diff options
| author | Seth Mos <seth.mos@xs4all.nl> | 2009-03-12 05:31:20 +0100 |
|---|---|---|
| committer | Seth Mos <seth.mos@xs4all.nl> | 2009-03-12 05:31:58 +0100 |
| commit | bd6af475ec2d67989e4eb0f45dcb46e2f664faeb (patch) | |
| tree | 94b08ebbf57fc7272c11e5fc04b03989839b06e4 /etc | |
| parent | 54d0c16c8a3a7ee419c6015a03ef36b1fa2439c8 (diff) | |
| download | pfsense-bd6af475ec2d67989e4eb0f45dcb46e2f664faeb.zip pfsense-bd6af475ec2d67989e4eb0f45dcb46e2f664faeb.tar.gz | |
If either the old or new local or remote endpoint is not a IP address we make sure to abort.
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/vpn.inc | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/etc/inc/vpn.inc b/etc/inc/vpn.inc index e2f713a..8771ab9 100644 --- a/etc/inc/vpn.inc +++ b/etc/inc/vpn.inc @@ -1572,8 +1572,11 @@ function reload_tunnel_spd_policy($phase1, $phase2, $old_phase1, $old_phase2) { return false; } - $spdconf = ""; + if((!ip_addr($oldep)) || (! is_ipaddr($ep)) || (! is_ipaddr($rgip)) || (! is_ipaddr($old_gw))) { + log_error("IPSEC: ERROR: One of the local or remote endpoints did not resolve to a IP address, aborting"); + } + $spdconf = ""; /* Delete old SPD policies if there are changes between the old and new */ if(($phase1 != $old_phase1) || ($phase2 != $old_phase2)) { $spdconf .= "spddelete {$old_local_subnet} " . |
