrade_command.php... " >> /conf/upgrade_log.txt +if [ -x /tmp/$1/tmp/post_upgrade_command.php ]; then + echo "Running /tmp/$1/tmp/post_upgrade_command.php $1" >> /conf/upgrade_log.txt + /tmp/$1/tmp/post_upgrade_command.php $1 >> /conf/upgrade_log.txt 2>&1 +elif [ -f /tmp/post_upgrade_command.php ]; then + echo "Running /tmp/post_upgrade_command.php $1" >> /conf/upgrade_log.txt + /tmp/post_upgrade_command.php $1 +fi # Remove any previous MD5 sum files rm -f /root/*.md5 diff --git a/tmp/post_upgrade_command.php b/tmp/post_upgrade_command.php index 00172b2..fdb1f3c 100755 --- a/tmp/post_upgrade_command.php +++ b/tmp/post_upgrade_command.php @@ -19,8 +19,9 @@ } $newslicedir = ""; - if ($ARGV[1] != "") - $newslicedir = '/tmp' . $ARGV[1]; + if ($argv[1] != "") + $newslicedir = '/tmp/' . $argv[1]; + system("echo \"Adding serial port settings ({$newslicedir})...\" >> /conf/upgrade_log.txt"); setup_serial_port("upgrade", $newslicedir); $files_to_process = file("/etc/pfSense.obsoletedfiles"); diff --git a/usr/local/sbin/pbi_create b/usr/local/sbin/pbi_create index 2508ced..30b20c5 100755 --- a/usr/local/sbin/pbi_create +++ b/usr/local/sbin/pbi_create @@ -1524,14 +1524,18 @@ get_pbi_progversion() { # Get the PBI_PROGNAME get_pbi_progname() { - if [ -z "${PBI_PROGNAME}" ] ; then + if [ -z "${PBI_PROGNAME}" -o "${PBI_PROGNAME}" = " " ] ; then load_pbi_conffile else return 0 fi if [ -z "${PBI_PROGNAME}" -a -n "${PORTSDIR}" -a -n "${PBI_MAKEPORT}" ] ; then - PBI_PROGNAME="`make -C ${PORTSDIR}/${PBI_MAKEPORT} -V PORTNAME`" + # Get the proper package name from the prefix + name + suffix + local pkgPrefix="`make -C ${PORTSDIR}/${PBI_MAKEPORT} -V PKGNAMEPREFIX`" + local pkgName="`make -C ${PORTSDIR}/${PBI_MAKEPORT} -V PORTNAME`" + local pkgSuffix="`make -C ${PORTSDIR}/${PBI_MAKEPORT} -V PKGNAMESUFFIX`" + PBI_PROGNAME="${pkgPrefix}${pkgName}${pkgSuffix}" else exit_err "Failed to locate PBI_PROGNAME" fi @@ -2733,6 +2737,14 @@ pbi_display_info() { echo "MimeRegistration: YES" fi + # If verbose mode, show file contents + if [ "$PBI_VERBOSE" = "YES" ] ; then + pbi_find_archive_header + echo "TOTALFILES: ${PBI_ARCHIVE_COUNT}" + echo "Archive Contents:" + echo "--------------------------------------" + tail +$PBI_SKIP_ARCHLINES "${PBI_FILENAME}" | tar tvf - + fi } # See if we need to display gui header info @@ -3399,6 +3411,7 @@ check_create_required_vars() { # Start the pbi_create process do_pbi_create() { + get_pbi_progname echo "Creating PBI: ${PBI_PROGNAME}-${PBI_PROGVERSION}" mk_header_dir @@ -3900,9 +3913,9 @@ mk_stage_dir() { for excl in $PBI_EXCLUDELIST do if [ -z "$_excOpts" ] ; then - _excOpts = "--exclude ${excl}" + _excOpts="--exclude ${excl}" else - _excOpts = "$_excOpts --exclude ${excl}" + _excOpts="$_excOpts --exclude ${excl}" fi done fi @@ -5305,7 +5318,7 @@ pbi_update_dl() { local _CKSUM="$2" # Set local download location - _dl_loc="${PBI_APPDIR}/.`basename $PBI_UPFILE`.$$" + _dl_loc="${PBI_APPDIR}/.`basename $PBI_UPFILE`" # Have a patch file to download instead, make that the active file to try if [ -n "$_tPatch" ] ; then @@ -5349,14 +5362,13 @@ pbi_get_file() { _rf="${1}" _lf="${2}" - # Wait a sec - sleep 1 - init_tmpdir - if [ -e "${_lf}" ] ; then rm "$_lf" ; fi + if [ -e "${_lf}" ] ; then + echo "Resuming download of: ${_lf}" + fi if [ "$PBI_FETCH_PARSING" != "YES" ] ; then - fetch -o "${_lf}" "${_rf}" + fetch -r -o "${_lf}" "${_rf}" _err=$? else # Doing a front-end download, parse the output of fetch @@ -5365,13 +5377,11 @@ pbi_get_file() { _fSize=`cat ${PBI_TMPDIR}/.fetch-size.$$ 2>/dev/null` _fSize="`expr ${_fSize} / 1024 2>/dev/null`" rm "${PBI_TMPDIR}/.fetch-size.$$" 2>/dev/null - _time=0 + _time=1 - ( fetch -o "${_lf}" "${_rf}" >/dev/null 2>/dev/null ; echo "$?" > ${_eFile} ) & - FETCH_PID=`ps -auwwwx | grep -v grep | grep "fetch -o ${_lf}" | awk '{print $2}'` - FETCH_TFILE="${_lf}" - while - z=1 + ( fetch -r -o "${_lf}" "${_rf}" >/dev/null 2>/dev/null ; echo "$?" > ${_eFile} ) & + FETCH_PID=`ps -auwwwx | grep -v grep | grep "fetch -r -o ${_lf}" | awk '{print $2}'` + while : do if [ -e "${_lf}" ] ; then _dSize=`du -k ${_lf} | tr -d '\t' | cut -d '/' -f 1` @@ -5391,7 +5401,7 @@ pbi_get_file() { _err="`cat ${_eFile}`" if [ "$_err" = "0" ]; then echo "FETCHDONE" ; fi - unset FETCH_PID FETCH_TFILE + unset FETCH_PID fi echo "" @@ -6698,9 +6708,8 @@ exit_trap() { # If a download is running, kill it if [ -n "${FETCH_PID}" ] ; then echo "Killing ${FETCH_PID}" - kill -9 ${FETCH_PID} - sleep 1 - rm ${FETCH_TFILE} + kill -s INT ${FETCH_PID} + sleep 2 fi chroot_make_cleanup rm_tmpdir diff --git a/usr/share/locale/en_US.ISO8859-1/LC_MESSAGES/pfSense.pot b/usr/local/share/locale/en_US.ISO8859-1/LC_MESSAGES/pfSense.pot index add7889..add7889 100644 --- a/usr/share/locale/en_US.ISO8859-1/LC_MESSAGES/pfSense.pot +++ b/usr/local/share/locale/en_US.ISO8859-1/LC_MESSAGES/pfSense.pot diff --git a/usr/share/locale/pt_BR.ISO8859-1/LC_MESSAGES/pfSense.mo b/usr/local/share/locale/pt_BR.ISO8859-1/LC_MESSAGES/pfSense.mo Binary files differindex 824251c..824251c 100644 --- a/usr/share/locale/pt_BR.ISO8859-1/LC_MESSAGES/pfSense.mo +++ b/usr/local/share/locale/pt_BR.ISO8859-1/LC_MESSAGES/pfSense.mo diff --git a/usr/share/locale/pt_BR.ISO8859-1/LC_MESSAGES/pfSense.po b/usr/local/share/locale/pt_BR.ISO8859-1/LC_MESSAGES/pfSense.po index 26cadb0..26cadb0 100644 --- a/usr/share/locale/pt_BR.ISO8859-1/LC_MESSAGES/pfSense.po +++ b/usr/local/share/locale/pt_BR.ISO8859-1/LC_MESSAGES/pfSense.po diff --git a/usr/local/www/exec.php b/usr/local/www/exec.php index 5bd7f30..4342c1d 100755 --- a/usr/local/www/exec.php +++ b/usr/local/www/exec.php @@ -71,7 +71,7 @@ if($_POST) // Function: is Blank // Returns true or false depending on blankness of argument. -function isBlank( $arg ) { return ereg( "^\s*$", $arg ); } +function isBlank( $arg ) { return preg_match( "/^\s*$/", $arg ); } // Function: Puts diff --git a/usr/local/www/firewall_aliases.php b/usr/local/www/firewall_aliases.php index c7c935f..4d46c1f 100755 --- a/usr/local/www/firewall_aliases.php +++ b/usr/local/www/firewall_aliases.php @@ -52,7 +52,8 @@ $a_aliases = &$config['aliases']['alias']; if ($_POST) { - $pconfig = $_POST; + if($_POST['tab']) + $tab = $_POST['tab']; if ($_POST['apply']) { $retval = 0; @@ -163,76 +164,128 @@ include("head.inc"); <?php print_info_box_np(gettext("The alias list has been changed.") . "<br>" . gettext("You must apply the changes in order for them to take effect."));?> <?php endif; ?> <?php pfSense_handle_custom_code("/usr/local/pkg/firewall_aliases/pre_table"); ?> -<table width="100%" border="0" cellpadding="0" cellspacing="0" class="tabcont"> -<tr> - <td width="25%" class="listhdrr"><?=gettext("Name"); ?></td> - <td width="25%" class="listhdrr"><?=gettext("Values"); ?></td> - <td width="25%" class="listhdr"><?=gettext("Description"); ?></td> - <td width="10%" class="list"> - <table border="0" cellspacing="0" cellpadding="1"> +<table width="100%" border="0" cellpadding="0" cellspacing="0" > + <tr> + <td class="tabnavtbl"> + <?php + $tab=($_REQUEST['tab'] == "" ? "ip" : preg_replace("/\W/","",$_REQUEST['tab'])); + $tab_array = array(); + $tab_array[] = array(gettext("IP"),($tab=="ip" ? true : ($tab=="host" ? true : ($tab == "network" ? true : false))), "/firewall_aliases.php?tab=ip"); + $tab_array[] = array(gettext("Ports"), ($tab=="port"? true : false), "/firewall_aliases.php?tab=port"); + $tab_array[] = array(gettext("Urls"), ($tab=="url"? true : false), "/firewall_aliases.php?tab=url"); + $tab_array[] = array(gettext("All"), ($tab=="all"? true : false), "/firewall_aliases.php?tab=all"); + display_top_tabs($tab_array); + ?> + <input type="hidden" name="tab" value="<?=htmlspecialchars($tab);?>"> + </td> + </tr> +<tr><td><div id="mainarea"> + <table class="tabcont" width="100%" border="0" cellpadding="0" cellspacing="0"> + <tr> + <td width="20%" class="listhdrr"><?=gettext("Name"); ?></td> + <td width="43%" class="listhdrr"><?=gettext("Values"); ?></td> + <td width="30%" class="listhdr"><?=gettext("Description"); ?></td> + <td width="7%" class="list"> + <table border="0" cellspacing="0" cellpadding="1"> <tr> <td valign="middle" width="17"> </td> - <td valign="middle"><a href="firewall_aliases_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add a new alias"); ?>"></a></td> - </tr> - </table> - </td> -</tr> - <?php $i = 0; foreach ($a_aliases as $alias): ?> -<tr> - <td class="listlr" ondblclick="document.location='firewall_aliases_edit.php?id=<?=$i;?>';"> - <?=htmlspecialchars($alias['name']);?> - </td> - <td class="listr" ondblclick="document.location='firewall_aliases_edit.php?id=<?=$i;?>';"> - <?php - if ($alias["url"]) { - echo $alias["url"] . "<br/>"; - } - if ($alias["aliasurl"]) { - echo $alias["aliasurl"] . "<br/>"; - } - $tmpaddr = explode(" ", $alias['address']); - $addresses = implode(", ", array_slice($tmpaddr, 0, 10)); - echo $addresses; - if(count($tmpaddr) > 10) { - echo "..."; - } - ?> - </td> - <td class="listbg" ondblclick="document.location='firewall_aliases_edit.php?id=<?=$i;?>';"> - <?=htmlspecialchars($alias['descr']);?> - </td> - <td valign="middle" nowrap class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle"><a href="firewall_aliases_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" title="<?=gettext("edit alias"); ?>"></a></td> - <td><a href="firewall_aliases.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this alias? All elements that still use it will become invalid (e.g. filter rules)!");?>')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" title="<?=gettext("delete alias"); ?>"></a></td> + <td valign="middle"><a href="firewall_aliases_edit.php?tab=<?=$tab?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" <?=dom_title(gettext("Add a new alias"));?>></a></td> </tr> </table> </td> </tr> - <?php $i++; endforeach; ?> + <?php + asort($a_aliases); + foreach ($a_aliases as $i=> $alias){ + unset ($show_alias); + switch ($tab){ + case "all": + $show_alias= true; + break; + case "ip": + case "host": + case "network": + if (preg_match("/(host|network)/",$alias["type"])) + $show_alias= true; + break; + case "url": + if (preg_match("/(url)/i",$alias["type"])) + $show_alias= true; + break; + case "port": + if($alias["type"] == "port") + $show_alias= true; + break; + } + if ($show_alias){?> + <tr> + <td class="listlr" ondblclick="document.location='firewall_aliases_edit.php?id=<?=$i;?>';"> + <?=htmlspecialchars($alias['name']);?> + </td> + <td class="listr" ondblclick="document.location='firewall_aliases_edit.php?id=<?=$i;?>';"> + <?php + if ($alias["url"]) { + echo $alias["url"] . "<br/>"; + } + if(is_array($alias["aliasurl"])) { + $aliasurls = implode(", ", array_slice($alias["aliasurl"], 0, 10)); + echo $aliasurls; + if(count($aliasurls) > 10) { + echo "...<br/>"; + } + echo "<br/>\n"; + } + $tmpaddr = explode(" ", $alias['address']); + $addresses = implode(", ", array_slice($tmpaddr, 0, 10)); + echo $addresses; + if(count($tmpaddr) > 10) { + echo "..."; + } + ?> + </td> + <td class="listbg" ondblclick="document.location='firewall_aliases_edit.php?id=<?=$i;?>';"> + <?=htmlspecialchars($alias['descr']);?> + </td> + <td valign="middle" nowrap class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tr> + <td valign="middle"><a href="firewall_aliases_edit.php?id=<?=$i;?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_e.gif" width="17" height="17" border="0" <?=dom_title(gettext("Edit alias")." {$alias['name']}");?>></a></td> + <td><a href="firewall_aliases.php?act=del&id=<?=$i;?>" onclick="return confirm('<?=gettext("Do you really want to delete this alias? All elements that still use it will become invalid (e.g. filter rules)!");?>')"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_x.gif" width="17" height="17" border="0" <?=dom_title(gettext("Delete alias")." {$alias['name']}");?>></a></td> + </tr> + </table> + </td> + </tr> + <?php + } + }?> + <tr> - <td class="list" colspan="3"></td> - <td class="list"> - <table border="0" cellspacing="0" cellpadding="1"> - <tr> - <td valign="middle" width="17"> </td> - <td valign="middle"> - <a href="firewall_aliases_edit.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" title="<?=gettext("add a new alias"); ?>"></a></td> - </td> - <td valign="middle"> - <a href="firewall_aliases_import.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_import_alias.gif" width="17" height="17" border="0" title="<?=gettext("Bulk import aliases from list"); ?>" alt="" /></a> - </td> - </tr> - </table> - </td> + <td colspan="3"/> </td> + <td valign="middle" nowrap class="list"> + <table border="0" cellspacing="0" cellpadding="1"> + <tbody> + <tr> + <td valign="middle"> + <a href="firewall_aliases_edit.php?tab=<?=$tab?>"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_plus.gif" width="17" height="17" border="0" <?=dom_title(gettext("Add a new alias")); ?>></a> + </td> + <td valign="middle"> + <a href="firewall_aliases_import.php"><img src="/themes/<?= $g['theme']; ?>/images/icons/icon_import_alias.gif" width="17" height="17" border="0" <?=dom_title(gettext("Bulk import aliases from list"));?> alt="" /></a> + </td> + </tr> + </tbody> + </table> + </td> </tr> -<tr> + <td class="tabcont" colspan="3"> - <p><span class="vexpl"><span class="red"><strong><?=gettext("Note:"); ?><br></strong></span><?=gettext("Aliases act as placeholders for real hosts, networks or ports. They can be used to minimize the number of changes that have to be made if a host, network or port changes. You can enter the name of an alias instead of the host, network or port in all fields that have a red background. The alias will be resolved according to the list above. If an alias cannot be resolved (e.g. because you deleted it), the corresponding element (e.g. filter/NAT/shaper rule) will be considered invalid and skipped."); ?></span></p> + <p><span class="vexpl"><span class="red"><strong><?=gettext("Note:"); ?><br></strong></span><div style="overflow:hidden; text-align:justify;"><?=gettext("Aliases act as placeholders for real hosts, networks or ports. They can be used to minimize the number of changes that have to be made if a host, network or port changes. You can enter the name of an alias instead of the host, network or port in all fields that have a red background. The alias will be resolved according to the list above. If an alias cannot be resolved (e.g. because you deleted it), the corresponding element (e.g. filter/NAT/shaper rule) will be considered invalid and skipped."); ?></div></span></p> </td> </tr> </table> + </div> + </td> + </tr> + </table> </form> <?php include("fend.inc"); ?> </body> diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php index 64b9c56..194d445 100755 --- a/usr/local/www/firewall_aliases_edit.php +++ b/usr/local/www/firewall_aliases_edit.php @@ -357,8 +357,11 @@ if ($_POST) { write_config(); - header("Location: firewall_aliases.php"); - exit; + if($_POST['tab']) + header("Location: firewall_aliases.php?tab=" . htmlspecialchars ($_POST['tab'])); + else + header("Location: firewall_aliases.php"); + exit; } //we received input errors, copy data to prevent retype else @@ -573,6 +576,7 @@ EOD; <div id="inputerrors"></div> <form action="firewall_aliases_edit.php" method="post" name="iform" id="iform"> +<input name="tab" type="hidden" id="tab" value="<?=htmlspecialchars($pconfig['type']);?>" /> <table width="100%" border="0" cellpadding="6" cellspacing="0"> <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("Alias Edit"); ?></td> @@ -704,7 +708,7 @@ EOD; typesel_change(); update_box_type(); - var addressarray = <?= json_encode(array_exclude($pconfig['name'], get_alias_list("port"))) ?>; + var addressarray = <?= json_encode(array_exclude($pconfig['name'], get_alias_list($pconfig['type']))) ?>; function createAutoSuggest() { <?php diff --git a/usr/local/www/interfaces_assign.php b/usr/local/www/interfaces_assign.php index d8f5511..8b1f315 100755 --- a/usr/local/www/interfaces_assign.php +++ b/usr/local/www/interfaces_assign.php @@ -273,15 +273,9 @@ if ($_GET['act'] == "del") { unset($config['interfaces'][$id]); /* delete the specified OPTn or LAN*/ - if($id == "lan") { - unset($config['interfaces']['lan']); - if (is_array($config['dhcpd'])) - unset($config['dhcpd']['lan']); - unset($config['shaper']); - unset($config['ezshaper']); - unset($config['nat']); - system("rm /var/dhcpd/var/db/*"); - services_dhcpd_configure(); + if (is_array($config['dhcpd']) && is_array($config['dhcpd'][$id])) { + unset($config['dhcpd'][$id]); + services_dhcpd_configure(); } if (count($config['filter']['rule']) > 0) { diff --git a/usr/local/www/pkg_edit.php b/usr/local/www/pkg_edit.php index 30a56a6..9c4841e 100755 --- a/usr/local/www/pkg_edit.php +++ b/usr/local/www/pkg_edit.php @@ -58,7 +58,7 @@ function domTT_title($title_msg){ if (!empty($title_msg)){ $title_msg=preg_replace("/\s+/"," ",$title_msg); $title_msg=preg_replace("/'/","\'",$title_msg); - return "onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\" onmouseover=\"domTT_activate(this, event, 'content', '{$title_msg}', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'styleClass', 'niceTitle');\""; + return "onmouseout=\"this.style.color = ''; domTT_mouseout(this, event);\" onmouseover=\"domTT_activate(this, event, 'content', '{$title_msg}', 'trail', true, 'delay', 0, 'fade', 'both', 'fadeMax', 93, 'delay',300,'styleClass', 'niceTitle');\""; } } @@ -123,6 +123,25 @@ if($pkg['custom_php_command_before_form'] <> "") eval($pkg['custom_php_command_before_form']); if ($_POST) { + $firstfield = ""; + $rows = 0; + + $input_errors = array(); + $reqfields = array(); + $reqfieldsn = array(); + foreach ($pkg['fields']['field'] as $field) { + if (($field['type'] == 'input') && isset($field['required'])) { + if($field['fieldname']) + $reqfields[] = $field['fieldname']; + if($field['fielddescr']) + $reqfieldsn[] = $field['fielddescr']; + } + } + do_input_validation($_POST, $reqfields, $reqfieldsn, &$input_errors); + + if ($pkg['custom_php_validation_command']) + eval($pkg['custom_php_validation_command']); + if($_POST['act'] == "del") { if($pkg['custom_delete_php_command']) { if($pkg['custom_php_command_before_form'] <> "") @@ -137,7 +156,7 @@ if ($_POST) { eval($pkg['custom_php_resync_config_command']); } } else { - if($pkg['custom_add_php_command']) { + if(!$input_errors && $pkg['custom_add_php_command']) { if($pkg['donotsave'] <> "" or $pkg['preoutput'] <> "") { ?> @@ -153,97 +172,81 @@ if ($_POST) { } // donotsave is enabled. lets simply exit. - if($pkg['donotsave'] <> "") exit; - - $firstfield = ""; - $rows = 0; - - $input_errors = array(); - $reqfields = array(); - $reqfieldsn = array(); - foreach ($pkg['fields']['field'] as $field) { - if (($field['type'] == 'input') && isset($field['required'])) { - if($field['fieldname']) - $reqfields[] = $field['fieldname']; - if($field['fielddescr']) - $reqfieldsn[] = $field['fielddescr']; - } - } - do_input_validation($_POST, $reqfields, $reqfieldsn, &$input_errors); - - if ($pkg['custom_php_validation_command']) - eval($pkg['custom_php_validation_command']); + if(empty($pkg['donotsave'])) { - // store values in xml configration file. - if (!$input_errors) { - $pkgarr = array(); - foreach ($pkg['fields']['field'] as $fields) { - switch($fields['type']){ - case "rowhelper": - // save rowhelper items. - #$rowhelpername=($fields['fieldname'] ? $fields['fieldname'] : "row"); - $rowhelpername="row"; - foreach($fields['rowhelper']['rowhelperfield'] as $rowhelperfield) - foreach($_POST as $key => $value){ - if (preg_match("/^{$rowhelperfield['fieldname']}(\d+)$/",$key,$matches)) - $pkgarr[$rowhelpername][$matches[1]][$rowhelperfield['fieldname']]=$value; + // store values in xml configration file. + if (!$input_errors) { + $pkgarr = array(); + foreach ($pkg['fields']['field'] as $fields) { + switch($fields['type']){ + case "rowhelper": + // save rowhelper items. + #$rowhelpername=($fields['fieldname'] ? $fields['fieldname'] : "row"); + $rowhelpername="row"; + foreach($fields['rowhelper']['rowhelperfield'] as $rowhelperfield) + foreach($_POST as $key => $value){ + if (preg_match("/^{$rowhelperfield['fieldname']}(\d+)$/",$key,$matches)) + $pkgarr[$rowhelpername][$matches[1]][$rowhelperfield['fieldname']]=$value; + } + break; + default: + $fieldname = $fields['fieldname']; + if ($fieldname == "interface_array") { + $fieldvalue = $_POST[$fieldname]; + } elseif (is_array($_POST[$fieldname])) { + $fieldvalue = implode(',', $_POST[$fieldname]); + } else { + $fieldvalue = trim($_POST[$fieldname]); + if ($fields['encoding'] == 'base64') + $fieldvalue = base64_encode($fieldvalue); } - break; - default: - $fieldname = $fields['fieldname']; - if ($fieldname == "interface_array") { - $fieldvalue = $_POST[$fieldname]; - } elseif (is_array($_POST[$fieldname])) { - $fieldvalue = implode(',', $_POST[$fieldname]); - } else { - $fieldvalue = trim($_POST[$fieldname]); - if ($fields['encoding'] == 'base64') - $fieldvalue = base64_encode($fieldvalue); + if($fieldname) + $pkgarr[$fieldname] = $fieldvalue; } - if($fieldname) - $pkgarr[$fieldname] = $fieldvalue; - } - } + } - if (isset($id) && $a_pkg[$id]) - $a_pkg[$id] = $pkgarr; - else - $a_pkg[] = $pkgarr; + if (isset($id) && $a_pkg[$id]) + $a_pkg[$id] = $pkgarr; + else + $a_pkg[] = $pkgarr; - write_config($pkg['addedit_string']); - // late running code - if($pkg['custom_add_php_command_late'] <> "") { - eval($pkg['custom_add_php_command_late']); - } + write_config($pkg['addedit_string']); + // late running code + if($pkg['custom_add_php_command_late'] <> "") { + eval($pkg['custom_add_php_command_late']); + } - if (isset($pkg['filter_rules_needed'])) - filter_configure(); + if (isset($pkg['filter_rules_needed'])) + filter_configure(); - // resync the configuration file code if defined. - if($pkg['custom_php_resync_config_command'] <> "") { - eval($pkg['custom_php_resync_config_command']); - } + // resync the configuration file code if defined. + if($pkg['custom_php_resync_config_command'] <> "") { + eval($pkg['custom_php_resync_config_command']); + } - parse_package_templates(); + parse_package_templates(); - /* if start_command is defined, restart w/ this */ - if($pkg['start_command'] <> "") - exec($pkg['start_command'] . ">/dev/null 2&>1"); + /* if start_command is defined, restart w/ this */ + if($pkg['start_command'] <> "") + exec($pkg['start_command'] . ">/dev/null 2&>1"); - /* if restart_command is defined, restart w/ this */ - if($pkg['restart_command'] <> "") - exec($pkg['restart_command'] . ">/dev/null 2&>1"); + /* if restart_command is defined, restart w/ this */ + if($pkg['restart_command'] <> "") + exec($pkg['restart_command'] . ">/dev/null 2&>1"); - if($pkg['aftersaveredirect'] <> "") { - pfSenseHeader($pkg['aftersaveredirect']); - } elseif(!$pkg['adddeleteeditpagefields']) { - pfSenseHeader("pkg_edit.php?xml={$xml}&id=0"); - } elseif(!$pkg['preoutput']) { - pfSenseHeader("pkg.php?xml=" . $xml); + if($pkg['aftersaveredirect'] <> "") { + pfSenseHeader($pkg['aftersaveredirect']); + } elseif(!$pkg['adddeleteeditpagefields']) { + pfSenseHeader("pkg_edit.php?xml={$xml}&id=0"); + } elseif(!$pkg['preoutput']) { + pfSenseHeader("pkg.php?xml=" . $xml); + } + exit; + } else { + $get_from_post = true; } + } elseif (!$input_errors) { exit; - } else { - $get_from_post = true; } } @@ -593,6 +596,11 @@ if ($pkg['tabs'] <> "") { $source_url = $pkga['source']; eval("\$pkg_source_txt = &$source_url;"); $input=""; + #check if show disable option is present on xml + if(isset($pkga['show_disable_value'])){ + array_push($pkg_source_txt, array(($pkga['source_name']? $pkga['source_name'] : $pkga['name'])=> $pkga['show_disable_value'], + ($pkga['source_value']? $pkga['source_value'] : $pkga['value'])=> $pkga['show_disable_value'])); + } foreach ($pkg_source_txt as $opt) { $source_name =($pkga['source_name']? $opt[$pkga['source_name']] : $opt[$pkga['name']]); $source_value =($pkga['source_value'] ? $opt[$pkga['source_value']] : $opt[$pkga['value']]); @@ -934,7 +942,7 @@ function display_row($trc, $value, $fieldname, $type, $rowhelper, $size) { $fieldname .= '[]'; $multiple = 'multiple'; } - echo "<select id='{$fieldname}{$trc}' name='{$fieldname}{$trc}' {$size} {$multiple}>\n"; + echo "<select style='height:22px;' id='{$fieldname}{$trc}' name='{$fieldname}{$trc}' {$size} {$multiple}>\n"; $ifaces = get_configured_interface_with_descr(); $additional_ifaces = $rowhelper['add_to_interfaces_selection']; if (!empty($additional_ifaces)) @@ -952,7 +960,9 @@ function display_row($trc, $value, $fieldname, $type, $rowhelper, $size) { echo "</select>\n"; break; case "select_source": - echo "<select id='{$fieldname}{$trc}' name='{$fieldname}{$trc}'>\n"; + echo "<select style='height:22px;' id='{$fieldname}{$trc}' name='{$fieldname}{$trc}'>\n"; + if(isset($rowhelper['show_disable_value'])) + echo "<option value='{$rowhelper['show_disable_value']}'>{$rowhelper['show_disable_value']}</option>\n"; $source_url = $rowhelper['source']; eval("\$pkg_source_txt = &$source_url;"); foreach($pkg_source_txt as $opt) { diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 6dd23aa..de2fe1d 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -76,6 +76,16 @@ if ($_GET['act'] == "viewhtml") { exit; } +if (!is_array($config['ca'])) + $config['ca'] = array(); + +$a_ca =& $config['ca']; + +if (!is_array($config['cert'])) + $config['cert'] = array(); + +$a_cert =& $config['cert']; + if ($a_cp[$cpzone]) { $pconfig['zoneid'] = $a_cp[$cpzone]['zoneid']; $pconfig['cinterface'] = $a_cp[$cpzone]['interface']; @@ -97,9 +107,7 @@ if ($a_cp[$cpzone]) { $pconfig['httpslogin_enable'] = isset($a_cp[$cpzone]['httpslogin']); $pconfig['httpsname'] = $a_cp[$cpzone]['httpsname']; $pconfig['preauthurl'] = strtolower($a_cp[$cpzone]['preauthurl']); - $pconfig['cert'] = base64_decode($a_cp[$cpzone]['certificate']); - $pconfig['cacert'] = base64_decode($a_cp[$cpzone]['cacertificate']); - $pconfig['key'] = base64_decode($a_cp[$cpzone]['private-key']); + $pconfig['certref'] = $a_cp[$cpzone]['certref']; $pconfig['logoutwin_enable'] = isset($a_cp[$cpzone]['logoutwin_enable']); $pconfig['peruserbw'] = isset($a_cp[$cpzone]['peruserbw']); $pconfig['bwdefaultdn'] = $a_cp[$cpzone]['bwdefaultdn']; @@ -163,17 +171,9 @@ if ($_POST) { } if ($_POST['httpslogin_enable']) { - if (!$_POST['cert'] || !$_POST['key']) { - $input_errors[] = gettext("Certificate and key must be specified for HTTPS login."); - } else { - if (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE")) - $input_errors[] = gettext("This certificate does not appear to be valid."); - if (!strstr($_POST['cacert'], "BEGIN CERTIFICATE") || !strstr($_POST['cacert'], "END CERTIFICATE")) - $input_errors[] = gettext("This intermmediate certificate does not appear to be valid."); - if (!strstr($_POST['key'], "BEGIN RSA PRIVATE KEY") || !strstr($_POST['key'], "END RSA PRIVATE KEY")) - $input_errors[] = gettext("This key does not appear to be valid."); + if (!$_POST['certref']) { + $input_errors[] = gettext("Certificate must be specified for HTTPS login."); } - if (!$_POST['httpsname'] || !is_domain($_POST['httpsname'])) { $input_errors[] = gettext("The HTTPS server name must be specified for HTTPS login."); } @@ -257,15 +257,16 @@ if ($_POST) { $newcp['radmac_enable'] = $_POST['radmac_enable'] ? true : false; $newcp['radmac_secret'] = $_POST['radmac_secret'] ? $_POST['radmac_secret'] : false; $newcp['reauthenticateacct'] = $_POST['reauthenticateacct']; - $newcp['httpslogin'] = $_POST['httpslogin_enable'] ? true : false; + if ($_POST['httpslogin_enable']) + $newcp['httpslogin'] = true; + else + unset($newcp['httpslogin']); $newcp['httpsname'] = $_POST['httpsname']; $newcp['preauthurl'] = $_POST['preauthurl']; $newcp['peruserbw'] = $_POST['peruserbw'] ? true : false; $newcp['bwdefaultdn'] = $_POST['bwdefaultdn']; $newcp['bwdefaultup'] = $_POST['bwdefaultup']; - $newcp['certificate'] = base64_encode($_POST['cert']); - $newcp['cacertificate'] = base64_encode($_POST['cacert']); - $newcp['private-key'] = base64_encode($_POST['key']); + $newcp['certref'] = $_POST['certref']; $newcp['logoutwin_enable'] = $_POST['logoutwin_enable'] ? true : false; $newcp['nomacfilter'] = $_POST['nomacfilter'] ? true : false; $newcp['noconcurrentlogins'] = $_POST['noconcurrentlogins'] ? true : false; @@ -350,6 +351,7 @@ function enable_change(enable_change) { var endis, radius_endis; endis = !(document.iform.enable.checked || enable_change); radius_endis = !((!endis && document.iform.auth_method[2].checked) || enable_change); + https_endis = !((!endis && document.iform.httpslogin_enable.checked) || enable_change); document.iform.cinterface.disabled = endis; //document.iform.maxproc.disabled = endis; @@ -388,10 +390,8 @@ function enable_change(enable_change) { document.iform.radmac_enable.disabled = radius_endis; document.iform.httpslogin_enable.disabled = endis; document.iform.radmac_format.disabled = radius_endis; - document.iform.httpsname.disabled = endis; - document.iform.cert.disabled = endis; - document.iform.cacert.disabled = endis; - document.iform.key.disabled = endis; + document.iform.httpsname.disabled = https_endis; + document.iform.certref.disabled = https_endis; document.iform.logoutwin_enable.disabled = endis; document.iform.nomacfilter.disabled = endis; document.iform.noconcurrentlogins.disabled = endis; @@ -860,45 +860,43 @@ function enable_change(enable_change) { <tr> <td valign="top" class="vncell"><?=gettext("HTTPS login"); ?></td> <td class="vtable"> - <input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" <?php if($pconfig['httpslogin_enable']) echo "checked"; ?>> + <input name="httpslogin_enable" type="checkbox" class="formfld" id="httpslogin_enable" value="yes" onClick="enable_change(false)" <?php if($pconfig['httpslogin_enable']) echo "checked"; ?>> <strong><?=gettext("Enable HTTPS login"); ?></strong><br> - <?=gettext("If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. A server name, certificate and matching private key must also be specified below."); ?></td> - </tr> + <?=gettext("If enabled, the username and password will be transmitted over an HTTPS connection to protect against eavesdroppers. A server name and certificate must also be specified below."); ?></td> + </tr> <tr> <td valign="top" class="vncell"><?=gettext("HTTPS server name"); ?> </td> <td class="vtable"> <input name="httpsname" type="text" class="formfld unknown" id="httpsname" size="30" value="<?=htmlspecialchars($pconfig['httpsname']);?>"><br> <?php printf(gettext("This name will be used in the form action for the HTTPS POST and should match the Common Name (CN) in your certificate (otherwise, the client browser will most likely display a security warning). Make sure captive portal clients can resolve this name in DNS and verify on the client that the IP resolves to the correct interface IP on %s."), $g['product_name']);?> </td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("HTTPS certificate"); ?></td> - <td class="vtable"> - <textarea name="cert" cols="65" rows="7" id="cert" class="formpre"><?=htmlspecialchars($pconfig['cert']);?></textarea> - <br> - <?=gettext("Paste a signed certificate in X.509 PEM format here."); ?></td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("HTTPS private key"); ?></td> - <td class="vtable"> - <textarea name="key" cols="65" rows="7" id="key" class="formpre"><?=htmlspecialchars($pconfig['key']);?></textarea> - <br> - <?=gettext("Paste an RSA private key in PEM format here."); ?></td> - </tr> - <tr> - <td valign="top" class="vncell"><?=gettext("HTTPS intermediate certificate"); ?></td> - <td class="vtable"> - <textarea name="cacert" cols="65" rows="7" id="cacert" class="formpre"><?=htmlspecialchars($pconfig['cacert']);?></textarea> - <br> - <?=gettext("Paste a certificate in X.509 PEM format here."); ?></td> - </tr> + </tr> + <tr id="ssl_opts"> + <td width="22%" valign="top" class="vncell"><?=gettext("SSL Certificate"); ?></td> + <td width="78%" class="vtable"> + <?php if (count($a_cert)): ?> + <select name="certref" id="certref" class="formselect"> + <?php + foreach($a_cert as $cert): + $selected = ""; + if ($pconfig['certref'] == $cert['refid']) + $selected = "selected"; + ?> + <option value="<?=$cert['refid'];?>"<?=$selected;?>><?=$cert['descr'];?></option> + <?php endforeach; ?> + </select> + <?php else: ?> + <b><?=gettext("No Certificates defined."); ?></b> <br/>Create one under <a href="system_certmanager.php">System > Cert Manager</a>. + <?php endif; ?> + </td> + </tr> <tr> - <td width="22%" valign="top" class="vncell"><?=gettext("Portal page contents"); ?></td> - <td width="78%" class="vtable"> + <td width="22%" valign="top" class="vncell"><?=gettext("Portal page contents"); ?></td> + <td width="78%" class="vtable"> <?=$mandfldhtml;?><input type="file" name="htmlfile" class="formfld file" id="htmlfile"><br> <?php list($host) = explode(":", $_SERVER['HTTP_HOST']); $zoneid = $pconfig['zoneid'] ? $pconfig['zoneid'] : 8000; - if (isset($pconfig['httpslogin'])) { + if ($pconfig['httpslogin_enable']) { $port = $pconfig['listenporthttps'] ? $pconfig['listenporthttps'] : ($zoneid + 1); $href = "https://{$host}:{$port}"; } else { diff --git a/usr/local/www/services_dnsmasq_edit.php b/usr/local/www/services_dnsmasq_edit.php index e77e2cb..56ad988 100755 --- a/usr/local/www/services_dnsmasq_edit.php +++ b/usr/local/www/services_dnsmasq_edit.php @@ -212,7 +212,7 @@ include("head.inc"); <td width="78%" class="vtable"> <input name="ip" type="text" class="formfld" id="ip" size="40" value="<?=htmlspecialchars($pconfig['ip']);?>"> <br> <span class="vexpl"><?=gettext("IP address of the host"); ?><br> - <?=gettext("e.g."); ?> <em>192.168.100.100</em></span></td> + <?=gettext("e.g."); ?> <em>192.168.100.100</em> <?=gettext("or"); ?> <em>fd00:abcd::1</em></span></td> </tr> <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Description");?></td> diff --git a/usr/local/www/status_dhcp_leases.php b/usr/local/www/status_dhcp_leases.php index 78ea3d7..bba1886 100755 --- a/usr/local/www/status_dhcp_leases.php +++ b/usr/local/www/status_dhcp_leases.php @@ -371,7 +371,9 @@ foreach ($leases as $data) { break; } } else { - foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) { + foreach ($config['dhcpd'] as $dhcpif => $dhcpifconf) { + if (!is_array($dhcpifconf['range'])) + continue; if (($lip >= ip2ulong($dhcpifconf['range']['from'])) && ($lip <= ip2ulong($dhcpifconf['range']['to']))) { $data['if'] = $dhcpif; break; diff --git a/usr/local/www/status_dhcpv6_leases.php b/usr/local/www/status_dhcpv6_leases.php index fc77f27..7711be0 100644 --- a/usr/local/www/status_dhcpv6_leases.php +++ b/usr/local/www/status_dhcpv6_leases.php @@ -149,7 +149,7 @@ function parse_duid($duid_string) { $awk = "/usr/bin/awk"; /* this pattern sticks comments into a single array item */ -$cleanpattern = "'{ gsub(\"^#.*\", \"\");} { gsub(\"^server-duid.*\", \"\");} { gsub(\";\", \"\"); print;}'"; +$cleanpattern = "'{ gsub(\"^#.*\", \"\");} { gsub(\"^server-duid.*\", \"\");} { gsub(\";$\", \"\"); print;}'"; /* We then split the leases file by } */ $splitpattern = "'BEGIN { RS=\"}\";} {for (i=1; i<=NF; i++) printf \"%s \", \$i; printf \"}\\n\";}'"; diff --git a/usr/local/www/status_openvpn.php b/usr/local/www/status_openvpn.php index a5ff598..adc7b39 100644 --- a/usr/local/www/status_openvpn.php +++ b/usr/local/www/status_openvpn.php @@ -304,7 +304,7 @@ if ($DisplayNote) { echo "<br/><b>" . gettext("NOTE") . ":</b> " . gettext("You need to bind each OpenVPN client to enable its management daemon: use 'Local port' setting in the OpenVPN client screen"); } -if ((empty($clients)) && (empty($servers))) { +if ((empty($clients)) && (empty($servers)) && (empty($sk_servers))) { echo gettext("No OpenVPN instance defined"); } ?> diff --git a/usr/local/www/status_services.php b/usr/local/www/status_services.php index 6f02799..69f54e9 100755 --- a/usr/local/www/status_services.php +++ b/usr/local/www/status_services.php @@ -289,11 +289,11 @@ $pconfig['description'] = gettext("NTP clock sync"); $services[] = $pconfig; if (is_array($config['captiveportal'])) { - foreach ($config['captiveportal'] as $id => $setting) { + foreach ($config['captiveportal'] as $zone => $setting) { if (isset($setting['enable'])) { $pconfig = array(); $pconfig['name'] = "captiveportal"; - $pconfig['zone'] = $setting['zone']; + $pconfig['zone'] = $zone; $pconfig['description'] = gettext("Captive Portal") . ": ".htmlspecialchars($setting['zone']); $services[] = $pconfig; } @@ -334,14 +334,14 @@ if(isset($config['snmpd']['enable'])) { $services[] = $pconfig; } -if (count($config['igmpproxy']['igmpentry']) > 0) { +if (is_array($config['igmpproxy']['igmpentry']) && (count($config['igmpproxy']['igmpentry']) > 0)) { $pconfig = array(); $pconfig['name'] = "igmpproxy"; - $pconfig['descritption'] = gettext("IGMP proxy"); + $pconfig['description'] = gettext("IGMP proxy"); $services[] = $pconfig; } -if($config['installedpackages']['miniupnpd']['config'][0]['enable']) { +if (isset($config['installedpackages']['miniupnpd']) && $config['installedpackages']['miniupnpd']['config'][0]['enable']) { $pconfig = array(); $pconfig['name'] = "miniupnpd"; $pconfig['description'] = gettext("UPnP Service"); diff --git a/usr/local/www/system_advanced_misc.php b/usr/local/www/system_advanced_misc.php index d1d07aa..d3243bc 100644 --- a/usr/local/www/system_advanced_misc.php +++ b/usr/local/www/system_advanced_misc.php @@ -65,6 +65,7 @@ $pconfig['maxmss_enable'] = isset($config['system']['maxmss_enable']); $pconfig['maxmss'] = $config['system']['maxmss']; $pconfig['powerd_enable'] = isset($config['system']['powerd_enable']); $pconfig['crypto_hardware'] = $config['system']['crypto_hardware']; +$pconfig['thermal_hardware'] = $config['system']['thermal_hardware']; $pconfig['schedule_states'] = isset($config['system']['schedule_states']); $pconfig['kill_states'] = isset($config['system']['kill_states']); @@ -76,6 +77,9 @@ else $crypto_modules = array('glxsb' => gettext("AMD Geode LX Security Block"), 'aesni' => gettext("AES-NI CPU-based Acceleration")); +$thermal_hardware_modules = array( 'coretemp' => gettext("Intel Core* CPU on-die thermal sensor"), + 'amdtemp' => gettext("AMD K8, K10 and K11 CPU on-die thermal sensor")); + if ($_POST) { unset($input_errors); @@ -87,6 +91,9 @@ if ($_POST) { if (!empty($_POST['crypto_hardware']) && !array_key_exists($_POST['crypto_hardware'], $crypto_modules)) $input_errors[] = gettext("Please select a valid Cryptographic Accelerator."); + if (!empty($_POST['thermal_hardware']) && !array_key_exists($_POST['thermal_hardware'], $thermal_hardware_modules)) + $input_errors[] = gettext("Please select a valid Thermal Hardware Sensor."); + if (!$input_errors) { if($_POST['harddiskstandby'] <> "") { @@ -172,6 +179,11 @@ if ($_POST) { else unset($config['system']['crypto_hardware']); + if($_POST['thermal_hardware']) + $config['system']['thermal_hardware'] = $_POST['thermal_hardware']; + else + unset($config['system']['thermal_hardware']); + if($_POST['schedule_states'] == "yes") $config['system']['schedule_states'] = true; else @@ -194,6 +206,7 @@ if ($_POST) { activate_powerd(); load_crypto(); + load_thermal_hardware(); vpn_ipsec_configure_preferoldsa(); if ($need_racoon_restart) vpn_ipsec_force_reload(); @@ -392,6 +405,30 @@ function maxmss_checked(obj) { <td colspan="2" class="list" height="12"> </td> </tr> <tr> + <td colspan="2" valign="top" class="listtopic"><?=gettext("Thermal Sensors"); ?></td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell"><?=gettext("Thermal Sensors"); ?></td> + <td width="78%" class="vtable"> + <select name="thermal_hardware" id="thermal_hardware"> + <option value=""><?php echo gettext("None/ACPI"); ?></option> + <?php foreach ($thermal_hardware_modules as $themalmod_name => $themalmod_descr): ?> + <option value="<?php echo $themalmod_name; ?>" <?php if ($pconfig['thermal_hardware'] == $themalmod_name) echo " selected"; ?>><?php echo "{$themalmod_descr} ({$themalmod_name})"; ?></option> + <?php endforeach; ?> + </select> + <br /> + <?=gettext("If you have a supported CPU, selecting a themal sensor will load the appropriate " . + "driver to read its temperature. Setting this to 'None' will attempt to read the " . + "temperature from an ACPI-compliant motherboard sensor instead, if one is present."); ?> + <br/><br/> + <?=gettext("If you do not have a supported thermal sensor chip in your system, this option will have no " . + "effect. To unload the selected module, set this option to 'none' and then reboot."); ?> + </td> + </tr> + <tr> + <td colspan="2" class="list" height="12"> </td> + </tr> + <tr> <td colspan="2" valign="top" class="listtopic"><?=gettext("IP Security"); ?></td> </tr> <tr> diff --git a/usr/local/www/system_certmanager.php b/usr/local/www/system_certmanager.php index 6622b40..c9e9826 100644 --- a/usr/local/www/system_certmanager.php +++ b/usr/local/www/system_certmanager.php @@ -1097,6 +1097,9 @@ function internalca_change() { <?php if (is_ipsec_cert($cert['refid'])): ?> IPsec Tunnel<br/> <?php endif; ?> + <?php if (is_captiveportal_cert($cert['refid'])): ?> + Captive Portal<br/> + <?php endif; ?> </td> <td valign="middle" nowrap class="list"> <a href="system_certmanager.php?act=exp&id=<?=$i;?>"> diff --git a/usr/local/www/system_gateways_edit.php b/usr/local/www/system_gateways_edit.php index 033b3e6..b7762d5 100755 --- a/usr/local/www/system_gateways_edit.php +++ b/usr/local/www/system_gateways_edit.php @@ -53,6 +53,7 @@ if (!is_array($config['gateways']['gateway_item'])) $config['gateways']['gateway_item'] = array(); $a_gateway_item = &$config['gateways']['gateway_item']; +$apinger_default = return_apinger_defaults(); $id = $_GET['id']; if (isset($_POST['id'])) @@ -75,10 +76,10 @@ if (isset($id) && $a_gateways[$id]) { $pconfig['gateway'] = $a_gateways[$id]['gateway']; $pconfig['defaultgw'] = isset($a_gateways[$id]['defaultgw']); $pconfig['latencylow'] = $a_gateway_item[$id]['latencylow']; - $pconfig['latencyhigh'] = $a_gateway_item[$id]['latencyhigh']; - $pconfig['losslow'] = $a_gateway_item[$id]['losslow']; - $pconfig['losshigh'] = $a_gateway_item[$id]['losshigh']; - $pconfig['down'] = $a_gateway_item[$id]['down']; + $pconfig['latencyhigh'] = $a_gateway_item[$id]['latencyhigh']; + $pconfig['losslow'] = $a_gateway_item[$id]['losslow']; + $pconfig['losshigh'] = $a_gateway_item[$id]['losshigh']; + $pconfig['down'] = $a_gateway_item[$id]['down']; $pconfig['monitor'] = $a_gateways[$id]['monitor']; $pconfig['monitor_disable'] = isset($a_gateways[$id]['monitor_disable']); $pconfig['descr'] = $a_gateways[$id]['descr']; @@ -198,45 +199,141 @@ if ($_POST) { } } - /* input validation */ - if($_POST['latencylow']) { - if (! is_numeric($_POST['latencylow'])) { - $input_errors[] = gettext("The low latency watermark needs to be a numeric value."); - } - } - - if($_POST['latencyhigh']) { - if (! is_numeric($_POST['latencyhigh'])) { - $input_errors[] = gettext("The high latency watermark needs to be a numeric value."); - } - } - if($_POST['losslow']) { - if (! is_numeric($_POST['losslow'])) { - $input_errors[] = gettext("The low loss watermark needs to be a numeric value."); - } - } - if($_POST['losshigh']) { - if (! is_numeric($_POST['losshigh'])) { - $input_errors[] = gettext("The high loss watermark needs to be a numeric value."); - } - } - - if(($_POST['latencylow']) && ($_POST['latencyhigh'])){ - if(($_POST['latencylow'] > $_POST['latencyhigh'])) { - $input_errors[] = gettext("The High latency watermark needs to be higher then the low latency watermark"); - } - } - - if(($_POST['losslow']) && ($_POST['losshigh'])){ - if($_POST['losslow'] > $_POST['losshigh']) { - $input_errors[] = gettext("The High packet loss watermark needs to be higher then the low packet loss watermark"); - } - } + /* input validation of apinger advanced parameters */ + if($_POST['latencylow']) { + if (! is_numeric($_POST['latencylow'])) { + $input_errors[] = gettext("The low latency threshold needs to be a numeric value."); + } else { + if ($_POST['latencylow'] < 1) { + $input_errors[] = gettext("The low latency threshold needs to be positive."); + } + } + } + + if($_POST['latencyhigh']) { + if (! is_numeric($_POST['latencyhigh'])) { + $input_errors[] = gettext("The high latency threshold needs to be a numeric value."); + } else { + if ($_POST['latencyhigh'] < 1) { + $input_errors[] = gettext("The high latency threshold needs to be positive."); + } + } + } + + if($_POST['losslow']) { + if (! is_numeric($_POST['losslow'])) { + $input_errors[] = gettext("The low Packet Loss threshold needs to be a numeric value."); + } else { + if ($_POST['losslow'] < 1) { + $input_errors[] = gettext("The low Packet Loss threshold needs to be positive."); + } + if ($_POST['losslow'] >= 100) { + $input_errors[] = gettext("The low Packet Loss threshold needs to be less than 100."); + } + } + } + + if($_POST['losshigh']) { + if (! is_numeric($_POST['losshigh'])) { + $input_errors[] = gettext("The high Packet Loss threshold needs to be a numeric value."); + } else { + if ($_POST['losshigh'] < 1) { + $input_errors[] = gettext("The high Packet Loss threshold needs to be positive."); + } + if ($_POST['losshigh'] > 100) { + $input_errors[] = gettext("The high Packet Loss threshold needs to be 100 or less."); + } + } + } + + if(($_POST['latencylow']) && ($_POST['latencyhigh'])) { + if ((is_numeric($_POST['latencylow'])) && (is_numeric($_POST['latencyhigh']))) { + if(($_POST['latencylow'] > $_POST['latencyhigh'])) { + $input_errors[] = gettext("The high latency threshold needs to be higher than the low latency threshold"); + } + } + } else { + if($_POST['latencylow']){ + if (is_numeric($_POST['latencylow'])) { + if($_POST['latencylow'] > $apinger_default['latencyhigh']) { + $input_errors[] = gettext(sprintf("The low latency threshold needs to be less than the default high latency threshold (%d)", $apinger_default['latencyhigh'])); + } + } + } + if($_POST['latencyhigh']){ + if (is_numeric($_POST['latencyhigh'])) { + if($_POST['latencyhigh'] < $apinger_default['latencylow']) { + $input_errors[] = gettext(sprintf("The high latency threshold needs to be higher than the default low latency threshold (%d)", $apinger_default['latencylow'])); + } + } + } + } + + if(($_POST['losslow']) && ($_POST['losshigh'])){ + if ((is_numeric($_POST['losslow'])) && (is_numeric($_POST['losshigh']))) { + if($_POST['losslow'] > $_POST['losshigh']) { + $input_errors[] = gettext("The high Packet Loss threshold needs to be higher than the low Packet Loss threshold"); + } + } + } else { + if($_POST['losslow']){ + if (is_numeric($_POST['losslow'])) { + if($_POST['losslow'] > $apinger_default['losshigh']) { + $input_errors[] = gettext(sprintf("The low Packet Loss threshold needs to be less than the default high Packet Loss threshold (%d)", $apinger_default['losshigh'])); + } + } + } + if($_POST['losshigh']){ + if (is_numeric($_POST['losshigh'])) { + if($_POST['losshigh'] < $apinger_default['losslow']) { + $input_errors[] = gettext(sprintf("The high Packet Loss threshold needs to be higher than the default low Packet Loss threshold (%d)", $apinger_default['losslow'])); + } + } + } + } + + if($_POST['interval']) { + if (! is_numeric($_POST['interval'])) { + $input_errors[] = gettext("The frequency probe interval needs to be a numeric value."); + } else { + if ($_POST['interval'] < 1) { + $input_errors[] = gettext("The frequency probe interval needs to be positive."); + } + } + } + if($_POST['down']) { - if (! is_numeric($_POST['down']) || $_POST['down'] < 1) { - $input_errors[] = gettext("The low latency watermark needs to be a numeric value."); - } - } + if (! is_numeric($_POST['down'])) { + $input_errors[] = gettext("The down time setting needs to be a numeric value."); + } else { + if ($_POST['down'] < 1) { + $input_errors[] = gettext("The down time setting needs to be positive."); + } + } + } + + if(($_POST['interval']) && ($_POST['down'])){ + if ((is_numeric($_POST['interval'])) && (is_numeric($_POST['down']))) { + if($_POST['interval'] > $_POST['down']) { + $input_errors[] = gettext("The Frequency Probe interval needs to be less than the down time setting."); + } + } + } else { + if($_POST['interval']){ + if (is_numeric($_POST['interval'])) { + if($_POST['interval'] > $apinger_default['down']) { + $input_errors[] = gettext(sprintf("The Frequency Probe interval needs to be less than the default down time setting (%d)", $apinger_default['down'])); + } + } + } + if($_POST['down']){ + if (is_numeric($_POST['down'])) { + if($_POST['down'] < $apinger_default['interval']) { + $input_errors[] = gettext(sprintf("The down time setting needs to be higher than the default Frequency Probe interval (%d)", $apinger_default['interval'])); + } + } + } + } if (!$input_errors) { $reloadif = ""; @@ -444,7 +541,7 @@ function monitor_change() { <tr> <td width="22%" valign="top" class="vncell"><?=gettext("Advanced");?></td> <td width="78%" class="vtable"> - <?php $showbutton = (!empty($pconfig['latencylow']) || !empty($pconfig['latencyhigh']) || !empty($pconfig['losslow']) || !empty($pconfig['losshigh']) || (isset($pconfig['weight']) && $pconfig['weight'] > 1) || (isset($pconfig['interval']) && $pconfig['interval'])); ?> + <?php $showbutton = (!empty($pconfig['latencylow']) || !empty($pconfig['latencyhigh']) || !empty($pconfig['losslow']) || !empty($pconfig['losshigh']) || (isset($pconfig['weight']) && $pconfig['weight'] > 1) || (isset($pconfig['interval']) && ($pconfig['interval'] > $apinger_default['interval'])) || (isset($pconfig['down']) && !($pconfig['down'] == $apinger_default['down']))); ?> <div id="showadvgatewaybox" <? if ($showbutton) echo "style='display:none'"; ?>> <input type="button" onClick="show_advanced_gateway()" value="Advanced"></input> - Show advanced option</a> </div> @@ -475,7 +572,7 @@ function monitor_change() { <?=gettext("To");?> <input name="latencyhigh" type="text" class="formfld unknown" id="latencyhigh" size="2" value="<?=htmlspecialchars($pconfig['latencyhigh']);?>"> - <br> <span class="vexpl"><?=gettext("These define the low and high water marks for latency in milliseconds. Default is 100/200.");?></span></td> + <br> <span class="vexpl"><?=gettext(sprintf("Low and high thresholds for latency in milliseconds. Default is %d/%d.", $apinger_default['latencylow'], $apinger_default['latencyhigh']));?></span></td> </td> </tr> <tr> @@ -487,7 +584,7 @@ function monitor_change() { <?=gettext("To");?> <input name="losshigh" type="text" class="formfld unknown" id="losshigh" size="2" value="<?=htmlspecialchars($pconfig['losshigh']);?>"> - <br> <span class="vexpl"><?=gettext("These define the low and high water marks for packet loss in %. Default is 10/20.");?></span></td> + <br> <span class="vexpl"><?=gettext(sprintf("Low and high thresholds for packet loss in %%. Default is %d/%d.", $apinger_default['losslow'], $apinger_default['losshigh']));?></span></td> </td> </tr> <tr> @@ -496,7 +593,7 @@ function monitor_change() { <input name="interval" type="text" class="formfld unknown" id="interval" size="2" value="<?=htmlspecialchars($pconfig['interval']);?>"> <br><span class="vexpl"> - <?=gettext("This defines how often that an icmp probe will be sent in seconds. Default is 1.");?><br/><br/> + <?=gettext(sprintf("How often that an ICMP probe will be sent in seconds. Default is %d.", $apinger_default['interval']));?><br/><br/> <?=gettext("NOTE: The quality graph is averaged over seconds, not intervals, so as the frequency probe is increased the accuracy of the quality graph is decreased.");?> </span></td> </td> @@ -506,18 +603,12 @@ function monitor_change() { <td width="78%" class="vtable"> <input name="down" type="text" class="formfld unknown" id="down" size="2" value="<?=htmlspecialchars($pconfig['down']);?>"> - <br> <span class="vexpl"><?=gettext("This defines the number of bad probes before the alarm will fire. Default is 10.");?></span></td> + <br> <span class="vexpl"><?=gettext(sprintf("The number of seconds of failed probes before the alarm will fire. Default is %d.", $apinger_default['down']));?></span></td> </td> </tr> <tr> <td colspan="2"> - <?= gettext("NOTE: The total time before a gateway is down is the product of the Frequency Probe and the Down fields. By default this is 1*10=10 seconds."); ?><br/> - <?php if (is_numeric($pconfig['interval']) || is_numeric($pconfig['down'])) { - echo "<br/>"; - $interval = is_numeric($pconfig['interval']) ? $pconfig['interval'] : 1; - $down = is_numeric($pconfig['down']) ? $pconfig['down'] : 10; - echo gettext(sprintf("With the current configuration, the total time before this gateway would be considered down would be: %d*%d=%d seconds.", $interval, $down, $interval*$down)); - } ?> + <?= gettext("NOTE: The Frequency Probe interval must be less than the Down time, otherwise the gateway will seem to go down then come up again at the next probe."); ?><br/> </td> </tr> </table> @@ -546,4 +637,4 @@ function monitor_change() { monitor_change(); </script> </body> -</html> +</html>
\ No newline at end of file diff --git a/usr/local/www/vpn_openvpn_client.php b/usr/local/www/vpn_openvpn_client.php index 425040c..f37e81b 100644 --- a/usr/local/www/vpn_openvpn_client.php +++ b/usr/local/www/vpn_openvpn_client.php @@ -464,6 +464,16 @@ if ($savemsg) $aliaslist = get_configured_ip_aliases_list(); foreach ($aliaslist as $aliasip => $aliasif) $interfaces[$aliasif.'|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")"; + $grouplist = return_gateway_groups_array(); + foreach ($grouplist as $name => $group) { + if($group['ipprotocol'] != inet) + continue; + if($group[0]['vip'] <> "") + $vipif = $group[0]['vip']; + else + $vipif = $group[0]['int']; + $interfaces[$name] = "GW Group {$name}"; + } $interfaces['any'] = "any"; foreach ($interfaces as $iface => $ifacename): $selected = ""; @@ -772,7 +782,7 @@ if ($savemsg) "the tunnel, so that a site-to-site VPN can be " . "established without manually changing the " . "routing tables. Expressed as a CIDR range. If " . - "this is a site-to-site VPN, enter here the " . + "this is a site-to-site VPN, enter the " . "remote LAN here. You may leave this blank to " . "only communicate with other clients"); ?>. </td> @@ -952,4 +962,3 @@ function set_checked($var,& $chk) { } ?> - diff --git a/usr/local/www/vpn_openvpn_server.php b/usr/local/www/vpn_openvpn_server.php index 1ce9840..9198c3a 100644 --- a/usr/local/www/vpn_openvpn_server.php +++ b/usr/local/www/vpn_openvpn_server.php @@ -772,6 +772,16 @@ if ($savemsg) $aliaslist = get_configured_ip_aliases_list(); foreach ($aliaslist as $aliasip => $aliasif) $interfaces[$aliasif.'|'.$aliasip] = $aliasip." (".get_vip_descr($aliasip).")"; + $grouplist = return_gateway_groups_array(); + foreach ($grouplist as $name => $group) { + if($group['ipprotocol'] != inet) + continue; + if($group[0]['vip'] <> "") + $vipif = $group[0]['vip']; + else + $vipif = $group[0]['int']; + $interfaces[$name] = "GW Group {$name}"; + } $interfaces['any'] = "any"; foreach ($interfaces as $iface => $ifacename): $selected = ""; @@ -1121,7 +1131,7 @@ if ($savemsg) </option> <?php endforeach; ?> </select> <br> - <?=gettext("The interface to which this tap instance will be, " . + <?=gettext("The interface to which this tap instance will be " . "bridged. This is not done automatically. You must assign this " . "interface and create the bridge separately. " . "This setting controls which existing IP address and subnet " . @@ -1134,7 +1144,7 @@ if ($savemsg) <td width="78%" class="vtable"> <input name="serverbridge_dhcp_start" type="text" class="formfld unknown" size="20" value="<?=htmlspecialchars($pconfig['serverbridge_dhcp_start']);?>"> <br> - <?=gettext("When using tap mode as multi-point server, " . + <?=gettext("When using tap mode as a multi-point server, " . "you may optionally supply a DHCP range to use on the " . "interface to which this tap instance is bridged. " . "If these settings are left blank, DHCP will be passed " . @@ -1203,7 +1213,7 @@ if ($savemsg) "the tunnel, so that a site-to-site VPN can be " . "established without manually changing the " . "routing tables. Expressed as a CIDR range. If " . - "this is a site-to-site VPN, enter here the " . + "this is a site-to-site VPN, enter the " . "remote LAN here. You may leave this blank if " . "you don't want a site-to-site VPN"); ?>. </td> @@ -1678,4 +1688,4 @@ function set_checked($var,& $chk) { $chk = ''; } -?> +?>
\ No newline at end of file diff --git a/usr/local/www/widgets/widgets/openvpn.widget.php b/usr/local/www/widgets/widgets/openvpn.widget.php index a907516..1eea8fd 100644 --- a/usr/local/www/widgets/widgets/openvpn.widget.php +++ b/usr/local/www/widgets/widgets/openvpn.widget.php @@ -247,7 +247,7 @@ if ($DisplayNote) { echo "<br/><b>NOTE:</b> You need to bind each OpenVPN client to enable its management daemon: use 'Local port' setting in the OpenVPN client screen"; } -if ((empty($clients)) && (empty($servers))) { +if ((empty($clients)) && (empty($servers)) && (empty($sk_servers))) { echo "No OpenVPN instance defined"; } ?> diff --git a/usr/local/www/widgets/widgets/services_status.widget.php b/usr/local/www/widgets/widgets/services_status.widget.php index d426b8b..bc7e9ba 100644 --- a/usr/local/www/widgets/widgets/services_status.widget.php +++ b/usr/local/www/widgets/widgets/services_status.widget.php @@ -82,11 +82,11 @@ $svcconfig['description'] = gettext("NTP clock sync"); $services[] = $svcconfig; if (is_array($config['captiveportal'])) { - foreach ($config['captiveportal'] as $id => $setting) { + foreach ($config['captiveportal'] as $zone => $setting) { if (isset($setting['enable'])) { $svcconfig = array(); $svcconfig['name'] = "captiveportal"; - $svcconfig['zone'] = $setting['zone']; + $svcconfig['zone'] = $zone; $svcconfig['description'] = gettext("Captive Portal") . ": ".htmlspecialchars($setting['zone']); $services[] = $svcconfig; } @@ -127,14 +127,14 @@ if(isset($config['snmpd']['enable'])) { $services[] = $svcconfig; } -if (count($config['igmpproxy']['igmpentry']) > 0) { +if (is_array($config['igmpproxy']['igmpentry']) && (count($config['igmpproxy']['igmpentry']) > 0)) { $svcconfig = array(); $svcconfig['name'] = "igmpproxy"; $svcconfig['descritption'] = gettext("IGMP proxy"); $services[] = $svcconfig; } -if($config['installedpackages']['miniupnpd']['config'][0]['enable']) { +if (isset($config['installedpackages']['miniupnpd']) && is_array($config['installedpackages']['miniupnpd']) && $config['installedpackages']['miniupnpd']['config'][0]['enable']) { $svcconfig = array(); $svcconfig['name'] = "miniupnpd"; $svcconfig['description'] = gettext("UPnP Service"); @@ -194,7 +194,7 @@ if(isset($_POST['servicestatusfilter'])) { <td class="widgetsubheader"> </td> </tr> <?php -$skipservices = explode(",", str_replace(" ", "", $config['widgets']['servicestatusfilter'])); +$skipservices = explode(",", $config['widgets']['servicestatusfilter']); function service_name_compare($a, $b) { if (strtolower($a['name']) == strtolower($b['name'])) diff --git a/usr/local/www/widgets/widgets/traffic_graphs.widget.php b/usr/local/www/widgets/widgets/traffic_graphs.widget.php index c4ffbd3..4ca730b 100644 --- a/usr/local/www/widgets/widgets/traffic_graphs.widget.php +++ b/usr/local/www/widgets/widgets/traffic_graphs.widget.php @@ -52,6 +52,8 @@ if (!is_array($a_config["shown"]["item"])) { } $ifdescrs = get_configured_interface_with_descr(); +if (isset($config['ipsec']['enable'])) + $ifdescrs['enc0'] = "IPsec"; if ($_POST) { if (isset($_POST["refreshinterval"])) { diff --git a/usr/local/www/wizard.php b/usr/local/www/wizard.php index a40bb38..f191b98 100755 --- a/usr/local/www/wizard.php +++ b/usr/local/www/wizard.php @@ -3,7 +3,7 @@ /* wizard.php Copyright (C) 2004 Scott Ullrich - Copyright (C) 2010 Ermal Luçi + Copyright (C) 2010 Ermal Luçi All rights reserved. Redistribution and use in source and binary forms, with or without @@ -353,7 +353,7 @@ function showchange() { $value = $field['value']; $name = $field['name']; - $name = ereg_replace(" ", "", $name); + $name = preg_replace("/\s+/", "", $name); $name = strtolower($name); if($field['bindstofield'] <> "") { @@ -838,7 +838,7 @@ if($pkg['step'][$stepid]['disableallfieldsbydefault'] <> "") { if($field['type'] <> "submit" and $field['type'] <> "listtopic") { if(!$field['donotdisable'] <> "") { array_push($fieldnames_array, $field['name']); - $fieldname = ereg_replace(" ", "", $field['name']); + $fieldname = preg_replace("/\s+/", "", $field['name']); $fieldname = strtolower($fieldname); echo "\tdocument.forms[0]." . $fieldname . ".disabled = 1;\n"; } @@ -857,7 +857,7 @@ if($pkg['step'][$stepid]['disableallfieldsbydefault'] <> "") { echo "\t\tcase " . $idcounter . ":\n"; $enablefields_split = explode(",", $opt['enablefields']); foreach ($enablefields_split as $efs) { - $fieldname = ereg_replace(" ", "", $efs); + $fieldname = preg_replace("/\s+/", "", $efs); $fieldname = strtolower($fieldname); if($fieldname <> "") { $onchange = "\t\t\tdocument.forms[0]." . $fieldname . ".disabled = 0; \n"; diff --git a/usr/local/www/wizards/openvpn_wizard.inc b/usr/local/www/wizards/openvpn_wizard.inc index 076bfc8..8f6fbc9 100644 --- a/usr/local/www/wizards/openvpn_wizard.inc +++ b/usr/local/www/wizards/openvpn_wizard.inc @@ -1,6 +1,6 @@ <?php /* - Copyright (C) 2010 Ermal Luçi + Copyright (C) 2010 Ermal Luçi All rights reserved. Redistribution and use in source and binary forms, with or without @@ -29,7 +29,7 @@ require_once("openvpn.inc"); function has_special_chars($text) { - return ereg('[^A-Za-z0-9 _-]', $text); + return preg_match('/[^A-Za-z0-9 _-]/', $text); } function step1_submitphpaction() { |
