Reject special characters in CA/Cert field names during OpenVPN wizard. Fixes #900

2 files changed, 18 insertions, 6 deletions

diff --git a/usr/local/www/wizards/openvpn_wizard.inc b/usr/local/www/wizards/openvpn_wizard.inc
index 518aad2..059d50d 100644
--- a/usr/local/www/wizards/openvpn_wizard.inc
+++ b/usr/local/www/wizards/openvpn_wizard.inc
@@ -28,6 +28,10 @@
 */
 require_once("openvpn.inc");
 
+function has_special_chars($text) {
+	return ereg('[^A-Za-z0-9 _-]', $text);
+}
+
 function step1_submitphpaction() {
 	global $stepid, $config;
 	if ($_POST['authtype'] == "local") {
@@ -193,12 +197,16 @@ function step7_submitphpaction() {
 		}
 	}
 
-	if (empty($_POST['name']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
+	if (empty($_POST['descr']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
 	    empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) ||
 	    empty($_POST['organization']) || empty($_POST['email'])) {
 		$stepid--;
 		$savemsg = "Please enter all information for the new Certificate Authority.";
-	} elseif (in_array($_POST['name'], $canames) || in_array($_POST['name'], $cacns)) {
+	} elseif (has_special_chars($_POST['country']) || has_special_chars($_POST['state']) || 
+	    has_special_chars($_POST['city']) || has_special_chars($_POST['organization'])) {
+		$stepid--;
+		$savemsg = "Please do not use special characters in Certificate Authority field names.";
+	} elseif (in_array($_POST['descr'], $canames) || in_array($_POST['descr'], $cacns)) {
 		$stepid--;
 		$savemsg = "Please enter a different name for the Certicicate Authority. A Certificate Authority with that name already exists.";
 	} elseif (strlen($_POST['country']) != 2) {
@@ -279,12 +287,16 @@ function step9_submitphpaction() {
 		}	
 	}
 
-	if (empty($_POST['name']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
+	if (empty($_POST['descr']) || empty($_POST['keylength']) || empty($_POST['lifetime']) ||
 	    empty($_POST['country']) || empty($_POST['state']) || empty($_POST['city']) ||
 	    empty($_POST['organization']) || empty($_POST['email'])) {
 		$stepid--;
 		$savemsg = "Please enter all information for the new certificate.";
-	} elseif (in_array($_POST['name'], $certnames) || in_array($_POST['name'], $certcns)) {
+	} elseif (has_special_chars($_POST['country']) || has_special_chars($_POST['state']) || 
+	    has_special_chars($_POST['city']) || has_special_chars($_POST['organization'])) {
+		$stepid--;
+		$savemsg = "Please do not use special characters in Certificate field names.";
+	} elseif (in_array($_POST['descr'], $certnames) || in_array($_POST['descr'], $certcns)) {
 		$stepid--;
 		$savemsg = "Please enter a different name for the Certicicate. A Certificate with that name/common name already exists.";	
 	} elseif (strlen($_POST['country']) != 2) {
diff --git a/usr/local/www/wizards/openvpn_wizard.xml b/usr/local/www/wizards/openvpn_wizard.xml
index 5e1ab47..c7c561e 100644
--- a/usr/local/www/wizards/openvpn_wizard.xml
+++ b/usr/local/www/wizards/openvpn_wizard.xml
@@ -357,7 +357,7 @@
 			<type>listtopic</type>
 		</field>
 		<field>
-			<name>name</name>
+			<name>descr</name>
 			<displayname>Descriptive name</displayname>
 			<description>A name for your reference, to identify this certificate. This is the same as common-name field for other Certificates.</description>
 			<type>input</type>
@@ -488,7 +488,7 @@
 			<type>listtopic</type>
 		</field>
 		<field>
-			<name>name</name>
+			<name>descr</name>
 			<displayname>Descriptive name</displayname>
 			<description>A name for your reference, to identify this certificate. This is also known as the certificate's "Common Name."</description>
 			<type>input</type>