diff options
| author | Ermal <eri@pfsense.org> | 2013-01-03 22:50:26 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2013-01-03 22:50:47 +0000 |
| commit | 4111fcf5307829b19b95fbb499addddff46264af (patch) | |
| tree | 3c9ad48f642698d4ea45b119d8cd66c39ce8a084 /etc | |
| parent | 24b78825916851bd374c11bd5227dbf140e0ab78 (diff) | |
| download | pfsense-4111fcf5307829b19b95fbb499addddff46264af.zip pfsense-4111fcf5307829b19b95fbb499addddff46264af.tar.gz | |
Always commit the session fast to allow other consumers to proceed to their requests. This unbreaks now the lock up the GUI had allowing only one action from same source per time. Now even if you run a command that blocks indefinitely for example the GUI want lock anymore but allow you to proceed to other actions
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/inc/authgui.inc | 6 | ||||
| -rw-r--r-- | etc/inc/config.lib.inc | 9 | ||||
| -rw-r--r-- | etc/inc/pfsense-utils.inc | 7 |
3 files changed, 20 insertions, 2 deletions
diff --git a/etc/inc/authgui.inc b/etc/inc/authgui.inc index f87494b..85771a0 100644 --- a/etc/inc/authgui.inc +++ b/etc/inc/authgui.inc @@ -87,6 +87,12 @@ if (!$_SESSION['Post_Login']) { exit; } +/* + * Close session data to allow other scripts from same host to come in. + * A session can be reactivated from calling session_start again + */ +session_commit(); + /* * determine if the user is allowed access to the requested page */ diff --git a/etc/inc/config.lib.inc b/etc/inc/config.lib.inc index dc57b41..1647d7d 100644 --- a/etc/inc/config.lib.inc +++ b/etc/inc/config.lib.inc @@ -497,15 +497,22 @@ function write_config($desc="Unknown", $backup = true) { log_error("WARNING! Configuration written on bootup. This can cause stray openvpn and load balancing items in config.xml"); */ + if (!session_id()) + session_start(); if (!empty($_SESSION['Username']) && ($_SESSION['Username'] != "admin")) { $user = getUserEntry($_SESSION['Username']); - if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) + if (is_array($user) && userHasPrivilege($user, "user-config-readonly")) { + session_commit(); return false; + } } + $username = empty($_SESSION["Username"]) ? "(system)" : $_SESSION['Username']; if (!empty($_SERVER['REMOTE_ADDR'])) $username .= '@' . $_SERVER['REMOTE_ADDR']; + session_commit(); + if($backup) backup_config(); diff --git a/etc/inc/pfsense-utils.inc b/etc/inc/pfsense-utils.inc index 9ebf3c1..4807350 100644 --- a/etc/inc/pfsense-utils.inc +++ b/etc/inc/pfsense-utils.inc @@ -50,8 +50,13 @@ ******/ function have_natonetooneruleint_access($if) { $security_url = "firewall_nat_1to1_edit.php?if=". strtolower($if); - if(isAllowedPage($security_url, $_SESSION['Username'])) + if (!session_id()) + session_start(); + if(isAllowedPage($security_url, $_SESSION['Username'])) { + session_commit(); return true; + } + session_commit(); return false; } |
