diff options
author | jim-p <jimp@pfsense.org> | 2017-05-22 11:41:19 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2017-05-22 11:41:19 -0400 |
commit | 11a3e413225b3719c6424b74ed7103f91852ac62 (patch) | |
tree | 0562b32b6ec0aa2d48b76c7ed21f701fc1852d4f /src | |
parent | 45b5afa4f4dd978ed9adbd1c0673bca5c861d8b5 (diff) | |
download | pfsense-11a3e413225b3719c6424b74ed7103f91852ac62.zip pfsense-11a3e413225b3719c6424b74ed7103f91852ac62.tar.gz |
Improve L2TP Server DNS input validation. Fixes #7560
Diffstat (limited to 'src')
-rw-r--r-- | src/usr/local/www/vpn_l2tp.php | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/src/usr/local/www/vpn_l2tp.php b/src/usr/local/www/vpn_l2tp.php index 71ba88b..e49db3e 100644 --- a/src/usr/local/www/vpn_l2tp.php +++ b/src/usr/local/www/vpn_l2tp.php @@ -102,6 +102,17 @@ if ($_POST['save']) { $input_errors[] = gettext("The specified server address is equal to the LAN interface address."); } } + + if (!empty($_POST['l2tp_dns1']) && !is_ipaddrv4(trim($_POST['l2tp_dns1']))) { + $input_errors[] = gettext("The field 'Primary L2TP DNS Server' must contain a valid IPv4 address."); + } + if (!empty($_POST['l2tp_dns2']) && !is_ipaddrv4(trim($_POST['l2tp_dns2']))) { + $input_errors[] = gettext("The field 'Secondary L2TP DNS Server' must contain a valid IPv4 address."); + } + if (!empty($_POST['l2tp_dns2']) && empty($_POST['l2tp_dns1'])) { + $input_errors[] = gettext("The Secondary L2TP DNS Server cannot be set when the Primary L2TP DNS Server is empty."); + } + } if (!$input_errors) { |