diff options
author | Renato Botelho <garga@FreeBSD.org> | 2014-02-03 14:55:01 -0200 |
---|---|---|
committer | Renato Botelho <garga@FreeBSD.org> | 2014-02-04 12:34:41 -0200 |
commit | 873c1701a8934ac9a10284fe794eb86db1cead68 (patch) | |
tree | f33e957b3983ada067702e87540caa3b273ea7e2 /etc/inc/openvpn.inc | |
parent | 4f188f54abf44ebe82c317ceee7555c7bd00e7ba (diff) | |
download | pfsense-873c1701a8934ac9a10284fe794eb86db1cead68.zip pfsense-873c1701a8934ac9a10284fe794eb86db1cead68.tar.gz |
Add escapeshellarg() calls on exec parameters. While I'm here, replace some exec() calls by php functions like symlink, copy, unlink, mkdir
Diffstat (limited to 'etc/inc/openvpn.inc')
-rw-r--r-- | etc/inc/openvpn.inc | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/etc/inc/openvpn.inc b/etc/inc/openvpn.inc index 509089b..c9f67d5 100644 --- a/etc/inc/openvpn.inc +++ b/etc/inc/openvpn.inc @@ -420,13 +420,13 @@ function openvpn_reconfigure($mode, $settings) { /* create the tap device if required */ if (!file_exists("/dev/{$tunname}")) - exec("/sbin/ifconfig {$tunname} create"); + exec("/sbin/ifconfig " . escapeshellarg($tunname) . " create"); /* rename the device */ - mwexec("/sbin/ifconfig {$tunname} name {$devname}"); + mwexec("/sbin/ifconfig " . escapeshellarg($tunname) . " name " . escapeshellarg($devname)); /* add the device to the openvpn group */ - mwexec("/sbin/ifconfig {$devname} group openvpn"); + mwexec("/sbin/ifconfig " . escapeshellarg($devname) . " group openvpn"); } $pfile = $g['varrun_path'] . "/openvpn_{$mode_id}.pid"; @@ -809,7 +809,7 @@ function openvpn_restart($mode, $settings) { /* start the new process */ $fpath = $g['varetc_path']."/openvpn/{$mode_id}.conf"; openvpn_clear_route($mode, $settings); - mwexec_bg("/usr/local/sbin/openvpn --config {$fpath}"); + mwexec_bg("/usr/local/sbin/openvpn --config " . escapeshellarg($fpath)); if (!$g['booting']) send_event("filter reload"); @@ -845,13 +845,13 @@ function openvpn_delete($mode, & $settings) { } /* remove the device from the openvpn group */ - mwexec("/sbin/ifconfig {$devname} -group openvpn"); + mwexec("/sbin/ifconfig " . escapeshellarg($devname) . " -group openvpn"); /* restore the original adapter name */ - mwexec("/sbin/ifconfig {$devname} name {$tunname}"); + mwexec("/sbin/ifconfig " . escapeshellarg($devname) . " name " . escapeshellarg($tunname)); /* remove the configuration files */ - mwexec("/bin/rm {$g['varetc_path']}/openvpn/{$mode_id}.*"); + array_map('unlink', glob("{$g['varetc_path']}/openvpn/{$mode_id}.*")); } function openvpn_cleanup_csc($common_name) { |