diff options
author | Renato Botelho <garga@FreeBSD.org> | 2013-03-22 16:22:45 -0300 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2013-03-22 16:22:45 -0300 |
commit | e680b2f912e7334c1b4c8d8bd1b6be0ecf61b0bd (patch) | |
tree | a6cae6668efd5a521d031a2ef0d20294bbfbbfde | |
parent | ab1cf45537b0a96c39ddaaa57cd9a6ac742d39af (diff) | |
download | pfsense-e680b2f912e7334c1b4c8d8bd1b6be0ecf61b0bd.zip pfsense-e680b2f912e7334c1b4c8d8bd1b6be0ecf61b0bd.tar.gz |
Add checks to make sure CP hard timeout is less or equal DHCP server default lease time. It fixes #2899
-rwxr-xr-x | usr/local/www/services_captiveportal.php | 20 | ||||
-rwxr-xr-x | usr/local/www/services_dhcp.php | 22 |
2 files changed, 39 insertions, 3 deletions
diff --git a/usr/local/www/services_captiveportal.php b/usr/local/www/services_captiveportal.php index 3ce84b5..a387ede 100755 --- a/usr/local/www/services_captiveportal.php +++ b/usr/local/www/services_captiveportal.php @@ -180,8 +180,24 @@ if ($_POST) { } } - if ($_POST['timeout'] && (!is_numeric($_POST['timeout']) || ($_POST['timeout'] < 1))) { - $input_errors[] = gettext("The timeout must be at least 1 minute."); + if ($_POST['timeout']) { + if (!is_numeric($_POST['timeout']) || ($_POST['timeout'] < 1)) + $input_errors[] = gettext("The timeout must be at least 1 minute."); + else if (isset($config['dhcpd']) && is_array($config['dhcpd'])) { + foreach ($config['dhcpd'] as $dhcpd_if => $dhcpd_data) { + if (!isset($dhcpd_data['enable'])) + continue; + if (!is_array($_POST['cinterface']) || !in_array($dhcpd_if, $_POST['cinterface'])) + continue; + + $deftime = 7200; // Default lease time + if (isset($dhcpd_data['defaultleasetime']) && is_numeric($dhcpd_data['defaultleasetime'])) + $deftime = $dhcpd_data['defaultleasetime']; + + if ($_POST['timeout'] > $deftime) + $input_errors[] = gettext("Hard timeout must be less or equal Default lease time set on DHCP Server"); + } + } } if ($_POST['idletimeout'] && (!is_numeric($_POST['idletimeout']) || ($_POST['idletimeout'] < 1))) { $input_errors[] = gettext("The idle timeout must be at least 1 minute."); diff --git a/usr/local/www/services_dhcp.php b/usr/local/www/services_dhcp.php index fa174f4..a1269cf 100755 --- a/usr/local/www/services_dhcp.php +++ b/usr/local/www/services_dhcp.php @@ -254,7 +254,27 @@ if ($_POST) { $input_errors[] = gettext("A valid IP address must be specified for the primary/secondary DNS servers."); if ($_POST['deftime'] && (!is_numeric($_POST['deftime']) || ($_POST['deftime'] < 60))) - $input_errors[] = gettext("The default lease time must be at least 60 seconds."); + $input_errors[] = gettext("The default lease time must be at least 60 seconds."); + + if (isset($config['captiveportal']) && is_array($config['captiveportal'])) { + $deftime = 7200; // Default value if it's empty + if (is_numeric($_POST['deftime'])) + $deftime = $_POST['deftime']; + + foreach ($config['captiveportal'] as $cpZone => $cpdata) { + if (!isset($cpdata['enable'])) + continue; + if (!isset($cpdata['timeout']) || !is_numeric($cpdata['timeout'])) + continue; + $cp_ifs = explode(',', $cpdata['interface']); + if (!in_array($if, $cp_ifs)) + continue; + if ($cpdata['timeout'] > $deftime) + $input_errors[] = sprintf(gettext( + "The Captive Portal zone '%s' has Hard Timeout parameter set to a value bigger than Default lease time (%s)."), $cpZone, $deftime); + } + } + if ($_POST['maxtime'] && (!is_numeric($_POST['maxtime']) || ($_POST['maxtime'] < 60) || ($_POST['maxtime'] <= $_POST['deftime']))) $input_errors[] = gettext("The maximum lease time must be at least 60 seconds and higher than the default lease time."); if (($_POST['ddnsdomain'] && !is_domain($_POST['ddnsdomain']))) |