diff options
author | Ermal LUÇI <eri@pfsense.org> | 2015-01-06 22:51:13 +0100 |
---|---|---|
committer | Ermal LUÇI <eri@pfsense.org> | 2015-01-06 22:54:37 +0100 |
commit | 9b182b0801760aed00b66a4036758340404a4877 (patch) | |
tree | 38706c80e563568451bac641911674ab6b35e0a9 /etc | |
parent | c8d87d2aa9e18237271f129be8d2d65480f7735d (diff) | |
download | pfsense-9b182b0801760aed00b66a4036758340404a4877.zip pfsense-9b182b0801760aed00b66a4036758340404a4877.tar.gz |
Enforce subnet check here to avoid any issues resulting from function call.
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/filter.inc | 2 | ||||
-rw-r--r-- | etc/inc/ipsec.inc | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc index 216df08..8eb1f1f 100644 --- a/etc/inc/filter.inc +++ b/etc/inc/filter.inc @@ -822,7 +822,7 @@ function filter_get_vpns_list() { continue; $ph2ent['remoteid']['mode'] = $ph2ent['mode']; $vpns_subnet = ipsec_idinfo_to_cidr($ph2ent['remoteid']); - if ($vpns_subnet == "0.0.0.0/0") + if (!is_subnet($vpns_subnet) || $vpns_subnet == "0.0.0.0/0") continue; $vpns_arr[] = $vpns_subnet; } diff --git a/etc/inc/ipsec.inc b/etc/inc/ipsec.inc index d6e2669..eb527e0 100644 --- a/etc/inc/ipsec.inc +++ b/etc/inc/ipsec.inc @@ -225,7 +225,7 @@ function ipsec_idinfo_to_cidr(& $idinfo, $addrbits = false, $mode = "") { break; /* NOTREACHED */ case "none": case "mobile": - return "0.0.0.0/0"; + return '0.0.0.0/0'; break; /* NOTREACHED */ default: if (empty($mode) && !empty($idinfo['mode'])) |